| Sun Secure Global Desktop 4.5 Installation Guide | 
   |
| C H A P T E R 1 |
This chapter describes the things you must know and do before you install Sun Secure Global Desktop (SGD).
Use the following hardware requirements as a guide and not as an exact sizing tool. For detailed help with hardware requirements, contact a Sun Secure Global Desktop Software sales office.
The requirements for a server hosting SGD can be calculated based on the total of the following:
The following are the requirements for installing and running SGD:
This is in addition to what is required for the operating system itself and assumes the server is used only for SGD.
The following are the requirements to support users who log in to SGD and run applications:
 | Caution - The actual central processing unit (CPU) and memory requirements can vary significantly, depending on the applications used. |
The following table lists the supported installation platforms for SGD. The operating systems can be run on physical or virtual environments, provided that the minimum hardware requirements are met and that the virtualization platforms provide complete support for the operating system.
| Operating System | Supported Versions |
|---|---|
Solaris Operating
System (Solaris OS) on SPARC platforms |
10, 10 Trusted Extensions |
| Solaris OS on x86 platforms | 10, 10 Trusted Extensions |
| OpenSolaris on
x86 platforms |
2008.11 or later |
| Red Hat Enterprise Linux (Intel® x86 32-bit and Intel x86 64-bit) | 5 |
| SUSE Linux Enterprise Server (Intel x86 32-bit and Intel x86 64-bit) | 10 |
Installation in zones is supported for Solaris 10 OS.
When you install SGD on Solaris 10 OS Trusted Extensions platforms, you must install SGD in a labelled zone. Do not install SGD in the global zone.
B y default, SGD is installed in the /opt/tarantella directory. As the /opt directory is read only on Solaris 10 OS Trusted Extensions platforms, you must select another location to install SGD. On Solaris OS platforms, the installation program asks you for the installation directory when you install the software.
You might have to make some operating system modifications. Without these modifications, SGD might not install properly or operate correctly.
When you install SGD on Linux platforms, localized messages in the supported languages can only be displayed if the gettext package is installed. If the gettext package is not installed, English is used during the installation.
The libXm.so.3 library is required to support 5250 and 3270 applications. This library is available in the OpenMotif 2.2 package.
SGD fails to install if the libgdbm.so.2 and libexpat.so.0 libraries are not available on the host. SUSE Linux Enterprise Server 10 contains version 3 and version 1 of these libraries by default. Obtain and install the required version of these libraries before installing SGD.
You must install at least the End User Solaris OS distribution to get the libraries required by SGD. If you do not, SGD does not install.
The default /etc/hosts file for Red Hat Enterprise Linux 5 contains a single entry, which incorrectly maps the host name of the SGD host to the local loopback address, 127.0.0.1.
Edit the /etc/hosts file to remove this mapping, and add a new entry that maps the name of the SGD host to the network Internet Protocol (IP) address of the SGD host. The SGD host name must not be mapped to the local loopback IP address.
You must configure your network for use with SGD. The following are the main requirements:
Hosts must have Domain Name System (DNS) entries that can be resolved by all clients.
DNS lookups and reverse lookups for a host must always succeed.
When you install SGD, you are asked for the DNS name to use for the SGD server. The DNS name must meet the following requirements:
The Sun Secure Global Desktop 4.5 Administration Guide has detailed information about all the ports used by SGD and how to use SGD with firewalls. The following information lists the common ports used.
Client devices must be able to make Transmission Control Protocol/Internet Protocol (TCP/IP) connections to SGD on the following TCP ports:
80 - For Hypertext Transfer Protocol (HTTP) connections between client devices and the SGD web server. The port number can vary depending on the port selected on installation.
443 - For HTTP over Secure Sockets Layer (HTTPS) connections between client devices and the SGD web server.
3144 - For standard (unencrypted) connections between the SGD Client and the SGD server.
5307 - For secure connections between the SGD Client and the SGD server. Secure connections use Secure Sockets Layer (SSL).
To run applications, SGD must be able to make TCP/IP connections to application servers. The types of applications determine the TCP ports that must be open, for example:
In SGD, an array is a collection of SGD servers that share configuration information. As the SGD servers in an array share information about user sessions and application sessions, it is important to synchronize the clocks on the SGD hosts. Use Network Time Protocol (NTP) software or the rdate command to ensure the clocks on all SGD hosts are synchronized.
When you install SGD, you install the SGD web server. The
SGD web server consists of an Apache web server and a Tomcat JavaServer Pages (JSP) technology container preconfigured
for use with SGD.
When you install SGD, the SGD installation program asks you for the TCP port that the SGD web server listens on for HTTP connections. This is usually TCP port 80. If another process is listening on that port, the installation program asks you to choose another port.
The minimum Java Virtual
Machine (JVM) software heap
size for the Tomcat JSP technology container is 256 megabytes.
To install SGD, you must have superuser (root) privileges.
The system must have ttaserv and ttasys users and a ttaserv group before you can install SGD.
The ttasys user owns all the files and processes used by the SGD server. The ttaserv user owns all the files and processes used by the SGD web server.
The SGD server does not require superuser (root) privileges to run. The SGD server starts as the root user and then downgrades to the ttasys user.
If you try to install the software without these users and group in place, the installation program stops without making any changes to the system and displays a message telling you what you need to do. The message includes details of an install script that you can run to create the required users and group.
If you need to create the required users and group manually, the following are the requirements:
You can use any user identification number (UID) or group ID (GID) you want. The UID and GID can be different.
For security, lock these accounts, for example with the passwd -l command.
One way to create these users is with the useradd and groupadd commands, for example:
# groupadd ttaserv # useradd -g ttaserv -s /bin/sh -d /home/ttasys -m ttasys # useradd -g ttaserv -s /bin/sh -d /home/ttaserv -m ttaserv # passwd -l ttasys # passwd -l ttaserv |
To check whether the ttasys and ttaserv user accounts are correctly set up on your system, use the following commands.
# su ttasys -c "/usr/bin/id -a" # su ttaserv -c "/usr/bin/id -a" |
If your system is set up correctly, the command output should be similar to the following examples.
uid=1002(ttaserv) gid=1000(ttaserv) groups=1000(ttaserv) uid=1003(ttasys) gid=1000(ttaserv) groups=1000(ttaserv) |
The following table lists the supported client platforms for the SGD Client. Also included are the supported browsers, and the supported desktop menu systems when the SGD Client is operating in Integrated mode.
| Supported Client Platform | Supported Browsers | Integrated Mode Support |
|---|---|---|
| Microsoft Windows Vista (Intel x86 32-bit) | Internet Explorer 6 | Microsoft Windows Start Menu |
| Microsoft Windows XP Professional (Intel x86 32-bit) | Internet Explorer 6 | Microsoft Windows Start Menu |
| OpenSolaris version 2008.11 or later on x86 platforms | Mozilla Firefox 2 | Sun Java Desktop
System (Java Desktop System) Launch Menu |
| Solaris 10 OS on SPARC platforms | Mozilla Firefox 2 | Java Desktop System Launch Menu |
| Solaris 10 OS on x86 platforms | Mozilla Firefox 2 | Java Desktop System Launch Menu |
| Solaris 10 OS Trusted Extensions on x86 platforms | Mozilla Firefox 2 | Not supported |
| Mac OS X 10.5 | Safari 2 | Not supported |
| Red Hat Enterprise Linux 5 Desktop (Intel x86 32-bit) | Mozilla Firefox 2 | Gnome or KDE Start Menu |
| Ubuntu 8 (Intel x86 32-bit) | Mozilla Firefox 2 | Gnome Start Menu |
For OpenSolaris operating system client platforms, the libXm.so.4 library must be present in the /usr/lib directory on the client. A copy of this library is included in the /opt/tarantella/lib directory on the SGD host.
Beta versions or preview releases of browsers are not supported.
Browsers must have the JavaScript programming
language enabled.
To support the following functionality, browsers must have Java technology enabled:
If Java technology is not available, the SGD Client can be downloaded and installed manually.
The following are the supported plug-ins for Java technology:
Note - Java Plugin tool version 1.6.0 is the only supported plug-in for Microsoft Windows Vista platforms. |
When users start more than one user session using the same client device and browser, the user sessions join rather than the new session ending the existing session. For user sessions to join in this way, the browser must be configured to allow permanent cookies. If permanent cookies are not allowed, user sessions always end and this might cause application windows to disappear.
For best results, client devices must be configured for at least 256 colors.
The SGD Enhancement Module is a software component that can be installed on an application server to provide the following additional functionality when using applications displayed through SGD:
The following table lists the supported installation platforms for the SGD Enhancement Module. The operating systems can be run on physical or virtual environments, provided that the virtualization platforms provide complete support for the operating system.
Note the following limitations:
On Microsoft Windows XP Professional and Microsoft Windows Vista platforms, only CDM is supported. Seamless windows and advanced load balancing are not supported. Only full Windows desktop sessions are supported. Running individual Windows applications is not supported for these platforms.
On Solaris 10 OS Trusted Extensions platforms, audio and CDM are not supported.
Application servers that are not supported platforms for the SGD Enhancement Module can be used with SGD to access a supported application type using any of the supported protocols.
To run applications, SGD must be able to connect to the application server that hosts the application. Typically this is done using either Telnet or SSH. Enable one of these services before installing SGD. SSH is the best for security.
If you are using SSH, you must enable X11 forwarding. You can do this either in your SSH configuration or by configuring the application in SGD. The Sun Secure Global Desktop 4.5 Administration Guide has details on using SSH with SGD.
Before installing SGD, read the Sun Secure Global Desktop 4.5 Release Notes. The release notes contain important information about this version of SGD, including the known issues and bugs with installation.
| Sun Secure Global Desktop 4.5 Installation Guide | 820-6688-10 |
|
Copyright © 2009, Sun Microsystems, Inc. All rights reserved.