Installation on Ubuntu Server 16.04 LTS

Installing on Linux server is a breeze. This installation guide is specifically for Ubuntu Server 16.04 LTS. But it should work for any recent Ubuntu or Debian based linux installation, make adjustments as needed. This guide is for using the MySQL database but you can use AD to store settings to but that is not in this guide.

1. Install L.A.M.P. (Linux, Apache, MySQL & PHP)

   • Install Apache2
     sudo apt-get install -y apache2
   • Install MySQL & configure when prompted (Don't forget your password!)
     sudo apt-get install -y mysql-server
   • Install PHP
     sudo apt-get install -y php5 libapache2-mod-php5

2. Install Tomcat8 & Tomcat8 Tools
   sudo apt-get install -y tomcat8 tomcat8-docs tomcat8-examples tomcat8-admin

   • Edit tomcat permissions to use a browser to install war files, pwm in this case later on
     sudo vi \TOMCAT_HOME\conf\tomcat-users.xml
     Make your file look like the following, changing username and password. Used to login to gui, step 6.

     <role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<role rolename="manager-script"/>
<user username="username" password="password" roles="manager-gui,admin-gui,manager-script"/>

   • (Optional) Install haveged entropy gathering daemon to greatly reduce tomcat startup delays

   sudo apt-get install -y haveged

3. Install PHPMyAdmin, Not required but helps manage MySQL with a browser gui

   sudo apt-get install -y phpmyadmin

   • In depth installation guide: https://goo.gl/Jb5fHW

4. Install openSSH to allow using sFTP
   sudo apt-get install -y openssh-server

   • Make a backup copy of config (just in case) sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults
     That's it, SSH should be working. You can use FileZilla with sFTP to copy or edit files

5. Use PHPMyAdmin to create the pwm dB and pwm user (grant all privilages)

6. Install PWM, I installed version 1.8, 1.7.1 is really old and I don't suggest it

   • Download the latest version from https://github.com/pwm-project/pwm
   • Go to http://server-ip:8080/manager/html in your browser and login when prompted
   • Use the gui to install the pwm war file, if issues then use FileZilla to upload to the webapps folder located at /var/lib/tomcat8/webapps/ on my install

7. Setup Environmental Variables, here is what I did to get this working

   • Run the following commands (change the user!)
     sudo mkdir /home/<user>/pwm-data/ <-- Creates folder
     sudo chmod g+w /home/<user>/pwm-data/ <-- Changes file permissions for group
     sudo usermod -a -G user tomcat8 <-- Allow tomcat8 user access to folder
     export PWM_APPLICATIONPATH='/home/user/pwm-data'
   • Edit the pwm web.xml file to point to the pwm-data folder, change the user!
     sudo vi /var/lib/tomcat8/webapps/pwm/WEB-INF/web.xml
<context-param>
<description>
Explicit location of application working directory. If a relative path is specified,
it is relative to the deployed applications base directory.
</description> <param-name>applicationPath</param-name>
<param-value>/home/<user>/pwm-data</param-value>
</context-param>
   • Restart tomcat8
     sudo service tomcat8 restart

8. Now go to http://server-ip:8080/pwm/

   • Configure pwm
   • I'll update later with more on PWM configuring, for now here is a guide I used but its for 1.7.1
     https://goo.gl/1PWh3i to get PWM up and running with some trial and error.

9. Test away but when done configuring I highly suggest to secure with a cert! WARNING: Until you secure your site passwords are being sent in the clear!

   • To secure follow the Tomcat8 instructions to secure
     • https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html

10. That's it, enjoy PWM!!

Still a work in progress.......