Installation Steps
- Install AD LDS in both nodes
- Install and configure all the Ubisecure SSO on the first the SSO 1 node as instructed in the single node installation instructions, but do not run the last step (do not start SSO/tomcat)
Install java to the SSO 2 node.
a) Obtain and Install Oracle Server JRE 1.8.x and Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.- You can find the download site in the address: http://www.oracle.com/technetwork/java/javase/downloads/index.html
- Refer to Oracle online documentation for installing the Server JRE https://docs.oracle.com/javase/8/docs/technotes/guides/install/windows_server_jre.html
- Instructions to install JCE Policy Files are included in the download package
- The Java Server JRE is distributed as a .tar.gz bundle for each platform. On Windows, extracting a tar.gz archive requires a separate application, such as 7-Zip (http://www.7-zip.org/)
b) Set up system wide environment variables
- Make sure you have the following environment variables set related to Java. Modify the paths according to your Java installation.
Set JAVA_HOME to C:\Program Files\Java\jdk1.8.0_144
Set JRE_HOME to C:\Program Files\Java\jdk1.8.0_144\jre - Environment variables can be set Control Panel → System and Security → System → Advanced system settings → Environment Variables → System Variables → New...
- Copy the Ubisecure SSO configurations from the first node to the other node.
- In practice, this means that the SSO installation folder is copied as such
- Check the win32.config file's parameter ldap.url to see if the LDAP has been installed in the localhost. If the directory (LDAP) connection is something else than "localhost" (LDAPs are installed on their own separate nodes) then modify theC:\Program Files\ubisecure\ubilogin-sso\ubilogin\config\settings.cmd file's LDAP URL parameters on the SSO node 2.
- set LDAP_URL=ldap://<IP address of the LDAP server 2>:389
- set LDAP_URL_HOSTNAME=<IP address of the LDAP server 2>
- set LDAP_URL_PORT=389
- Install and configure the windows reverse proxy
- Start SSO in both nodes
- Start the reverse proxy server
