Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user troinine-ubi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.3

Steps

Table of Contents
excludeSteps

Note

Issue all of the following commands in Windows using the Administrator user account.

Note

Install all Windows updates before commencing.

Note

When following the instructions given in this manual, it is advisable to type the commands manually instead of copy/pasting them. This is because sometimes characters may be lost or modified in the copying process.

Java check

Make sure you have Java installed according to Installation requirements - SSO.

Set Up System Wide Environment Variables

  • Make sure you have the following environment variables set related to Java. Modify the paths according to your Java installation.
    Set JAVA_HOME to C:\Program Files\Java\jdk1.8.0_144  
    Set JRE_HOME to C:\Program Files\Java\jdk1.8.0_144\jre

    Environment variables can be set Control Panel → System and Security System Advanced system settings → Environment Variables → System Variables → New...


Unpack the Software

Unzip the Zip archive into the C:\Program Files\Ubisecure folder.

  • Right click on the file ubilogin-sso-8.x.x.xxxx.zip and choose Extract All…

  • Enter the directory C:\Program Files\Ubisecure and click Next.

Modify the Configuration Template

Windows 2012: Open the command prompt using Run as Administrator mode. Administrative rights are required in order to install the required system services. See Figure 1.

Figure 1. Installations must use Run as administrator

Copy the configuration template to the C:\Program Files\Ubisecure\ubilogin-sso\ubilogin folder:

Code Block
languagepowershell
cd /d "C:\Program Files\Ubisecure\ubilogin-sso\ubilogin"
copy config\win32.config .

Open win32.config file in a text editor. Modify the public visible URL address of the Ubisecure SSO deployment, which is set with key uas.url. The installation is accessible from the local machine only if the value is left to localhost. The resulting line for uas.url might look like the following:

Code Block
languagepowershell
uas.url = https://sso.example.com:8443

Finally, create the configuration files with the setup.cmd script:

Code Block
languagepowershell
cd /d "C:\Program Files\Ubisecure\ubilogin-sso\ubilogin"
setup.cmd
Note

New LDAP passwords are generated every time the setup command is executed. For this reason, the  secrets.ldif   file must be imported to the LDAP directory after running the setup script. After this, the Tomcat update script must be run to have the applications use the new passwords. See Applications upgrade - SSO  for more details about the update process.

Install Ubisecure Directory

Install ADAM or AD LDS as Ubisecure Directory according to your platform:

  • On Windows 2003 x86, install ADAM by running the following command:

    Code Block
    languagepowershell
    cd /d "c:\Program Files\ubisecure\ubilogin-sso\ubilogin\ldap\adam"       
copy "c:\Program Files\ubisecure\ubilogin-sso\adam\ADAMSP1_x86_English.exe" . ADAMSP1_x86_English.exe
  • On Windows 2003 x64, install ADAM by using ADAMSP1_x64_English.exe from http://www.microsoft.com/downloads/details.aspx?FamilyID=9688f8b9-1034-4ef6-a3e5-2a2a57b5c8e4
  • On Windows 2008 R2 and Windows 2012, install AD LDS using Server Manager:
    Server Manager →  Roles → Add Roles → Next → Active Directory Lightweight Directory Services → Add Required Features
  • On Windows 2016 R2 install AD LDS using Server Manager: Server Manager →  Add Roles and Features → Role-based or feature-based installation
     → Next → Select current server → Next → Active Directory Lightweight Directory Services
     → Add Required Features → Include Management Features → Select Features (no changes)
     → Next  → Confirmation → Install

Now run the adaminstall.cmd script to automatically configure ADAM or AD LDS:

Code Block
languagepowershell
cd /d "C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\ldap\adam"
adaminstall.cmd

Install Ubisecure SSO Tomcat as Service

Run the Tomcat install script to install the Ubisecure SSO Tomcat as a service:

Code Block
languagepowershell
cd /d "C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat"
install.cmd

The install script does the following:

  • Creates a self-signed SSL certificate for test purposes.
  • Installs the applications in ubilogin/webapps for Ubisecure SSO Tomcat.
  • Installs Ubisecure SSO as a service.
  • Starts the Ubisecure SSO service (i.e., the Tomcat process).

Continue on page Single node installation finalization - SSO to verify that the installation was successful.