Installation steps

1. Install AD LDS in both nodes
2. Install Partially install and configure the SSO node 1 node as instructed in the single node installation instructions, but do not run the last step (do not start SSO/tomcat)

   Install java to the SSO 2 node.
   a)       Obtain and Install Oracle Server JRE 1.8.x and Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

   • You can find the download site in the address: http://www.oracle.com/technetwork/java/javase/downloads/index.html
   • Refer to Oracle online documentation for installing the Server JRE https://docs.oracle.com/javase/8/docs/technotes/guides/install/windows_server_jre.html
   • Instructions to install JCE Policy Files are included in the download package
   • The Java Server JRE is distributed as a .tar.gz bundle for each platform. On Windows, extracting a tar.gz archive requires a separate application, such as 7-Zip (http://www.7-zip.org/)

   b)      Set up system wide environment variables

3. Make sure you have the following environment variables set related to Java. Modify the paths according to your Java installation.
   Set JAVA_HOME to C:\Program Files\Java\jdk1.8.0_144 
   Set JRE_HOME to C:\Program Files\Java\jdk1.8.0_144\jre
4. Environment variables can be set Control Panel → System and Security → System → Advanced system settings → Environment Variables → System Variables → New...
Image Removed by completing the following steps:

1. Check Java and set system wide environment variables
2. Unpack the Software

3. Install and prepare PostgreSQL (can be deferred to step 3 below)

4. Modify the Configuration Template
5. Create the configuration files
5. Install AD LDS in both nodes except do not yet setup AD LDS on node 2 as a replica.
   
6. Continue installation on SSO node 1 as instructed in the Single node installation instructions with the missing steps, check also Single node installation finalization.
   
   1. The manual setup done in the previous step above is supplemented by importing Ubisecure specific schema and data into AD LDS when installing Ubisecure Directory on node 1.
      
7. Complete clustered AD LDS installation by following instructions on AD LDS clustering setup (node 2)
8. Check Java and set system wide environment variables on SSO node 2.
9. Copy the Ubisecure SSO configurations from the first SSO node 1 to the other SSO node 2.

   Run the Tomcat install script to install the Ubisecure SSO Tomcat as a service:

   Code Block
   language powershell
   cd /d "C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat" install.cmd

   The install script does the following:

10. Creates a self-signed SSL certificate for test purposes.
11. Installs the applications in ubilogin/webapps for Ubisecure SSO Tomcat.
12. Installs Ubisecure SSO as a service.
Starts the Ubisecure SSO service (i.e., the Tomcat process).
• In practice, this means that the SSO installation folder C:\Program Files\ubisecure\ubilogin-sso is copied as such.

• Check the win32.config file's parameter ldap.url to see if the LDAP has been installed in the localhost. If the directory (LDAP) connection is something else than "localhost" (LDAPs are installed on their own separate nodes) then modify the C:\Program Files\ubisecure\ubilogin-sso\ubilogin\config\settings.cmd file's LDAP URL parameters on the SSO node 2.

   
set

• 
  

  Code Block
  language text
  LDAP_URL=ldap://<IP address of the LDAP server 2>:389

set

• LDAP_URL_HOSTNAME=<IP address of the LDAP server 2>

set

• LDAP_URL_PORT=389

 
Install the Ubisecure SSO tomcat as a servce
13. Complete installation of the SSO node 2 as instructed in the Single node installation instructions by completing the following steps:

    1. Configure Accounting Service

    2. Install and start Ubisecure SSO Tomcat and Accounting Service as Windows Services

    3. Check also Single node installation finalization
14. Install and configure the reverse proxy server e.g. the windows Windows reverse proxy.
15. Start SSO in both nodes.
16. Start the reverse proxy server.