Skip to main content
Version: 10.2

Installation

The Identity Server is a tool that enables secure and streamlined authentication for the Core Server. It allows the Core Server to authenticate users via trusted external identity providers. This integration enhances security by centralizing authentication management and enabling Single Sign-On (SSO) capabilities, providing users with a seamless and efficient login experience.

Install the Identity Server on the same or different machine with Core Server.

warning

Installing the Identity Server assumes you already have the Ingress and Core Server installed.

Installing through the Windows Installer Interface

  1. Double-click the openit_<version>_identity_server.msi installer file.

    In the setup wizard, click Next.

    Welcome Screen

    Welcome Screen

  2. Read the License Agreement before accepting the terms. Click Next.

    End-User License Agreement

    End-User License Agreement

  3. Specify the installation directories. Click Change to set different directories or click Next to use the default folders.

    Identity Server Configuration

    Identity Server Configuration

    Tick the Configure LDAP for Authentication check box to set up the LDAP Authentication Configuration during installation.

    Identity Server Configuration

    Identity Server Configuration

    note

    If Ingress is not installed on the same machine, an additional field for the Open iT Ingress URI will be displayed.

    Identity Server Configuration (Remote Ingress)

    Identity Server Configuration (Remote Ingress)

    Provide the Open iT Ingress URI, then click Next.

  4. If you tick the Configure LDAP for Authentication, provide the LDAP authentication settings details. Make sure to provide the correct details, then click Next.

    NameDescription
    NameSpecify the unique name of the LDAP connection.
    URLSpecify the Active Directory domain.
    SSLSpecify the status of the SSL (whether enabled or disabled). Tick the checkbox to enable.
    PortSpecify the port of the LDAP connection. The default is 389.
    Bind DNSpecify the credentials bound inside the LDAP.
    Bind CredentialsSpecify the username's password in Bind DN.
    Search BaseSpecifies the starting search point in the Active Directory structure for user account entries. This usually has the same value as the last four entries in Bind DN.
    LDAP Authentication Configuration

    LDAP Authentication Configuration

    LDAP Authentication Configuration

  5. Click Install to start the installation process. If a review of the entries is needed, click Back.

    Ready to Install

    Ready to Install

  6. The installer will set up all necessary files on the computer. Click Finish to complete the installation.

    Finish

    Finish

Installing through the Command Line

  1. Open a command prompt with Administrator privileges.

  2. Execute the following command:

    Command Syntax
    msiexec /i openit_<version>_identity_server.msi /l*v install.log INGRESSURI=http(s)://<ingress_hostname>:<ingress_port_number> ENABLELDAP=1 LDAPNAME="SampleLDAP_Name" LDAPURL="http://<LDAP_hostname>:<port_number>" LDAPENABLESSL=0 LDAPPORT=<port_number> LDAPBINDDN="CN=cn1,CN=cn2,DC=dc1,DC=dc2,DC=dc3" LDAPBINDCREDENTIALS="password" LDAPSEARCHBASE="CN=Users,DC=dc1,DC=dc2,DC=dc3"

    Required:

    NameDescription
    /i <msi_file>The path of the Windows installer file, openit_<version>_identity_server.msi. This should be the path to the mounted ISO image.
    /l*v <log_file>The path of the installation log file that will be created during installation.
    Required Key-Value Pairs for Identity Server Installation

    Options:

    NameDescription
    /quietUse this to run the command in silent mode.
    /passiveUse this to run the command in unattended mode - progress bar only.
    Options for Identity Server Installation

    NOTE

    The installer will use the Windows Installer Interface process when the installation option is not specified.

    NameDescription
    INGRESSURIUse this to specify the Ingress URI.
    ENABLELDAPUse this to specify the LDAP connection.
    LDAPNAMEUse this to specify the unique name of the LDAP connection.
    LDAPURLUse this to specify the Active Directory domain.
    LDAPENABLESSLUse this to specify the status of the SSL, whether it is enabled (1) or disabled (0). The default value is 0 (disabled).
    LDAPPORTUse this to specify the port of the LDAP connection. The default is 389.
    LDAPBINDDNUse this to specify the credentials to be bound inside the LDAP.
    LDAPBINDCREDENTIALSUse this to specify the password of the specified username in LDAPBINDDN.
    LDAPSEARCHBASEUse this to specify the starting search point in the Active Directory structure for user account entries. This usually has the same value as the last four entries in LDAPBINDDN.
    Properties for Identity Server Installation

    Example
    msiexec /i openit_10_2_480_identity_server.msi /l*v install.log INGRESSURI=http://DESKTOP123WIN:8080 ENABLELDAP=1 LDAPNAME="Open iT LDAP" LDAPURL="http://desktop234win:8080" LDAPENABLESSL=0 LDAPPORT=389 LDAPBINDDN="CN=Bob The Builder,CN=Users,DC=svg,DC=openit,DC=local" LDAPBINDCREDENTIALS="Pass123!" LDAPSEARCHBASE="CN=Users,DC=svg,DC=openit,DC=local"

  3. When using passive mode, wait until the process dialog disappears. When using quiet mode, verify that the installation is complete by opening the Task Manager and checking the Details tab if the msiexec process is still running.