#Installation

The Identity Server is a tool that enables secure and streamlined authentication for the Core Server. It allows the Core Server to authenticate users via trusted external identity providers. This integration enhances security by centralizing authentication management and enabling Single Sign-On (SSO) capabilities, providing users with a seamless and efficient login experience.

Install the Identity Server on the same or different machine with Core Server.

#Installing through the Windows Installer Interface

  1. Double-click the openit_[version]_identity_server.msi installer file.

    In the setup wizard, click Next.

    Identity Server Installation: Welcome Screen

    Identity Server Installation: Welcome Screen

  2. Read the License Agreement before accepting the terms. Click Next.

    Identity Server Installation: End-User License Agreement

    Identity Server Installation: End-User License Agreement

  3. Specify the installation directory. Click Change... to specify a different directory, then click OK. Clicking Next without doing any changes will use the default installation path.

    Tick the Configure LDAP for Authentication check box to set up the LDAP Authentication Configuration during installation.

    Identity Server Installation: Welcome Screen

    Identity Server Installation: Identity Server Configuration

    If Ingress is not installed on the same machine, an additional field for the Open iT Ingress URI will be displayed.

    Identity Server Installation: Identity Server Configuration (Remote Ingress)

    Identity Server Installation: Identity Server Configuration (Remote Ingress)

    Provide the Open iT Ingress URI then click Next.

  4. If you tick the Configure LDAP for Authentication, provide the LDAP authentication settings details. Make sure to provide the correct details. Click Next.

    NameDescription
    NameThe unique name of the LDAP connection.
    URLThe Active Directory domain.
    SSLThe status of the SSL (whether enabled or disabled). Tick the checkbox to enable.
    PortThe port of the LDAP connection. The default is 389.
    Bind DNThe credentials bound inside the LDAP.
    Bind CredentialsThe password of the specified username in Bind DN.
    Search BaseThis specifies where the search starts in the Active Directory structure for user account entries. This usually has the same value as the last four entries in Bind DN.
    LDAP Authentication Configuration

    Identity Server Installation: LDAP Authentication Configuration

    Identity Server Installation: LDAP Authentication Configuration

  5. Click Install to start the installation process. If a review of the entries is needed, click Back.

    Identity Server Installation: Ready to Install

    Identity Server Installation: Ready to Install

  6. The installer will set up all necessary files on the computer. Click Finish to complete the installation.

    Identity Server Installation: Finish

    Identity Server Installation: Finish

#Installing through the Command Line

  1. Open a command prompt with Administrator privilege.

  2. Execute the following command:

    msiexec /i openit_[version]_identity_server.msi /l*v install.log INGRESSURI=http(s)://<ingress_hostname>:<ingress_port_number> ENABLELDAP=1 LDAPNAME="SampleLDAP_Name" LDAPURL="http://<LDAPServer>:<PortNumber>" LDAPENABLESSL=0 LDAPPORT=<PortNumber> LDAPBINDDN="CN=cn1,CN=cn2,DC=dc1,DC=dc2,DC=dc3" LDAPBINDCREDENTIALS="password" LDAPSEARCHBASE="CN=Users,DC=dc1,DC=dc2,DC=dc3"

    REQUIRED:

    NameDescription
    /i [msi_file]The path of the Windows installer file, openit_[version]_identity_server.msi. This should be the path to the mounted ISO image.
    /l*v [log_file]The path of the installation log file that will be created during installation.
    Required Key-Value Pairs for Identity Server Installation

    OPTIONS:

    NameDescription
    /quietRun the command in silent mode.
    /passiveRun the command in unattended mode - progress bar only.
    Options for Identity Server Installation

    NameDescription
    INGRESSURIThe Ingress URI.
    ENABLELDAPAllows connection to LDAP.
    LDAPNAMEThe unique name of the LDAP connection.
    LDAPURLThe Active Directory domain.
    LDAPENABLESSLThe status of the SSL (whether enabled or disabled). The default value is 0 (disabled).
    LDAPPORTThe port of the LDAP connection. The default is 389.
    LDAPBINDDNThe credentials to be bound inside the LDAP.
    LDAPBINDCREDENTIALSThe password of the specified username in LDAPBINDDN.
    LDAPSEARCHBASEThis specifies where the search starts in the Active Directory structure for user account entries. This usually has the same value as the last four entries in LDAPBINDDN.
    Identity Server Properties

    Example
    msiexec /i openit_10_2_480_identity_server.msi /l*v install.log INGRESSURI=http://mnl3174win:8080 ENABLELDAP=1 LDAPNAME="Open iT LDAP" LDAPURL="http://mnl003win:8080" LDAPENABLESSL=0 LDAPPORT=389 LDAPBINDDN="CN=Bob The Builder,CN=Users,DC=svg,DC=openit,DC=local" LDAPBINDCREDENTIALS="Pass123!" LDAPSEARCHBASE="CN=Users,DC=svg,DC=openit,DC=local"

  3. When using passive mode, wait until the process dialog disappears. When using quiet mode, verify that the installation is complete by opening the Task Manager and checking the Details tab if the msiexec process is still running.

    Powered by Open iT ® Open iT Docs All rights reserved.

    We value your feedback!

    Please take a few minutes to complete our survey and share your thoughts on your recent experience with our documentation.

    Take survey

    Close