Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Indeed AM Admin Console is a Web application based on IIS. This module performs system administration. It also handles all the settings of the system and of the users.
Info |
---|
Files of Admin Console reside in: indeed AM\Indeed AM Admin Console\<Version number>\
Additional AdminConsole installation files reside in: indeed AM\
|
Installation
- Install the Admin Console by running Indeed.AdminConsole-x64.msi installer.
Add HTTPS binding in Default Web Site settings of IIS Manager.
Info Indeed AM Admin Console is a web application on the basis of IIS. “Require SSL” is a default installation setting, which, in turn, requires active HTTPS binding.
If you do not plan to use https protocol, then deactivate SSL requirement in IIS settings for Admin Console.
- Run IIS Manager and expand the Sites item.
- Select the Default Web Site site and click Bindings item in the Actions section.
- Click Add:
- Type - https.
- Port - 443.
- Select the SSL Certificate.
- Save the binding.
- Configure Kerberos delegation.
- Add Admin Console application to local Internet.
Modifying a configuration file
- Open the console configuration file named Web.config (C:\inetpub\wwwroot\iidemc\Web.config).
- Specify the URL to connect to Indeed AM server for Url parameter in amAuthServer tag.
Urlparameter is url address of Indeed server in the following format: http(s):// full_dns_name_of_server/easerver/
Info To ignore server certificate errors, change the "isIgnoreCertErrors" parameter to "true" in "applicationSettings. config" file ( iidemc\Config ).
Code Block language yml title Example <amAuthServer Url="https://amserv.indeed-id.local/easerver"/>
- Specify the url to connect to log server. To do so, edit the logServer tag.
URL is url to connect to log server in the following format http(s)://full_dns_name_of_server/ils/api.
Note If several servers are used, then you have to specify the load balancer address
- CertificateThumbprint - this is to be defined if the private key is stored in the registry, and the certificate is in the PC storage.
- CertificateFilePath -this is to be defined, if the key pair is stored in pfx.
CertificateFilePassword is the password for pfx.
Code Block language yml title Example <logServer Url="http://log.indeed-id.local/ils/api/" CertificateThumbprint="" CertificateFilePath="" CertificateFilePassword=""/>
- Restart IIS server after modification of configuration files. Admin Console is available at the following address: “http(s)://full_dns_name_of_server/iidemc/"
Setting session Expiration Time
Info |
---|
This setting is optional |
- Open the configuration file Indeed Admin Console applicationSettings.config: C:\inetpub\wwwroot\iidemc\Config\applicationSettings.config.
Specify a required value for the sessionExpirationTimeMinutes parameter. Default value: 30(minutes).
Code Block language yml <amApplicationSettings findUsersMaxResultCount="200" isIgnoreCertErrors="false" sessionExpirationTimeInMinutes="60" allowOverrideRandomPasswordGeneration="false" />
- Save changes in configuration file.
Configuring of logging in to Admin Console using SAML IDP
Info |
---|
This setting is optional |
- Open the console configuration file named Web.config (C:\inetpub\wwwroot\iidemc\Web.config).
- Specify the URL to connect to Indeed AM SAML server for LoginUrl parameter in amAuthentication tag.
loginUrl parameter is URL address of the server with Indeed SAML idp component installed in the following format: http(s)://full_dns_name_of_server/iidsamlidp/
Code Block language yml title Example <amAuthentication mode="Saml" loginUrl="http://saml.demo.local/iidsamlidp"/>
In code:
Code Block language yml title Example <authentication mode="Windows"> <forms loginUrl="~/Account/Authenticate"></forms> </authentication>
Change the value of mode parameter to Forms
Code Block language yml title Example <authentication mode="Forms"> <forms loginUrl="~/Account/Authenticate"></forms> </authentication>
Save changes in configuration file.
Info To disable domain login and password prompt, activate “Anonymous authentication” and deactivate “Windows authentication” for iidsamlidp, at the SAML server.
Configuring of logging out of Admin Console using SAML idp
- Open the console configuration file named Web.config (C:\inetpub\wwwroot\iidemc\Web.config).
For amAuthentication tag, add enableLogout parameter set to true (false by default).
Code Block language yml title Example <amAuthentication mode="Saml" loginUrl="http://saml.demo.local/iidsamlidp/" enableLogout="true"/>
- Open the SAML configuration file named Web.config (C:\inetpub\wwwroot\iidsamlidp\Web.config).
Specify the Admin Console server URL address for EmcServiceUrl parameter of amPartnerServiceProviderSettings tag.
To log out of Admin Console, proceed as follows:Code Block language yml title Example <amPartnerServiceProviderSettings SelfServiceUrl="http://dc.demo.local/iidselfservice/" EmcServiceUrl="http://dc.demo.local/iidemc/"/>
- Click the user name in the upper part of the window. Select "Logout” item from the drop-down list that appears.
Info |
---|
You log out of SAML IDP automatically when logging out of Admin Console. |
Image Removed
Backtotop
Table of Contents | ||
---|---|---|
|