Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Indeed AM Admin Console is a Web application based on IIS. This module performs system administration. It also handles all the settings of the system and of the users.
Info |
---|
Files of Admin Console reside in: indeed AM\Indeed AM Admin Console\<Version number>\
Additional AdminConsole installation files reside in: indeed AM\
|
Installation
- Install the Admin Console by running Indeed.AdminConsole-x64.msi installer.
Add HTTPS binding in Default Web Site settings of IIS Manager.
Info Indeed AM Admin Console is a web application on the basis of IIS. “Require SSL” is a default installation setting, which, in turn, requires active HTTPS binding.
If you do not plan to use https protocol, then deactivate SSL requirement in IIS settings for Admin Console.
- Run IIS Manager and expand the Sites item.
- Select the Default Web Site site and click Bindings item in the Actions section.
- Click Add:
- Type - https.
- Port - 443.
- Select the SSL Certificate.
- Save the binding.
- Configure Kerberos delegation.Image Modified
- Add Admin Console application to local Internet. Image Modified
Modifying a configuration file
- Open the console configuration file named Web.config (C:\inetpub\wwwroot\iidemc\Web.config).
- Specify the URL to connect to Indeed AM server for Url parameter in amAuthServer tag.
Urlparameter is url address of Indeed server in the following format: http(s):// full_dns_name_of_server/easerver/
Info To ignore server certificate errors, change the "isIgnoreCertErrors" parameter to "true" in "applicationSettings. config" file ( iidemc\Config ).
Code Block language yml title Example <amAuthServer Url="https://amserv.indeed-id.local/easerver"/>
- Specify the url to connect to log server. To do so, edit the logServer tag.
URL is url to connect to log server in the following format http(s)://full_dns_name_of_server/ils/api.
Note
If several servers are used, then you have to specify the load balancer address
- CertificateThumbprint - this is to be defined if the private key is stored in the registry, and the certificate is in the PC storage.
- CertificateFilePath -this is to be defined, if the key pair is stored in pfx.
CertificateFilePassword is the password for pfx.
Code Block language yml title Example <logServer Url="http://log.indeed-id.local/ils/api/" CertificateThumbprint="" CertificateFilePath="" CertificateFilePassword=""/>
- Restart IIS server after modification of configuration files. EMC is Admin Console is available at the following address: “http“http(s)://full_dns_name_of_server/iidemc/"
Configuring of logging in to
EMC using SAML idp (Information: thisAdmin Console using SAML IDP
Info |
---|
This setting is optional |
- Open the console configuration file named Web.config (C:\inetpub\wwwroot\iidemc\Web.config).
- Specify the URL to connect to Indeed AM SAML server for Url LoginUrl parameter in amAuthentication tag.
loginUrl parameter is URL address of the server with Indeed SAML idp component installed in the following format: http(s)://full_dns_name_of_server/iidsamlidp/
Code Block language yml title Example <amAuthentication mode="Saml" loginUrl="http://saml.demo.local/iidsamlidp"/>
In code:
Code Block language yml title Example <authentication mode="Windows"> <forms loginUrl="~/Account/Authenticate"></forms> </authentication>
Change the value of mode parameter to Forms
Code Block language yml title Example <authentication mode="Forms"> <forms loginUrl="~/Account/Authenticate"></forms> </authentication>
Save changes in configuration file.
Information:Info To disable domain login and password prompt, activate “Anonymous authentication” and deactivate “Windows authentication” for iidsamlidp, at the SAML server.
Configuring of logging out of
EMCAdmin Console using SAML idp
- Open the console configuration file named Web.config (C:\inetpub\wwwroot\iidemc\Web.config).
For amAuthentication tag, add enableLogout parameter set to true (false by default).
Code Block language yml title Example <amAuthentication mode="Saml" loginUrl="http://saml.demo.local/iidsamlidp/" enableLogout="true"/>
- Open the SAML configuration file named Web.config (C:\inetpub\wwwroot\iidsamlidp\Web.config).
Specify the
EMCAdmin Console server URL address for EmcServiceUrl parameter of amPartnerServiceProviderSettings tag.
Code Block language yml title Example <amPartnerServiceProviderSettings SelfServiceUrl="http://dc.demo.local/iidselfservice/" EmcServiceUrl="http://dc.demo.local/iidemc/"/>
- To log out of EMC Admin Console, proceed as follows:
- Click the user name in the upper part of the window.
Select "Log
out” item from the drop-down list that appears.
Info You log out of SAML
IDP automatically when logging out of Admin Console.
Image Added
EMC. Backtotop