Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
| Tip | ||
|---|---|---|
| ||
Indeed PAM Core can work as the part of an Active-Active failover cluster. Failover requires one or several additional Indeed PAM Core servers. Load balancing is performed using the HAProxy load balancer. To configure a fault-tolerant configuration, you must contact technical support support@indeed-id.com |
IIS
- Run IIS and switch to Default Web Site
- Select the api application and open the Configuration Editor from Management section
- Open the Section: drop-down list and select system.webServer - serverRuntime item
- Set the uploadReadAheadSize parameter to value of 1048576
- Click Apply in Actions section
Indeed PAM Core
| Warning | ||
|---|---|---|
| ||
Все URL указываются в нижнем регистре. | ||
All URLs are specified in lowercase. |
Перейдите в каталог Switch to C:\inetpub\wwwroot\apiи отредактируйте файл folder and edit web.config file:
<logServer … />:
- Url - URL API единого журнала событий API URL for the uniform event log
| Code Block |
|---|
<logServer Url="http://logserver.indeed-id.demolocal/ils/api" CertificateThumbprint="" CertificateFilePath="" CertificateFilePassword="" /> |
<logServerClient … />:
AppId - id приложения- EventCacheDirectory
- Component - компонент (оставить без изменений)
- EventCacheDirectory - временный каталог для записи событий - a temporary folder for event writing
| Code Block | ||||
|---|---|---|---|---|
| ||||
<logServerClient AppId="pam" Component="server" EventCacheDirectory="C:\Temp\ILS\Core\EventCacheDirectory" LogServerTargetConfigFile="" EventCacheSendingIntervalSec="10"/> |
<encryptionSettings ... />:
- cryptoAlgName - название алгоритма шифрования is the name of encryption algorithm
- cryptoKey - ключ шифрования is encryption key
| Note | ||
|---|---|---|
| ||
Ключ шифрования генерируется утилитой The encryption key is generated by the IndeedPAM.KeyGen.exe , которая входит в состав дистрибутива Indeed PAM и располагается в каталоге /Miscutility, which is the part of the Indeed PAM distribution and is located in the /Misc directory. |
| Code Block |
|---|
<encryptionSettings cryptoAlgName="DES" cryptoKey="ea06v76ht457t2l8" /> |
<adUserCatalogProvider ... >:
- serverName - полное DNS-имя контроллера домена выполняющего функцию Глобальный каталог (Global Catalog) is the DNS name of Domain Controller that performs Global Catalog function
- containerPath - LDAP-путь контейнера или подразделения, который будет использован в качестве каталога пользователей Active Directory
- userName - сервисная учётная запись для работы каталогом пользователей Active Directory
- is the LDAP path to container or unit to be used as Active Directory user directory
- userName - service account for working with Active Directory user directory
- Password - service account passwordPassword - пароль сервисной учётной записи
| Code Block | ||||
|---|---|---|---|---|
| ||||
<adUserCatalogProvider id="ad" serverName="dc.indeed-id.demolocal" containerPath="OU=organization unit,DC=indeed-id,DC=demolocal" userName="IPAMManager" password="password"> |
<connectionStrings> ... </connectionStrings>:
- <add name="DBConnection" ... />:
- Data Source - имя сервера Microsoft SQL Server или именованного экземпляра Name or Instance Name
- Initial Catalog - имя базы данных database Name (IPAMCore)
- User ID - сервисная учётная запись для работы с базами данных service account to use with Indeed PAM databases
- Password - пароль сервисной учётной записиservice account password
- <add name="JobsQueueConnectionString" ... />:
- Data Source - имя сервера Microsoft SQL Server или именованного экземпляра Name or Instance Name
- Initial Catalog - имя базы данных database Name (IPAMTasks)
- User ID - сервисная учётная запись для работы с базами данных service account to use with Indeed PAM databases
- Password - пароль сервисной учётной записиservice account password
An example of connecting to a Microsoft SQL Server database
| Code Block | ||||
|---|---|---|---|---|
| ||||
<connectionStrings>
<add name="DBConnection" connectionString="Data Source=MSSQLServer;Initial Catalog=IPAMCore;Integrated Security=False;User ID=IPAMSQLService;Password=password" providerName="System.Data.SqlClient" />
<add name="JobsQueueConnectionString" connectionString="Data Source=MSSQLServer;Initial Catalog=IPAMTasks;Integrated Security=False;User ID=IPAMSQLService;Password=password" providerName="System.Data.SqlClient" />
</connectionStrings> |
An example of connecting to a PostgreSQL Pro database
| Warning | ||
|---|---|---|
| ||
In the connection string, you need to replace the providerName=''System.Data.SqlClient' with the providerName=''Npgsql' |
| Code Block | ||
|---|---|---|
| ||
<connectionStrings> <add name="DBConnection" connectionString="Data Source=PostgreSQLProServer;Initial Catalog=IPAMCore;Integrated Security=False;User ID=IPAMSQLService;Password=password" providerName="Npgsql" /> <add name="JobsQueueConnectionString" connectionString="Data Source=PostgreSQLProServer;Initial Catalog=IPAMTasks;Integrated Security=False;User ID=IPAMSQLService;Password=password" providerName="Npgsql" /> </connectionStrings> |
For PostgreSQL Pro, in the <appSettings> ... </appSettings> section, add the line
| Code Block | ||
|---|---|---|
| ||
<appSettings>
...
<add key="DBMS" value="PostgreSQL" />
</appSettings> |
| Warning | ||
|---|---|---|
| ||
В случае использования именованного экземпляра If using a Named Instance of Microsoft SQL Server значение параметра Data Source необходимо указывать в формате <имя сервера>\<имя экземпляра>, the value of the Data Source parameter must be specified in the <Server Name>\<Named instance> format.
|
<add key="IdpUrl" ... />:
- value - URL Indeed PAM IdP
| Code Block | ||||
|---|---|---|---|---|
| ||||
<add key="IdpUrl" value="https://pam.indeed-id.demolocal/idp"/> |
<add key="PamProxyIpAddresses" … />:
- value - IP - адрес сервера Indeed PAM Gateway server IP address
| Code Block | ||||
|---|---|---|---|---|
| ||||
<add key="PamProxyIpAddresses" value="192.168.0.100" /> |
| Backtotop | ||||
|---|---|---|---|---|
|