# Installation

The Identity Server is a tool that enables secure and streamlined authentication for the Core Server. It allows the Core Server to authenticate users via trusted external identity providers. This integration enhances security by centralizing authentication management and enabling Single Sign-On (SSO) capabilities, providing users with a seamless and efficient login experience.

Install the Identity Server on the same or different machine with Core Server.

# Installing through the Windows Installer Interface

  1. Double-click the openit_[version]_identity_server.msi installer file.

    In the setup wizard, click Next.

    Identity Server Installation: Welcome Screen

    Identity Server Installation: Welcome Screen

  2. Read the License Agreement before accepting the terms. Click Next.

    Identity Server Installation: End-User License Agreement

    Identity Server Installation: End-User License Agreement

  3. Specify the installation directory. Click Change... to specify a different directory, then click OK. Clicking Next without doing any changes will use the default installation path.

    Tick the Configure LDAP for Authentication check box to set up the LDAP Authentication Configuration during installation.

    Identity Server Installation: Welcome Screen

    Identity Server Installation: Identity Server Configuration

    If Ingress is not installed on the same machine, an additional field for the Open iT Ingress URI will be displayed.

    Identity Server Installation: Identity Server Configuration (Remote Ingress)

    Identity Server Installation: Identity Server Configuration (Remote Ingress)

    Provide the Open iT Ingress URI then click Next.

  4. If you tick the Configure LDAP for Authentication, provide the LDAP authentication settings details. Make sure to provide the correct details. Click Next.

    Name Description
    Name The unique name of the LDAP connection.
    URL The Active Directory domain.
    SSL The status of the SSL (whether enabled or disabled). Tick the checkbox to enable.
    Port The port of the LDAP connection. The default is 389.
    Bind DN The credentials bound inside the LDAP.
    Bind Credentials The password of the specified username in Bind DN.
    Search Base This specifies where the search starts in the Active Directory structure for user account entries. This usually has the same value as the last four entries in Bind DN.
    LDAP Authentication Configuration

    Identity Server Installation: LDAP Authentication Configuration

    Identity Server Installation: LDAP Authentication Configuration

  5. Click Install to start the installation process. If a review of the entries is needed, click Back.

    Identity Server Installation: Ready to Install

    Identity Server Installation: Ready to Install

  6. The installer will set up all necessary files on the computer. Click Finish to complete the installation.

    Identity Server Installation: Finish

    Identity Server Installation: Finish

# Installing through the Command Line

  1. Open a command prompt with Administrator privilege.

  2. Execute the following command:

    msiexec /i openit_[version]_identity_server.msi /l*v install.log INGRESSURI=http(s)://<ingress_hostname>:<ingress_port_number> ENABLELDAP=1 LDAPNAME="SampleLDAP_Name" LDAPURL="http://<LDAPServer>:<PortNumber>" LDAPENABLESSL=0 LDAPPORT=<PortNumber> LDAPBINDDN="CN=cn1,CN=cn2,DC=dc1,DC=dc2,DC=dc3" LDAPBINDCREDENTIALS="password" LDAPSEARCHBASE="CN=Users,DC=dc1,DC=dc2,DC=dc3"

    REQUIRED:

    Name Description
    /i [msi_file] The path of the Windows installer file, openit_[version]_identity_server.msi. This should be the path to the mounted ISO image.
    /l*v [log_file] The path of the installation log file that will be created during installation.
    Required Key-Value Pairs for Identity Server Installation

    OPTIONS:

    Name Description
    /quiet Run the command in silent mode.
    /passive Run the command in unattended mode - progress bar only.
    Options for Identity Server Installation

    Name Description
    INGRESSURI The Ingress URI.
    ENABLELDAP Allows connection to LDAP.
    LDAPNAME The unique name of the LDAP connection.
    LDAPURL The Active Directory domain.
    LDAPENABLESSL The status of the SSL (whether enabled or disabled). The default value is 0 (disabled).
    LDAPPORT The port of the LDAP connection. The default is 389.
    LDAPBINDDN The credentials to be bound inside the LDAP.
    LDAPBINDCREDENTIALS The password of the specified username in LDAPBINDDN.
    LDAPSEARCHBASE This specifies where the search starts in the Active Directory structure for user account entries. This usually has the same value as the last four entries in LDAPBINDDN.
    Identity Server Properties

    Example
    msiexec /i openit_10_2_500_identity_server.msi /l*v install.log INGRESSURI=http://mnl3174win:8080 ENABLELDAP=1 LDAPNAME="Open iT LDAP" LDAPURL="http://mnl003win:8080" LDAPENABLESSL=0 LDAPPORT=389 LDAPBINDDN="CN=Bob The Builder,CN=Users,DC=svg,DC=openit,DC=local" LDAPBINDCREDENTIALS="Pass123!" LDAPSEARCHBASE="CN=Users,DC=svg,DC=openit,DC=local"

  3. When using passive mode, wait until the process dialog disappears. When using quiet mode, verify that the installation is complete by opening the Task Manager and checking the Details tab if the msiexec process is still running.

Powered by Open iT ® Open iT Docs All rights reserved.

We value your feedback!

Please take a few minutes to complete our survey and share your thoughts on your recent experience with our documentation.

Take survey

Close