...
Configuration Article | CA-20210408-TP-01 VDG Sense | OpenAPI | | PDF Download |
Table of Contents |
---|
Setup/System Diagram
...
Table of Contents | ||
---|---|---|
|
...
In case the Domain Controller is already created you can continue from here on.
Current used AD system IP 172.21.240.159
Info |
---|
IMPORTANT : Make sure all systems have synced time settings. |
Active Directory Administrative Center
...
On this system you should have Sense Client+Server installed
Info |
---|
IMPORTANT : Make sure all systems have synced time settings. |
Setup Active Directory to the Sense Web Configuration
...
Go to the machine on which VDG Sense Server is installed.
Open the web configuration by browsing to https://localhost/config
Login as administrator user
Navigate to Active Directory settings.
Enter the IP address of the domain server
make sure it is prepended with "ldap://" .
Enter the base distinguished name (dn).
Enter the username and password of the administrator user of the domain.
The password will be cleared upon entering, but the password is saved. This is a known issue.
Enter the user group you created earlier.
Fill in the service principle name of the Sense (server) you are on
IMPORTANT: Every (slave) server will have its own system-name put here.Required for SSO enter the following value : http://<computername>.<domain>. This is the computer name of the VDG Sense server followed by the domain. (e.g. 'http/VDG_SenseServer.makessense.com')
Only check the import users checkbox on the master SenseServer.
Click on "Identity Service" tab
Change the identity provider to 'Active Directory'
Switch between the “Default” and “Active Directory” to apply the changes (This is a known issue)
Go to the Users tab/page and observe or the AD users are added.
...
Start a Sense Client application (does not matter which machine) in this case we do this on system 2.
Navigate to the following configuration directory: %appdata%/Roaming/VDG Security/SenseClient/settings.
Open the SenseClient.ini
Configure the netbios name of the server (system 2), on which the client should login too, for the following parameters:
[OpenApiWebSocketHost]
[OpenApiHttpHost]
[ActiveDirectoryNetbiosName]
...
5. Move/copy this SenseClient.ini file available in a shared folder on your domain controller (system 1) which created in chapter Create “shared folder” (Required for SSO) Or any another fileshare and make sure your clients have access to this network share.
...
System 3 - Setting up Sense Client
Info |
---|
IMPORTANT : Make sure all systems have synced time settings. |
For this step you need to have Sense Client installed on the system
...