Versions Compared

Old Version 1

changes.mady.by.user Tom Polman

Saved on

compared with

New Version Current

changes.mady.by.user Tom Polman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configuration Article | CA-20210408-TP-01

VDG Sense | OpenAPI |

Image Added

View file
nameCA-20210408-TP-01.pdf

Table of Contents

Setup/System Diagram

...

Table of Contents
outlinetrue

...

In case the Domain Controller is already created you can continue from here on.
Current used AD system IP 172.21.240.159

Info

IMPORTANT :

Make sure all systems have synced time settings.
Restart system after setting up AD System
Add firewall exceptions (ports) NetBIOS

Active Directory Administrative Center

...

On this system you should have Sense Client+Server installed

Info

IMPORTANT :

Make sure all systems have synced time settings.
Restart system after setting up Sense System
Add firewall exceptions (ports) NetBIOS

Setup Active Directory to the Sense Web Configuration

...

  1. Go to the machine on which VDG Sense Server is installed.

  2. Open the web configuration by browsing to https://localhost/config

  3. Login as administrator user

  4. Navigate to Active Directory settings.

    1. Enter the IP address of the domain server

      1. make sure it is prepended with "ldap://" .

    2. Enter the base distinguished name (dn).

    3. Enter the username and password of the administrator user of the domain.

      1. The password will be cleared upon entering, but the password is saved. This is a known issue.

    4. Enter the user group you created earlier.

    5. Fill in the service principle name of the Sense (server) you are on
      IMPORTANT: Every (slave) server will have its own system-name put here.

      1. Required for SSO enter the following value : http://<computername>.<domain>. This is the computer name of the VDG Sense server followed by the domain. (e.g. 'http/VDG_SenseServer.makessense.com')

      2. Only check the import users checkbox on the master SenseServer.

    6. Click on "Identity Service" tab

      1. Change the identity provider to 'Active Directory'

      2. Switch between the “Default” and “Active Directory” to apply the changes (This is a known issue)

      3. Go to the Users tab/page and observe or the AD users are added.

...

  1. Start a Sense Client application (does not matter which machine) in this case we do this on system 2.

  2. Navigate to the following configuration directory: %appdata%/Roaming/VDG Security/SenseClient/settings.

  3. Open the SenseClient.ini

  4. Configure the netbios name of the server (system 2), on which the client should login too, for the following parameters:

    1. [OpenApiWebSocketHost]

    2. [OpenApiHttpHost]

    3. [ActiveDirectoryNetbiosName]

...

5. Move/copy this SenseClient.ini file available in a shared folder on your domain controller (system 1) which created in chapter Create “shared folder” (Required for SSO) Or any another fileshare and make sure your clients have access to this network share.

...

System 3 - Setting up Sense Client

Info

IMPORTANT :

Make sure all systems have synced time settings.
Restart system after setting up Sense System.
Add firewall exceptions (ports) NetBIOS

For this step you need to have Sense Client installed on the system

...