Install Part I - Virtual - Install and Power-on the SecureAuth IdP 9.1+ Virtual Appliance

Introduction

Use this guide to install the SecureAuth IdP virtual machine into your virtual host server. To save time, the appliance is configured by default to use Dynamic Host Configuration Protocol (DHCP) to automatically acquire an IP address from the network.

Prerequisites

Complete a Pre-deployment Meeting with the Sales Engineer
Review and complete the Pre-Deployment Requirements section of Getting Started I - Pre-Install

VMware (vSphere Thick client)

To import and deploy OVA/OVF files for VMware using vSphere thick client

1. From the vSphere client, connect to a vCenter Server

2. Click File and select Deploy OVF Template

3. Browse to the OVA image and click Open, then Next

Warning

Do Not rename the .OVA file

If renamed, it will corrupt the image

4. Verify that the information is correct and click Next

5. Enter an Appliance Name or Template Name to create, select the location, and click Next

6. Select a Cluster and click Next

7. Select the VM Host and click Next

8. Select the Data store and click Next

9. (Optional) Select Thin Provisioned format and click Next

10. Select the Network and click Next

11. (Optional) To start the appliance after this process is finished, select the Power on after deployment checkbox on the Ready to Complete screen

12. Review the Template details and click Next

13. Review the Deployment settings and click Finish

The SecureAuth IdP Appliance import begins

14. When the import is complete, power on the SecureAuth IdP Virtual Appliance (this happens automatically if the box is checked in step 11)

The Operating System Setup begins; the following notices display on the screen while these processes complete:

- Setup is installing devices
- Setup is starting services
- Setup continues after restarting the computer

VMware (vSphere Thin client)

To import and deploy OVA/OVF files for VMware using vSphere thin client

1. From the vSphere client, click VMs and Templates

2. Connect to a vCenter Server

3. Click Actions and select Deploy OVF Template

The Deploy OVF Template wizard opens

4. Click the Local File radio button and click Browse

5. Browse to the OVA image and click Open, then Next

Warning

Do Not rename the .OVA file

If renamed, then the image will be corrupted

6. Verify that the information is correct and click Next

7. Enter an Appliance Name or Template Name to create, select the location for the entity, and click Next

8. Select a Location to run the deployed machine

9. Select Thin Provision from the Select virtual disk format dropdown and click Next

10. Select the Network to use and click Next

11. (Optional) To start the appliance after this process is finished, select the Power on after deployment checkbox on the Ready to complete screen

12. Review the Deployment settings and click Finish

The SecureAuth IdP Appliance import begins

13. When the import is complete, power on the SecureAuth IdP Virtual Appliance (this happens automatically if the box is checked in step 11)

The Operating System Setup begins; the following notices display on the screen while these processes complete:

- Setup is installing devices
- Setup is starting services
- Setup continues after restarting the computer

Xen

To import Xen files

1. Open the Xen server

2. Click Import to open the Import window

3. Click Browse to navigate to the file to import

4. Select the server and click Open

5. Select the location where the imported VM will be placed and and click Next

6. Select the target storage location where the virtual disks will be stored and click Import

7. Review Local Storage and click Next

Hyper-V

To import Hyper-V

SecureAuth sends a .zip file containing VHD files

1. Extract the contents of the .zip file to a location on the computer

2. In the Hyper-V Manager, click Import Virtual Machine

The Import Virtual Machine wizard opens

3. Click Next

4. Point the wizard to the folder where the .zip folder contents were extracted

5. Click Next

6. In the Select Virtual Machine window, click the virtual machine that appears and click Next

7. Select Copy the virtual machine (create a unique ID) and click Next

8. Specify a new or existing folder(s) to store the files for the virtual machine and click Next

9. Specify a new or existing folder to store the virtual hard disks and click Next

10. In the Completing Import Wizard summary, verify that the information displayed is correct, then click Finish

11. In the Hyper-V Manager window, verify that the Virtual Machine added is listed, then select it and click Start

Several indicators (shown to the left) notify that the process has started

12. Once the process has started, click Connect in the right panel

The localhost - Virtual Machine Connection window displays

When the window to the left displays, the virtual machine has connected and the process is finished

Azure

Applies To

New SecureAuth IdP appliance images only

Notice

Note: Because SISU allows customers to select the IdP version during deployment, this configuration applies to SecureAuth IdP versions 8.1+, but only for new appliance images, not existing 8.1+ appliances

SecureAuth IdP Version	OS Version
8.1+ new appliance images	Windows Server 2012 R2

Prerequisites

1. Obtain the SecureAuth IdP Azure Image from the SecureAuth Sales Team

Email: sales@secureauth.com
Phone: +1.949.777.6959

2. Prepare the Azure Environment (see Microsoft Azure Steps below)

Microsoft Azure Steps

To prepare the Azure Environment, VHD files must be uploaded and a VM must be created

Upload VHD Files

From the Azure files provided by SecureAuth, upload the following VHDs to a storage account:

SecureAuthIdp-Azure-DiskC-Dyn.vhd
SecureAuthIdp-Azure-DiskD-Dyn.vhd

Notice

For more information about uploading a VHD, refer to the Microsoft document, Upload a Windows VHD from an on-premises VM to Azure

Create VM

Create a VM and attach the VHDs:

SecureAuthIdp-Azure-DiskC-Dyn.vhd as the system disk
SecureAuthIdp-Azure-DiskD-Dyn.vhd as the data disk

Notice

The minimum size requirements for a SecureAuth IdP Appliance is Standard_A3

For more information about creating a VM in Azure, refer to the Microsoft document, Create a VM from a specialized VHD

SecureAuth IdP Steps

Warning

SecureAuth IdP appliances use the D Drive to store data, which conflicts with Azure's use of that drive as a temporary storage disk

Follow the instructions to use a different drive for the temporary disk to address this issue

Once complete, Azure will not take back the D drive if the VM moves to a different hypervisor

Appliance Login

1. Start the VM created in the Microsoft Azure Steps and connect to it via Remote Desktop Protocol (RDP)

2. Log into the appliance with the default credentials, Administrator / SecureAuthIdP!

3. Close the SecureAuth IdP Setup Utility (SISU) window that displays to dismiss the utility

Temporarily Move File

4. Temporarily move the pagefile.sys to the C Drive by right-clicking the Start menu and selecting System

5. In the left-side menu, select Advanced System Settings

6. In the Performance section, select Settings, and click the Advanced tab

7. In the Virtual Memory section, click Change...

8. Select Drive-C, then System Managed Size, and click Set

9. Select Drive-D (Temporary Storage), then No paging file, and click Set

10. Apply the settings

11. Once the prompt appears, warning that the computer requires restart for the changes to be applied, restart the virtual machine

Change Drive Letters

12. Right-click the Start menu, and select Disk Management, upon which the Windows Disk Management Utility starts

13. Right-click on Drive-D, the Temporary Storage Drive, and select Change Drive Letter and Paths

14. Click Change...

15. Select Assign the following drive letter, and then G from the dropdown

16. Right-click on the data disk (Drive-D) and select Change Drive Letter and Paths

17. Click Change...

18. Select Assign the following drive letter, and then D from the dropdown

19. Click OK

20. Right-click Drive-G, the Temporary Storage Drive, and select Change Drive Letter and Paths

21. Click Change...

22. Select Assign the following drive letter, and then E from the dropdown

23. Click OK

Notice

The disk configuration should be as follows:

C: Drive-C
D: Drive-D
E: Temporary Disk

Move File Back to Temporary Storage

24. Move the pagefile.sys back to Temporary Storage by right-clicking the Start menu and selecting System

25. In the left-side menu, select Advanced System Settings

26. In the Performance section, select Settings, and click the Advanced tab

27. In the Virtual Memory section, click Change...

28. Select Drive-C, then No paging file, and click Set

29. Select Drive-E (Temporary Storage), then System Managed Size, and click Set

30. Apply the settings

31. Once the prompt appears, warning that the computer requires restart for the changes to be applied, restart the virtual machine

AWS

Retrieve Image

1. Contact SecureAuth and specify the AWS Region in which the SecureAuth IdP will be used

2. SecureAuth sends you information pertinent to the SecureAuth IdP Amazon Machine Image (AMI) for the requested region – the AMI ID and AMI Name you receive appear in this format:

AMI ID: ami-xxxxxxxx
AMI Name: SecureAuthIdPAppliance-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

NOTE: Each 'x' in AMI ID denotes an alpha-numeric character in the identification code, and the 'x' characters in the AMI Name represent code comprised of the appliance operating system, SecureAuth IdP version number, and date.

Step 1: Choose AMI

3. Start the Amazon EC2 Console at https://console.aws.amazon.com/ec2/

4. Select Launch Instance.

5. At Step 1: Choose an Amazon Machine Image (AMI), on the My AMIs tab, search for the AMI ID or AMI Name SecureAuth provided you

6. When the AMI appears, click Select

Step 2: Choose Instance Type

7. At Step 2: Choose an Instance Type, SecureAuth recommends selecting instance Type t2.large or greater

8. Click Review and Launch

Step 3: Configure Instance

9. At Step 3: Configure Instance Details, set the Number of instances for the environment, and configure Network and Subnet and other criteria pertinent to the environment

10. Click Review and Launch

Step 7: Review

11. At Step 7: Review Instance Launch, review the configuration

12. After reviewing the page and making any necessary adjustments to the configuration, click Launch

Additional Information

SecureAuth Profile Data Encryption Using Advanced Encryption

SSL Certificate Replacement Guide - IIS X

SecureAuth Appliance Disaster Recovery Backup

SecureAuth IdP Service Account Setup and Configuration Guide for LDAP Directories (Active Directory and others)

Ongoing Appliance Security Patching and Update Maintenance

What's Next

When all steps on this page are completed, move on to Install Part II - Initialize the SecureAuth IdP Setup Utility

In this section:

Install Part I - Virtual - Install and Power-on the SecureAuth IdP 9.1+ Virtual Appliance

Introduction

Prerequisites

VMware (vSphere Thick client)

Warning

VMware (vSphere Thin client)

Warning

Xen

Hyper-V

Azure

Notice

Prerequisites

Microsoft Azure Steps

Notice

Notice

SecureAuth IdP Steps

Warning

Appliance Login

Temporarily Move File

Change Drive Letters

Notice

Move File Back to Temporary Storage

AWS

Step 1: Choose AMI

Step 2: Choose Instance Type

Step 3: Configure Instance

Step 7: Review

Additional Information

What's Next

Search results