Keystone Installation Guide 3.9.0

Keystone Installation Guide
www.bitkoo.com
Keystone Installation Guide Version 3.9.0
2011 BiTKOO, LLC.
All rights reserved.
Page 1 of 15
www.bitkoo.com
Copyright Notice
This document (written or otherwise displayed on magnetic media or other medium) contains confidential and proprietary information of BiTKOO, LLC. It is furnished only for informational purposes, and no license or permission is hereby granted to use such information in any manner. In no event may this information be reproduced, distributed and/or publicly displayed in any form or by any means without prior expressed written permission of BiTKOO, LLC.
2011 BiTKOO, LLC.
Keystone Version 3.9.0 Document Version 1.1 January 2011
2011 BiTKOO, LLC.
Page 2 of 15
www.bitkoo.com
Overview
Keystone is an extensible and scalable security solution for user authentication and fine-grained authorization. It works in concert with a variety of authentication directories to provide application security. Keystones integrated set of components acts to protect applications from unauthorized access. These components are based on current technology and standard protocols for authentication and authorization. As applications and web services utilize this shared infrastructure, an enterprise will reap the benefits from the elimination of redundant development efforts as well as the efficiency of standardized administration, cross-application reporting and audit trail.
Purpose and Scope

The purpose of this document is to provide instructions on the installation of the Keystone system. The scope includes the following: Keystone Prerequisites Installation Preparation Installation Walkthrough
Please note the following companion documents that describe the function and use of the Keystone system: Keystone Administration Application Guide Keystone Authorization Component Guide
Keystone Prerequisites
The following are prerequisites for installation of Keystone Version 3.9.0. IIS 6.0 or Higher Keystone requires IIS 6.0 or higher to be installed on an application server. Supported servers include Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2. Both 32-bit and 64-bit servers are supported. SQL Server Keystone requires an instance of Microsoft SQL Server 2005 or Microsoft SQL Server 2008. All editions of SQL 2005 and SQL 2008 are supported. Note: IIS and SQL can be run from the same server, but this may limit failover scenarios.
2011 BiTKOO, LLC.
Page 3 of 15
www.bitkoo.com
.NET Framework 3.5 SP1 You can download and install this software from the Microsoft web site at http://www.microsoft.com/downloads/details.aspx?familyid=ab99342f-5d1a-413d-831981da479ab0d7&displaylang=en. Please note: if you are using Windows Server 2008 R2, the .NET Framework can be added by opening the Server Manager, clicking Add Features and then selecting .NET Framework 3.5.1 Features. Web Services Enhancements (WSE) 3.0 You can download and install this software from the Microsoft web site at http://www.microsoft.com/downloads/details.aspx?FamilyID=018a09fd-3a74-43c5-8ec18d789091255d&displaylang=en. The installer offers a number of options; Keystone only requires the Runtime features to be installed. Alternately, the Keystone Installation Package will attempt to install Microsoft WSE 3.0 automatically during the setup process.
Upgrading an Existing Keystone Installation

One way to upgrade an existing installation is to uninstall the prior version and install the new version. If you have made custom entries in the configuration files, these entries will not be carried over to the new installation. If you have custom entries you would like to keep, then you can follow the steps in the manual upgrade package. Please contact your technical support engineer to obtain the manual upgrade package. If you are would like to do the uninstall/reinstall process, follow these steps: 1. Uninstall the existing Keystone 3.x system. This can be done by re-running the installer package that came with the installation or with the Add/Remove Programs feature in the Windows Control Panel. Note: This will leave the databases intact. 2. Follow the steps below for a new installation. Note: when you get to the feature page, (Step #7 below), be sure to uncheck Install Databases and check Upgrade Databases. This is also noted with Step #7 below. Note: Directory Abstraction Layer configuration is stored in the database and will be preserved during the uninstall/reinstall process.
2011 BiTKOO, LLC.
Page 4 of 15
www.bitkoo.com
Installation Preparation
Before running the Keystone Installation Package, you should have the following items in place: SQL Server Administrator Account Keystone requires an existing SQL Server account that has the sysadmin role assigned on the SQL Server instance to be used. The Keystone installation supports either Windows Authentication or SQL Server Authentication for the installation process. Service Account Keystone requires an existing user account to run the Keystone Audit Trail Service and the IIS Application Pool. This can be either a local server account or a domain account. The user account should be a member of the Administrators group on the application server and should have a strong password. Note: if you are installing onto Windows Server 2003, then the user account must also be a member of the IIS_WPG group. Existing Web Sites Before installing Keystone, you must stop any existing web sites that are running on port 80 (web sites run on port 80 by default). Follow these steps to stop any currently running sites: 1. Open the Internet Information Services (IIS) Manager. 2. Check for web sites running on port 80. 3. Right-click the running web site name. a. For Windows Server 2003: Select Stop. b. For Windows Server 2008: Select Manage Web Site from the menu. Select Stop.
Figure: IIS Manager (Windows Server 2008)
2011 BiTKOO, LLC.
Page 5 of 15

Allow ASP.NET (Windows Server 2003 only) If you are using Windows Server 2003, you must allow ASP.NET to run in IIS. 1. 2. 3. 4. Open the IIS Manager. Select Web Service Extensions on the left side of the screen. Select the ASP.NET v2.0.50727 option. Click the Allow button:
www.bitkoo.com
Figure: IIS Manager (Windows Server 2003)
Installation Walkthrough
The following steps will guide you through the Keystone Installation Package. Note: If you would like to create a text log of the installation, please see the Installation with Logging section below. 1. Run the BiTKOO-Keystone-3.9.0.exe application as an administrator. To run the application as an administrator under Windows Server 2008, right-click on the installation icon and select Run as administrator from the context menu.
Note: if you are installing under Windows Server 2003, right-click and choose Run as, then uncheck the options that says Run this program with restricted access.
2011 BiTKOO, LLC.
Page 6 of 15

2. The License Agreement screen will appear:
www.bitkoo.com
3. Read the text of the BiTKOO Click-Through Evaluation License Agreement. If you disagree with the terms, click the button. Otherwise 4. Check the button labeled I accept the terms in the License Agreement:
5. Click the
button.
2011 BiTKOO, LLC.
Page 7 of 15

6. The Features screen will appear:
www.bitkoo.com
7. Using the items in the box labeled BiTKOO Keystone Features, check the features that you wish to install or uncheck the features that you do not wish to install. Note that categories of features may be expanded by clicking the button to the left of the category name:
Note: If you are doing a new install (with an empty database), then select the Install Databases option (and do not select Upgrade Databases). If you would like to upgrade an existing database to the current version, then select Upgrade Databases, and de-select Install Databases. 8. Click the button.
2011 BiTKOO, LLC.
Page 8 of 15

9. The Installation Path screen will appear:
www.bitkoo.com
10. If you click the button labeled , a folder selector box will appear. 11. Select the directory where you wish to install Keystone. In the above example, this is C:\Program Files (x86)\BiTKOO\Keystone, but you may choose any directory that currently exists on your system. 12. Select the directories for the database MDF and LDF files. The path names must include a backslash (\) symbol at the end. Also note: these directories must already exist on the system. They may be located on the SQL Server file system or a network share accessible by the SQL Server. 13. Click the button. 14. The IIS Settings screen will appear:
2011 BiTKOO, LLC.
Page 9 of 15
www.bitkoo.com
15. In the Windows Domain or Computer Name box, type the name of the domain or local computer for the login. The Username and Password boxes should contain an existing user on that domain. In the above example, AdminAccount is a system identity that has been previously established on the machine where Keystone 3.9.0 is being installed. 16. Click the button. 17. The SQL Connections screen will appear:
18. Type the host name or IP of the database server in the box labeled SQL Server Hostname or IP. If dealing with a named instance, type the server name followed by a backslash (\) and then the instance name (InstanceName in the above example). Note: Ensure that TCP/IP is enabled on the SQL Server. If necessary, ping the database server to be sure that it is reachable from the installation location. 19. Choose Windows Authentication or SQL Server Authentication from the Authentication dropdown box for Installer SQL Connection:
If Windows Authentication is selected, then the current Windows session must be logged in with an account with the sysadmin role on the SQL Server. Note: Depending on the installation environment, there may be potential issues using Windows Authentication for the database installation depending on how the server is logged in and what impersonation (if any) is used. Because of this, it is highly recommended that you set up a sysadmin account on the SQL Server that can be logged in with SQL Server Authentication. This login can be deleted after the
2011 BiTKOO, LLC.
Page 10 of 15
www.bitkoo.com
installation is complete. If SQL Server Authentication is selected in the dropdown list, the Login and Password boxes will appear:
The login used for the installation must have the sysadmin role on the SQL Server. 20. Fill in the connection for the Keystone SQL Connection. This will be used by the Keystone application during normal operation. If you select Windows Authentication, it will use the same login credentials supplied on the previous screen. If you select SQL Server Authentication, the login will be created on the SQL Server if it does not already exist. 21. Click the button. 22. The Environment Configuration screen will appear:
23. In the Current Installation Environment box, select the type of installation currently being performed:
2011 BiTKOO, LLC.
Page 11 of 15
www.bitkoo.com
24. Type the name of each host domain to which the current instance of Keystone will be connecting for Development, QA and Production functions. This hostname must not be terminated with a slash (/) or backslash (\). If you are installing into a test environment, it is acceptable to use the same value for each of the host names. 25. Click the button. 26. Keystone 3.9.0 is now ready to install:
27. Click
to terminate the process at this point,
to make changes to the
information on any previous pages, or to initiate the Keystone 3.9.0 installation process. 28. During the installation process, the Progress screen will appear:
2011 BiTKOO, LLC.
Page 12 of 15
www.bitkoo.com
The upper bar indicates the overall progress of the installation. The lower bar tracks the creation and configuration of the various elements being installed. 29. If you selected to use https (on the Environment Configuration) screen, the installation will pause and prompt you to associate the SSL certificate with the Keystone website (Note: if you are using http, this screen will not appear):
At this point, you should open the IIS Configuration Manager and configure the https binding to use an SSL certificate. After IIS is configured, go back to the open window and press any key to continue the installation. 30. On successful completion of the installation, the Completed screen will appear:
31. Click the your system.
button. Congratulations, you have now successfully installed Keystone on
2011 BiTKOO, LLC.
Page 13 of 15
www.bitkoo.com
You should now be able to navigate to the Keystone Web Site at http://*MachineName+/Keystone. This web site allows you to download the Keystone Administration Application, the various client-side developer components, and additional documentation.
Installation with Logging

As an option, the Keystone Installation Package can generate a text file log of each action performed by the installation. If you would like to run the installation with logging, you need to run the installer batch script from an administrator command line. You can do this with the following steps. 1. Go to Start Menu -> All Programs -> Accessories and find Command Prompt. If using Windows Server 2008, you can also search type Command Prompt or cmd in the Search programs and files box. 2. Right-click on Command Prompt and select Run as administrator.
3. Locate the folder containing the Keystone installer files. At the command prompt, change to the directory containing the installer files. In the illustrated example below, the installer files are located in directory C:\Temp:
4. At the command prompt, run the batch script InstallKeystoneWithLogging.bat.
5. The normal installation process will start. See the Installation Walkthrough section above for specific instructions.
2011 BiTKOO, LLC.
Page 14 of 15
www.bitkoo.com
6. When installation has completed, you can find the log file in the folder containing the Keystone installation files. The file is named KeystoneInstaller.log. Here are the log files that are created during installation and their locations: KeystoneInstaller.log records installer actions when the batch script InstallKeystoneWithLogging.bat is run. KeystoneInstaller.log is written to the same directory as the batch script. DeployerFileUpload.log records messages for deployer file upload operations when the Deployer Files feature is installed. DeployerFileUpload.log is located at <InstallationLocation>\<Version>\DeployerFileUpload.log. WriteInstallerVariables.log records messages for variable substitution operations when anything is installed. WriteInstallerVariables.log is located at <InstallationLocation>\<Version>\WriteInstallerVariables.log. BuildLauncher.log records messages for KeystoneInstaller.msi build operations when the Launcher feature is installed. BuildLauncher.log is located at <InstallationLocation>\<Version>\BuildLauncher.log.
Uninstall
If you uninstall Keystone, the following items are not affected: All Keystone databases are left intact and unchanged. The Microsoft WSE 3.0 SDK is not uninstalled. If desired, this can be removed using the Add/Remove Programs option on the server.
Additional Configuration
The Keystone Directory Abstraction Layer (DAL) allows you to use your existing directories for authentication. For additional information, please see the Keystone Directory Abstraction Layer Guide available on the Keystone web site noted above. This document will walk through the set up and configuration of directories, auth token parameter masks, and auto-provisioning.
Support
Any questions regarding Keystone can be sent to: support@bitkoo.com or contact your direct technical support engineer.
2011 BiTKOO, LLC.
Page 15 of 15

Keystone Installation Guide 3.9.0

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Keystone Installation Guide 3.9.0

Загружено:

Авторское право:

Доступные форматы

Keystone Installation Guide

Keystone Installation Guide Version 3.9.0

2011 BiTKOO, LLC.

All rights reserved.