Skip to main content
Version: Axidian Privilege 2.10

Configuration Files Setup

  1. Select the OS which you plan to install the Axidian Privilege on and click Next.

  2. Enter the FQDN of the management server in the Management server address field.

    Fill in the IP addresses of PAM access servers field.

    IP addresses can be specified in the following formats:

    • Single IP address. Example: 192.168.0.1
    • Range of IP addresses (first and last IP addresses in the range, separated by a hyphen). Example: 172.168.0.0 - 172.168.255.255
    • Subnet (in IP/mask format). Example: 10.0.0.0/8

    You can enter multiple values separated by commas or semicolons.
    Example: 192.168.0.1, 192.168.0.2, 172.168.0.0 - 172.168.255.255, 10.0.0.0/8, 2001:0db8:abf2:29ea:5298:ad71:2ca0:4ff1.

    caution

    Don't leave the field empty. If you need to allow all networks please enter 0.0.0.0/0; ::/0.

    Click Next.

  3. In the next window specify the infromation about the database: Server type, Server address. Enter the login and password of the account in User and Password fields. Leave the Add a new encryption key option disabled.

    caution

    To use a named MSSQL instance, you will need to make changes to the configuration files of the core, idp and ls components. It is necessary to specify the instanc in the Data Source field, in the ConnectionString section, for example: Data Source=storage.axidian.local\\sqlexpress

    In the core and idp configuration files, you must specify the instance using 2 slashes: \\sqlexpress

    In the ls configuration file, you must specify the instance using 1 slash: \sqlexpress

    Click Next.

  4. Select Storage type.
    Possible values: - File systemSMBS3 If you select SMB, fill in the following fields: Network Path, Domain, Username and Password.
    If you select S3, fill in the following fields: Network address of the S3 server, Path to the root directory of the storage on the S3 server, Access key id, Secret access key. If necessary, fill in the optional fields: Region, Location restriction.
    Click Next.

  5. In the next window, specify the DNS domain name, DN container name of the user directory, enter the login and password of the account for reading the user directory, and check whether it is necessary to use the LDAPS protocol when reading the directory (LDAP is used by default) and click Next.

  6. In the next window, enter the SID of the role administrator and click Next.

  7. Download the necessary configuration files and click Finish.

  8. Stop the web-wizard by running the command: 

    sudo bash stop-wizard.sh