Just some simple tips for setting up the connector server. Some of these tips are from my colleagues, some I have modified what my colleagues are doing and so are my own take on things.
When building a connector server machine, it works very well to create a separate disk where all of the connector server software can be loaded and run from. For a physical machine (iron) the D drive will be taken by a CD/DVD drive, and you can use E: for the connector server. On a VM, you could choose to use D: or E:, whatever your preference.
On install never accept the Program Files folder for where the software is installed to. If you followed the advice above you will install the software into the D: or E: drive, if not, install in the C: drive, so your top folder is E:\Identity Connectors (or your drive). Under that you should have a Connector Server folder.
After install, decide where you want to put the log files. The default is C: and that is a bad location for the files. You can put the logs inside the Connector Server folder, in a separate folder, or on a third drive letter, for that matter. I call my logs folder Logs with a capital L since this is Microsoft and we give civilized names to our folders in Windows, not like those "lower case-no blanks" Linux savages.
The bundles of course go into the Connector Server folder per the install guides for each connector. Be sure to set the key first. I will cover logging in a separate post.
I install WinSCP and Notepad++ on my connector servers so I can manage things easily. I also make sure the Remote Admin tools including Active Directory Administrative Center, AD module for Windows PowerShell, Web Server (IIS) Tools, Telnet Client, and .NET 3.5.1 Framework Windows features are installed.
Finally, many people don't know how to set up a VIP on a windows box. The command is:
netsh interface ip add address "Local Area Connection" <vip-address> <netmask>
The name "Local Area Connection" is an example, this needs to be the name of your existing Ethernet adapter. Sometimes it is named Local Area Connection, other times it is named Online Network, but you need to find out what it is called by running ipconfig /all and noting it. You are adding an address to the existing interface, so it needs to be the same.
No comments:
Post a Comment