Appanvil karma designer | ||||
---|---|---|---|---|
|
Step 7 Configure AuditReport ServiceSteps Service
Steps 8 and 9 Install Autostart Scripts and start ACDI components. A self-signed certificate
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Today we'll go through ACDI installation. On this screen you may see the system requirements for ACDI.
These requirements are:
Minimum 4 cores from 16 to 32GB of RAMCPU - 4 Cores (8 Recommended)
RAM - 16Gb (32 Recommended)
Root access
At least 100GB of disk space
Red Hat version 8, SLES 15 or Ubuntu 22. Any other Linux may be used on demand.
Open in port 3119 3190 to outside. It will be required to send data from a machine with IDM to a machine with ACDI.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
...
Now let's go to the terminal, to the machine where we'll install ACDI.
We'll need root access , as well as and the zip file with ACDI. Let's unzip it . We install into the OPT folder.to /opt.
Info |
---|
Note! The installation will be done in a directory where the archive was unzipped to - do not use /home or other directories with limited access! |
...
Okay, let's go inside. Here we’ll need to start
Default folder for logs is “/var/log/acdi/” and for data- “var/data/acdi”. If you need to change it you can do it in ACDIinstaller/config.json
...
To start installation execute ./install.sh from root user.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
...
So, we know that the hostname of our machine – Linux Nzdp – “linux-nzdp” is resolvable and we'll use it in the ACDI installation.
Info |
---|
Please, use only letters, numbers and hyphens in FQDN of ACDI instance |
...
Let's extract all components. Now the files are extracted.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
As the next step, we need to choose whether we'll use an existing Linux user or create a new one.
By default, the Install script suggests that we create a user with the name acdi.
Press Enter to use the default name.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Now we need to define a resolvable FQDN for the ACDI instance.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
In step #3 we'll need to define the name of a local account that will have administrative rights and access to all components.
Press Enter to use the default ACDI admin.
...
Now we need to set a default password for this user.
We will need this user to be able to configure a connection to ACDI in ACDI Driver in IDM.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
This user will have access to the OpenSearch dashboards.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Press Enter to use the default OSD admin.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Now we need to select what LDAP connection will be used as the default connection to eDirectory or to Active Directory.
Here we'll use eDirectory.
...
Now we need to define a resolvable FQDN of the LDAP server.
Please don't forget to set the port.
...
So, this is the account which has access and can read data from the LDAP server.
Now we need to set its password.
...
Note: If, for some reason, the connection was broken and installation was interrupted during any of the steps, we can run ./install.sh one more time and continue from the place where the installation has been interrupted.
...
Great! The connection to the LDAP server has been established. The authorization is successful.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Next step will be to configure the CRON string to be able to run the Audit report service.
By default, the CRON string shows that each day at 01:05 AM, a report service takes snapshots of a directory.
Let’s press Enter to use the default settings.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
So, let's install AutoStart Scripts and start ACDI components.
...
Services will be started one by one with checks, which can take some time.
Here we can see that the installation has finished successfully. During installation, the start script creates a self-signed certificate. We can see a notification message.
...
Let's use our local admin account.
...
The ACDI installation is completed successfully.
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
The next step to be able to start using ACDI is to create a license with the help of the server ID. It can be found in Administration > Audit Server. Just copy and send the server ID to SKyPRO support so that we can create a license for you.
...
When you have a license, copy and paste it in the appropriate field.
Click “Save”
...
Then please restart the core engine: Tab Core Engine > Restart.
...
Now let’s refresh the page. On the Home page at the bottom, you will see information about the license: the company name for which the license was issued and its validity.
...
This was the basic ACDI installation.
Note: later, if you need to change the certificate, you'll need to go to /opt/acdi4.0.3/certs and replace the certificate in keystore.pfx. Restart the Audit Proxy and Audit Server Services.
...
Should you have any questions or difficulties, please contact us at any time swsupport.skypro@skypro.ch