Soffid Sync Server installation
First of all, open your favorite browser and surf on the internet to Soffid Download Manager.
Click on Synchronization server and download the latest version for your OS.
As soon as Soffid Synchronization server file (syncserver-x.y.z.sh) is stored in your computer, copy it in a folder of your server with execution rights.
Red Hat servers
Please download rpm installer version and execute:
Linux Hosts 64 bits
32 bits libraries installation will be needed: ia32-libs.
If you want to install AD agent, please check if SSL access to active directory LDAP is enabled before the installatopm. If it is not enabled, please read the document named HOWTO SSL access to Active Directory
System will ask for optional components to install:
Password synchronisation for Active Directory.
SAP connector must be installed on the host responsible for the synchronisation of accounts and passwords to the SAP system. It is not necessary to install it on the synchronisation servers when synchronisation is done by a proxy server.
Active Directory synchronisation passwords should be installed on all domain controllers without exception. This module allows the immediate propagation of all password changes on the active directory to Soffid IAM.
To configure password synchronisation, please specify the server synchronisation URL during the installation process, as well as the synchronisation agent code used on the configuration (see 4.2 Configuring agents).
To install or uninstall the synchronisation server a restart of the host is needed.
Boot service configuration
Execute these commands as root to start Soffid Sync Server service on boot
Note that if you are running Centos, Redhat7 o version higher than Ubuntu 16.04, you should enable the service in systemctl
Once you have installed and configured Soffid Sync Server as a service, you could manage it with the following operations
First synchronisation server configuration
It is not recommended to install the first sync server on the same host where BBDD is installed.
To configure the server, please execute the following commands:
User and password must be the ones created during the installation process.
The hostname must be included on the seycon.server.list configuration parameter. The Soffid installation process adds the console host name to that list. The list can be modified through the Configuration-Parameters menu. To modify the attribute seycon server list, edit the parameter value, and insert all the master synchronisation server URLs separated by comma.
The url connection parameter depends on the database system:
- For Oracle: jdbc:oracle:thin:@localhost:1571:XXXX
- For Mysql: jdbc:mysql://localhost:3306/XXXX
- For SQLServer: "jdbc:sqlserver://localhost:1433;databaseName=XXXX"
If the synchronisation server is installed onto the active directory server, please configure the notifier for password updates. To configure it, please ensure that the synchronisation server is running. Then, please execute:
On 32 bits systems:
On 64 bits systems:
Next servers configuration
In order to configure the next server syncservers, a two step process is required: first, a normal user installs and configure the sync server softwar; next, a Soffid administrator allows the sync server to join the sync servers network.
To perform the next step, you do not need to enter the database credentials. Instead, the primary sync server URL and a Soffid console user name and password are required.
For instance, you can execute:
After executing the command, an approval task will appear in Soffid console. The administrator can take ownership of the task and approve or reject it. After approving the server creation, the server will be configured as a proxy sync server (without database access).
The administrator can open the sync servers configuration page to change the sync server role at any time.