Installing a farm with LDAP web access security
The specific log files for the setup are created in the Temp folder of the user who launches the setup. The
first step of this procedure is started when the services are installed through the
Setup_dEPM_Services.exe
file.
The procedure establishes the connection to the central Configuration Service and sets up the Infor d/EPM farm.
The Infor d/EPM Setup dialog box displays the version number to be installed.
- Click Install.
- Click Next.
-
In the Custom Setup dialog box, use the default settings
to install all services.
You can select the components to be installed. You must always install Farm Tools, Service Controller, and at least one service.
- Optionally, change the destination folder.
- Click Next.
- Click Install.
-
Click Finish.
The installation setup starts automatically.
-
Select Create a
new farm and click Next.
The Service to Service Security dialog box is displayed.
- Select the No security option.
-
Optionally, select the Use
SSL/TLS encryption check box.
If you select this check box, a master certificate is required.
-
Click Next.
The API Security dialog box is displayed.
-
Select OAuth or No
security.
We recommend that you select the No security option only when all communication between the services is done on the same server.
When the Use SSL/TLS encryption check box is selected, a master certificate is required.
-
Click Next.
The Web Access Security dialog box is displayed.
-
Select the LDAP option.
The Use SSL/TLS encryption check box is selected by default and disabled.
SSL/TLS encryption requires a master certificate and a web access certificate.
-
In the Security Certificates dialog box you must create the
certificates for the Infor d/EPM farm.
Ensure that you are familiar with the different types of certificate.
The master certificate can sign all other certificates of the farm. For the master certificate, select one of these check boxes:
Option Description Import a certification authority-signed master certificate Ensure the certificate you import can sign other certificates. If you use a certificate authority-signed certificate, all certificates that are generated by Service Expert are trusted on any machine, automatically. - Browse to the certification authority-signed master certificate file in your local folder and import the certificate of Infor d/EPM. Click OK.
- Specify a password.
Generate a new self-signed master certificate The Service Expert generates a self-signed certificate. In that case also specify a password to protect it. Do not leave the field blank. -
The web access certificate is used to secure the public URLs
of the dashboards and Office Integration.
For the web access certificate, you can select one of these check boxes:
Option Description Import a certification authority-signed certificate This check box is recommended when using a self-signed master certificate. - Browse to the custom certificate file in your local folder and import the certificate of Infor d/EPM. Click OK.
- Specify a password.
Generate a new certificate Select this check box when using a CA-signed master certificate. The generated certificate is trusted on any machine. When using a self-signed master certificate, you must manually trust the generated certificate on all web browser and Excel Integration servers. Infor d/EPM mobile applications on iOS do not support self-signed certificates. We recommend that you use this combination only for test environments. Specify a password to protect it. Do not leave the field blank.
- Click Next.
-
Specify this information:
- Dashboard Public URL
- The URL to connect to Dashboards. The default is the server name.
- Office Integration Public URL
- The URL to connect to Excel Integration. The default is the server name.
- Session time-out
- The time, in minutes, after which a session times out. The default is 30 minutes.
- Maximum request length
- The maximum length in MBs. The default is 128 MBs.
Click Default Values to automatically restore the default values.
- Click Next.
-
Select one of these accounts for Service Controller and specify a password for a custom
user:
Option Description Local System account Local system windows account. This account The global account, indicating which account must be used on all machines. - Click Next.
-
Specify the OLAP Service directories
if the default values are incorrect.
You can click Browse to specify the database directory, backup directory, and local directory for the OLAP Service.
- Database central directory
- OLAP central DB root folder. Specify a valid folder path. The default is C:\Infor\OLAP\CentralDB. This folder is created later.
- Backup directory
- OLAP Backup DB root folder. Specify a valid folder path. The default is C:\Infor\OLAP\Backup. This folder is created later.
- Local directory
- OLAP local DB root folder. Specify a valid folder path. The default is C:\Infor\OLAP\LocalDB. This folder is created later.
- Protect Local DB directory
- If this check box is selected, only the account under which OLAP Service runs has access to that folder.
- Click Next.
-
To create the Configuration Service database, click Specify Database.
Specify this information and click OK:
- Database type
- The database to be used.
- Connection
- Specify the server.
- System User
- Select the Enter a system user check box and specify the user name and password.
Optionally, click Validate to test the connection.
- Click Next.
-
To create the Log Service database, click Specify Database.
Specify this information and click OK:
- Database type
- The database to be used.
- Connection
- Specify the server.
- System User
- Select the Enter a system user check box and specify the user name and password.
Optionally, click Validate to test the connection.
- Click Next.
- Verify that the information in the Overview dialog box is correct.
-
Specify a password for the master keys and connection profile.
By default, the
master.keys
andConnection.farmprofile
files are saved in the users\[your account]\Documents folder.You can change this location.
-
Optionally, click Change
Location and browse to the location in which to store the
master.keys
andConnection.farmprofile
files.For future use, note the passwords that you specify.Note: Ensure that you create a backup of themaster.keys
andConnection.farmprofile
files and their passwords. Connection profile is the central key to your farm. It is required, for example, when you add machines to the farm. Master keys are crucial to decrypt your farm data. If you lose the master keys, you cannot access your farm. - Click Create.
-
Click Create again to confirm that
you know these requirements:
- To back up the master keys file in a secure location.
- To remember the password that is used to protect the master keys file.
- After the creation process is finished, click Close.
-
The Service Expert starts
automatically and shows the Service Controller and Configuration Service Worker tabs. From the Expert menu, select Connect.
You can connect to a farm only if both services are running. If there are any issues on the Service Controller tab, fix the errors manually, or use the proposed fixing options.
- Select the farm name and click Connect.
-
From the Services menu, select Register All.
The Service Controller starts all registered services automatically.
- Close the Service Expert.
-
Click Finish.
Optionally, select the Launch Farm
Expert option. The Farm Expert starts automatically.
Proceed with configuring the farm. After completing the farm you must configure LDAP authentication.