Installing a cloud-bound farm with IFS web access

This installation procedure describes an installation and configuration of all services of the farm on the same machine, using IFS security of an Infor cloud tenant.

Note: To run your farm on IFS with an authentication type that is set to Oauth1.0a, you must export the OAuth keys from the farm. After exporting the OAuth keys, you must configure ION API.

Office Integration does not yet support cloud-bound farms.

The first step of this procedure is started automatically when the services are installed through the Setup_Services.exe file. The specific log files for the setup are created in the Temp folder of the user who launches the setup.

These steps establish the connection to the central Configuration Service and set up the Infor EPM farm.

The Infor EPM Setup dialog box displays the version number to be installed.

  1. Click Install.
  2. Click Next.
  3. In the Custom Setup dialog box, use the default settings to install all services.
    You can select the components to be installed. You must always install Farm Tools, Service Controller, and at least one service.
  4. Optionally, change the destination folder.
  5. Click Next.
  6. Click Install.
  7. Click Finish.
    The installation setup starts automatically.
  8. Select Create a new farm and click Next.
  9. In the Farm Deployment dialog box, select Cloud-bound farm and click Next.
    The Web Access Settings dialog box is displayed.
  10. To configure the web access settings, specify this information:
    Dashboard Public URL
    The URL to connect to Dashboards. The default is the server name.
    Office Integration Public URL
    The URL to connect to Excel Integration. The default is the server name.
    Session time-out
    The time, in minutes, after which a session times out. The default is 30 minutes.
    Maximum request length
    The maximum length in MBs. The default is 128 MBs.

    Click Default Values to automatically restore the default values.

  11. Click Next.
    The Service to Service Security dialog box is displayed.
  12. Select the No security option.
  13. Optionally, select the Use SSL/TLS encryption check box.

    If you select this check box, a master certificate is required.

  14. Click Next.
    The API Security dialog box is displayed.
  15. Select OAuth or No security.

    We recommend that you select the No security option only when all communication between the services is done on the same server.

    When the Use SSL/TLS encryption check box is selected, a master certificate is required.

  16. Click Next.
    The Web Access Security dialog box is displayed.
  17. Select the Infor Federation Services option.
    The page provides the ability to upload the service provider file of the farm, which helps generating the needed service provider in Infor User Management and download the IDP file.

    Specify System tenant, which is the tenant you are binding to.

    Click Create to generate the service provider registration file, which contains the information needed to create a service provider in Infor OS User Management..
    Go to Infor User Management > Service Provider screen and upload the service provider registration file to generate and download the IDP file.

    The Use SSL/TLS encryption check box is selected by default and disabled.

    SSL/TLS encryption requires a master certificate and a web access certificate.

  18. Click Next.
    The Client Access Security dialog box is displayed.
  19. Select the Basic option and click Next.
    When using IFS authentication in web, the client application supports basic only.
  20. In the Security Certificates dialog box, create the certificates for the Infor EPM farm.
    Ensure that you are familiar with the different types of certificates.

    The master certificate can sign all other certificates of the farm. For the master certificate, select one of these check boxes:

    Option Description
    Import a certification authority-signed master certificate Ensure the certificate you import can sign other certificates. If you use a certificate authority-signed certificate, all certificates that are generated by Service Expert are trusted on any machine, automatically.
    1. Browse to the certification authority-signed master certificate file in your local folder and import the certificate of Infor EPM. Click OK.
    2. Specify a password.
    Generate a new self-signed master certificate The Service Expert generates a self-signed certificate. In that case also specify a password to protect it. Do not leave the field blank.
  21. The web access certificate is used to secure the public URLs of the dashboards and Office Integration. For the web access certificate, you can select one of these check boxes:
    Option Description
    Import a certification authority-signed certificate This check box is recommended when using a self-signed master certificate.
    1. Browse to the custom certificate file in your local folder and import the certificate of Infor EPM. Click OK.
    2. Specify a password.
    Generate a new certificate Select this check box when using a CA-signed master certificate. The generated certificate is trusted on any machine.

    When using a self-signed master certificate, you must manually trust the generated certificate on all web browser and Excel Integration servers. Infor EPM mobile applications on iOS do not support self-signed certificates. We recommend that you use this combination only for test environments. Specify a password to protect it. Do not leave the field blank.
  22. Click Next.
  23. Select one of these accounts for Service Controller and specify a password for a custom user:
    Option Description
    Local System account Local system windows account.
    This account The global account, indicating which account must be used on all machines.
  24. Click Next.
  25. In the Directions dialog box, specify the OLAP Service.
    You can click Browse URL to specify the database directory, backup directory, and local directory for the OLAP Service.
    Database central directory
    OLAP central DB root folder. This is the main folder where the OLAP database files are stored. This folder is created later. The default folder is C:\Infor\OLAP\CentralDB. We recommend that you back up the folder regularly.
    Backup directory
    OLAP Backup DB root folder. This is the main folder where the OLAP backup files are stored. This folder is created later. The default folder is C:\Infor\OLAP\Backup. We recommend that you back up the folder regularly.
    Local directory
    OLAP local DB root folder. Specify a valid folder path. The default is C:\Infor\OLAP\LocalDB. This folder is created later.
    Protect Local DB directory
    If this check box is selected, only the account under which OLAP Service runs has access to that folder.
  26. Click Next.
  27. To create the Configuration Service database, click Specify Database.
    Specify this information and click OK:
    Database type
    The database to be used.
    Connection
    Specify the server.
    System User
    Select the Enter a system user check box and specify the user name and password.

    Optionally, click Validate to test the connection.

    1. Click the Schema tab to use the existing database and existing database user or create new ones.
    2. Click the Options tab to, for example, specify a DB cluster for SQL server.
  28. Click Next.
  29. To create the Log Service database, click Specify Database.
    Specify this information and click OK:
    Database type
    The database to be used.
    Connection
    Specify the server.
    System User
    Select the Enter a system user check box and specify the user name and password.

    Optionally, click Validate to test the connection.

    1. Click the Schema tab to use the existing database and existing database user or create new ones.
    2. Click the Options tab to, for example, specify a DB cluster for SQL server.
  30. Click Next.
  31. Verify that the information in the Overview dialog box is correct.
  32. Specify a password for the master keys and connection profile.

    By default, the master.keys and Connection.farmprofile files are saved in the users\[your account]\Documents folder.

  33. Optionally, click Change Location and browse to the location in which to store the master.keys and Connection.farmprofile files.
    For future use, note the passwords that you specify.
    Note: Ensure that you create backups of the master.keys and Connection.farmprofile files and their passwords. The connection profile is the central key to your farm. It is required, for example, when you add machines to the farm. Master keys are crucial to decrypt your farm data. If you lose the master keys, you cannot access your farm.
  34. Click Create.
  35. Click Create again.
  36. After the creation process is finished, click Close.
    The Service Expert starts automatically and shows the Service Controller and Configuration Service Worker tabs.
  37. From the Expert menu, select Connect.
    You can connect to a farm only if both services are running. If there are any issues on the Service Controller tab, fix the errors manually, or use the proposed fixing options.
  38. Select the farm name and click Connect.
  39. From the Services menu, select Register All.

    The Service Controller starts all registered services automatically.

  40. Close the Service Expert.
  41. Click Finish. Optionally, select the Launch Farm Expert option.
    The Farm Expert starts automatically. You can proceed with configuring the farm.
Related topics
  • Service Provider - Cloud Edition