5.3 Installing iFolder on Windows/IIS/Active Directory

This section describes how to install Novell iFolder, using the following configuration:

Server Operating System

Web Server

LDAP Server

Windows 2000

IIS

Active Directory

After you have met all the prerequisites for this configuration, you are ready to install Novell iFolder 2.1.

  1. If you plan to use LDAP over SSL, locate a self-signed root certificate (rootcert.der) for your iFolder server.

    You can export a self-signed root certificate from your certificate server. For information, see your Windows 2000 Server documentation or visit the Microsoft Web site.

    Save the rootcert.der file to a location on the iFolder server or to a floppy disk. For example, a:\rootcert.der. Remember this location; you need it in Step 9.

  2. If your IIS server is not currently running, start your IIS server.

  3. To start the installation, go to the temporary directory where you saved the installation program, then double-click the installation program icon.

  4. The iFolder Installation Wizard opens on your desktop. Do one of the following:

    • New Installation of iFolder 2.1: Continue or Cancel the installation.

      If you click Continue, proceed to Step 5.

      If you click Cancel, the installation program exits and iFolder server is not installed. You can restart the install at a later time.

    • Repair of iFolder 2.1: If you are installing iFolder 2.1 to repair an existing iFolder server, the Installation Wizard automatically detects it. Proceed to Step 13.

  5. For new iFolder 2.1 installations, read the End User License Agreement, then do one of the following:

    • Agree (click Yes)

      The installation program proceeds.

    • Disagree (click No)

      The installation program exits and the iFolder server is not installed. You can restart the installation at a later time.

  6. To select Microsoft Active Directory as your LDAP server, click Active Directory.

    NOTE:If you have an eDirectory LDAP server and want to install the iFolder server software on a Windows 2000 server, follow the installation procedures in Section 5.2, Installing iFolder on Windows/IIS/eDirectory.

  7. Select to extend the Active Directory schema, install iFolder, or both by selecting one of the following options:

    • Complete Install: Install the iFolder server and extend the Active Directory schema.

      This option requires that you have the necessary credentials as the iFolder administrator and as the schema administrator.

    • Install iFolder Server Only: Install the iFolder server.

      Before you install iFolder server, you must extend the schema. Run the iFolder installation program with the appropriate schema administrator credentials and follow the Extend Directory Schema Only path.

    • Extend Directory Schema Only: Extend the Active Directory schema for an LDAP server.

      This option only extends the schema. It does not install the iFolder server software to your iFolder server. Before you can use the iFolder server, you must repeat the installation with the appropriate iFolder administrator credentials to follow the Install iFolder Server Only path.

      If a secondary Active Directory LDAP server exists outside the forest where the primary Active Directory LDAP server is installed, you must run the iFolder installation program again and select this option to extend the schema for the secondary Active Directory LDAP server.

  8. If you chose the Complete Install or Extend Directory Schema Only options in Step 7, verify your credentials to extend your Active Directory schema by specifying your schema administrator Distinguished Name and Password.

    • Distinguished Name: Type the full context, using commas with no spaces as deliminators. For example, type cn=administrator,cn=users,dc=your-domain-name,dc=com.

    • Password: Type your schema administrator password in this case-sensitive field.

  9. Configure the global settings for your Active Directory LDAP server that your iFolder server uses, then click Next.

    • LDAP Host Name: Specify the DNS name (such as ldap1.your-domain-name.com) of the server that acts as your LDAP server.

      Replace ldap1.your-domain-name.com with the actual DNS name of your LDAP server.

      This might be the same server that you are configuring as your iFolder server.

      IMPORTANT:The DNS name you use must already exist as an entry on your DNS server and point to the IP address of the destination server.

    • Port: Select the port type, based your security needs, for data exchanges between your LDAP server and your iFolder server.

      Select one of the following methods:

      • Clear Text: Specify any valid TCP port number to use for Clear Text exchanges. By default, Port 389 is used for Clear Text.

        Use Clear Text if you want to use LDAP without SSL encryption or if your LDAP server does not support SSL. Clear Text is also a good choice if iFolder and LDAP are running on the same server. Because no communication or data is being transferred across network connections, no encryption is necessary.

      • SSL: Specify any valid TCP port number to use for SSL exchanges. By default, Port 636 is used for SSL.

        Use SSL if you want to use SSL exchanges to provide your network with encryption and security when data is transferred across network connections.

    • LDAP Context Where iFolder Admin User Is Located: Specify the LDAP context. For example, cn=administrator,cn=users,dc=your-domain-name,dc=com.

      IMPORTANT:Make sure the first context in the list is the one that the iFolder administrator is in.

  10. Configure the iFolder settings for your iFolder server, then click Next.

    • iFolder Server Host Name or IP: Enter the DNS name (such as nif1.your-domain-name.com) or the IP address (such as 192.168.1.1) to use for your iFolder server.

      IMPORTANT:If you use a DNS name, that name must already exist as an entry on your DNS server and point to the IP address of the destination server.

    • iFolder Admin Names: Specify the default user ID for the iFolder administrator for this iFolder server. For example, administrator.

      The iFolder Admin Names are the users who have permission to manage the iFolder server, using the iFolder Management Console. You can assign more than one user ID to be an iFolder administrator.

      IMPORTANT:All of the users identified here must exist in the context identified in Step 9.

      If you have multiple user IDs, separate them with semicolons and with no spaces. For example,

      administrator;jsmith;acatt
      
    • Local iFolder User Database Path: Specify the path on the iFolder server where user data for all the iFolder accounts will be stored. For example, e:\iFolder, where e: is the volume and iFolder is the directory. You can edit the value later, if desired, in the Windows Registry.

      IMPORTANT:The volume you specify must already exist on the Windows server. The iFolder installation program will not create it for you dynamically.

    • Install on Which IIS Web Site?: If there are multiple Web sites on your server, select where you want to install iFolder.

  11. Review the settings you entered in the previous steps. To return to previous pages and change the settings, click Back and repeat the steps, as necessary.

    When you are done, click Next.

  12. Log in to Global Settings in the iFolder Management Console to finalize the installation.

    1. Open the iFolder Management Console.

      Do one of the following:

      • Select the Administer iFolder option on the last window of the iFolder installation process.
      • From a Web browser on your installation workstation, go to the iFolder Management Console, click File > Open, then enter the following URL:

        https://nif1.your-domain-name.com/iFolderServer/Admin

        IMPORTANT:This address is case sensitive.

        Replace nif1.your-domain-name.com with the actual DNS name or IP address of your iFolder server.

    2. Click Global Settings, then log in.

      When the browser opens to the Global Settings page, the installation is complete.

  13. If a version of iFolder 2.1 already exists on the server as identified in Step 4, do one of the following:

    • Repair iFolder 2.1: Click Upgrade/Repair. The iFolder Installation Wizard requests that you confirm the repair of iFolder 2.1.

      To accept, click Yes. The reinstall continues and uses the current settings of your iFolder 2.1 server as the default settings. iFolder notifies you when the repair installation is complete. User data remains untouched.

      To decline, click No. Your iFolder 2.1 server is not repaired.

    • Uninstall iFolder 2.1: Click Uninstall. The iFolder Installation Wizard requests that you confirm the uninstall of iFolder 2.1.

      To accept, click Yes. The iFolder uninstall process stops the iFolder server and removes all iFolder files and settings. iFolder notifies you when the uninstall is complete.

      IMPORTANT:User data remains on the server; you must remove it manually. The extensions of the Active Directory schema also remain.

      To decline, click No. iFolder 2.1 is not uninstalled.

    • Extend Directory Schema Only: Click Extend Directory Schema Only.

      Use this option to extend the schema for secondary or additional Active Directory LDAP servers that exist outside the forest where the primary Active Directory LDAP server is installed.

      To enter your schema administrator credentials, see Step 8.

      To enter the information about your secondary LDAP server, see Step 9.

  14. To exit the Installation Wizard, click Finish.