Showing posts with label IIS7.5. Show all posts
Showing posts with label IIS7.5. Show all posts

Thursday 11 December 2014

Configuring DCC Webgate 11g with IIS7.5 on Windows 2008 R2

 Pre-requisites:

  1. IIS Server Role is already added: In case not follow Configure IIS Server Role
  2. IIS Site is created: 
    1. IIS Site Global Configuration IIS
    2. New Site Creation
  3. IIS R2PS2 Webgate is installed & configured with the IIS Sites: Configure IIS R2PS2 Webgate 11g

Let's start the process:

  • Open OAM Console : http://host:port/oamconsole
  •  Create Webgate Agent Profile:
    • We need to create 2 profiles: One is the resource webgate profile & other is DCC webgate profile.
  •  Create Resource Webgate Profile: rwg-9090
Note: I have configured my OAM Server in Simple Mode, that's why security mode is chosen as 'simple'.
  • Create DCC Webgate Profile: dcc-9091
Note: Once you have created  the profile, to make it DCC we need to tick the detached credential collector flag.
    • Once done the change, click apply to reflect the changes.
  •  Now we need to add resources to with the DCC profile just created:
    • We need to add a few excluded resources, so that no authentication/authorization is made for them.
    •  Select the dcc-9091 profile:
    •  Let's create excluded resource:

    •  We have created following excluded resources:
      • /favicon.ico
      • /oamsso-bin/login.pl
      • /oamsso/** - Note this is an additional resource to be excluded as for IIS this needs to be excluded. Other wise for other servers it is not required.
  •  Now we need to create a DCC Authentication Scheme: This scheme will be used by resource webgate & dcc webgate both.



  • Now we need to attach the both created authn scheme with the profiles:





  •  You can see that i have created 2 IIS sites & webgate is already configured with both of them.
  • Now copy the artifacts to the webgate instance directory in the respective resource & dcc webgate sites.
    • In our setup: we have rwg-9090 for resource webgate & dcc-9091 for dcc webgate.
  • Once done, restart the IIS Server: using the command 'iisreset'. 
  • Now access the protected resource webgate url:
          http://host:9090/welcome.html
    • Did you noticed you get this login page, having url as http://host:9091/oamsso-bin/login.pl
    • This is the challenge url that we have mentioned in the dcc authn scheme.
    • With DCC webgate in picture, the oam server ip port is mot visible to the end user, that's why it is a detached credential collector. It has detached the credential collection process from the OAM Server.
    • Now it is the DCC which creates OAP/NAP connections with OAM Server.


This end's the DCC Webgate Configuration with IIS 7.5/8.5 on Windows 2008 R2.

 Enjoy :-)

Posted by at No comments:
Labels: , , , , , , , ,

Thursday 21 August 2014

Creating an IIS7.5 New Site (Integrated Mode)

Creating an IIS7.5 Site in Integrated Mode: 

     ·         Go to Sites -> Right Click -> Add New Site








      ·         Now provide the details & Press Ok. Your site is created now.
o   If you explore your site, you will see that perl & cgi handler are already present.
Because we have added them at global site level already.
      ·         Remember the name of the site created. Like we created a site with name “ecc_ship_r2ps2”.
o   As this name is required at the time of webgate configuration.

1)      Application Pool –
This site created above is in “Integrated Mode”.



Note: Here the .net version is v2.0 but if in future we want to use ObPrincipalModule.dll with our deployed app than this version needs to be changed to v4.0

2)      Check Handler Mapping:
Go to IIS -> <Your Site> -> Open Handler Mapping
Note: In case you see that ISAPI.dll is disable, it means it is not having execute permission. Just right click & enable it.





o   Give Execute Permission to it.




We are done with IIS7.5 new site creationin Integrated Mode............!!!!!!!!!!!!!!!


Enjoy :-)

Posted by at No comments:
Labels: , , , , , ,

Integrating OAM 11G R2PS2 Webgate Impersonation Module in IIS7.5 Windows 2008 R2

Lets start the process: Just follow below steps :-)

1)  Follow Steps for Pre-requisites (Windows Server 2008 R2)

·         IIS 7.5 Server Role Configuration  
·         IIS7.5 Site Configuration -

2)  How to Perform –

·         WebGate11g Installation & Configuration on Windows 2008R2 - IIS7.5 Server
·         Enabling Impersonation Module

3)  Troubleshooting Section (to be updated soon)


4) Configuring DCC Webgate in IIS 7.5-

Posted by at No comments:
Labels: , , , ,

IIS7.5 Global Site Default Configuration

Global Site Configuration Steps:

    1)      Considering IIS Server Role is already added to your Windows Server 2008 R2 Box. 
          In case not than open below mention link.
          IIS7.5 Server Role Configuration

    2)     As we have added the IIS role in our Windows Server, now we need to create a site using which we will do the configuration with webgate.
    
    3)      Go to Start -> Internet Information Services (IIS) Manager

4)     Explore the localhost connection

     5)      Adding support for perl & cgi execution -> Go to Handler Mappings


  • In case you see, ISAPI.dll as disabled than enable it. Either you can enable it at global level or it can be enable per site basis as well.
  • Now we need to add the support for cgi & perl script execution. Their support can be added at global or per site level basis.
  • We are adding them at global site level.
    •  Add Script Map for .pl & .cgi support







      ·         Checking Execute Permission


Check whether execute permission is granted or not to both .cgi & .pl handlers. In case it is not, than provide it execute permission.





You are done with Global Site Configurations...........!!!!!!!!!!!


Enjoy :-)

Posted by at No comments:
Labels: , , , , , ,

IIS7.5 Server Role Configuration

Configuring IIS Role in Windows Server 2008 R2

   1)        Click Start -> All Programs -> Administrative Tools -> Server Manager.




   2)      In the Server Manager window, right click Roles -> Add Roles. It will open a new window “Before you Begin”


     Press Next

    3)      Select Web Server (IIS) on the Select Server Roles page


Press Next

   4)      Select the IIS services to be installed on the Select Role Services page
Add all the roles services as seen in the BELOW pictures.




     Press Next, once the desired roles are added.

5)      Add any required role services.



6)      Proceed Next, IIS is now installed with a default configuration for hosting ASP.NET on Windows Server. Click Close to complete the process.

 7)      Confirm that the Web server works by using http://localhost.

8)      Now you can see that in the Server Manager -> Roles -> Web Server (IIS) is listed.

    •           And you can verify the Role Service added to it as well.



Now you are done with the IIS Server Role Configuration.............!!!!


 Enjoy :-)

Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)