In previous post we discussed installing and configuring vCAC identity and vCAC appliance. In this post we will continue and finish initial configuration of VMware IaaS Component. At the end of this post all installation of vCAC will be done.
|vCPU||Mem (GB)||Disk (GB)||OS (Windows)||Application||Database|
|2||8||30 GB||Windows 2008 R2 SP1
IIS 8.0. Net Framework 4.5
|SQL Server 2008 R2 express and above|
We need IIS and .Net Framework to be installed. By default windows 2008R2 comes with 3.5 (.Net Framework). You must upgrade it to 4.5 once below steps are done.
No need to download 4.5 .Net frame work. It is included in the vCAC appliance which I have mentioned below.
1) Below screen explains installation of .Net Frame work and IIS component
2) Select all services except Named Pipes Activation.
Installation document doesn’t mention components you should select for .net frame installation. You can select all.
3) Select IIS component
3a) Select self signed certificate. During installation you should choose self-signed certificate and later on change it to CA signed
3b) Select IIS Management Compatibility, ASP, CGI (CGI not mentioned in the document)
IIS Authentication Settings
1) Disable Anonymous Authentication
If you are new (like me) to IIS, click on authentication icon that see in first page and then you will be able to see above screen.
2) Enable Windows Authentication
In the same window at the bottom you will see Windows Authentication. Enable it.
3) Enable NTLM Provider & Negotiate Provider
By default both these settings are enabled. But some unknown reason these settings are not detected by installer. we just have to toggle these settings i.e. remove NTLM and Negotiate provider as shown below and re-add
3a) In above screen we removed the providers and in below screen we are adding it back. Follow the sequence
4) Similar thing we need to for Windows authentication Kernel mode. Follow steps in the order mentioned below
4a) Follow steps in reverse order to restore the setting to the original (not shown here).
5) Secondary Logon service must be running if you are installing DEM, Manager Service. By default this service is to start manually, please change it to Automatic.
6) You must also enable MSDTC on all nodes of SQL.
7) Document does mention PowerShell as a pre-requisite but starting 2008R2 it is integral part of the OS. So with this all pre-requisite are covered, just change the execution mode to remotesigned.
Now let’s start the actual installation.
1) To start installation you have to download IaaS setup file from vCAC appliance. Just login to vCAC appliance and download it as shown below
It is recommended not to change the name of the download. It will assist IaaS installable to read the vCAC appliance details automatically.
2) Just enter root credentials for the vCAC appliance and press Next
vCAC appliance name (seen above) is automatically populated if you have not changed the name of downloaded file
3) Select Complete installation option here.
Select Custom Install to scale installation where you want to install components on different machine. Using custom install you also get option to install proxy agents to talk to end points.
5) Now pre-flight checklist is shown.Options which are red must be corrected. Best thing about this preflight check list is that it explains how to fix the problem.
6) Please note after you fixed the problem you just need to press Check Again button. Another helpful thing developers did for us
7) Fill in the credentials for vCAC service account and Passphrase.
In Second half of the screen please provide MSSQL server details. Wizard automatically checks the connection to the SQL server. Mention the name for DB. You can pre-create DB using script provide by VMware in vCAC appliance screen shown above.
Database permission needed vCAC are of sysadmin level. Please see that these permission assigned to service account
8) Below are default names automatically populated for DEM worker and Orchestrator (DEO). No need to change the default name unless you have good reason to do so.
Also select the check box to Install and configure vSphere agent if you are going to use vCenter as endpoint.
At this stage all user inputs are completed. Now we must review what we selected and what is going to be installed. It is worth pointing out most of the core components can be scaled out. I will be discussing scaling out option in detailed in future posts
Installation progress takes anywhere between 7-10 mins. Please be patient
It is recommended to check if all core services of vCAC have been started.
Reference: I learnt vCAC’s IaaS installation from Jad El-Zein website. I’m thankful to him for sharing it.