How to Install SPS on your Domain Controller Print

Summary

This guide relates to our Simple Sign-On (SSO), Surp4ss! and IDx products. 

Our Agent SPS (Secure Provisioning Service) is the software that sends us the details of the objects on your Domain Controller (DC). SPS integrates your Active Directory(s) with IAM Cloud. Once your users have been synced to IAM Cloud, you can classify them and flow classified objects to a federated application. 

It is comprised of two parts: 

1. SPS itself sends the passwords over as soon as you change them triggering the system to update it straight away: a process that can take up to five minutes, but is usually done in a few seconds.

2. The second part is Push: this sends through the details of the AD objects on your DC, it also sends any changes made to an object. These changes sync through in 20 minutes - 2 hours depending on when the next sync is scheduled.

We will install SPS during  on-boarding, and normally you will need to do nothing to it other than press update occasionally. However there may be times that you need to re-install it. This will show you how.

Guide

SPS needs to be installed on the primary DC, and that DC needs to not be read-only. If it is, then we can install it on a secondary DC as long as all user changes will be done or replicated to that DC.

You can download it by logging into our admin portal (https://portal.iamcloud.net) with one of your administrator accounts. Once in, go to Applications and into Active Directory. There is a button to download SPS. All the information required during setup is on this page.

NOTE: You should be aware that Server 2003 is not officially supported. 

During the install, at 93%, a popup box displays asking for information. Occasionally this box will appear behind the instal GUI, so look in the task bar.

The Receiver UI needs to be added in twice (primary and secondary receiver UI are the same). The Connector ID and the Identity Store ID are the same, so copy it from below the button when asked, the Tenancy ID is there too. The Client Key is the Supplied Key.

At the end of the installation it says that you need to restart, but that is no longer required.