IdPQuickIInstallUserInput
Input required from the user during instalation
During Installation The user is prompted for the following information:
- Installation Directory
This is the root of the installation and will usually be\Program Files
or\Program Files (x86)
on the system drive. The user can override this to be wherever is appropriate.
- DNS Name of Host
This is used to name the IdP endpoints in the generated metadata. It is populated from the environment variableUSERDOMAIN
.
- Ports
These are the ports used by the IdP for user interaction ("Browser facing port") and for the backchannel connection ("Shibboleth facing port"). These values are used to configure Tomcat and to populate the IdP endpoints in the metadata. These default to the usual values of 443 and 8443
- Active Directory Name
This is the name of the Domain from which the IdP will serve authentication and attributes. It is populated from the environment variableUSERDNSDOMAIN
.
This value is primarily used to limit the search scope for LDAP lookups.
- Scope
This is the scope that will be associated with eduPersonScopedAffiliation, eduPersonPrincipalName and the SAML1 variant of eduPersonTargetedID. Scope is often related to the Active Directory name or the DNS Name of the host, but there is never an algorithmic relation and so no default is provided. Values in US or UK academia often take the formorgname.edu
ororgname.ac.uk
.
This is used to configure the attribute generation in the IdP and to populate the metadata.
- AD Server/Port
These are used to generate the connection string for the LDAP connection. These are the parameters which select whether to run against a specific domain or a Global Catalog. If you specify the GC (port 3268 then the LDAP search path with be amended suitably.
- Username/Password
This pair is used to provide access for the authentication and the attribute generation. The domain account associated with this pair should have only those permissions that are required to gain access to the AD LDAP.