In order to connect the customers on-prem target systems, the IAM.cloud on-prem gateway needs to be deployed within the customers on-prem environment.

Prerequisites

The server to be provided by the customer has to fulfil the following prerequisites:

  • Windows Server 2019 or higher

  • .Net Framework 4.7.2 or higher

  • Powershell 5.1 or higher

  • at least 2 GB HDD space

The powershell execution policy has to be set to remote-signed.


Set-ExecutionPolicy RemoteSigned
POWERSHELL


The customers firewall needs to allow traffix towards the following end points:


HTTPS (TCP 443) to https://iam4cloud.azurewebsites.net

HTTPS (TCP 443) to https://app.<CustomerID>.iam.cloud
TEXT

The IAM.cloud on-prem gateway can be run in system context (local system) as well as in the context of a dedicated service user account.

If the customer decides to run the IAM.cloud on-prem gateway using a dedicated service user account, the user accounts needs to be allowed to log on as a service. This can be configured using a local policy. More information about how to enable a service user account to logon as a service can be found here:


Download the installation script from IAM.cloud

Customers need to download the installation script from IAM.cloud using the following powershell command:


iwr https://iam4cloud.azurewebsites.net/IAMCloudGateway/installer/setup.ps1 -OutFile setup.ps1
POWERSHELL


Installing IAM.cloud on-prem gateway

To install the IAM.cloud on-prem gateway, call the installation script with the following options:


 -Install ==> command line option to install the IAM.cloud gateway -CustomerID ==> the customer ID (you'll recieve the customer ID from your IPG repesentative) -User ==> use the user name of an employee being equipped with the IAM.cloud administrator role -Password ==> user the password of the corresponding user -ServiceUser ==> name the service user account that the IAM.cloud on-prem gateway shall run as (optional) -ServiceUserPassword ==> password of the service user account (optional) -Silent ==> used to supress all output (optional)

-LogFile ==> write the outout to the named logfile (optional) 
POWERSHELL


Make sure the powershell console is run in administrative mode. Otherwise the installation will fail.

A valid installation script call may look like this:


.\setup.ps1 -Install -CustomerID democorp -User john.doe@democorp.mail -Password secret123!
POWERSHELL