In order to connect the customers on-prem target systems, the IAM.cloud on-prem gateway needs to be deployed within the customers on-prem environment.

Prerequisites

The server to be provided by the customer has to fulfil the following prerequisites:

• Windows Server 2019 or higher

• .Net Framework 4.7.2 or higher

• Powershell 5.1 or higher

• at least 2 GB HDD space

The powershell execution policy has to be set to remote-signed.

Set-ExecutionPolicy RemoteSigned

The customers firewall needs to allow traffix towards the following end points:

HTTPS (TCP 443) to https://iam4cloud.azurewebsites.net

HTTPS (TCP 443) to https://app.<CustomerID>.iam.cloud

The IAM.cloud on-prem gateway can be run in system context (local system) as well as in the context of a dedicated service user account.

If the customer decides to run the IAM.cloud on-prem gateway using a dedicated service user account, the user accounts needs to be allowed to log on as a service. This can be configured using a local policy. More information about how to enable a service user account to logon as a service can be found here:

Download the installation script from IAM.cloud

Customers need to download the installation script from IAM.cloud using the following powershell command:

iwr https://iam4cloud.azurewebsites.net/IAMCloudGateway/installer/setup.ps1 -OutFile setup.ps1

Installing IAM.cloud on-prem gateway

To install the IAM.cloud on-prem gateway, call the installation script with the following options:

 -Install ==> command line option to install the IAM.cloud gateway -CustomerID ==> the customer ID (you'll recieve the customer ID from your IPG repesentative) -User ==> use the user name of an employee being equipped with the IAM.cloud administrator role -Password ==> user the password of the corresponding user -ServiceUser ==> name the service user account that the IAM.cloud on-prem gateway shall run as (optional) -ServiceUserPassword ==> password of the service user account (optional) -Silent ==> used to supress all output (optional)

-LogFile ==> write the outout to the named logfile (optional) 

Make sure the powershell console is run in administrative mode. Otherwise the installation will fail.

A valid installation script call may look like this:

.\setup.ps1 -Install -CustomerID democorp -User john.doe@democorp.mail -Password secret123!

Related articles

• Page:
  Connect to Azure Active Directory
• Page:
  Installation of the IAM.cloud on-prem gateway
• Page:
  Connect to on-prem Microsoft Exchange
• Page:
  Connect to Microsoft 365 Exchange Online
• Page:
  Connect to on-prem Active Directory