Enterprise Installation Instructions

From Direct Project
Jump to navigation Jump to search

Enterprise Installation Instructions


Installer MSI

You are strongly encouraged to read the documentation included with Developer Gateway Installer'.'
  • You may need to customize some settings. Many of the settings are configurable in the installer.
  • The docs should help in getting your system running and with trouble-shooting
    • If you see errors in the documentation, please fix them, but please do not use the Visual Wiki Editor.
    • If you think more docs are needed or have thoughts that could help others, please capture on a Wiki page.
  • Your efforts to diagnose your own system and getting it running are truly appreciated !!


Download


TeamCity builds at codebetter.com longer exist. The builds were migrated to Jetbrains and the agents or too strict to fully test the .NET Direct Project on them. Releases are not stored on GitHub

Current Release: 1.3.0.7 with support for policy enablement and HSM. Releases are marked as Beta. Need to get a new automated build system running and better integration tests before moving out of beta. Also HSM still needs some work to scale above 2000 certificates.

Next planned release: In the next couple months.

  • XD* No support planned
  • Policy and HSM enablement. Currently in alpha soon to be beta. Need testers.


Location of Binaries and Config Files
By default, the installer places all binaries and configuration files in C:\Program Files\Direct Project .NET Gateway.


Installation

Launch the installer. It is recommended that the following 4 installation types are installed in order to gain the most use from the installer integrated configuration and test features. But the components can be installed in any configuration you see fit.
Note: The Admin Tools in the form of console apps are not broken out into their own installation. If you think this would be beneficial then let us know.

Important: The "Developer gateway configuration SMTP" component should not be selected / installed anywhere on this page of instructions. If you want to install the "Developer gateway configuration SMTP" component go to Developer Gateway Installer

Database

Run installer.
The drop down in the following image represents installation types. The check boxes are components. Components can be individually installed.
InstallType_Database1_2.png
Respond to the batch script with database configurations.

The final step is to create an Admin account. A console will prompt you for a username and password. This will not succeed if you are only installing the database. The Admin account creation needs to be performed from the AdminConsole. AdminConsole is installed with Gateway or Config Services in the next sections. (Could add this feature in a later release.)

The Admin account can be created in the any of the following steps.

Config Services

Run installer.
Select the Config services install type. AdminConsole, AgenConsole and ConfigConsole will also be installed. The consoles are also installed with Gateway install type. Console apps have not been broken out into their own installations.
InstallType_ConfigServices1_2.png

Test the database connectivity for each service. Clicking next will persist the connection string to the web service config files. A green success or red failed label in the bottom left corner indicate test results.
ConfigServiceConnStr1_2.png

DnsServiceConnStr1_2.png

The following end points are tested for Admin Web UI. Each of the endpoints are validated of their existence by looking at the WSDL. For example the CertificateService described in the following wsdl [1] will have the Certificates and Anchors enpoints defined:

<wsdl:service name="CertificateService">
  • <wsdl:port name="BasicHttpBinding_ICertificateStore" binding="tns:BasicHttpBinding_ICertificateStore">
  • <soap:address location="[2]"/>
  • </wsdl:port>
  • <wsdl:port name="BasicHttpBinding_IAnchorStore" binding="tns:BasicHttpBinding_IAnchorStore">
  • <soap:address location="[3]"/>

</wsdl:port></wsdl:service>

The label caption indicates success when green and failure when red.

ConfigAdminUI1_2.png

Create Web UI Admin user.
CreateAdmin1_2.png

AdminConsole is launched requesting username and password. The AdminConsole is also available from the start menu or the root directory of installation.

Installation log files are stored in the Log folder of the installation directory.

DNS Responder


Run installer.
Select the DNS Responder install type.

InstallType_DnsResponder1_2.png

Config and test the DB connection string and DNS service web service. The label caption indicates success when green and failure when red.

ConfigureDnsResponder1_2.png

Gateway


Run installer.
Select the Gateway SMTP install type.

InstallType_Gateway1_2.png

Part I (Static Domain and Dynamic Domain)

Choose between static and dynamic domain configurations

IMPORTANT NOTE


Concerning domains, anchors and registering. Look at this close as this is where most first time administrators make mistakes.

Domain is your organizational domain. It is not your partners domain. If you own xyz.lab and abc.lab then add those two domains here. If you send messages to transport-testing.nist.gov do not add this domain.
After installation you will need to add your owned domains, certs and trust relationships with the Config Console or Admin UI. Examples below.
Adding your domain:
DOMAIN_ADD xyz.lab Enabled
DOMAIN_ADD abc.lab Enabled
Adding your certificates:
CERTIFICATE_ADD c:\xyz.pfx Passw0rd! Enabled
CERTIFICATE_ADD c:\abc.pfx Passw0rd! Enabled

Your trust relationship with transport-testing.nist.gov involves their anchor and your domain. So the following would be the command to add the nist anchor to your domain:
ANCHOR_ADD xyz.lab C:\nist.der NULL Enabled
ANCHOR_ADD abc.lab C:\nist.der NULL Enabled

OK, back to the installation.



Static Domain

Set the Domain Name for this installation. The domain will placed in the SmtpAgentConfig.xml file. You will still need to add it manually to IIS SMTP and register the domain with the Config Service (see below).

If there is more than one SMTP domain in your environment do the following:

  • Add yourdomain to SMTP Server via the IIS 6 MMC User Interface
  • Add yourdomain to the Gateway config file (called SmtpAgentConfig.xml by default)
  • Register your domain with the Config Service
  • Restart Smtp Server

Of course, for this to be a real email domain, you'll need to set up DNS with MX records etc.
GatewayConfigPartI_Static_1_2.png

Dynamic Domain

GatewayConfigPartI_Dynamic_1_2.png


Part II

Each of the web service end points are configured and tested with the same technique described previously. The DNS Resolver IP is configured only and is not validated with the test button. The DNS Resolver IP should point to the DNS server used for your internet end point resolution. It is not the same as the DNS server you are installing. The DNS Resolver IP will also be written to the SmtpAgentConfig.xml file.
GatewayConfigPartII_1_2.png

Notice below what a failed MDN Monitor and Trust Bundle Manager test would look like. This failure can be ignored if you are not using the Direct Monitor Windows Service. If monitoring MDN responses the correct web service end point example is: [4]. If using Trust Bundle Manage the correct web service endpoint example is: [5]

GatewayConfigPartII_FailEndpoints_1_2.png


Part III

Configure message folders and the SMTP pickup folder.
Note: Incoming, Outgoing and Raw should only be used in development or for troubleshooting. Routing is the correct way to route incoming messages.
GatewayConfigPartIII_1_2.png

Gateway Console

Configure and Test.

Part I

GatewayConsoleConfigPartI_1_2.png

Part III

GatewayConsoleConfigPartII_1_2.png