5. Installation Task List

Use this chapter as a reference in planning your installation and configuration of ID-Synch. The following tasks are carried out in a typical installation, and are carried out in roughly the sequence shown here:

1. Prepare and install an ID-Synch server on the network. Assign a static IP address and DNS name for this server.

2. Configure target systems to work with ID-Synch:

   Note:

   It is recommended that you begin with simple systems, install and test ID-Synch to work with those systems, then set up more complex systems.

   
   

   1. Configure the underlying client software on the ID-Synch server.

   2. Test to ensure that each software component works correctly after they have all been installed (this is to ensure there are no conflicts with target system clients).
   3. Install ID-Synch software components on target systems that require it.
   4. Create target administrator and test accounts on target systems using the native tools of that system.
   5. Write scripts to define interaction between ID-Synch and target systems that require specific instructions (e.g. Unix).

3. Install ID-Synch on the server using setup.

4. Add the target systems to ID-Synch using the Central console (nph-psa.exe).

5. Configure ID-Synch using the Central console (nph-psa.exe):
   • Define console users
   • Define locations
   • Define account types
   • Define templates and roles
   • Configure the Central console (nph-psa.exe)
   • Configure the Account management console (nph-ida.exe)
   • Configure general options
   • Password strength rules
   • Define identification and authentication lists

6. Implement e-mail notification
   • Assign authorizers to templates and roles. These may be individuals or groups.
   • Assign ID administrators if required (they receive notification from Request tracking module (nph-ids.exe) to assign a unique ID for each add request through Request tracking module (nph-ids.exe)).
   • Configure authorizer delegations.

7. Configure and test individual self-service web modules

8. Optional: Configure the ID generator plug-in that will generate a unique login ID for each new request. You can configure the plug-in to generate login IDs that match business standards (e.g. first initial, full last name).

9. Run overall process for a sample or test-input of up to 10 Request tracking module (nph-ids.exe) accounts (users) to verify proper software installation, configuration and functionality. This process will include the following:
   • Add
   • Change
   • Suspend
   • Restore
   • Delete

10. Run nightly update.

11. Optional: Install additional proxy servers.

12. Optional: If you will be using SSL to encrypt communication with the ID-Synch server, obtain and install a cryptographic certificate, signed by a certificate authority (CA) trusted by the web browsers deployed in your user population

13. Deploy ID-Synch.
    • Notify users
    • Activate features in production
    • Phase in ID-Synch deployment