Install the Web Help Desk

If you are upgrading from a version of the Web Help Desk earlier than 6.8, you must first upgrade ActivID AAA Server to version upgrade to 6.8, and then install version 7.0.

If you are upgrading from a previous version of the Web Help Desk (6.6 and above), you must backup the Security Questions and Answers data (if configured) and uninstall the Web Help Desk before upgrading. For more information, see Upgrade to Web Help Desk 7.0.

Prerequisites:
  • You must have installed and configured AAA Server to authenticate users seeking access to network resources.
  • During the AAA Server installation, you installed the ActivID SKI Connector. This component is required for the mandatory SSL connection between the AAA Server and the Web Help Desk.

    You must have available the SSL certificates generated by the AAA Server setup and the passwords you set for the certificates.

  • The local account used to install and use the Web Help Desk must have at least ‘Modify’ permissions on the workstation.
  1. Download the AAA Server installation package from the HID IAMS Customer Download Portal (https://iamsportal.hidglobal.com).
    2. Note: Please contact your authorized reseller for access information.

    To start the setup process, extract the downloaded archive (.zip file) then double-click the Start.exe file.

  2. Click Install.

    3. inset_17.jpg 

  3. Click Install AAA Web Help Desk & AAA Web Self Desk.

    Alternatively, run the Setup-4T-AAA-Web-Help-Desk-7.0.msi in the Installers directory from the extracted installation package directory.

    4. Note: Do not run the setup from a .zip file. You must unzip the distribution before running the Setup-4T-AAA-Web-Help-Desk-7.0.msi.
  4. When the Welcome page is displayed, click Next.
  5. When the Software License Agreement is displayed, review the warranty and liability information, accept the agreement, and then click Next.

    inset_1.jpg 

    • If the setup program detects an ActivID SKI Connector on the machine, it establishes a connection and automatically configures the SKI Connector host name and port.
    • If the setup program does not detect an ActivID SKI Connector on the machine, you must manually enter the SKI Connector details.

  6. In Web Help Desk Service Port, enter the number of the port for the web browser to use, and click Next.

    Note: If the specified Service Port is already is in use, a warning message is displayed, prompting you to select another port.
  7. In SKI Connector Host, enter the IP address or name of the machine hosting the SKI Connector.
  8. In SKI Connector Port, enter the port number for the SKI Connector, and click Next.

    A message is displayed if the connection to the specified SKI Connector is not established:

    inset_3.jpg 

    Important: If the SKI Connector is unreachable, you are not able to proceed with the installation. Click OK and re-check the installer configuration.

    9. inset_12.jpg 

  9. When the ActivID AAA Server for Windows setup was installed prior to AAA Web Help Desk setup, some security certificates were automatically generated. During the AAA Web Help Desk installation, two of these certificates are needed:

    • The SKI Connector server certificate
      • Note: SKIConnector.p12 by default. This certificate is required for the SSL connection to the SKI Connector service.
    • The Web Help Desk client certificate
      • Note: WHD.p12 by default. This certificate is required for the SSL connection from the AAA Web Help Desk service to the SKI Connector.

    By default, these certificates are stored in the C:\Program Files\ActivIdentity\AAA\Certificates directory by the ActivID AAA Server installer.

    Note: The installer should automatically navigate to this location, but certain security hardening conditions may cause you to need navigate to this directory manually.
  10. Click Browse to locate the Web Help Desk certificate.

    inset_13.jpg 

  11. Select the WHD.p12 certificate file and click Open.
  12. Enter the Password to decrypt the Web Help Desk certificate, and then click Next.

    You set this password during the AAA Server setup.

    inset_14.jpg 

  13. Enter and confirm a password to protect the Web Help Desk keystore and click Next.

    The password must be at least six characters long (alphanumeric).

    If the password does not meet the length requirements or the confirmation does not match, the wizard displays the corresponding warning messages.

    inset_15.jpg 

  14. Select how the setup configures the SSL connection between the Web Help Desk and the browser:

    • Select Automatically generate an SSL server certificate for the setup to generate an SSL certificate based on the Self-Signed certificate originally created by the AAA Server installation.
      • Note: You need to import this certificate into the Trusted Root Certification Authorities store for correct functioning of Web Help Desk and Self-Help Desk. If the certificate is untrusted in the web browser, Help Desk functions do not succeed.
    • Select Import an existing SSL server certificate to manually specify the certificate for the setup to import.

    If you selected to import an existing certificate, you are prompted to specify the certificate:

    inset_16.jpg 

  15. Click Browse to locate the SSL server certificate.
Note: You must select an SSL server certificate that is trusted by the web browser used by Web Help Desk and Self-Help Desk users. If the certificate is not trusted, Web Help Desk and Self-Help Desk functions does not succeed.
  1. Enter the Password to decrypt the SSL server certificate and click Next.

  2. In the Setup Type window, select either the type and click Next:

    By default, the destination folder is:
    C:\Program Files\ActivIdentity\AAA\WebHelpDesk

    inset_2.jpg 

    1. Click Change.

      inset_6.jpg 

    2. Enter or browse to the required directory and click OK, and then Next.

      inset_8.jpg 

  3. Click Install.

    inset_5.jpg 

  4. When the Completing the Web Help Desk Setup Wizard is displayed, select Show Readme to view the Web Help Desk Readme file, and click Finish.

Verify the SKI Connector Configuration

To test the connection to the SKI Connector, run the SKI Connector Configurator.

  1. From the Start menu, point to Programs, ActivID, AAA, and then click SKI Connector Configurator.

    inset_10.jpg 

    In the SKI Connector Configuration dialog box, the ODBC settings section displays the default DSN, user ID, and password of the account that is used to connect to the AAA Server Administration database display.

    These parameters are set during the installation of the ActivPack Administration Console Database.

  2. Click Test Configuration to verify the connection to the AAA Server databases.

    The AAA Server Authentication dialog box is displayed:

    WHD_Ch3_Install00014.jpg 

    Enter the username and password for the AAA Server Administration Console user, and click OK.

    This is the user designated for the SKI Connector.

    The system tests the configuration, and if successful, returns a message.

    If the test is unsuccessful, verify the configuration details.

  3. Select the Generic Operator tab.

    inset_9.jpg 

    The SKI Connector secures communication between the Web Help Desk / Self-Help Desk and the AAA Server service. Since the Self-Help Desk users cannot directly perform administrative functions on the AAA Server, the credentials of a “Generic” AAA Server operator account must be provided so that the Self Help Desk can be used.

    You can use the AAA Administrator account, or, for greater security and control, you can create a specific account in the AAA Administration Console specifically for this purpose. For example

    • If the Web Help Desk device assignment functions are used, then you can use the credentials of a Device Manager.
    • If the functions are not used, then you can use the credentials of a Help Desk operator.
  4. Enter the username and password for the Generic Operator.
  5. To verify that the specified account has the required access, click Test Generic Operator.

    The AAA Server Authentication dialog box is displayed:

    WHD_Ch3_Install00016.jpg 

    Enter the username and password for the Generic Operator, and click OK.

  6. Click Apply to save the configuration.
  7. When prompted to restart the service, click Yes.