Installing the Windows Password Listener

This chapter describes how to run the DirX Identity Windows Password Listener installation procedure on Windows Server 2016 (Long-Term Servicing Channel) / Windows Server 2019 (with Desktop Experience) platforms to install the DirX Identity Windows Password Listener on a machine.

This procedure is only necessary if you intend to capture user passwords for password synchronization. Then you must install the Windows Password Listener on all machines that contain an Active Directory installation.

The Windows Password Listener does not require an installation of any other DirX Identity component on the same machine.
The Windows Password Listener needs a Java Environment only during the installation and un-installation process. For un-installation, a Java at any place of your system accessible through the system “path” variable is sufficient.

The installation creates the Windows Password Listener configuration files libdxmEventListenerAds.ini and options.ini with the default values. During an update or upgrade installation, the values are taken from the existing files or from input during the installation.

Upgrade installations are supported from Windows Password Listener versions 8.7 and 8.9.

For installing the Windows Password Listener on several domain controllers, you can install the software once on one domain controller and then create the response file. You can then copy and use this response file on the other domain controllers and run the installation without user interaction (see section "Unattended (silent) installation") based on this response file.

The Windows Password Listener uses ActiveMQ messaging of a DirX Identity installation as its messaging service. The Windows Password Listener installation procedure asks for the host name and port number of the already installed messaging service and whether you want to use SSL for the messaging connections. If you check SSL, you can proceed with the installation and afterwards copy the files ca-crt.pem, client-key.pem and password.properties from the DirX Identity installation ssl subfolder where they have been created to the ssl subfolder of the Password Listener installation before you start the Password Listener service.

The Password Listener cannot encrypt passwords in the password.properties file. You must copy a file with encrypted values that is working in the Identity installation. If you change the password value in the installation environment, you must copy the file with newly encrypted values again.

If SSL is set, the Password Listener always performs client-side SSL to the ActiveMQ Message Server. For a description of how to create these SSL related files on the DirX Identity side, see the chapter “Securing Identity Server Connections with SSL” in the Connectivity Administration Guide.

Installing the Windows Password Listener

  • Run setup.exe from the DirX Identity DVD. Setup displays a dialog box:

  • Click DirX Identity.

  • Click Install DirX Identity Windows Password Listener.

image1

  • Click Next.

you can click Cancel at any time to leave the installation program. You can click Previous at any time to return to a previous dialog.

image2

  • Setup displays a License Information dialog.

  • Read the licensing information, and then click Yes and then click Next. Clicking No cancels the installation.

image3

  • Setup displays a Customer Information dialog.

  • Enter your name and your company name in the fields provided, and then click Next.

image4

  • Setup asks you to select an installation directory. It displays the default location in the field provided.

  • In this dialog, you can:

  • Click Next to select the default location.

  • Click Choose to select a different directory, and then click Next.

image5

  • Setup asks you where you would like to create product icons. It displays the default location in the field provided.
    Note: If you upgrade from an older version, the currently used Program Group name is shown In a new Program Group: (in the picture above, from version V8.9). Otherwise, a default name is shown.

  • In this dialog, you can:

  • Click Next to select the default location.

  • Select a radio button of another predefined location and then click Next.

image6

  • Setup asks you for information about the message server.

  • Enter the host name of the machine on which the message server is installed and the port number of the message server in the fields provided.

  • Check Use SSL if you want to use an SSL connection to the server.

  • Click Next.

Be sure that your DNS (domain name service) works correctly if you use symbolic names for the host name. If you are not sure, use a TCP/IP address instead. If you use SSL, you must give the exact same server name of the messaging server that is used in its server certificate.

image7

  • Setup displays the installation selections you have made and asks you to review them.

  • Click Previous to change any settings you have made. Otherwise, click Install.

image8

  • Setup displays the installation status.

  • When Setup completes the installation, it displays the following dialog.

image9

  • Click Done to exit Setup.DirX Identity Windows Password Listener installation is now complete.

  • Wait for restart of the computer.The restart is necessary to register the Windows Password Listener Plugin DLL correctly into the LSASS service of the Windows domain controller.

Unattended (Silent) Installation/Uninstallation

You can install the Windows Password Listener on a machine without interaction.Follow these steps to create a silent setup:

  • Copy the content of the folder DirXIdentity/WinPWListener from the DVD to a folder on your machine.

  • Customize the file dirxidty_wpl.properties.

  • Start the installation program in the folder on your machine.

  • Check for errors

Here is the content of the file dirxidty_pwl.properties:

##############################################################################
# DirX Identity - Windows Password Listener install properties for
# InstallAnywhere
##############################################################################
# Release Information
# Release=8.10
# Version=8.10
# Build=nn
# CreationDate=YYYYMMDD
##############################################################################
# installer created with InstallAnywhere by Flexera
# InstallAnywhere 2021 Build 6526
##############################################################################
# InstallAnywhere install properties
##############################################################################
# UI mode for the installer
# INSTALLER_UI=[SILENT | CONSOLE | GUI | SWING | AWT]

# default for Windows: swing
# default for Unix: console

###############################################
# Note for Windows:
# if INSTALLER_UI is set to swing, than installer does not prompt with a
# dialog "Not enough space...", if necessary
###############################################

#INSTALLER_UI=swing
##############################################################################
# own DirX Identity - Windows Password Listener install properties
##############################################################################
#-----------------------------------------------------------------------------
#Get User Information
#--------------------
#PROP_DX_USER_INFORMATION_1=<userName>
# default:
#PROP_DX_USER_INFORMATION_1=<login user>

#PROP_DX_USER_INFORMATION_2=<companyName>
# default:
#PROP_DX_USER_INFORMATION_2=<>

#-----------------------------------------------------------------------------
#Choose Install Folder
#---------------------
# PROP_USER_INSTALL_DIR=<path>

# default for Windows:
# PROP_USER_INSTALL_DIR=$PROGRAMS_DIR$$/$Atos$/$Windows Password Listener

# Note for Windows:
# If an install path for Windows Password Listener is found in the registry,
# then this path will be taken!

# PROP_USER_INSTALL_DIR=$PROGRAMS_DIR$$/$Atos$/$Windows Password Listener
#-----------------------------------------------------------------------------
#Choose Shortcut Folder
#----------------------
# PROP_USER_SHORTCUTS=<program group>

# default:
# PROP_USER_SHORTCUTS=$WIN_COMMON_PROGRAMS_MENU$$/$Atos DirX Identity$/$Windows Password Listener

# Note for Windows:
# If a program group for DirX Identity is found in the registry,
# than this program group is taken!

#-----------------------------------------------------------------------------
#Get Information about the Message Server
#----------------------------------------
#PROP_DX_LOCAL_HOST=<hostName>

#PROP_DX_PORT=<port>
# default:
#PROP_DX_PORT=61616

#PROP_DX_Q_MGR=<Q-Name>

# use SSL
#PROP_DX_USE_SSL=[0|1]
# default:
#PROP_DX_USE_SSL=0
#-----------------------------------------------------------------------------

#Get Service Account Information
#-------------------------------
#PROP_DX_ACCOUNT=<accountName>
#PROP_DX_USER_PASSWORD=<password>
# ------------------------------------------------------------------------------
# sleep time
# installation / uninstallation is waiting, when the service will be removed
#PROP_DX_SLEEP_TIME=<msec>

# default:
#PROP_DX_SLEEP_TIME=10000
# ------------------------------------------------------------------------------

# Restart Windows - (De)-Installation in silent modus
# Note:
# When you want to force a reboot, if necessary,
# you can set the following variable

# PROP_RESTART_NEEDED=YES
# ------------------------------------------------------------------------------