Installing Directory Password


Quick Installation of Prerequisites

You can quickly install all of the roles and features necessary using the PowerShell's Server Manager module. This allows you to specify all the roles and features required.

Windows Server 2008 R2
1.  Open a PowerShell command prompt as an administrator 
2.  Type Import-Module ServerManager and press Enter
3.  Type Add-WindowsFeature Web-Server, Web-Basic-Auth, Web-Windows-Auth, Web-ASP-NET, Web-Net-Ext, AS-Web-Support and press Enter
4.  Reboot if prompted.
          
Windows Server 2012 / Windows Server 2012 R2
1.  Open a PowerShell command prompt as an administrator  
2.  Type Import-Module ServerManager and press Enter
3.  Type Add-WindowsFeature Web-Server, Web-Basic-Auth, Web-Windows-Auth, NET-FRAMEWORK-45-Core, NET-FRAMEWORK-45-ASPNET, Web-HTTP-Logging, Web-NET-Ext45, Web-ASP-Net45 and press Enter
4.  Reboot if prompted.
          
Windows Server 2016
1.  Open a PowerShell command prompt as an administrator 
2.  Type Import-Module ServerManager and press Enter
3.  Type Add-WindowsFeature Web-Server, Web-Mgmt-Console, Web-Scripting-Tools, Web-Basic-Auth, Web-Windows-Auth, NET-FRAMEWORK-45-Core, NET-FRAMEWORK-45-ASPNET, Web-HTTP-Logging, Web-NET-Ext45, Web-ASP-Net45 and press Enter
4.  Reboot if prompted.
          

Installation of Directory Update

Directory Password is simple to install as long as the prerequisites all installed. Download the latest version from our Web site and unzip the DirectorySearch.msi file. Place the MSI file on the server’s local hard drive, such as in the c:\temp folder.

 Directory Update v2.x is required and must be installed on the same IIS server. Directory Update v2.x must be installed first.

You can usually just double-click on the MSI file to launch the installer, but on Windows Server 2008, the User Account Control security settings may be set so tightly that you have to launch the installer from the command line (don’t forget to “Run As Administrator”) like so:

msiexec.exe /i c:\temp\DirectoryPassword.msi
  1. On the installation wizard welcome screen, Click Next

  2. On the License Agreement screen, click “I Agree” and then click Next

  3. On the Select Installation Address, most installations use the defaults. From this screen, you can select a different web site, virtual directory name, or application pool. When you have made your selection, click Next.

  4. On the Confirm Installation screen, click Next

  5. The installation takes between 30 seconds and 1 minute and then the Directory Settings configuration screen appears. You may have to select it from the task bar as it sometimes appears “behind” the installer.

  6. On the Directory Settings screen, enter the host name of the domain controller, then DNS domain name of your Active Directory domain, the service/proxy account (in domain\username format), and the proxy account password. A common configuration problem is entering the FQDN name of the domain controller in the Domain Controller text box; this text box is for the host (short) name of the domain controller. Click the “Test Directory Settings” button and then click Next.

    Directory Settings screen

  7. On the Licensing Information Screen, copy and paste the organization name and license key that you were provided after you purchased the software. If you select the Evaluation checkbox, the software is fully functional in Evaluation mode for 10 days and you can run the configuration wizard later to provide the licensing information. Click Next when finished.

  8. On the Directory Password Information screen, click Next

  9. On the Installation Complete screen, click Close

  10. Immediately test the installation by using a Web browser to visit http://localhost/DirectoryPassword (the default URL if you are checking from the console of the server) or http://yourservername.yourcorp.local/DirectoryPassword (if you are checking from elsewhere on your network.

You can now proceed to customizing the application.


Installation Checklist

  1. Test the default installation (with no customizations)

  2. Create or use a dedicated IIS application pool for Ithicos applications.

  3. View / Edit the AppSettings.XML file to confirm that the field names, notification settings, and logging are configured the way you want.

  4. View / Edit the PasswordSettings.XML file to confirm the password policy is at least as strict as your Windows policy.
  5. Enable file logging and/or auditing in the AppSettings.XML file.

  6. Set file system permissions for photos and log files (if necessary)


Enabling the Password Change tab in Directory Update

Before users can use Directory Password, they first have to answer their security questions in Directory Update. The Password Change tab in Directory Update does not appear by default. Locate the following line in the Directory Update AppSettings.XML file:

<passwordChangeTab visible="true" title="Password Change"

This is where you enable the Password Management tab for Directory Update.


File System Permissions

If you wish to allow Directory Password to record a text (CSV) file log of all changes made using Directory Password, you must give the NETWORK SERVICE the following persmissions to the .\Logs folder: Modify, Read & Execute, List Folder Contents, Read, and Write. The .\Logs folder is found (by default) at c:\inetpub\wwwroot\directorypassword\Logs.