We separate the Webhook listener from the Admin Portal because we need to open access from the outside to Microsoft. This Listener Server can be installed in the DMZ of the organization.
...
Enable IIS on target machine (all the checkboxes)
Copy all the content from the zip file (from the payload) into new folderpackage payload: C:\fsAgat\share\Build Versions\Production\SphereShield.Setup\Payload\SphereShield.Listener into a new folder under Inetpub.
Replace these files with the ones from AccessPortal folder:
SphereShield.CasbCommon.dll
SphereShield.CasbMessagingBL.dll
SkypeShield.Infrastructure.dll
SkypeShield.Cryptography.dll
SkypeShield.File.dll
SkypeShield.Ldap.dll
SkypeShield.Mdm.dll
SkypeShield.Messaging.dll
SkypeShield.ServiceManagement.dll
SkypeShield.Settings.dll
SkypeShield.Skype.dll
SkypeShield.Validation.dll
SphereShield.Common.dll
SkypeShield.Infrastructure.Entities.dll
CasbMsOfficeApplication.dll
Create new site in the IIS manager and set the Physical path to new folder created.
Make sure all options under IIS are selected for the server, especially the development ones which include ASP versions.
Create an https URL for this site , then Microsoft could be send event to the site. (We can use Teams7 for this, we then need to add a DNS record, like we do with other portals. A.L. Mar 28, 2022). We should give a hostname like “listener”.
Set ConnectionString and IV / KEY and Webhook certificate in the Configuration folder Production Key Vault and Certificate
Change the C:\Agat\Listener_site\Configuration\Log4net.config file so the logs will write in this location: D:\Agat\Logs\ListenerSite
Make sure the AWS instance has the Security group that leaves 443 open to all.
Navigate to the site and you should see this Welcome page:
...