Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 20 Next »

We separate the Webhook listener from the Admin Portal because we need to open access from Microsoft via the internet. This Listener Server can be installed in the DMZ of the organization.

It is recommended to install the WLS on a separate site with a separate application pool. When the deployment is large (1000 user and more ) it is best to be done on a separate host

 Installation

  • Enable IIS on target machine (all the checkboxes)

  • Copy all the content from the package payload: C:\Agat\SphereShield.Setup\Payload\SphereShield.Listener into a new folder under Inetpub.

  • Replace these files with the ones from AccessPortal folder:

    • SphereShield.CasbCommon.dll

    • SphereShield.CasbMessagingBL.dll

    • SkypeShield.Infrastructure.dll

    • SkypeShield.Cryptography.dll

    • SkypeShield.File.dll

    • SkypeShield.Ldap.dll

    • SkypeShield.Mdm.dll

    • SkypeShield.Messaging.dll

    • SkypeShield.ServiceManagement.dll

    • SkypeShield.Settings.dll

    • SkypeShield.Skype.dll

    • SkypeShield.Validation.dll

    • SphereShield.Common.dll

    • SkypeShield.Infrastructure.Entities.dll

    • CasbMsOfficeApplication.dll

  • Create new site in the IIS manager and set the Physical path to new folder created.

  • Make sure all options under IIS are selected for the server, especially the development ones which include ASP versions.

  • Create an https URL for this site so that Microsoft can send events to the site. We should assign a hostname like “listener”.

  • Set ConnectionString and IV / KEY .

  • Set Webhook certificate in the Configuration folder, you can verify it in following page Production Key Vault and Certificate

  • Change the C:\Agat\Listener_site\Configuration\Log4net.config file so the logs will write in this location: D:\Agat\Logs\ListenerSite

  • Make sure the AWS instance has the Security group that leaves 443 open to all.

  • Navigate to the site and you should see this Welcome page:

In IIS Manager, open Application Pools

open Advanced Settings of your portal

set “Load User Profile” to “True”

open Advanced Settings of your Listener

set “Load User Profile” to “True”

Heartbeat

Connection Check

  • Url: /api/Heartbeat

  • Method: GET

  • Good Response: 200 “I am alive.... :-)

  • bad Response: 404

Admin Portal configuration

A new setting was added to the Cloud Service Integration section:

Need to Enter the URL of the Webhook site created.

In case that AP already gets Webhooks, You will need to turn off the CasbAdapter for 1 hour, for new Webhook Subscription will be created.

Note: When external site URL is left empty the Webhook will be set to the portal URL as before this change.

  • No labels