Installing Client Manager for Windows

To install Client Manager:

  1. Copy the appropriate installation files to the target machine.

  1. Navigate to the \Client Manager\<your platform> directory.

  1. Double-click setup.exe. The Security Warning dialog displays.

  1. Click Run. The Preparing to Install... dialog displays followed by the Welcome dialog.

  1. Click Next. The Destination Folder panel displays.

  1. Select the directory for storing TA files.

    Accept the default location C:\Program Files\Tidal\ClientManager.

    OR

    Click Change to search for a directory.

  1. Click Next. The TA DSP Name and Master IP panel displays.

  1. Enter these values:

    • TA DSP NAME – Enter the name of your Data Source Plug-in. This value can be anything you want it to be. The default is tes-6.5.

      Note: Architecturally, the Client Manager is a generic container of plug-ins and is not TA -specific. The TA -specific parts of the UI are in TA plugin.

    • PrimaryServer tcp// – Enter the host name or IP address for your Primary Master. The default port is 6215.

    • BackupServer tcp// – If using Fault Tolerance, enter the IP address for your Backup Master.

  2. Click Next. The SSL for Web Client Connections panel displays.

  1. Choose Yes to configure SSL for Web Client Connections.

  2. Click Next. The Keystore, Truststore, and HTTPS Port Details panel displays.

  3. Enter these details:

    • Keystore Path – Enter or Choose the Keystore Path.

    • Keystore Password – Enter the password for Keystore.

    • Truststore Path – Enter or Choose the Truststore Path.

    • Truststore Password – Enter the password for Truststore.

    • HTTPS Port– Enter the port number for secure connection. The default value is 8443.

Note: Unless you have separate Keystore and Truststore, the Keystore Path and Truststore Path may point to the same file. TrustStore is used to store certificates from trusted Certificate authorities(CA) while KeyStore is used to store private key and own identity certificate. Refer Configuring SSL Using Your Own Certificate for more information.

  1. Click Next. The Master Database Server panel displays.

  1. Select the desired type of database.

    • If MSSQL Server is selected, the AWS RDS and Microsoft Azure SQL options are displayed.

    • If Oracle Server is selected, these options are displayed.

      AWS RDS

      DBaaS

      Oracle Autonomous

      RAC

    • If PostgreSQL Server is selected, the AWS RDS option displays.

Note: If you have selected the Oracle Autonomous option in the Master Database Server screen, the Wallet Information screen appears.

  1. Specify the details such as DB Login ID, Password, Schema, and Consumer Group to connect to the Oracle Autonomous database.

  1. Click Next. the Master Database Server Credentials screen displays.

    Note: For the Oracle database server connection, only if you have not selected the Oracle Autonomous option in the Master Database Server screen, the Master Database Server Credentials screen displays.

    Enter this information:

    • Master Database Server– Enter the hostname of the Master database server.

      Note: If you are configuring with the SQL Server Cluster, then enter the Virtual IP address in the Database Server field.

    • Port– Enter the port number of the Master database. The default port for Oracle is 1521 and for MSSQL, it is 1433.

    • Service Name– Enter the Oracle System ID (Oracle only).

    • DB Login ID– Enter the read-only login ID for the Master database.

    • Password– Enter the read-only password for the Master database.

    • Database Name– Enter the Master database name (MSSQL only).

    • TLS Version– Select the one of these TSL versions:

    No TLS

    TLS 1.0

    TLS 1.1

    TLS 1.2

    The Client Manager must have the specified driver for the selected TLS version as specified below to connect to the Microsoft SQL Server:

    No TLS or TLS 1.0– Microsoft ODBC Driver for SQL Server or Microsoft OLE DB Driver 18 for SQL Server.

    TLS 1.1 or TLS 1.2– Microsoft OLE DB Driver 18 for SQL Server.

    Custom JDBC URL (Optional)– Enter the JDBC URL if your Master database supports RAC (Oracle only).

    Note: The Oracle SID and Service Name should be the same on the database. However, if they are different, provide the Oracle Service Name as the SID in this field.

    If you are configuring with the SQL Server Cluster, then enter the Virtual IP address in the Database Server field.

    The Active Directory/LDAP Authentication panel displays.

  1. Choose Active Directory or LDAP and click Yes or No based on AD/LDAP is SSL enabled or not, then click Next.

  1. Click Next if you select Yes for AD/LDAP is SSL enabled?, the Truststore containing AD/LDAP CA certificate details panel displays.

  2. Enter these values:

    • Truststore Path – Enter or choose the Truststore Path.

    • Truststore Password – Enter the password for Truststore.

      These properties are added in <CM_INSTALL>/config/clientmgr.props

      Security.SSL.enabled=Y
      Security.SSL.trustStore=c:\\<path>\\store.jks
      Security.SSL.trustStorePassword=password

    • Connecting to an SSL – Enabled Active Directory or Open LDAP Environment

  1. Enter this information for Active Directory:

    • Host – Enter the hostname or IP address for the Active Directory server.

    • Port – Enter the port number for the AD server.

    • User Search Prefix – Enter the location/prefix of the AD node containing user records.

    • Group Search Prefix – Enter the location/prefix of the AD node containing group records.

Example: Security.Authentication=ActiveDirectory ActiveDirectory.Host=<ip address or your_hostname> ActiveDirectory.Port=389 ActiveDirectory.UserSearchPrefix=DC=example,DC=comActiveDirectory.GroupSearchPrefix=DC=example,DC=com

  1. Enter this information for LDAP:

    • Hostname – Enter the hostname or IP address for the LDAP server.

    • Port – Enter the port number for the LDAP server.

    • BindDN – Enter the RDN to be used in conjunction with the value of LDAP.UserIdentifierType to construct the DN of the users to be authenticated. By default, LDAP.UserIdentifierType has the value uid.

      Example: If the RDN is ou=people,dc=example,dc=com, the DN of the user becomes uid=<username>,ou=people,dc=example,dc=com.

    • UserObjectClass – Specify a valid object class for the user. Only users who posses one or more of these objectClasses will be permitted to authenticate to TA.

    • UserBindDN – Enter the RDN (starting from the root of the tree) in the LDAP server that contains user entries.

    • Index – Check this option if you have an index.

    • GroupBindDN – Enter the RDN (starting from the root of the tree) in the LDAP server that contains group entries.

Example: An LDAP Setting:
Security.Authentication=LDAP
LDAP.HostName=<ip_address or hostname>
LDAP.Port=389
LDAP.BindDN=ou=people,dc=example,dc=comLDAP.UserObjectClass=inetOrgPersonLDAP.UserBindDN=dc=example,dc=comLDAP.GroupBindDN=dc=example,dc=com

Note: To authenticate users across different domains rather than installing Client Manager in each domain, follow the instructions in Enabling Multi-Domain Authentication.

  1. Click Next. The Ready to Install the Program panel displays.

  2. Retrace your steps if any information is incorrect and correct the information by clicking Back until you reach the desired screen.

    OR

    Click Install if the information is correct. The Installing Tidal Automation Client Manager panel displays. The status of your client installation displays with a progress bar.

    Note: Do not click Cancel once the installation process begins copying files in the Setup Status dialog. Cancelling the installation at this point corrupts the installation program. You will not be able to install the component without the help of support. If you decide you do not want to install the component, complete the installation and then uninstall.

    The Setup Completed panel displays.

  1. Click Finish.

    Note: Before starting the Client Manager, be sure to apply the latest hotfix obtained from support.tidalsoftware.com. To ensure compatibility, apply the latest 6.5.x hotfix patches to the Master and other components, each time the hotfix patches are applied to the CM. The first time the Client Manager is started, it initializes its data from the Master. Depending upon the amount of data, this could take up to 20 minutes.

Enabling Multi-Domain Authentication

TA allows for multiple-domain user authentication for Client Manager. The purpose of this function is to allow users defined in different domains to be authenticated within one Client Manager configuration to avoid installing one Client Manager per domain.

To enable this multi-domain authentication:

  1. Add the new property value in clientmgr.props, located under <CM_INSTALL>\config.

    Security.Authentication.Ext.File=user-auth.xml

    Where user-auth.xml is the file name.

  1. Build the user-auth.xml file to include all AD/LDAP servers for TA user authentication.

    This defines two servers:

    <ext-user-auth>
    <user-auth>
    <name>TA 1</name>
    <desc>Configure AD for user user authentication</desc>
    <type>ActiveDirectory</type>
    <host>hou-ad-1.tidalsoft.local</host>
    <port>389</port>
    <ad.usersearchprefix>DC=tidalsoft,DC=local</ad.usersearchprefix>
    <ad.groupsearchprefix>DC=tidalsoft,DC=local</ad.groupsearchprefix>
    </user-auth>
    <user-auth>
    <name>TA 2</name>
    <desc>Configure Open LDAP Server for user authentication</desc>
    <type>LDAP</type>
    <host>10.88.103.148</host>
    <port>5389</port>
    <ldap.binddn>ou=People,dc=ittidal,dc=com</ldap.binddn>
    <ldap.userobjectclass>account</ldap.userobjectclass>
    <ldap.userbinddn>dc=ittidal,dc=com</ldap.userbinddn>
    <ldap.groupbinddn>cn=testest,ou=Group,dc=ittidal,dc=com</ldap.groupbinddn>
    <ldap.useridentifiertype>uid</ldap.useridentifiertype>
    </user-auth>
    </ext-user-auth>

    Above the authentication process will validate a user using TA 1 first and then using TA 2 if the user was not found in TA 1.

    Note: The values are supported for the ldap.useridentifiertype parameter: uid, cn, sn, mail.

    Note: The AD/LDAP server configuration found in the clientmgr.props file is used first before the configuration specified in the user-auth.xml file is used: uid, cn, sn, mail.

Verifying Successful Installation

You should verify that all of the required Client Manager files were installed by going to the directory location that you designated during installation.

The seven main file directories (not counting the UninstallerData directory) are listed at the top with the contents of the lib and config directories also displays.

Note: Jobs and other object definitions can be viewed or modified after the Client Manager is initialized.