The Advanced Remote Management (ARM) installer requires configuring the settings before starting installation. This configuration is made up of two phases.
- Phase one is the creation of a config file that the installer requires. You can use this file to install multiple servers.
- Phase two is comprised of running PowerShell scripts that are included with the installer package.
Configure the ARM Installer Phase One, make the config file.
Install the SSL certificate onto the Personal Certificate Store on the RM server.
The SSL certificate secures HTTPS binding for the management website for port 443 and allows a secure connection. This secure connection is between the admin and Web services. Also, the SSL certificate secures the connection to the Connection Proctor on port 8446. You must provide the SSL certificate as a wildcard or SAN certificate.
- Start the Remote Management installer from the c:\temp folder on the RM server.
- Select Next.
- Select Configure to configure the server settings before installation.
Enter the Database credentials.
Setting Description Database Server Name Enter the server hostname, IP address, or loopback address (as it is a single server). DB Owner user name Enter the user name of the internal ARM Database user that the installation automatically creates in the database. DB Application user name Enter the user name of the internal ARM Database user that the installation automatically creates in the database.
- (Optional) Select the Advanced button to configure the Port, LDF, MDF, and NDF paths for the database. Ensure that your Windows account has full access to these folders.
- Select Next.
Configure the Portal Server settings.
Setting Description Webserver IP Address Enter the IP address for the webserver. Port
Enter the port. The default is 80.
Select Check to validate the port.
If your IIS Default Website is bound to port 80, then you must either delete the Default Website or use a different port. The suggested replacement is port 8080.
Enable HTTPS Binding This setting is required. The port defaults to 443. Active Directory Domain Name Enter your Active Directory domain name. Group Enter the Active Directory group created for remote management. User name Enter the Active Directory user name created for remote management. Enrollment Certificate Enrollment Certificate
Select the ... Button to browse for the EnrollmentCertificate.pfx file, which can be found in the installer package in the c:\temp folder.
When you select the certificate, the installer asks for the certificate password which is also included in the installer package in the Password.txt file.Note:
The enrollment certificate is an SSL certificate that enables remote management devices to enroll or register with the ARM server. The enrollment certificate also secures the connection to the server.
Configure the App Service settings.
Setting Description Enable T10 Service Select to enable the T10 service. T10 Certificate
Select the ... button, navigate to the c:\temp\certs folder, and select root_intermediate_chain.p7b.
Auto generate a user in Local Users and Groups
Enable the option to automatically generate a T10 user. If you manually generate a T10 user, you must enter the user name in the provided field.
- Select Finish.
After selecting Finish, the installer creates the install.config file. This file contains all the configuration settings for the ARM installer. When installing on multiple ARM servers, you need to follow this task only once, then export the resulting config file to the other servers.
Next, proceed to Phase Two, Install PowerShell Scripts.