After the Workspace ONE Access instance is deployed, you use the Setup wizard to set passwords and select a database.

Make sure that you run the Setup wizard using the fully qualified host name. Do not enter the IP address as the name.

Prerequisites

  • The Workspace ONE Access machine is powered on.
  • The external database is configured and the external database connection information is available. Before you run the Setup wizard, verify that the database configuration is correct. See Create the Workspace ONE Access Service Database for information.

Procedure

  1. Go to the Workspace ONE Access URL that was displayed when you finished the installation. Enter the fully qualified domain name (FQDN). For example, https://WS1AccessHostnameFQDN.example.com.
  2. Accept the certificate, if prompted.
    You can update the certificate after the initial set up.
  3. In the Get Started page, click Continue.
  4. In the Set Passwords page, set passwords for the following administrator accounts, which are used to manage the appliance, then click Continue.
    Account
    Appliance Administrator Set the password for the admin user. This user name cannot be changed. The admin user account is used to manage the appliance settings.

    To create a strong password, the passwords must be 8 or more characters long and contain at least one of each of the following.

    • Uppercase characters A-Z (Latin alphabet)
    • Lowercase characters a-z (Latin alphabet)
    • Numeric digits 0-9
    • Special characters (!, $, #, %, etc.)
    Appliance Root Set the root user password. The root user has full rights to the appliance.

    To create strong passwords for the root user and remote user (sshuser), the passwords must be 14 or more characters long and contain at least one of each of the following.

    • Uppercase characters A-Z (Latin alphabet)
    • Lowercase characters a-z (Latin alphabet)
    • Numeric digits 0-9
    • Special characters (!, $, #, %, etc.)
    Remote User Set the sshuser password. This password is used to log in remotely to the appliance with an SSH connection.
  5. In the Select Database page, select the database to use, either external or internal.
    To use the external database, configure the following.
    1. Select External Database as the database type.
    2. Enter the JDBC URL of the Microsoft SQL database server.
      Authentication Mode JDBC URL String
      Windows Authentication (domain\user)
      jdbc:jtds:sqlserver://<hostname_or_IP_address:port#>/<saasdb>;integratedSecurity=true;domain=<domainname>;useNTLMv2=true
      SQL Server Authentication (local user)
      jdbc:sqlserver://<hostname_or_IP_address:port#>;DatabaseName=<saasdb>

      To enable SQL Server Always on capability for Local SQL Authentication, set MultiSubnetFailover, to True in the JDBC URL.

      jdbc:sqlserver://<hostname_or_IP_address:port#>;DatabaseName=<saasdb>;multiSubnetFailover=true

      MultiSubnetFailover is not supported when using Windows Authentication.

    3. Enter the login user name and password that you configured when you created the database. See Configure Microsoft SQL Database Using Local SQL Server Authentication Mode for Workspace ONE Access
    4. To set up an encrypted connection between Workspace ONE Access and the Microsoft SQL Server, select Encrypt Connection.
      The Encrypt Connection option is not supported when the Microsoft SQL Server is configured in Windows Authentication mode.
      Note: An encrypted connection to the database increases the security of data transmitted across networks. However, enabling encryption can slow the performance on the Microsoft SQL server.
    5. If you have not uploaded the root CA signed certificate, click Upload to upload the certificate now.
      Microsoft SQL servers must be configured with a TLS certificate to use the Encrypt Connection feature with Workspace ONE Access. See Microsoft SQL server documentation to configure the TLS certificate.
    6. Click SAVE to verify and save the information.
    To use the internal database, click Continue.
    Note: The internal database is not recommended for use with production deployments.

Results

The connection to the database is configured and the database is initialized. When the process is complete, the Setup is complete page appears.

What to do next

To set up a directory, you must first install one or more instances of the Workspace ONE Access connector. See the corresponding version of the Installing Workspace ONE Access Connector guide. Before setting up the directory, review Directory Integration with Workspace ONE Access for requirements and limitations.