The Standard (Basic) method of installing the Workspace ONE Assist server, for on-premises environments that use all-in-one single servers, is a process that is composed of a single phase.
Procedure
- Download, extract, and save the Workspace ONE Assist installer into a temporary directory on the Workspace ONE Assist server. You can download the installer from the repository at https://my.workspaceone.com.
- Right-click the installer file and select Run as administrator.
- At the Welcome screen, select Next.
- Enter the directory where you want to install the Workspace ONE Assist application and select Install.
The default installation directory can be customized to any location on the server.
- Select Standard Installation (Basic) and then select Next.
- If SQL Server is already installed on the server or on another server where Assist databases are deployed, select ‘Connect to existing SQL Server’ and enter the required parameters.
Setting Description SQL server name Define the SQL Server instance running on the server (such as \\SQLEXPRESS, (local), and so on). Authentication Select either Windows authentication to authenticate to SQL Server as current Windows user OR select SQL Server Authentication to select a SQL server account, such as SA. User name If SQL Server Authentication was used, type in the user name that is used to authenticate against the SQL server. Password Type in the password for the user name selected. - Select the …More button and enter additional details.
The installer creates two user accounts to access and maintain SQL databases. They are apadminuser and apdbuser.
- Specify passwords for these accounts.
Note: When making user names and passwords, do not use the following special characters:
- Ampersand - &
- Less Than - <
- Greater Than - >
- Single Quote - '
- Double Quotes - "
- Semicolon - ;
- Enter in the path for database MDF, LDF, and NDF files.
- Select Save to proceed.
You are taken back to the previous screen.
- Select Next to proceed.
- Select the …More button and enter additional details.
- In the Tenant FQDN text box, type in the FQDN for portal (web) services.
A Fully Qualified Domain Name is the complete domain name for a specific computer, or host, on the Internet. It consists of two parts: the host and the domain. For example, myhost.thedomain.edu.
- In the SSL Certificate text box, select the folder button or the pull-down arrow to select the SSL certificate for the Workspace ONE Assist system that corresponds to the FQDN.
The certificate is installed in the local system personal certificate store.
- Select the certificate and then select OK.
- Deselect the Apply Default Settings check box and select the folder icon to attach the T10 certificate.
- Browse for the T10 certificate (created while running the Certificate Generator tool in the artifacts folder), select the P7B certificate file, and then select Open.
- Select the …More button to select additional settings for the Workspace ONE Assist system. Verify the parameters.
Setting Description HTTP Port Defines the internal HTTP port used by portal services. By default, port 80 is selected. You can use a different port if port 80 is being used, such as 8080. IIS Site Binding IP address Defines from which interfaces/IP addresses portal services can be reached. By default, the setting is ‘All Unassigned’ to enable all interfaces/IPs. HTTPS port Defines the HTTPS port used by portal services for access from outside the network. By default, port 443 is selected. If port 443 is already being used in your environment for another purpose, then you can use a different port, such as 7443. SSL Enable Enables SSL/TLS protocol for portal services. By default, this check box is enabled so that the portal services use SSL/TLS. Leave this check box enabled. T10 user name and Auto Generated Defines T10 API user for connectivity between AirWatch portal and Workspace ONE Assist system. By default, if ‘Auto Generated’ check box is enabled, the installer assigns a random user name to be created locally on the server. Leave this text box defaulted and the check box enabled for the Installer to create the T10 API user. If you want to define the user, disable the check box and type in the T10 user name you want to use. CP FQDN/Port Defines the FQDN and port on which CP services can be reached. Enter in the FQDN, which must be the same as the FQDN assigned for portal services. Enter port 8443, which is the default port for CP services. If port 8443 cannot be used, you can enter any other port. Be sure that network/security teams use this assigned port when assigning translation rules from the firewall/router to the RM Server for CP services. - Select Save to continue.
You are taken to the previous screen.
- Select Next to continue.
The installer performs multiple pre-requisite checks to ensure that the product can be installed. After the installer performs the prerequisites check, a summary report displays.
- If any of the prerequisites are missing and the check fails, do NOT select Install.
- Select Detailed Report link to see which prerequisites are missing.
- To install missing prerequisite components, select the Install Components link. The installer installs the missing components.
You might need to reboot the server after the prerequisites are installed.
- After the reboot, relaunch the installer.
The installer pre-populates with your previous selections. - If the initial prerequisite check comes back with all components passing, select Install.
Once the Install button is selected, the installation process begins.
Note: Database execution might take an extended period.
- When the installation finishes, select Next to continue.
- When prompted to run the Resource Pack that loads all available device profiles onto the Workspace ONE Assist system, leave the Execute Resource pack check box selected (enabled) and then select the Finish button.