The origin server is the file server configured for storage of all files to be cached with your CDN provider on a pull model.

To set up the Origin Server, complete the following steps:

  1. Install the Web Server Role (IIS). The selected web server must be publicly available on t he Internet. It is possible to set up the DNS to do routing internally to the proper servers as necessary. For storage, multiply the average file size by the average number of files, then multiply by two to avoid full disk issues that prevent the caching of files.

    Enable the following features:

    1. Basic Authentication

    2. Request Filtering

    3. Window Authentication

    4. URL Authorization

    5. IP and Domain Restrictions

  2. Install URL Rewrite IIS from the Microsoft website.

  3. Add the following extensions to Default Website MIME Types.

    Extension Content Type
    .app

    application/vnd.android.package-archive

    .appx application/vns.ms-appx
    .appxbundle application/octet-stream
    .ipa application/octet-stream
    .lic text/plain (For BSP)
    .msi* .msi* application/octet-stream
    .msp application/octet-stream
    .mst application/octet-stream
    .pkg application/octet-stream
    .xap* application/x-silverlight-app
    .xbap* application/x-ms-xbap
    .ppkg application/octet-stream
    .dmg application/octet-stream
    .mpkg application/octet-stream
    .plist text/xml
    .apk application/vnd.android.package-archive
    Note:

    MIME Types already exist in Windows 2012 R2.

  4. Navigate to the CDN content storage location.

  5. Create a shared folder named CDN. The folder that is configured for the web server must be mapped to a file with both read, write permission that is available to the Workspace ONE UEM console and Device Services.
  6. In the CDN folder, create a file named monitor.txt. Enter some random text into the document so that you can validate the connection at a later stage. For more information, see Validate Workspace ONE UEM Integration with CDN .

  7. Set up the user account credentials for accessing the CDN using a UNC/SMB path. The UNC/SMB path is used during the configuration of the UEM console. The user name and password are used for connecting to the UNC/SMB folder and are also entered into the UEM console.

  8. Configure the security setup for accessing the folder from the IIS website.

    1. Add the application pool user account to the CDNfolder of the shared drive.

    2. Add the following user accou nts:

      1. ISUR (All but Full control)
      2. IIS_IUSRS (All but Full control)
      3. NetworkService (Full Control)
      4. UNC/SMB Service Account (All but Full control)
  9. Under Application Pools, right-click DefaultAppPool and select Advanced Settings. Set the App Pool Identity to NetworkService.

  10. Right-click Default Website, select Manage Website, and select Advanced Settings.
  11. Change the Physical Path to the configured drive for the CDN content.

  12. After Akamai is configured, you can set up the request filtering for the cookie that is used for authentication of the URL.
    1. Obtain the CDN Configuration Tool installer.

    2. Run the CDN installation and enter the secret key (SHA256 Hash Key) that is configured with your Akamai account for Edge Server Identification. For more information on setting up Edge Server Identification, see Configure Akamai to Integrate with Workspace ONE UEM.
  13. Make a note of the Network Path for the UEM console configuration.