The Mividas Core installation and deployment process involves three main steps:
- Mividas Virtual Machine (VM): You must first deploy the Mividas Installer virtual machine to your network. Ensure the VM is deployed and running. If not, refer to the VM deployment documentation.
- Mividas Installer Setup: Mividas Installer must be set up correctly and your license key activated. Refer to the Mividas Installer documentation if needed. After entering your license key, the Mividas Installer displays all product modules accessible with your license. The installation of Mividas Core can proceed as a stand-alone installation or alongside other Mividas products.
- Install the Mividas Core module: Follow the instructions below to install and deploy the Mividas Core product module from the Mividas Installer.
Configuration
On the Mividas Installer start screen, click under Mividas Core to start configuration before deployment. Choose Mividas Core, which will open up the configuration fields below.
Main domain name for management web interface
| Option | Description |
|---|---|
| Configure Hostname/FQDN | Enter the hostname/FQDN for your Mividas Core installation, which must be a valid DNS record. |
| Select existing certificate | Choose one of your previously uploaded certificates to be used for Mividas Core. |
| Upload new certificate | Choose a Full chain PEM-formatted certificate bundle to upload. |
| Upload private key | Choose the private key of the above chosen certificate to upload. |
Locale settings
| Option | Description |
|---|---|
| Default language | Set the preferred language for the system. Mividas Core uses the browser’s language setting if available; otherwise, it defaults to the language set here. |
| Timezone | Set the preferred time zone for the system. |
Outgoing Email (SMTP) Settings
Configure SMTP details for email notifications and invitations. If you configured this during the initial Installer setup, fields will be pre-filled but can be modified as needed.
| Option | Description |
|---|---|
| Display-name of sender | Enter the name to appear as the email sender. |
| Sender email-address | Enter the email address for outgoing messages (typically a no-reply address). |
| SMTP relay server hostname | Specify the SMTP server’s hostname. E.g. smtp-server.example.com. |
| TLS mode | Choose your preferred TLS mode. |
| Port | Specify the SMTP server port. E.g. 25. |
| Username | Enter the SMTP username. |
| Password | Enter the SMTP password. If no password is needed, enter a hyphen. |
Optional settings
LDAP authentication settings
| Option | Description |
|---|---|
| Server | Enter the hostname of the current LDAP or AD server to use by default. Use “fqdn:389” to use a specific port. |
| Service account DN/username | Here you enter the path to the account to be used as a service account. The path is often unique to your particular organization. |
| Password | Enter the password for your LDAP or AD server. The field will get empty after pressing save. |
| Use LDAPS-connection | Connect to the server using SSL-based LDAPS-connection (port 636 by default). Make sure you have added any custom CA-certificates to make verification work. |
| Ignore TLS/SSL verification errors | Ignore TLS CA verification. TLS over regular LDAP port 389 may be used even if LDAPS is not enabled so unless you have added custom CA certificates for verification login may fail. |
| Disable referral chasing | Referrals occur when the queried server doesn’t have the requested information but points the client to another server that might. The client can then “chase” these referrals to retrieve the needed data. |
| Base dn | Specify where in the tree the initial search for results should begin. |
| User filter | Here you choose how users are filtered out and displayed. |
| End user group DN | Specify which group in the tree that will have access to the system and be able to use the product. |
| Admin group DN | Specify which group in the tree will have elevated admin rights in the system, which opens up additional settings and functions for the logged-in user. |
| Superuser group DN | Specify which group in the tree that will give members superuser status (highest). Use this with caution as these users will have full control over the system and should only be assigned to users with high technical knowledge. |
| Customer attribute | For dynamic multi-tenant Mividas Meeting Portal use. User LDAP-object attribute that contains customer shared keys, e.g. "customerAttribute". |
| Enable local accounts | Allow logging in to users added to the local user database. |
External database server (beta)
You can choose to run your own database server, instead of the bundled one.
| Option | Description |
|---|---|
| Hostname | Enter the Hostname/FQDN or IP of the database server. |
| Username | Enter the database username. |
| Password | Enter the database password. If no password is needed, enter a hyphen. |
| Authentication type | Choose authentication type. |
| TLS mode | Choose what level of TLS is needed. |
| Create new user/database autmatically for each component | Allows for the creation of a new database for each installation. Mostly useful for service providers to keep customer data in separate databases. |
External Redis server (beta)
You can choose to run your own Redis server, instead of the bundled one.
| Option | Description |
|---|---|
| Protocol | Choose the protocol for the communication. |
| Hostname | Enter the Hostname/FQDN or IP of the Redis server. |
| Username | Enter the Redis username. |
| Password | Enter the Redis password. If no password is needed, enter a hyphen. |
| Use as background task broker | All background task messages will be handled by Redis instead of RabbitMQ. |
Cisco Meeting Server
| Option | Description |
|---|---|
| Internal number series ranges | Set the number ranges that should apply for your internal number series. |
| Acano temp cospace callid range | Set the number range for your temporary meeting rooms. |
Separate domain name for scheduling API
Used in case of external Mividas Meeting Portal server
Choose if you want network separation for the scheduling API, so that traffic will go through a separate hostname if you want to add firewall rules or the like. These are also slimmed down so only the functions that apply to the scheduling API are used by this hostname.
| Option | Description |
|---|---|
| Hostname / FQDN | Enter the Hostname/FQDN you wish to use. |
| Select existing certificate | Choose one of you previously uploaded certificates to be used. |
| Public SSL-certificate | Choose a Full chain PEM-formatted certificate bundle to upload. |
| Private key | Choose the private key of the above chosen certificate to upload. |
Separate domain name for video conference system requests
This option is available for Mividas Core + Mividas Rooms installations. Should an event be sent to Mividas Rooms from the conference system, this can then go via a separate hostname to be able to distinguish this traffic and e.g. add firewall rules. This is something we recommend using to also simplify troubleshooting but also if there is e.g. any overload, one can also shut down this particular type of traffic temporarily in a simpler way.
| Option | Description |
|---|---|
| Hostname / FQDN | Enter the Hostname/FQDN you wish to use. |
| Select existing certificate | Choose one of you previously uploaded certificates to be used. |
| Public SSL-certificate | Choose a Full chain PEM-formatted certificate bundle to upload. |
| Private key | Choose the private key of the above chosen certificate to upload. |
SAML SSO settings
| Option | Description |
|---|---|
| Entity URI to pass to SAML server | This will normally be the address to the product you are setting this up for, e.g. https://core.example.com Ensure this name is exactly the same as configured in idp configuration as “Identifier” for the Relaying Party Trust! |
| URL to autoconfig metadata XML-file | The URL that is used for the product to automatically get the metadata XML-file. Example for ADFS: https://<ADFS server FQDN>/FederationMetadata/2007-06/FederationMetadata.xml Example for Keycloak: https://<Keycloak server FQDN>/auth/realms/<REALM>/protocol/saml/descriptor |
| Offline idP metadata XML | This is only needed if auto configuration is not used. Paste the iDP metadata XML in the text field. |
| Offline SP metadata XML | This is only needed if auto configuration is not used. Paste the SP metadata XML in the text field. |
| Select existing certificate | Choose one of you previously uploaded certificates to be used for encryption and signing of requests. |
| Public SSL-certificate | If you have not yet uploaded a certificate that can be selected in the previous step, choose a Full chain PEM-formatted certificate bundle to upload. |
| Private key | Choose the private key of the above chosen certificate to upload. |
| Username claim | SAML Claim to use for creating the username. For Cisco Meeting Server installations, this should correspond to the username in CMS (jid). Structure: <saml_claim_name>[/<search>/<replace>]. Example: email/example.org/video.example.org |
| Group/role/memberOf SAML claim | SAML Claim where you get the Group/role/memberOf to determine if the login is for a regular user, administrator or Superuser. What to enter here varies a lot depending on what service you use. Example: OU=Groups,DC=example,DC=com |
| Group/role claim value required for regular users | Enter the path for the group/role that is required for regular users. Example: CN=regular-users,OU=Groups,DC=example,DC=com |
| Group/role claim value required for admin-users | Enter the path for the group/role that is required for admin-users. Example: CN=admin-users,OU=Groups,DC=example,DC=com |
| Group/role claim value required for superuser-users | Enter the path for the group/role that is required for superusers-users. Example: CN=superusers-users,OU=Groups,DC=example,DC=com |
| Customer SAML claim | SAML Claim used in multi-tenant installations, to determin if the login is for a specific Customer. |
| Enable single log out (SLO | Single Logout (SLO) results in all user sessions being terminated simultaneously for the browser that initiated the logout. Closing all user sessions prevents unauthorized users from accessing resources at the Mividas products (SPs). |
| Enable local accounts | Allow logging in using username/password (using backend admin or API) with local accounts. |
| Enable debug-mode | Print more information in logs, good for troubleshooting. |
Separate domain name for incoming SMTP invites
You have the option to specify a separate domain to use for conference system email addresses. This is used, among other things, to redirect e-mails through external spam filters.
| Option | Description |
|---|---|
| Hostname / FQDN | Enter the Hostname/FQDN you wish to use. |
| Select existing certificate | Choose one of you previously uploaded certificates to be used. |
| Public SSL-certificate | Choose a Full chain PEM-formatted certificate bundle to upload. |
| Private key | Choose the private key of the above chosen certificate to upload. |
Save configuration
When you have filled in everything needed for your installation, or just want to save your progress, you need to save theese settings. Do so by clicking in the bottom left corner.
Deployment
Select Version and Deploy
After everything is configured it is time to deploy Mividas Core. Choose the Mividas Core version from the drop-down list
, then click
. A terminal window will display the installation progress. Once completed, reload the page to verify the correct version.
core_epm: Running 15/18
core_epm: Running 15/18
core_epm: Running 16/18
core_epm: Running 18/18
Finished
ReloadUpdate settings post-deployment
To update settings after deployment, select Mividas Core from the start screen and click . Adjust settings as needed, save changes, and redeploy by clicking .
Following these steps, you can complete the Mividas Core configuration and deployment while retaining the flexibility to update settings as requirements evolve.
Upgrade
Before upgrading
Before upgrading, we always recommend that you:
- Check your platform health and fix any current alerts affecting your installation.
- Check that you have disk space available.
- Take a snapshot of your installation in your hypervisor.
Upgrading
To upgrade, click
next to Mividas Core from the start screen. Select the version you wish to upgrade to in the drop-down list , and then click
.