Configuration
On the Mividas Installer start screen, click under Mividas Identify to start configuration before deployment.
Main domain name for management web interface
| Option | Description |
|---|---|
| Configure Hostname/FQDN | Enter the hostname/FQDN for your installation. Must be a valid DNS record. |
| Select existing certificate | Choose one of your previously uploaded certificates to be used for the installation. |
| Opens up a window of the installer certificate management, where you can upload certificates and more. |
Locale settings
| Option | Description |
|---|---|
| Default language | Set the preferred language for the system. Mividas Identify uses the browser’s language setting if available; otherwise, it defaults to the language set here. |
| Timezone | Set the preferred time zone for the system. |
Outgoing Email (SMTP) Settings
Configure SMTP details for email notifications and invitations. If you configured this during the initial Installer setup, fields will be pre-filled but can be modified as needed.
| Option | Description |
|---|---|
| Display-name of sender | Enter the name to appear as the email sender. |
| Sender email-address | Enter the email address for outgoing messages (typically a no-reply address). |
| SMTP relay server hostname | Specify the SMTP server’s hostname. E.g. smtp-server.example.com. |
| TLS mode | Choose your preferred TLS mode. |
| Port | Specify the SMTP server port. E.g. 25. |
| Username | Enter the SMTP username. |
| Password | Enter the SMTP password. If no password is needed, enter a hyphen. |
Optional settings
Portal API settings
Set API settings for requests from Mividas Identify to Mividas Meeting Portal.
- Go to your Mividas Meeting Portal interface, Admin > Backend admin > Secure Meeting Settings.
- Copy the API Key from backend admin, or move the API key below into backend admin.
| Option | Description |
|---|---|
| External Mividas Meeting Portal server domain name | If Mividas Identify should connect to a Mividas Meeting Portal installation on another server, enter the Mividas Meeting Portal FQDN here. In case of single server installation, leave this blank. |
| API Key | API key to use from Mividas Identify to Mividas Meeting Portal. |
LDAP authentication settings
| Option | Description |
|---|---|
| Server | Enter the hostname of the current LDAP or AD server to use by default. Use “fqdn:389” to use a specific port. |
| Service account DN/username | Here you enter the path to the account to be used as a service account. The path is often unique to your particular organization. |
| Password | Enter the password for your LDAP or AD server. The field will get empty after pressing save. |
| Use LDAPS-connection | Connect to the server using SSL-based LDAPS-connection (port 636 by default). Make sure you have added any custom CA-certificates to make verification work. |
| Ignore TLS/SSL verification errors | Ignore TLS CA verification. TLS over regular LDAP port 389 may be used even if LDAPS is not enabled so unless you have added custom CA certificates for verification login may fail. |
| Disable referral chasing | This will make LDAP queries not follow referrals to separate forests/trees, which may incur delays or create problems in some environments where DNS-names or login information is not available for connections from Mividas VM. Unchecked by default. |
| Base dn | Specify where in the tree the initial search for results should begin. |
| User filter | Here you choose how users are filtered out and displayed. |
| End user group DN | Specify which group in the tree that will have access to the system and be able to use the product. |
| Admin group DN | Specify which group in the tree will have elevated admin rights in the system, which opens up additional settings and functions for the logged-in user. |
| Superuser group DN | Specify which group in the tree that will give members superuser status (highest). Use this with caution as these users will have full control over the system and should only be assigned to users with high technical knowledge. |
| Customer attribute | For dynamic multi-tenant portal use. User LDAP-object attribute that contains customer shared keys, e.g. "customerAttribute". |
| Organisation membership attribute | Comma-separated list of user LDAP-object attributes that contains the users place in the organization (for fine organization level statistics). E.g. "topLevelOrganization,secondsLevelOrganization" |
| Username attribute | Attribute to use as ID/owner for scheduled meetings. Default SIP-domain will be added if none is included. Structure: [dap_fieldname[/search/replace]. Example: email/example.com/video.example.com |
| Enable local accounts | Allow logging in to users added to the local user database. |
External database server (beta)
You can choose to run your own database server, instead of the bundled one.
| Option | Description |
|---|---|
| Hostname | Enter the Hostname/FQDN or IP of the database server. |
| Username | Enter the database username. |
| Password | Enter the database password. If no password is needed, enter a hyphen. |
| Authentication type | Choose authentication type. |
| TLS mode | Choose what level of TLS is needed. |
| Create new user/database autmatically for each component | Allows for the creation of a new database for each installation. Mostly useful for service providers to keep customer data in separate databases. |
External Redis server (beta)
You can choose to run your own Redis server, instead of the bundled one.
| Option | Description |
|---|---|
| Protocol | Choose the protocol for the communication. |
| Hostname | Enter the Hostname/FQDN or IP of the Redis server. |
| Username | Enter the Redis username. |
| Password | Enter the Redis password. If no password is needed, enter a hyphen. |
| Use as background task broker | All background task messages will be handled by Redis instead of RabbitMQ. |
SAML SSO
| Option | Description |
|---|---|
| Entity URI to pass to SAML server | This will normally be the address to the product you are setting this up for, e.g. https://identify.example.com Ensure this name is exactly the same as configured in idp configuration as “Identifier” for the Relaying Party Trust! |
| URL to autoconfig metadata XML-file | The URL that is used for the product to automatically get the metadata XML-file.
Example for ADFS: https://<ADFS server FQDN>/FederationMetadata/2007-06/FederationMetadata.xml
Example for Keycloak: https://<Keycloak server FQDN>/auth/realms/<REALM>/protocol/saml/descriptor |
| Offline idP metadata XML | This is only needed if auto configuration is not used. Paste the iDP metadata XML in the text field. |
| Offline SP metadata XML | This is only needed if auto configuration is not used. Paste the SP metadata XML in the text field. |
| Select existing certificate | Choose one of your previously uploaded certificates to be used for encryption and signing of requests. |
| Opens up a window of the installer certificate management, where you can upload certificates and more. | |
| Username claim | SAML Claim to use for creating the username. For Cisco Meeting Server installations, this should correspond to the username in CMS (jid).
Structure: <saml_claim_name>[/<search>/<replace>]. Example: email/example.org/video.example.org |
| Group/role/memberOf SAML claim | SAML Claim where you get the Group/role/memberOf to determine if the login is for a regular user, administrator or Superuser. E.g. OU=Groups,DC=example,DC=com |
| Group/role claim value required for regular users | Enter the path for the group/role that is required for regular users. E.g. CN=regular-users,OU=Groups,DC=example,DC=com |
| Group/role claim value required for admin-users | Enter the path for the group/role that is required for admin-users. E.g. CN=admin-users,OU=Groups,DC=example,DC=com |
| Group/role claim value required for superuser-users | Enter the path for the group/role that is required for superusers-users. E.g. CN=superusers-users,OU=Groups,DC=example,DC=com |
| Enable single log out (SLO) | Single Logout (SLO) results in all user sessions being terminated simultaneously for the browser that initiated the logout. Closing all user sessions prevents unauthorized users from accessing resources at the Mividas products (SPs). |
| Enable local accounts | Allow logging in using username/password (using backend admin or API) with local accounts. |
| Enable debug-mode | Print more information including SAML Claims in logs, good for troubleshooting. |
Save configuration
When you have filled in everything needed for your installation, or just want to save your progress, you need to save theese settings. Do so by clicking in the bottom left corner.
Deployment
Select Version and Deploy
After everything is configured, it is time to deploy Mividas Identify. Choose the Mividas Identify version from the drop-down list 
, then click
. A terminal window will display the progress of the installation. Once completed, reload the page to verify the correct version.
core_epm: Running 15/18
core_epm: Running 15/18
core_epm: Running 16/18
core_epm: Running 18/18
Finished
ReloadUpdate settings post-deployment
Modify Settings Post-Deployment
To update settings after deployment, select Mividas Identify from the start screen and click
. Adjust settings as needed, save changes, and redeploy by clicking
.
Following these steps, you can complete the Mividas Identify configuration and deployment while retaining the flexibility to update settings as requirements evolve.
Upgrade
Before upgrading
Before upgrading, we always recommend that you:
- Check your platform health and fix any current alerts affecting your installation.
- Check that you have disk space available.
- Take a snapshot of your installation in your hypervisor.
Upgrading
To upgrade, click
next to Mividas Identify from the start screen. Select the version you wish to upgrade to in the drop-down list 
, and then click
.