Cloud Storage Explorer Azure VM Launch Guide

1. Upon launching the Virtual Machine Instance (VMI) several scripts will run to configure the instance. By default, it is setup to listen on ports 80 for CSE and port 8080 for the identity provider (Keycloak) using the public IP address provided by Azure:

2. The VM instance ID (vmID) will be the initial password for both your keyadmin and expadmin default accounts. Both should be reset to unique values. The vmID can be found in the JSON View of your instance panel:

User Management

1. User management can be performed through Keycloak by logging in to http://:8080/auth using keyadmin and your instance ID as your password. There are two client roles for the storage-explorer client – StorageExplorerUsers and StorageExplorerAdmins. The users role is required to access CSE. The admins group will grant administrative privileges to manage drives and drive security. Keycloak can be federated with an existing enterprise IdP, synced with LDAP, and utilize Kerberos authentication. For more information please see the Keycloak documentation here: https://www.keycloak.org/documentation

Updating the Hostname

By default, the application is setup to utilize the public IP address provided by Azure. If you would like to use a DNS hostname, you can execute the following commands as root (sudo) in the instance:

/opt/mdaca/init/reset.sh
mkdir /opt/mdaca/etc/setup
echo <> /opt/mdaca/etc/host_ip
/opt/mdaca/bin/update-config.sh
/opt/mdaca/init/init-secret.sh
touch /opt/mdaca/init.log

Example:

/opt/mdaca/init/reset.sh
mkdir /opt/mdaca/etc/setup
echo cse.eastus.cloudapp.azure.com > /opt/mdaca/etc/host_ip
/opt/mdaca/bin/update-config.sh
/opt/mdaca/init/init-secret.sh
touch /opt/mdaca/init.log

SSL/TLS Configuration

By default, the application is setup to listen on ports 80 and 8080. It can be setup to utilize TLS and ports 443 and 8443 instead. The following files need to be updated with your certificates:

tls.key	Private key of your certificate
tls.crt	Public key of your certificate
server.p12	Public and private key in PKCS12 format
ca.crt	Public key of your certificate authority
server.truststore	Java keystore (JKS) containing the public keys of your CA and your certificate

You will then need to run the following scripts:

/opt/mdaca/init/reset.sh
mkdir /opt/mdaca/etc/setup
echo <> /opt/mdaca/etc/host_ip
/opt/mdaca/bin/set-tls.sh true
/opt/mdaca/bin/update-config.sh
/opt/mdaca/init/init-secret.sh
touch /opt/mdaca/init.log

Example:

/opt/mdaca/init/reset.sh
mkdir /opt/mdaca/etc/setup
echo cse.eastus.cloudapp.azure.com > /opt/mdaca/etc/host_ip
/opt/mdaca/bin/set-tls.sh true
/opt/mdaca/bin/update-config.sh
/opt/mdaca/init/init-secret.sh
touch /opt/mdaca/init.log

Note: The command /opt/mdaca/init/reset.sh completely removes all configuration data /including any users, groups, and roles added to Keycloak. Therefore, updating the hostname or setting up SSL/TLS as documented herein should be done before adding any of these artefacts or making other site specific configuration changes.

User Management

Updating the Hostname

SSL/TLS Configuration

Certifications

Follow Us

About Us

Contracts