Terminal installation procedure

It is also possible to install the plugin via the terminal. Please make sure you have read and understood the above notes on the plugin installer which explain the correct process for installation on either Standard / WID or SQL setups.

When the installer is run on a main primary server, the client ID and client secret for your app need to be passed, plus a session secret (see above note on session secret rules). Note that, in order to support special characters (^ < > | & /), the values entered must be escaped with "" double-quotes. Also note that Session Secret supports international characters such as cyrillic, e.g. /SESSION_SECRET="Здравей*_1234"

In any command, /S runs the installer silently. Note that, as mentioned above, ADFS will be restarted several times in the process of installation.

Standard / WID setup

The following example is for installation on the primary server:

start "" /WAIT Miracl.Zfa.Adfs.Installer.exe /S /CLIENT_ID="glc_votxda4" /CLIENT_SECRET="sdf_efdyD*-iswle18" /SESSION_SECRET="SecRet_1234$" /CODE_PAD_URI="https://mcl.cdn.mpin.io/mpad/mpad.js" /THEME_NAME="miracl"

The following example is for installation on a secondary server:

start "" /WAIT Miracl.Zfa.Adfs.Installer.exe /S

It is important that the installation commands are prefixed with start "" /WAIT as this will ensure the correct ERRORLEVEL is returned (0 indicating success and non-0 indicating failure).

SQL setup (multiple primary servers)

As per the standard setup, the following example is for installation on the primary server:

start "" /WAIT Miracl.Zfa.Adfs.Installer.exe /S /CLIENT_ID="glc_votxda4" /CLIENT_SECRET="sdf_efdyD*-iswle18" /SESSION_SECRET="SecRet_1234$" /CODE_PAD_URI="https://mcl.cdn.mpin.io/mpad/mpad.js" /THEME_NAME="miracl"

And for installation on subsequent primary servers, /DEPLOY_CONFIG should be set to 0:

start "" /WAIT Miracl.Zfa.Adfs.Installer.exe /S /DEPLOY_CONFIG=0

Note that /DEPLOY_CONFIG=0 ensures that you are not asked to enter config details (Client ID, Client Secret etc.) again. It is necessary to set this on subsequent primary servers.

It is important that the installation commands are prefixed with start "" /WAIT as this will ensure the correct ERRORLEVEL is returned (0 indicating success and non-0 indicating failure).

Verification of installation

You can verify your installation by using the IdP-initiated sign-on url, i.e. https://youradfshost.net/adfs/ls/idpinitiatedsignon Note that your device, user and location must be within the parameters of your Global Authentication Policy.

Notes on using install scripts

When using windows batch files, commands will block until completion.

However, a key point to note is that, when scripting without windows batch files, the commands won't block until completion. In order to block it is necessary to prefix the commands with start "" /WAIT For example: start "" /WAIT Miracl.Zfa.Adfs.Installer.exe /S

Using start "" /WAIT in these scenarios will ensure that the correct ERRORLEVEL is returned. Without this there will be misleading error messages - it will only be indicated that commands are running without giving a 0 or non-0 on completion. echo %ERRORLEVEL% can also be used to check whether installation completed correctly, with 0 indicating success and non-0 indicating failure.

Parameter Reference

The following is a full list of the available parameters for terminal installation:

Parameter Default value Notes
/CLIENT_ID=
/CLIENT_SECRET=
/SESSION_SECRET=
/SERVER_BASE_ADDRESS= https://api/mpin.io Combines with the Discovery Path to give the url (https://api.mpin.io/.well-known/openid-configuration) which returns the OIDC parameters which are used by the service. This should be left as is and changed by Advanced users only
/DISCOVERY_PATH= .well-known/openid-configuration should be left as is and changed by Advanced users only
/CODE_PAD_URI= This should be https://mcl.cdn.mpin.io/mpad/mpad.js
/NETWORK_TIMEOUT= 10
/IS_DEBUG= 0 Set as 1 or 0 - Debugging mode should only be enabled for test purposes and should never be enabled in production. For debugging in production, the Windows server event log gives stack trace and other information
/DEPLOY_CONFIG= 1 on a primary server or 0 on a secondary Set as 1 or 0 (Please see above notes on the plugin installer for details on how to use this parameter )
/THEME_NAME= Set the ADFS web theme name for the newly-configured MIRACL ADFS plugin (see notes above)
/S Run installer silently
/D Sets the default installation directory ($INSTDIR), overriding InstallDir and InstallDirRegKey. It must be the last parameter used in the command line and must not contain any quotes, even if the path contains spaces. Only absolute paths are supported. For example: /D=C:\Program Files\MIRACLADFS
/NCRC Disables the CRC check (an error-checking mechanism, similar to a checksum, that enables an application to determine whether the information in a file has been modified).

Top