How to setup the demo environment

Products Identity Manager Show & Tell
1

Prerequisites:

  • Windows VM (make sure all Windows updates are installed)

  • SQL Server (Developer)

  • Runtime (usercube-sdk-version.zip) to be downloaded from partner portal

  • SDK (usercube-server-runtime-version.zip) to be downloaded from partner portal

Refer to Netwrix documentation for more details: Prerequisites | Netwrix Product Documentation

Set up the VM

Make sure that all the prerequisites are met:

  • Dotnet hosting bundle installed

  • SQL server installed

  • Notepad++ or Visual Code installed

Deploy Identity Manager

  1. Unzip the “SDK” archive
  2. Copy the folder “UsercubeDemo” to “C:”
  3. Unzip the “Runtime” archive to “C:\UsercubeDemo” folder

Configure the application settings

  • Go to “C:\UsercubeDemo\Runtime” folder and update the file “appsettings.json”:

    • Add the License Key (if you don’t have it please reach out to your Chanel Account Manager)
    • After the license line, Add "AuthorizeUsercubeCertificate": true,
    • Remove all the commented line (lines starting with “//”)

  • Save file

Example:

appsettings.json (1.3 KB)

Install AD LDS

  1. In the Windows search field look for “Active Directory Lightweight Directory Services Setup Wizard”
  2. Click Next
    Select “A unique instance”, then, click Next
    Instance name: ADDemo
    Description: AD Demo
  3. Click Next
    LDAP port number 5389
    SSL port number 5636
  4. Click Next
    Select Yes create an application directory partition
    Partition name: DC=acme,DC=internal
  5. Click Next
  6. Click Next
    Select Netwrok service account
  7. Click Next
  8. Click Yes
    Select Currently logged on user
  9. Click Next
    Select “MS-InetOrgPerson.LDF” and “MS-User.LDF”
  10. Click Next
  11. Click Next
  12. Click Finish

Extend the schema

Open a command line (Start → Run → cmd) and type the following commands:

cd C:\UsercubeDemo

ldifde -i -f Usercube.ldif -s localhost:5389-c "CN=Schema,CN=Configuration,DC=X" #schemaNamingContext

Authorize password reset

Open a command line (Start → Run → cmd) and type the following commands:

dsmgmt
ds behavior
connections
connect to server localhost:5389
quit
allow passwd op on unsecured connection
list current ds-behavior
quit
quit

Create AD data

Open a command line (Start → Run → cmd) and type the following commands:

cd C:\UsercubeDemo\Sources

ldifde -i -f ad.ldif -s localhost:5389-c "CN=Schema,CN=Configuration,DC=X" #schemaNamingContext

Wait for the data to be fully loaded

Reset administrator password

  1. In the Windows search field look for “ADSI Edit”
  2. Right click on “ADSI Edit”
  3. Click on “Connect to…”
    Name: AD Demo
    Select “Select or type a Distinguished Name or Naming Context” and enter “DC=acme,DC=internal”
    Select "Select or type a domain or server: (Server | Domain [:port]) and enter “localhost:5389”
  4. Click Ok
  5. Right click on “CN=administrator” and click “Reset Password…”
  6. Enter a password value (Example: Netwrix@2026) and click “OK”
  7. Click OK

Update NIM connection settings

  • Go to “C:\UsercubeDemo” and edit the file “appsettings.agent.json”

    • In “PasswordResetSettings” → “EncryptionCertificate” → “File”, replace “../Usercube.pfx” by “./Usercube.pfx”
    • In “Connections” → “ADExportFulfillment” → “Password”, enter the administrator generated password (Example Netwrix@2026)
    • In “Connections” → “LDAPExportFulfillment” → “Password”, enter any dummy value (Example P@ssw0rd)

  • Save

  • Copy the file in “C:\UsercubeDemo\Runtime” folder (replace the existing one if pompted)

Example:

appsettings.agent.json (3.6 KB)

Update the configuration

  • Go to “C:\UsercubeDemo\Conf” and edit the file “Tasks.xml”
  • Delete the following lines
    <ExportTask Agent="Default" Connection="AzureADExportFulfillment" OpenIdClient="Job" DisplayName_L1="AzureAD - Extraction" IgnoreCookieFile="true" />
    <ExportTask Agent="Default" Connection="LDAPExportFulfillment" OpenIdClient="Job" DisplayName_L1="LDAP - Extraction" IgnoreCookieFile="true" />

    <PrepareSynchronizationTask DisplayName_L1="LDAP - Data Collect" Connector="LDAP" SynchronizationMode="Initial" Agent="Default" OpenIdClient="Job" />
    <PrepareSynchronizationTask DisplayName_L1="AzureAD - Data Collect" Connector="AzureAD" SynchronizationMode="Initial" Agent="Default" OpenIdClient="Job" />

    <SynchronizeTask DisplayName_L1="LDAP - Synchronization" Connector="LDAP" ForceSynchronization="true" />
    <SynchronizeTask DisplayName_L1="AzureAD - Synchronization" Connector="AzureAD" ForceSynchronization="true" />
  • Save

Run the installation and initialization process

Open PowerShell and type the following commands:

cd c:\UsercubeDemo\Scripts

.\Install-OnPremise.ps1

Wait until the script finishes.

Do not close the PowerShell window running the server.

image
image1218Ă—829 178 KB

Start the server

If the server has been closed you can still run it again. using the following command.

Open PowerShell and type the following commands:

cd c:\UsercubeDemo\Runtime

.\Usercube-Server.exe

Login to NIM

Open a browser and go to “http://localhost:5000”

Login with the following credentials

image
image1919Ă—1037 87.7 KB

4 Likes