How to install the WiKID Strong Authentication Server - Enterprise Edition

How to install the Enterprise Version of WiKID's two-factor authentication server from networking to adding a user.

Now that you have installed WiKID, it's time to configure it.  Start by running our script that configures or confirms your network settings and creates an SSL certificate for the WiKIDAdmin web UI.

wikidctl setup

Select that you want to change your network settings.  We HIGHLY recommend you run through this and confirm your settings.  The script will pick up your existing network settings, walk you through them and create an SSL cert for the server.  Select No for replication at this time.  Once done, start the server:

wikidctl start

The primary administration interface of the WiKID Strong Authentication Server is via the WiKIDAdmin web UI.

From a network-connected system, enter the URL address:

https://servername.domain.com/WiKIDAdmin/

Click through your browsers warnings about the self-signed certificate.  The WiKIDAdmin portion of the URL is case-sensitive. You should see a screen similar to that shown in Figure 1.

01.login.screen.jpg

Figure 1 - Initial login screen

The default login credentials are:

Username:	WiKIDAdmin  	(mixed-case)
Password:	2Factor		(mixed-case)

The main system status screen is shown upon successful login to the administration system as depicted in Figure 2. This screen provides summary information about the current status of the system and the services it provides.  You can ignore the License Restrictions error - we'll deal with that.

First screen

Figure 2 -Main Status Summary Screen

Each item is covered in greater detail later in this guide. In overview:

Registered Devices – This indicates the number of devices that are currently serviced by this server. These devices have completed the entire registration process and could successfully gain access to a secured resource.

Unregistered Devices – These devices have partially completed the setup process but have not completed the device to userid mapping. Unregistered devices are automatically purged from the system after 1 hour as specified in the RegCodeTTL paramater. This parameter can be changed in Configuration --> Set Parameters.

Served Domains – The number of distinct domains (server codes) configured for this server.

Network Clients – The number of systems that use this server for authentication. This includes both RADIUS systems and other protocols, such as wAuth.   These are your VPNs, RADIUS servers, etc.

Protocols Enabled – The number of protocol modules installed and activated on the server.

As we progress through this guide, we will periodically return to this status summary to note the changes in the values. This should provide a well founded understanding of the basic terms and concepts of the WiKID Authentication System. If you need additional background, please review the architecture of the WiKID's two-factor system.

Ever since deploying WiKID, we  have  secured our Production systems from unauthorized access and maintained PCI compliance