OVA Installation
The Kron PAM OVA installation method enables rapid deployment of the platform by importing a pre-configured virtual appliance. This streamlined process leverages an OVA package designed for virtualized environments like VMware or ESXi. Before starting, ensure you have access to the required installation files and credentials provided by Kron's Support Team.
Note: All installation packages are available on the filerepo.krontech.com SFTP Server. Contact Kron’s Support Team to obtain the download links and necessary passwords.
- Download the OVA Package: Access the Kron PAM OVA package from the SFTP Server (filerepo.krontech.com) using the credentials provided by Kron's Support Team.
- Environment Requirements: The deployment requires a compatible virtual environment, typically VMware or ESXi, and a network configuration allowing secure access to the Kron PAM instance.
Once you have downloaded the OVA file, deploy and start the virtual machine in your VMware/ESXi environment.
Configure the Server's IP Address
- When the server is up and running, open the VMware Console and use the nmtui command to access the network configuration tool.
- Set the IP address, subnet mask, gateway, and DNS for the server, then save the settings.
Restart the Server
- After completing the IP configuration, restart the server to apply the changes.
Access the Web Interface:
- Once the server has restarted, open a web browser (Google Chrome is recommended).
- Navigate to the server’s address using HTTPS:
- You are now ready to begin configuring Kron PAM.
After accessing the initial configuration screen, the Kron PAM welcome page will appear.
On the second page, begin by entering information about your company, organization, or institution. Set the hostname, specify a unique PAM instance name (especially if you have multiple PAM servers), and select the appropriate time zone for your location or the server's location, depending on your needs.
On the third page, complete the following required fields:
- DB Password: Set the password for the “aioc” user in the Kron PAM's PostgreSQL database.
- OS Password: Set the password for the “pamuser” on the OS, used for accessing the Kron PAM Server via SSH.
- GUI Password: Create the password for the “admin” user on the Kron PAM GUI, which serves as the superuser for the interface.
- scon Password: Define the password for the “scon” user on the OS, used to access the PAM Server CLI via SSH or for console user switching.
- Root SSH Access (optional): Configure access rights for the “root” user via SSH if needed.
Next, enter the following required information:
- Customer Key: Used for encrypting and decrypting sensitive information on the Kron PAM Platform.
- Key Store Password: Password for the self-signed certificate utilized by the Kron PAM GUI.
- TACACS Key: Used to secure communication between Kron PAM's TACACS+ Server and Kron PAM Platform modules.
- Iteration Count: Determines the number of iterations for generating encryption keys.
On the final page, you can download all the entered values by clicking the “Export Data” button at the top-right corner of the page.
Important: Downloading the configuration data is essential for future troubleshooting and management. Be sure not to skip this step!
To complete the configuration, press the “Confirm” button at the bottom-right corner of the page. The setup will apply your configured values and automatically reboot the server upon completion.
Note: Sometimes browsers may fail to refresh or reload automatically. If the UI still displays a loading counter after 5–10 minutes (depending on server specifications), try refreshing the page manually.
After the setup completes and the server reboots, you can access the PAM GUI by entering the server's IP address or hostname (if it’s registered in DNS and resolvable by your system) in your browser:
or
Log in to the Kron PAM with the “admin” username and the password you set during the setup.
After navigating to the URL and logging into the system, you will be directed to the main dashboard of Kron PAM.