Upload
derrick-foster
View
225
Download
1
Embed Size (px)
Citation preview
Installing Security Broker (IA) client
• Pre-Requisites
• Installation
• Testing
• Uninstalling
• Upgrading
Pre-Requisites before installation
Network Connectivity Check spine authentication page
https://gas.national.ncrs.nhs.uk/login/authactivate
telnet nww.ebs.ncrs.nhs.uk 443 Firewall ports opened – http / https Bypassing proxy servers recommended
IA compliant PC
Compliant PC
Windows 98 SEMinimum Platform Requirement
Processor 266Mhz
RAM 128Mb
Browser Version Internet Explorer 6.0 (SP1)
Smartcard Device See following section
Windows Service Pack n/a
Compliant PC
Windows NT 4Minimum Platform Requirement
Processor 266Mhz
RAM 128Mb
Browser Version Internet Explorer 6.0 (SP1)
Smartcard Device See following section
Windows Service Pack SP6
Compliant PC
Windows 2000 Minimum Platform Requirement
Processor 500Mhz
RAM 256Mb
Browser Version Internet Explorer 6.0 (SP1)
Smartcard Device See following section
Windows Service Pack SP4
Compliant PC
Windows XP Professional Minimum Platform Requirement
Processor 500Mhz
RAM 256Mb
Browser Version Internet Explorer 6.0 (SP1)
Smartcard Device See following section
Windows Service Pack SP1
Compliant PC
Integrated client (e.g. Emis) may require higher CPU and memory specifications
Anti-Virus and Anti-Spyware software recommended
A Smart card reader, either USB or serial (winNT), with appropriate drivers
Compliant Smart Card Readers Gemplus PC Twin Reader Gemplus GemPC 430 Reader (does not work on NT 4) Omnikey 3121 USB Reader Dell keyboard integrated smart card readers SCM card readers HP keyboard integrated card reader Fujitsu keyboard integrated card reader
Compliant PC
Adobe Acrobat Reader 5 as minimum An account with permissions to install software
and edit the registry (local administrator)
New Client x Old Client
The new version of the IA client (V7_8_0) can be used for all new installations but is not a required upgrade as the previous version (V7_1_0) continues to be supported
The newer version has some performance and stability improvements and contains an NHS disclaimer. If upgrading the old version must be uninstalled first
Summary Installation Process Flow Ensure all Internet Explorer 6 SP1 cumulative
update patches and fixes have been installed Connect standalone smartcard reader (or USB
Keyboard with built-in Smartcard reader) and install drivers
IA installation pack downloaded from http://nww.connectingforhealth.nhs.uk/implementation/deployment/downloads. Unzip to a temporary location and run “iainstaller_1_0.exe”
Run the appropriate auto-installer from C:\iainstaller\install
Continued
Summary Installation Process Flow
Add Trusted sites fix and create a CaB desktop icon Remove role profile screen if required Copy CaB files to Java folder if multiple Java versions installed Reboot Test access
Install Summary Uninstall previous client IE 6 SP1 patches and fixes have been installed Connect smartcard reader-Install drivers Download install pack, run “iainstaller_1_0.exe” Run auto-installer from C:\iainstaller\install Add Trusted sites fix Create a CaB desktop icon Remove role profile screen if required Copy CaB files to Java folder if multiple Java versions
installed Reboot Test access
Connect the USB card reader install drivers
Drivers for the GemPlus Twin card reader are installed as part of the IA installation pack. Other card readers including the Omnikey 3121 require additional drivers to be installed
Drivers for the Omnikey 3121 are contained within the IA installation pack but must be installed separately
Install Detail
Install the IA Client Software
Check that all previous components of the IA are removed from the system Extract the software to a suitable temporary location and then run the file
iainstaller_1_0.exe The IA Auto Installer will propose a location to extract to dependant on its
location. It is imperative that this location is changed to C:\iainstaller
Install Detail
From c:\iainstaller\install, run the appropriate IA Auto
Installer file dependant on the operating system.
NOTE: It is vital to ensure that the installation is run from this shortcut as the
shortcut contains parameters to ensure the program installs correctly.
Install DetailRun the Installer software
Install IE Trusted Sites Fix
Both the old and new IA Installer only adds trusted sites to the HK_CURRENT_USER hive. As a result, only the account logged on during installation has the required trusted sites added
Install Detail
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nhs.uk" /freg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nhs.uk\nww.ebs.ncrs" /freg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nhs.uk\portal.national.ncrs" /freg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nhs.uk\nww.ebs.ncrs" /v https /t REG_DWORD /D 2 /freg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nhs.uk\portal.national.ncrs" /v https /t REG_DWORD /D 2 /f
Adding CaB Shortcut Icon
Create a new desktop shortcut to the CaB website:- https://nww.ebs.ncrs.nhs.uk
Copy this shortcut to :- “c:\Documents and Settings\All Users\Desktop” – OS dependent
Install Detail
Remove role profile screen (old client)
Run C:\Program Files\Syntegra\Device Identification
Logger\tktmoncfg.exe. Remove last 4 lines of code.
Install Detail
Disabling Java Automatic Updates
Run “JVM Settings.reg” in the C:\iainstaller\JVM directory if Java still auto updating after installation
JVM Settings.reg
Install Detail
Multiple Java Installations
Copy “c:\Program Files\gemplus\gac\GATicket.jar” to
“c:\Program Files\Java\Java_folder\lib\applet” folder
Copy “c:\Program Files\gemplus\gac\TicketApiDll.dll” to “c:\Program Files\Java\Java_folder\lib\ext\x86” folder
Copy “c:\iainstaller\JVM\java.policy” to
“c:\Program Files\Java\Java_folder\lib\security” folder
Install Detail
Uninstalling the IA client software
• Run the IA Uninstaller shortcut in the c:\iainstaller\install directory. You should answer NO to any request to reboot the PC until the process complete confirmation box
• End the tktmon.exe process from task manager (old client)
• Check control panel to ensure all IA components have been removed
• Remove installation directories
continued
Uninstalling the IA client Software Device Identification Logger Gem Authenticate Client V.3.9.1 GemPlus Smart Card Reader Tools GemSafe Libraries 3.1 Java 2 Runtime Environment ,SE V 1.4.2_04 Remove C:\Program Files\Syntegra folder Remove C:\Program Files\Gemplus folder Remove C:\TicketAPI folder Remove C:\Program Files\Java\j2re1.4.2_04 folder
Upgrading the IA Software
• Delete the old c:\iainstaller directory• Extract the new IA installation software to c:\iainstaller• Run the Remove Old IA shortcut in the c:\iainstaller\install directory• Check the control panel to ensure all old IA components have been removed• Run the appropriate IA Auto Installer file from the c:\iainstaller\install directory
Further Information
This document is provided as a supplement to IG B 0103_21 Installation and Configuration Guide - Security Broker (IA) Client and the Choose and Book Install Reference v3.0 Document which is on the Implementation website – http://nww.connectingforhealth.nhs.uk/implementation/deployment/downloads