Maverics set up
Install an orchestrator
Install on Windows Server

Install on Windows Server

This topic covers how to install the orchestrator on Windows Server. This installation is for production or development QA environments only. For information on how to install an evaluation bundle, see Evaluation environment configuration.

Server Requirements

Before you start, please note that you can run your orchestrator instance on the server of your choice, whether on-premises or in a public cloud infrastructure provider such as Azure, AWS, or GCP.

  • Operating System:
    • Windows: Windows Server 2016, 2019, or 2022
  • Disk: 10GB (minimum)
  • Memory: 8GB (minimum)
  • Typical ports required: 22 (SSH/SCP), 3389 (Windows Remote Desktop), 443, 80
  • Network egress from the orchestrator host to your chosen cloud identity system

Prerequisites

  • Configure your shared storage provider from Environments. From the sidebar, go to Environments and click the name of your orchestrator environment.
  • Download the latest Maverics MSI package from your environment details page. On the environment details page, click Windows under Orchestrator Evaluation Bundle. The maverics-orchestrator.msi file will download to your machine.
  • Download the environment’s public key file (.pem) from the environment page.
  • Copy the MSI and public key file to your Windows machine/workstation that will deploy Orchestrator to the target environment.

Installation

Strata recommends configuring your installation with Maverics Cloud. To install your orchestrator:

  1. Double-click the maverics-orchestrator.msi file.
  2. Click Next.
  3. Click the checkbox to accept the End-User License Agreement, and click Next.
  4. Navigate to a preferred destination folder, or click Next to use the default location.
  5. To select the default local Maverics config file, click Default. If you’d like to save the config file to another directory, click Change and navigate to the preferred directory. Then click Next.
  6. For Configuration Type, select Maverics Cloud.
  7. Add a secret provider URL. (Optional) Click Next.
  8. Under Remote configuration provider: Select the cloud storage provider. A sample configuration will appear in the text box below. You will need to replace some of the values, such as tokens or bucket name. Click the link to the documentation in the window for more information.
  9. In the Polling interval seconds, set the time in seconds for the orchestrator to poll the cloud for new configuration. The default is 30 seconds. Click Next.
  10. Under Bundle public key file destination, navigate to where you stored the public key file. You can download the public key from Maverics on the Environment details page, under Resources.
  11. Click Next.
  12. Enter the IP address of the HTTP server the orchestrator will listen on, and include the port without the colon. Strata recommends 8443. Note: If you are deploying your orchestrator as an LDAP server, you do not need to set the IP address and port. For more details, see LDAP provider.
  13. For Find Certificate By, select from the following:
    1. No TLS certificate (Default): This option does not require a TLS certificate and should be used with caution.
    2. TLS subject: For more information, see TLS: Windows Certificate Store
    3. TLS thumbprint: For more information, see TLS: Windows Certificate Store
  14. Click Next.
  15. Click Install. The orchestrator will then complete the installation and start the service.
  16. Click Finish to end the installation process.

The Maverics service starts automatically with a delayed auto start. This means the Maverics service will not start until all the other auto-start services have started. Note that the Startup Type value of the Maverics service will be reset back to Automatic (Delayed Start) on the next reinstall or upgrade if it has been manually changed.

Installation using a local file

If you prefer to manage the orchestrator configuration from a local file, you will select a maverics.yaml file as part of the installation.

  1. Double-click the maverics-orchestrator.msi file.
  2. Click Next.
  3. Click the checkbox to accept the End-User License Agreement, and click Next.
  4. Navigate to a preferred destination folder, or click Next to use the default location.
  5. For Configuration Type, select Local Config File.
  6. Add a secret provider URL. (Optional) Click Next.
  7. On the next window, navigate to the local .yaml configuration file. Click Next.
  8. Click Install. The orchestrator will then complete the installation and start the service.
  9. Click Finish to end the installation process.

Installation using a local bundle file

If you prefer to manage the orchestrator configuration from a local bundle file obtained from the Maverics UI, you will select a maverics.tar.gz file as part of the installation.

  1. Double-click the maverics-orchestrator.msi file.
  2. Click Next.
  3. Click the checkbox to accept the End-User License Agreement, and click Next.
  4. Navigate to a preferred destination folder, or click Next to use the default location.
  5. For Configuration Type, select Local Bundle File.
  6. Add a secret provider URL. (Optional) Click Next.
  7. On the next window, navigate to the maverics.tar.gz configuration file. Click Next.
  8. Provide a public key file to verify the Maverics configuration. You can download the public key from Maverics on the Environment details page, under Resources. Click Change to select the file, then click Next.
  9. Click Install. The orchestrator will then complete the installation and start the service.
  10. Click Finish to end the installation process.

Viewing logs after installation

To verify that the orchestrator is running and pulling the correct configuration, you can view the logs.

To view orchestrator logs, go to the Start menu and search for Event Viewer. In Event Viewer, go to Windows Logs > Applications. Orchestrator events are listed in items displaying Maverics as the source. These logs may be helpful in troubleshooting any issues.

Starting and re-starting the Service

On startup, the Maverics service starts automatically with a delayed auto start. This means the Maverics service will not start until all the other auto-start services have started. Note that the Startup Type value of the Maverics service will be reset back to Automatic (Delayed Start) on the next reinstall or upgrade if it has been manually changed.

Updating the orchestrator from an earlier orchestrator MSI

If you are running an older version of Orchestrator on Windows, you can upgrade to the latest version seamlessly. The MSI installer will preserve any existing system environment variables and migrate them to the Windows Registry.

Obtain the latest Maverics MSI package and transfer the file to the target server.

As Administrator, double-click the MSI file (or right-click and choose “Install”). The maverics.exe binary will be installed in the C:\Program Files\Strata Identity\Maverics install directory, replacing the previous version.

The Maverics service must be restarted manually or with a reboot.

Uninstall

There are two ways to uninstall Maverics. To uninstall Maverics but preserve your settings:

  1. In Windows Settings or the Search field, find and select Add or Remove Programs.
  2. Under Apps & features, search for Maverics Orchestrator.
  3. Click Maverics and choose “Uninstall.” The installer will not automatically delete the install directory if the maverics.lic and maverics.yaml file are there. This can be done manually by deleting the empty directories.

Or, to perform a complete uninstall:

  1. In Windows Settings or the Search field, find and select Add or Remove Programs.
  2. Under Apps & features, search for Maverics Orchestrator.
  3. Click Maverics and choose Modify.
  4. Make additional selections to remove all orchestrator settings from the registry, as well as all files and folders. Based on your selection, all files, folders, and configuration in the registry will be removed.
Install on Mac OS