Pleasant Password Server

Password Manager is a simple and easy to use password management tool. This password management system is compatible with KeePass (our existing password management system).

Password Manager Installation

In our environment, the application server and the database server were set up in a virtualized environment (VMware).

Server requirements

Here are the
– Application Server with Server Name: xxxx2
– SQL Enterprise Edition Database (VM). Server name: xxxx1
Windows Edition used for both VMs: Windows Server 2016 Standard.

Installation link

The setup can be downloaded from this link. Since we are in an isolated environment, we downloaded and copied it to the server.

http://www.pleasantsolutions.com/passwordserver/download/

Active Directory Role Installed

Internet Information Services (IIS) provides a full management interface to configure network traffic to our website.

Note: We disabled the built-in Password Manager Service that uses the lightweight IIS Express.

  • We chose this option as it allows client certificate authentication.

IIS Configuration

  1. Install the IIS role
  2. Stop and Disable the Pleasant Password Server Service
  3. Install the Web Platform Installer
    – URL Rewrite,
    – IIS Application Initialization and
    – IIS: ASP.Net 4.5
  4. Create a new IIS site
    – set the path to c:\Program File (x86)\Pleasant Solutions\Pleasant Password Server\www
    – Bind the site to type https and
    – the default port was used which is 10001.
  5. Configure the IIS Site
    – Right-click on the IIS website
    – Click on Advanced Settings, General and set Preload Enabled = True

IIS Authentication icon, ASP.NET Impersonation should be set to Disabled.

6. Configure the IIS Pool User (This is the account to be used by the Password Server “Application Pool”).
– Right-click on the Application Pool and
– Select Advanced Option and
– Click on Identity as shown below.

  • Note: Here the service account used for connecting to SQL Server was used in this case.

7. Configure the IIS Application Pool Settings
Same steps followed in steps 6 above should be followed but have the following set to
– Start Mode = AlwaysRunning
– Process Model, Idle Time-out (minutes) = 0
– Process Model, Maximum Worker Process = 0
– Process Model, Load User Profile = 0
– Configure The Application User Permission.
– Finally Start the IIS Server, if necessary have it rebooted and restart IIS.

Create a Database.

This should be set up in parallel or immediately after setting up the Pleasant Server if you wish to use a separate database different from the built-in SQLite.

Server specification:

In order to ensure the requirements to have the database encrypted (TDE encryption) enabled, the following specifications were followed.

  • 4 CPU
  • 16 GB RAM
  • 5 extra hard drives
    – 100 GB System
    – 150 GB TempDB
    – 75 GB TempDBLog
    – 200 GB User Data and
    – 125 GB UserLog

Ensure the key used for the database encryption is saved securely.

Connecting Pleasant Password Server to the database

This service is packaged with the Pleasant Password Server and this allows Administrators to configure various components such as the Database configuration.

Database Connection Configuration.

Start the Service Configuration Utility using the Administrative Privilege, This can be found from the start menu, click on programs and run the Service Configuration using the elevated privilege.

Here is the connection string used based on MS-SQL (Windows Authentication).

Server=xxxx1;Database=PleasantDb;Encrypt=True;Integrated Security=SSPI;TrustServerCertificate=True; 

After successfully connecting to the database and starting or restarting the IIS will automatically create all the tables needed.

License Activation.

This step is pretty easy when the system is connected to the internet. But in our case, the environment is isolated and therefore needs to be activated with the Pleasant Solutions licensing Server.

Offline Activation

To accommodate and have our Pleasant Password Server activated,  we will be utilizing the offline. Here are the following steps we need to follow to realize this.

  • Navigate to the License tab
  • Enter the license key and click on Activate Offline as shown below.

Download the ActivationResult.dat file

  • Transfer this file to the Password Manager server (or device that can connect to the server).
  • Return to the Activation Page on the Password Server
  • Upload the ActivationResult.dat and
  • Finally, click on Submit request to activate your license.

Upon successful activation, Current license status’ etc. will be displayed. Check license Status