Zum Inhalt springen
EBF Documentation

EBF product documentation

Find help using and administering EBF applications

EBF MIDA

  • Release Notes
  • 01. Getting Started
  • 02. Initial Setup
  • 03. MIDA Overview
  • 04. Apps
  • 05. Policies
  • 06. iBooks
  • 07. App lists
  • 08. Compliance Actions
  • 09. Audit Logs
  • 10. ENS Events
  • 11. MIDA Installation Guide
  • 12. MIDA Configuration Parameter
  • 13. Import & Sync Workers
  • 14. About the Event Notification Service (ENS)
  • 15. Troubleshooting
  • 16. Browser Support
  • 17. Contact
View Categories
  • Home
  • Homepage
  • EBF MIDA

11. MIDA Installation Guide

5 min read

This document describes the process of installing, configuring and running a MIDA service, on-premise, delivered as an RPM package.

RPM Package

The MIDA RPM package can be installed using the regular linux installation tools.

Dependencies

The RPM package declares the following dependencies:

  • java 8
  • systemd
  • rsyslog

Before installing the MIDA RPM these packages need to be available on the host machine.

The RPM package requires Java 8 to be installed.

 

Mida Configuration file

After the RPM package is installed, a mida configuration file template can be found at the following location:

/etc/sysconfig/mida

This file allows the server administrator to set up the following properties of the MIDA service:

  • Database connection
  • Authentication parameters
  • Temporary file storage folder
  • Super admin user credentials
  • SMTP server connection
  • Background worker scheduling
  • Background worker thread pool size

Important:

  • All MIDA VMs should have identical config files.
  • Every line in the mida config file needs to end with a \. Otherwise MIDA will fail to start

Configuring the database connection (Required)

The database connection is configured through the following properties:

Property name MSSQL Server 2012 Example MySQL Example Description
spring.datasource.driverClassName com.microsoft.sqlserver.jdbc.SQLServerDriver com.mysql.jdbc.Driver dbc driver class name
spring.datasource.url jdbc:sqlserver://127.0.0.1/mida_db jdbc:mysql://127.0.0.1:3306/mida connection url
spring.datasource.username example_user example_user username
spring.datasource.password example_password example_password password
spring.jpa.database-platform org.hibernate.dialect.SQLServer2012Dialect org.hibernate.dialect.MySQLDialect sql dialect to use

The database parameters are different for different database servers.

New installations note:

If you setup a new system or use a fresh database, you need to create the following table before starting MIDA the first time:

create table miniosversion (id varchar(255), created varchar(255), last_updated varchar(255), data_snapshot varchar(255), last_lookup varchar(255), external_policy_id varchar(255), failure_reason varchar(255), status varchar(255), label_id varchar(255), policy_sync_config_id varchar(255))

This table will be removed/renamed with the first start of MIDA.

 

Configuring authentication (Required)

In the MIDA config file, a secret has to be configured for signing the tokens that MIDA issues to logged in users.

The secret is configured using the following property:

token.secret

The secret string must be at least 256 bits long.

 

Configuring the folder for temp file storage

A folder into which MIDA will store temporary files for uploadv (App icons) purposes is configured through the following property:

spring.http.multipart.location

Example value:

/tmp

 

Configuring the super admin user

The MIDA Super admin user is a user that has all permissions on the system over all tenants and has the catch-all label.

For a production system, these settings should be changed using the following parameters:

Parameter name Description
mida.superAdmin.username super admin username
mida.superAdmin.password *bcrypt password hash with number of rounds set to 10
mida.superAdmin.labelName super admin label, usually All-Smartphones

User passwords in MIDA are not stored as plain text, but as bcrypt hashes for security reasons. Therefore the password property needs to be configured as a bcrypt hash of the desired plaintext password. This can be accomplished by using many online tools.
Example: https://www.browserling.com/tools/bcrypt
The number of rounds should be set to 10.

 

Configuring the SMTP connection

In order to set up an SMTP connection the following properties can be used:

Parameter name Description
mail.protocol mail server protocol
mail.host mail server host
mail.port mail server port
mail.smtpAuth should smtp auth be used true or false
mail.smtpStarttlse should Starttlse be used true or fales
mail.from the sender email address
mail.username mail server username
mail.password mail server password

Advanced configurations

Changing the background compliance check intervals

MIDA has two compliance check tasks running all the time in the background.

They are called: AppHound and AppPoliceman.

By default the AppHound runs every minute and the AppPoliceman every 5 seconds.

These intervals can be changed by setting the following properties to a desired amount of milliseconds:

mida.compliance.worker.hound.interval

mida.compliance.worker.policeman.interval

 

Changing the thread pool size and capacity for manual compliance checks

MIDA allows the admins to manually perform compliance checks for MIDA app lists, by triggering the Check Compliance action in the device action menu.

This will in turn trigger a background compliance check for the selected devices.

The MIDA server administrator can fine tune the thread pools for these checks for prime performance by using these parameters:

Parameter name Description | Default | Recommended Value for optimal performance:

  • compliance.manual.minPoolSize min number of threads for the manual compliance checks | 1 | 1
  • compliance.manual.maxPoolSize max number of threads for the manual compliance checks | 1 | 100
  • compliance.manual.queueCapacity define how many requests should be queued until a new thread is created | unlimited | 10

 

Configuring the logging

By default, the MIDA logs will end up in the following folder on the VM:

/var/log/mida

If MIDA fails to start, please perform the following steps:

sudo mkdir /var/log/mida
sudo chmod 0775 /var/log/mida
sudo chown mida:mida /var/log/mida

This should be changed for production servers and reconfigured by changing the hostname and parameter inside the:

/etc/mida/logback-spring.xml

 

Java Configurations

The MIDA service process can be configured with all regular java options as it is a java process.

It is recommended to assign 50% of the system’s available memory as the maximum value for MIDA’s java process heap.

Example:

System has 4gb RAM, then the recommended max heap size setting would be Xmx2gb.

 

Managing the MIDA Service

The MIDA service is managed like any other linux service, using the systemctl start|stop|restart commands.

Examples:

systemctl start mida.service

systemctl stop mida.service

systemctl restart mida.service

 

 

Was this article useful?
Still stuck? How can we help?

How can we help?

Updated on 3. Februar 2022
10. ENS Events12. MIDA Configuration Parameter
Navigate through page
  • Dependencies
    • Mida Configuration file
    • Configuring the database connection (Required)
    • Configuring authentication (Required)
    • Configuring the folder for temp file storage
    • Configuring the super admin user
    • Configuring the SMTP connection
  • Advanced configurations
    • Changing the thread pool size and capacity for manual compliance checks
    • Configuring the logging
    • Java Configurations
  • Managing the MIDA Service
Subscribe for EBF Newsletter
©2020 EBF-EDV Beratung Föllmer GmbH, All Rights Reserved
Imprint Terms and Conditions Privacy Statement Contact
Facebook-square Twitter-square Linkedin Xing-square Instagram
EBF Status Check