StifleR Dashboard Installation

Prerequisites

Microsoft .NET 4.8
Installation account must have Administrator rights
Install the Internet Information Services (IIS) role on the server:
The minimum IIS role and features required can be installed by using the following PowerShell command:
```
Install-WindowsFeature -Name Web-Server, Web-Windows-Auth -IncludeManagementTools
```

Installation

From an Elevated Command prompt launch StifleR.Dashboard.Installer64.msi.

At the "Welcome" screen, feel welcomed, and then click Next.

At the "End-User License Agreement" screen, once you have reviewed the EULA, check the box: I accept the terms in the License Agreement, and then click Next.

At the "Select Operation Mode and Parameters" screen, verify the URLs for the dashboard to connect to the StifleR server and dashboard web service. By default, the port number for the StifleR service is 1414. If during the StifleR Server installation, a different port was used, modify the URL accordingly. Once complete, click Next to continue.

At the "Dashboard Website Configuration" screen, select the desired IIS web site to install the dashboard. Using a Custom Web Site and Application Pool If desired, you can configure the dashboard to use a web site and application pool other than the default. If so, a web site and application pool must be created in advance. Once the custom web site is created, select the custom web site in the drop down. If using a custom application pool, check the box: Use a custom app pool instead of the web site default. Once complete, click Next to continue.

At the "Destination Folder" screen, enter the path in which the Dashboard program files should be installed and then click Next.

At the "Ready to install..." screen, click Install to begin the installation.

At the At the "Completed" screen, the installation wizard is complete. Click Finish and enjoy a nice cup of coffee, you’ve earned it.

Post Installation

Post StifleR Dashboards Installation - IIS Configuration

As access to the StifleR dashboards is limited by Windows Group membership there is a requirement to make some security configuration changes on the StifleR Dashboards website within IIS. Specifically, we need to remove Anonymous access, and configure Windows Authentication. Within the Windows Authentication configuration: for a non-domain joined server, the only auth provider configured is NTLM; for a domain-joined server, the only auth provider configured is Negotiate:Kerberos.

You can set this manually within IIS Manager under Sites - Default Web Site - StifleRDashboard - Authentication, but the easiest way is to run the following PowerShell snippet:

#--------------------------------
#Configure IIS for Authentication
#--------------------------------
$partofdomain = (Get-CimInstance win32_computersystem).PartOfDomain
$siteName = "Default Web Site/StifleRDashboard"

Write-Host "Removing Anonymous Authentication from website."
Set-WebConfigurationProperty -filter /system.webServer/security/authentication/AnonymousAuthentication -name enabled -value false -PSPath IIS:\ -location $siteName

Write-Host "Configuring IIS for Windows Authentication."
Set-WebConfigurationProperty -filter /system.webServer/security/authentication/WindowsAuthentication -name enabled -value True -PSPath IIS:\ -location $siteName

Write-Host "Configuring Windows Auth Providers"
#First we remove all providers, disable Kernel-mode authentication, then re-add single authentication provider.
Get-WebConfigurationProperty -Filter system.webServer/security/authentication/WindowsAuthentication `
 -Location $siteName -Name providers.Collection | Select-Object -ExpandProperty Value | ForEach-Object {Remove-WebConfigurationProperty -Filter system.webServer/security/authentication/WindowsAuthentication -Location $SiteName -Name providers.Collection -AtElement @{value=$_}}

$winKernel = (Get-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location $siteName -filter /system.WebServer/security/authentication/windowsAuthentication -name "useKernelMode").Value
if ($winKernel -eq $True){
Write-Host "Disabling Kernel-mode authentication."
Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST' -location $siteName -filter /system.WebServer/security/authentication/windowsAuthentication -name "useKernelMode" -value false
}

#If StifleR is running on a domain joined server, auth provider is configured to Negotiate:Kerberos.
if ($partofdomain -eq $true){
Write-Host "Server is domain joined. Configuring Negotiate:Kerberos as authentication provider."
Add-WebConfigurationProperty -Filter system.webServer/security/authentication/WindowsAuthentication `
 -Location $siteName -Name providers.Collection -AtIndex 0 -Value "Negotiate:Kerberos"
}
#If StifleR is running on a domain joined server, auth provider is configured to NTLM
if ($partofdomain -eq $false){
Write-Host "Server is not member of a domain. Configuring NTLM as authentication provider."
Add-WebConfigurationProperty -Filter system.webServer/security/authentication/WindowsAuthentication `
 -Location $siteName -Name providers.Collection -AtIndex 0 -Value "NTLM"
}

Note: It is recommended that the URL of the StifleR Dashboard is added to the Trusted Sites zone in Internet Options. The StifleR Dashboard URL should be something like the example below:

Ex: http(s)://servername.domain.com/Stiflerdashboard

Note: If implementing SSL security for the StifleR Dashboard, you will have to assign a certificate to the Default Website. See this link for more information.

Testing the Dashboard Website

Navigate to the StifleR Dashboard website by visiting the URL defined during the setup wizard. By default this would be: http(s)://servername.domain.com/Stiflerdashboard

PreviousStifleR Server Installation NextStifleR Beacon Installation

Last updated 1 month ago