Skip to main content

Atria System Prerequisites

Overview

This guide outlines the essential prerequisites for installing Atria, including system requirements, network configurations, and recommended components. Proper preparation ensures a successful deployment and smooth operation of the Atria platform. Follow these guidelines to configure your environment, set up key infrastructure components, and secure necessary permissions before installation.

Atria Servers

Active Directory Schema Prep

Core servers for the platform should be domain joined. Before you can deploy Atria the Active Directory schema must be extended to include the standard Exchange attributes. This is required to prepare the environment for multi-tenancy and is mandatory even if you do not intend to deploy Exchange.

Extending the Active Directory schema ensures that essential attributes required for multi-tenancy and service integration, such as those used by Exchange, are available within the directory. This process allows the platform to function properly by enabling key features like user provisioning, email service configuration, and attribute synchronization. Skipping this step can cause critical failures in user provisioning, incomplete attribute assignments, and service integration issues.

To extend the Active Directory Schema, follow this guide: Extend Active Directory Schema with Exchange Attributes.

The guide will have you download the Microsoft Exchange Installation Media and run the following commands from a Windows Command Prompt:

> <Virtual DVD drive letter>:\Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareSchema
> <Virtual DVD drive letter>:\Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareAD /OrganizationName:”Your Organization”

Core Components

  • Provisioning Server: Hosts core services like Atria Config Service, Directory Web Service, Provisioning Engine, RabbitMQ, and Platform API. It acts as the main coordinator for provisioning tasks, connecting the Web Server and the Database Server.

  • Database Server: Manages the Atria SQL database and reporting functions, storing configuration data, logs, and provisioning records. It supports all service components that require persistent data storage.

  • Web Server: Provides the user interface and API endpoints for interacting with the platform. It processes incoming HTTP/HTTPS requests from users and administrators while facilitating secure communication with the Provisioning Server.

The minimum recommended specifications for the core components are as follows:

# of ServerServervCPUsRAMCore Component Services
1Provisioning Server48 GBAtria Config Service, Directory Web Service, Provisioning Engine, RabbitMQ, Agent, Platform API
1Database Server48 GBAtria Database, Atria Reporting
1Web Server48 GBAtria Web

Network Architecture

Network Architecture

This diagram illustrates the communication flow between core components, including the Web Server, Provisioning Server, and Database Server. Each connection is labeled with its corresponding TCP port and protocol for clarity.

  • Solid Lines: Mandatory connections required for core services.
  • Arrows: Indicate data flow direction between components.
  • Dashed Lines: Indicate separate environments.

Windows OS Version

While Windows Server 2022 is recommended for optimal performance and feature support, Windows Server 2019 or earlier is still supported with the following considerations:

  • Feature Limitations: Certain features, such as advanced security options, Windows Admin Center integration, and enhanced virtual machine support, are limited in Windows Server 2019.
  • Manual Configurations: Older Windows Server versions may require manual installation of services like .NET Framework 4.8 and updated PowerShell modules.
  • Compatibility Notes: Ensure compatibility with third-party software versions, including SQL Server, Exchange, and Active Directory services.

Database - SQL

  • Minimum recommended version of Microsoft SQL Server is 2016.

  • Include SQL Tools such as SQL Management Studio and SQL Profiler.

  • Configure for Mixed Mode Authentication:

    • Open SQL Server Management Studio (SSMS).
    • Right-click the server instance and select Properties.
    • Navigate to the Security page.
    • Under Server Authentication, select SQL Server and Windows Authentication Mode.
    • Click OK, then restart the SQL Server service.
  • Check SQL configuration for TCP/IP properties are enabled correctly:

    • Open SQL Server Configuration Manager.
    • Expand SQL Server Network Configuration.
    • Select Protocols for [Your Server Instance].
    • Right-click TCP/IP and choose Enable.
    • Double-click TCP/IP, navigate to the IP Addresses tab, and ensure the appropriate IP addresses are enabled.
    • Restart the SQL Server service.
  • Grant a Windows-authenticated user access to SQL Server Instance:

Step 1: Open SQL Server Management Studio (SSMS)

  1. Launch SQL Server Management Studio (SSMS).
  2. Connect to the SQL Server instance using a domain administrator.

Step 2: Add the User as a Login

  1. In Object Explorer, expand the Security node.
  2. Right-click Logins and select New Login.
  3. In the Login - New window:
  • Select Windows authentication.
  • Click Search and enter the user’s Windows account (e.g., DOMAIN\Username).
  • Click Check Names to verify the account.
  • Click OK.

Step 3: Grant Database Access

  1. Expand Databases and locate the target database.
  2. Expand Security > Users.
  3. Right-click Users and select New User.
  4. In the Database User - New window:
  • Enter the same Windows username.
  • Choose db_owner, db_datareader, db_datawriter, or other roles as needed.
  1. Click OK.

Windows Domain Administrator Account

A Domain Administrator account is used to run the entire Atria deployment process.

Optional - Credential/Token Storage

Atria needs access to privileged credentials, tokens and secrets in order to integrate with and perform provisioning tasks. These are stored encrypted within the Atria system. By default data will be encrypted and stored in the SQL database.

If you wish to store secrets in Azure KeyVault. An Azure KeyVault should be available at the time of installation, and an account with full access over this KeyVault. You will also need the ability to create azure applications when installing the Atria Platform.

Creating the KeyVault and Application can be done ahead of time.

Firewall and Network Requirements

The following outlines the required network protocols, ports, and their purposes for communication between Atria components. Ensure that all of these communications are possible before proceeding. 

SourceDestinationPort DirectionProtocolPortPurpose
Provisioning ServerSQL ServerOutboundTCP1433Default SQL Server communication (use custom port if specified).
Provisioning ServerWeb ServicesOutboundTCP8095Communication with services like Exchange and SharePoint.
Provisioning ServerSMTP RelayOutboundTCP25Email delivery for system-generated emails.
Provisioning ServerRabbitMQInboundTCP5671, 5672RabbitMQ communication (HTTPS and HTTPS).
Provisioning ServerRabbitMQ ManagementInboundTCP15671, 15672RabbitMQ management communication (HTTP and HTTPS).
info

If planning to setup AtriaWeb in a de-militarized network zone (DMZ), make sure that the firewall rules allow (HTTP/HTTPS). The installer will need to communicate with the AtriaConfigService to retrieve encryption keys. Make sure to also open traffic from AtriaWeb to AtriaSQL via SQL ports.

Enable WebSockets on Network Firewall/LoadBalancer

The Atria UI utilizes websockets. if firewalls or loadbalancers are not correctly configured to allow Websockets this will cause some pages within Atria to appear blank/empty.

Configuration to allow websockets will be dependent on the firewall in use.

For example: If using WebProxy to publish your Atria site the configuration looks like this:

img

Prerequisite software for Atria deployment

For each server that will have core components or web services installed, the below prerequisite items must be installed.

The database installation should be run from the Provisioning Server, so prerequisite items are not required on the SQL Server.

  1. Powershell 5.1 (If you are running Windows Server 2022 or later, this is installed by default)

  2. .NET Framework 4.8

    info

    Please check if Powershell and .NET server versions are both supported by your services (i.e. Exchange, Virtual Apps & Desktops, etc.) If not, then the latest CU or software version of your services needs to be implemented.

  3. Add **Host (A) **DNS Records below to be set to the Provisioning Server IP address

    1. AtriaConfigService
    2. AtriaHTTPTunnel
    3. AtriaPlatformAPI
  4. Add CNAME DNS records

    1. AtriaSQL (Alias for the SQL Server)
    2. AtriaWeb (Alias for the Web Server)
  5. Create a Domain Admin account that will be used for execution of the Atria installation.

Request Access Token and DeploymentID

To access the Atria Installer platform, you'll need a valid Access Token. To obtain a token please log a support ticket with the Atria Support team. You can contact support via the support portal: Atria Help Center or email support@getatria.com.

In addition to the Access Token, we will provide you with a Deployment Identifier DeploymentID that is needed during the Install/Upgrade to Register your Atria deployment.