Running OnGuard Cardholder Self Service from a Unique Server

Running OnGuard Cardholder Self Service From a Unique Server

Procedure Steps

Perform the following steps if you want to run OnGuard Cardholder Self Service from a server (referred to as “Server 2” in the following steps) other than the server already running OnGuard and OpenAccess (referred to as “Server 1” in the following steps):

  1. Begin the process of installing OnGuard on Server 2.
  2. De-select all applications listed in the installation other than OpenAccess, then complete the installation as usual.
  3. On Server 2, download OnGuard Cardholder Self Service.
  4. On Server 2, install OnGuard Cardholder Self Service. When prompted for an OpenAccess account, use the OpenAccess account on Server 1.
  5. After the initial setup on Server 2, use the command regedit to open the registry editor. 
  6. Under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services, select LS Cardholder Self Service
  7. Right-click on DependOnService and choose Modify.
  8. Delete the LS OpenAccess service from the list of dependencies. Restart Server 2.
  9. Go to \Program Files (x86)\OnGuard\CSS\api\config\default.json. Change the OPEN_ACCESS_API_BASE_URL value to the Server 1 URL. Save the default.json file.
  10. Stop all OnGuard services running on Server 2. 
  11. Start LS Cardholder Self Service and LS Web Service. Ensure that the LS OpenAccess Service did not start when LS Cardholder Self Service was restarted.
  12. Open a web browser and go to https://Server2_name:8080/css to verify correct operation. Enter the credentials of the directory account created on Server 1. The login should succeed.

Note: For cardholders to use Cardholder Self Service, some administrative actions must be performed using CSS Administration. This application is installed as part of the Cardholder Self Service installation, but in order for it to be usable from Server 2, additional steps are needed:

  1. On Server 2, open the NGINX  OpenAccess configuration file located at C:\ProgramData\Lnl\nginx\conf\modules\openaccess.conf.
  2. Modify the fastcgi_pass and proxy_pass locations so that they point to Server 1.
    Note: If creating a duplicate of the original openaccess.conf file, modify the original file's type to something like .confxx.
  3. Stop all running OnGuard services on Server 2.
  4. Restart the LS Web Service on Server 2.
  5. Open a web browser and go to https://Server 2_name:8080. Ensure that all web modules function normally.

 When this configuration is complete, the administrator will access the CSS Administration application by going to https://Server2_name:8080 and clicking the CSS Administration console card. If the other web applications are hosted on Server 1, the administrator will continue using https://Server1_name:8080 to access them.


Applies To

OnGuard 7.5 and laterOnGuard Cardholder Self Service (all versions)  

Additional Information

Copyright © 2023 Carrier. All rights reserved.