It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Access

How to Deploy a CloudGen Access User Directory Connector on Bare Metal / Virtual Machine

  • Last updated on

This article offers the option to either use the install script or use the manual steps listed below. Before you begin, check the prerequisites.

Minimum OS supported versions:

Prerequisites:  

Choose Install Script or the Manual Steps for CentOS or Ubuntu to proceed. For help, see Troubleshooting.

Install Script

  • The steps below will download and execute a script automatically. Barracuda Networks recommends that you inspect the content before execution.

  • The script will install and enable a chrony service for time synchronization. This is required to ensure tokens are validated properly.

  • IMPORTANT : Tokens are valid for approximately 10 days, and updating the token is an automated process; however, it is possible for this process to not complete properly. The result is that the token expires and new users/groups are not synchronized as expected. To avoid this issue, you can manually redeploy the token.

  • Download and execute the installation script:

    sudo bash -c "$(curl -fsSL https://url.access.barracuda.com/connector-linux)"
  • This script can also be used for unattended installations:

    curl -fsSLo install-connector-linux.sh https://url.access.barracuda.com/connector-linux
    
    chmod +x install-connector-linux.sh
    
    ./install-connector-linux.sh -h
    
    Install CloudGen Access User Directory Connector script
    
    Available parameters:
    
     -e - Extra connector environment variables (can be used multiple times)
    
     -h - Show this help
    
     -l string - Loglevel (debug, info, warning, error, critical), defaults to info.
    
     -n - Don't start services after install
    
     -t token - Specify CloudGen Access Connector enrollment token
    
     -u - Unattended install, skip requesting input <optional>
    
     -z - Skip configuring ntp server <optional>

Example for unattended installation with CloudGen Access Connector enrollment token and Azure directory  

 Specify the tokens inside quotes:

./ install-connector-linux.sh -u -t "https://xxxxxxxxxxxx" -e "FYDE_AZURE_AUTH_TOKEN=xxxxxxxx" 

CentOS/RHEL - Manual Steps

  1. Install prerequisites.

    sudo yum -y install yum-utils chrony
  2. Ensure chrony daemon is enabled on system boot and started.

    sudo systemctl enable chronyd
    sudo systemctl start chronyd
  3. Ensure time synchronization is enabled.

    sudo timedatectl set-ntp on
  4. Install yum repository manager and update cURL (necessary in old CentOS 7.0 versions.  

    sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7  
    sudo yum -y install yum-utils curl 
  5. Add CloudGen Access repository.

    sudo yum-config-manager -y --add-repo https://downloads.access.barracuda.com/fyde.repo
  6. Install the CloudGen Access User Directory Connector.

    sudo yum -y install fyde-connector  
    sudo systemctl enable fyde-connector 
  7. Configure environment using a service unit override. Check all the available parameters

    NOTE: Do *not* quote the environment variable values, even if they contain spaces.

    Example:

          Environment='FYDE_LDAP_AUTH_USERNAME=Joe Doe'  – Correct

          Environment='FYDE_LDAP_AUTH_USERNAME="Joe Doe"'  – Incorrect

    1. Okta example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service]  
      Environment='FYDE_ENROLLMENT_TOKEN=https://enterprise.access.barracuda.com/connectors/v1/connectorid1?'  
      Environment='FYDE_OKTA_AUTH_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'  
      Environment='FYDE_OKTA_DOMAINNAME=xxxxxx.okta.com' 
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
    2. LDAP example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service] 
      Environment='FYDE_ENROLLMENT_TOKEN=token'
      Environment='FYDE_LDAP_HOST=hostname' 
      Environment='FYDE_LDAP_PROFILE=ad'
      Environment='FYDE_LDAP_USER_SEARCH_BASE=dc=xyz,dc=com'
      Environment='FYDE_LDAP_GROUP_SEARCH_BASE=dc=xyz,dc=com'
      Environment='FYDE_LDAP_AUTH_METHOD=simple'
      Environment='FYDE_LDAP_AUTH_USERNAME=administrator@xyz.com'
      Environment='FYDE_LDAP_AUTH_PASSWORD=*****'
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
    3. Microsoft Entra ID example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service] 
      Environment='FYDE_ENROLLMENT_TOKEN=token'
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
    4. Google example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service] 
      Environment='FYDE_ENROLLMENT_TOKEN=token'
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
  8. Reload and start the CloudGen Access User Directory Connector.

    sudo systemctl --system daemon-reload  
    sudo systemctl start fyde-connector 

Upgrading CloudGen Access User Directory Connector   

To upgrade your Barracuda CloudGen Access User Directory Connector to the latest version, execute the following command:

sudo yum upgrade fyde-connector 

Debian / Ubuntu - Manual Steps

  1. Ensure time synchronization is enabled.

    sudo timedatectl set-ntp on
  2. Add CloudGen Access repository.

    REPO_URL="downloads.access.barracuda.com"
    wget -q -O - "https://$REPO_URL/fyde-public-key.asc" | sudo apt-key add -
    sudo bash -c "cat > /etc/apt/sources.list.d/fyde.list <<EOF
    deb https://$REPO_URL/apt stable main
    EOF"
    sudo apt update
  3. Install CloudGen Access User Directory Connector:

    sudo apt install fyde-connector 
    sudo systemctl enable fyde-connector 
  4. Configure environment using a service unit override. Check all of the available parameters.

    1. Okta example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service]  
      Environment='FYDE_ENROLLMENT_TOKEN=https://enterprise.access.barracuda.com/connectors/v1/connectorid1?'  
      Environment='FYDE_OKTA_AUTH_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'  
      Environment='FYDE_OKTA_DOMAINNAME=xxxxxx.okta.com' 
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
    2. LDAP example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service] 
      Environment='FYDE_ENROLLMENT_TOKEN=token'
      Environment='FYDE_LDAP_HOST=hostname' 
      Environment='FYDE_LDAP_PROFILE=ad'
      Environment='FYDE_LDAP_USER_SEARCH_BASE=dc=xyz,dc=com'
      Environment='FYDE_LDAP_GROUP_SEARCH_BASE=dc=xyz,dc=com'
      Environment='FYDE_LDAP_AUTH_METHOD=simple'
      Environment='FYDE_LDAP_AUTH_USERNAME=administrator@xyz.com'
      Environment='FYDE_LDAP_AUTH_PASSWORD=*****'
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
    3. Microsoft Entra ID example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service] 
      Environment='FYDE_ENROLLMENT_TOKEN=token'
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf 
    4. Google example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
      sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
      [Service] 
      Environment='FYDE_ENROLLMENT_TOKEN=token'
      EOF" 
      sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf Okta example:
  5. Reload and start Barracuda CloudGen Access User Directory Connector. 

    sudo systemctl --system daemon-reload 
    sudo systemctl start fyde-connector 

Troubleshooting

Check the Barracuda CloudGen Access User Directory Connector logs:

sudo journalctl -u fyde-connector -f