It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda CloudGen Access
Overview Documentation Training Certification Materials

How to Deploy a CloudGen Access User Directory Connector on Bare Metal / Virtual Machine

  • Last updated on

This article offers the option to either use the install script or use the manual steps listed below. Before you begin, check the prerequisites.

Minimum OS supported versions:

Prerequisites:  

Choose Install Script or the Manual Steps for CentOS or Ubuntu to proceed. For help, see Troubleshooting.

Install Script

  • The steps below will download and execute a script automatically. Barracuda Networks recommends that you inspect the content before execution.

  • The script will install and enable a chrony service for time synchronization. This is required to ensure tokens are validated properly.

  • IMPORTANT : Tokens are valid for approximately 10 days, and updating the token is an automated process; however, it is possible for this process to not complete properly. The result is that the token expires and new users/groups are not synchronized as expected. To avoid this issue, you can manually redeploy the token.

  • Download and execute the installation script:

    sudo bash -c "$(curl -fsSL https://url.access.barracuda.com/connector-linux)"
    Copy

  • This script can also be used for unattended installations:

    curl -fsSLo install-connector-linux.sh https://url.access.barracuda.com/connector-linux

chmod +x install-connector-linux.sh

./install-connector-linux.sh -h

Install CloudGen Access User Directory Connector script

Available parameters:

 -e - Extra connector environment variables (can be used multiple times)

 -h - Show this help

 -l string - Loglevel (debug, info, warning, error, critical), defaults to info.

 -n - Don't start services after install

 -t token - Specify CloudGen Access Connector enrollment token

 -u - Unattended install, skip requesting input <optional>

 -z - Skip configuring ntp server <optional>
    Copy

Example for unattended installation with CloudGen Access Connector enrollment token and Azure directory  

 Specify the tokens inside quotes:

./ install-connector-linux.sh -u -t "https://xxxxxxxxxxxx" -e "FYDE_AZURE_AUTH_TOKEN=xxxxxxxx"
Copy

CentOS/RHEL - Manual Steps

  1. Install prerequisites.

    sudo yum -y install yum-utils chrony
    Copy

  2. Ensure chrony daemon is enabled on system boot and started.

    sudo systemctl enable chronyd
sudo systemctl start chronyd
    Copy

  3. Ensure time synchronization is enabled.

    sudo timedatectl set-ntp on
    Copy

  4. Install yum repository manager and update cURL (necessary in old CentOS 7.0 versions.  

    sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7  
sudo yum -y install yum-utils curl
    Copy

  5. Add CloudGen Access repository.

    sudo yum-config-manager -y --add-repo https://downloads.access.barracuda.com/fyde.repo
    Copy

  6. Install the CloudGen Access User Directory Connector.

    sudo yum -y install fyde-connector  
sudo systemctl enable fyde-connector
    Copy

  7. Configure environment using a service unit override. Check all the available parameters

    NOTE: Do *not* quote the environment variable values, even if they contain spaces.

    Example:

          Environment='FYDE_LDAP_AUTH_USERNAME=Joe Doe'  – Correct

          Environment='FYDE_LDAP_AUTH_USERNAME="Joe Doe"'  – Incorrect

    1. Okta example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service]  
Environment='FYDE_ENROLLMENT_TOKEN=https://enterprise.access.barracuda.com/connectors/v1/connectorid1?'  
Environment='FYDE_OKTA_AUTH_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'  
Environment='FYDE_OKTA_DOMAINNAME=xxxxxx.okta.com' 
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

    2. LDAP example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service] 
Environment='FYDE_ENROLLMENT_TOKEN=token'
Environment='FYDE_LDAP_HOST=hostname' 
Environment='FYDE_LDAP_PROFILE=ad'
Environment='FYDE_LDAP_USER_SEARCH_BASE=dc=xyz,dc=com'
Environment='FYDE_LDAP_GROUP_SEARCH_BASE=dc=xyz,dc=com'
Environment='FYDE_LDAP_AUTH_METHOD=simple'
Environment='FYDE_LDAP_AUTH_USERNAME=administrator@xyz.com'
Environment='FYDE_LDAP_AUTH_PASSWORD=*****'
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

    3. Microsoft Entra ID example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service] 
Environment='FYDE_ENROLLMENT_TOKEN=token'
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

    4. Google example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service] 
Environment='FYDE_ENROLLMENT_TOKEN=token'
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

  8. Reload and start the CloudGen Access User Directory Connector.

    sudo systemctl --system daemon-reload  
sudo systemctl start fyde-connector
    Copy

Upgrading CloudGen Access User Directory Connector   

To upgrade your Barracuda CloudGen Access User Directory Connector to the latest version, execute the following command:

sudo yum upgrade fyde-connector
Copy

Debian / Ubuntu - Manual Steps

  1. Ensure time synchronization is enabled.

    sudo timedatectl set-ntp on
    Copy

  2. Add CloudGen Access repository.

    REPO_URL="downloads.access.barracuda.com"
wget -q -O - "https://$REPO_URL/fyde-public-key.asc" | sudo apt-key add -
sudo bash -c "cat > /etc/apt/sources.list.d/fyde.list <<EOF
deb https://$REPO_URL/apt stable main
EOF"
sudo apt update
    Copy

  3. Install CloudGen Access User Directory Connector: 

    sudo apt install fyde-connector 
sudo systemctl enable fyde-connector
    Copy

  4. Configure environment using a service unit override. Check all of the available parameters.

    1. Okta example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service]  
Environment='FYDE_ENROLLMENT_TOKEN=https://enterprise.access.barracuda.com/connectors/v1/connectorid1?'  
Environment='FYDE_OKTA_AUTH_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'  
Environment='FYDE_OKTA_DOMAINNAME=xxxxxx.okta.com' 
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

    2. LDAP example:

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service] 
Environment='FYDE_ENROLLMENT_TOKEN=token'
Environment='FYDE_LDAP_HOST=hostname' 
Environment='FYDE_LDAP_PROFILE=ad'
Environment='FYDE_LDAP_USER_SEARCH_BASE=dc=xyz,dc=com'
Environment='FYDE_LDAP_GROUP_SEARCH_BASE=dc=xyz,dc=com'
Environment='FYDE_LDAP_AUTH_METHOD=simple'
Environment='FYDE_LDAP_AUTH_USERNAME=administrator@xyz.com'
Environment='FYDE_LDAP_AUTH_PASSWORD=*****'
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

    3. Microsoft Entra ID example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service] 
Environment='FYDE_ENROLLMENT_TOKEN=token'
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf
      Copy

    4. Google example:
      Note that you need to authorize Barracuda CloudGen Access to access your data.

      sudo mkdir -p /etc/systemd/system/fyde-connector.service.d  
sudo bash -c "cat > /etc/systemd/system/fyde-connector.service.d/10-environment.conf <<EOF 
[Service] 
Environment='FYDE_ENROLLMENT_TOKEN=token'
EOF" 
sudo chmod 600 /etc/systemd/system/fyde-connector.service.d/10-environment.conf Okta example:
      Copy

  5. Reload and start Barracuda CloudGen Access User Directory Connector. 

    sudo systemctl --system daemon-reload 
sudo systemctl start fyde-connector
    Copy

Troubleshooting

Check the Barracuda CloudGen Access User Directory Connector logs:

sudo journalctl -u fyde-connector -f
Copy