Installing Avaya Aura Device Services

Last Updated : Jun 10, 2026 |

About this task

Use this procedure to install Avaya Aura® Device Services in an Avaya Aura® environment as a standalone instance or as a seed node in a cluster deployment.

You can enable the following features only when installing or upgrading Avaya Aura® Device Services:

  • IPv6

    Note:

    AWS, Microsoft Azure, and GCP software-only deployments do not support IPv6.

  • Utility Server

  • Onboard Open LDAP

  • SSO/OAuth2

You cannot enable these features using the Avaya Aura® Device Services administration portal or configuration utility.

Note:

Avaya recommends that you install Avaya Aura® Device Services in a Tmux session. If the SSH session terminates while the installation operation is in progress, you can re-connect to the Tmux session and complete the installation operation. For more information about the Tmux utility, see Using the Tmux utility.

Before you begin

  • If you are planning to use certificates specific to your organization and signed by a private or public certificate authority instead of System Manager certificates:

    • Ensure that you have all required certificates. For more information, see Third-party CA-signed certificates.

    • Import the third-party root and intermediate CA certificates into the trust stores of each server that interacts with Avaya Aura® Device Services to ensure that all these servers trust the third-party CAs.

    • Ensure that you have access to the deployed Avaya Aura® Device Services virtual machine using SSH or to a computer with a recent version of the OpenSSL library.

    • Ensure that System Manager uses an identity certificate signed by the same CA that signs the Avaya Aura® Device Services identity certificates. For more information, see Configuring third-party identity certificates for System Manager.

  • If you are planning to use FIPS, enable it as described in Enabling FIPS mode. You cannot enable FIPS mode during or after Avaya Aura® Device Services installation. You cannot use OAuth and Onboard Open LDAP features when FIPS mode is enabled.

  • To use IPv6, enable IPv6 support at the system layer as described in Enabling IPv6 support at the system layer.

Procedure

  1. Log in to the Avaya Aura® Device Services virtual machine as the administrative user.

    You must use the administrative user defined during OVA deployment for logging in to Avaya Aura® Device Services.

  2. To start a Tmux session, run the following command: 
    tmux new-session -s <NAME>

    In this command, <NAME> is a Tmux session name of your choice. For example:

    tmux new-session -s AADS_INSTALLATION
  3. If you are planning to use certificates specific to your organization, do the following:
    1. Transfer the following files to the Avaya Aura® Device Services virtual machine:

      • smgrca.pem

      • root.pem

      • intermediate.pem

      • identity.p12

    2. Concatenate the intermediate.pem, root.pem and smgrca.pem files into a single file with the cert-chain.pem name to create a trust chain.
      For example, you can run the following command to concatenate files: 
      cat intermediate.pem root.pem smgrca.pem > cert-chain.pem
  4. Do one of the following:

    • If you install Avaya Aura® Device Services using the Avaya-provided OVA, go to the /opt/Avaya/ directory and run the following command:

      app install

    • If you install Avaya Aura® Device Services as a software-only application, run the following command:

      app install <PATH>/<INSTALLER>

      In this command, <PATH> is the full path to the directory where you extracted the application binary when installing the system layer, and <INSTALLER> is the Avaya Aura® Device Services application binary. For example:

      app install /root/aads-swonly-10.2.0.0.70/aads-10.2.0.0.70.bin

    The system displays the Avaya Aura® Device Services Installer dialog box.

    Important:

    Do not resize the SSH console while installing and configuring Avaya Aura® Device Services.

  5. When prompted, type the password for the administrative user.
  6. In the Initial Installation Configuration, select Aura Support.
  7. Select Enable Aura, and press Enter.
  8. In the Enable Aura screen, select Yes and then press Enter.
  9. Select Return to Main Menu and press Enter.
  10. Optional If you want to enable the Utility Server, do the following:
    1. In the Initial Installation Configuration screen, select Utility Server.
    2. In the Utility Server menu, select Utility Server again and then select Yes.
    3. Select Return to Main Menu and press Enter.
    Important:

    • If you install a cluster, you must either enable the Utility Server on all nodes or leave it disabled on all nodes. You cannot enable the Utility Server on some cluster nodes and disable it on other nodes.

    • If you do not enable the Utility Server, you cannot generate configuration files for endpoints using the Dynamic Configuration service. For more information, see Administration of the Dynamic Configuration service in Administering Avaya Aura® Device Services.

  11. Optional If you want to enable OAuth, do the following:
    1. In the Initial Installation Configuration screen, select OAuth.
    2. In the OAuth menu, select OAuth again and then select Yes.
    3. Select Return to Main Menu and press Enter.

    OAuth is unavailable if you enabled FIPS mode.

  12. Optional If you want to enable IPv6 support, do the following:
    1. In the Initial Installation Configuration screen, select Enable IPv6.
    2. In the Enable IPv6 menu, select IPv6 support and then select Yes.
    3. Select Return to Main Menu and press Enter.
    Important:

    AWS, Microsoft Azure, and GCP software-only deployments do not support IPv6.

  13. In the Initial Installation Configuration screen, select Cluster Configuration and press Enter.
  14. In the Clustering screen, ensure that the value of the Initial cluster node field is y.
  15. For cluster deployments, ensure that the Local Node IP address option is set to the IP address of the node.
  16. For cluster deployments, In Cassandra Datacenter name, configure a Cassandra datacenter for the node as follows:

    • To add the node to a new datacenter, provide a name of your choice for that datacenter.

    • To add the node to the default dc1 datacenter, leave the field blank.

    Avaya Aura® Device Services logically groups nodes with the same Cassandra datacenter name and configures specific Cassandra replication policies for the members of the datacenter.

  17. Select Return to Main Menu and press Enter.
  18. Optional For cluster deployments, in the Cassandra Encryption menu, enable or disable SSL encryption for internode communication between the database servers on the Avaya Aura® Device Services nodes.

    If you enabled FIPS mode, SSL encryption for internode communication is enabled by default and the Cassandra Encryption menu is unavailable.

  19. In the Initial Installation Configuration screen, select Front-end host, System Manager and Certificate Configuration and press Enter.
  20. In the Front-end host, System Manager and Certificate Configuration screen, set values for the following parameters:

    • Front-end FQDN of the Avaya Aura® Device Services server

    • System Manager FQDN

    • System Manager version

    • System Manager HTTPS port

    • System Manager Enrollment Password

    • Local Front-end host

    • Keystore password

      Ensure that the keystore password is at least 8 characters long.

    Important:

    • For a cluster deployment, you must configure the front-end FQDN as the FQDN of the virtual IP address. If you are planning to use an external load balancer, set this value to the FQDN of the load balancer.

    • If Cassandra internode encryption is enabled, you must complete the configuration settings from this menu during the initial installation phase and not at a later time.

  21. Do one of the following:

    • If you are planning to use System Manager for certificates, in Use System Manager for certificates, select Yes and then proceed to step 23.

    • If you are planning to use certificates that are specific for your organization and signed by a third-party CA, in Use System Manager for certificates, select No and proceed to step 22.

  22. If you are planning to use certificates that are specific for your organization, do the following:
    1. For each of the REST, OAM, and NODE interface certificate configuration options, in Is the interface certificate in PKCS12 format?, select one of the following:

      • Yes, if your interface certificate has the PKCS12 format.

      • No, if your interface certificate has the PEM format.

    2. If you use identity certificates in the PKCS12 format, configure the following settings:

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PKCS12 file, enter the path to the identity.p12 file.

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PKCS file password, enter the password for the identity.p12 file.

        If you provide an incorrect password, Avaya Aura® Device Services displays a warning message. You cannot continue installing Avaya Aura® Device Services until you enter the correct password.

    3. If you use identity certificates in the PEM format, configure the following settings:

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PEM certificate file, enter the path to the identity certificate file.

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PEM key file, enter the path to the key file for the identity certificate.

    4. Select Signing authority certificate configuration.
    5. In Is the Signing Authority certificate in PKCS12 format?, select No.
    6. In Signing Authority PEM certificate file, enter the path to the cert-chain.pem file that you created in step 3.
  23. Select Return to Main Menu and press Enter.
  24. In the Initial Installation Configuration screen, select Session Manager Configuration and press Enter.
  25. In the Session Manager Configuration screen, set values for the following parameters:

    • Session Manager Management IP or FQDN

    • Session Manager Asset IP or FQDN

    Avaya Aura® Device Services compares the configured Session Manager IP addresses with the ones obtained from System Manager. If they differ, Avaya Aura® Device Services will use the IP addresses obtained from System Manager.

  26. Select Return to Main Menu and press Enter.
  27. Optional If you want to use onboard Open LDAP, do the following:
    1. In the Initial Installation Configuration screen, select Onboard Open LDAP.
    2. Select Onboard Open LDAP again and then select Yes.
    3. In Directory Manager, enter a name for the Open LDAP administrator.
    4. In Domain Name, provide the domain name of your company.

      The domain name must include two components. For example: example.com. If you provide a domain name that contain three or more domain components, then Avaya Aura® Device Services will use only two rightmost domain components. For example, if you enter subdomain.example.com, Avaya Aura® Device Services will use example.com.

    5. In Administrator’s password, provide a password for the Open LDAP administrator.
    6. Select Return to Main Menu and press Enter.
    Important:

    You cannot install onboard Open LDAP if you enabled FIPS mode.

  28. In the Initial Installation Configuration screen, select Continue and press Enter.
  29. In the Configuration Summary screen, select Accept and continue and press Enter.
  30. In the Results of Configuration Checks screen, select Continue and press Enter.

    Avaya Aura® Device Services displays the End User License Agreement.

  31. Select Accept and press Enter.

    Avaya Aura® Device Services installs the required RPMs, downloads certificates from System Manager, creates database schema, and performs the required initial configuration. After successful installation, Avaya Aura® Device Services displays the Results of Installation Script screen.

  32. In the Results of Installation Script screen, select Continue and press Enter.
  33. In the Main Menu screen, select LDAP Configuration and press Enter.
    Note:

    • The LDAP configuration for the cluster is performed during the installation of the initial node. Additional configuration on each of the additional nodes is not required.

    • You can configure LDAP settings after installing the Avaya Aura® Device Services application using the Avaya Aura® Device Services web administration portal.

  34. In the LDAP Configuration screen, set values for the following parameters:

    • Use LDAP for authentication

      This option is only available when OAuth is enabled.

      If you use OpenLDAP, Avaya Aura® Device Services sets values for other LDAP parameters automatically.

    • Use for Contact Search

      If you use onboard Open LDAP, this option is enabled by default.

    • Use DNS

      This option determines how Avaya Aura® Device Services discovers the LDAP server:

      • If you select this option, Avaya Aura® Device Services discovers available LDAP server instances using DNS SRV records.

      • If you do not select this option, Avaya Aura® Device Services discovers the LDAP server using its IP address or FQDN.

    • Directory Type

    • URL for LDAP server

      • If FIPS is enabled, use the Secure LDAP (LDAPS) protocol to access the LDAP server.

      • If you are using global catalog ports 3268 or 3269, you must also configure attribute replication to the global catalog. For more information, see LDAP attributes replication to the global catalog.

      • If you are using the LDAPS protocol, you cannot use IP addresses in the server URL. LDAPS only supports FQDNs.

        This parameter is unavailable if you selected the Use DNS option.

    • Bind DN

    • Bind Credential

    • UID Attribute ID

    • Base Context DN

    • Administrator Role

    • Security Administrator Role

    • Auditor Role

    • User Role

    • Services Administrator Role

    • Services Maintenance & Support Role

    • Integrated Windows Authentication Configuration

    • testUser

      The testUser parameter is optional. If you do not specify a value, Avaya Aura® Device Services skips validation and directly saves the configuration in the database. For more information, see testUser validations.

    For more information about LDAP parameters, see LDAP configuration.

  35. Select Advanced LDAP Parameters and press Enter.
  36. In the Advanced LDAP Parameters screen, verify the default values for the parameters and update them if required.

    For more information about advanced LDAP parameters, see the Advanced LDAP attributes table in LDAP configuration.

  37. Select Return to previous menu and press Enter.
  38. In the LDAP Configuration screen, select Apply and press Enter.
  39. In the LDAP Configuration screen, select Yes and press Enter.
  40. In the Results of LDAP Parameter Configuration screen, select Continue and press Enter.
  41. Select Return to previous menu and press Enter.

If you are deploying a standalone system, continue from step 47. The steps 42 to 46 are for cluster deployments.

  1. In the Main Menu screen, select Clustering Configuration and press Enter.
  2. In the Clustering Configuration screen, select Virtual IP Configuration and press Enter.
    Important:

    The virtual IP address is used for redundancy management, which is supported for two or more Avaya Aura® Device Services nodes.

    If you use an external load balancer, you do not need to configure a virtual IP address, but you must configure the Avaya Aura® Device Services front-end host as the FQDN of the load balancer.

    This option is unavailable if you are deploying Avaya Aura® Device Services on AWS.

  3. In the Virtual IP Configuration screen, set values for the following parameters:
    1. Set Enable virtual IP to y.
    2. Set Virtual IP address to the virtual IPv4 address that you want to use.
    3. If you enabled IPv6, set Virtual IPv6 address to the virtual IPv6 address you want to use.
    4. Set Virtual IP interface to the required value.
    5. Set Virtual IP master node to y.
    6. Set Virtual IP router ID to the required value.
    7. Set Virtual IP authentication password.

      Ensure that you use the same password for subsequent Avaya Aura® Device Services nodes in the cluster.

      Important:

      Write down the virtual IP authentication password. You need this password for configuring the virtual IP backup node.

  4. Select Apply and press Enter.
  5. Select Return to previous menu and press Enter.
  6. If you chose to enable the Utility Server, in the Main menu screen, select Utility Server Configuration and press Enter.

    If you do not need the Utility Server, continue from step 51. Steps from 48 to 50 are for the Utility Server configuration.

    Important:

    If you are deploying a cluster, you must configure cluster settings in Clustering Configuration before configuring Utility Server settings. The cluster configuration steps are described earlier in this procedure.

  7. In the Utility Server Configuration screen, update the following parameters:
    1. Set Utility Server VIP to a virtual IPv4 address that you want to use for the Utility Server.
      Note:

      • You cannot use the Avaya Aura® Device Services cluster virtual IP address as the Utility Server virtual IP address.

      • The Utility Server virtual IP address must be in the same subnet as the IP addresses of the Avaya Aura® Device Services cluster nodes.

    2. If you enabled IPv6, set Utility Server Ipv6 VIP to a virtual IPv6 address that you want to use for the Utility Server.
    3. Set Utility Server FQDN to a FQDN that you want to use for the Utility Server.

      In AWS cluster deployments, you must use the following scheme for the seed node Utility Server FQDN:

      <Utility Server Host Name>0.<Domain Name>

      For example, if the Utility Server host name is aads716-us and the domain name is avaya.in, then the Utility Server FQDN is aads716-us0.avaya.in.

      For more information about Utility Server VIP and FQDNs in AWS deployments, see Utility Server VIP and FQDN in AWS cluster deployments.

    4. Set System Manager Enrollment Password to the System Manager enrollment password.

      The System Manager enrollment password is configured in the System Manager console under Home > Services > Security > Certificates > Enrollment Password.

  8. Select Apply and press Enter.
  9. Select Continue and press Enter.
  10. In the Main menu screen, select Continue and press Enter.
  11. Optional To manually start Avaya Aura® Device Services, run the svc aads start command.

Next Steps