Installing Avaya Aura Device Services in an environment without Avaya Aura

Last Updated : Jun 08, 2026 |

About this task

Use this procedure to install Avaya Aura® Device Services in an environment without Avaya Aura® as a standalone instance or as a seed node in a cluster deployment.

You can enable the following features only when installing or upgrading Avaya Aura® Device Services:

  • IPv6

    Note:

    AWS, Microsoft Azure, and GCP software-only deployments do not support IPv6.

  • Utility Server

  • Onboard Open LDAP

  • SSO/OAuth2

You cannot enable these features using the Avaya Aura® Device Services administration portal or configuration utility.

Note:

Avaya recommends that you install Avaya Aura® Device Services in a Tmux session. If the SSH session terminates while the installation operation is in progress, you can re-connect to the Tmux session and complete the installation operation. For more information about the Tmux utility, see Using the Tmux utility.

Before you begin

  • Ensure that you have all required certificates signed by a third-party private or public certificate authority. For more information about the required certificates, see Certificates required for an environment without Avaya Aura.

  • Import the third-party root and intermediate CA certificates into the trust stores of each server that interacts with Avaya Aura® Device Services to ensure that all these servers trust the third-party CAs.

  • Ensure that you have access to the deployed Avaya Aura® Device Services virtual machine using SSH or to a computer with a recent version of the OpenSSL library.

  • Ensure that System Manager uses an identity certificate signed by the same CA that signs the Avaya Aura® Device Services identity certificates. For more information, see Configuring third-party identity certificates for System Manager.

Procedure

  1. Log in to the Avaya Aura® Device Services virtual machine as the administrative user.

    You must use the administrative user defined during OVA deployment for logging in to Avaya Aura® Device Services.

  2. To start a Tmux session, run the following command: 
    tmux new-session -s <NAME>

    In this command, <NAME> is a Tmux session name of your choice. For example:

    tmux new-session -s AADS_INSTALLATION
  3. To create a certificate chain that you will use when configuring certificate settings, do the following:
    1. Transfer the following files to the Avaya Aura® Device Services virtual machine:

      • root.pem

      • intermediate.pem

      • identity.p12

    2. Concatenate the intermediate.pem and root.pem files into a single file with the cert-chain.pem name to create a trust chain.
      For example, you can run the following command to concatenate files: 
      cat intermediate.pem root.pem > cert-chain.pem
  4. Do one of the following:

    • If you install Avaya Aura® Device Services using the Avaya-provided OVA, go to the /opt/Avaya/ directory and run the following command:

      app install

    • If you install Avaya Aura® Device Services as a software-only application, run the following command:

      app install <PATH>/<INSTALLER>

      In this command, <PATH> is the full path to the directory where you extracted the application binary when installing the system layer, and <INSTALLER> is the Avaya Aura® Device Services application binary. For example:

      app install /root/aads-swonly-10.2.0.0.70/aads-10.2.0.0.70.bin

    The system displays the Avaya Aura® Device Services Installer dialog box.

    Important:

    Do not resize the SSH console while installing and configuring Avaya Aura® Device Services.

  5. When prompted, type the password for the administrative user.
  6. To disable the use of Avaya Aura® components, do the following:
    1. In the Initial Installation Configuration, select Aura Support.
    2. Select Enable Aura, and press Enter.
    3. In the Enable Aura screen, select No and then press Enter.
    4. Select Return to Main Menu and press Enter.
  7. Optional If you want to enable the Utility Server, do the following:
    1. In the Initial Installation Configuration screen, select Utility Server.
    2. In the Utility Server menu, select Utility Server again and then select Yes.
    3. Select Return to Main Menu and press Enter.
    Important:

    • If you install a cluster, you must either enable the Utility Server on all nodes or leave it disabled on all nodes. You cannot enable the Utility Server on some cluster nodes and disable it on other nodes.

    • If you do not enable the Utility Server, you cannot generate configuration files for endpoints using the Dynamic Configuration service. For more information, see Administration of the Dynamic Configuration service in Administering Avaya Aura® Device Services.

  8. Optional If you want to enable OAuth, do the following:
    1. In the Initial Installation Configuration screen, select OAuth.
    2. In the OAuth menu, select OAuth again and then select Yes.
    3. Select Return to Main Menu and press Enter.

    OAuth is unavailable if you enabled FIPS mode.

  9. Optional If you want to enable IPv6 support, do the following:
    1. In the Initial Installation Configuration screen, select Enable IPv6.
    2. In the Enable IPv6 menu, select IPv6 support and then select Yes.
    3. Select Return to Main Menu and press Enter.
    Important:

    AWS, Microsoft Azure, and GCP software-only deployments do not support IPv6.

  10. In the Initial Installation Configuration screen, select Cluster Configuration and press Enter.
  11. In the Clustering screen, ensure that the value of the Initial cluster node field is y.
  12. For cluster deployments, ensure that the Local Node IP address option is set to the IP address of the node.
  13. For cluster deployments, In Cassandra Datacenter name, configure a Cassandra datacenter for the node as follows:

    • To add the node to a new datacenter, provide a name of your choice for that datacenter.

    • To add the node to the default dc1 datacenter, leave the field blank.

    Avaya Aura® Device Services logically groups nodes with the same Cassandra datacenter name and configures specific Cassandra replication policies for the members of the datacenter.

  14. Select Return to Main Menu and press Enter.
  15. Optional For cluster deployments, in the Cassandra Encryption menu, enable or disable SSL encryption for internode communication between the database servers on the Avaya Aura® Device Services nodes.

    If you enabled FIPS mode, SSL encryption for internode communication is enabled by default and the Cassandra Encryption menu is unavailable.

  16. In the Initial Installation Configuration screen, select Front-end host and Certificate Configuration and press Enter.
  17. In the Front-end host and Certificate Configuration screen, set values for the following parameters:

    • Front-end FQDN of the Avaya Aura® Device Services server

    • Local Front-end host

    • Keystore password

      Ensure that the keystore password is at least 8 characters long.

    Important:

    • For a cluster deployment, you must configure the front-end FQDN as the FQDN of the virtual IP address. If you are planning to use an external load balancer, set this value to the FQDN of the load balancer.

    • If you enabled Cassandra internode encryption, you must complete the configuration settings from this menu during the initial installation phase and not at a later time.

  18. To configure certificates, do the following:
    1. For each of the REST, OAM, and NODE interface certificate configuration options, in Is the interface certificate in PKCS12 format?, select one of the following:

      • Yes, if your interface certificate has the PKCS12 format.

      • No, if your interface certificate has the PEM format.

    2. If you use identity certificates in the PKCS12 format, configure the following settings:

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PKCS12 file, enter the path to the identity.p12 file.

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PKCS file password, enter the password for the identity.p12 file.

        If you provide an incorrect password, Avaya Aura® Device Services displays a warning message. You cannot continue installing Avaya Aura® Device Services until you enter the correct password.

    3. If you use identity certificates in the PEM format, configure the following settings:

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PEM certificate file, enter the path to the identity certificate file.

      • For each of the REST, OAM, and NODE interface certificate configuration options, in Interface PEM key file, enter the path to the key file for the identity certificate.

    4. Select Signing authority certificate configuration.
    5. In Is the Signing Authority certificate in PKCS12 format?, select No.
    6. In Signing Authority PEM certificate file, enter the path to the cert-chain.pem file that you created in step 3.
  19. Select Return to Main Menu and press Enter.
  20. Optional If you want to use onboard Open LDAP, do the following:
    1. In the Initial Installation Configuration screen, select Onboard Open LDAP.
    2. Select Onboard Open LDAP again and then select Yes.
    3. In Directory Manager, enter a name for the Open LDAP administrator.
    4. In Domain Name, provide the domain name of your company.

      The domain name must include two components. For example: example.com. If you provide a domain name that contain three or more domain components, then Avaya Aura® Device Services will use only two rightmost domain components. For example, if you enter subdomain.example.com, Avaya Aura® Device Services will use example.com.

    5. In Administrator’s password, provide a password for the Open LDAP administrator.
    6. Select Return to Main Menu and press Enter.
    Important:

    You cannot install onboard Open LDAP if you enabled FIPS mode.

  21. In the Initial Installation Configuration screen, select Continue and press Enter.
  22. In the Configuration Summary screen, select Accept and continue and press Enter.
  23. In the Results of Configuration Checks screen, select Continue and press Enter.

    Avaya Aura® Device Services displays the End User License Agreement.

  24. Select Accept and press Enter.

    Avaya Aura® Device Services installs the required RPMs, creates database schema, and performs the required initial configuration. After successful installation, Avaya Aura® Device Services displays the Results of Installation Script screen.

  25. In the Results of Installation Script screen, select Continue and press Enter.
  26. In the Main Menu screen, select LDAP Configuration and press Enter.
    Note:

    • The LDAP configuration for the cluster is performed during the installation of the initial node. Additional configuration on each of the additional nodes is not required.

    • You can configure LDAP settings after installing the Avaya Aura® Device Services application using the Avaya Aura® Device Services web administration portal.

  27. In the LDAP Configuration screen, set values for the following parameters:

    • Use LDAP for authentication

      This option is only available when OAuth is enabled.

      If you use OpenLDAP, Avaya Aura® Device Services sets values for other LDAP parameters automatically.

    • Use for Contact Search

      If you use onboard Open LDAP, this option is enabled by default.

    • Use DNS

      This option determines how Avaya Aura® Device Services discovers the LDAP server:

      • If you select this option, Avaya Aura® Device Services discovers available LDAP server instances using DNS SRV records.

      • If you do not select this option, Avaya Aura® Device Services discovers the LDAP server using its IP address or FQDN.

    • Directory Type

    • URL for LDAP server

      • If FIPS is enabled, use the Secure LDAP (LDAPS) protocol to access the LDAP server.

      • If you are using global catalog ports 3268 or 3269, you must also configure attribute replication to the global catalog. For more information, see LDAP attributes replication to the global catalog.

      • If you are using the LDAPS protocol, you cannot use IP addresses in the server URL. LDAPS only supports FQDNs.

        This parameter is unavailable if you selected the Use DNS option.

    • Bind DN

    • Bind Credential

    • UID Attribute ID

    • Base Context DN

    • Administrator Role

    • Security Administrator Role

    • Auditor Role

    • User Role

    • Services Administrator Role

    • Services Maintenance & Support Role

    • Integrated Windows Authentication Configuration

    • testUser

      The testUser parameter is optional. If you do not specify a value, Avaya Aura® Device Services skips validation and directly saves the configuration in the database. For more information, see testUser validations.

    For more information about LDAP parameters, see LDAP configuration.

  28. Select Advanced LDAP Parameters and press Enter.
  29. In the Advanced LDAP Parameters screen, verify the default values for the parameters and update them if required.

    For more information about advanced LDAP parameters, see the Advanced LDAP attributes table in LDAP configuration.

  30. Select Return to previous menu and press Enter.
  31. In the LDAP Configuration screen, select Apply and press Enter.
  32. In the LDAP Configuration screen, select Yes and press Enter.
  33. In the Results of LDAP Parameter Configuration screen, select Continue and press Enter.
  34. Select Return to previous menu and press Enter.

If you are deploying a standalone system, continue from step 40. The steps 33 to 37 are for cluster deployments.

  1. In the Main Menu screen, select Clustering Configuration and press Enter.
  2. In the Clustering Configuration screen, select Virtual IP Configuration and press Enter.
    Important:

    The virtual IP address is used for redundancy management, which is supported for two or more Avaya Aura® Device Services nodes.

    If you use an external load balancer, you do not need to configure a virtual IP address, but you must configure the Avaya Aura® Device Services front-end host as the FQDN of the load balancer.

    This option is unavailable if you are deploying Avaya Aura® Device Services on AWS.

  3. In the Virtual IP Configuration screen, set values for the following parameters:
    1. Set Enable virtual IP to y.
    2. Set Virtual IP address to the virtual IPv4 address that you want to use.
    3. If you enabled IPv6, set Virtual IPv6 address to the virtual IPv6 address you want to use.
    4. Set Virtual IP interface to the required value.
    5. Set Virtual IP master node to y.
    6. Set Virtual IP router ID to the required value.
    7. Set Virtual IP authentication password.

      Ensure that you use the same password for subsequent Avaya Aura® Device Services nodes in the cluster.

      Important:

      Write down the virtual IP authentication password. You need this password for configuring the virtual IP backup node.

  4. Select Apply and press Enter.
  5. Select Return to previous menu and press Enter.
  6. If you chose to enable the Utility Server, in the Main menu screen, select Utility Server Configuration and press Enter.

    If you do not need the Utility Server, continue from step 42. Steps from 39 to 41 are for the Utility Server configuration.

    Important:

    If you are deploying a cluster, you must configure cluster settings in Clustering Configuration before configuring Utility Server settings. The cluster configuration steps are described earlier in this procedure.

  7. In the Utility Server Configuration screen, update the following parameters:
    1. Set Utility Server VIP to a virtual IPv4 address that you want to use for the Utility Server.
      Note:

      • You cannot use the Avaya Aura® Device Services cluster virtual IP address as the Utility Server virtual IP address.

      • The Utility Server virtual IP address must be in the same subnet as the IP addresses of the Avaya Aura® Device Services cluster nodes.

    2. If you enabled IPv6, set Utility Server Ipv6 VIP to a virtual IPv6 address that you want to use for the Utility Server.
    3. Set Utility Server FQDN to a FQDN that you want to use for the Utility Server.

      In AWS cluster deployments, you must use the following scheme for the seed node Utility Server FQDN:

      <Utility Server Host Name>0.<Domain Name>

      For example, if the Utility Server host name is aads716-us and the domain name is avaya.in, then the Utility Server FQDN is aads716-us0.avaya.in.

      For more information about Utility Server VIP and FQDNs in AWS deployments, see Utility Server VIP and FQDN in AWS cluster deployments.

  8. Select Apply and press Enter.
  9. Select Continue and press Enter.
  10. In the Main menu screen, select Continue and press Enter.
  11. Optional To manually start Avaya Aura® Device Services, run the svc aads start command.

Next Steps

  • If you are installing a cluster, install additional cluster nodes and then configure the SSH/RSA Public/Private keys on the seed node.

  • Change the default password for automatic backups. For more information, see Changing the default password for automatic backups.

  • If you enabled OAuth, configure Keycloak settings. You must install all additional cluster nodes before configuring Keycloak settings. For more information, see OAuth configuration.

  • In a cluster deployment, if you enabled OAuth, enable OAuth database replication after all additional nodes are installed. For more information, see Enabling OAuth database replication in a cluster environment.

  • If you installed Open LDAP, after all additional nodes are installed and configured, enable Open LDAP replication. For more information, see Enabling Open LDAP replication.