This step shows you how to install the required Windows feature to allow the configuration of Network Load Balancing. You should complete this task on all hosts that are to be part of this cluster before continuing with the next step.
To install the required Windows feature (manually)
- 
Start the Server Manager. 
- 
Click Add roles and Features. 
- 
Skip the first page of the wizard. 
- 
Select Role-based or feature-based installation. 
- 
Select the server on which you want to install the Network Load Balancing feature. 
- 
On the Server roles page, click next. 
- 
On the Features page, check Network Load Balancing. 
- 
Click Add-Feature. 
- 
On the Features page, click next. 
- 
On the confirmation page, click install. 
To install the required Windows feature (with PowerShell)
- 
Start a PowerShell as administrator. 
- 
Enter Install-Windows Feature NLB. 
 
    
This step shows you how to configure the Network Load Balancing process. This task runs on one of the hosts that should be clustered for Network Load Balancing. These settings require you to have administrative privileges on the selected hosts.
To configure Network Load Balancing (manually)
- 
Start Network Load Balancing Manager. 
- 
In the Cluster menu, click New. 
- 
In the New Cluster: Connect window, perform the following tasks: 
- 
Connect to your first host, for example: web01.democorp.com, and click Connect. 
- 
In the list of network interfaces, select Ethernet 2 with the IP that is dedicated to Network Load Balancing and set to static. 
- 
Click Next. 
 
- 
In the New Cluster: Host Parameters window, click Next. 
- 
In the New Cluster: Cluster IP Addresses window, perform the following tasks: 
- 
Click Add and enter the Cluster IP, for example: 192.168.0.50 with matching subnet mask. 
- 
Click Next. 
 
- 
In the New Cluster: Cluster Parameters window, perform the following tasks: 
- 
Enter the Full Internet Name, for example: ServiceCluster.democorp.com. 
- 
Click Next. 
 
- 
in the New Cluster: Port Rules window, perform the following tasks: 
- 
Select the existing rule and click Remove. 
- 
Click Add. 
 
- 
In the Add/Edit Port Rule window, perform the following tasks: 
- 
Set the Port range to From 443 to 443. 
- 
Select TCP as protocol. 
- 
Set the Filtering Mode to Multiple Host. 
- 
Set the Affinity to match your requirements or leave it at Single (*). 
- 
Click OK. 
- 
Click Finish. 
 
(*) The affinity is used to determine to which back-end server a client is connected. The web service uses a stateless architecture, so any affinity will work.
To add additional hosts to the Network Load Balancing cluster
- 
Start Network Load Balancing Manager. 
- 
In the Cluster menu, click Connect to existing. 
- 
In the Connect to Existing: Connect window, enter the Cluster IP / FQDN, and click Connect. 
- 
In the Clusters list, select the cluster, and click Finish. 
- 
In the tree view, select the cluster. 
- 
In the Cluster menu, click Add Host. 
- 
In the Add Host to Cluster: Connect window, perform the following tasks: 
- 
Connect to your next host, for example: web02.democorp.com, and click Connect. 
- 
In the list of network interfaces, select Ethernet 2 with the IP that is dedicated to Network Load Balancing and set to static. 
- 
Click Next. 
 
- 
In the Add Host to Cluster: Host Parameters window, click Next. 
- 
In the Add Host to Cluster: Port Rules window, click Finish. 
 
    
Before changing the configuration of the Password Capture Agent, you must validate the configuration. After the previous steps, you should be able to access https://ServiceCluster.democorp.com and see the IIS welcome screen.
 
    
To set the Password Capture Agent web service URL
- 
Start an elevated command line. 
- 
Run the following command to modify the web service URL at the Password Capture Agent. REG ADD "\\<COMPUTERNAME>\HKLM\Software\One Identity\One Identity Manager\Password Capture Agent" /v "WebService_URL" /t REG_SZ /d "https://ServiceCluster.democorp.com/AppServer/" 
- 
Run the following commands to restart the Password Capture Agent service. sc \\<COMPUTERNAME> stop "Password Capture Agent" sc \\<COMPUTERNAME> start "Password Capture Agent"