Installing the HaloSHARE

This chapter walks through the process of installing and configuring the HaloSHARE.

Interactive Installation

Install HaloSHARE using the GUI-based setup program provided in the installation package. Make sure the user who installs the HaloSHARE has administrator rights.

1. To begin the interactive installation, double-click the installer HaloSHARE_Setup.exe file. Depending on your Windows security settings, you may get a warning such as "Do you want to allow the following program to make changes to this computer?". If you get this security warning, click the Yes button to continue the installation.

2. When the installer starts, you will see the startup dialog followed by the welcome dialog:

   

   Startup dialog

   

   Welcome dialog

3. Click Next to continue the installation. The end-user license agreement dialog will appear: 

   

   End-user License Agreement dialog

4. Read the End-User License Agreement. If you agree, select I accept the terms in the License Agreement and click Next.

5. The destination folder selection dialog will appear:

   

   Destination folder selection dialog

6. By default, application files are stored in the program files directory (C:\Program Files\Secude\). If you would like to choose an alternate location, click the Browse button and select your location preference. When you are finished, click Next.

7. The installation starts with a progress bar that displays the status of the process.

   

   Installation progress dialog

8. When the installation is completed, you will see a message confirming that the HaloSHARE has been successfully installed.

   

   Installation completed dialog

9. Click Next. The user credential dialog will appear: 

   

   User credential dialog

   1. If the computer is connected to a domain and you want to run the HaloSHARE on it, you need to enter a domain user account and password. For example, [domain]\[user], hc.test\john.

   2. On a non-domain joined computer, you need to enter the username and password of a user. For example, .\[user], .\john.

10. Click Next. The certificate based authentication dialog will appear. To avoid errors, please ensure that you enter the correct Azure application registration details in the installation wizard. 

    1. Azure Application ID: Enter your application ID. For example, 9f0de2dd-8d49-4a3f-9676-bf4b6ff17d44

    2. Tenant ID/Tenant Name: Enter your Microsoft Entra tenant name (for example, halosecude.onmicrosoft.com) or its tenant ID (for example, 8c425ee7-352a-4657-ac77-7dc198712cb3).

    3. Certificate Store Location: Select a certificate store (Current User or Local Computer). When selecting Local Computer, ensure that the user running the service has at least local administrator rights.

       

       Certificate based authentication dialog

    4. Thumbprint: If the certificate is already installed, you need to enter the thumbprint manually. If the certificate is not installed, click the Browse button to select the necessary certificates as explained below:

    5. Option 1: Self-Signed Certificate—select this option if you have a self-signed certificate and this must be the certificate that is registered in the Azure portal. Click Browse button to select the certificate (.pfx or .p12) and type the password.

    6. Option 2: Root CA Signed Certificate—select this option if you have a certificate that is signed by a CA. Click Browse button to select the signed certificate. The certificate path will appear in Certificate File field. Type its password in Password field. To select the Root CA (.cer / .crt), click Browse button in Root CA Certificate field. To select the intermediate CA certificates, click Add button in Intermediate CA field. In case, you want to remove a certificate from the "Certificate Import Wizard", click Delete button. Click OK, the thumbprint will be populated automatically.  

    7. Cloud Type:  By default, Commercial will be set. However, based on your Azure subscription and configuration, you can change the cloud type from the list — Commercial / Custom / US_DoD / US_GCC / US_GCC_High / US_Sec / US_Nat / China_01. In the case of Custom cloud type, you need to enter the appropriate URLs in Protection Cloud URL (for example, https://api.aadrm.com/) and Policy Cloud URL (for example, https://dataservice.protection.outlook.com/).

    8. Enable Federal Information Processing Standards (FIPS): If you want to utilize encryption techniques that comply with FIPS standards, enable this option. By enabling the option, MPIP uses only standard encryption algorithms. If not, MPIP uses standard encryption algorithms. However, FIPS mode can be enabled at any moment using the Administration Manager Tool (hsadm.exe). For more details, please refer to MIP SDK Documentation “MIP SDK FIPS Compliance Statement”.

    9. Click Next.

11. Once the initialization is completed, you will get the success message as shown below.

    

    Initialization completed dialog

12. Click Close to complete the installation. 

Post-installation checks:

1. You can view the log files at C:\Users\Username(user running service)\AppData\Local\Secude\HaloSHARE\log.

2. You can see the configuration information of the HaloSHARE add-on in the registry—HKEY_LOCAL_MACHINE\SOFTWARE\Secude\HaloSHARE.

3. A protected policy XML file will be located at C:\Users\Public\Secude\HaloSHARE.

Update from Old to New Version

Prerequisite: 
From the installed location, back up the current haloshare_config.enc file. It provides the HaloSHARE configuration properties, which will be essential to retain current settings.

1. Uninstall the current version

2. Install the new version

3. Replace the haloshare_config.enc file in the HaloSHARE installation folder. The default path is C:\Program Files\Secude\HaloSHARE.

What to do next

After installing the HaloSHARE, you must configure it to meet your company's requirements. To learn how to configure it, please refer to the following chapter.