System Requirements for Installing Juniper Identity Management Service
This section includes the following topics:
Specifications supported in Juniper Identity Management Service Release 1.1 and later.
Table 6 lists the JIMS server specifications.
Table 6: JIMS Server Specifications
Operating System and Kernel Versions
Supported Junos OS software releases
Supported SRX Series device platforms
Supported Contrail Service Orchestration (CSO) release
Release 3.3 or a later release
Maximum SRX Series devices
Maximum CSO platforms
Maximum event log sources
Maximum Active Directories
Maximum user entries
Maximum syslog sources
Juniper Identity Management Service can be installed on the following Microsoft Windows platforms:
Windows Server 2019
Windows Server 2016
Windows Server 2012 R2 with Windows Server 2012 R2 Updates (KB2919355 and KB2999226)
Windows Server 2008 R2 with Service Pack 1 (SP1) and Update for Windows Server 2008 R2 x64 Edition (KB3140245)
Windows Server 2008 R2 with SP1 also requires installation of an update that provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2. See Update to enable TLS 1.1 and TLS 1.2 as a default secure protocols in WinHTTP in Windows for details. After you apply the update, select Run as administrator to restart the JIMS Administrative Interface.
Note the following best practices when installing Juniper Identity Management Service on a Microsoft Windows platform:
Because Juniper Identity Management Service participates in the security infrastructure protecting your network, we recommend using Windows Update regularly and judiciously to obtain the latest Security Updates and other Critical Updates from Microsoft.
Juniper Identity Management Service requires a server with a 4-core, 64-bit compatible 1.4 GHz or higher CPU, a minimum of 16 GB of system memory, and 100 GB of disk space.
If using Windows Server 2008 R2, avoid installation on a primary domain controller (PDC). Juniper Identity Management Service should be installed in a separate, non-domain controller instance.
Juniper Identity Management Service uses the event log timestamp to decide the order of events, and, therefore, you might experience unexpected side issues if your domain controllers and Active Directories are not synchronized. This is more likely to happen across domains than within domains, which typically time-synchronize with their domain controller. Juniper Identity Management Service uses UTC (GMT) internally, and the time zone should not matter, only the time synchronization. See the Windows Time Service Tools and Settings documentation for Windows Server 2016, 2012 R2, or 2008 R2.
Supported Identity Sources
Supported Identity Sources is supported in Juniper Identity Management Service Release 1.1
Juniper Identity Management Service supports the following identity sources:
Microsoft Active Directory on Windows Server 2008 R2 or later
Microsoft Exchange Server 2010 with Service Pack 3 (SP3)
Health mailboxes on Microsoft Exchange servers (users with a prefix of HealthMailBox) are filtered out by default by Juniper Identity Management Service.