Complete Mideye Setup Wizard — Root Password & Switch

The configuration wizard runs the first time you access the Mideye Web GUI. It creates the root administrator account and connects the server to Mideye Switch.

Before you start

Complete all steps in Initial Configuration first — database, server port, firewall, and setup challenge.

Open the Web GUI:

https://<hostname-or-IP>:<port>

The default port is 443 (Windows) or 8443 (Linux).

---

What the wizard configures

Setup Challenge

Security verification using the one-time code from server logs.

Root Password

Creates the initial administrator account.

Switch Connection

Connects to Mideye Switch for OTP delivery (SMS, Push). Can be configured for air-gapped operation.

LDAP Profile

Optional — connect to Active Directory or another LDAP directory for user lookup.

RADIUS Client

Optional — register the first VPN, firewall, or application as a RADIUS client.

---

Wizard steps

1. Start the wizard

   Click Start on the welcome screen to begin configuration.

   

2. Enter the setup challenge

   Paste the setup challenge code you found in the server log (see Find the setup challenge).

   

3. Create root password

   Set a strong password for the root administrator account. This account is used for:

   • Initial server configuration
   • Creating additional administrator accounts
   • Emergency access recovery

   Caution

   Store the root password securely. After setup, create regular administrator accounts for daily use and avoid using root for routine operations.

   

4. Configure Switch connection

   Enter your customer-specific TCP port provided by Mideye Support. The wizard will verify the connection to Mideye Switch.

   

   The connection indicator shows:

   • 🟢 Green — Connection established successfully
   • 🔴 Red — Connection failed (see troubleshooting below)

   New customer provisioning

   New installations initially connect only to secondary.mideye.com. After verification (typically a few days), access to primary.mideye.com is automatically enabled.

5. Add LDAP profile (optional)

   The wizard offers to connect to an LDAP directory so that Mideye Server can look up user accounts. Click Skip to configure this later through the web interface.

   If you configure it now:

   • Give the LDAP profile a friendly name
   • Choose LDAP Server Type (Active Directory, eDirectory, OpenLDAP, etc.)
   • Enter the hostname or IP address of the LDAP server (use the hostname for LDAPS)
   • Specify the port (389 for LDAP, 636 for LDAPS)
   • Enter a service account with read permissions (DN or UPN format)
   • If using LDAPS, check the box and click Fetch Certificate
   • Add the search base in DN format, or click Fetch Searchbase
   • Optionally restrict to specific groups

   

   For full details, see LDAP Profiles.

6. Add RADIUS client (optional)

   Register your first VPN, firewall, or application as a RADIUS client. Click Skip to configure this later through the web interface.

   If you configure it now:

   • Give the RADIUS client a friendly name (shown in Mideye+ push notifications)
   • Enter the NAS IP (IP address of the VPN/firewall)
   • Set a shared secret for RADIUS communication

   

   For full details, see RADIUS Clients.

7. Finish setup

   Review your configuration and click Finish to complete the wizard.

   

---

Advanced settings

Click Show advanced settings in the Switch connection step to access additional options.

Manual DNS override

If your server cannot resolve DNS, enter IP addresses manually:

Hostname	IP Address
primary.mideye.com	217.151.192.84
secondary.mideye.com	79.136.112.54

Air-gapped mode (offline deployment)

New in 6.6

Air-gapped mode allows Mideye Server to operate without any internet connection, using on-premise TOTP tokens exclusively.

Enable Air-gapped mode when:

• Your environment has no internet access
• Security policy requires complete network isolation
• You only need on-premise TOTP tokens

Air-gapped mode limitations:

• No SMS or Push authentication (requires Mideye Switch)
• No automatic threat intelligence updates for Mideye Shield
• Manual token provisioning required

Contact support@mideye.com for air-gapped deployment assistance.

---

Troubleshooting

Switch connection fails

Common causes and solutions:

Issue	Solution
Firewall blocking traffic	Open outbound TCP to ports specified by Mideye Support
DNS resolution failing	Use manual IP addresses in advanced settings
Incorrect port number	Verify the port with support@mideye.com
Proxy required	Configure proxy settings (see proxy configuration)

Setup challenge not found

The challenge code is logged every time the server starts while setup is incomplete. See Find the setup challenge for the exact commands. Always use the most recent value from the log — the challenge changes on each restart.

---

What’s next?

After completing the wizard, configure your Mideye Server through the web interface:

Connect directory

Add LDAP/AD profile to look up users from your identity source.

Add RADIUS clients

Configure RADIUS clients for your VPNs, firewalls, and applications.

Set up MFA methods

Configure authentication types — SMS, Push, TOTP, or hardware tokens.

Enable protection

Configure Mideye Shield to protect against authentication attacks.