- Install and configure the IWA Web agent. See Install the Okta IWA Web agent on a virtual machine.
- On the same server that hosts your Okta IWA Web agent, open the Internet Information Services (IIS) Manager.
- Right-click Sites and select Add Web Site.
- Enter a name for the site, and then click Select.
- In Application pool, make sure DefaultAppPool is selected, then click OK. This puts the new site into its own application pool that defaults to Integrated mode using .NET 2.0 for the site.
- In the Physical path field, make sure the site points to the location of the main IIS site files: ?:\inetpub\wwwroot.
- Click OK.
The site is created and the directories display under it, including the IWA directory.
- Expand the site that you created at the beginning of this procedure.
- Right click IWA and select convert to web application.
- Name the web app IWA.
- In Application pool, select OktaIWA application pool.
Do not assign this application pool to any other web app. Use it only for Okta.
The IWA icon changes from a folder to a web app icon to indicate that the conversion was successful.
- In the Connections pane, click the site you created.
- In the center pane, double click Authentication. Check that only Anonymous Authentication is enabled.
- In the Connections pane, click IWA under the site you created, and then double click Authentication. The status of the items should match the following:
Anonymous – Enabled
ASP .NET Impersonation – Enabled
Forms Authentication – Disabled
Windows Authentication – Enabled
- Restart IIS.