Skip to content

Hybrid On-Premise Docker Agent

Your application, database, or identity server deployed within your data center cannot be accessed directly. Hire2Retire's “On-Premise Docker Agent” provides a secure way to access the identity management server located behind your firewall without the need to open ports in the firewall or establish a VPN tunnel. On-Premise Docker Agent can be installed easily behind the firewall after which it can communicate with the workflow deployed in secure and encrypted manner.

Hybrid On-Premise Service Connection

Hire2Retire requires the following details to create a OnPremise Service Connection

  • Connection Name - A user defined nomenclature for your connection. By default, the connection name is "Connection-OnPremise Service", you can change the name as per your preferences.
  • Host - The host name is the IP address of your Active Directory Server. If you are configuring a connection with multi-domain controller setup, you can provide host values for each domain controller. You can also provide comma separated list of IP/host addresses for each domain controller.
  • Port - The TCP/IP port on which the Active Directory server is listening. Hire2Retire will only establish the LDAP connection with the SSL port. (The default is 636)
  • Base DN - It is a collection of objects that Hire2Retire will access within an Active Directory network.
  • Public key of RSA key pair - RSA public key which will be used to encrypt the config file. To know the detailed steps to generate RSA key pair, click here.

OnPremise Service Connection

Figure 1. Hybrid On-Premise Service Connection


OnPremise Service Connection

Figure 2. Hybrid On-Premise Service Connection for Multi Domain Controller


After filling in the credentials you need to clicks on the "link account" button. After account is successfully linked, follow the Instructions given below to setup Active Directory On-Prem Docker Agent.

Instructions to set up On-Prem Docker Agent

Figure 3. Instructions to set up On-Prem Docker Agent

OnPremise Docker Agent Setup Guide

After following the above instruction. Read the Setup Guide for Hire2Retire OnPrem Docker Based Agent to Setup the Hire2Retire OnPrem Docker Based Agent..

How to stop the running On-Premise agent docker container

When the flow is paused or deleted, user can stop the docker container using command given below

$ docker ps

docker command

Figure 6. Docker Command to list running container
$ docker container stop CONTAINER ID [CONTAINER...]

Example: docker stop 733e33bfe48b

Delegate Control on Active Directory

You can set up the delegated controls (manage user or group) under a specific OU for the service account.

Set up the delegated control on Active Directory

Hybrid with Exchange Online

By linking your Hybrid and Exchange Online account with Hire2Retire, you can authorize RoboMQ to have a delegated access on your behalf to both applications.

Hybrid with Exchange Online Connection set up

Hybrid with Entra ID Services

By linking your Hybrid and Entra ID account with hire2retire, you can authorize RoboMQ to have a delegated access on your behalf to both applications.

Hybrid with Entra ID Connection set up

Hybrid with SharePoint Online

Hybrid with SharePoint Online application on Hire2Retire uses certificate based authorization for authenticating SharePoint Online.

By linking your Hybrid and SharePoint Online account with Hire2Retire, you can authorize RoboMQ to have a delegated access on your behalf to both applications.

Hybrid with SharePoint Online Connection set up