Safeguard Privilege Manager for Windows 4.5.3

Safeguard Privilege Manager for Windows 4.5.3 - Quick Start Guide

Configuring access to ports, websites, and processes

Preparing your environment for least privileged use > Configuring access to ports, websites, and processes

Your firewall must allow the Safeguard Privilege Manager for Windows Console to access the following domains on ports 80 (non-SSL) and 443 (SSL). In addition to those ports, the Safeguard Privilege Manager for Windows uses a configurable port for the data collection service (8003 by default), to receive information from managed target devices.

Domain	Used for
download.microsoft.com	Microsoft updates
webservices.scriptlogic.com	Safeguard Privilege Manager for Windows web server
support.oneidentity.com	One Identity Support Portal
dams-service.kace.com	Data collection

The following features and processes must be allowed through the firewall on target devices:

Discovering users with local administrative rights:
- Windows Management Instrumentation (WMI)
- Distributed Component Object Model (DCOM)
- File and Printer Sharing
- Remote Administration
Testing rules:
- Windows Management Instrumentation (WMI): dllhost.exe
- Host process for Windows services: svchost.exe for 32-bit OS and
  
  %SystemRoot%\SysWOW64\svchost.exe for 64-bit OS

Installing the Console

Preparing your environment for least privileged use > Installing the Console

For instructions on using the Console Windows Installer file, see Using the Console Windows Installer file in the Safeguard Privilege Manager for Windows Administration Guide.

Configuring the Server

Preparing your environment for least privileged use > Configuring the Server

For instructions on using the Server Configuration Wizard, see Using the Server Configuration Wizard in the Safeguard Privilege Manager for Windows Administration Guide.

Offline installation of the Server and Data Collection service

Preparing your environment for least privileged use > Configuring the Server > Offline installation of the Server and Data Collection service

Safeguard Privilege Manager for Windows does not directly support offline installation. However, you can set up the Server and Data Collection service of the Console if you install some dependencies manually beforehand.

To set up the Server and Data Collection service offline

Install the following components:
- Microsoft System CLR Types for Microsoft SQL Server 2014
  - 32-bit
  - 64-bit
- Microsoft SQL Server 2014 Shared Management Objects
  - 32-bit
  - 64-bit
- Microsoft SQL Server 2014 SP2 Express
  - 32-bit
  - 64-bit
Set up the SQL Server manually. For example, you can run the following command to initiate the SQL Server installer with some pre-configuration in place:

SQLEXPR_2014_ENU.exe /IACCEPTSQLSERVERLICENSETERMS /ACTION=Install /FEATURES=SQL /INSTANCENAME=PAReporting /SECURITYMODE=SQL /SAPWD=<sql-system-admin-password> /SQLSVCACCOUNT=<sql-service-account> /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /AGTSVCACCOUNT=<sql-service-account> /TCPENABLED=1 /SQLSVCPASSWORD=<sql-service-password> /AGTSVCPASSWORD=<sql-service-password>
Once you are done, you can configure the server in the Console using the Use an existing SQL Server instance option during server setup.

Seleziona il prodotto:

Per una maggiore efficacia, compilare l'Obiettivo della chat:

Soluzioni consigliate per il problema

Safeguard Privilege Manager for Windows 4.5.3 - Quick Start Guide

Configuring access to ports, websites, and processes

Installing the Console

Configuring the Server

Offline installation of the Server and Data Collection service