The following platforms are supported;
Safeguard 18.104.22.168 (or greater)
- A Safeguard user with Auditor permissions is required for configuring the data source module.
- The machine running the Safeguard data source module must have the proper SSL root certificate authority certificate(s) that are being used by Safeguard. For more information, see SSL Certificates in the One Identity Safeguard Administration Guide (Safeguard documentation).
- Active Directory credentials are required for configuring the data source module.
- A global catalog must be available in order to resolve trustees outside of the domain.
- A global catalog must be resolvable via its DNS name regardless of whether you are connecting directly to it or to a domain controller connected with a global catalog.
Active Roles Server
ARS 6.9, 7.0.4, 7.1, 7.2
IMPORTANT: Although supported, it is strongly recommended that a collector agent not be installed on a machine with an ARS server.
- At minimum, a domain member account with read access delegated to the following three Active Roles Server nodes is required: Configuration, Managed Units, and Active Directory.
- The Active Directory template All Objects - Read All Properties contains these minimum permissions and can be used. Or you can create a custom template so long as it contains those minimum permissions. See the Active Roles Server documentation for information on configuring permissions within Active Roles Server.
NOTE: By default, Distributed COM Users should contain Authenticated Users. However, if this is missing then you will be unable to connect to Active Roles Server remotely. See this article for more information on adding MinARSAdmin or the exact account in order to fix this issue.
- If both 6.9 and 7.x ADSI providers are available, the ARS 7.x ADSI provider will take precedence followed by 6.9 unless the ActiveRolesAdsiVersion environment variable (in the collector configuration file) has been edited to indicate either 6.9 or 7.0 (which covers all 7.x versions) as the specific version. No other versions can be used as the ActiveRolesAdsiVersion environment variable.
- If no ADSI providers are installed, 6.9 and 7.2.0 ADSI providers will be installed. If an ADSI provider is detected, the collector agent will attempt to use that ADSI provider without installing additional providers.
- When a collector agent is removed, any ADSI providers that were originally installed by the collector agent will also be removed. Any additional dependencies that were installed will not be removed since they are standard Windows redistributables.
- Should an ARS installation not fully meet the supported version requirements for all detected ARS Administration Services, this will cause a version compatibility problem and the collector agent will be unable to collect from that installation.
The source document for this data can be found in this article.