Chat now with support
Chat with Support

Safeguard Authentication Services 4.1.5 - Installation Guide

One Identity Privileged Access Suite for Unix Introducing One Identity Authentication Services Installing and configuring Authentication Services Installing and joining from the Unix command line Getting started with Authentication Services Troubleshooting Enterprise package deployment

System requirements

Prior to installing Authentication Services, ensure your system meets the minimum hardware and software requirements for your platform. Authentication Services consists of Windows management tools and Unix client agent components.

Related Topics

Windows management tools requirements

Authentication Services Windows components

Windows permissions

Unix agent requirements

Authentication Services Unix components

Authentication Services permissions matrix

Authentication Services encryption types

Management Console for Unix requirements

Windows management tools requirements

The following are the minimum requirements for installing Authentication Services in your Windows environment:

Table 1: Authentication Services Windows requirements
System Requirements:

Supported Windows Platforms

You can install Authentication Services on 32-bit or 64-bit editions of the following configurations:

  • Windows XP SP2 (or later)
  • Windows Vista
  • Windows 7
  • Windows 8
  • Windows Server 2003 SP1 (or later)
  • Windows Server 2008
  • Windows Server 2008 R2
  • Windows Server 2012

NOTE: Due to tightened security, when running Authentication Services Control Center on Windows 2008 R2 (or higher) operating system, functioning as a domain controller, the process must be elevated or you must add authenticated users to the Distributed COM Users group on the computer. As a best practice, One Identity does not recommend that you install or run the Authentication Services Windows components on Active Directory domain controllers. The recommended configuration is to install the Authentication Services Windows components on an administrative workstation.

Prerequisite Windows Software

You can download all of the following prerequisite software free from the Microsoft website:

Authentication Services Windows components

Authentication Services includes the following Windows components:

Table 2: Windows components
Windows Component Description

Authentication Services Control Center

A single console for access to all of the tools and configuration settings for Authentication Services.

Active Directory Users and Computers MMC Snapin Extensions

Unix management extensions for Active Directory users and groups.

Group Policy Management Editor MMC Snapin Extensions

Group Policy extensions for management of Unix, Linux and Mac OS X.

RFC2307 NIS Map Editor MMC Snapin

Provides the ability to manage NIS data in Active Directory.

NIS Map Import Wizard

Imports NIS data into Active Directory.

Unix Account Import Wizard

Imports Unix identity data into Active Directory.

Authentication Services PowerShell cmdlets

Provides the ability to script Unix management tasks.

Documentation

Full product documentation and online help.

Windows permissions

To install Authentication Services on Windows, you must have:

  • Local administrator rights
  • Rights to create and delete all child objects in the container where you will install the configuration settings (first-time only)

Authenticated Users must have rights to read cn, displayName, description, and whenCreated attributes for container objects in the application configuration location. To change Active Directory configuration settings, Administrators must have rights to Create Child Object (container) and Write Attribute for cn, displayName, description, showInAdvancedViewOnly in the application configuration location.

Table 3: Required Windows permissions
Rights Required For User Object Class Attributes
Create Child Object

Authentication Services Administrators Only

Container

 

Delete Child Object

Authentication Services Administrators Only

Container

 
Delete Child Object

Authentication Services Administrators Only

Container

 
Write Attribute

Authentication Services Administrators Only

Container

cn, displayName, description, showInAdvancedViewOnly
Read Attribute

Authenticated Users

Container

cn, displayName, description, whenCreated
Related Documents