Before installing Safeguard Authentication Services 5.1.2, ensure that your system meets the minimum hardware and software requirements for your platform. The operating system patch level, hardware, and disk requirements vary by UNIX, Linux, and Active Directory platform, and are detailed in the One Identity Safeguard Authentication Services Administration Guide.
NOTE: When setting up a virtual environment, carefully consider the configuration aspects such as CPU, memory availability, I/O subsystem, and network infrastructure to ensure the virtual layer has the necessary resources available. Please consult One Identity's Product Support Policies for more information on environment virtualization.
Safeguard Authentication Services must be licensed in order for Active Directory users to authenticate on UNIX and macOS hosts.
NOTE: While you can install and configure Safeguard Authentication Services on Windows and use the included management tools to UNIX-enable users and groups in Active Directory without installing a license, you must have a valid Safeguard Authentication Services license installed for full functionality.
Upon receiving your license file from One Identity, copy this license file to your desktop or other convenient location.
To add licenses using the Control Center
-
Open the Control Center and click Preferences on the left navigation pane.
-
Expand the Licensing section.
The list box displays all licenses currently installed in Active Directory.
-
Click Actions > Add a license.
-
Browse for the license file and click Open.
The license appears in the list box.
To add licenses directly to the UNIX systems
-
Add a valid license file to /etc/opt/quest/vas/.licenses/ directory.
-
Validate with /opt/quest/bin/vastool license -i.
The process for upgrading the Safeguard Authentication Services Windows components from older versions is similar to the installation process. The Windows installer detects older versions and automatically upgrades them. The next time you launch Active Directory Users and Computers, Safeguard Authentication Services uses the updated Windows components. For detailed installation instructions, see the One Identity Safeguard Authentication Services Installation Guide.
For more detailed information about upgrading your current version of Safeguard Authentication Services, see the One Identity Safeguard Authentication Services Upgrade Guide.
Of course, you may perform your UNIX client management tasks from the UNIX command line, if you prefer. You can find those instructions in the One Identity Safeguard Authentication Services Administration Guide.
The following are the minimum requirements for using Safeguard Authentication Services in your environment.
Table 4: Safeguard Authentication Services requirements
Supported Windows Platforms |
Prerequisite Windows software
If the following prerequisite is missing, the Safeguard Authentication Services installer suspends the installation process to allow you to download the required component. It then continues the install:
You can install Safeguard Authentication Services on 64-bit editions of the following configurations:
-
Windows Server 2012
-
Windows Server 2012 R2
-
Windows Server 2016
-
Windows Server 2019
-
Windows Server 2022
-
Windows 10
-
Windows 11
NOTE: Due to tightened security, when running Safeguard Authentication Services Control Center on Windows 2008 R2 (or later) operating system, functioning as a domain controller, the process must be elevated or you must add authenticated users to the Distributed COM Users group on the computer. As a best practice, One Identity does not recommend that you install or run the Safeguard Authentication Services Windows components on Active Directory domain controllers. The recommended configuration is to install the Safeguard Authentication Services Windows components on an administrative workstation. |
Supported cloud services |
-
AWS Directory Service for Microsoft Active Directory (also called AWS Managed Microsoft AD)
-
Azure Active Directory Domain Services
-
Google Cloud Platform Managed Service for Microsoft Active Directory |