AD Certificate Distribution

Similar documents
Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

Create, Link, or Edit a GPO with Active Directory Users and Computers

Windows Clients and GoPrint Print Queues

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

ContentWatch Auto Deployment Tool

ACTIVE DIRECTORY DEPLOYMENT

Installation Logon Recording Basis. By AD Logon Name AD Logon Name(recommended) By Windows Logon Name IP Address

4cast Client Specification and Installation

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

SARANGSoft WinBackup Business v2.5 Client Installation Guide

ENABLE LOGON/LOGOFF AUDITING

Specops Command. Installation Guide

How to Give Admin Rights to Students on the ADGRM Domain

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

USING STUFFIT DELUXE THE STUFFIT START PAGE CREATING ARCHIVES (COMPRESSED FILES)

ArcGIS Business Analyst Premium* ~ Help Guide ~ Revised October 3, 2012

Secrets of Event Viewer for Active Directory Security Auditing Lepide Software

Deployment of Keepit for Windows

Virtual Office Remote Installation Guide

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

How to add your Weebly website to a TotalCloud hosted Server

Lab A: Deploying and Managing Software by Using Group Policy Answer Key

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Sharpdesk V3.5. Push Installation Guide for system administrator Version

How to Connect to Berkeley College Virtual Lab Using Windows

System Area Management Software Tool Tip: Agent Deployment utilizing. the silent installation with Active Directory

eadvantage Certificate Enrollment Procedures

Automatic Network Deployment

Endpoint Client Installation using Group Policy (Logon Script):

Windows 7 Hula POS Server Installation Guide

Distributing SMS v2.0

SpamTitan Outlook Addin V2.0

Using Internet or Windows Explorer to Upload Your Site

Secure Agent Quick Start for Windows

Avatier Identity Management Suite

ELR (Educational Lending Right) School Library Survey Matching Program for Amlib Installation and User Guide

MailStore Outlook Add-in Deployment

MANAGING OUTLOOK PERSONAL DATA FILES

How To Install Outlook Addin On A 32 Bit Computer

Video Administration Backup and Restore Procedures

Advanced Audit Policy Configurations for LT Auditor+ Reference Guide

ECA IIS Instructions. January 2005


Adding a User to Active Directory in Windows Server 2012

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

Millennium Drive. Installation Guide

Pcounter for Windows

Exclaimer Signature Manager 2.0 User Manual

LT Auditor Windows Assessment SP1 Installation & Configuration Guide

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Secure Web Service - Hybrid. Policy Server Setup. Release Manual Version 1.01

Promap V4 ActiveX MSI File

OUTLOOK ADDIN V1.5 ABOUT THE ADDIN

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Integrating LANGuardian with Active Directory

Introduction. Before you begin. Installing efax from our CD-ROM. Installing efax after downloading from the internet

Microsoft Dynamics CRM Clients

Frequently Asked Questions

Password Policy Enforcer

Guide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu

Exclaimer Signature Manager 2.0 User Manual

SonicWALL CDP 5.0 Microsoft Exchange InfoStore Backup and Restore

ACS EPF Download Manager Technical Guide. Table of Contents

Pearl Echo Installation Checklist

Install FileZilla Client. Connecting to an FTP server

Migrating MSDE to Microsoft SQL 2008 R2 Express

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Download/Install IDENTD

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

Interact for Microsoft Office

Installing the ASP.NET VETtrak APIs onto IIS 5 or 6

About This Guide Signature Manager Outlook Edition Overview... 5

Global Image Management System For epad-vision. User Manual Version 1.10

Wavecrest Certificate

Active Directory Management. User Interface Guide

INSTALLATION INSTRUCTIONS FOR UKSSOGATEWAY

CONFIGURING TARGET ACTIVE DIRECTORY DOMAIN FOR AUDIT BY NETWRIX AUDITOR

Section 1: Preface Introduction... 1 Users... 1 Assumptions... 2 Other Resources... 2 Conventions... 2 Icons... 2 Text... 2

Active Directory Software Deployment

Password Manager Windows Desktop Client

Setup non-admin user to query Domain Controller event log for Windows2003

QUANTIFY INSTALLATION GUIDE

NearPoint Archive and Retrieval System

Using SSH Secure Shell Client for FTP

IIS, FTP Server and Windows

Configuring a Custom Load Evaluator Use the XenApp1 virtual machine, logged on as the XenApp\administrator user for this task.

Changing Passwords in Cisco Unity 8.x

Domain Controller Failover When Using Active Directory

Copyright Texthelp Limited All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval

Differences between Computer and User Templates

OUTLOOK WEB APP (OWA): MAIL

Avatier Identity Management Suite

NetSpective Logon Agent Guide for NetAuditor

Configuring browser settings (Internet Explorer and Google Chrome) for Bug Club via a Group Policy

Lab 18: Access Control/Audit

Instructions for Configuring a SAS Metadata Server for Use with JMP Clinical

DeviceLock Management via Group Policy

Transcription:

Technical Brief AD Certificate Distribution Contents Introduction 2 Preparation 2 Server Actions 4 Active Directory Actions 5 Appendix A: Scripts zip 10

INTRODUCTION M86-Security provides a solution for the distribution of the Secure Web Service Hybrid (SWSH) Agent and Certificates (p12) via the organizations Active Directory Group Policy Objects (GPO). The proposed solution is a silent installation and distribution of digital certificates as a unique identifier for end-users of the M86 Secure Web Service Hybrid cloud solution. This document provides information regarding any issues associated with the installation and implementation of the stages performed during the proposed digital certification solution. Agent Installation To install the Agent, an administrator must log into the station. This is required as the agent must be installed with administrator privileges. Certificate Management Upon Secure Web Service Hybrid cloud user login to the domain, on a station in which an agent is already installed, the user will receive the unique key and certificate via the domain s GPO. It should be noted that this solution will be applied at the user s login (not when unlocked) and when the policy is refreshed (based on the set defaults of the organization). The Solution will test whether the certificate is needed, and if so, the certificate will be installed for the user. The procedures outlined below are the steps necessary to accomplish the aforementioned tasks PREPARATION 1. Download and install any file archive manager, such as WinRar (www.rarlab.com). 2. Define a dedicated file folder in the system where cloud user certificates are to be placed (for example: CertsDir). 3. Extract the cloud user certificates, as downloaded from the Policy Server GUI, into CertsDir.Ensure the certificate name format is as follows: <username>.p12 4. Extract the files found in attached to this document (Appendix A: Scripts zip) to the CertsDir 5. From the extracted files, Run the Change Permissions.bat file (The file should be run under Administrator privileges). NOTE: The.bat file changes the permissions on the certificates (.p12) files and allows each user to access only the certificate file that belongs uniquely to that user.

6. Edit the script variables according to the enterprise-specific environment: a. Right-click the file Install.vbs and select Edit. b. In the selected text, change the values for the following: i. SERVER The server from which the cloud users obtain their certificates. NOTE: The server pertains to the Domain Controller IP/name and not the Policy Server name. ii. PASSWORD The cloud user s certificate password as defined in the Policy Server GUI during initial policy server configurations. c. Save the file and exit. d. Right-click the file InstallAgent.vbs and select Edit e. In the selected text, change the values for the following: i. SERVER The server from which the cloud users obtain their certificates. NOTE: The server pertains to the Domain Controller IP/name and not the Policy Server name. ii. INSTALLER The Secure Web Service Agent installer file name. The installer is downloaded from the Poicy Server GUI. f. Save the file and exit.

SERVER ACTIONS 1. Create a folder titled "CertificatesDist". This folder can be created anywhere in the file system of the operating system. 2. Right-click the "CertificatesDist" folder and select Sharing and Security. 3. Enable the Share this folder radio button and set the share name as CertificatesDist. 4. Move all the files previously created in steps 1 through 6 in the Preparation section above, as well as the certificate files, to the "CertificatesDist" folder.

ACTIVE DIRECTORY ACTIONS 1. Open the Active Directory Users and Computers Management Screen. 2. Navigate to the Start menu, select Run. 3. Enter line: dsa.msc and click OK. The Active Directory Users and Computers screen will open: 4. In the left tree pane, select the Domain, right-click and choose properties.

5. In the Domain Properties window, in the Group Policy tab, create the required Group Policy Object: a. Click New. b. Change the name of the Group Policy Object as required. For example: Certificates-Distribution. c. Click Edit. d. In the open Group Policy Object Editor window, navigate to Windows Settings. e. Select Scripts (Logon /Logoff) and double-click Logon. f. Click Add.

g. Under Script Name, register the full path of the share folder where the script Install.vbs is saved, and click OK. The path should be, for example, \\<SERVERNAME>\CertificatesDist\install.vbs WARNING! Do not choose the path via Browse! Enter the path manually.

h. Click Add once more. i. Under Script Name, enter the full path of the share folder where the script InstallAgent.vbs is saved and click OK. WARNING! Do not choose the path via Browse! Enter the path manually. j. In the windows Logon Properties click OK. k. Close the Group Policy Object Editor window. 6. In the Properties window (Domain), click Close. 7. Close Active Directory Users and Computers. 8. Click Start, select Run, and enter gpupdate /force in the text box. 9. Click OK.

APPENDIX A: SCRIPTS ZIP ABOUT M86 SECURITY M86 Security is a global provider of Web and messaging security products, delivering comprehensive protection to more than 20,000 customers and over 16 million users worldwide. Asom malware and spam; protect their sensitive information; and maintain employee productivity. The company is based in Orange, California with international headquarters in London and offices worldwide. For more information about M86 Security, please visit www.m86security.com.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information