Active Directory Manager Pro Quick start Guide

(1)

Page 1

Active Directory Manager Pro

Quick start Guide

Software version 5.0.0.0 JUNE 2014

General Information: [email protected]

Online Support: [email protected]

(2)

Page 2

This guide may not be reproduced or transmitted in part or in whole by any means, electronic or

mechanical, including photocopying and recording for any purpose other than the purchaser's use under the licensing agreement, without the written permission of CionSystems Inc.

The software application in this guide is provided under a software license (EULA) or nondisclosure agreement. This product may only be used in accordance with the terms of the applicable licensing agreement.

This guide contains proprietary information protected by copyright. For questions regarding the use of this material and product, contact us at:

CionSystems Inc.

16625 Redmond Way, Ste M106

Redmond, WA. 98052 www.CionSystems.com +1.425.605.5235

Trademarks

CionSystems, CionSystems Inc., the CionSystems Inc. logo, CionSystems Active Directory Manager Pro are trademarks of CionSystems. Other trademarks and registered trademarks used in this guide are property of their respective owners.

(3)

Page 3

4.1 Installing from a CD ... 7

4. 2 Installing from the Web ... 7

4.3 Installation Wizard –ADM PRO ... 8

4.4 Installation Wizard –Blackberry component ... 13

5. Configuring CionSystems Active Directory Manager Pro ... 14

5. Troubleshooting Installation issues ... 16

Windows Server 2008 R2 ... 16

Issue #1 ... 16

Issue #2 ... 17

Issue #3 ... 18

Issue #4 ... 19

Issue #5 ... 20

Issue #6 ... 21

Windows Server 2003 ... 25

Issue #1 ... 25

Issue #2 ... 27

Issue #3 ... 28

Issue #4 ... 29

Issue #5 ... 33

Issue #6 ... 34

Issue #7 ... 36

(4)

Page 4

1. Introduction

Active Directory Manager Pro - For every organization identity and access management is far more then a security technology. Identity management gives the users and applications access to the right “access” information. It is critical to ensure that the right and appropriate permissions are in place for users and applications. This is a major factor in driving regulatory compliance initiatives. Building and managing identity strategy can be complex because it touches all users, applications, resources of the companies and customers. Majority of enterprises faces challenges in maintaining consistent policies thereby incurring high administrative cost and direct impact on security and compliance requirements.

CionSystems Active Directory Manager Pro provides a simple and cost effective identity management solution to help you manage accounts across Microsoft directory services.

With CionSystems Active Directory Manager Pro you can:

Centrally manage identities (users, passwords, computers, contacts, groups, OU, GPO, Exchange, terminal server, site, schema, ACL and more) across Windows - saving time, money and resources.

Automate the provisioning process across Windows platforms to reduce costly

errors. Manage enterprise-wide password policies, and reduce costly calls to the help desk. Automate Role-Based Access Management.

Tighten Security and Auditing processes.

Perform global Search and Replace.

Reports - Complying with regulatory requirement can be a very complex, time-consuming and expensive. Generating reports for the compliance may not be a cakewalk. It will require

accessing a glut of raw data coming from numerous organizations and making sense out of it.

Additionally keeping the Identity Management running smoothly requires administrators to know the state of the Active Directory Systems on a proactive basis. A reactive solution can turn out to be a very expensive ordeal for organization as it can effect applications, users and network productivity. Built-in Active Directory auditing lacks many important features and doesn't have reporting capabilities.

CionSystems Active Directory Manager Pro helps with compliance and day to day status check by accessing and presenting the raw data into meaningful reports that allows administrator, senior management and auditors to gain correct insight into the Windows Active Directory

Infrastructure.

(5)

Page 5

 Easy install and ramp-up

 All functionality included in one file, no need for multiple modules

 Task approvals decrease errors and inconsistencies

 Automates the provisioning and deprovisioning process

 Schedule the tasks of adding and removing objects

 Monitor the execution of tasks

 Ability to accept or operations deny requests

 Approval for entitlement/group membership

 Easy compliance

 Multi directory support

 Bulk object management

 Customizable templates increase functionality

 Real-time notifications – inbox size, password expiry, etc

 Change Approval process

 Temporary User and Group management

 Schedule object addition and removal

 Automated Active Directory cleanup

 Attestation for user and group

 LDAP support

 Permission reports

3. System Requirements

CionSystems Active Directory Manager Pro needs:

• 4GB RAM (6GB Recommended).

• 50 MB of disk space.

• Web Browser IE 8 or higher.

• Windows Server 2003, 2008, or 2012.

• IIS server 5.1 or higher.

• Microsoft Exchange administrative tools.

• For exchange 2007 & 2010 support, please install Exchange management tool on the system where you install ADMPRO

• Microsoft .NET 4.0 – 4.0 Framework.

• Access to Exchange Server 2003 or Exchange Server 2007 - 2013.

• Access to Windows Active Directory (2000, 2003, 2008, 2012).

• SQL Server 2008 or higher Full or Express Edition.

• GPMC

3.1 Getting Ready

Before installing CionSystems’s Active Directory Manager Pro, ensure the system has pre-requisites

installed and configured correctly.

(6)

Page 6

Software Requirements

 A system with Windows server 2003, Windows server 2003 R2, Windows server 2008,

Windows server 2008 R2, Windows server 2012 and, Windows server 2012 R2.

 Active Directory Manager Pro is web-based application that is hosted in IIS. Enable IIS

server role see the below screenshot of IIS services to enable. The picture is from IIS

version 7. Note: IIS 5.1 configuration screens look significantly different. Please see the

Windows Server 2003 under troubleshooting section.

 Active Directory Manager Pro asks for IIS username and password during installation.

(7)

Page 7

hosted on a different system. Microsoft SQL server two types of authentication, SA or

Windows authentication. Please choose the desired SQL authentication at installation.

o Ensure Browser service is running to be able to connect to Microsoft SQL server

on a different system

o Ensure TCP/IP is enabled for SQL

o Ensure appropriate SQL ports are opened in firewall.

4. Installation

CionSystems Active Directory Manager Pro can be installed using a CD or from the web.

4.1 Installing from a CD

To install Active directory Manager Pro from CD:

1. Insert CionSystems Active Directory Manager Pro CD into your CD drive.

2. Click on start on start button.

3. Click on My Computer.

4. Double click on CD drive.

5. Double click on ActiveDirectoryManager.msi.

6. Setup process will start.

7. Go to Picture 1 in Installation Wizard.

4. 2 Installing from the Web

After registration of the Active Directory Manager Pro trial version, an email will be sent with the link to download ActiveDirectoryManager.msi.

To install from the website:

1. Open email.

(8)

Page 8

2. Click on the ActiveDirectoryManager.msi link.

3. Save ActiveDirectoryManager.msi file to the hard drive.

4. When the download is complete, go to start > windows explorer.

5. Open the file where ActiveDirectoryManager.msi file was saved.

6. Double click on ActiveDirectoryManager.msi file.

7. Setup process will start.

8.

Go to step 1 in Installation Wizard.

4.3 Installation Wizard –ADM PRO

The welcome screen will open

1 Click Next

2. Click Next in System Requirements and Info screen.

(9)

Page 9

3. Select I Agree.

(10)

Page 10

4. Click Next.

5. Active Directory Manager Pro will start installing.

(11)

Page 11

6. IIS Authentication pop up will appear, enter IIS Username and Password, Click on OK button.

If the System joined in Domain give domain\username

If the system not joined in domain give system name\username

(12)

Page 12

7. SQL Server Configuration pop up will appear, if u are installing the application for first time then click on ‘Create New Database. In Configuration Details, you can select SQL

Authentication or Windows Authentication.

For SQL Authentication Enter SQL database Server name, Select SQL Authentication, Enter Login and Password. Enter valid details and click Test Connection. If Test Connection displays

connected successfully message. Then, Click on Next.

For Windows Authentication Enter SQL database Server name, Select Windows Authentication, here, Login and Password will be grayed out. Enter valid details and click Test Connection. If Test Connection displays connected successfully message. Then, Click on Next.

Note:

To use the ‘Existing Database’ radio button. AD Manager pro Database should already exists in the SQL database.

To use ‘Create New Database’ radio button. AD Manager pro Database should not be there in the SQL database.

(13)

Page 13

8. When the installation is complete, click Close.

4.4 Installation Wizard –Blackberry component

Double click on ‘zip file’ and click on the .MSI file to start the installation. Walk through the installation wizard by clicking on next and complete the installation of the mobility component.

(14)

Page 14

5. Configuring CionSystems Active Directory Manager Pro

1. Click on Start Button> All Programs> CionSystems> Active Directory Manager Pro icon.

OR

Click ActiveDirectoryManagerPro Icon on desktop.

2. The login screen will open in the default web browser, to login on to the application for the first time

Enter “admin” in the User Name dialogue box.

Enter “admin” in the Password dialogue box.

Note: It is recommended that user name and password should be changed after the application has launched.

(15)

Page 15

4. The installation and configuration is complete and you should see the following screen.

(16)

Page 16

Once Active Directory Manager Pro is successfully installed and launched, the dashboard

window will appear with a view of the active directory categories of reports and task list.

For instructions on how the Active Directory Manager Pro dashboard can be customize to meet individual user needs please refer to “Active Directory Manager Pro Help Guide “.

5. Troubleshooting Installation issues

Windows Server 2008 R2

Issue #1

If you see the following error

1. If you see the following screen when during install

To install the .NET version Click on Below Link

(17)

Page 17

Log on as administrator or run the .MSI as an administrator by holding down shift key and right click the mouse, choose run as administrator.

(18)

Page 18

Issue #3

This happens when .NET 2.0 is not enabled on the system. On Windows 2008 server, all .net components are installed but are not enabled by default. You have to enable by going to server manager application, go to IIS server role and enable. Ensure the check boxes matches the following screenshots.

(19)

Page 19

(20)

Page 20

Issue #5

If the login fails after trying ‘admin’ & ‘admin’ (without quotes): see the solution below

Start the sql server management studio and note the sql connection string and username. You have to provide this username during the install of ADM PRO. Otherwise whatever username you provided you have to provide SQL privileges.

(21)

Page 21

This can happen because the firewall is blocking ports. Check the firewall and SQL to ensure the right SQL ports are open.

Below is an example

1) Click on start All programs, open Microsoft SQL server 2005, Click on Configuration tools, open SQL server Surface area configuration

(22)

Page 22

Click on Surface Area Configuration for services and connectors

Click on Remote Connections, select both TCP/IP and Named pipes

(23)

Page 23

Select Protocols for SQLEXPRESS

(24)

Page 24

Select TCP/Ip, goto properties, in properties windows select IP address

In IP1 set TCP Port as 1433 and in IPALL set TCP port as 1433, Click on OK Restart SQLServer and SQL server Browser services

To open above ports in Windows firewall run this command from command prompt netsh advfirewall firewall add rule name = SQLPort dir = in protocol = tcp action = allow localport = 1433 remoteip = localsubnet profile = DOMAIN

To connect Remote Database you have to install SQL browser service (for SQL 2008) In firewall enable UDP port (By Default 1434) for SQL Browser

To connect to Remote Database through windows authentication, the system must be Member of that Domain and that Domain has to be added in SQL database security logins

(25)

Page 25

1. If you see the following screen when during install

(26)

Page 26

To install the .NET version

Click on Below Link

http://www.microsoft.com/en-in/download/details.aspx?id=17718

Ensure the .Appropriate .NET versions are installed.

(27)

Page 27

Install the web server role as shown below

(28)

Page 28

Issue #3

If the login fails after trying ‘admin’ & ‘admin’ (without quotes): see the solution below

(29)

Page 29

(30)

Page 30

This can happen because the firewall is blocking ports. Check the firewall and SQL to ensure the right SQL ports are open.

Below is an example

1) Click on start All programs, open Microsoft SQL sever 2005, Click on Configuration tools, open SQL server Surface area configuration

(31)

Page 31

Click on Remote Connections, select both TCP/IP and Named pipes

(32)

Page 32

Click on SQL server, browser, select service startup type as Automatic, Click on OK

2)Now open SQL Server Configuration Manager

Select Protocols for SQLEXPRESS

(33)

Page 33

Issue #5

After installing the application, if menu do not display in Microsoft Internet Explorer then please check the Internet Explorer following setting as indicated in the below picture.

(34)

Page 34

Go to ToolsInternet options-Security- Enable custom level Enable Binary and Script Behavior option. Save it, you may have to restart the application again.

Issue #6

When installing the application on IIS6.0 you may see the following screen.

(35)

Page 35

(36)

Page 36

Issue #7

You may experience the following error as shown in the below picture.

To fix the issue take the following steps



Open Inetmgr.exe by clicking start run and typing inetmr.exe



Click on Application pools and select CionADManagerPro ,



Right click on it as shown in the below picture

(37)

Page 37

(38)

Page 38

Contact Notes:

For technical support or feature requests, please contact us at [email protected] or 425.605.5325 For sales or other business inquiries, we can be reached at [email protected] or 425.605.5325 If you’d like to view a complete list of our Active Directory Management solutions, please visit us online at www.CionSystems.com

Disclaimer

The information in this document is provided in connection with CionSystems products. No license, express or implied, to any intellectual property right is granted by this document or in connection with the sale of CionSystems products.

EXCEPT AS SET FORTH IN CIONSYSTEMS’LICENSE AGREEMENT FOR THIS PRODUCT, CIONSYSTEMS INC. ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A

PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL CIONSYSTEMS INC. BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL,PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION OR LOSS OF INFORMATION) ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF CIONSYSTEMS INC. HAS BEEN ADVISED IN WRITING OF THE POSSIBILITY OF SUCH DAMAGES. CionSystems may update this document or the software application without notice.

CionSystems Inc 16625 Redmond Way, Ste M106 Redmond, WA 98052 425.605.5325

This guide is provided for informational purposes only, and the contents may not be reproduced or transmitted in any form or by any means without our written permission.