diff --git a/docs/auditor/10.8/configuration/microsoft365/sharepointonline/ports.md b/docs/auditor/10.8/configuration/microsoft365/sharepointonline/ports.md
index 9b04303ca0..9fd482404b 100644
--- a/docs/auditor/10.8/configuration/microsoft365/sharepointonline/ports.md
+++ b/docs/auditor/10.8/configuration/microsoft365/sharepointonline/ports.md
@@ -18,5 +18,5 @@ Tip for reading the table: For example, on the computer where Netwrix Auditor Se
| Port | Protocol | Source | Target | Purpose |
| ---- | -------- | ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- |
-| 80 | TCP | Netwrix Auditor Server | For a full list of Office 365 URLs, refer to the following Microsoft support article: [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2) | login.windows.net graph.windows.net manage.office.com |
-| 443 | TCP | Netwrix Auditor Server | For a full list of Office 365 URLs, refer to the following Microsoft support article: [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2) | login.windows.net graph.windows.net manage.office.com |
+| 80 | TCP | Netwrix Auditor Server | For a full list of Office 365 URLs, refer to the following Microsoft support article: [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2) | login.windows.net graph.windows.net manage.office.com `{TenantName}`-admin.sharepoint.com `{TenantName}`.sharepoint.com `{TenantName}`-my.sharepoint.com |
+| 443 | TCP | Netwrix Auditor Server | For a full list of Office 365 URLs, refer to the following Microsoft support article: [Office 365 URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2) | login.windows.net graph.windows.net manage.office.com `{TenantName}`-admin.sharepoint.com `{TenantName}`.sharepoint.com `{TenantName}`-my.sharepoint.com |
diff --git a/docs/changetracker/8.1/admin/settingstab/credentials.md b/docs/changetracker/8.1/admin/settingstab/credentials.md
index 7ba42a1c88..40479046ad 100644
--- a/docs/changetracker/8.1/admin/settingstab/credentials.md
+++ b/docs/changetracker/8.1/admin/settingstab/credentials.md
@@ -64,3 +64,11 @@ These credentials are used by database compliance reports to connect directly to
instance.
+
+**Note:** v1 database credentials are now deprecated and only maintained for backward compatibility. v2 database credentials should be used for any new connections.
+
+When adding a v1 database credential a database connection string was required. This required a separate database credential for each database instance to monitor even if the username and password were the same! To address this, v2 database credentials only contain username and password.
+
+Connection strings are now required when defining a proxied device for a database connection. This allows you to use the same database credential for multiple database connections. It also means there is only one credential to update when its password expires.
+
+For more information on v2 database credentials, see the [v8.1 release notes](https://community.netwrix.com/t/minor-version-8-1-released/2829)
diff --git a/docs/customer/portal/index.md b/docs/customer/portal/index.md
index 068a7786a7..cb4bc67c5c 100644
--- a/docs/customer/portal/index.md
+++ b/docs/customer/portal/index.md
@@ -8,7 +8,7 @@ description: "Register for a Netwrix Customer Portal account, access downloads,
import { Company } from '@site/src/training/products';
-Follow the step to register for a Customer Portal account.
+Follow the steps to register for a Customer Portal account.
1. Navigate to the [Netwrix website](https://www.netwrix.com/)
diff --git a/docs/customer/training/product/password-policy-enforcer.md b/docs/customer/training/product/password-policy-enforcer.md
index 18a4286137..83dc6d0cf5 100644
--- a/docs/customer/training/product/password-policy-enforcer.md
+++ b/docs/customer/training/product/password-policy-enforcer.md
@@ -10,23 +10,28 @@ import { NPPEValue } from '@site/src/training/password-policy-enforcer';
import { Company, NPPE } from '@site/src/training/products';
-Estimated length: 1.25 hours
+Estimated length: 35 minutes
In this learning path, you will learn how to use . It contains the following courses:
* 1240 – Valuable Features
-* What's New in Netwrix Password Policy Enforcer v10.2
+* What's New in Netwrix Password Policy Enforcer v11.1
-## What's New in v10.2
+## What's New in v11.1
-Watch our customer webinar to learn about the newest updates and enhancements in 10.2.
+Watch our customer webinar for a closer look at what’s new in 11.1 and how it simplifies password security.
-Tyler Reese, Director of Product Management, and Maurice Lethbridge, Solutions Engineer, will show you how to:
+In this live session, you'll learn how PPE 11.1 helps you:
+* Detect password reuse across accounts to improve security.
+* Simplify mailer integration with Microsoft 365 and Google Workspace.
+* Support Windows Server 2025.
+* Deploy PPE Web with a modernized installer.
+* Interpret password policy feedback more easily with improvements to Live Policy View.
-* Download the most recent HIBP hash list and incremental updates directly from .
-* Automatically expire passwords when a compromised one is found.
-* Bulk test passwords against your policies and get a report.
-* Provide users real-time password feedback based on applied policies.
+Plus, get step-by-step demos and real-time answers to your top questions.
-Estimated length: 1 hour
+* Date: September 30, 2025
+* Presenter: Tyler Reese & Jennifer Taufan
+
+Estimated length: 30 minutes
diff --git a/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md b/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md
new file mode 100644
index 0000000000..47658f09c0
--- /dev/null
+++ b/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md
@@ -0,0 +1,3240 @@
+---
+title: "Netwrix Directory Manager Credential Provider Installation and Configuration"
+description: "Installation and Configuration Guide for Netwrix Directory Manager Credential Provider"
+sidebar_position: 1
+---
+
+# Netwrix Directory Manager Credential Provider - Technical Documentation
+---
+
+## Table of Contents
+
+1. [Introduction](#introduction)
+2. [Glossary](#glossary)
+3. [First-Time Setup Guide](#first-time-setup-guide)
+4. [Configuration Methods](#configuration-methods)
+5. [Configuration Reference](#configuration-reference)
+6. [Common Deployment Scenarios](#common-deployment-scenarios)
+7. [Troubleshooting & FAQ](#troubleshooting--faq)
+8. [Security Best Practices](#security-best-practices)
+9. [Rollback Instructions](#rollback-instructions) (includes upgrade procedure)
+10. [Support](#support)
+
+---
+
+## Introduction
+
+The Netwrix Directory Manager Credential Provider, formerly known as Netwrix GroupID Credential Provider, is a Windows Credential Provider that extends the Windows login screen to provide self-service password reset and account unlock functionality. This enables users to reset their passwords or unlock their accounts directly from the Windows login screen without administrator assistance.
+
+### What This Documentation Covers
+
+- Step-by-step installation and configuration for first-time users
+- Upgrade procedure (uninstall old version, install new version)
+- Detailed configuration reference for all available settings
+- Common scenarios with example configurations
+- Troubleshooting guide for resolving common issues
+- Security considerations and best practices
+
+### Prerequisites
+
+- **Windows 10 or Windows 11** (64-bit)
+- **Administrator access** to the target machine
+- **Visual C++ 2022 Redistributable** (x64) - included in installer
+- **Network access** to your password reset portal (HTTPS recommended)
+- **Minimum 500 MB** free disk space for installation
+
+### Upgrade Policy
+
+**Important:** This product does NOT support in-place upgrades. To upgrade to a newer version:
+1. Uninstall the current version (see [Rollback Instructions](#rollback-instructions))
+2. Restart the computer
+3. Install the new version following the [First-Time Setup Guide](#first-time-setup-guide)
+4. Apply your configuration settings
+
+Your configuration settings in CPSettings.xml or Group Policy will be preserved during uninstall and can be reused with the new version.
+
+---
+
+## Glossary
+
+Understanding these terms will help you configure the credential provider effectively:
+
+| Term | Definition |
+|------|------------|
+| **Credential Provider** | A Windows component that handles user authentication at the login screen. Windows supports multiple credential providers simultaneously (password, PIN, fingerprint, etc.). |
+| **CLSID** | Class Identifier - A unique GUID (Globally Unique Identifier) that identifies a COM class in Windows. The credential provider uses `{c8765b62-7058-4d7f-9421-11a75d623206}` as its identifier. |
+| **CPSettings.xml** | Configuration file that contains all settings for the credential provider. Located in the installation directory by default. |
+| **CEF** | Chromium Embedded Framework - An open-source framework used to embed a Chromium-based web browser in the credential provider for rendering password reset web pages. |
+| **PLAP** | Pre-Logon Access Provider - A credential provider that appears before the user selects a logon option, typically used for VPN connections before login. |
+| **GPO** | Group Policy Object - A Windows feature that allows centralized management of settings across multiple computers in an Active Directory environment. |
+| **Tile** | The visual element on the Windows login screen representing a credential provider or user account. |
+| **Filter** | A mechanism to control which other credential providers appear on the login screen when the Netwrix credential provider is active. |
+| **Registry** | Windows database that stores system and application configuration settings. |
+| **MSI** | Microsoft Installer package - The installation file format for Windows applications. |
+
+### Common CLSIDs Referenced in Filters
+
+These are Windows built-in credential provider CLSIDs that you may want to filter (show/hide):
+---
+- `{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}` - Password Credential Provider (standard Windows password login)
+- `{2135F72A-90B5-4ED3-A7F1-8BB705AC276A}` - Picture Password Provider
+- `{8AF662BF-65A0-4D0A-A540-A338A999D36F}` - Fingerprint Provider
+- `{BEC09223-B018-416D-A0AC-523971B639F5}` - Windows Hello Face Provider
+- `{D6886603-9D2F-4EB2-B667-1971041FA96B}` - PIN Provider
+---
+**Why these CLSIDs matter**: The FilterLogon and FilterUnlock settings use these CLSIDs to control which credential providers appear alongside the Netwrix provider. This helps simplify the login experience for users.
+
+---
+
+## First-Time Setup Guide
+
+This section provides a complete step-by-step walkthrough for installing and configuring the Netwrix GroupID Credential Provider for the first time.
+
+### Quick Start Checklist
+
+**Essential steps to get up and running:**
+
+1. [ ] Install the MSI package (PasswordCenterClientSetup64.msi)
+2. [ ] Configure password reset URLs in CPSettings.xml
+3. [ ] Restart the machine
+4. [ ] Verify the credential provider appears on login screen
+5. [ ] Test password reset functionality
+
+**Time Required**: Approximately 15-20 minutes
+
+---
+
+### Step 1: Manual Installation
+
+This method is suitable for single computers or small deployments where centralized management is not required.
+
+#### Installation Steps
+
+1. **Download the Installer**
+ - Obtain `PasswordCenterClientSetup64.msi` (also referred to as `NetwrixdirectorymanagerCredentialprovider.msi` in legacy documentation) from your Netwrix Product Library or link shared by your Account Manager
+ - Verify the file is digitally signed by Netwrix
+
+2. **Run the Installer**
+ - Navigate to the folder where you have copied the MSI package
+ - Right-click the MSI file and select "Run as administrator"
+
+
+3. **Installation Complete**
+ - The installer will copy all necessary files
+ - Register the credential provider with Windows
+ - Install Visual C++ 2022 Redistributable if not already present
+ - **Important**: A system reboot is required to activate the credential provider
+
+4. **Reboot the System**
+ - The installer will prompt for a reboot
+ - Save all work and restart the computer
+ - After reboot, the credential provider will be active
+
+**Default Installation Location**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\
+```
+
+**Installed Files**:
+- `Imanami.PasswordCenter.Credential64.dll` - Core credential provider
+- `GroupIDBrowser.exe` - Browser launcher
+- `WebBrowser.exe` - CEF-based browser
+- `CPSettings.xml` - Configuration file (see Step 2)
+- Additional CEF runtime files and resources
+
+#### Post-Installation Verification
+
+After reboot, the Windows logon screen will display with the credential provider active:
+
+![Windows Logon Screen Example]
+
+The logon screen will show:
+- **Netwrix logo** (or custom logo if configured)
+- **Title text** under the logo (customizable via CPTitle setting)
+- **"Forgot Password?"** link (default text, customizable)
+- **"Unlock Account"** link (default text, customizable)
+
+These options route users to the URLs configured in the `CPSettings.xml` file.
+
+#### Quick Configuration of CPSettings.xml
+
+The `CPSettings.xml` file is created during installation with default values. Before first use, you should customize these key settings:
+
+**Location**: `C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml`
+
+**Essential Settings to Configure**:
+
+Open `CPSettings.xml` in a text editor (as administrator) and modify these values:
+
+1. **Forgot Password Link Text**:
+ ```xml
+
+ ```
+ Customize the text that appears on the Windows logon screen for the password reset option.
+
+2. **Unlock Account Link Text**:
+ ```xml
+
+ ```
+ Customize the text that appears on the Windows logon screen for the unlock option.
+
+3. **Password Reset URL**:
+ ```xml
+
+ ```
+ Set the URL where users will be redirected to reset their password:
+ - **For GroupID 10**: `https://MachineName:port/portalname`
+ - **For GroupID 11**: `https://MachineName:port/portalname/Home/PasswordReset`
+
+4. **Account Unlock URL**:
+ ```xml
+
+ ```
+ Set the URL where users will be redirected to unlock their account:
+ - **For GroupID 10**: `https://MachineName:port/Portalname`
+ - **For GroupID 11**: `https://MachineName:port/portalname/Home/UnlockAccount`
+
+5. **Credential Provider Title**:
+ ```xml
+
+ ```
+ This text appears as the title under the Netwrix logo on the Windows logon screen.
+
+**Important**: After modifying `CPSettings.xml`, restart the computer or lock/unlock the session twice for changes to take effect.
+
+For complete configuration options, see [Configure Required Settings](#step-3-configure-required-settings) below.
+
+---
+
+### Step 1A: Enterprise Deployment via Group Policy Software Installation
+
+For organizations managing multiple computers in an Active Directory environment, deploying via Group Policy Software Installation provides centralized management and automated deployment.
+
+**Prerequisites**:
+- Active Directory domain environment
+- Domain Administrator or delegated GPO management rights
+- Network share accessible by all target computers
+- MSI package (PasswordCenterClientSetup64.msi)
+
+**Deployment Steps**:
+
+#### 1. Prepare the Installation Package
+
+1. **Create Network Share**:
+ - Create a shared folder accessible by all computers
+ - Example: `\\fileserver\software\CredentialProvider\`
+ - Set share permissions:
+ - Domain Computers: Read
+ - Authenticated Users: Read
+ - Administrators: Full Control
+
+2. **Copy MSI to Network Share**:
+ ```
+ \\fileserver\software\CredentialProvider\PasswordCenterClientSetup64.msi
+ ```
+
+3. **Set NTFS Permissions on Share**:
+ - Right-click the shared folder → Properties → Security
+ - Add "Domain Computers" with Read permissions
+ - Add "Authenticated Users" with Read permissions
+ - This ensures computers can access the MSI during installation
+
+4. **Copy CPSettings.xml to Network Share** (Optional):
+ - Copy the customized `CPSettings.xml` file to the same network share
+ - This file will be referenced by the MSI during installation
+ - Share this file with Read permissions for Domain Computers
+
+#### 1A. (Optional) Create MSI Transform File Using Orca
+
+If you need to customize the MSI installation (such as pre-configuring the SOURCEPATH for CPSettings.xml), you can create a Transform (.mst) file using Orca. This is an advanced method for organizations that want to embed configuration settings directly into the deployment package.
+
+**When to Use This Method**:
+- You want to pre-configure the CPSettings.xml source path
+- You need to modify MSI properties before deployment
+- You want a single, reusable deployment package with custom settings
+
+**Prerequisites**:
+- Orca MSI editor tool (included in Windows SDK)
+- MSI package (PasswordCenterClientSetup64.msi or NetwrixdirectorymanagerCredentialprovider.msi)
+
+**Steps to Create MST Transform File**:
+
+1. **Install Orca**:
+ - Browse to the folder containing the Credential Provider package
+ - Navigate to the `MST Guide` folder (if included with your package)
+ - Run `Orca-x86_en-us.msi` to install Orca
+ - The Orca console will open after installation
+
+2. **Open MSI in Orca**:
+ - Launch Orca application
+ - Click **File** → **Open**
+ - Browse to the Credential Provider folder
+ - Select and open `NetwrixdirectorymanagerCredentialprovider.msi` (or `PasswordCenterClientSetup64.msi`)
+
+3. **Create New Transform**:
+ - From the menu, select **Transform** → **New Transform**
+ - This creates a new transform that will store your customizations
+
+4. **Modify Properties**:
+ - In the left pane, click **Property**
+ - The main window displays a list of MSI properties
+ - Locate the **SOURCEPATH** property in the property list
+
+5. **Configure Source Path**:
+ - Create a shared folder for configuration files:
+ - Example: `\\fileserver\software\CredentialProvider\Config\`
+ - Copy `CPSettings.xml` to this folder
+ - Share with Everyone group with Read permission
+
+ - In Orca, double-click the **SOURCEPATH** property value
+ - Enter the UNC path to the shared folder: `\\fileserver\software\CredentialProvider\Config\`
+ - Click **OK**
+
+6. **Generate Transform File**:
+ - From the menu, select **Transform** → **Generate Transform**
+ - Save the transform file with a descriptive name (e.g., `CustomConfig.mst`)
+ - Save it to the same shared folder as the MSI package:
+ ```
+ \\fileserver\software\CredentialProvider\CustomConfig.mst
+ ```
+
+7. **Close Orca**:
+ - Close the Orca application
+ - Your transform file is now ready for use with GPO deployment
+
+**Files Required in Network Share After This Step**:
+```
+\\fileserver\software\CredentialProvider\
+├── PasswordCenterClientSetup64.msi (or NetwrixdirectorymanagerCredentialprovider.msi)
+├── CustomConfig.mst (your generated transform file)
+└── Config\
+ └── CPSettings.xml (configuration file)
+```
+
+**Important Notes**:
+- The .mst file must be in the same network share as the MSI
+- The SOURCEPATH must point to a valid network location accessible by Domain Computers
+- Transform files are applied during GPO deployment (see step 3.3 below)
+
+#### 2. Create Group Policy Object
+
+1. **Open Group Policy Management Console (GPMC)**:
+ - On Domain Controller or management workstation
+ - Run: `gpmc.msc`
+ - Or: Start → Administrative Tools → Group Policy Management
+
+2. **Create New GPO**:
+ - Navigate to your domain or appropriate Organizational Unit (OU)
+ - Right-click → "Create a GPO in this domain, and Link it here"
+ - Name: "Deploy Netwrix Credential Provider"
+ - Click "OK"
+
+3. **Link GPO to Target OUs** (if not already linked):
+ - Right-click the GPO
+ - Select "Link an Existing GPO"
+ - Choose organizational units containing target computers
+ - Typical targets: Workstations OU, All Computers
+
+#### 3. Configure Software Installation Policy
+
+1. **Edit the GPO**:
+ - Right-click the newly created GPO
+ - Select "Edit"
+ - Group Policy Management Editor opens
+
+2. **Navigate to Software Installation**:
+ - Expand: `Computer Configuration`
+ - Expand: `Policies`
+ - Expand: `Software Settings`
+ - Click: `Software installation`
+
+3. **Add New Package**:
+ - Right-click in the right pane → New → Package
+ - Navigate to the network share: `\\fileserver\software\CredentialProvider\`
+ - Select: `PasswordCenterClientSetup64.msi`
+ - **Important**: Use UNC path, not mapped drive letter
+
+4. **Choose Deployment Method**:
+ - Dialog appears: "Deploy Software"
+ - Select: **"Assigned"** (recommended)
+ - Software installs automatically during computer startup
+ - No user interaction required
+ - Installation happens before user login
+ - Alternative: **"Advanced"** for custom options (including MST transforms)
+ - Click "OK"
+
+#### 4. Configure Installation Options (Optional Advanced Settings)
+
+If you selected "Advanced" in step 3.4, configure additional options:
+
+1. **Deployment Tab**:
+ - ☑ Auto-install this application by file extension activation
+ - ☑ Uninstall this application when it falls out of the scope of management
+ - Deployment type: Assigned
+ - Installation user interface options: Basic (default)
+
+2. **Modifications Tab** (For MST Transform Files):
+
+ If you created an MST transform file using Orca (see section 1A above), apply it here:
+
+ - Click the **Modifications** tab
+ - Click **Add** button
+ - Browse to the network share where you saved the .mst file
+ - Select your transform file (e.g., `CustomConfig.mst`)
+ - Click **Open**
+ - The transform file will appear in the modifications list
+ - Click **OK**
+
+ **Important**:
+ - The .mst file must be accessible via the same UNC path as the MSI
+ - Ensure Domain Computers have Read access to the .mst file
+ - The transform will be applied automatically during installation
+
+ **Verification**:
+ - After adding the modification, you should see the .mst file listed in the Modifications tab
+ - Multiple transforms can be added if needed (processed in order from top to bottom)
+
+3. **Upgrades Tab**:
+ - **Note:** This tab is for MSI supersedence configuration only, NOT for in-place upgrades
+ - Configure only if this MSI package should replace/uninstall a different product
+ - Leave empty for standard deployments (the product does not support version upgrades)
+
+4. **Security Tab**:
+ - Verify "Authenticated Users" has "Read" permission
+ - Add "Domain Computers" with "Read" permission if not present
+
+5. **Click "OK"** to save settings
+
+#### 5. Configure Registry Settings via GPO (Configuration)
+
+1. **In the same GPO**, configure credential provider settings:
+ - Navigate to: `Computer Configuration` → `Preferences` → `Windows Settings` → `Registry`
+
+2. **Add Registry Items**:
+ - Right-click → New → Registry Item
+ - Configure each setting:
+
+**Example Registry Items**:
+
+| Action | Hive | Key Path | Value Name | Value Type | Value Data |
+|--------|------|----------|------------|------------|------------|
+| Update | HKEY_LOCAL_MACHINE | SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings | ResetMyPasswordUrl | REG_SZ | https://portal.company.com/reset |
+| Update | HKEY_LOCAL_MACHINE | SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings | UnlockMyAccountUrl | REG_SZ | https://portal.company.com/unlock |
+| Update | HKEY_LOCAL_MACHINE | SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings | WindowTitle | REG_SZ | Company Password Reset |
+| Update | HKEY_LOCAL_MACHINE | SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings | CPTitle | REG_SZ | Company Self-Service |
+| Update | HKEY_LOCAL_MACHINE | SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings | Log | REG_SZ | false |
+| Update | HKEY_LOCAL_MACHINE | SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings | DisableAutoFilter | REG_SZ | false |
+
+3. **Configure Item-Level Targeting** (Optional):
+ - Use to apply settings only to specific computer groups
+ - Right-click registry item → Properties → Common tab
+ - ☑ Item-level targeting → Targeting button
+ - Add conditions (e.g., Computer in Group, Operating System)
+
+#### 6. Test in Pilot Group
+
+**Before full deployment, test with a small group**:
+
+1. **Create Test OU**:
+ - Create "Pilot Computers" OU
+ - Move 2-3 test computers to this OU
+
+2. **Link GPO to Test OU**:
+ - Link "Deploy Netwrix Credential Provider" GPO to Pilot OU
+ - Ensure no conflicting GPOs
+
+3. **Force Policy Update on Test Computer**:
+ ```cmd
+ gpupdate /force
+ shutdown /r /t 0
+ ```
+
+4. **Verify Installation**:
+ - After reboot, check installation:
+ ```cmd
+ wmic product where "name like '%Credential%'" get name,version
+ ```
+ - Verify credential provider appears on login screen
+ - Test password reset functionality
+
+5. **Review Event Logs**:
+ - Check for installation errors
+ - Event Viewer → Applications and Services Logs → Microsoft → Windows → GroupPolicy
+
+#### 7. Deploy to Production
+
+1. **Link GPO to Production OUs**:
+ - After successful pilot testing
+ - Link GPO to main Workstations or All Computers OU
+
+2. **Staggered Rollout** (Recommended):
+ - Week 1: Deploy to 10% of computers
+ - Week 2: Deploy to 50% of computers
+ - Week 3: Deploy to all remaining computers
+ - Use Security Filtering or WMI filters to control deployment scope
+
+3. **Monitor Deployment**:
+ - Check Group Policy Results on sample computers:
+ ```cmd
+ gpresult /h gpreport.html
+ ```
+ - Monitor Windows Event Logs for installation issues
+ - Collect feedback from help desk
+
+#### 8. Verify Deployment Status
+
+**Check GPO Application**:
+```powershell
+Get-ADComputer -Filter * -SearchBase "OU=Workstations,DC=company,DC=com" | ForEach-Object {
+ $computer = $_.Name
+ Write-Host "Checking $computer..."
+ Invoke-Command -ComputerName $computer -ScriptBlock {
+ Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*" |
+ Where-Object {$_.DisplayName -like "*Credential*"}
+ } -ErrorAction SilentlyContinue
+}
+```
+
+**Check Installation Status**:
+- Active Directory Users and Computers → Computers
+- Right-click computer → Properties → Software
+- Verify credential provider is listed
+
+**Client Machine Deployment**:
+
+Once the GPO is configured and linked, client machines within the scope of the policy will automatically receive and install the credential provider:
+
+1. **Automatic Installation Trigger**:
+ - Installation occurs automatically during the next computer startup
+ - The modified domain policy applies to all computers within the linked OU
+ - No user intervention is required on client machines
+
+2. **Force Installation Immediately** (Optional):
+
+ On client machines, administrators can force the policy update and installation without waiting for the next scheduled refresh:
+
+ ```cmd
+ gpupdate /force
+ ```
+
+ Then restart the computer to complete installation:
+ ```cmd
+ shutdown /r /t 0
+ ```
+
+3. **Verify on Client Machines**:
+
+ After restart, the Windows logon screen will display the credential provider with:
+ - Netwrix logo (or custom logo if configured)
+ - "Forgot Password?" link
+ - "Unlock Account" link
+ - Custom title text under the logo
+
+ The credential provider is now active and ready for use on client workstations.
+
+#### Troubleshooting GPO Deployment
+
+**Issue: Software Not Installing**
+
+1. **Verify GPO Link**:
+ - Check GPO is linked to correct OU
+ - Verify link is not disabled
+ - Check GPO status is "Enabled"
+
+2. **Check Computer Account**:
+ - Verify computer is in target OU
+ - Check "Authenticated Users" has Read permission on GPO
+
+3. **Verify Network Share Access**:
+ ```cmd
+ net use \\fileserver\software\CredentialProvider
+ ```
+ - Should succeed without errors
+ - Check from a domain computer account context
+
+4. **Check Event Logs on Client**:
+ - Event Viewer → Application Log
+ - Look for MSI Installer events (Event ID 1033, 1034, 11707, 11708)
+ - Windows Logs → System → Look for Group Policy errors
+
+5. **Force Policy Refresh**:
+ ```cmd
+ gpupdate /force /boot
+ ```
+
+**Issue: Installation Fails**
+
+1. **Check MSI Package**:
+ - Verify MSI is not corrupted
+ - Check digital signature is valid
+ - Test manual installation on one computer
+
+2. **Review MSI Log**:
+ - Enable MSI logging via GPO or manually
+ - Check: `C:\Windows\Temp\MSI*.log`
+
+3. **Prerequisites Missing**:
+ - Verify Visual C++ 2022 Redistributable installs correctly
+ - May need to deploy VC++ Redist separately first
+
+---
+
+### Step 1B: Enterprise Deployment via Microsoft Intune (Entra ID)
+
+For organizations using Microsoft Intune and Entra ID (Azure AD), deploy the credential provider to cloud-managed or hybrid-joined devices.
+
+**Prerequisites**:
+- Microsoft Intune subscription
+- Global Administrator or Intune Administrator role
+- Windows 10/11 devices enrolled in Intune
+- Devices are Entra ID (Azure AD) joined or hybrid-joined
+- MSI package (PasswordCenterClientSetup64.msi)
+
+**Deployment Steps**:
+
+#### 1. Prepare the Installation Package
+
+1. **Convert MSI to IntuneWin Format**:
+
+ Microsoft Intune requires applications to be packaged in `.intunewin` format.
+
+ **Download Microsoft Win32 Content Prep Tool**:
+ - Download from: https://github.com/Microsoft/Microsoft-Win32-Content-Prep-Tool
+ - Extract `IntuneWinAppUtil.exe`
+
+2. **Create Source Folder**:
+ ```
+ C:\IntuneApps\CredentialProvider\
+ ```
+ - Copy `PasswordCenterClientSetup64.msi` to this folder
+
+3. **Run Content Prep Tool**:
+ ```cmd
+ cd C:\IntuneApps
+ IntuneWinAppUtil.exe -c C:\IntuneApps\CredentialProvider -s PasswordCenterClientSetup64.msi -o C:\IntuneApps\Output
+ ```
+
+ Parameters:
+ - `-c`: Source folder containing the MSI
+ - `-s`: Source setup file (MSI filename)
+ - `-o`: Output folder for the .intunewin file
+
+4. **Verify Output**:
+ - Output file: `C:\IntuneApps\Output\PasswordCenterClientSetup64.intunewin`
+ - This file is ready for upload to Intune
+
+#### 2. Upload Application to Microsoft Intune
+
+1. **Sign in to Microsoft Intune Admin Center**:
+ - URL: https://intune.microsoft.com
+ - Sign in with Global Admin or Intune Admin credentials
+
+2. **Navigate to Apps**:
+ - Click: **Apps** (left navigation)
+ - Click: **All apps**
+ - Click: **+ Add** (top toolbar)
+
+3. **Select App Type**:
+ - App type: **Windows app (Win32)**
+ - Click: **Select**
+
+#### 3. Configure App Information
+
+**Step 1: App Information**
+
+1. **Select App Package File**:
+ - Click: **Select app package file**
+ - Browse and select: `PasswordCenterClientSetup64.intunewin`
+ - Click: **OK**
+
+2. **Fill in Application Details**:
+ - **Name**: `Netwrix GroupID Credential Provider`
+ - **Description**:
+ ```
+ Windows Credential Provider for self-service password reset and account unlock.
+ Integrates with Netwrix GroupID Password Center portal.
+ ```
+ - **Publisher**: `Netwrix`
+ - **App Version**: `3.1.0.0`
+ - **Category**: Select **Computer Management** (optional)
+ - **Show this as a featured app in the Company Portal**: No (not applicable for device-targeted app)
+ - **Information URL**: `https://www.netwrix.com` (optional)
+ - **Privacy URL**: `https://www.netwrix.com/privacy.html` (optional)
+ - **Developer**: `Netwrix`
+ - **Owner**: `IT Department` (optional)
+ - **Notes**: (optional)
+ - **Logo**: Upload company or Netwrix logo (optional, 512x512 PNG recommended)
+
+3. **Click**: **Next**
+
+**Step 2: Program**
+
+1. **Install Command**:
+ ```cmd
+ msiexec /i "PasswordCenterClientSetup64.msi" /quiet /norestart
+ ```
+
+2. **Uninstall Command**:
+ ```cmd
+ msiexec /x {4C3F32FA-8AAE-41B7-806E-195782B986D5} /quiet /norestart
+ ```
+
+3. **Install Behavior**:
+ - Select: **System**
+ - This ensures installation runs in SYSTEM context before user login
+
+4. **Device Restart Behavior**:
+ - Select: **Determine behavior based on return codes**
+ - Or: **Force a restart** (if you want mandatory reboot)
+ - Recommended: Use return codes for flexibility
+
+5. **Click**: **Next**
+
+**Step 3: Requirements**
+
+Define which devices can install this application:
+
+1. **Operating System Architecture**:
+ - ☑ 64-bit
+ - ☐ 32-bit (credential provider is x64 only)
+
+2. **Minimum Operating System**:
+ - Select: **Windows 10 20H2** or **Windows 10 21H2**
+ - Or: **Windows 11 22H2** if only deploying to Windows 11
+
+3. **Disk Space Required (MB)**:
+ - Enter: `500` MB (approximate size including CEF components)
+
+4. **Physical Memory Required (MB)**:
+ - Leave blank or enter `4096` (4 GB) for modern systems
+
+5. **Number of Logical Processors Required**:
+ - Leave blank (not required)
+
+6. **CPU Speed Required (MHz)**:
+ - Leave blank (not required)
+
+7. **Click**: **Next**
+
+**Step 4: Detection Rules**
+
+Configure how Intune detects if the application is already installed:
+
+**Choose Detection Rule Format**: **Manually configure detection rules**
+
+1. **Click**: **+ Add**
+
+2. **Configure Detection Rule**:
+ - **Rule type**: **Registry**
+ - **Key path**: `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4C3F32FA-8AAE-41B7-806E-195782B986D5}`
+ - **Value name**: `DisplayVersion`
+ - **Detection method**: **String comparison**
+ - **Operator**: **Equals**
+ - **Value**: `3.1.0.0`
+ - **Associated with a 32-bit app on 64-bit clients**: No
+
+3. **Alternative Detection Rule** (Registry Key Existence):
+ - **Rule type**: **Registry**
+ - **Key path**: `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{c8765b62-7058-4d7f-9421-11a75d623206}`
+ - **Detection method**: **Key exists**
+ - **Associated with a 32-bit app on 64-bit clients**: No
+
+4. **Click**: **OK**
+
+5. **Click**: **Next**
+
+**Step 5: Dependencies**
+
+If your app depends on other applications (e.g., Visual C++ Redistributable):
+
+1. **Add Dependencies** (if needed):
+ - Click: **+ Add**
+ - Search for "Visual C++ 2022 Redistributable"
+ - If not present, add VC++ Redist as separate app first
+ - Select appropriate dependency
+ - Dependency type: **Auto install**
+
+2. **Or Skip** if dependencies are included in MSI:
+ - The credential provider MSI includes VC++ Redistributable
+ - Click: **Next** without adding dependencies
+
+**Step 6: Supersedence**
+
+**Note:** Supersedence is for replacing different products, NOT for upgrading versions of this product.
+
+For version upgrades of this credential provider:
+- You must first uninstall the old version
+- Then deploy the new version as a fresh installation
+- See [Upgrade Policy](#upgrade-policy) for details
+
+For first-time deployment:
+1. **Skip this step**:
+ - Click: **Next** without adding supersedence
+
+**Step 7: Assignments**
+
+Configure which devices/users receive this application:
+
+1. **Required** (Recommended for device-wide installation):
+ - Click: **+ Add group** under **Required**
+ - Search and select device groups:
+ - Example: "All Corporate Devices"
+ - Example: "Workstations"
+ - Or specific OU-synced groups: "Workstations-Finance", "Workstations-HR"
+ - **Mode**: **Included**
+ - Click: **OK**
+
+2. **Available for Enrolled Devices** (Optional):
+ - Use if you want users to install from Company Portal
+ - Not recommended for credential provider (should be device-level)
+
+3. **Exclude Groups** (Optional):
+ - Add groups to exclude from installation
+ - Example: "Pilot Excluded", "VIP Devices"
+
+4. **End User Notifications**:
+ - Select: **Hide all toast notifications**
+ - Credential provider should install silently
+
+5. **Delivery Optimization Priority**:
+ - Select: **Not configured** or **Foreground**
+
+6. **Click**: **Next**
+
+**Step 8: Review + Create**
+
+1. **Review all settings**:
+ - Verify app information
+ - Check install/uninstall commands
+ - Confirm detection rules
+ - Verify assigned groups
+
+2. **Click**: **Create**
+
+3. **Wait for Upload**:
+ - Application uploads to Intune (may take several minutes)
+ - Progress indicator shows upload status
+
+#### 4. Configure Credential Provider Settings via Intune
+
+After deploying the application, configure settings using Configuration Profiles:
+
+1. **Create Configuration Profile**:
+ - Navigate to: **Devices** → **Configuration profiles**
+ - Click: **+ Create profile**
+ - Platform: **Windows 10 and later**
+ - Profile type: **Templates** → **Custom**
+ - Click: **Create**
+
+2. **Basic Information**:
+ - Name: `Netwrix Credential Provider Configuration`
+ - Description: `Registry settings for Netwrix GroupID Credential Provider`
+ - Click: **Next**
+
+3. **Configuration Settings**:
+ - Click: **+ Add**
+ - Configure OMA-URI settings for each registry value:
+
+**OMA-URI Settings**:
+
+| Setting | Configuration |
+|---------|--------------|
+| **Name** | Reset Password URL |
+| **Description** | URL for password reset portal |
+| **OMA-URI** | `./Device/Vendor/MSFT/Policy/Config/ADMX_CredentialProviders/ResetMyPasswordUrl` |
+| **Data type** | String |
+| **Value** | `` |
+
+Alternatively, use **Registry** OMA-URI format:
+
+| Setting | Configuration |
+|---------|--------------|
+| **Name** | Reset Password URL |
+| **OMA-URI** | `./Vendor/MSFT/Registry/HKLM/SOFTWARE/Policies/Imanami/GroupID/Version 10.0/PasswordCenterClient/Settings/ResetMyPasswordUrl` |
+| **Data type** | String |
+| **Value** | `https://portal.company.com/reset` |
+
+Repeat for each setting:
+- `UnlockMyAccountUrl`
+- `WindowTitle`
+- `CPTitle`
+- `DisableAutoFilter`
+- `Log`
+
+4. **Assignments**:
+ - Click: **Next**
+ - **Assign to**: Same groups as the application
+ - Click: **Next**
+
+5. **Review + Create**:
+ - Review settings
+ - Click: **Create**
+
+#### 5. Monitor Deployment
+
+1. **Check Application Status**:
+ - Navigate to: **Apps** → **All apps**
+ - Click on: `Netwrix GroupID Credential Provider`
+ - Click: **Device install status**
+ - View installation progress per device:
+ - Installed
+ - In Progress
+ - Failed
+ - Not Applicable
+
+2. **View Device Details**:
+ - Click: **Devices** → **All devices**
+ - Select a device
+ - Click: **Managed Apps**
+ - Verify credential provider is listed as "Installed"
+
+3. **Check for Errors**:
+ - Navigate to: **Tenant administration** → **Intune operational** (Insider preview)
+ - Or check: **Devices** → **Monitor** → **App install status**
+ - Filter by application name
+ - Review error messages for failed installations
+
+#### 6. Sync Devices to Apply Policy
+
+**Force Immediate Sync from Intune**:
+1. Navigate to: **Devices** → **All devices**
+2. Select target device(s)
+3. Click: **Sync** (top toolbar)
+4. Device checks in with Intune and applies policies
+
+**Force Sync from Device**:
+```cmd
+# Run on target Windows device
+psexec -s cmd
+```
+Then:
+```cmd
+# Force Intune sync
+C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe /sync
+```
+
+Or use Settings app:
+1. Settings → Accounts → Access work or school
+2. Click on your work account
+3. Click: **Info**
+4. Scroll down and click: **Sync**
+
+#### 7. Verify Installation on Client Device
+
+1. **Check Installed Applications**:
+ ```powershell
+ Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -like "*Credential*"}
+ ```
+
+2. **Verify Registry Configuration**:
+ ```powershell
+ Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings"
+ ```
+
+3. **Check Credential Provider Registration**:
+ ```cmd
+ reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{c8765b62-7058-4d7f-9421-11a75d623206}"
+ ```
+
+4. **Test on Login Screen**:
+ - Lock the device (Win + L)
+ - Verify Netwrix credential provider tile appears
+ - Test password reset URL opens correctly
+
+#### 8. Troubleshooting Intune Deployment
+
+**Issue: Application Not Deploying**
+
+1. **Check Device Enrollment**:
+ - **Devices** → **All devices** → Select device
+ - Verify: **Managed by** shows "Intune"
+ - Check last check-in time (should be recent)
+
+2. **Verify Group Membership**:
+ - Check if device is member of assigned group
+ - **Groups** → Search for deployment group → Members
+ - Verify target devices are listed
+
+3. **Check Application Assignment**:
+ - **Apps** → **All apps** → Select credential provider app
+ - **Properties** → **Assignments**
+ - Verify **Required** assignment to correct groups
+
+4. **Review Intune Logs on Device**:
+ - Location: `C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\`
+ - Key files:
+ - `IntuneManagementExtension.log`
+ - `AgentExecutor.log`
+ - Search for credential provider or MSI filename
+
+**Issue: Installation Fails**
+
+1. **Check Detection Rule**:
+ - Verify detection rule is correct
+ - Test registry key existence manually on device
+ - Modify detection rule if needed
+
+2. **Review Return Codes**:
+ - Check Intune app installation status
+ - Common MSI return codes:
+ - `0` = Success
+ - `1603` = Fatal error during installation
+ - `1618` = Another installation is in progress
+ - `3010` = Success, reboot required
+
+3. **Test Manual Installation**:
+ - Download MSI to test device
+ - Run manually:
+ ```cmd
+ msiexec /i PasswordCenterClientSetup64.msi /l*v install.log
+ ```
+ - Review `install.log` for errors
+
+4. **Check Prerequisites**:
+ - Verify Windows 10/11 version meets requirements
+ - Check available disk space (>500 MB)
+ - Ensure device has internet connectivity
+
+**Issue: Configuration Not Applied**
+
+1. **Verify Configuration Profile Assignment**:
+ - **Devices** → **Configuration profiles**
+ - Select credential provider configuration
+ - Check assignments match app assignments
+
+2. **Check Profile Status on Device**:
+ - **Devices** → **All devices** → Select device
+ - Click: **Device configuration**
+ - Verify profile shows as "Succeeded"
+
+3. **Force Profile Sync**:
+ - From device: Settings → Accounts → Access work or school → Sync
+ - Or use Intune portal: **Devices** → Select device → **Sync**
+
+4. **Verify Registry Values on Device**:
+ ```powershell
+ Get-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings" | Format-List
+ ```
+
+#### 9. Best Practices for Intune Deployment
+
+1. **Test with Pilot Group**:
+ - Create "Pilot Devices" group in Entra ID
+ - Assign application to pilot group first
+ - Test thoroughly before full rollout
+
+2. **Staggered Deployment**:
+ - Phase 1: Pilot group (10-20 devices)
+ - Phase 2: Department group (50-100 devices)
+ - Phase 3: Full organization
+ - Monitor each phase before proceeding
+
+3. **Use Dynamic Groups**:
+ - Create dynamic device groups based on attributes
+ - Example: All Windows 10/11 devices
+ ```
+ (device.deviceOSType -eq "Windows") and (device.deviceOSVersion -ge "10.0")
+ ```
+
+4. **Monitor Compliance**:
+ - Create compliance policy to check credential provider installation
+ - Flag non-compliant devices for review
+
+5. **Document Configuration**:
+ - Document portal URLs and settings
+ - Keep configuration profile settings in version control
+ - Maintain runbook for troubleshooting
+
+---
+
+### Step 2: Locate and Configure CPSettings.xml
+
+The `CPSettings.xml` file is the primary configuration file for the credential provider.
+
+**File Location**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml
+```
+
+**Important Notes**:
+- This file is created during installation if it exists within the same directory as the installer.
+- You need administrator privileges to edit this file
+- Changes take effect after the next login screen refresh or machine restart
+- The file is in XML format - maintain proper XML syntax when editing
+
+**How to Edit**:
+1. Open Notepad as Administrator (right-click → Run as administrator)
+2. Open the CPSettings.xml file from the installation directory
+3. Make your changes (see configuration below)
+4. Save the file
+5. Lock the computer (Win + L) or restart to see changes
+
+---
+
+### Step 3: Configure Required Settings
+
+**Minimum Required Configuration**:
+
+At minimum, you must configure these two URLs:
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+**Replace the URLs**:
+- Replace `https://your-password-portal.com/reset` with your actual password reset portal URL
+- Replace `https://your-password-portal.com/unlock` with your actual account unlock portal URL
+- Both URLs should use HTTPS for security (HTTP is supported but not recommended)
+
+**⚠️ Common Mistake**: Using placeholder URLs like `https://google.com` or `https://localhost`. Make sure to use your actual portal URLs!
+
+---
+
+### Step 4: Verify Installation
+
+After saving the configuration and restarting (or locking the screen):
+
+1. **Lock your computer** (press Win + L)
+
+2. **Expected Behavior**:
+ - You should see the standard Windows login screen
+ - Below or alongside your user account, you should see the Netwrix credential provider tile
+ - The tile should display:
+ - The custom title you configured (`CPTitle`)
+ - Two options:
+ - "Forgot my password?" (or your custom text)
+ - "Unlock my account" (or your custom text)
+ - Your custom logo if configured
+
+3. **Visual Confirmation**:
+ ```
+ [Your User Account Tile]
+
+ [Netwrix Directory Manager Tile]
+ → Forgot my password?
+ → Unlock my account
+ ```
+
+4. **Test the Functionality**:
+ - Click "Forgot my password?"
+ - A browser window should open displaying your password reset portal
+ - The URL should match your `ResetMyPasswordUrl` setting
+
+---
+
+### Step 5: Test Password Reset (Optional but Recommended)
+
+1. Click on "Forgot my password?" from the login screen
+2. Verify that:
+ - A browser window opens
+ - Your password reset portal loads correctly
+ - You can navigate through the reset process
+ - SSL certificate is valid (if using HTTPS)
+
+3. If the portal doesn't load:
+ - Check the URLs in CPSettings.xml
+ - Verify network connectivity
+ - Check firewall settings
+ - See [Troubleshooting](#troubleshooting--faq) section
+
+---
+
+### What's Next?
+
+**Basic Setup Complete!** You now have a working credential provider.
+
+**Optional Next Steps**:
+- [Configure filtering](#credential-provider-filtering) to control which other login options appear
+- [Customize the appearance](#ui-customization) with logos and custom text
+- [Configure proxy settings](#network--proxy-settings) if behind a corporate proxy
+- [Deploy via GPO](#step-1a-enterprise-deployment-via-group-policy-software-installation) for enterprise environments
+- [Enable logging](#logging-and-debugging) for troubleshooting
+
+---
+
+## Configuration Methods
+
+The Netwrix GroupID Credential Provider can be configured using three methods, listed in order of precedence:
+
+### 1. Group Policy (Highest Priority)
+
+**Registry Path**:
+```
+HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings
+```
+
+**Use When**:
+- Managing multiple computers in an Active Directory environment
+- Enforcing configuration across an organization
+- Preventing local administrators from changing settings
+
+**Precedence**: Settings configured via Group Policy override all other configuration methods.
+
+**Example GPO Configuration**:
+1. Open Group Policy Management Console (GPMC)
+2. Create or edit a GPO
+3. Navigate to: Computer Configuration → Preferences → Windows Settings → Registry
+4. Add registry values under the policy path above
+
+---
+
+### 2. Local Registry (Medium Priority)
+
+**Registry Path**:
+```
+HKEY_LOCAL_MACHINE\SOFTWARE\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings
+```
+
+**Use When**:
+- Configuring a single computer
+- Testing settings before GPO deployment
+- Managing standalone computers
+
+**How to Configure**:
+1. Open Registry Editor (regedit.exe) as Administrator
+2. Navigate to the registry path above
+3. Create or modify String (REG_SZ) values
+4. Restart or lock the computer to apply changes
+
+**Example Registry Values**:
+```
+ResetMyPasswordUrl (REG_SZ) = "https://portal.company.com/reset"
+UnlockMyAccountUrl (REG_SZ) = "https://portal.company.com/unlock"
+WindowTitle (REG_SZ) = "Company Password Reset"
+Log (REG_SZ) = "true"
+```
+
+---
+
+### 3. CPSettings.xml (Lowest Priority)
+
+**File Location**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml
+```
+
+**Use When**:
+- Initial setup and testing
+- Standalone deployments
+- Providing default values during installation
+
+**Precedence**: Settings in CPSettings.xml are used only if not defined in Registry or Group Policy.
+
+**⚠️ Note**: This file is installed with the MSI package and contains default values. It's the easiest method for first-time configuration.
+
+---
+
+### Configuration Priority Summary
+
+When the credential provider starts, it reads settings in this order:
+
+```
+1. Group Policy Registry (Policies key)
+ ↓ (if not found)
+2. Local Registry (Software key)
+ ↓ (if not found)
+3. CPSettings.xml file
+ ↓ (if not found)
+4. Hard-coded defaults in the DLL
+```
+
+**💡 Best Practice**:
+- Use **CPSettings.xml** for initial setup and testing
+- Use **Local Registry** for single-computer deployments
+- Use **Group Policy** for enterprise-wide deployments
+
+---
+
+## Configuration Reference
+
+This section provides detailed information about all available configuration settings.
+
+### Defaults & Required Settings
+
+| Setting | Required | Default Value | Description |
+|---------|----------|---------------|-------------|
+| `ResetMyPasswordUrl` | ✅ Yes | (none) | URL for password reset portal |
+| `UnlockMyAccountUrl` | ✅ Yes | (none) | URL for account unlock portal |
+| `WindowTitle` | ❌ No | "Netwrix Directory Manager" | Browser window title |
+| `CPTitle` | ❌ No | "Netwrix Directory Manager" | Tile title on login screen |
+| `ForgetPasswordText` | ❌ No | "Forgot my password?" | Text for reset button |
+| `UnlockAccountText` | ❌ No | "Unlock my account" | Text for unlock button |
+| `Log` | ❌ No | "false" | Enable/disable logging |
+| `DisableAutoFilter` | ❌ No | "false" | Disable automatic filtering |
+
+**⚠️ Important**: You MUST configure both `ResetMyPasswordUrl` and `UnlockMyAccountUrl` for the credential provider to function properly.
+
+---
+
+### Basic Settings
+
+#### ResetMyPasswordUrl
+- **Type**: String (URL)
+- **Required**: Yes
+- **Default**: None (must be configured)
+- **Description**: The URL of your password reset web portal
+- **Example**: `https://passwordreset.company.com/reset`
+- **Notes**:
+ - Must be a valid HTTP or HTTPS URL
+ - HTTPS strongly recommended for security
+ - This URL opens when user clicks "Forgot my password?"
+
+```xml
+
+```
+
+---
+
+#### UnlockMyAccountUrl
+- **Type**: String (URL)
+- **Required**: Yes
+- **Default**: None (must be configured)
+- **Description**: The URL of your account unlock web portal
+- **Example**: `https://passwordreset.company.com/unlock`
+- **Notes**:
+ - Must be a valid HTTP or HTTPS URL
+ - HTTPS strongly recommended for security
+ - This URL opens when user clicks "Unlock my account"
+ - Can be the same as ResetMyPasswordUrl if your portal handles both functions
+
+```xml
+
+```
+
+---
+
+### UI Customization
+
+#### WindowTitle
+- **Type**: String
+- **Required**: No
+- **Default**: "Netwrix Directory Manager"
+- **Description**: Title displayed in the browser window title bar
+- **Example**: `Company Password Reset`
+
+```xml
+
+```
+
+---
+
+#### CPTitle
+- **Type**: String
+- **Required**: No
+- **Default**: "Netwrix Directory Manager"
+- **Description**: Title displayed on the credential provider tile at the login screen
+- **Example**: `Company Self-Service`
+- **Notes**: Keep this short (20-30 characters max) for best display
+
+```xml
+
+```
+
+---
+
+#### ForgetPasswordText
+- **Type**: String
+- **Required**: No
+- **Default**: "Forgot my password?"
+- **Description**: Text displayed for the password reset option
+- **Example**: `Reset Password`
+
+```xml
+
+```
+
+---
+
+#### UnlockAccountText
+- **Type**: String
+- **Required**: No
+- **Default**: "Unlock my account"
+- **Description**: Text displayed for the account unlock option
+- **Example**: `Unlock Account`
+
+```xml
+
+```
+
+---
+
+#### ImageFile
+- **Type**: String (filename)
+- **Required**: No
+- **Default**: "logo.bmp"
+- **Description**: Logo image displayed on the credential provider tile
+- **Supported Formats**: BMP, PNG, JPG
+- **Recommended Size**: 128x128 pixels
+- **Location**: Must be in the installation directory
+- **Example**: `company-logo.bmp`
+
+```xml
+
+```
+
+**How to Use Custom Logo**:
+1. Create a 128x128 pixel BMP, PNG, or JPG image
+2. Copy the image file to: `C:\Program Files\Imanami\Password Center Client (x64)\`
+3. Update the `ImageFile` setting with your filename
+4. Lock/unlock the computer to see changes
+
+---
+
+#### IconImage
+- **Type**: String (filename)
+- **Required**: No
+- **Default**: "favicon.ico"
+- **Description**: Icon displayed in the browser window and taskbar
+- **Supported Formats**: ICO
+- **Recommended Size**: 32x32 or 64x64 pixels
+- **Location**: Must be in the installation directory
+
+```xml
+
+```
+
+---
+
+### Credential Provider Filtering
+
+Filtering controls which other Windows credential providers (login methods) are visible when the Netwrix credential provider is active.
+
+#### Understanding Filtering
+
+**What is Filtering?**
+By default, Windows displays all registered credential providers on the login screen (password, PIN, Windows Hello, etc.). Filtering allows you to:
+- Hide specific credential providers in certain scenarios
+- Simplify the login screen by showing only relevant options
+- Create a cleaner user experience
+
+**When is Filtering Applied?**
+- **Logon Scenario**: When the computer starts or after logout
+- **Unlock Scenario**: When the workstation is locked (Win + L)
+
+---
+
+#### DisableAutoFilter
+- **Type**: Boolean (true/false)
+- **Required**: No
+- **Default**: "false"
+- **Description**: Controls whether automatic filtering is enabled
+
+**Values**:
+- `false` (default): Filtering is enabled. Other credential providers are filtered based on FilterLogon and FilterUnlock settings
+- `true`: Filtering is disabled. All Windows credential providers appear on the login screen
+
+```xml
+
+```
+
+**When to Use**:
+- Set to `false` for production (recommended): Provides a controlled, simplified login experience
+- Set to `true` for troubleshooting: Allows you to see all credential providers, useful for debugging
+
+**Visual Example**:
+
+```
+DisableAutoFilter = false (Filtering Enabled):
+┌─────────────────────────────┐
+│ Windows Login Screen │
+├─────────────────────────────┤
+│ [User Account] │
+│ [Netwrix Self-Service] │
+│ → Reset Password │
+│ → Unlock Account │
+└─────────────────────────────┘
+
+DisableAutoFilter = true (Filtering Disabled):
+┌─────────────────────────────┐
+│ Windows Login Screen │
+├─────────────────────────────┤
+│ [User Account] │
+│ [Netwrix Self-Service] │
+│ [Windows Hello Face] │
+│ [PIN] │
+│ [Fingerprint] │
+└─────────────────────────────┘
+```
+
+---
+
+#### FilterLogon
+- **Type**: String (semicolon-separated CLSIDs)
+- **Required**: No
+- **Default**: (list of common credential provider CLSIDs)
+- **Description**: Specifies which credential providers to filter (hide) during logon scenario
+
+**Format**:
+```xml
+
+```
+
+**Common CLSIDs to Filter**:
+```xml
+
+```
+
+**What These CLSIDs Represent**:
+- `{2135F72A-90B5-4ED3-A7F1-8BB705AC276A}` - Picture Password
+- `{8AF662BF-65A0-4D0A-A540-A338A999D36F}` - Fingerprint
+- `{BEC09223-B018-416D-A0AC-523971B639F5}` - Windows Hello Face
+- `{D6886603-9D2F-4EB2-B667-1971041FA96B}` - PIN
+- (Additional CLSIDs for other credential providers)
+
+**💡 Tip**: The default value filters most alternative credential providers, leaving only standard password login and the Netwrix provider visible.
+
+---
+
+#### FilterUnlock
+- **Type**: String (semicolon-separated CLSIDs)
+- **Required**: No
+- **Default**: (same as FilterLogon)
+- **Description**: Specifies which credential providers to filter during workstation unlock scenario
+
+**Usage**: Typically set to the same value as FilterLogon unless you want different filtering behavior when unlocking vs. logging on.
+
+```xml
+
+```
+
+**Example Scenario**:
+You might want to allow Windows Hello Face during logon but not during unlock:
+- `FilterLogon`: Don't include Windows Hello CLSID → Hello appears during logon
+- `FilterUnlock`: Include Windows Hello CLSID → Hello hidden during unlock
+
+---
+
+#### AllowedCP
+- **Type**: String (semicolon-separated CLSIDs)
+- **Required**: No
+- **Default**: Empty (allow all)
+- **Description**: Whitelist of credential providers to allow (opposite of filtering)
+
+**Usage**: Instead of specifying what to hide (FilterLogon/FilterUnlock), specify what to show.
+
+```xml
+
+```
+
+This example allows only:
+- Standard password login (`{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}`)
+- Netwrix credential provider (`{c8765b62-7058-4d7f-9421-11a75d623206}`)
+
+**💡 When to Use**:
+- Use `AllowedCP` when you want to explicitly allow specific providers (whitelist approach)
+- Use `FilterLogon/FilterUnlock` when you want to hide specific providers (blacklist approach)
+- Don't use both simultaneously - choose one approach
+
+---
+
+### Network & Proxy Settings
+
+If your organization uses a proxy server for internet access, configure these settings:
+
+#### ProxyServer
+- **Type**: String (hostname or IP)
+- **Required**: No (only if using proxy)
+- **Default**: Empty (no proxy)
+- **Description**: Hostname or IP address of the proxy server
+- **Example**: `proxy.company.com` or `10.0.0.1`
+
+```xml
+
+```
+
+---
+
+#### ProxyPort
+- **Type**: String (port number)
+- **Required**: No (only if using proxy)
+- **Default**: Empty
+- **Description**: Port number of the proxy server
+- **Example**: `8080`, `3128`
+
+```xml
+
+```
+
+---
+
+#### ProxyType
+- **Type**: String
+- **Required**: No
+- **Default**: Empty (direct connection)
+- **Description**: Type of proxy configuration
+
+**Supported Values**:
+- `http` - HTTP proxy
+- `https` - HTTPS proxy
+- `socks` - SOCKS proxy
+- `pac` - Proxy Auto-Configuration file
+
+```xml
+
+```
+
+---
+
+#### ProxyPacUrl
+- **Type**: String (URL)
+- **Required**: No (only if using PAC file)
+- **Default**: Empty
+- **Description**: URL to a Proxy Auto-Configuration (PAC) file
+- **Example**: `http://proxy.company.com/proxy.pac`
+
+```xml
+
+```
+
+**When to Use**: If your organization uses a PAC file for proxy configuration, specify the PAC file URL here.
+
+---
+
+#### ProxyUserName
+- **Type**: String
+- **Required**: No (only if proxy requires authentication)
+- **Default**: Empty
+- **Description**: Username for proxy authentication
+
+```xml
+
+```
+
+**⚠️ Security Note**: Storing credentials in plain text is not recommended. Consider using integrated Windows authentication with your proxy server instead.
+
+---
+
+#### ProxyPassword
+- **Type**: String
+- **Required**: No (only if proxy requires authentication)
+- **Default**: Empty
+- **Description**: Password for proxy authentication
+
+```xml
+
+```
+
+**⚠️ Security Warning**:
+- This stores the password in **plain text**
+- Readable by anyone with administrator access
+- **Recommended**: Use proxy servers that support Windows integrated authentication instead
+- If you must use a password, ensure proper file permissions on CPSettings.xml
+
+---
+
+#### Complete Proxy Configuration Example
+
+```xml
+
+
+
+
+
+
+
+
+
+
+```
+
+---
+
+### Logging and Debugging
+
+#### Log
+- **Type**: Boolean (true/false)
+- **Required**: No
+- **Default**: "false"
+- **Description**: Enable or disable detailed logging
+
+**Values**:
+- `false` (default): Logging disabled (recommended for production)
+- `true`: Logging enabled (use for troubleshooting)
+
+```xml
+
+```
+
+**Log File Location**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\log.txt
+```
+
+**What is Logged**:
+- Configuration loading and parsing
+- Credential provider initialization
+- URL loading attempts
+- Browser launching events
+- Filtering decisions
+- Errors and exceptions
+
+**⚠️ Privacy Warning**:
+- Log files may contain sensitive information (URLs, usernames)
+- Enable logging only when troubleshooting
+- Delete log files after troubleshooting is complete
+- Restrict access to log files to administrators only
+
+**How to Use Logs for Troubleshooting**:
+1. Enable logging: ``
+2. Save CPSettings.xml
+3. Restart or lock the computer
+4. Reproduce the issue
+5. Open `log.txt` in the installation directory
+6. Look for ERROR or WARNING entries
+7. Share relevant log excerpts with support (redact sensitive information)
+
+---
+
+#### CEFLogMode
+- **Type**: String
+- **Required**: No
+- **Default**: "Disabled"
+- **Description**: Controls Chromium Embedded Framework logging level
+
+**Supported Values**:
+- `Disabled` (default): No CEF logging
+- `Enabled`: Basic CEF logging
+- `Verbose`: Detailed CEF logging (very verbose)
+
+```xml
+
+```
+
+**CEF Log Location**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\debug.log
+```
+
+**When to Use**:
+- Enable when troubleshooting browser rendering issues
+- Enable when web pages fail to load
+- Use `Verbose` mode only when specifically requested by support
+
+---
+
+### SSL/Certificate Settings
+
+#### IgnoreCertificateErrors
+- **Type**: Boolean (true/false)
+- **Required**: No
+- **Default**: "false"
+- **Description**: Whether to ignore SSL certificate errors
+
+**Values**:
+- `false` (default): Enforce SSL certificate validation (recommended)
+- `true`: Ignore SSL certificate errors (not recommended)
+
+```xml
+
+```
+
+**⚠️ SECURITY WARNING**:
+
+Setting this to `true` is a **significant security risk**:
+- Disables SSL/TLS certificate validation
+- Makes the connection vulnerable to man-in-the-middle attacks
+- Allows connections to servers with expired, self-signed, or invalid certificates
+- Should **NEVER** be used in production environments
+
+**When You Might See Certificate Errors**:
+1. **Self-signed certificates**: Your password reset portal uses a self-signed SSL certificate
+2. **Expired certificates**: The portal's SSL certificate has expired
+3. **Hostname mismatch**: Accessing the portal via IP instead of hostname
+4. **Untrusted CA**: The certificate is issued by a CA not in the Windows trust store
+
+**Recommended Solutions Instead of Ignoring Errors**:
+
+1. **Get a valid SSL certificate** from a trusted Certificate Authority:
+ - Let's Encrypt (free)
+ - DigiCert, Sectigo, GlobalSign (commercial)
+
+2. **Add self-signed certificate to Windows trust store**:
+ - Export the certificate from your portal
+ - Import it into: Certificates (Local Computer) → Trusted Root Certification Authorities
+
+3. **Use proper hostname**:
+ - Access the portal via its proper FQDN, not IP address
+ - Ensure the certificate matches the hostname
+
+4. **For testing only** (temporary workaround):
+ ```xml
+
+ ```
+ **Remember to set this back to `false` before production deployment!**
+
+---
+
+### Advanced Settings
+
+#### WebView
+- **Type**: String
+- **Required**: No
+- **Default**: "cef"
+- **Description**: Selects which web rendering engine to use
+
+**Supported Values**:
+- `cef` (default): Use Chromium Embedded Framework (recommended)
+- `2`: Use Microsoft IE (legacy option)
+
+```xml
+
+```
+
+**Recommendation**: Keep the default value (`cef`) unless specifically instructed by support.
+
+---
+
+## Common Deployment Scenarios
+
+This section provides ready-to-use configuration examples for typical deployment scenarios.
+
+---
+
+### Scenario 1: Small Business (Basic Setup)
+
+**Environment**:
+- Single location
+- 10-50 computers
+- Direct internet connection (no proxy)
+- Password reset portal: `https://reset.company.com`
+
+**Configuration** (CPSettings.xml):
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+**Deployment Steps**:
+1. Install MSI on each computer
+2. Copy company logo as `logo.bmp` to installation directory
+3. Edit CPSettings.xml with settings above
+4. Restart computers
+5. Test on one computer before rolling out to all
+
+---
+
+### Scenario 2: Enterprise with Group Policy
+
+**Environment**:
+- Multiple locations
+- 500+ computers
+- Active Directory domain
+- Password reset portal: `https://selfservice.enterprise.com`
+- Corporate proxy server
+
+**Deployment Method**: Group Policy
+
+**GPO Configuration Steps**:
+
+1. **Create GPO**:
+ - Open Group Policy Management Console
+ - Create new GPO: "Netwrix Credential Provider Configuration"
+
+2. **Configure Registry Settings**:
+ - Edit GPO → Computer Configuration → Preferences → Windows Settings → Registry
+ - Target Path: `HKLM\SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings`
+
+3. **Add Registry Values**:
+
+| Name | Type | Value |
+|------|------|-------|
+| ResetMyPasswordUrl | REG_SZ | https://selfservice.enterprise.com/reset |
+| UnlockMyAccountUrl | REG_SZ | https://selfservice.enterprise.com/unlock |
+| WindowTitle | REG_SZ | Enterprise Self-Service |
+| CPTitle | REG_SZ | IT Self-Service |
+| DisableAutoFilter | REG_SZ | false |
+| ProxyServer | REG_SZ | proxy.enterprise.com |
+| ProxyPort | REG_SZ | 8080 |
+| ProxyType | REG_SZ | http |
+| Log | REG_SZ | false |
+
+4. **Deploy MSI**:
+ - Use Group Policy Software Installation or SCCM
+ - Link GPO to appropriate OUs
+ - Force group policy update: `gpupdate /force`
+
+**Benefits of GPO Deployment**:
+- Centralized configuration management
+- Consistent settings across all computers
+- Easy to update settings organization-wide
+- Prevents local administrators from changing settings
+- Automatic application to new computers
+
+---
+
+### Scenario 3: Enterprise with Proxy + Authentication
+
+**Environment**:
+- Corporate proxy with authentication required
+- Password reset portal: `https://passwordreset.company.com`
+
+**Configuration** (CPSettings.xml or GPO):
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+**⚠️ Security Recommendations**:
+1. Use a dedicated service account for proxy authentication
+2. Grant only proxy access permissions to this account
+3. Rotate password regularly
+4. Use Group Policy to deploy (more secure than local file)
+5. Consider using proxy servers that support Windows integrated authentication
+
+---
+
+### Scenario 4: Testing/Development Environment
+
+**Environment**:
+- Test environment
+- Need detailed logging
+- Testing with self-signed certificates
+- Single test machine
+
+**Configuration** (CPSettings.xml):
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+**⚠️ WARNING**: This configuration is for testing only! Never use in production!
+
+**Testing Checklist**:
+- [ ] Credential provider tile appears on login screen
+- [ ] "Forgot my password?" opens correct URL
+- [ ] "Unlock my account" opens correct URL
+- [ ] Browser window displays portal correctly
+- [ ] Can complete password reset process
+- [ ] Check log.txt for any errors
+- [ ] Test with and without filtering enabled
+- [ ] Verify behavior matches production expectations
+
+**Before Moving to Production**:
+```xml
+
+
+
+
+
+```
+
+---
+
+### Scenario 5: High Security Environment
+
+**Environment**:
+- Financial or healthcare organization
+- Strict security requirements
+- All connections must use HTTPS
+- Audit logging required
+- Minimal credential provider exposure
+
+**Configuration**:
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+**Additional Security Measures**:
+1. Deploy via Group Policy (prevents local tampering)
+2. Use valid SSL certificates from trusted CA
+3. Enable Windows Event Log monitoring
+4. Restrict physical access to log files
+5. Regular security audits of configuration
+6. Monitor log files for suspicious activity
+7. Use multi-factor authentication on password reset portal
+
+---
+
+### Scenario 6: Kiosk or Shared Computer
+
+**Environment**:
+- Shared computer in lobby or common area
+- Multiple users throughout the day
+- Limited credential provider options needed
+
+**Configuration**:
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+**Additional Kiosk Configuration**:
+- Enable automatic logoff after inactivity
+- Disable or hide unlock option (show only reset)
+- Lock down browser navigation (if supported by portal)
+- Clear browser cache periodically
+
+---
+
+## Troubleshooting & FAQ
+
+This section addresses common issues and frequently asked questions.
+
+---
+
+### Frequently Asked Questions (FAQ)
+
+#### Q1: Where is the CPSettings.xml file located?
+
+**Answer**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml
+```
+
+This file is created during installation if it exists within the same directory as the installer. You need administrator privileges to edit it.
+
+**How to Find It**:
+1. Open File Explorer
+2. Navigate to: `C:\Program Files\Imanami\`
+3. Open the `Password Center Client (x64)` folder
+4. Look for `CPSettings.xml`
+
+**If File is Missing**:
+- Reinstall the credential provider
+- Check if installation completed successfully
+- Verify you're looking in the correct directory
+
+---
+
+#### Q2: I changed CPSettings.xml but don't see any changes. Why?
+
+**Answer**: Changes to configuration require refreshing the login screen.
+
+**To Apply Changes**:
+
+**Option 1: Lock and Unlock**:
+1. Save CPSettings.xml
+2. Press `Win + L` to lock
+3. Press `Ctrl + Alt + Del`, then press Escape
+4. Lock again (`Win + L`)
+5. Changes should now be visible
+
+**Option 2: Restart Computer** (most reliable):
+1. Save CPSettings.xml
+2. Restart the computer
+3. Changes will be applied on next login screen
+
+**Option 3: Restart Windows Logon Process** (advanced):
+1. Open Task Manager as Administrator
+2. Go to Details tab
+3. Find `winlogon.exe`
+4. End process (will restart automatically)
+5. ⚠️ Use with caution - may log you out
+
+**Note**: Configuration cached from Group Policy or Registry takes precedence over CPSettings.xml.
+
+---
+
+#### Q3: The credential provider tile doesn't appear on the login screen
+
+**Troubleshooting Steps**:
+
+1. **Verify Installation**:
+ - Check if files exist in: `C:\Program Files\Imanami\Password Center Client (x64)\`
+ - Verify `Imanami.PasswordCenter.Credential64.dll` is present
+
+2. **Check Registry Registration**:
+ - Open Registry Editor (regedit.exe)
+ - Navigate to: `HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{c8765b62-7058-4d7f-9421-11a75d623206}`
+ - Verify the key exists
+ - Check if default value is: "Imanami.PasswordCenter.Credential64"
+
+3. **Verify DLL Registration**:
+ - Open Command Prompt as Administrator
+ - Run: `reg query "HKLM\SOFTWARE\Classes\CLSID\{c8765b62-7058-4d7f-9421-11a75d623206}"`
+ - Should show InprocServer32 pointing to the DLL
+
+4. **Check Event Logs**:
+ - Open Event Viewer
+ - Navigate to: Windows Logs → System
+ - Look for errors related to credential providers or winlogon
+
+5. **Try Reinstalling**:
+ - Uninstall the credential provider
+ - Restart the computer
+ - Reinstall the MSI package
+ - Restart again
+
+6. **Check Group Policy**:
+ - Run: `gpresult /h gpreport.html`
+ - Open gpreport.html
+ - Check for any policies that might disable custom credential providers
+
+---
+
+#### Q4: Browser window opens but portal doesn't load
+
+**Common Causes and Solutions**:
+
+**Cause 1: Incorrect URL**
+- Check `ResetMyPasswordUrl` and `UnlockMyAccountUrl` in CPSettings.xml
+- Verify URLs are correct (copy-paste from working browser)
+- Ensure URLs include `https://` or `http://`
+- Test URLs in a regular browser first
+
+**Cause 2: Network Connectivity**
+- Ping the portal server from command prompt
+- Check firewall settings
+- Verify internet connection is working
+- Test from the login screen user context (not your user context)
+
+**Cause 3: Proxy Issues**
+- If behind a proxy, configure proxy settings in CPSettings.xml
+- Verify proxy server address and port are correct
+- Check if proxy requires authentication
+- Test proxy settings in regular browser first
+
+**Cause 4: SSL Certificate Errors**
+- Enable logging: ``
+- Check log.txt for certificate errors
+- Verify portal has valid SSL certificate
+- See [IgnoreCertificateErrors](#ignorecertificateerrors) section for handling certificate issues
+
+**Debugging Steps**:
+1. Enable logging in CPSettings.xml
+2. Reproduce the issue
+3. Check `log.txt` in installation directory
+4. Look for errors related to URL loading
+5. Test the URL in a regular browser from the same computer
+
+---
+
+#### Q5: How do I hide Windows Hello or PIN options?
+
+**Answer**: Use the `FilterLogon` and `FilterUnlock` settings to hide specific credential providers.
+
+**Example - Hide Windows Hello Face and PIN**:
+
+```xml
+
+
+```
+
+Where:
+- `{BEC09223-B018-416D-A0AC-523971B639F5}` = Windows Hello Face
+- `{D6886603-9D2F-4EB2-B667-1971041FA96B}` = PIN
+
+**Alternative - Show Only Specific Providers**:
+
+```xml
+
+```
+
+This shows only:
+- Standard password login (`{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}`)
+- Netwrix credential provider (`{c8765b62-7058-4d7f-9421-11a75d623206}`)
+
+See [Credential Provider Filtering](#credential-provider-filtering) section for complete list of CLSIDs.
+
+---
+
+#### Q6: Can I use the same portal URL for both reset and unlock?
+
+**Answer**: Yes! If your password reset portal handles both functions, you can use the same URL:
+
+```xml
+
+
+```
+
+Many self-service portals automatically detect whether the user needs password reset or account unlock based on their account status.
+
+**Alternative**: Use different paths on the same server:
+
+```xml
+
+
+```
+
+---
+
+#### Q7: How do I deploy to multiple computers?
+
+**Answer**: There are several deployment methods:
+
+**Method 1: Group Policy Software Installation** (Recommended for AD environments)
+1. Copy MSI to network share
+2. Open Group Policy Management
+3. Create/Edit GPO
+4. Navigate to: Computer Configuration → Policies → Software Settings → Software Installation
+5. Right-click → New → Package
+6. Select the MSI file
+7. Choose "Assigned"
+8. Configure settings via Group Policy (see [Scenario 2](#scenario-2-enterprise-with-group-policy))
+
+**Method 2: SCCM/Intune**
+1. Import MSI into SCCM/Intune
+2. Create deployment package
+3. Target computer collections
+4. Deploy with automatic installation
+
+**Method 3: PowerShell Script**
+```powershell
+# Deploy to multiple computers
+$computers = Get-Content "computers.txt"
+$msiPath = "\\server\share\PasswordCenterClientSetup64.msi"
+
+foreach ($computer in $computers) {
+ Invoke-Command -ComputerName $computer -ScriptBlock {
+ Start-Process msiexec.exe -ArgumentList "/i $using:msiPath /quiet /norestart" -Wait
+ }
+}
+```
+
+**Method 4: Manual Installation** (Small deployments)
+1. Copy MSI to each computer
+2. Run MSI as administrator on each computer
+3. Configure CPSettings.xml on each computer
+4. Restart computers
+
+---
+
+#### Q8: How do I enable logging for troubleshooting?
+
+**Answer**:
+
+**Step 1: Enable Logging in Configuration**
+
+Edit CPSettings.xml:
+```xml
+
+
+```
+
+**Step 2: Apply Changes**
+- Save the file
+- Restart the computer or lock/unlock twice
+
+**Step 3: Reproduce the Issue**
+- Trigger the problem you're troubleshooting
+- Interact with the credential provider
+
+**Step 4: Collect Log Files**
+
+Log files are located in the installation directory:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\log.txt
+C:\Program Files\Imanami\Password Center Client (x64)\debug.log (CEF log)
+```
+
+**Step 5: Review Logs**
+- Open log.txt in Notepad
+- Look for ERROR or WARNING entries
+- Check timestamps to find relevant entries
+- Note any error codes or messages
+
+**Step 6: Disable Logging After Troubleshooting**
+```xml
+
+
+```
+
+**⚠️ Important**:
+- Delete log files after troubleshooting (may contain sensitive info)
+- Don't leave logging enabled in production (performance impact)
+
+---
+
+#### Q9: SSL certificate errors appear when accessing the portal
+
+**Answer**: This usually means your password reset portal uses:
+- Self-signed SSL certificate
+- Expired certificate
+- Certificate from untrusted CA
+- Certificate hostname doesn't match
+
+**✅ Recommended Solutions** (in order of preference):
+
+**Solution 1: Get Valid SSL Certificate**
+- Obtain certificate from trusted CA (Let's Encrypt, DigiCert, etc.)
+- Install on your password reset portal
+- Problem solved permanently
+
+**Solution 2: Add Certificate to Windows Trust Store**
+1. Export the certificate from your portal
+2. Copy certificate to the computer
+3. Open Certificate Manager: Run → `certlm.msc`
+4. Navigate to: Trusted Root Certification Authorities → Certificates
+5. Right-click → All Tasks → Import
+6. Import the certificate
+7. Restart computer
+
+**Solution 3: Use Proper Hostname**
+- Access portal via its proper domain name, not IP address
+- Ensure certificate matches the hostname exactly
+
+**❌ NOT Recommended: Ignore Certificate Errors**
+
+Only as a temporary workaround for testing:
+```xml
+
+```
+
+**⚠️ WARNING**: This is insecure! See [IgnoreCertificateErrors](#ignorecertificateerrors) for security implications.
+
+---
+
+#### Q10: How do I upgrade to a newer version?
+
+**Answer**: This product does NOT support in-place upgrades. You must uninstall the old version first.
+
+**Upgrade Procedure**:
+
+1. **Backup Current Configuration**:
+ - Export registry settings (if using GPO)
+ - Copy CPSettings.xml to a safe location
+ - Document current configuration
+
+2. **Uninstall Current Version**:
+ - Control Panel → Programs and Features
+ - Select "Netwrix GroupID Credential Provider"
+ - Click "Uninstall"
+ - Restart the computer
+
+3. **Install New Version**:
+ - Follow the [First-Time Setup Guide](#first-time-setup-guide)
+ - Install the new MSI package
+ - Restart the computer
+
+4. **Restore Configuration**:
+ - Copy your backed-up CPSettings.xml to the installation directory
+ - Or reapply GPO settings
+ - Restart or lock/unlock to verify
+
+**For Enterprise Deployments**:
+- Update the MSI package in your GPO/SCCM deployment
+- Configure the GPO to uninstall old version before installing new version
+- Test with a pilot group before rolling out organization-wide
+
+See [Upgrade Policy](#upgrade-policy) for details.
+
+---
+
+#### Q11: Do I need to restart after changing configuration?
+
+**Answer**: It depends on what you changed and how:
+
+**Requires Restart**:
+- ✅ Installing/uninstalling the credential provider
+- ✅ First-time configuration
+- ✅ Changing filtering settings (FilterLogon, FilterUnlock, AllowedCP)
+- ✅ When in doubt, restart to be safe
+
+**May Not Require Restart** (lock/unlock may be sufficient):
+- URL changes (ResetMyPasswordUrl, UnlockMyAccountUrl)
+- UI customization (titles, text)
+- Logging settings
+- Proxy settings
+
+**Recommended**:
+- For critical changes: **Restart the computer**
+- For testing: **Lock/Unlock** and test
+- For production: **Always restart** to ensure changes are fully applied
+
+---
+
+### Common Error Messages
+
+#### Error: "The page cannot be displayed"
+
+**Cause**: Network connectivity or proxy issues
+
+**Solutions**:
+1. Verify internet connection is working
+2. Check firewall settings - allow outbound HTTPS (port 443)
+3. Configure proxy settings if behind corporate proxy
+4. Test URL in regular browser
+5. Check Windows Event Log for network-related errors
+
+---
+
+#### Error: "This site is not secure" or Certificate Error
+
+**Cause**: SSL certificate validation failed
+
+**Solutions**:
+1. Install valid SSL certificate on portal (best solution)
+2. Add self-signed certificate to Windows trust store
+3. Verify accessing portal via correct hostname (not IP)
+4. For testing only: temporarily set ``
+
+---
+
+#### Error: Login screen appears blank or freezes
+
+**Cause**: Credential provider DLL failed to load or crashed
+
+**Solutions**:
+1. Check Windows Event Log:
+ - Windows Logs → System
+ - Look for winlogon or credential provider errors
+2. Verify DLL exists: `C:\Program Files\Imanami\Password Center Client (x64)\Imanami.PasswordCenter.Credential64.dll`
+3. Check Visual C++ 2022 Redistributable is installed
+4. Reinstall credential provider
+5. Boot in Safe Mode to access system if locked out
+
+**⚠️ Important**: If locked out of system, see [Emergency Removal](#rollback-scenario-3-emergency-removal-system-locked-out) below.
+
+---
+
+#### Error: "Access Denied" when editing CPSettings.xml
+
+**Cause**: Insufficient permissions
+
+**Solutions**:
+1. Open Notepad as Administrator:
+ - Right-click Notepad
+ - Select "Run as administrator"
+2. Then open CPSettings.xml from within Notepad
+3. Or use elevated Command Prompt:
+ ```cmd
+ notepad "C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml"
+ ```
+
+---
+
+### Advanced Troubleshooting
+
+#### Collecting Diagnostic Information
+
+When contacting support, collect this information:
+
+**1. Configuration Files**:
+```
+C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml
+```
+
+**2. Log Files** (if logging enabled):
+```
+C:\Program Files\Imanami\Password Center Client (x64)\log.txt
+C:\Program Files\Imanami\Password Center Client (x64)\debug.log
+```
+
+**3. Registry Export**:
+Open Command Prompt as Administrator:
+```cmd
+reg export "HKLM\SOFTWARE\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings" CPRegistry.reg
+reg export "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{c8765b62-7058-4d7f-9421-11a75d623206}" CPProviderReg.reg
+```
+
+**4. Event Logs**:
+```cmd
+wevtutil epl System SystemLog.evtx
+wevtutil epl Application ApplicationLog.evtx
+```
+
+**5. Group Policy Report**:
+```cmd
+gpresult /h GPReport.html
+```
+
+**6. Installation Information**:
+```cmd
+wmic product where "name like '%Credential%'" get name,version
+```
+
+**⚠️ Redact Sensitive Information**: Before sharing with support, remove:
+- Passwords
+- Internal URLs/server names
+- Usernames
+- Internal IP addresses
+
+---
+
+#### Recovery Mode (Locked Out)
+
+If the credential provider causes issues and you're locked out:
+
+**Option 1: Safe Mode**
+1. Restart computer
+2. Press F8 during boot (or Shift + F8)
+3. Select "Safe Mode"
+4. Login with administrator account
+5. Uninstall credential provider or fix configuration
+6. Restart normally
+
+**Option 2: Boot from Recovery Media**
+1. Boot from Windows installation media
+2. Select "Repair your computer"
+3. Choose "Command Prompt"
+4. Navigate to credential provider installation folder
+5. Rename or delete the DLL:
+ ```cmd
+ cd "C:\Program Files\Imanami\Password Center Client (x64)"
+ ren Imanami.PasswordCenter.Credential64.dll Imanami.PasswordCenter.Credential64.dll.bak
+ ```
+6. Restart computer
+
+**Option 3: Remote Registry Edit**
+1. From another computer on the network
+2. Open Registry Editor (regedit.exe)
+3. Connect to remote registry:
+ - File → Connect Network Registry
+ - Enter computer name
+4. Navigate to credential provider registration key
+5. Delete or rename the key
+6. Restart remote computer
+
+---
+
+#### Testing Filtering Behavior
+
+To verify filtering is working correctly:
+
+**Step 1: Disable Filtering**
+```xml
+
+```
+- Lock computer
+- Note which credential providers appear (should see all)
+
+**Step 2: Enable Filtering with Specific Filter**
+```xml
+
+
+```
+- Lock computer
+- PIN provider should be hidden
+- Other providers should appear
+
+**Step 3: Test AllowedCP**
+```xml
+
+```
+- Lock computer
+- Should see ONLY password and Netwrix provider
+
+---
+
+## Security Best Practices
+
+Follow these best practices to ensure secure deployment of the credential provider:
+
+### 1. Use HTTPS for Portal URLs
+
+**✅ DO:**
+```xml
+
+
+```
+
+**❌ DON'T:**
+```xml
+
+```
+
+**Why**: HTTPS encrypts communication between the client and portal, protecting user credentials in transit.
+
+---
+
+### 2. Use Valid SSL Certificates
+
+**✅ DO:**
+- Obtain SSL certificates from trusted Certificate Authorities
+- Keep certificates up-to-date (monitor expiration)
+- Use proper hostname matching
+- Implement certificate pinning if available
+
+**❌ DON'T:**
+- Use self-signed certificates in production
+- Ignore certificate errors with `IgnoreCertificateErrors = true`
+- Use expired certificates
+- Access portal via IP address instead of hostname
+
+---
+
+### 3. Secure Proxy Credentials
+
+**✅ DO:**
+- Use proxy servers with Windows integrated authentication
+- If credentials required, deploy via Group Policy (more secure than local file)
+- Use dedicated service account with minimal privileges
+- Rotate proxy passwords regularly
+- Monitor service account for suspicious activity
+
+**❌ DON'T:**
+- Store proxy credentials in CPSettings.xml if avoidable
+- Use personal accounts for proxy authentication
+- Use passwords that don't expire
+- Share proxy credentials across multiple services
+
+---
+
+### 4. Restrict File Permissions
+
+**Recommended File Permissions** for CPSettings.xml:
+
+```
+C:\Program Files\Imanami\Password Center Client (x64)\CPSettings.xml
+- SYSTEM: Full Control
+- Administrators: Full Control
+- Users: Read only
+```
+
+**How to Set**:
+1. Right-click CPSettings.xml
+2. Properties → Security tab
+3. Click "Advanced"
+4. Remove all permissions
+5. Add:
+ - SYSTEM: Full Control
+ - Administrators: Full Control
+ - Users: Read
+6. Disable inheritance
+7. Apply changes
+
+**Why**: Prevents non-administrators from modifying configuration or reading proxy credentials.
+
+---
+
+### 5. Control Credential Provider Filtering
+
+**✅ DO:**
+- Use filtering to limit credential provider options
+- Simplify user experience by showing only necessary options
+- Use `AllowedCP` for whitelist approach (more secure)
+- Test filtering thoroughly before deployment
+
+**❌ DON'T:**
+- Leave `DisableAutoFilter = true` in production
+- Expose unnecessary credential providers
+- Filter out standard password login (users need a fallback method)
+
+**Recommended Filtering** (show only password and Netwrix):
+```xml
+
+```
+
+---
+
+### 6. Disable Logging in Production
+
+**✅ DO:**
+```xml
+
+
+```
+
+**❌ DON'T:**
+- Leave logging enabled in production
+- Store logs indefinitely
+- Share logs without redacting sensitive information
+
+**Why**:
+- Log files may contain sensitive information (URLs, usernames)
+- Logging impacts performance
+- Logs consume disk space
+
+**When Troubleshooting**:
+1. Enable logging temporarily
+2. Reproduce issue
+3. Collect logs
+4. Disable logging immediately
+5. Delete logs after analysis
+
+---
+
+### 7. Use Group Policy for Enterprise Deployment
+
+**✅ DO:**
+- Deploy configuration via Group Policy
+- Use Group Policy Software Installation for MSI deployment
+- Centralize configuration management
+- Prevent local administrators from changing settings
+
+**❌ DON'T:**
+- Rely solely on local CPSettings.xml file in enterprise
+- Allow users to modify credential provider settings
+- Deploy without testing in pilot group first
+
+**Benefits**:
+- Configuration stored in registry (more secure than XML file)
+- Centralized management
+- Audit trail of changes
+- Automatic deployment to new computers
+
+---
+
+### 8. Regular Security Audits
+
+**Audit Checklist**:
+
+- [ ] Review CPSettings.xml or GPO configuration quarterly
+- [ ] Verify SSL certificates are valid and up-to-date
+- [ ] Check for unauthorized changes to configuration
+- [ ] Review Windows Event Logs for credential provider errors
+- [ ] Test password reset functionality periodically
+- [ ] Verify filtering is working as expected
+- [ ] Check file permissions on installation directory
+- [ ] Review proxy credentials and rotate if needed
+- [ ] Confirm logging is disabled in production
+- [ ] Test rollback procedures
+
+---
+
+### 9. Protect Against Brute Force Attacks
+
+**Portal-Side Protections** (implement on your password reset portal):
+- Rate limiting on reset attempts
+- Account lockout after failed attempts
+- CAPTCHA for reset requests
+- Multi-factor authentication
+- Email/SMS verification
+- Audit logging of all reset attempts
+- Anomaly detection
+
+**Credential Provider Protections**:
+- Use `AllowedCP` to limit authentication methods
+- Enable Windows audit policies to log logon attempts
+- Monitor failed login attempts via Event Log
+- Deploy alongside Windows account lockout policies
+
+---
+
+### 10. Data Protection Considerations
+
+**Compliance Requirements**:
+
+**GDPR/Privacy**:
+- Disable logging in production (logs may contain PII)
+- If logging required, implement log retention policy
+- Document what data is processed
+- Ensure password reset portal complies with data protection regulations
+
+**PCI DSS** (if applicable):
+- Use strong SSL/TLS (TLS 1.2 or higher)
+- Do not store cardholder data in logs
+- Regular security testing
+- Strong access controls
+
+**HIPAA** (healthcare):
+- Use encrypted connections (HTTPS)
+- Implement audit logging on portal side
+- Regular security risk assessments
+- Business Associate Agreement with portal provider
+
+---
+
+## Rollback Instructions
+
+If the credential provider causes issues or you need to revert changes, follow these procedures:
+
+### Rollback Scenario 1: Undo Configuration Changes
+
+**Situation**: Configuration changes caused unexpected behavior but credential provider works
+
+**Steps**:
+
+1. **Revert to Previous Configuration**:
+ - Edit CPSettings.xml
+ - Restore previous settings
+ - Or delete customizations to use defaults
+
+2. **Or Revert Registry Changes**:
+ - Open Registry Editor (regedit.exe)
+ - Navigate to: `HKLM\SOFTWARE\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings`
+ - Delete modified values
+ - Or restore from previous registry export
+
+3. **Or Revert Group Policy**:
+ - Open Group Policy Management
+ - Edit the GPO
+ - Delete or modify credential provider settings
+ - Run `gpupdate /force` on client computers
+
+4. **Apply Changes**:
+ - Restart computer
+ - Verify expected behavior
+
+---
+
+### Rollback Scenario 2: Uninstall Credential Provider
+
+**Situation**: Need to completely remove the credential provider
+
+**Method 1: Uninstall via Control Panel**
+
+1. Open Control Panel
+2. Programs and Features (or Apps & Features)
+3. Find "Netwrix GroupID Credential Provider"
+4. Click "Uninstall"
+5. Follow uninstall wizard
+6. Restart computer
+
+**Method 2: Uninstall via Command Line**
+
+```cmd
+wmic product where name="Netwrix GroupID Credential Provider" call uninstall
+```
+
+Or using MSI:
+```cmd
+msiexec /x {4C3F32FA-8AAE-41B7-806E-195782B986D5} /quiet /norestart
+```
+
+**Method 3: Uninstall Silently (for scripts)**
+
+```cmd
+msiexec /x "C:\Path\To\PasswordCenterClientSetup64.msi" /quiet /norestart
+```
+
+---
+
+### Rollback Scenario 3: Emergency Removal (System Locked Out)
+
+**Situation**: Credential provider prevents login and need immediate access
+
+**Option 1: Safe Mode**
+
+1. Reboot computer
+2. Press F8 during boot (or Shift + Restart → Troubleshoot → Advanced Options → Startup Settings → Restart → F4)
+3. Select "Safe Mode"
+4. Login with administrator account
+5. Uninstall credential provider via Control Panel
+6. Restart normally
+
+**Option 2: Manual Removal via Recovery Mode**
+
+1. Boot from Windows installation media
+2. Select "Repair your computer"
+3. Troubleshoot → Command Prompt
+4. Identify Windows drive (usually C:):
+ ```cmd
+ dir C:\
+ ```
+5. Navigate to installation folder:
+ ```cmd
+ cd "C:\Program Files\Imanami\Password Center Client (x64)"
+ ```
+6. Rename the DLL to disable it:
+ ```cmd
+ ren Imanami.PasswordCenter.Credential64.dll Imanami.PasswordCenter.Credential64.dll.disabled
+ ```
+7. Remove registry entries:
+ ```cmd
+ reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{c8765b62-7058-4d7f-9421-11a75d623206}" /f
+ ```
+8. Restart:
+ ```cmd
+ wpeutil reboot
+ ```
+
+**Option 3: Remote Registry Edit**
+
+1. From another computer on the network
+2. Ensure Remote Registry service is running on target computer
+3. Open Registry Editor (regedit.exe)
+4. File → Connect Network Registry
+5. Enter computer name
+6. Navigate to: `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers`
+7. Delete the key: `{c8765b62-7058-4d7f-9421-11a75d623206}`
+8. Restart remote computer
+
+---
+
+### Rollback Scenario 4: Restore from Backup
+
+**Situation**: Need to restore entire system configuration
+
+**If you have Registry Backup**:
+
+1. Open Registry Editor (regedit.exe) as Administrator
+2. File → Import
+3. Select previously exported .reg file
+4. Restart computer
+
+**If you have System Restore Point**:
+
+1. Boot to Safe Mode or Recovery Mode
+2. System Restore → Choose restore point
+3. Select point before credential provider installation
+4. Complete restore process
+5. Restart computer
+
+---
+
+### Rollback Checklist
+
+Use this checklist when rolling back:
+
+- [ ] Document current configuration before rollback
+- [ ] Export registry keys before making changes
+- [ ] Test rollback procedure on non-production computer first
+- [ ] Notify users if credential provider will be unavailable
+- [ ] Have administrator access credentials ready
+- [ ] Backup current configuration files
+- [ ] Create system restore point
+- [ ] Verify other credential providers work after removal
+- [ ] Document reason for rollback (for future reference)
+- [ ] Update change management documentation
+
+---
+
+### Post-Rollback Verification
+
+After rolling back, verify:
+
+1. **Login Still Works**:
+ - Test standard password login
+ - Verify other credential providers (PIN, Windows Hello) work
+ - Test with multiple user accounts
+
+2. **No Remnants**:
+ - Check installation folder is removed (or DLL disabled)
+ - Verify registry keys removed
+ - Check no orphaned files remain
+
+3. **Clean Event Log**:
+ - Check Windows Event Log for credential provider errors
+ - Should see no new credential provider-related errors
+
+4. **Document**:
+ - Record what was rolled back
+ - Note any issues encountered
+ - Document lessons learned
+
+---
+
+### Preventing Rollback Needs
+
+**Best Practices to Avoid Rollback**:
+
+1. **Test Thoroughly Before Production**:
+ - Deploy to pilot group first
+ - Test all scenarios
+ - Verify compatibility with existing credential providers
+
+2. **Use Staging Environment**:
+ - Test configuration changes in lab environment
+ - Validate before deploying to production
+
+3. **Incremental Deployment**:
+ - Deploy to small group first
+ - Monitor for issues
+ - Gradually expand deployment
+
+4. **Maintain Backups**:
+ - Regular system backups
+ - Export registry before changes
+ - Keep previous versions of configuration files
+
+5. **Document Configuration**:
+ - Maintain configuration documentation
+ - Record all changes
+ - Keep history of previous working configurations
+
+---
+
+## Support
+
+### Getting Help
+
+If you need assistance with the Netwrix GroupID Credential Provider:
+
+**Before Contacting Support**:
+
+1. **Check This Documentation**:
+ - Review [Troubleshooting & FAQ](#troubleshooting--faq)
+ - Check [Common Deployment Scenarios](#common-deployment-scenarios)
+ - Verify your configuration against examples
+
+2. **Enable Logging and Collect Information**:
+ - Enable logging in CPSettings.xml
+ - Reproduce the issue
+ - Collect diagnostic information (see [Collecting Diagnostic Information](#collecting-diagnostic-information))
+
+3. **Check Netwrix Knowledge Base**:
+ - Visit: https://www.netwrix.com/support.html
+ - Search for known issues and solutions
+
+---
+
+### Contact Information
+
+**Netwrix Support**:
+- Website: https://www.netwrix.com/support.html
+- Email: support@netwrix.com
+- Phone: Check website for regional support numbers
+
+**When Contacting Support, Provide**:
+
+1. **Product Information**:
+ - Product name: Netwrix GroupID Credential Provider
+ - Version: 3.1.0.0
+ - Installation date
+
+2. **Environment Details**:
+ - Windows version (Windows 10/11)
+ - Domain or workgroup
+ - Number of affected computers
+ - Deployment method (standalone, GPO, SCCM)
+
+3. **Issue Description**:
+ - Detailed description of the problem
+ - Steps to reproduce
+ - When did issue start
+ - What changed recently
+ - Error messages (exact text)
+
+4. **Diagnostic Files** (if applicable):
+ - CPSettings.xml (redact sensitive info)
+ - log.txt (redact sensitive info)
+ - Registry export
+ - Event log export
+ - Screenshots of error messages
+
+---
+
+### Community Resources
+
+**Netwrix Community Forum**:
+- Share experiences with other users
+- Ask questions
+- Learn best practices
+- https://community.netwrix.com/
+
+---
+
+## Appendix
+
+### Appendix A: Complete Configuration Example
+
+Complete CPSettings.xml with all available settings:
+
+```xml
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+```
+
+---
+
+### Appendix B: Registry Configuration Reference
+
+Complete registry configuration for Group Policy deployment:
+
+**Registry Path**:
+```
+HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings
+```
+
+**Registry Values** (all REG_SZ type):
+
+| Name | Value Example | Description |
+|------|---------------|-------------|
+| ResetMyPasswordUrl | https://portal.company.com/reset | Password reset URL |
+| UnlockMyAccountUrl | https://portal.company.com/unlock | Account unlock URL |
+| WindowTitle | Company Password Reset | Browser window title |
+| CPTitle | Company Self-Service | Tile title |
+| ForgetPasswordText | Forgot my password? | Reset button text |
+| UnlockAccountText | Unlock my account | Unlock button text |
+| ImageFile | logo.bmp | Logo filename |
+| IconImage | favicon.ico | Icon filename |
+| DisableAutoFilter | false | Enable/disable filtering |
+| FilterLogon | CLSID;CLSID | Logon filter list |
+| FilterUnlock | CLSID;CLSID | Unlock filter list |
+| AllowedCP | CLSID;CLSID | Allowed providers |
+| ProxyServer | proxy.company.com | Proxy server |
+| ProxyPort | 8080 | Proxy port |
+| ProxyType | http | Proxy type |
+| ProxyPacUrl | http://proxy.company.com/proxy.pac | PAC file URL |
+| ProxyUserName | username | Proxy username |
+| ProxyPassword | password | Proxy password |
+| Log | false | Enable logging |
+| CEFLogMode | Disabled | CEF logging |
+| WebView | cef | Web engine |
+| IgnoreCertificateErrors | false | Certificate validation |
+
+---
+
+### Appendix C: Version History
+
+| Version | Date | Changes |
+|---------|------|---------|
+| 1.0 | October 15, 2025 | Initial technical documentation release |
+
+---
+
+### Appendix D: Credential Provider CLSIDs Reference
+
+Complete list of common Windows credential provider CLSIDs for filtering:
+
+| CLSID | Description |
+|-------|-------------|
+| `{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}` | Password Credential Provider |
+| `{2135F72A-90B5-4ED3-A7F1-8BB705AC276A}` | Picture Password Provider |
+| `{25CBB996-92ED-457E-B28C-4774084BD562}` | Windows Biometric Provider |
+| `{3DD6BEC0-8193-4FFE-AE25-E08E39EA4063}` | Generic Provider |
+| `{4DA7114C-DE47-43BF-A644-62876DCC2A72}` | FIDO Provider |
+| `{8AF662BF-65A0-4D0A-A540-A338A999D36F}` | Fingerprint Provider |
+| `{8FD7E19C-3BF7-489B-A72C-846AB3678C96}` | Smart Card Provider |
+| `{BEC09223-B018-416D-A0AC-523971B639F5}` | Windows Hello Face Provider |
+| `{C5D7540A-CD51-453B-B22B-05305BA03F07}` | NGC (Next Generation Credentials) Provider |
+| `{C885AA15-1764-4293-B82A-0586ADD46B35}` | Cloud Experience Provider |
+| `{D6886603-9D2F-4EB2-B667-1971041FA96B}` | PIN Provider |
+| `{F64945DF-4FA9-4068-A2FB-61AF319EDD33}` | IrisRecognition Provider |
+| `{F8A0B131-5F68-486C-8040-7E8FC3C85BB6}` | Generic Tile Provider |
+| `{c8765b62-7058-4d7f-9421-11a75d623206}` | **Netwrix GroupID Credential Provider** |
+
+---
+
+## Document Changelog
+
+### Version 1.0 - October 15, 2025
+- Initial release
+- Complete technical documentation
+- Step-by-step first-time setup guide
+- Glossary of terms and acronyms
+- Configuration reference with defaults table
+- Common deployment scenarios with examples
+- Comprehensive troubleshooting and FAQ section
+- Security best practices
+- Rollback instructions for safe undoing
+- Appendices with complete configuration examples
+
+---
+
+**Document End**
+
+*For the latest version of this documentation, visit: https://www.netwrix.com/groupid-credential-provider-docs*
diff --git a/docs/endpointprotector/admin/ServerUpdatePage.png b/docs/endpointprotector/admin/ServerUpdatePage.png
new file mode 100644
index 0000000000..ad8945d532
Binary files /dev/null and b/docs/endpointprotector/admin/ServerUpdatePage.png differ
diff --git a/docs/endpointprotector/admin/cap_module/capmodule.md b/docs/endpointprotector/admin/cap_module/capmodule.md
index 606f1eb399..e866551f5f 100644
--- a/docs/endpointprotector/admin/cap_module/capmodule.md
+++ b/docs/endpointprotector/admin/cap_module/capmodule.md
@@ -42,11 +42,6 @@ Content Aware Protection comes as the second level of data protection available
Protector. The module is displayed but requires a simple activation by pressing the Enable button.
If not previously provided, the contact details of the Main Administrator will be required.
-:::note
-Any details provided will only be used to ensure the Live Update Server is configured
-correctly and that the Content Aware Protection module was enabled successfully.
-:::
-
diff --git a/docs/endpointprotector/admin/dc_module/SmartGroupSettings.png b/docs/endpointprotector/admin/dc_module/SmartGroupSettings.png
new file mode 100644
index 0000000000..17058fa47d
Binary files /dev/null and b/docs/endpointprotector/admin/dc_module/SmartGroupSettings.png differ
diff --git a/docs/endpointprotector/admin/dc_module/dpiconfiguration.png b/docs/endpointprotector/admin/dc_module/dpiconfiguration.png
new file mode 100644
index 0000000000..ed00afbe4f
Binary files /dev/null and b/docs/endpointprotector/admin/dc_module/dpiconfiguration.png differ
diff --git a/docs/endpointprotector/admin/dc_module/globalsettings.md b/docs/endpointprotector/admin/dc_module/globalsettings.md
index 3f11310437..43490b2e12 100644
--- a/docs/endpointprotector/admin/dc_module/globalsettings.md
+++ b/docs/endpointprotector/admin/dc_module/globalsettings.md
@@ -408,8 +408,11 @@ In this section, you can manage the following settings:
Learn more about [Bypass Log Reporting Frequency](#bypass-log-reporting-frequency).
:::
+- DPI Bypass for Unidentified Application – this will enable bypassing DPI while logging traffic details,
+ if available. Applicable only to EPP Clients for Linux with version 2.4.5.x or higher.
-
+
+
### Intercept VPN Traffic
diff --git a/docs/endpointprotector/admin/dc_module/groupinformationcreation.png b/docs/endpointprotector/admin/dc_module/groupinformationcreation.png
new file mode 100644
index 0000000000..4261064c48
Binary files /dev/null and b/docs/endpointprotector/admin/dc_module/groupinformationcreation.png differ
diff --git a/docs/endpointprotector/admin/dc_module/groupinformationedit.png b/docs/endpointprotector/admin/dc_module/groupinformationedit.png
new file mode 100644
index 0000000000..ef4884beeb
Binary files /dev/null and b/docs/endpointprotector/admin/dc_module/groupinformationedit.png differ
diff --git a/docs/endpointprotector/admin/dc_module/usersandgroups.md b/docs/endpointprotector/admin/dc_module/usersandgroups.md
index 7192813ea2..b948f3b9a1 100644
--- a/docs/endpointprotector/admin/dc_module/usersandgroups.md
+++ b/docs/endpointprotector/admin/dc_module/usersandgroups.md
@@ -133,7 +133,7 @@ assigned to the Default Group unless you create a Smart Group.
:::
-
+
**Step 2 –** Create a Smart Groups from Device Control, Groups section. Click **Create**, provide
the following and then click **Save**:
@@ -141,14 +141,35 @@ the following and then click **Save**:
- Group name, description and Department
- Enable the Smart Group setting
- Select the Entity, Computers or Users
-- Set rules for the Computers or Users by inclusion and exclusion.
-
-Define the rules Computers or Users are added to the Smart Groups based on the naming pattern rules:
-XYZ\*, \*XYZ\*,\*XYZ.
+- Set rules for the Computers or Users by adding conditions for their selected properties.
+
+These entities support similar, but slightly different properties that can be used in filtering, as follows:
+
+ | Computer | Users |
+ |-------------------------------------- |---------------------------------------|
+ | Computer ID | First Name |
+ | Username | Last Name |
+ | Main IP | Employee ID |
+ | Main MAC Address | Phone |
+ | Serial Number | e-mail |
+ | Domain | Team |
+ | Workgroup | Last Computer |
+ | Department | Domain |
+ | Groups | Department |
+ | OS | Groups |
+ | Last Seen | Last Seen |
+ | Location | Certificate added to Keychain/store |
+ | Client Version | |
+ | Terminal Server | |
+ | Certificate added to Keychain/store | |
+
+
+- Define the rules by adding a property, an operator and a value for that operator like: XYZ*, *XYZ*,*XYZ. You can add multiple rules using different or the same property.
:::warning
-The rules set are key-sensitive!
-:::
+The values set are key-sensitive!
+
+- After defining the rules, validate the expressions used in the conditions by clicking the Validate button. If the conditions are built correctly, the top ten matching results are displayed after validation.
:::note
@@ -156,7 +177,7 @@ Once created, you can manage the group's priority by drag and drop actions.
:::
-
+
**Step 3 –** Synchronize entities to the Smart Groups.
@@ -175,7 +196,7 @@ assigned to that Group.
If the new Computer does not match the rule, it will be added to the Default Group, if Default
Groups are enabled from System Configuration, System Settings, and the Smart Groups section.
-
+
**Step 4 –** Delete a Smart Group from the Actions column or select the group from the list and then
click **Delete**.
diff --git a/docs/endpointprotector/admin/ed_module/edmodule.md b/docs/endpointprotector/admin/ed_module/edmodule.md
index 76af975bf8..641a184781 100644
--- a/docs/endpointprotector/admin/ed_module/edmodule.md
+++ b/docs/endpointprotector/admin/ed_module/edmodule.md
@@ -24,11 +24,6 @@ eDiscovery comes as the third level of data protection available in Endpoint Pro
is displayed but requires a simple activation by pressing the Enable button. If not previously
provided, the contact details of the Main Administrator will be required.
-:::note
-Any details provided will only be used to ensure the Live Update Server is configured
-correctly and that the eDiscovery module was enabled successfully.
-:::
-
:::warning
The eDiscovery module is separate from Device Control or Content Aware Protection
diff --git a/docs/endpointprotector/admin/serverclientcommunication.md b/docs/endpointprotector/admin/serverclientcommunication.md
index cc857ad60a..da93694f12 100644
--- a/docs/endpointprotector/admin/serverclientcommunication.md
+++ b/docs/endpointprotector/admin/serverclientcommunication.md
@@ -31,4 +31,4 @@ the TLS protocol.
| Older than 5.7.0.0 | |
| ------------------------- | -------------------------------------------------------------------------------------------------- |
-| Version 5.7.0.0 or higher | For in-place upgrades via Live Update, the Linux OS libraries must be upgraded by Customer Support |
+| Version 5.7.0.0 or higher | For in-place upgrades via Live Update (deprecated feature starting with 2509 version), the Linux OS libraries must be upgraded by Customer Support |
diff --git a/docs/endpointprotector/admin/systemconfiguration/ClientSoftwarePage.png b/docs/endpointprotector/admin/systemconfiguration/ClientSoftwarePage.png
new file mode 100644
index 0000000000..fdb656c85e
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/ClientSoftwarePage.png differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/ClientSoftwareUpdatePage.png b/docs/endpointprotector/admin/systemconfiguration/ClientSoftwareUpdatePage.png
new file mode 100644
index 0000000000..9776ad6367
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/ClientSoftwareUpdatePage.png differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/ServerUpdatePage.png b/docs/endpointprotector/admin/systemconfiguration/ServerUpdatePage.png
new file mode 100644
index 0000000000..ad8945d532
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/ServerUpdatePage.png differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/SmartGroupSettings.png b/docs/endpointprotector/admin/systemconfiguration/SmartGroupSettings.png
new file mode 100644
index 0000000000..17058fa47d
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/SmartGroupSettings.png differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/adminactions.webp b/docs/endpointprotector/admin/systemconfiguration/adminactions.webp
new file mode 100644
index 0000000000..4db00cb5a9
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/adminactions.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/adminandaccess.md b/docs/endpointprotector/admin/systemconfiguration/adminandaccess.md
index fd683fd6d8..594fe5d590 100644
--- a/docs/endpointprotector/admin/systemconfiguration/adminandaccess.md
+++ b/docs/endpointprotector/admin/systemconfiguration/adminandaccess.md
@@ -67,7 +67,7 @@ The Super Administrator has complete control over the entire system. By enabling
super administrators settings in the Administration and Access Control section, you can grant Super
Administrator privilege to all Azure Single Sign On imported users.
-Super Administrators have access to the General Dashboard, can control Live Updates, can run
+Super Administrators have access to the General Dashboard, can run
Effective Rights reports, can manage Device Control, can manage Content Aware Protection including
Deep Packet Inspection, can manage eDiscovery, can manage Denylists, Allowlists, and URL Categories,
can manage Enforced Encryption, can manage Offline Temporary Password, can view Reporting and
diff --git a/docs/endpointprotector/admin/systemconfiguration/advancedscanningexceptions.webp b/docs/endpointprotector/admin/systemconfiguration/advancedscanningexceptions.webp
new file mode 100644
index 0000000000..89ab1f3c27
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/advancedscanningexceptions.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/applianceoperations.webp b/docs/endpointprotector/admin/systemconfiguration/applianceoperations.webp
new file mode 100644
index 0000000000..97299bad1a
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/applianceoperations.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/appregmsentraid.webp b/docs/endpointprotector/admin/systemconfiguration/appregmsentraid.webp
new file mode 100644
index 0000000000..1e57a91279
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/appregmsentraid.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/appregmsentraidtwo.webp b/docs/endpointprotector/admin/systemconfiguration/appregmsentraidtwo.webp
new file mode 100644
index 0000000000..13ec10c51e
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/appregmsentraidtwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/availableupdates.webp b/docs/endpointprotector/admin/systemconfiguration/availableupdates.webp
new file mode 100644
index 0000000000..2a8ea08a4a
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/availableupdates.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azuread.webp b/docs/endpointprotector/admin/systemconfiguration/azuread.webp
new file mode 100644
index 0000000000..1690d54a98
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azuread.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionfive.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionfive.webp
new file mode 100644
index 0000000000..90c5b20f88
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionfive.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionfour.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionfour.webp
new file mode 100644
index 0000000000..15bbdb76e9
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionfour.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionone.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionone.webp
new file mode 100644
index 0000000000..c656fa10d6
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionone.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionseven.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionseven.webp
new file mode 100644
index 0000000000..59f8dc6882
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionseven.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionsix.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionsix.webp
new file mode 100644
index 0000000000..ab3617cd1d
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionsix.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionthree.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionthree.webp
new file mode 100644
index 0000000000..02a4ad982d
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissionthree.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadapipermissiontwo.webp b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissiontwo.webp
new file mode 100644
index 0000000000..bf05ff9b57
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadapipermissiontwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadnewgroup.webp b/docs/endpointprotector/admin/systemconfiguration/azureadnewgroup.webp
new file mode 100644
index 0000000000..bb74071b19
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadnewgroup.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadnewuser.webp b/docs/endpointprotector/admin/systemconfiguration/azureadnewuser.webp
new file mode 100644
index 0000000000..ee482025bd
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadnewuser.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadoverview.webp b/docs/endpointprotector/admin/systemconfiguration/azureadoverview.webp
new file mode 100644
index 0000000000..154c7d9951
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadoverview.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadthree.webp b/docs/endpointprotector/admin/systemconfiguration/azureadthree.webp
new file mode 100644
index 0000000000..bbfb8654b3
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadthree.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azureadtwo.webp b/docs/endpointprotector/admin/systemconfiguration/azureadtwo.webp
new file mode 100644
index 0000000000..ca5391a979
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azureadtwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/azurehome.webp b/docs/endpointprotector/admin/systemconfiguration/azurehome.webp
new file mode 100644
index 0000000000..5b51335371
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/azurehome.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/backendsecurityupdates.webp b/docs/endpointprotector/admin/systemconfiguration/backendsecurityupdates.webp
new file mode 100644
index 0000000000..d100840dd0
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/backendsecurityupdates.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/capfilters.webp b/docs/endpointprotector/admin/systemconfiguration/capfilters.webp
new file mode 100644
index 0000000000..e136cccb16
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/capfilters.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/capmatcheditems.webp b/docs/endpointprotector/admin/systemconfiguration/capmatcheditems.webp
new file mode 100644
index 0000000000..161fd5a52e
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/capmatcheditems.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/capnotifications.webp b/docs/endpointprotector/admin/systemconfiguration/capnotifications.webp
new file mode 100644
index 0000000000..3dc23cd699
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/capnotifications.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/capreports.webp b/docs/endpointprotector/admin/systemconfiguration/capreports.webp
new file mode 100644
index 0000000000..acb04d81a6
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/capreports.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/certsecretestwo.webp b/docs/endpointprotector/admin/systemconfiguration/certsecretestwo.webp
new file mode 100644
index 0000000000..84e08eef19
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/certsecretestwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/certsecrets.webp b/docs/endpointprotector/admin/systemconfiguration/certsecrets.webp
new file mode 100644
index 0000000000..caea1c7749
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/certsecrets.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/certsecretsfive.webp b/docs/endpointprotector/admin/systemconfiguration/certsecretsfive.webp
new file mode 100644
index 0000000000..640d747771
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/certsecretsfive.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/certsecretsfivesix.webp b/docs/endpointprotector/admin/systemconfiguration/certsecretsfivesix.webp
new file mode 100644
index 0000000000..e7e915fd4b
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/certsecretsfivesix.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/certsecretsfour.webp b/docs/endpointprotector/admin/systemconfiguration/certsecretsfour.webp
new file mode 100644
index 0000000000..7c527474bb
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/certsecretsfour.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/certsecretsthree.webp b/docs/endpointprotector/admin/systemconfiguration/certsecretsthree.webp
new file mode 100644
index 0000000000..890c2a45d7
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/certsecretsthree.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/clientcerts.webp b/docs/endpointprotector/admin/systemconfiguration/clientcerts.webp
new file mode 100644
index 0000000000..213438cc84
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/clientcerts.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/clientinstallationios.webp b/docs/endpointprotector/admin/systemconfiguration/clientinstallationios.webp
new file mode 100644
index 0000000000..db562399b2
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/clientinstallationios.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/clientregcert.webp b/docs/endpointprotector/admin/systemconfiguration/clientregcert.webp
new file mode 100644
index 0000000000..d0378e395e
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/clientregcert.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/configliveupdate.webp b/docs/endpointprotector/admin/systemconfiguration/configliveupdate.webp
new file mode 100644
index 0000000000..fadff59efe
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/configliveupdate.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/configwizard.webp b/docs/endpointprotector/admin/systemconfiguration/configwizard.webp
new file mode 100644
index 0000000000..13381665ad
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/configwizard.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/contentawarealerts.webp b/docs/endpointprotector/admin/systemconfiguration/contentawarealerts.webp
new file mode 100644
index 0000000000..a78b236107
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/contentawarealerts.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/contentawarealertshistory.webp b/docs/endpointprotector/admin/systemconfiguration/contentawarealertshistory.webp
new file mode 100644
index 0000000000..d48479310f
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/contentawarealertshistory.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/contextualdetectionone.webp b/docs/endpointprotector/admin/systemconfiguration/contextualdetectionone.webp
new file mode 100644
index 0000000000..d432c2adff
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/contextualdetectionone.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/contextualdetectiontwo.webp b/docs/endpointprotector/admin/systemconfiguration/contextualdetectiontwo.webp
new file mode 100644
index 0000000000..d9dd3a3f33
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/contextualdetectiontwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/createeealert.webp b/docs/endpointprotector/admin/systemconfiguration/createeealert.webp
new file mode 100644
index 0000000000..a93985171d
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/createeealert.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/createexport.webp b/docs/endpointprotector/admin/systemconfiguration/createexport.webp
new file mode 100644
index 0000000000..1fe6b20227
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/createexport.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/createsynchjob.webp b/docs/endpointprotector/admin/systemconfiguration/createsynchjob.webp
new file mode 100644
index 0000000000..5bdc108ee0
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/createsynchjob.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/creatingcontentawarealert.webp b/docs/endpointprotector/admin/systemconfiguration/creatingcontentawarealert.webp
new file mode 100644
index 0000000000..100ac8a7cc
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/creatingcontentawarealert.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/creatingcontentawarealertinfo.webp b/docs/endpointprotector/admin/systemconfiguration/creatingcontentawarealertinfo.webp
new file mode 100644
index 0000000000..507db88bf3
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/creatingcontentawarealertinfo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/creatingdcalert.webp b/docs/endpointprotector/admin/systemconfiguration/creatingdcalert.webp
new file mode 100644
index 0000000000..947d346bf2
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/creatingdcalert.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/creatsystemalert.webp b/docs/endpointprotector/admin/systemconfiguration/creatsystemalert.webp
new file mode 100644
index 0000000000..ff0a042aee
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/creatsystemalert.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/customdcuserremediationnotif.webp b/docs/endpointprotector/admin/systemconfiguration/customdcuserremediationnotif.webp
new file mode 100644
index 0000000000..24e268c3d7
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/customdcuserremediationnotif.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dashboard.webp b/docs/endpointprotector/admin/systemconfiguration/dashboard.webp
new file mode 100644
index 0000000000..bbe52e405d
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dashboard.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dcalerts.webp b/docs/endpointprotector/admin/systemconfiguration/dcalerts.webp
new file mode 100644
index 0000000000..d705272470
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dcalerts.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dcalertshistory.webp b/docs/endpointprotector/admin/systemconfiguration/dcalertshistory.webp
new file mode 100644
index 0000000000..b90ae81ad2
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dcalertshistory.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dcselfremediate.webp b/docs/endpointprotector/admin/systemconfiguration/dcselfremediate.webp
new file mode 100644
index 0000000000..02fb9d4201
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dcselfremediate.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dcuserremediation.webp b/docs/endpointprotector/admin/systemconfiguration/dcuserremediation.webp
new file mode 100644
index 0000000000..6ab844e735
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dcuserremediation.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/debianbaseddistributions.webp b/docs/endpointprotector/admin/systemconfiguration/debianbaseddistributions.webp
new file mode 100644
index 0000000000..1cce300234
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/debianbaseddistributions.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/devicetypes.webp b/docs/endpointprotector/admin/systemconfiguration/devicetypes.webp
new file mode 100644
index 0000000000..dfcb00c225
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/devicetypes.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/devicetypesnotif.webp b/docs/endpointprotector/admin/systemconfiguration/devicetypesnotif.webp
new file mode 100644
index 0000000000..9c7c4c0d15
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/devicetypesnotif.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/devicetypesnotiftwo.webp b/docs/endpointprotector/admin/systemconfiguration/devicetypesnotiftwo.webp
new file mode 100644
index 0000000000..29dfa8688c
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/devicetypesnotiftwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/directorybrowser.webp b/docs/endpointprotector/admin/systemconfiguration/directorybrowser.webp
new file mode 100644
index 0000000000..9e2ff806a4
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/directorybrowser.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/directoryservices.webp b/docs/endpointprotector/admin/systemconfiguration/directoryservices.webp
new file mode 100644
index 0000000000..49306c9557
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/directoryservices.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/diskspace.webp b/docs/endpointprotector/admin/systemconfiguration/diskspace.webp
new file mode 100644
index 0000000000..f970e9c900
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/diskspace.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dnsconfg.webp b/docs/endpointprotector/admin/systemconfiguration/dnsconfg.webp
new file mode 100644
index 0000000000..9edbe2eb4e
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dnsconfg.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dpicertificate.webp b/docs/endpointprotector/admin/systemconfiguration/dpicertificate.webp
new file mode 100644
index 0000000000..85750094b4
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dpicertificate.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/dpion.webp b/docs/endpointprotector/admin/systemconfiguration/dpion.webp
new file mode 100644
index 0000000000..012d718b68
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/dpion.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/eealerthistory.webp b/docs/endpointprotector/admin/systemconfiguration/eealerthistory.webp
new file mode 100644
index 0000000000..3f56ed7d89
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/eealerthistory.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/emailserversettings.webp b/docs/endpointprotector/admin/systemconfiguration/emailserversettings.webp
new file mode 100644
index 0000000000..4d05808dce
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/emailserversettings.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/enforcedencryptionalert.webp b/docs/endpointprotector/admin/systemconfiguration/enforcedencryptionalert.webp
new file mode 100644
index 0000000000..89ad270230
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/enforcedencryptionalert.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/eppagentpermisions.webp b/docs/endpointprotector/admin/systemconfiguration/eppagentpermisions.webp
new file mode 100644
index 0000000000..47dde235dc
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/eppagentpermisions.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/exportlistresults.webp b/docs/endpointprotector/admin/systemconfiguration/exportlistresults.webp
new file mode 100644
index 0000000000..06ea1c3ba0
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/exportlistresults.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/exportreports.webp b/docs/endpointprotector/admin/systemconfiguration/exportreports.webp
new file mode 100644
index 0000000000..d5dc01b2b6
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/exportreports.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/filetracingreports.webp b/docs/endpointprotector/admin/systemconfiguration/filetracingreports.webp
new file mode 100644
index 0000000000..49a56f291b
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/filetracingreports.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/general.webp b/docs/endpointprotector/admin/systemconfiguration/general.webp
new file mode 100644
index 0000000000..134f7a65d8
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/general.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/generaltabios.webp b/docs/endpointprotector/admin/systemconfiguration/generaltabios.webp
new file mode 100644
index 0000000000..eeb12f651a
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/generaltabios.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/interceptvpntraffic.webp b/docs/endpointprotector/admin/systemconfiguration/interceptvpntraffic.webp
new file mode 100644
index 0000000000..7da4392938
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/interceptvpntraffic.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/ipconfg.webp b/docs/endpointprotector/admin/systemconfiguration/ipconfg.webp
new file mode 100644
index 0000000000..bc69b30f64
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/ipconfg.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/justflist.webp b/docs/endpointprotector/admin/systemconfiguration/justflist.webp
new file mode 100644
index 0000000000..4dff940d39
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/justflist.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/keychainaccess.webp b/docs/endpointprotector/admin/systemconfiguration/keychainaccess.webp
new file mode 100644
index 0000000000..ea698daf59
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/keychainaccess.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/keychainaccesstwo.webp b/docs/endpointprotector/admin/systemconfiguration/keychainaccesstwo.webp
new file mode 100644
index 0000000000..ff11f5b134
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/keychainaccesstwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/licensingpage.png b/docs/endpointprotector/admin/systemconfiguration/licensingpage.png
new file mode 100644
index 0000000000..1011eb39fb
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/licensingpage.png differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/listdefaultnotif.webp b/docs/endpointprotector/admin/systemconfiguration/listdefaultnotif.webp
new file mode 100644
index 0000000000..cf345c5935
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/listdefaultnotif.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/listofevents.webp b/docs/endpointprotector/admin/systemconfiguration/listofevents.webp
new file mode 100644
index 0000000000..3d60525416
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/listofevents.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/liveupdate.webp b/docs/endpointprotector/admin/systemconfiguration/liveupdate.webp
new file mode 100644
index 0000000000..5b0c9cc49c
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/liveupdate.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/login.webp b/docs/endpointprotector/admin/systemconfiguration/login.webp
new file mode 100644
index 0000000000..5fac8e481c
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/login.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/logsreport.webp b/docs/endpointprotector/admin/systemconfiguration/logsreport.webp
new file mode 100644
index 0000000000..e4eebfcdbc
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/logsreport.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/mapon-premisesusers.webp b/docs/endpointprotector/admin/systemconfiguration/mapon-premisesusers.webp
new file mode 100644
index 0000000000..93b819b4b6
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/mapon-premisesusers.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/matcheditemscount.webp b/docs/endpointprotector/admin/systemconfiguration/matcheditemscount.webp
new file mode 100644
index 0000000000..a819310dba
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/matcheditemscount.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/newconnection.webp b/docs/endpointprotector/admin/systemconfiguration/newconnection.webp
new file mode 100644
index 0000000000..daa648f2f9
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/newconnection.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/offlinepatch.webp b/docs/endpointprotector/admin/systemconfiguration/offlinepatch.webp
new file mode 100644
index 0000000000..79e2e9cbfb
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/offlinepatch.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/offlinetemporarypassword.webp b/docs/endpointprotector/admin/systemconfiguration/offlinetemporarypassword.webp
new file mode 100644
index 0000000000..626d9cf74a
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/offlinetemporarypassword.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/onlinecomputers.webp b/docs/endpointprotector/admin/systemconfiguration/onlinecomputers.webp
new file mode 100644
index 0000000000..25fb892194
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/onlinecomputers.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/onlinedevices.webp b/docs/endpointprotector/admin/systemconfiguration/onlinedevices.webp
new file mode 100644
index 0000000000..49c973f0a4
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/onlinedevices.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/onlineusers.webp b/docs/endpointprotector/admin/systemconfiguration/onlineusers.webp
new file mode 100644
index 0000000000..280eb096b7
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/onlineusers.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/overview.md b/docs/endpointprotector/admin/systemconfiguration/overview.md
index ac3ba23488..c4db3dadc5 100644
--- a/docs/endpointprotector/admin/systemconfiguration/overview.md
+++ b/docs/endpointprotector/admin/systemconfiguration/overview.md
@@ -6,34 +6,24 @@ sidebar_position: 140
# System Configuration
-This section includes essential elements such as Endpoint Protector Clients, System Licensing, and
+This section includes essential elements such as Endpoint Protector Clients, Licensing, and
advanced configurations. These settings are critical for maintaining the system's performance,
stability, and compliance, as they directly influence both the operational efficiency and
reliability of the Endpoint Protector solution.
## Client Software
-From this section, you can download and install the Endpoint Protector Client corresponding to your
-operating system.
-
-:::note
-The Server and Client communicate through port 443.
-:::
-
+From this section, you can download the Endpoint Protector and Enforced Encryption Clients corresponding to
+your operating system.
When using a custom WebUI port, please contact
[Netwrix Support](https://www.netwrix.com/support.html) to assist in configuring the Nginx
configuration file.
-The Windows Client installers allow the option to download the package with or without add-ons. This
-option fixes any incompatibility that may arise between Endpoint Protector and the specific solutions.
-
:::warning
-Only the latest Endpoint Protector Clients are available for download. You cannot set
-another default Endpoint Protector Client version from the Client Software Upgrade section.
+Only the latest Endpoint Protector and Enforced Encryption Clients are available for download.
:::
-
To improve the Endpoint Protector installation process, use the Endpoint Protector tool that allows
you to run installation-related actions, identify your current Linux distribution, and view Endpoint
Protector Release Notes.
@@ -45,17 +35,22 @@ Use the following commands:
- rn - release notes
- l - distribution list
+When installing, you can simply click Generate to download a client with the configuration in the UI or
+copy the following details from this screen using the Copy button:
+
+- Endpoint Protector Server IP
+- Endpoint Protector Server port
+- Deprtment Code
+
:::note
Contact Customer Support to provide the tool as well as assistance.
:::
-
+
:::note
-Endpoint Protector Client versions are displayed in the format X.X.X.XXXX on endpoints.
-This version will be saved in the Endpoint Protector Server database, although the web console will
-truncate the last 3 digits.
+Starting with the current release - 2509.0.1.0 - Endpoint Protector Client versions are displayed in the format XXXX.X.X.X on endpoints.
:::
@@ -149,9 +144,9 @@ Additional CLI commands for Linux in specific mode:
## Client Software Upgrade
-From this section, you can upgrade the Endpoint Protector Client and manage the upgraded jobs. The
-Client Software Upgrade feature is only available for Windows and macOS Clients. To upgrade your
-Linux Clients, submit a request using the[online form](https://www.endpointprotector.com/linux).
+From this section, you can upload the latest clients previously downloaded from the **Client Software** section in order to upgrade
+the Endpoint Protector Client and manage the upgraded jobs. The Client Software Upgrade feature is only available
+for Windows and macOS Clients.To upgrade your Linux Clients, submit a request using the[online form](https://www.endpointprotector.com/linux).
:::note
When updating your operating system to the latest macOS Ventura, eppclient.log and
@@ -165,14 +160,10 @@ The feature is not compatible for Endpoint Protector instances that are running
:::
-
+
:::note
-Endpoint Protector Client versions are displayed in the format X.X.X.XXXX on endpoints.
-This version will be saved in the Endpoint Protector Server database, although the web console will
-truncate the last 3 digits. In case Endpoint Protector Client versions are identical (first
-4-digits), Endpoint Protector Server will still compare the full version number against each other,
-identifying the most recent version.
+Starting with the current release - 2509.0.1.0 - Endpoint Protector Client versions are displayed in the format XXXX.X.X.X on endpoints.
:::
diff --git a/docs/endpointprotector/admin/systemconfiguration/overviewadduser.webp b/docs/endpointprotector/admin/systemconfiguration/overviewadduser.webp
new file mode 100644
index 0000000000..401e3fb232
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/overviewadduser.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/proxypop-up.webp b/docs/endpointprotector/admin/systemconfiguration/proxypop-up.webp
new file mode 100644
index 0000000000..ead6a39c18
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/proxypop-up.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/redhatbaseddistributions.webp b/docs/endpointprotector/admin/systemconfiguration/redhatbaseddistributions.webp
new file mode 100644
index 0000000000..b583fb2ded
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/redhatbaseddistributions.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/redhatbaseddistributionstwo.webp b/docs/endpointprotector/admin/systemconfiguration/redhatbaseddistributionstwo.webp
new file mode 100644
index 0000000000..dc670c7362
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/redhatbaseddistributionstwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/revokeremediation.webp b/docs/endpointprotector/admin/systemconfiguration/revokeremediation.webp
new file mode 100644
index 0000000000..87cb9bb95b
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/revokeremediation.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/rights.webp b/docs/endpointprotector/admin/systemconfiguration/rights.webp
new file mode 100644
index 0000000000..245d00c654
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/rights.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/selfremediatesection.webp b/docs/endpointprotector/admin/systemconfiguration/selfremediatesection.webp
new file mode 100644
index 0000000000..9f4eaccccf
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/selfremediatesection.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/serverinformation.webp b/docs/endpointprotector/admin/systemconfiguration/serverinformation.webp
new file mode 100644
index 0000000000..850ae6ea5b
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/serverinformation.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/serverlogin.webp b/docs/endpointprotector/admin/systemconfiguration/serverlogin.webp
new file mode 100644
index 0000000000..07c9008cdd
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/serverlogin.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/servermaintenance.webp b/docs/endpointprotector/admin/systemconfiguration/servermaintenance.webp
new file mode 100644
index 0000000000..6a693e0949
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/servermaintenance.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/setserverip.webp b/docs/endpointprotector/admin/systemconfiguration/setserverip.webp
new file mode 100644
index 0000000000..80c49dcc4b
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/setserverip.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/setserveriptwo.webp b/docs/endpointprotector/admin/systemconfiguration/setserveriptwo.webp
new file mode 100644
index 0000000000..ddde5846d6
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/setserveriptwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/setupagent.webp b/docs/endpointprotector/admin/systemconfiguration/setupagent.webp
new file mode 100644
index 0000000000..b7b7e25489
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/setupagent.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/setupagenttwo.webp b/docs/endpointprotector/admin/systemconfiguration/setupagenttwo.webp
new file mode 100644
index 0000000000..9d340ca1e8
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/setupagenttwo.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/siemintegrationnewserver.webp b/docs/endpointprotector/admin/systemconfiguration/siemintegrationnewserver.webp
new file mode 100644
index 0000000000..09b5ec1806
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/siemintegrationnewserver.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/siemserverintegration.webp b/docs/endpointprotector/admin/systemconfiguration/siemserverintegration.webp
new file mode 100644
index 0000000000..279347bb75
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/siemserverintegration.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/softwareupdate.webp b/docs/endpointprotector/admin/systemconfiguration/softwareupdate.webp
new file mode 100644
index 0000000000..45dcd256c3
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/softwareupdate.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/sshserver.webp b/docs/endpointprotector/admin/systemconfiguration/sshserver.webp
new file mode 100644
index 0000000000..dca14d1c32
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/sshserver.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/statistics.webp b/docs/endpointprotector/admin/systemconfiguration/statistics.webp
new file mode 100644
index 0000000000..fe3d5bf643
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/statistics.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/support.webp b/docs/endpointprotector/admin/systemconfiguration/support.webp
new file mode 100644
index 0000000000..9e64af79e3
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/support.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/synchfilters.webp b/docs/endpointprotector/admin/systemconfiguration/synchfilters.webp
new file mode 100644
index 0000000000..52001bee0e
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/synchfilters.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemalerts.webp b/docs/endpointprotector/admin/systemconfiguration/systemalerts.webp
new file mode 100644
index 0000000000..16e6c4eb99
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/systemalerts.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemalertshistory.webp b/docs/endpointprotector/admin/systemconfiguration/systemalertshistory.webp
new file mode 100644
index 0000000000..b941cae856
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/systemalertshistory.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/systembackup.webp b/docs/endpointprotector/admin/systemconfiguration/systembackup.webp
new file mode 100644
index 0000000000..d3ef5ece9a
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/systembackup.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemdashboard.md b/docs/endpointprotector/admin/systemconfiguration/systemdashboard.md
new file mode 100644
index 0000000000..bc1eb7581b
--- /dev/null
+++ b/docs/endpointprotector/admin/systemconfiguration/systemdashboard.md
@@ -0,0 +1,177 @@
+---
+title: "Server Functionality"
+description: "Server Functionality"
+sidebar_position: 20
+---
+
+# Server Functionality
+
+Once the Endpoint Protector Hardware or Virtual Appliance setup is complete, access the User
+Interface from the assigned IP address.
+
+The default Endpoint Protector Appliance IP address is https://192.168.0.201
+
+:::note
+Always use the IP address with HTTPS (Hypertext Transfer Protocol Secure).
+:::
+
+
+Use the default login credentials for the root account. To obtain the password, submit a support
+ticket through the
+[Netwrix Customer Portal](https://www.netwrix.com/sign_in.html?rf=my_products.html).
+
+For detailed information on settings change or creating additional administrators, refer to the
+[System Configuration](/docs/endpointprotector/admin/systemconfiguration/overview.md) topic.
+
+
+
+## Configuration Wizard
+
+The Configuration Wizard provides you with several steps to define basic settings. These include
+setting up the Server Time Zone, importing Licenses, Server Update or uploading Offline Patches,
+Global device rights, E-mail Server settings, Main Administrator details, etc. You can change these
+settings at any time.
+
+The Configuration Wizard is available only if the basic settings for the Endpoint Protector have
+never been configured.
+
+As an additional security measure, a session timeout is implemented for 300 seconds (5 minutes) of
+inactivity. If you are not active for this amount of time, you are notified the session will expire
+and logged out unless you select to continue the session.
+
+:::note
+You can customize the session timeout and timeout counter from the
+[System Configuration](/docs/endpointprotector/admin/systemconfiguration/overview.md) topic.
+:::
+
+
+
+
+## General Dashboard
+
+In this section, you can view general information as graphics and charts related to the most
+important activities logged by Endpoint Protector.
+
+You will view more specific dashboards on the Device Control, Content Aware Protection and eDiscovery
+sections.
+
+
+
+## System Status
+
+In this section you can view general information of the system’s functionality, alerts, and backup
+status.
+
+
+
+From the System Functionality section, you can enable Endpoint Protector, as well as just specific
+modules (Device Control, Content Aware Protection, or eDiscovery).
+
+
+
+From the System Status subsection, you can enable the HDD Disk Space and Log Rotation.
+
+:::note
+If this setting is enabled, when the Server’s disk space reaches a certain percentage
+(starting from 50% up to 90%), old logs will be automatically overwritten by the new ones.
+:::
+
+
+
+
+From the System Alerts subsection, you can enable important alerts notifying the expiration of the
+APNS Certificate, Updates, and Support or Passwords.
+
+
+
+From the System Backup subsection, you can enable the System Backup.
+
+
+
+## Server Update
+
+From this section, you can apply the latest security and Endpoint Protector Server offline
+updates. Starting with version 2509, the Live Update feature has been deprecated.
+
+:::note
+This feature communicates through port 80. Whitelist the liveupdate.endpointprotector.com
+(IP: 178.63.3.86) domain.
+:::
+
+
+
+
+### Software Update
+
+Use the Offline Patch upload option to select the offline patches from your computer and successively
+install them to the latest Endpoint Protector version.
+
+:::note
+To request the Offline Patch, submit a support ticket through the
+[Netwrix Customer Portal](https://www.netwrix.com/sign_in.html?rf=my_products.html).
+:::
+
+
+
+
+:::warning
+Before upgrading your Endpoint Protector server to the 5.7.0.0 server version from a
+pre-5206 version and adjacent OS image, you need to enable database partitions. For assistance,
+submit a support ticket through the
+[Netwrix Customer Portal](https://www.netwrix.com/sign_in.html?rf=my_products.html).[](https://support.endpointprotector.com/hc/en-us/requests/new)
+:::
+
+
+### Security Updates
+
+You can use this section to check and apply different types of security updates, view information on
+recent updates checked or installed, and a list of updates available.
+
+:::note
+The security update options will only be available for customer-hosted instances (e.g.
+AWS, Goggle, etc.) with the exception for Operating System and Kernel upgrades.
+:::
+
+
+:::note
+Updates are not tested beforehand but are pulled from the official Linux repository.
+:::
+
+
+To ensure the updates will not harm the system, follow these actions:
+
+- test the updates in a test environment first
+- make a VM snapshot
+- make a system backup from the System Maintenance, the System Backup v2 section
+
+Select one of the security updates type available and then click **Check Updates**:
+
+- Security – this will update all security-related updates of installed packages (Critical and High)
+- Other – this will download and apply any update available to 3rd party libraries, kernel, OS
+ packages and MySQL database
+- All Updates – this will download and apply Informational and Optional/Unclassified updates
+
+If there are updates available, click **Apply Updates**.
+
+
+
+:::note
+For history of applied Backend Updates go to admin action report and choose **Apply
+Updates** under Activity filter.
+:::
+
+
+:::note
+Due to patching nature, some updates may automatically restart the Endpoint Protector
+server or other sub-services in the background
+:::
+
+
+## Effective Rights
+
+In this section you can view currently applied Device Control or Content Aware Protection policies.
+Based on the options you select from the Effective Rights Criteria form, you can view information
+based on rights, users, computers, device types, specific devices, report type (PDF or XLS),
+including Outside Hours and Outside Network Policies, and more.
+
+Once the report is generated, from the Actions column, you can download or delete it.
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemextensionblocked.webp b/docs/endpointprotector/admin/systemconfiguration/systemextensionblocked.webp
new file mode 100644
index 0000000000..f50a6562e3
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/systemextensionblocked.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemfunctionality.webp b/docs/endpointprotector/admin/systemconfiguration/systemfunctionality.webp
new file mode 100644
index 0000000000..56c4a8f470
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/systemfunctionality.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemlicensing.md b/docs/endpointprotector/admin/systemconfiguration/systemlicensing.md
index c3deb9ad01..7da787812e 100644
--- a/docs/endpointprotector/admin/systemconfiguration/systemlicensing.md
+++ b/docs/endpointprotector/admin/systemconfiguration/systemlicensing.md
@@ -1,17 +1,17 @@
---
-title: "System Licensing"
-description: "System Licensing"
+title: "Licensing"
+description: "Licensing"
sidebar_position: 40
---
-# System Licensing
+# Licensing
This section provides a complete overview of your licensing status and allows you to manage licenses
for Modules, such as Content Aware Protection and eDiscovery, as well as Endpoints, the computers
you protect. You can import licenses, view details, and handle free trials, ensuring efficient and
flexible license management.
-
+
:::note
As of Endpoint Protector Version 5.9.0.0, a new subscription-based licensing system has
@@ -64,7 +64,7 @@ etc. or a custom value).
-To streamline license management within System Configuration, navigate to **System Licensing** and
+To streamline license management within System Configuration, navigate to **Licensing** and
discover the Serial Number field under the **View Licenses** section. In the licensing table, you
will find a Serial Number column. To customize your view, use the **Show/Hide Columns** button,
including a checkbox for "Serial Number" (defaulted to 'show'). This resolves issues with identical
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemsettings.md b/docs/endpointprotector/admin/systemconfiguration/systemsettings.md
index 9ff05f7867..0bb26f6120 100644
--- a/docs/endpointprotector/admin/systemconfiguration/systemsettings.md
+++ b/docs/endpointprotector/admin/systemconfiguration/systemsettings.md
@@ -80,8 +80,11 @@ By disabling this setting, you will delete the Default Group for Computers.
By disabling this setting, you will delete the Default Group for Users.
:::
+:::note
+Smart Group sync job interval: the default configured time is 60 min. There is a possible configuration time between that goes from 15 min up to 1440 minutes.
+:::
-
+
## Client Update Mechanism
diff --git a/docs/endpointprotector/admin/systemconfiguration/systemstatus.webp b/docs/endpointprotector/admin/systemconfiguration/systemstatus.webp
new file mode 100644
index 0000000000..d199a70ce8
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/systemstatus.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/testapplication.webp b/docs/endpointprotector/admin/systemconfiguration/testapplication.webp
new file mode 100644
index 0000000000..4351956d2b
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/testapplication.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/testsync.webp b/docs/endpointprotector/admin/systemconfiguration/testsync.webp
new file mode 100644
index 0000000000..1121925488
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/testsync.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/timezone.webp b/docs/endpointprotector/admin/systemconfiguration/timezone.webp
new file mode 100644
index 0000000000..a5e864543c
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/timezone.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/userremediation.webp b/docs/endpointprotector/admin/systemconfiguration/userremediation.webp
new file mode 100644
index 0000000000..4596950c25
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/userremediation.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/userremediationnotif.webp b/docs/endpointprotector/admin/systemconfiguration/userremediationnotif.webp
new file mode 100644
index 0000000000..a7a4431aa1
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/userremediationnotif.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/userremediationpopup.webp b/docs/endpointprotector/admin/systemconfiguration/userremediationpopup.webp
new file mode 100644
index 0000000000..7b2826a19f
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/userremediationpopup.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/userremediationsettings.webp b/docs/endpointprotector/admin/systemconfiguration/userremediationsettings.webp
new file mode 100644
index 0000000000..52c3ff5241
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/userremediationsettings.webp differ
diff --git a/docs/endpointprotector/admin/systemconfiguration/viewexportlist.webp b/docs/endpointprotector/admin/systemconfiguration/viewexportlist.webp
new file mode 100644
index 0000000000..e44f71a8ec
Binary files /dev/null and b/docs/endpointprotector/admin/systemconfiguration/viewexportlist.webp differ
diff --git a/docs/endpointprotector/admin/systemmaintenance/backup.md b/docs/endpointprotector/admin/systemmaintenance/backup.md
index 2476c0bab3..b41b0db2c0 100644
--- a/docs/endpointprotector/admin/systemmaintenance/backup.md
+++ b/docs/endpointprotector/admin/systemmaintenance/backup.md
@@ -130,8 +130,8 @@ downloaded before proceeding.
**Example**
The initial Endpoint Protector deployed was version 4.4.0.7. Over time, updates were applied though
-the Live Update section, bringing the appliance to Endpoint Protector version 5.2.0.6. While these
-constantly included patches and security updates, they did not include a full roll-out of a new core
+the Live Update section (deprecated starting with the 2509 version), bringing the appliance to Endpoint Protector version 5.2.0.6.
+While these constantly included patches and security updates, they did not include a full roll-out of a new core
OS version (e.g.: the appliance is still running on Ubuntu 14.04 LTS).
As Ubuntu 14.04 no longer receives security patches since 2019, those that want to migrate to a
diff --git a/docs/endpointprotector/install/updates.md b/docs/endpointprotector/install/updates.md
index 1f0b908882..2691d8fe04 100644
--- a/docs/endpointprotector/install/updates.md
+++ b/docs/endpointprotector/install/updates.md
@@ -6,7 +6,7 @@ sidebar_position: 60
# Updates
-Endpoint Protector updates are available through the Live Update or Offline Patches features. The
+Endpoint Protector updates are available through Offline Patches features. The
average size of an update is:
- Endpoint Protector Client for Windows ~ 50 MB
diff --git a/docs/endpointprotector/install/virtualappliance/autonetworkconfig.png b/docs/endpointprotector/install/virtualappliance/autonetworkconfig.png
new file mode 100644
index 0000000000..da0b96ab61
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/autonetworkconfig.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/New.png b/docs/endpointprotector/install/virtualappliance/formats/New.png
new file mode 100644
index 0000000000..6986a465bc
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/New.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/beforeyoubegin.png b/docs/endpointprotector/install/virtualappliance/formats/beforeyoubegin.png
new file mode 100644
index 0000000000..2cd5af4e44
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/beforeyoubegin.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/defaultswitch.png b/docs/endpointprotector/install/virtualappliance/formats/defaultswitch.png
new file mode 100644
index 0000000000..e1148c3b14
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/defaultswitch.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/generation.png b/docs/endpointprotector/install/virtualappliance/formats/generation.png
new file mode 100644
index 0000000000..8f249234df
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/generation.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/harddisk.png b/docs/endpointprotector/install/virtualappliance/formats/harddisk.png
new file mode 100644
index 0000000000..81b869fbe2
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/harddisk.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/hypervtools.md b/docs/endpointprotector/install/virtualappliance/formats/hypervtools.md
index ccc8d880fb..561e93b2cc 100644
--- a/docs/endpointprotector/install/virtualappliance/formats/hypervtools.md
+++ b/docs/endpointprotector/install/virtualappliance/formats/hypervtools.md
@@ -13,69 +13,40 @@ Microsoft environments.
Follow the steps below to get started with your implementation.
-**Step 1 –** Extract the downloaded Endpoint Protector Virtual Appliance .zip package.
+**Step 1 –** Extract the downloaded Endpoint Protector Virtual Appliance .zip package to a location other than the *Documents* or *Downloads* folder and make sure you have ownership of that folder.
-**Step 2 –** Start Hyper-V Manager.
+**Step 2 -** Open **Hyper-V Manager.**
-**Step 3 –** From the panel on the right, select the **Import Virtual Machine** option.
+**Step 3 -** On the right sidebar of the application: click on **New \> Virtual Machine**.
-
+
-**Step 4 –** Click **Next**.
+**Step 4 -** On the **Before You Begin** screen, click **Next**.
-**Step 5 –** Browse and select the Endpoint Protector Virtual Appliance folder, containing.
+
-- Snapshots
-- Virtual Hard Disks
-- Virtual Machines
+**Step 5 -** On the **Specify Name and Location**, give your machine a name then click **Next**.
-
+
-
+**Step 6 -** On **Specify Generation**, choose **Generation 1**.
-**Step 6 –** Click **Next**.
+
-**Step 7 –** On the Select Virtual Machine section, select the Endpoint Protector Virtual Appliance,
-then click **Next**.
+**Step 7 -** On **Assign Memory** screen leave the by default memory or make the change you want then click **Next**.
-
+
-**Step 8 –** On the Choose Import Type section, select the **Copy the virtual machine (create a new
-unique ID) option**. Click **Next**.
+Step 8 - On **Configure Networking screen \> Connection**, choose **Default Switch**.
-
+
-**Step 9 –** In the 'Choose Folders for Virtual Machine Files' section, select **Store the virtual
-machine in a different location**, then specify the desired paths in the three input fields. Click
-**Next** to proceed.
+**Step 9 -** On **Connect Virtual Hard Disk** choose **Use an existing virtual disk**. It is recommended to choose a folder where you have ownership. You can use the location from **Step 1**.
-
+
-**Step 10 –** On the Choose Folders to Store Virtual Hard Disks section, set the desired path for
-storing imported virtual hard disk. Click **Next**.
+**Step 10 -** Click **Next**.
-
+
-:::warning
-If you get to the Get Memory step, it means you have insufficient memory on the Hyper-V
-Host. Please abort the process here and either increase memory on the Host or choose another Host to
-import the Endpoint Protector Virtual Appliance on.
-:::
-
-
-
-
-**Step 11 –** On the first Connect Network step, please mention the virtual switch you want to use
-for the first virtual network interface, changing it from ‘Not Connected’ to desired one. Click
-**Next**.
-
-
-
-**Step 12 –** On the second Connect Network step, please mention the virtual switch you want to use
-for the second virtual network interface. You may use the same one you have used at the previous
-step. Click **Next**.
-
-
-
-**Step 13 –** On the Completing Import Wizard step, check that the settings are the ones wanted.
-Click **Finish**. The new Virtual Machine will display in the Virtual Machines list.
+**Step 11 -** Click **Finish** and end the process.
diff --git a/docs/endpointprotector/install/virtualappliance/formats/memory.png b/docs/endpointprotector/install/virtualappliance/formats/memory.png
new file mode 100644
index 0000000000..aadaa2c887
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/memory.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/namelocation.png b/docs/endpointprotector/install/virtualappliance/formats/namelocation.png
new file mode 100644
index 0000000000..e4be3e9d17
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/namelocation.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/formats/summary.png b/docs/endpointprotector/install/virtualappliance/formats/summary.png
new file mode 100644
index 0000000000..d5f84ba06a
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/formats/summary.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/manualnetworkconfig.png b/docs/endpointprotector/install/virtualappliance/manualnetworkconfig.png
new file mode 100644
index 0000000000..da0b96ab61
Binary files /dev/null and b/docs/endpointprotector/install/virtualappliance/manualnetworkconfig.png differ
diff --git a/docs/endpointprotector/install/virtualappliance/setupwizard.md b/docs/endpointprotector/install/virtualappliance/setupwizard.md
index ac86e91635..8d077fd28a 100644
--- a/docs/endpointprotector/install/virtualappliance/setupwizard.md
+++ b/docs/endpointprotector/install/virtualappliance/setupwizard.md
@@ -10,8 +10,6 @@ The Endpoint Protector Appliance requires incoming traffic for ports 443 inbound
from the firewall. They are used for:
- Endpoint Protector Server and Client communication: 443 inbound
-- Live Update (liveupdate.endpointprotector.com): 80 & 443 outbound to this single address
- (178.63.3.86/32)
Follow the steps to configure the Endpoint Protector Appliance for the first time.
@@ -30,12 +28,10 @@ Follow the steps to configure the Endpoint Protector Appliance for the first t
**Step 4 –** The configuration methods are now available.
:::warning
-We recommend a manual configuration of the network settings.
+Starting with version 2509, only the manual configuration option is available. Also for older versions, we recommend a manual configuration of the network settings.
:::
-
-
## Manual Configuration
For precise control, use manual configuration to set the IP address and default gateway, ensuring
@@ -43,7 +39,7 @@ the appliance is correctly set up and accessible.
**Step 1 –** Select **Configure Network manually** (recommended).
-
+
**Step 2 –** Set the IP Address, and Default Gateway (in our example we set the IP Address as
192.168.7.94 and the Default Gateway as 192.168.7.1).
@@ -56,11 +52,3 @@ the appliance is correctly set up and accessible.
**Step 4 –** Select **Apply**. The virtual appliance is now accessible from the configured IP
Address. (e.g., https:// 192.168.7.94).
-
-## Automatic Configuration
-
-Select **configure network automatically**, and click **Enter**.
-
-
-
-The IP Address and Default Gateway will be configured automatically.
diff --git a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md
index 54a0a6c98b..094489891f 100644
--- a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md
+++ b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md
@@ -20,8 +20,8 @@ knowledge_article_id: ka0Qk000000GIqbIAG
# Upgrading Access Information Center (AIC)
> **NOTE:**
-> - Return to the main workflow page: [Access Analyzer Upgrade Workflow](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md).
-> - Return to the previous section: [Access Analyzer Upgrade Workflow — Post-Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md).
+> - Return to the main workflow page: [Access Analyzer Upgrade Workflow Articles](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md).
+> - Return to the previous section: [Completing Access Analyzer Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md).
## Overview
diff --git a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md
index 19bd1602ed..3b5a9716b3 100644
--- a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md
+++ b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md
@@ -20,9 +20,9 @@ knowledge_article_id: ka0Qk000000GIozIAG
# Completing Access Analyzer Upgrade
> **NOTE:**
-> - Return to the main workflow page: [Access Analyzer Upgrade Workflow](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md).
-> - Return to the previous section: [Access Analyzer Upgrade Workflow — Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md).
-> - Proceed to the next section: [Access Analyzer Upgrade Workflow — Access Information Center](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md).
+> - Return to the main workflow page: [Access Analyzer Upgrade Workflow Articles](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md).
+> - Return to the previous section: [Upgrading Access Analyzer](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md).
+> - Proceed to the next section: [Upgrading Access Information Center (AIC)](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md).
diff --git a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md
index 939381739c..83c2f3bb7b 100644
--- a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md
+++ b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md
@@ -20,8 +20,8 @@ knowledge_article_id: ka0Qk000000GIllIAG
# Preparing for Access Analyzer Upgrade
-> **NOTE:** Return to the main workflow page here: [Access Analyzer Upgrade Workflow](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md).
-> Proceed to the next section: [Access Analyzer Upgrade Workflow — Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md).
+> **NOTE:** Return to the main workflow page here: [Access Analyzer Upgrade Workflow Articles](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md).
+> Proceed to the next section: [Upgrading Access Analyzer](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md).
## Overview
diff --git a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md
index 4871a5babd..c694aacc4f 100644
--- a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md
+++ b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md
@@ -20,9 +20,9 @@ knowledge_article_id: ka0Qk000000GInNIAW
# Upgrading Access Analyzer
> **NOTE:**
-> - Return to the main workflow page: [Access Analyzer Upgrade Workflow](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md)
-> - Return to the previous section: [Access Analyzer Upgrade Workflow — Preparations](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md)
-> - Proceed to the next section: [Access Analyzer Upgrade Workflow — Post-Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md)
+> - Return to the main workflow page: [Access Analyzer Upgrade Workflow Articles](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md)
+> - Return to the previous section: [Preparing for Access Analyzer Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md)
+> - Proceed to the next section: [Completing Access Analyzer Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md)
## Overview
diff --git a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md
index c96acedfa6..982350e10b 100644
--- a/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md
+++ b/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow.md
@@ -22,7 +22,7 @@ knowledge_article_id: ka0Qk000000DYiDIAW
This article outlines the upgrade workflow for **Netwrix Access Analyzer**. Refer to the following articles for detailed steps:
-1. [Access Analyzer Upgrade Workflow — Preparations](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md)
-2. [Access Analyzer Upgrade Workflow — Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md)
-3. [Access Analyzer Upgrade Workflow — Post-Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md)
-4. [Access Analyzer Upgrade Workflow — Access Information Center](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md)
+1. [Preparing for Access Analyzer Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-preparations.md)
+2. [Upgrading Access Analyzer](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-upgrade.md)
+3. [Completing Access Analyzer Upgrade](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-post-upgrade.md)
+4. [Upgrading Access Information Center (AIC)](/docs/kb/accessanalyzer/access-analyzer-upgrade-workflow-aic.md)
diff --git a/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md b/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md
index 67b0c24b88..7960890c2f 100644
--- a/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md
+++ b/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md
@@ -38,7 +38,7 @@ This article lists the steps to prepare the Netwrix Access Analyzer database for
For Host Management and Host List Replication, follow these steps to restore the backup of the Access Analyzer console to a new server.
-> **IMPORTANT:** This only applies if the new server name differs from the old server name; otherwise, skip to [Access Analyzer Console Migration Workflow: Step 3 - Rebuild the Console](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001T1ZKAU.html).
+> **IMPORTANT:** This only applies if the new server name differs from the old server name; otherwise, skip to [Access Analyzer Console Migration Workflow: Step 3 - Rebuild the Console](/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md).
On the Access Analyzer Database, copy the script below and configure the `OldServer` and `NewServer` values (lines 5 & 6, below), then run:
diff --git a/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md b/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md
index 09a5e27ee8..d5e5346308 100644
--- a/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md
+++ b/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md
@@ -24,10 +24,9 @@ knowledge_article_id: kA0Qk0000002Or3KAE
> **NOTE:** Return to the main workflow page via this link: [Console Migration Workflow](/docs/kb/accessanalyzer/console-migration-workflow.md).
>
-> Return to the previous section via this link: [Console Migration Workflow: Step 2—Prepare the Database](/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md).
+> Return to the previous section via this link: [Console Migration Workflow: Step 2—Prepare the Database](/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md)
>
-> Proceed to the next section via this link: [Console Migration Workflow: Step 4—Validating the Migration](/docs/kb/accessanalyzer/console-migration-workflow-step-4-validate-the-migration.md)
-
+> Proceed to the next section via this link: [Console Migration Workflow: Step 4—Validate the Migration](/docs/kb/accessanalyzer/console-migration-workflow-step-4-validate-the-migration.md).
## Overview
This article lists the steps for rebuilding the Netwrix Access Analyzer console during the Access Analyzer Migration.
@@ -37,7 +36,7 @@ This article lists the steps for rebuilding the Netwrix Access Analyzer console
Follow the steps below to rebuild the Access Analyzer Console on the new server. Before installation, ensure that the `NAA_Migration` folder with the `StealthAUDIT.lic` license file is stored locally on the new Access Analyzer Console so it can be referenced during the installation process.
1. Confirm that the prerequisites have been met on the Access Analyzer Console Server.
- - Netwrix Help Center | Netwrix Access Analyzer 12.0 System Requirements: https://docs.netwrix.com/docs/accessanalyzer/12_0
+ - [Netwrix Access Analyzer 12.0 System Requirements](https://docs.netwrix.com/docs/accessanalyzer/12_0)
2. Install the Access Analyzer application, as well as the Access Information Center (AIC) application if the server will host both.
> IMPORTANT: Do **NOT** start the Access Analyzer or AIC applications at this time.
@@ -64,36 +63,36 @@ Follow the steps below to rebuild the Access Analyzer Console on the new server.
| `%SAInstallDir%\FSAA` | Contains short-term data related to file server collections |
| `C:\Windows\System32\Tasks` | Specifically task names beginning with `SA*.job` |
-2. After you have copied the Reports folder from the old server to the new one, change the report hostname path to show it in the web server:
+2. After you have copied the Reports folder from the old server to the new one, change the report hostname path to show it in the web server:
` %SAInstallDir%Reports\v3\`
3. After you have copied the Scheduled Tasks to `C:\Windows\System32\Tasks`, run the script below from an Admin PowerShell to register them:
```powershell
-$InstallPath=Get-ItemPropertyValue -Path HKLM:\SOFTWARE\WOW6432Node\STEALTHbits\StealthAUDIT -Name 'InstallPath'
-$NewServerInstallerPath =$InstallPath+'StealthAuditStart.exe'
-$ScheduledTaskFilePath="C:\Windows\System32\Tasks"
-
-Get-ChildItem -Path $ScheduledTaskFilePath -Filter SA*.job | Foreach-Object {
-
-$content = [xml] (Get-Content $_.FullName)
-$oldServerInstallerPath= $content.Task.Actions.Exec.Command
-
-If($oldServerInstallerPath -ne $NewServerInstallerPath)
-{
- $Content.Task.Actions.Exec.Command = $NewServerInstallerPath
- $Content.Save($_.FullName)
-}
-
-$taskName = ([System.IO.Path]::GetFileNameWithoutExtension($_.FullName))
-$TaskExist=Get-ScheduledTask -TaskName $taskName -ErrorAction SilentlyContinue
-
-if (!$TaskExist)
-{
-$UserID=$Content.Task.Principals.Principal.UserId
-Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $taskName -User $UserID -Force
-}
- }
+$InstallPath=Get-ItemPropertyValue -Path HKLM:\SOFTWARE\WOW6432Node\STEALTHbits\StealthAUDIT -Name 'InstallPath'
+$NewServerInstallerPath =$InstallPath+'StealthAuditStart.exe'
+$ScheduledTaskFilePath="C:\Windows\System32\Tasks"
+
+Get-ChildItem -Path $ScheduledTaskFilePath -Filter SA*.job | Foreach-Object {
+
+$content = [xml] (Get-Content $_.FullName)
+$oldServerInstallerPath= $content.Task.Actions.Exec.Command
+
+If($oldServerInstallerPath -ne $NewServerInstallerPath)
+{
+ $Content.Task.Actions.Exec.Command = $NewServerInstallerPath
+ $Content.Save($_.FullName)
+}
+
+$taskName = ([System.IO.Path]::GetFileNameWithoutExtension($_.FullName))
+$TaskExist=Get-ScheduledTask -TaskName $taskName -ErrorAction SilentlyContinue
+
+if (!$TaskExist)
+{
+$UserID=$Content.Task.Principals.Principal.UserId
+Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $taskName -User $UserID -Force
+}
+ }
```
4. Open `\NAA_Migration\NAA\Web\webserver.exe.config` and copy the content between `` and paste it in place of the `` block in `%SAInstallDir%Web\webserver.exe.config`.
@@ -118,7 +117,7 @@ Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $ta
- 1. See the following for more information on the Netwrix Access Analyzer Configuration Wizard: Access Analyzer Initial Configuration — https://docs.netwrix.com/docs/accessanalyzer/12_0
+ 1. See the following for more information on the Netwrix Access Analyzer Configuration Wizard: [Access Analyzer Initial Configuration](https://docs.netwrix.com/docs/accessanalyzer/12_0)
7. After completing the Configuration Wizard, the Access Analyzer Application should open automatically.
@@ -132,19 +131,18 @@ Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $ta
If using any of the below, please recreate the certificate for the new NAA Console Server:
-- Netwrix Access Analyzer for SharePoint Online: https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Netwrix Access Analyzer for Exchange Online: https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Secured Published Reports Site (HTTPS): https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Secured AIC Site (HTTPS): https://docs.netwrix.com/docs/accessanalyzer/12_0
-
+- [Netwrix Access Analyzer for SharePoint Online](https://docs.netwrix.com/docs/accessanalyzer/12_0/requirements/sharepoint/sharepoint/sharepointonline/activity)
+- [Netwrix Access Analyzer for Exchange Online](https://docs.netwrix.com/docs/accessanalyzer/12_0/requirements/exchange/exchangeonline/access)
+- [Secured Published Reports Site (HTTPS)](https://docs.netwrix.com/docs/accessanalyzer/12_0/admin/settings/access/rolebased/securereports)
+- [Secured AIC Site (HTTPS)](https://docs.netwrix.com/docs/accessinformationcenter/12_0/installation/secure)
## Related Links
-- Console Migration Workflow: /docs/kb/accessanalyzer/console-migration-workflow
-- Console Migration Workflow: Step 2—Prepare the Database: /docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database
-- Console Migration Workflow: Step 4—Validating the Migration: /docs/kb/accessanalyzer/console-migration-workflow-step-4-validate-the-migration
-- Netwrix Help Center | Netwrix Access Analyzer 12.0 System Requirements: https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Access Analyzer Initial Configuration: https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Netwrix Access Analyzer for SharePoint Online: https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Netwrix Access Analyzer for Exchange Online: https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Secured Published Reports Site (HTTPS): https://docs.netwrix.com/docs/accessanalyzer/12_0
-- Secured AIC Site (HTTPS): https://docs.netwrix.com/docs/accessanalyzer/12_0
+- [Console Migration Workflow](/docs/kb/accessanalyzer/console-migration-workflow.md)
+- [Console Migration Workflow: Step 2—Prepare the Database](/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md)
+- [Console Migration Workflow: Step 4—Validate the Migration](/docs/kb/accessanalyzer/console-migration-workflow-step-4-validate-the-migration.md)
+- [Netwrix Access Analyzer 12.0 System Requirements](https://docs.netwrix.com/docs/accessanalyzer/12_0)
+- [Access Analyzer Initial Configuration](https://docs.netwrix.com/docs/accessanalyzer/12_0)
+- [Netwrix Access Analyzer for SharePoint Online](https://docs.netwrix.com/docs/accessanalyzer/12_0/requirements/sharepoint/sharepoint/sharepointonline/activity)
+- [Netwrix Access Analyzer for Exchange Online](https://docs.netwrix.com/docs/accessanalyzer/12_0/requirements/exchange/exchangeonline/access)
+- [Secured Published Reports Site (HTTPS)](https://docs.netwrix.com/docs/accessanalyzer/12_0/admin/settings/access/rolebased/securereports)
+- [Secured AIC Site (HTTPS)](https://docs.netwrix.com/docs/accessinformationcenter/12_0/installation/secure)
diff --git a/docs/kb/accessanalyzer/console-migration-workflow.md b/docs/kb/accessanalyzer/console-migration-workflow.md
index 62a21ae686..31809244c1 100644
--- a/docs/kb/accessanalyzer/console-migration-workflow.md
+++ b/docs/kb/accessanalyzer/console-migration-workflow.md
@@ -27,7 +27,7 @@ knowledge_article_id: kA0Qk0000002OmDKAU
This article outlines the upgrade workflow for Netwrix Access Analyzer. Refer to the following list of articles:
-1. [Access Analyzer Console Migration Workflow: Step 1 - Staging the Backup](/docs/kb/accessanalyzer/console-migration-workflow-step-1-staging-the-backup.md)
-2. [Access Analyzer Console Migration Workflow: Step 2 - Prepare the Database](/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md)
-3. [Access Analyzer Console Migration Workflow: Step 3 - Rebuild the Console](/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md)
-4. [Access Analyzer Console Migration Workflow: Step 4 - Validate the Migration](/docs/kb/accessanalyzer/console-migration-workflow-step-4-validate-the-migration.md)
+1. [Console Migration Workflow: Step 1—Staging the Backup](/docs/kb/accessanalyzer/console-migration-workflow-step-1-staging-the-backup.md)
+2. [Console Migration Workflow: Step 2—Prepare the Database](/docs/kb/accessanalyzer/console-migration-workflow-step-2-prepare-the-database.md)
+3. [Console Migration Workflow: Step 3—Rebuild the Console](/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md)
+4. [Console Migration Workflow: Step 4—Validate the Migration](/docs/kb/accessanalyzer/console-migration-workflow-step-4-validate-the-migration.md)
diff --git a/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md b/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md
index c47b7bb493..317ed32aa0 100644
--- a/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md
+++ b/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md
@@ -27,7 +27,7 @@ You have used the **Remove host data** option in the **FILESYSTEMACCESS** Data C
Re-run the job used to remove the host data against the full **!Removed-…** name.
-- This is typically a custom job that was created. If you are unsure what job was run, please see the following article for how to create a custom job to drop File Server host data: [How to Drop Data for Decommissioned File Servers](/docs/kb/activitymonitor/dropping_file_system_data.md).
+- This is typically a custom job that was created. If you are unsure what job was run, please see the following article for how to create a custom job to drop File Server host data: [How to Drop File System Data from Netwrix Access Analyzer](/docs/kb/activitymonitor/dropping_file_system_data.md).
- If you have already rerun the job and it throws a timeout error, then change the job timeout to a longer value.
@@ -37,4 +37,4 @@ Re-run the job used to remove the host data against the full **!Removed-…** na
## Related Article
-- [How to Drop Data for Decommissioned File Servers](/docs/kb/activitymonitor/dropping_file_system_data.md)
\ No newline at end of file
+- [How to Drop File System Data from Netwrix Access Analyzer](/docs/kb/activitymonitor/dropping_file_system_data.md)
\ No newline at end of file
diff --git a/docs/kb/accessanalyzer/out-of-scope_resources_still_appear_in_the_aic_or_reporting_console_after_scoping_changes.md b/docs/kb/accessanalyzer/out-of-scope_resources_still_appear_in_the_aic_or_reporting_console_after_scoping_changes.md
index ec631a68d1..19c384dd1f 100644
--- a/docs/kb/accessanalyzer/out-of-scope_resources_still_appear_in_the_aic_or_reporting_console_after_scoping_changes.md
+++ b/docs/kb/accessanalyzer/out-of-scope_resources_still_appear_in_the_aic_or_reporting_console_after_scoping_changes.md
@@ -28,7 +28,7 @@ Scoping options are applied at the time of a scan and are used to determine whic
If you no longer want to retain or see data for out-of-scope resources:
1. **Delete all File System data** for the specific host from the database.
- - See the following article for instructions to drop data for a specific file server: [Dropping File System Data](/docs/kb/activitymonitor/dropping_file_system_data.md).
+ - See the following article for instructions to drop data for a specific file server: [How to Drop File System Data from Netwrix Access Analyzer](/docs/kb/activitymonitor/dropping_file_system_data.md).
2. **Rescan the host** with the updated scoping rules in place.
- This will ensure that only resources matching the current scoping criteria are imported and retained going forward.
@@ -37,4 +37,4 @@ If you no longer want to retain or see data for out-of-scope resources:
## Related Link
-- [Dropping File System Data](/docs/kb/activitymonitor/dropping_file_system_data.md)
\ No newline at end of file
+- [How to Drop File System Data from Netwrix Access Analyzer](/docs/kb/activitymonitor/dropping_file_system_data.md)
\ No newline at end of file
diff --git a/docs/kb/activitymonitor/displays_data_for_resources_that_are_out_of_scope.md b/docs/kb/activitymonitor/displays_data_for_resources_that_are_out_of_scope.md
index 40f88e42a9..474d87a6ba 100644
--- a/docs/kb/activitymonitor/displays_data_for_resources_that_are_out_of_scope.md
+++ b/docs/kb/activitymonitor/displays_data_for_resources_that_are_out_of_scope.md
@@ -33,7 +33,7 @@ There are two options for removing out-of-scope data:
Netwrix Support can assist with dropping all file system data for the specified host. This removes all collected data for that host, not just the out-of-scope folders.
-Refer to [Dropping File System Data](/docs/kb/activitymonitor/dropping_file_system_data.md) for detailed instructions.
+Refer to [How to Drop File System Data from Netwrix Access Analyzer](/docs/kb/activitymonitor/dropping_file_system_data.md) for detailed instructions.
**Considerations:**
@@ -55,4 +55,4 @@ For more granular removal (e.g., specific folders or paths), a one-time cleanup
## Related Link
-- [Dropping File System Data](/docs/kb/activitymonitor/dropping_file_system_data.md)
\ No newline at end of file
+- [How to Drop File System Data from Netwrix Access Analyzer](/docs/kb/activitymonitor/dropping_file_system_data.md)
\ No newline at end of file
diff --git a/docs/kb/activitymonitor/dropping_file_system_data.md b/docs/kb/activitymonitor/dropping_file_system_data.md
index 9561417cae..f6e0b89eab 100644
--- a/docs/kb/activitymonitor/dropping_file_system_data.md
+++ b/docs/kb/activitymonitor/dropping_file_system_data.md
@@ -75,9 +75,9 @@ A file server has been decommissioned, and/or its data is no longer needed in th
19. Navigate to the **`%SAInstallDir%FSAA`** folder on the Access Analyzer console and remove the folder for the dropped host.
> **NOTE:** If using an applet or proxy for file system scanning, the host folder should also be removed from the same location on the applet/proxy server.
-> **IMPORTANT:** If this job returns a time-out error, refer to the following article to resolve it: [!REMOVED-...Host Name in AIC and/or FSAA Host Table](/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md).
+> **IMPORTANT:** If this job returns a time-out error, refer to the following article to resolve it: [Error: !REMOVED- Host Name in AIC and/or FSAA Host Table](/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md).
## Related Links
- [How to Remove Servers from Host Lists](/docs/kb/accessanalyzer/how-to-remove-servers-from-host-lists.md)
-- [!REMOVED-...Host Name in AIC and/or FSAA Host Table](/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md)
\ No newline at end of file
+- [Error: !REMOVED- Host Name in AIC and/or FSAA Host Table](/docs/kb/accessanalyzer/error-removed-host-name-in-aic-andor-fsaa-host-table.md)
\ No newline at end of file
diff --git a/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md b/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md
index 8109a11ac2..6e55ec7dff 100644
--- a/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md
+++ b/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md
@@ -24,11 +24,10 @@ knowledge_article_id: kA00g000000H9SmCAK
This article contains references to the most popular Active Directory, Exchange, and Group Policy changes which may be reported as made by **System** by Netwrix Auditor:
-- [Who Changed Shows System for Real Time Alerts](/docs/kb/auditor/alert-reported-change-made-by-system.md).
+- [Alert Reported Change Made by System](/docs/kb/auditor/alert-reported-change-made-by-system.md).
- [System Changed Object Path after Account Name Change](/docs/kb/auditor/system-changed-object-path-after-account-name-change.md).
- [System Changed Client Operating System](/docs/kb/auditor/system-changed-client-operating-system.md).
-- [Active Directory Changes Duplicated in Reports with System and Unknown](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9RyCAK.html).
- [System Changed Directory Objects for Foreign Security Principals](/docs/kb/auditor/system-changed-directory-objects-for-foreign-security-principals.md).
-- Workstation Field Reported as Unknown.
+- [Workstation Field Reported as Unknown](/docs/kb/auditor/workstation-field-reported-as-unknown.md)
- [Duplicate Configuration and Schema Changes for All Monitored Domains in Forest Made by System](/docs/kb/auditor/duplicate-configuration-and-schema-changes-for-all-monitored-domains-in-forest-made-by-system.md).
- [System Changed Service Principle Name Attribute](/docs/kb/auditor/system-changed-service-principle-name-attribute.md).
diff --git a/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md b/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md
index 9bab8d2e06..a25169f7f3 100644
--- a/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md
+++ b/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md
@@ -53,8 +53,7 @@ Refer to the following steps to troubleshoot the SQL Server-based causes:
1. In the main Netwrix Auditor screen, select **Health Status** and click **View details** in the **Database Statistics** pane.
2. Review the database states. If a database state reads **Failed to store data**, review the database details.
- > **IMPORTANT:** The SQL Server Express databases have a 10 GB size limit. In case the affected database states **Failed to store data** with the size limit of **10 GB**, refer to the following article: /docs/kb/auditor/sql-server-express-database-size-reached-10gb (SQL Server Express Database Size Reached 10GB).
-
+ > **IMPORTANT:** The SQL Server Express databases have a 10 GB size limit. In case the affected database states **Failed to store data** with the size limit of **10 GB**, refer to the following article: [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md)
3. If multiple or all databases state **Failed to store data** with no size limits, refer to the following troubleshooting steps.
2. Verify that the SQL Server instance is available.
3. Verify the credentials of the SQL Server instance account:
@@ -75,14 +74,14 @@ Refer to the following steps to troubleshoot the Long-Term Archive-based causes:
1. In the main Netwrix Auditor screen, select **Settings** > **Long-Term Archive**.
2. Click **Modify** under the **Location and Retention Settings** section.
3. Verify the account credentials. Click **OK** to save the changes.
-3. If using a custom account to connect to the Long-Term Account, assign the permissions to the account used. Refer to the following article for additional information on required permissions: https://docs.netwrix.com/docs/auditor/10_8 Repository for Long-Term Archive — Assign Permissions on the Long-Term Archive Folder · v10.6).
+3. If using a custom account to connect to the Long-Term Account, assign the permissions to the account used. Refer to the following article for additional information on required permissions: [Configure Long-Term Archive Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/longtermarchive#configure-long-term-archive-account).
### Other Causes
-Verify that the Audit Database account has the correct permissions—refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8 for SQL Server to Store Audit Data — Configure Audit Database Account · v10.6).
+Verify that the Audit Database account has the correct permissions—refer to the following article for additional information: [Configure Audit Database Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver#configure-audit-database-account).
## Related Articles
-- /docs/kb/auditor/sql-server-express-database-size-reached-10gb (SQL Server Express Database Size Reached 10GB)
-- https://docs.netwrix.com/docs/auditor/10_8 for SQL Server to Store Audit Data — Configure Audit Database Account · v10.6)
-- https://docs.netwrix.com/docs/auditor/10_8 Repository for Long-Term Archive — Assign Permissions on the Long-Term Archive Folder · v10.6)
+- [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md)
+- [Configure Audit Database Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver#configure-audit-database-account)
+- [Configure Long-Term Archive Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/longtermarchive#configure-long-term-archive-account)
diff --git a/docs/kb/auditor/backup-recommendations.md b/docs/kb/auditor/backup-recommendations.md
index 19c9824a79..9d85342fcc 100644
--- a/docs/kb/auditor/backup-recommendations.md
+++ b/docs/kb/auditor/backup-recommendations.md
@@ -46,9 +46,9 @@ configserverDbProcessor.exe export -target "C:\NA_Backups\naconfig.xml"
4. Once the components are backed up, you can store them in any location to use once needed.
-For additional information on import, refer to the following article: Migrating Netwrix Auditor to New Server /docs/kb/auditor/migrating-auditor-to-new-server).
+For additional information on import, refer to the following article: [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md).
## Related articles
-- Migrating Netwrix Auditor to New Server: /docs/kb/auditor/migrating-auditor-to-new-server
-- How to Move Long-Term Archive to a New Location: /docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location
+- [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md)
+- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
diff --git a/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md b/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md
index fd29373b56..9bd884c2d6 100644
--- a/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md
+++ b/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md
@@ -40,12 +40,12 @@ The error appears when the **Remote Registry Service** was disabled on the targe
To resolve the error, do the following:
-1. Enable the **Remote Registry Service** referencing the following article: https://docs.netwrix.com/docs/auditor/10_8 — Windows File Servers — Enable Remote Registry Service — v10.6).
+1. Enable the **Remote Registry Service** referencing the following article: [Windows File Servers — Enable Remote Registry Service — v10.8.](https://docs.netwrix.com/docs/auditor/10_8/configuration/fileservers/windows/remoteregistryservice)
2. Reboot Netwrix Auditor Server.
After that, the **Netwrix Auditor Application Deployment Service** appears on the target file server. Depending on the amount of audited data, further data collection may take a while.
### Related Articles
-- /docs/kb/auditor/how-to-investigate-compression-services-errors — How to Investigate Compression Services Errors.
-- https://docs.netwrix.com/docs/auditor/10_8 Configuration — Windows File Servers — Enable Remote Registry Service — v10.6.
+- [How to Investigate Compression Services Errors](/docs/kb/auditor/how-to-investigate-compression-services-errors.md)
+- [Windows File Servers — Enable Remote Registry Service — v10.8.](https://docs.netwrix.com/docs/auditor/10_8/configuration/fileservers/windows/remoteregistryservice)
diff --git a/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md b/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md
index 9ad6ea2517..f181d99de4 100644
--- a/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md
+++ b/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md
@@ -53,7 +53,7 @@ This error may also affect the state-in-time snapshot collection, the SQL Server
### Cause #1 – Firewall Settings
-Verify the firewall settings in your environment. For additional information on ports required for SQL Server monitoring, see SQL Server – SQL Server Ports · v10.7: https://docs.netwrix.com/docs/auditor/10_8/configuration/sqlserver/overview
+Verify the firewall settings in your environment. For additional information on ports required for SQL Server monitoring, see SQL Server – [SQL Server Ports](https://docs.netwrix.com/docs/auditor/10_8/configuration/sqlserver/ports)
### Cause #2 – SQL Server Service Accounts and SPN Registration
@@ -98,16 +98,16 @@ If you are unable to resolve the issue with SPN registration, and if your scenar
### Cause #3 – Different TLS Protocol Versions
-Allow the operating systems to select the protocol for incoming and outgoing communication on both your Netwrix Auditor and SQL servers. For more information, see Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm: /docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm
+Allow the operating systems to select the protocol for incoming and outgoing communication on both your Netwrix Auditor and SQL servers. For more information, see Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md)
### Cause #4 – SQL and Netwrix Auditor Servers Time Difference
-Synchronize the time on both SQL and Netwrix Auditor servers to eliminate clock skew. For more information, see Clock Skew Is Too Great: /docs/kb/auditor/clock-skew-is-too-great
+Synchronize the time on both SQL and Netwrix Auditor servers to eliminate clock skew. For more information, see Clock Skew Is Too Great: [Clock Skew Is Too Great](/docs/kb/auditor/clock-skew-is-too-great.md)
## Related Articles
-- SQL Server – SQL Server Ports · v10.7: https://docs.netwrix.com/docs/auditor/10_8/configuration/sqlserver/overview
+- [SQL Server Ports](https://docs.netwrix.com/docs/auditor/10_8/configuration/sqlserver/ports)
- Cannot Generate SSPI Context – Fix the Error with Kerberos Configuration Manager · Microsoft: https://learn.microsoft.com/en-US/troubleshoot/sql/database-engine/connect/cannot-generate-sspi-context-error#fix-the-error-with-kerberos-configuration-manager-recommended
- Register Service Principal Name for Kerberos Connections – Automatic SPN Registration · Microsoft: https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/register-a-service-principal-name-for-kerberos-connections?view=sql-server-ver16#Auto
-- Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm: /docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm
-- Clock Skew Is Too Great: /docs/kb/auditor/clock-skew-is-too-great
+- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md)
+- [Clock Skew Is Too Great](/docs/kb/auditor/clock-skew-is-too-great.md)
diff --git a/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md b/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md
index 7c8c4a9c45..9056d6642d 100644
--- a/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md
+++ b/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md
@@ -37,4 +37,4 @@ Refer to the following steps to update the password for your data-collection acc
5. Provide a new password, and click **OK** to save changes.
6. In some cases, you might need to restart Netwrix services for the changes to take effect.
-> **NOTE:** A new password won't be applied to Netwrix Password Reset, Event Log Manager, or Inactive User Tracker data-collection accounts. Refer to the following article for additional information: /docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change (Failed Logon Attempts after Recent Service Account Password Change).
+> **NOTE:** A new password won't be applied to Netwrix Password Reset, Event Log Manager, or Inactive User Tracker data-collection accounts. Refer to the following article for additional information: [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md).
diff --git a/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md b/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md
index f355ae1677..889a0b30fb 100644
--- a/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md
+++ b/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md
@@ -58,15 +58,15 @@ The Windows Server Auditing host and compression service cannot operate due to d
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
-
+
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
-
+
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
-
+
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
@@ -107,5 +107,5 @@ The Windows Server Auditing host and compression service cannot operate due to d
## Related articles
-- Сonnection Issue when TLS 1.2 Is Required: /docs/kb/auditor/сonnection_issue_when_tls_1.2_is_required
-- Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm: /docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm
+- [Сonnection Issue when TLS 1.2 Is Required](/docs/kb/auditor/сonnection_issue_when_tls_1.2_is_required.md)
+- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md)
diff --git a/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md b/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md
index ec6a09cf49..331323cdab 100644
--- a/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md
+++ b/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md
@@ -28,8 +28,8 @@ knowledge_article_id: kA00g000000H9WsCAK
The following error message appears in the Netwrix Auditor Health Log or under the database status on the Database Statistics page:
```text
-Error in reports stating Could not allocate space for object '*' in database '*' because the 'PRIMARY' filegroup is full.
-Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup,
+Error in reports stating Could not allocate space for object '*' in database '*' because the 'PRIMARY' filegroup is full.
+Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup,
or setting autogrowth on for existing files in the filegroup
```
@@ -68,9 +68,9 @@ To help prevent recurring database storage issues and support long-term stabilit
The following solutions can temporarily offer more database storage and disk space but do not address the root cause of database size constraints.
- Disable state-in-time data collection for the File Server monitoring plan by unselecting the **Collect data for state-in-time reports** option in the monitoring plan settings (**Edit monitoring plan** > **Edit Data Source**).
-- Allocate additional disk space to Netwrix Auditor and SQL Server. Hardware Requirements: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+- Allocate additional disk space to Netwrix Auditor and SQL Server. [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
- Change the **Database Retention** period via the Netwrix Auditor Console (**Settings** > **Audit Database**) to reduce the amount of time collected data is stored.
-- Recreate the database associated with the problematic Monitoring Plan. Since all collected data is also stored in the Long-Term Archive, no data loss is expected. However, recreating the database will remove its data from Searching and Reporting. To access this data, use the Netwrix Auditor Settings – Investigations (v10.6) feature: https://docs.netwrix.com/docs/auditor/10_8
+- Recreate the database associated with the problematic Monitoring Plan. Since all collected data is also stored in the Long-Term Archive, no data loss is expected. However, recreating the database will remove its data from Searching and Reporting. To access this data, use the [Netwrix Auditor Settings – Investigations (v10.6) feature](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations).
To recreate the database, follow these steps:
@@ -87,5 +87,6 @@ To recreate the database, follow these steps:
- 'PRIMARY' Filegroup Is Full: https://learn.microsoft.com/en-us/answers/questions/555422/primary-filegroup-is-full
- Resolving SQL Server Errors: The Primary Filegroup Is Full: https://www.sqlshack.com/resolving-sql-server-errors-the-primary-filegroup-is-full/
- Considerations for the Autogrow and Autoshrink Settings in SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/database-engine/database-file-operations/considerations-autogrow-autoshrink
-- Netwrix Auditor Settings – Investigations ⸱ v10.6: https://docs.netwrix.com/docs/auditor/10_8
-- SQL Server Express Database Size Reached 10GB: /docs/kb/auditor/sql-server-express-database-size-reached-10gb
+- [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
+- [Netwrix Auditor Settings – Investigations (v10.6) feature](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations)
+- [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md)
diff --git a/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md b/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md
index 9f2b5fa4d7..8b2fffaee6 100644
--- a/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md
+++ b/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md
@@ -46,6 +46,6 @@ The ReportServer database is corrupted and has to be rebuilt.
1. Once you've opened SSMS, unfold the **Databases** folder in the **Object Explorer** pane on the left.
2. Right-click each (`ReportServer` and `ReportServerTemp`) database and select **Delete**.
3. Before confirming the deletion, make sure to check the **Close existing connections** checkbox.
-3. Once the databases are deleted, regenerate the `ReportServer` database. Refer to the following article for additional information: /docs/kb/auditor/deploying-the-report-server-database (Deploying the Report Server Database).
-4. After you've configured the `ReportServer` database, grant the roles to the SSRS service account the roles required. Refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice (Configure SSRS Account).
+3. Once the databases are deleted, regenerate the `ReportServer` database. Refer to the following article for additional information: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
+4. After you've configured the `ReportServer` database, grant the roles to the SSRS service account the roles required. Refer to the following article for additional information: [Configure SSRS Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice#configure-ssrs-account)
5. Restart **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service** via **Services**.
diff --git a/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md b/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md
index 0594f8d7ae..b5a20a8b92 100644
--- a/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md
+++ b/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md
@@ -104,7 +104,7 @@ You can edit and customize the notification and report templates in Netwrix Pass
### Include an attribute in the email template
-> **NOTE:** You can use other attributes in your Netwrix Password Reset emails. Learn more about Active Directory attributes in All attributes ⸱ Microsoft 🡺: https://learn.microsoft.com/en-us/windows/win32/adschema/attributes-all
+> **NOTE:** You can use other attributes in your Netwrix Password Reset emails. Learn more about Active Directory attributes in [All attributes ⸱ Microsoft 🡺](https://learn.microsoft.com/en-us/windows/win32/adschema/attributes-all)
1. Select the appropriate template and click **Customize**.
2. Add the following attribute to the template body:
@@ -117,9 +117,9 @@ You can edit and customize the notification and report templates in Netwrix Pass
### Edit email header and footer
-You can disable header and footer in Netwrix Password Reset emails. Refer to the following article for additional information: [Hide and Disable Header and Footer in Password Expiration Notifier Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md).
+You can disable header and footer in Netwrix Password Reset emails. Refer to the following article for additional information: [Hide and Disable Header and Footer in Netwrix Password Reset Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md).
## Related articles
-- [Hide and Disable Header and Footer in Password Expiration Notifier Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md)
+- [Hide and Disable Header and Footer in Netwrix Password Reset Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md)
- [All attributes ⸱ Microsoft 🡺](https://learn.microsoft.com/en-us/windows/win32/adschema/attributes-all)
diff --git a/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md b/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md
index e9e3b141e5..5d4174ceb9 100644
--- a/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md
+++ b/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md
@@ -56,12 +56,10 @@ HTTP Error 503. The service is unavailable.
## Resolutions
-- Review Web Service and Web Portal URLs — refer to the following article for additional information: Deploying the Report Server Database.
- - /docs/kb/auditor/deploying-the-report-server-database
+- Review Web Service and Web Portal URLs — refer to the following article for additional information: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
- Verify the `SQL Server Reporting Services` service on your SSRS server is running. You can also run **Report Server Configuration Manager** > the **Report Server Status** tab to verify the report server status.
- IMPORTANT: Refer to the following article if you're unable to start the `SQL Server Reporting Services` service: Error: Service Did Not Respond to Start or Control Request in SSRS.
- - /docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs
+ IMPORTANT: Refer to the following article if you're unable to start the `SQL Server Reporting Services` service: [Error: Service Did Not Respond to Start or Control Request in SSRS](/docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs.md)
- Remove the SSRS account from the Protected Users security group. Learn more about Protected Users in Protected Users Security Group ⸱ Microsoft.
- https://learn.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group
@@ -80,16 +78,14 @@ If your SSRS instance edition is **Evaluation**, check the install date for the
Review the SSRS logs in `C:\Program Files\Microsoft SQL Server Reporting Services\SSRS\LogFiles:`:
```
-The report server has encountered a configuration error.
+The report server has encountered a configuration error.
Microsoft.ReportingServices.Diagnostics.EvaluationCopyExpiredException:
-The evaluation period for this instance of Microsoft SQL Server Reporting Services has expired.
+The evaluation period for this instance of Microsoft SQL Server Reporting Services has expired.
A license is now required.
```
## Related articles
-- Deploying the Report Server Database
- /docs/kb/auditor/deploying-the-report-server-database
+- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
-- Error: Service Did Not Respond to Start or Control Request in SSRS
- /docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs
+- [Error: Service Did Not Respond to Start or Control Request in SSRS](/docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs.md)
diff --git a/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md b/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md
index 294403f974..7dc167112b 100644
--- a/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md
+++ b/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md
@@ -27,8 +27,8 @@ knowledge_article_id: kA0Qk0000000LhBKAU
You see the following error in the Netwrix Auditor System Health log:
```text
-
- Error: can not process SQL commands for the Netwrix Auditor Self Audit database.
+
+ Error: can not process SQL commands for the Netwrix Auditor Self Audit database.
```
## Cause
@@ -53,4 +53,4 @@ Follow the steps below to turn off the **Recovery** mode for the database:
### Related Article:
-- Recovery Mode Changes in SQL Databases: /docs/kb/auditor/recovery-mode-changes-in-sql-databases
+- [Recovery Mode Changes in SQL Databases](/docs/kb/auditor/recovery-mode-changes-in-sql-databases.md)
diff --git a/docs/kb/auditor/error-could-not-connect-to-server.md b/docs/kb/auditor/error-could-not-connect-to-server.md
index 2222ec7cb9..c2f1dabe66 100644
--- a/docs/kb/auditor/error-could-not-connect-to-server.md
+++ b/docs/kb/auditor/error-could-not-connect-to-server.md
@@ -50,16 +50,16 @@ Refer to the list of possible causes for the error:
## Resolutions
-1. Verify the SQL Server instance name specified in the Audit Database settings. Refer to the following article for additional information: <https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001D01KAE.html> (Specifying the SQL Server Instance Name).
-2. Configure your SQL Server instance to allow remote connections. Learn more in Microsoft's documentation: <https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure> (Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft).
-3. Enable the TCP/IP protocol in the SQL Server—refer to the following article for additional information: </docs/kb/auditor/enable_tcpip_protocol_in_sql_server (Enable TCP/IP Protocol in SQL Server).
+1. Verify the SQL Server instance name specified in the Audit Database settings. Refer to the following article for additional information:[Specifying the SQL Server Instance Name](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase)
+2. Configure your SQL Server instance to allow remote connections. Learn more in Microsoft's documentation: [Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure)
+3. Enable the TCP/IP protocol in the SQL Server—refer to the following article for additional information: [Enable TCP/IP Protocol in SQL Server](/docs/kb/auditor/enable_tcpip_protocol_in_sql_server.md)
-> **NOTE:** Alternatively, review the TCP port used for SQL Server communication—learn more in Microsoft's documentation: https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine (Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft). For additional information on setting a custom TCP port in Netwrix Auditor, refer to the following article: /docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database (Specify Custom SQL Server Port for Netwrix Auditor Audit Database).
+> **NOTE:** Alternatively, review the TCP port used for SQL Server communication—learn more in Microsoft's documentation: [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine). For additional information on setting a custom TCP port in Netwrix Auditor, refer to the following article: [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md).
## Related Articles
-- https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA0Qk0000001D01KAE.html — Specifying the SQL Server Instance Name
-- https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure — Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft
-- /docs/kb/auditor/enable_tcpip_protocol_in_sql_server — Enable TCP/IP Protocol in SQL Server
-- https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine — Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft
-- /docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database — Specify Custom SQL Server Port for Netwrix Auditor Audit Database
+- [Specifying the SQL Server Instance Name](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase)
+- [Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure)
+- [Enable TCP/IP Protocol in SQL Server](/docs/kb/auditor/enable_tcpip_protocol_in_sql_server.md)
+- [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine)
+- [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md)
diff --git a/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md b/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md
index d84b49b940..723f7fb6bf 100644
--- a/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md
+++ b/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md
@@ -39,19 +39,19 @@ SQL Server Reporting Services (SSRS) connection issues or insufficient permissio
## Resolution
-1. Make sure you are using a supported SQL Server edition. Refer to the following article: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+1. Make sure you are using a supported SQL Server edition. Refer to the following article: [SQL Server Requirements](https://docs.netwrix.com/docs/auditor/10_6/requirements/sqlserver)
-2. Check the permissions for your Audit Database account. Refer to the following article: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+2. Check the permissions for your Audit Database account. Refer to the following article: [Configure Audit Database Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver#configure-audit-database-account)
-3. Check the permissions for the account used to collect data in your environment. Refer to the following article: https://docs.netwrix.com/docs/auditor/10_8
+3. Check the permissions for the account used to collect data in your environment. Refer to the following article: [Data Collecting Accounts](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts)
> **IMPORTANT:** The account should be a member of the local Administrators group.
- If you use a `gMSA` account for data collection, refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+ If you use a `gMSA` account for data collection, refer to the following article for additional information: [GMSA](https://docs.netwrix.com/docs/auditor/10_8/requirements/gmsa)
-4. Check your Report Services configuration. Refer to the following article: /docs/kb/auditor/deploying-the-report-server-database
+4. Check your Report Services configuration. [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
-5. Check the permissions for your SSRS Account. Refer to the following article: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+5. Check the permissions for your SSRS Account. Refer to the following article:[Configure SSRS Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice#configure-ssrs-account)
> **IMPORTANT:** The account should be a member of the local Administrators group.
@@ -63,9 +63,9 @@ SQL Server Reporting Services (SSRS) connection issues or insufficient permissio
## Related Links
-- Requirements for SQL Server to Store Audit Data: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- Requirements for SQL Server to Store Audit Data: Configure Audit Database Account: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- Monitoring Plans – Data Collecting Account: https://docs.netwrix.com/docs/auditor/10_8
-- Requirements – Use Group Managed Service Account (gMSA): https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- Deploying the Report Server Database: /docs/kb/auditor/deploying-the-report-server-database
-- SQL Server Reporting Services: Configure SSRS Account: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+- [SQL Server Requirements](https://docs.netwrix.com/docs/auditor/10_6/requirements/sqlserver)
+- [Configure Audit Database Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver#configure-audit-database-account)
+- [Data Collecting Accounts](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts)
+- [Requirements – Use Group Managed Service Account (gMSA](https://docs.netwrix.com/docs/auditor/10_8/requirements/gmsa)
+- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
+- [Configure SSRS Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice#configure-ssrs-account)
diff --git a/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md b/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md
index 8e87613efc..33689282e3 100644
--- a/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md
+++ b/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md
@@ -29,13 +29,13 @@ knowledge_article_id: kA00g000000H9ahCAC
The following warning appears during each data collection in the Netwrix Auditor Health Log:
```
-%timestamp%: %server%:
+%timestamp%: %server%:
The Add/Remove Software data provider failed to load the user %SID%.bak registry hive on the computer %server% due to the following error:
The process cannot access the file because it is being used by another process.
```
```
-%timestamp%: %server%:
+%timestamp%: %server%:
The Add/Remove Software data provider failed to load the user %domain\\user% registry hive on the computer %server% due to the following error:
The process cannot access the %PATH%\ntuser.dat file because it is being used by another process.
```
@@ -53,7 +53,7 @@ This issue may be caused by one or more of the following factors:
Apply one or more of the following solutions to resolve this error:
-- Configure antivirus exclusions in your Netwrix Auditor environment. For details, see the following article: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor (Antivirus Exclusions for Netwrix Auditor).
+- Configure antivirus exclusions in your Netwrix Auditor environment. For details, see the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
- Follow these steps if excluding Auditor-related folders did not resolve the issue:
@@ -89,4 +89,4 @@ Apply one or more of the following solutions to resolve this error:
## Related Article
-- Antivirus Exclusions for Netwrix Auditor: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor
+- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
diff --git a/docs/kb/auditor/error-memory-limit-is-reached.md b/docs/kb/auditor/error-memory-limit-is-reached.md
index 0afaae7dc7..7200f634b4 100644
--- a/docs/kb/auditor/error-memory-limit-is-reached.md
+++ b/docs/kb/auditor/error-memory-limit-is-reached.md
@@ -40,11 +40,10 @@ The default memory limit has been reached for the process.
## Resolution
-Increase the resource pool on your Netwrix Auditor server. Refer to the following article for additional information on hardware requirements for different deployment scenarios: https://docs.netwrix.com/docs/auditor/10_8 — Hardware Requirements · v10.7).
-
-> **IMPORTANT:** Verify that the antivirus exclusions are in place on your Netwrix Auditor server. Review the following article for recommendations on antivirus exclusions in the Auditor environment: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor (Antivirus Exclusions for Netwrix Auditor).
+Increase the resource pool on your Netwrix Auditor server. Refer to the following article for additional information on hardware requirements for different deployment scenarios: [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console).
+> **IMPORTANT:** Verify that the antivirus exclusions are in place on your Netwrix Auditor server. Review the following article for recommendations on antivirus exclusions in the Auditor environment: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md).
## Related Articles
-- https://docs.netwrix.com/docs/auditor/10_8 — Hardware Requirements · v10.7)
-- /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor (Antivirus Exclusions for Netwrix Auditor)
+- [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
+- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
diff --git a/docs/kb/auditor/error-the-remote-procedure-call-failed.md b/docs/kb/auditor/error-the-remote-procedure-call-failed.md
index 81233b1e97..64ea3d55d6 100644
--- a/docs/kb/auditor/error-the-remote-procedure-call-failed.md
+++ b/docs/kb/auditor/error-the-remote-procedure-call-failed.md
@@ -40,8 +40,8 @@ The "Remote procedure call failed" error can have a number of root causes such a
Depending on the error cause, follow the resolution steps below:
-1. Make sure you have all required ports opened. For additional information on configuring ports for Netwrix Auditor, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 — Protocols and Ports Required — v10.6).
-2. Review your Antivirus exclusions. For additional information on required exclusions for your antivirus, refer to the following article: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor (Antivirus Exclusions for Netwrix Auditor).
+1. Make sure you have all required ports opened. For additional information on configuring ports for Netwrix Auditor, refer to the following article: [Protocols and Ports Required](https://docs.netwrix.com/docs/auditor/10_8/requirements/ports)
+2. Review your Antivirus exclusions. For additional information on required exclusions for your antivirus, refer to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
3. If the issue occurs during Logon Activity data collection, try to follow the steps in these articles:
- - /docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan (System Cannot Find the Path Specified in Logon Activity Monitoring Plan)
- - /docs/kb/auditor/error-size-of-collected-data-files-exceeded-limit-in-logon-activity-monitoring-plan (Size of Collected Data Files Exceeded Limit in Logon Activity Monitoring Plan)
+ - [System Cannot Find the Path Specified in Logon Activity Monitoring Plan](/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan.md)
+ - [Error: Size of Collected Data Files Exceeded Limit in Logon Activity Monitoring Plan](/docs/kb/auditor/error-size-of-collected-data-files-exceeded-limit-in-logon-activity-monitoring-plan.md)
diff --git a/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md b/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md
index 0950058e12..71ecc8f13c 100644
--- a/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md
+++ b/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md
@@ -54,7 +54,7 @@ The **Faulting module name** dynamic-link library file was corrupted. This could
## Resolutions
-1. Set up antivirus exclusions to prevent both your antivirus solution and Netwrix Auditor from conflicting — refer to the following article for additional information: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor (Antivirus Exclusions for Netwrix Auditor).
+1. Set up antivirus exclusions to prevent both your antivirus solution and Netwrix Auditor from conflicting — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
2. Establish the scope of affected `.dll` files. In case the **Faulting module path** links the system folder (e.g., `C:\Windows\System32`), follow these steps:
@@ -80,9 +80,9 @@ The **Faulting module name** dynamic-link library file was corrupted. This could
3. Once the commands are completed and components are restored, restart the server.
-3. In case the **Faulting module path** links a Netwrix-related folder (e.g., `C:\Program Files (x86)\Netwrix Auditor\Active Directory Auditing`), repair your Netwrix Auditor installation. Refer to the following article for additional information: /docs/kb/auditor/how-to-repair-netwrix-auditor-installation (How to Repair Netwrix Auditor Installation).
+3. In case the **Faulting module path** links a Netwrix-related folder (e.g., `C:\Program Files (x86)\Netwrix Auditor\Active Directory Auditing`), repair your Netwrix Auditor installation. Refer to the following article for additional information: [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md)
## Related articles
-- Antivirus Exclusions for Netwrix Auditor: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor
-- How to Repair Netwrix Auditor Installation: /docs/kb/auditor/how-to-repair-netwrix-auditor-installation
+- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
+- [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md)
diff --git a/docs/kb/auditor/event-id-1208-in-health-log.md b/docs/kb/auditor/event-id-1208-in-health-log.md
index 7e469cd8a2..232be68ad1 100644
--- a/docs/kb/auditor/event-id-1208-in-health-log.md
+++ b/docs/kb/auditor/event-id-1208-in-health-log.md
@@ -34,87 +34,87 @@ Refer to the entries below for possible causes and resolutions based on event de
### `Fatal error during installation`
- Cause: The **Timeout expired** error is prompted after SharePoint Core Service installation has taken over 10 minutes.
- **Resolution:** Refer to the following article for additional information: /docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment (Timeout Expired Error on SharePoint Core Service Deployment).
+ **Resolution:** Refer to the following article for additional information: [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md)
-- Cause: An invalid SharePoint Central Administration URL was specified during monitoring plan creation.
+- Cause: An invalid SharePoint Central Administration URL was specified during monitoring plan creation.
**Resolution:**
1. Edit the Item URL via **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > modify the SharePoint Central Administration URL > click **Save & Close**.
-- Cause: An invalid SharePoint Central Administration server was specified during monitoring plan creation. The specified server does not belong to the audited farm.
+- Cause: An invalid SharePoint Central Administration server was specified during monitoring plan creation. The specified server does not belong to the audited farm.
**Resolution:**
1. Edit the SharePoint Central Administration server FQDN in **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > **Core Service** tab > modify the FQDN and click **Save & Close**.
-- Cause: SharePoint solution or SharePoint Core Service has already been installed in the SharePoint farm, but the solution has not been deployed yet.
+- Cause: SharePoint solution or SharePoint Core Service has already been installed in the SharePoint farm, but the solution has not been deployed yet.
**Resolution:**
- 1. Make sure that the list of installed programs on the target computer does not contain **Netwrix Auditor for SharePoint Core Service**, and uninstall it if it does.
- 2. If not, open the SharePoint Central Administration site and navigate to **System Settings** > **Manage farm solutions**. Locate the `netwrix.sharepoint.audit.wsp` solution and delete it.
+ 1. Make sure that the list of installed programs on the target computer does not contain **Netwrix Auditor for SharePoint Core Service**, and uninstall it if it does.
+ 2. If not, open the SharePoint Central Administration site and navigate to **System Settings** > **Manage farm solutions**. Locate the `netwrix.sharepoint.audit.wsp` solution and delete it.
3. Update the monitoring plan.
-- Cause: The data collecting account does not have the required rights and permissions for automatic Core Service deployment.
+- Cause: The data collecting account does not have the required rights and permissions for automatic Core Service deployment.
**Resolution:**
1. Specify a different data collecting account for the affected monitoring plan or grant corresponding permissions to the current account:
- Navigate to your SharePoint monitoring plan > **Edit Item** > **General**, and enter user name and password for the custom account.
- - Grant the current account the necessary rights and permissions — refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8 (SharePoint − Permissions for SharePoint Auditing · v10.6).
+ - Grant the current account the necessary rights and permissions — refer to the following article for additional information: [Permissions for SharePoint Auditing](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/permissions)
-- Cause: SharePoint Central Administration is not functioning properly due to connection problems with the SharePoint Configuration Database, or some other unexpected error.
+- Cause: SharePoint Central Administration is not functioning properly due to connection problems with the SharePoint Configuration Database, or some other unexpected error.
**Resolution:**
1. Make sure SharePoint Central Administration is functioning properly.
-- Cause: SharePoint Central Administration URL has been specified without a port number (`Fatal error during installation`).
+- Cause: SharePoint Central Administration URL has been specified without a port number (`Fatal error during installation`).
**Resolution:**
1. Verify the Administration URL — Edit the Item URL via **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > modify the SharePoint Central Administration URL > click **Save & Close**.
### `Unable to connect to the remote server.`
-- Cause: An invalid SharePoint Central Administration port has been specified.
+- Cause: An invalid SharePoint Central Administration port has been specified.
**Resolution:**
1. Verify the Administration URL — Edit the Item URL via **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > modify the SharePoint Central Administration URL > click **Save & Close**.
-- Cause: The port of SharePoint Central Administration is blocked in the Windows Firewall settings in the target server, or in the Netwrix Auditor host.
+- Cause: The port of SharePoint Central Administration is blocked in the Windows Firewall settings in the target server, or in the Netwrix Auditor host.
**Resolution:**
- 1. Refer to the following article for additional information on required ports: https://docs.netwrix.com/docs/auditor/10_8 (SharePoint − SharePoint Ports · v10.6).
+ 1. Refer to the following article for additional information on required ports: [SharePoint Ports](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/ports)
-- Cause: The computer that hosts SharePoint Central Administration is not reachable.
+- Cause: The computer that hosts SharePoint Central Administration is not reachable.
**Resolution:**
1. Make sure there is network connection to the Central Administration host.
### `The remote name could not be resolved.`
-- Cause: An invalid SharePoint Central Administration host has been specified.
+- Cause: An invalid SharePoint Central Administration host has been specified.
**Resolution:**
1. Verify the Administration URL — Edit the Item URL via **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > modify the SharePoint Central Administration URL > click **Save & Close**.
### `The network path was not found.`
-- Cause: The target server for Core Service deployment has been specified incorrectly.
+- Cause: The target server for Core Service deployment has been specified incorrectly.
**Resolution:**
1. Edit the SharePoint Central Administration server FQDN in **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > **Core Service** tab > modify the FQDN and click **Save & Close**.
### `Access is denied.`
-- Cause: The data collecting account used to install Core Service does not have the required rights and permissions in the target server.
+- Cause: The data collecting account used to install Core Service does not have the required rights and permissions in the target server.
**Resolution:**
1. Specify a different data collecting account for the affected monitoring plan or grant corresponding permissions to the current account:
- Navigate to your SharePoint monitoring plan > **Edit Item** > **General**, and enter user name and password for the custom account.
- - Grant the current account the necessary rights and permissions — refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8 (SharePoint − Permissions for SharePoint Auditing · v10.6).
+ - Grant the current account the necessary rights and permissions — refer to the following article for additional information: [Permissions for SharePoint Auditing](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/permissions)
### `The system cannot find the file specified.`
-- Cause: The target server for Core Service deployment has been specified as an alias that is not specified in the DNS and that cannot be authenticated in the local admin share (`\serveradmin$`) in the target Core Service deployment server.
+- Cause: The target server for Core Service deployment has been specified as an alias that is not specified in the DNS and that cannot be authenticated in the local admin share (`\serveradmin$`) in the target Core Service deployment server.
**Resolution:**
1. Edit the SharePoint Central Administration server FQDN in **Monitoring Plans** > select ` %SharePoint_plan% ` > **Edit** > select the item and click **Edit item** > **Core Service** tab > modify the FQDN and click **Save & Close**.
### `The pipe has been ended.`
-- Cause: The SharePoint Central Administration server was restarted or shut down during the automatic Core Service deployment. Unable to install Netwrix Auditor for SharePoint Core Service on the target server.
+- Cause: The SharePoint Central Administration server was restarted or shut down during the automatic Core Service deployment. Unable to install Netwrix Auditor for SharePoint Core Service on the target server.
**Resolution:**
1. Retry installation:
- To retry the automatic deployment, update the SharePoint monitoring plan.
- - For additional information on manual installation of SharePoint Core Service, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 − Install for SharePoint Core Service · v10.6).
+ - For additional information on manual installation of SharePoint Core Service, refer to the following article: [Install for SharePoint Core Service](https://docs.netwrix.com/docs/auditor/10_8/install/sharepointcoreservice)
## Related articles
-- Timeout Expired Error on SharePoint Core Service Deployment — /docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment
-- SharePoint − Permissions for SharePoint Auditing · v10.6 — https://docs.netwrix.com/docs/auditor/10_8
-- SharePoint − SharePoint Ports · v10.6 — https://docs.netwrix.com/docs/auditor/10_8
-- Installation − Install for SharePoint Core Service · v10.6 — https://docs.netwrix.com/docs/auditor/10_8
+- [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md)
+- [Permissions for SharePoint Auditing](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/permissions)
+- [SharePoint Ports](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/ports)
+- [Install for SharePoint Core Service](https://docs.netwrix.com/docs/auditor/10_8/install/sharepointcoreservice)
diff --git a/docs/kb/auditor/event-id-1225-in-health-log.md b/docs/kb/auditor/event-id-1225-in-health-log.md
index 9d8354cac6..b1007f0190 100644
--- a/docs/kb/auditor/event-id-1225-in-health-log.md
+++ b/docs/kb/auditor/event-id-1225-in-health-log.md
@@ -41,10 +41,10 @@ Netwrix Auditor is unable to collect farm configuration changes due to network c
Refer to the corresponding article for additional information on resolution:
-- Event ID 1204 in Health Log: /docs/kb/auditor/event-id-1204-in-health-log
-- Event ID 1205 in Health Log: /docs/kb/auditor/event-id-1205-in-health-log
+- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md)
+- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md)
## Related articles
-- Event ID 1204 in Health Log: /docs/kb/auditor/event-id-1204-in-health-log
-- Event ID 1205 in Health Log: /docs/kb/auditor/event-id-1205-in-health-log
+- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md)
+- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md)
diff --git a/docs/kb/auditor/event-id-1274-in-health-log.md b/docs/kb/auditor/event-id-1274-in-health-log.md
index 34df46cba7..0534f9b8b1 100644
--- a/docs/kb/auditor/event-id-1274-in-health-log.md
+++ b/docs/kb/auditor/event-id-1274-in-health-log.md
@@ -43,11 +43,11 @@ because the product is unable to detect the forest where the audited SharePoint
- Cause #1 − Verify the **SharePoint Central Administration** site is reachable by opening the URL in a browser.
- Cause #2 − Refer to the following articles for additional information:
- - Event ID 1204 in Health Log: /docs/kb/auditor/event-id-1204-in-health-log
- - Event ID 1205 in Health Log: /docs/kb/auditor/event-id-1205-in-health-log
+ - [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md)
+ - [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md)
- Cause #3 − Verify the global catalog domain controller is reachable.
## Related articles
-- Event ID 1204 in Health Log: /docs/kb/auditor/event-id-1204-in-health-log
-- Event ID 1205 in Health Log: /docs/kb/auditor/event-id-1205-in-health-log
+- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md)
+- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md)
diff --git a/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md b/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md
index ca00ad7201..5db37aba0e 100644
--- a/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md
+++ b/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md
@@ -35,7 +35,7 @@ The term 'get-help' is not recognized as the name of a cmndlet, function, script
## Cause
-The issue caused by Microsoft cumulative update for multiple editions of MS Exchange. Learn more in Description of the security update for Microsoft Exchange Server 2019 and 2016: October 10, 2023 (KB5030877) ⸱ Microsoft 📝: https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-and-2016-october-10-2023-kb5030877-ec769ff1-f60f-411e-a7ed-b63b42a686eb
+The issue caused by Microsoft cumulative update for multiple editions of MS Exchange. Learn more in Description of the security update: [Microsoft Exchange Server 2019 and 2016: October 10, 2023 (KB5030877) ⸱ Microsoft 📝](https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-and-2016-october-10-2023-kb5030877-ec769ff1-f60f-411e-a7ed-b63b42a686eb)
## Resolution
@@ -43,4 +43,4 @@ To resolve the issue, upgrade Netwrix Auditor to the version 10.6 build 12322 an
### Related article:
-- Administrator Audit Logging (AAL) configuration details: /docs/kb/auditor/administrator-audit-logging-aal-configuration-details
+- [Administrator Audit Logging (AAL) configuration details](/docs/kb/auditor/administrator-audit-logging-aal-configuration-details.md)
diff --git a/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md b/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md
index b06c690bb6..6c5660d976 100644
--- a/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md
+++ b/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md
@@ -28,7 +28,7 @@ You'd like to remove the Netwrix header and footer from emails sent to users and
## Resolution
-> **IMPORTANT:** In some cases both header and footer reset after your Netwrix Auditor instance has been upgraded to v10.6. For additional information, refer to the following article: /docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade (Password Expiration Notifier Email Header and Footer Reset After Upgrade).
+> **IMPORTANT:** In some cases both header and footer reset after your Netwrix Auditor instance has been upgraded to v10.6. For additional information, refer to the following article: [Netwrix Password Reset Email Header and Footer Reset After Upgrade](/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md)
1. Open Registry Editor on the Netwrix Auditor Server host.
2. Navigate to `HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\Password Expiration Notifier`.
@@ -47,9 +47,9 @@ You'd like to remove the Netwrix header and footer from emails sent to users and
> **NOTE:** If you'd like to re-enable the header and footer, simply change the value data to `0`.
-To further customize Netwrix Password Reset emails, refer to the following article: /docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier (Customize Notifications and Reports in Password Expiration Notifier).
+To further customize Netwrix Password Reset emails, refer to the following article: [Customize Notifications and Reports in Netwrix Password Reset](/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md).
### Related articles
-- /docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier - Customize Notifications and Reports in Netwrix Password Reset
-- /docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade - Password Expiration Notifier Email Header and Footer Reset After Upgrade
+- [Customize Notifications and Reports in Netwrix Password Reset](/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md)
+- [Netwrix Password Reset Email Header and Footer Reset After Upgrade](/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md)
diff --git a/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md b/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md
index 878c16c3c9..c14b65c1fa 100644
--- a/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md
+++ b/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md
@@ -51,6 +51,6 @@ Follow the steps below to decrease the retention period for the archive:
It is up to you to decide how long you want to keep historical data. If you know that no historical data will be needed past one year, decrease the retention to `12 months`. The historical data can be imported from the Archive back to your Audit Database when needed via the **Investigations** feature.
-Learn more about Investigations in the following article: https://docs.netwrix.com/docs/auditor/10_8
+Learn more about Investigations in the following article: [Investigations](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations)
-Review additional recommendations for preventing Long-Term Archive overflow in the following article: /docs/kb/auditor/how-to-prevent-long-term-archive-overflow
+Review additional recommendations for preventing Long-Term Archive overflow in the following article: [How to Prevent Long-Term Archive Overflow](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md)
diff --git a/docs/kb/auditor/how-to-assign-db-owner-permissions.md b/docs/kb/auditor/how-to-assign-db-owner-permissions.md
new file mode 100644
index 0000000000..46f65e51cb
--- /dev/null
+++ b/docs/kb/auditor/how-to-assign-db-owner-permissions.md
@@ -0,0 +1,34 @@
+---
+title: How to Assign db_owner Permissions
+sidebar_label: How to Assign db_owner Permissions
+description: how to assign db_owner permissions to the Netwrix Auditor service account using SQL Server Management Studio to ensure proper access to audit databases.
+keywords:
+- Netwrix Auditor
+- SQL Server
+- db_owner
+- database permissions
+- SQL Server Management Studio
+
+products:
+- auditor
+
+---
+
+## Overview
+
+The account used by Netwrix Auditor to collect and store audit data must have **db_owner** permissions on all target audit databases. Without this level of access, certain audit operations or data retrieval tasks may fail.
+
+This article provides step-by-step instructions for granting **db_owner** rights to the Netwrix Auditor service account in **SQL Server Management Studio**.
+
+## Instructions
+
+To assign **db_owner** permissions to a Netwrix Auditor account:
+
+1. On the computer where the SQL Server instance resides, navigate to **Start** > **All Programs** > **Microsoft SQL Server** > **SQL Server Management Studio**.
+2. Connect to the SQL Server instance using an account that has sufficient privileges to modify database roles.
+3. In the **Object Explorer** pane, expand **Security**, then expand **Logins**.
+4. Locate and right-click the login account used by Auditor, and select **Properties**.
+5. In the **Login Properties** window, select **User Mapping** in the left pane.
+6. In the **Users mapped to this login** section, select all databases that the Auditor account must access.
+7. In the **Database role membership for:** section, select **db_owner**.
+8. Click **OK** to save the changes.
diff --git a/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md b/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md
index 9d436b21ea..b5bedd2524 100644
--- a/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md
+++ b/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md
@@ -46,7 +46,7 @@ There is also the chance that the Health Log is relaying an error received from
The Health Log also provides the option for filtering, allowing administrators to view messages from specific data sources/monitoring plans, as well as different types of messages (Information, warning, errors).
-There may be times where Netwrix Auditor Technical Support requests a copy of your Health Log. To provide this file, please view the steps [here](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md). More details on the Health Log can be obtained here.
+There may be times where Netwrix Auditor Technical Support requests a copy of your Health Log. To provide this file, please view the steps [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md). More details on the Health Log can be obtained here.
### Database Statistics
@@ -58,8 +58,8 @@ This dashboard can assist with troubleshooting in instances where data may not b
### Long Term Archive
-This simple, yet effective, tile gives administrators insight on Long Term Archive storage usage. You may hear Technical Support refer to this as the "LTA". If you notice rapid growth and you have not placed the Long Term Archive on a drive independent of the System Drive, please follow the steps [here](https://kb.netwrix.com/247) to migrate your Long Term Archive.
+This simple, yet effective, tile gives administrators insight on Long Term Archive storage usage. You may hear Technical Support refer to this as the "LTA". If you notice rapid growth and you have not placed the Long Term Archive on a drive independent of the System Drive, please follow the steps [here](https://docs.netwrix.com/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) to migrate your Long Term Archive.
### Working Folder
-The Working Folder is a structure of files that plays an integral part in event processing. Similar to the LTA tile, this tile will provide visibility on Working Folder growth. Expect this directory to grow and shrink periodically as it receives data, processes, and then sends it off for storage in SQL and the LTA. This directory can also be migrated to a drive independent to the system drive. The steps to migrate the Working Folder can be viewed [here](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md).
+The Working Folder is a structure of files that plays an integral part in event processing. Similar to the LTA tile, this tile will provide visibility on Working Folder growth. Expect this directory to grow and shrink periodically as it receives data, processes, and then sends it off for storage in SQL and the LTA. This directory can also be migrated to a drive independent to the system drive. The steps to migrate the Working Folder can be viewed [How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md).
diff --git a/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md b/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md
index aba044883e..2fc3ff43a6 100644
--- a/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md
+++ b/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md
@@ -36,7 +36,7 @@ Refer to the following steps to configure Netwrix Auditor in failover mode:
> **NOTE:** If Netwrix Auditor is already installed on a physical machine, consider migrating it to a virtual box. Some vendors support "physical to VM" migration."
-2. Configure the Long-Term Archive (LTA) to be stored on a remote location, such as a shared iSCSI volume. Refer to the following Netwrix knowledge base article for instructions on how to move LTA to a new location: /docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location
+2. Configure the Long-Term Archive (LTA) to be stored on a remote location, such as a shared iSCSI volume. Refer to the following Netwrix knowledge base article for instructions on how to move LTA to a new location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
3. For setting up backup and failover, ensure that the volume under LTA and Working Folder is redundant enough to survive failure.
@@ -60,4 +60,4 @@ For alternative backup and failover options, refer to the steps below.
## Related Articles
-- How to Move Long-Term Archive to a New Location: /docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location
+- How to Move Long-Term Archive to a New Location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
diff --git a/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md b/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md
index b6ea6541b2..942bfc4211 100644
--- a/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md
+++ b/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md
@@ -31,4 +31,4 @@ If you enable the **Audit data changes** option as part of SQL Server audit, Net
1. Disable the **Audit data changes** option if you are not interested in content changes, and delete the `NetwrixSQLCRAudit` database(s) from the SQL Server(s).
2. Shrink the `NetwrixSQLCRAudit` database(s) via MSSQL Management Studio.
-For additional information about how Netwrix Auditor for SQL Server works, please refer to the following KB: /docs/kb/auditor/how-netwrix-auditor-for-sql-server-collects-data
+For additional information about how Netwrix Auditor for SQL Server works, please refer to the following KB: [How Netwrix Auditor for SQL Server Collects Data](/docs/kb/auditor/how-netwrix-auditor-for-sql-server-collects-data.md)
diff --git a/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md b/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md
index 1fb10017d0..9376987eaf 100644
--- a/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md
+++ b/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md
@@ -37,14 +37,14 @@ You can exclude specific users and objects from your monitoring scope using the
1. In the main Netwrix Auditor menu, select **Monitoring plans** under **Configuration**.
2. Select the relevant monitoring plan, select the data source and click **Edit**.
-3. Select the data source and click **Edit data source**.
-
+3. Select the data source and click **Edit data source**.
+
4. In the left pane, select **Users**. Check the **Exclude these users:** checkbox and click **Add** to add users to be excluded from the monitoring plan. Once all the users are added, click **Save & Close** in the bottom left corner.
-
+
-5. For objects, select the **Objects** tab in the left pane, check the **Exclude these objects** checkbox and click **Add** to exclude objects from the monitoring scope. Once you've added the objects, click **Save & Close**.
-
+5. For objects, select the **Objects** tab in the left pane, check the **Exclude these objects** checkbox and click **Add** to exclude objects from the monitoring scope. Once you've added the objects, click **Save & Close**.
+
The following examples explain how the exclusion rules work for **Objects**. Same logic applies to the inclusion rules:
@@ -53,4 +53,4 @@ The following examples explain how the exclusion rules work for **Objects**. Sam
- `dc11.local/OU/*` will exclude objects within the OU. However, the OU itself will not be excluded.
- `dc11.local/OU*` will exclude the OU itself, all objects within it, and also all objects whose path begins with `dc11.local/OU` (like `dc11.local/OU_HQ`).
-For additional information on omit lists and excluding data sources, refer to the following article: Exclude Objects from Monitoring Scope.
+For additional information on omit lists and excluding data sources, refer to the following article: [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists)
diff --git a/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md b/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md
index ef0ae20bcd..8d8abcb944 100644
--- a/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md
+++ b/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md
@@ -44,4 +44,4 @@ To find the actual source of failed logons, enable NTLM auditing temporarily. Fo
## Related Articles:
-- /docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons — Why Do I Have Incomplete Information on Failed Logons?.
+- [Why Do I Have Incomplete Information on Failed Logons?](/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons.md)
diff --git a/docs/kb/auditor/how-to-investigate-compression-services-errors.md b/docs/kb/auditor/how-to-investigate-compression-services-errors.md
index cbfceb6d56..ab5c142c93 100644
--- a/docs/kb/auditor/how-to-investigate-compression-services-errors.md
+++ b/docs/kb/auditor/how-to-investigate-compression-services-errors.md
@@ -32,19 +32,14 @@ In the Netwrix Auditor health log, some error events mention issues with the com
2. Log in to the Netwrix server with **Data Collection Account** credentials (monitoring plan – settings – data collection) and check that you can open this path via File Explorer:
- `\*audited_server*\c$\Windows\`
- Check if you can add or remove files from this folder. If not, check the permissions for the Data Collection account:
-
- - MonitoringPlans – Data Collecting Account ⸱ v10.6 (opens in a new window)
+ Check if you can add or remove files from this folder. If not, check the permissions for the Data Collection account: [Data Collecting Account](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts)
**Note:** Pay attention to which collector you're going to adjust permissions.
3. Test the ports required for the problematic monitoring plan:
- - Requirements – Protocols and Ports ⸱ v10.6 (choose the problematic monitoring plan on the left).
-
- Here is an article on how to check ports:
-
- - [How to check TCP, UDP and Dynamic ports required for Netwrix Auditor monitoring plans](/docs/kb/auditor/check-tcp-and-udp-ports-required.md) (opens in a new window)
+ - [Protocols and Ports](https://docs.netwrix.com/docs/auditor/10_8/requirements/ports)
+ - [Check TCP and UDP Ports Required](/docs/kb/auditor/check-tcp-and-udp-ports-required.md)
4. Check Remote Registry and Windows Management Instrumentation Services:
- - For File Servers Auditing: Windows File Servers – Enable Remote Registry Service ⸱ v10.6 (opens in a new window)
- - For Windows Server Auditing: Windows Server – Enable Remote Registry and Windows Management Instrumentation Services ⸱ v10.6 (opens in a new window)
+ - [Enable Remote Registry and Windows Management Instrumentation Services for Windows Server](https://docs.netwrix.com/docs/auditor/10_8/configuration/windowsserver/remoteregistry)
+ - [Enable Remote Registry Services for File Server](https://docs.netwrix.com/docs/auditor/10_8/configuration/fileservers/windows/remoteregistryservice)
5. Add antivirus exclusions on the Netwrix and target servers for folders:
- - See the article on how to do it: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) (opens in a new window)
+ - [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
diff --git a/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md b/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md
index 298cf8bf09..76eb0e7889 100644
--- a/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md
+++ b/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md
@@ -33,7 +33,7 @@ Yes, you are able to migrate audit databases to another Microsoft SQL Server ins
### Prerequisites
-- Required Permissions: The account used by Netwrix Auditor must have **db_owner** rights on the target audit databases. For SQL Server Reporting Services (SSRS), the account must have the **Content Manager** role on the Home folder, and users must have the **Browser** role on the Report Server. For detailed steps on assigning these permissions, see Requirements – SQL Server Reporting Services · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+- Required Permissions: The account used by Netwrix Auditor must have **db_owner** rights on the target audit databases. For SQL Server Reporting Services (SSRS), the account must have the **Content Manager** role on the Home folder, and users must have the **Browser** role on the Report Server. For detailed steps on assigning these permissions, see [How to Assign db_owner Permissions](docs/kb/auditor/how-to-assign-db-owner-permissions.md) and [SQL Server Reporting Services](https://docs.netwrix.com/docs/auditor/10_8/requirements/overview)
- SQL Server and SSRS must be installed and configured on the new server.
### Instructions
@@ -50,15 +50,15 @@ Yes, you are able to migrate audit databases to another Microsoft SQL Server ins
3. Under the **Source** section, select the **Device** option, and click **...** to browse for databases.
4. In the **Specify Backup Devices** window, click **Add** and select the backup database file. Click **OK**.
5. Specify the database name and check the **Restore** checkbox under the **Backup sets to restore** section.
-5. Deploy the new Report Database. For more information, see Deploying the Report Server Database: /docs/kb/auditor/deploying-the-report-server-database
+5. Deploy the new Report Database. For more information, see [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
6. Stop the old **SQL Server (%instance_name%)** service.
7. Start `Netwrix Auditor Archive Service` and `Netwrix Auditor Management Service`.
8. In the main Netwrix Auditor menu, select **Settings** > **Audit Database** tab, and specify the new SQL Server and Reporting Service settings.
-> **NOTE:** If you receive the following pop-up message, click **Yes** to proceed with modifying the Audit Database settings:
+> **NOTE:** If you receive the following pop-up message, click **Yes** to proceed with modifying the Audit Database settings:
> 
-9. Click **Yes** when the following message appears:
+9. Click **Yes** when the following message appears:
10. In the main Netwrix Auditor menu, select **Settings** > **Investigations** tab. Click **Modify** to specify the new SQL Server settings.
11. Run a search with the filter **When | Equals | Last 7 days**. If you see the relevant data, the databases were migrated successfully and the new SQL Server is being used.
@@ -66,6 +66,7 @@ Yes, you are able to migrate audit databases to another Microsoft SQL Server ins
## Related Links
-- Requirements – SQL Server Reporting Services · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- How to Prepare the Netwrix Server for a SQL Upgrade: /docs/kb/auditor/how-to-prepare-the-netwrix-server-for-a-sql-upgrade
-- Deploying the Report Server Database: /docs/kb/auditor/deploying-the-report-server-database
+- [How to Assign db_owner Permissions](docs/kb/auditor/how-to-assign-db-owner-permissions.md)
+- [SQL Server Reporting Services](https://docs.netwrix.com/docs/auditor/10_8/requirements/overview)
+- [How to Prepare the Netwrix Server for a SQL Upgrade](/docs/kb/auditor/how-to-prepare-the-netwrix-server-for-a-sql-upgrade.md)
+- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
diff --git a/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md b/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md
index 31edd9fd66..deb9fcd7bb 100644
--- a/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md
+++ b/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md
@@ -32,15 +32,15 @@ The size of your Working Folder may grow significantly (up to 1 TB) depending on
> **NOTE:** Netwrix Auditor has two file storages used for different purposes:
>
-> - Long-Term Archive, a repository of collected audit data stored in proprietary Netwrix format (activity records). Audit data is kept in the Long-Term Archive for 10 years as per default settings. The default Long-Term Archive location is ` %ProgramData%\Netwrix Auditor\Data`. For more information on setting Long-Term Archive up, refer to the following article: Netwrix Auditor Settings – Long-Term Archive · v10.6.
+> - Long-Term Archive, a repository of collected audit data stored in proprietary Netwrix format (activity records). Audit data is kept in the Long-Term Archive for 10 years as per default settings. The default Long-Term Archive location is ` %ProgramData%\Netwrix Auditor\Data`. For more information on setting Long-Term Archive up, refer to the following article: [Long-Term Archive](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/longtermarchive)
>
-> If you would like to move Long-Term Archive to another location, refer to the following article: [How to Move Long-Term Archive to a New location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md).
+> If you would like to move Long-Term Archive to another location, refer to the following article: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md).
>
> - Working Folder, a repository for Netwrix Auditor to store operational information (configuration files for product components, log files, and other data). To ensure the audit trail continuity, Netwrix Auditor also caches some audit data locally in the Working Folder prior to placing it to the Long-Term Archive or any audit database. Audit data is kept in the Working Folder for a shorter period of up to several weeks. The default Working Folder location is ` %ProgramData%\Netwrix Auditor\`.
### Planning and preparation
-1. To track your current Working Folder capacity and estimate the disk space you will need on the new target drive, use the **Working Folder** widget of the Health Status dashboard. Refer to the following articles for additional information: Netwrix Auditor Operations and Health − Health Status Dashboard · v10.6 and [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md).
+1. To track your current Working Folder capacity and estimate the disk space you will need on the new target drive, use the **Working Folder** widget of the Health Status dashboard. Refer to the following articles for additional information: [Netwrix Auditor Operations and Health − Health Status Dashboard](https://docs.netwrix.com/docs/auditor/10_8/admin/healthstatus/dashboard/overview) and [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md).
2. The Working Folder can be stored only locally on the Netwrix server — prepare a local folder for the migration process. Make sure the target folder location differs from the Long-Term Archive location.
> **NOTE:** Network shares are not supported.
@@ -93,8 +93,8 @@ If migration was completed with any errors, refer to the following steps:
## Related articles and links
-- Netwrix Auditor Settings – Long-Term Archive · v10.6
-- [How to Move Long-Term Archive to a New location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
-- Netwrix Auditor Operations and Health − Health Status Dashboard · v10.6
+- [Long-Term Archive](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/longtermarchive)
+- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
+- [Netwrix Auditor Operations and Health − Health Status Dashboard](https://docs.netwrix.com/docs/auditor/10_8/admin/healthstatus/dashboard/overview)
- [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md)
- [Open a Ticket · Netwrix 🧭](https://www.netwrix.com/tickets.html#/open-a-ticket)
diff --git a/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md b/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md
index 5aeb458665..09bb1559d1 100644
--- a/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md
+++ b/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md
@@ -30,12 +30,12 @@ How to move an on-premises Netwrix Auditor installation to a VM running on a clo
Consider it to simply be an installation on another network. Netwrix recommends the following scenario:
-1. Spin up a new Windows Server VM in your cloud environment, provision it based on the Auditor Requirements: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+1. Spin up a new Windows Server VM in your cloud environment, provision it based on the Auditor Requirements: [Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/overview)
-2. After that, migrate your old instance according to the following article: Migrating Netwrix Auditor to New Server: /docs/kb/auditor/migrating-auditor-to-new-server.
+2. After that, migrate your old instance according to the following article: Migrating Netwrix Auditor to New Server: [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md).
> **NOTE:** When you go to migrate, both the old and new instances of Netwrix Auditor must be exactly the same version and build. In Netwrix Auditor, navigate to **Settings** -> **About Netwrix Auditor** and check the build number.
3. Make sure you applied the license. You will need a license for Netwrix Auditor no matter where it is used.
-If you are using an internal file server, make sure Netwrix Auditor is able to access it across the internet or a VPN if you have a tunnel set up. For additional information on required protocols and ports that must be opened, refer to the following article: Requirements – Protocols and Ports Required: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+If you are using an internal file server, make sure Netwrix Auditor is able to access it across the internet or a VPN if you have a tunnel set up. For additional information on required protocols and ports that must be opened, refer to the following article: [Protocols and Ports](https://docs.netwrix.com/docs/auditor/10_8/requirements/ports)
diff --git a/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md b/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md
index e34a5da8a2..ae27fdcde8 100644
--- a/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md
+++ b/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md
@@ -33,7 +33,7 @@ This article provides preparation steps for upgrading an operating system (Windo
Taking a snapshot or creating a backup of the Netwrix Auditor Server is recommended for data protection and recovery. The method to be used depends on the approach used for Auditor installation, whether it's on a virtual or physical machine.
-> **TIP:** You can configure Netwrix Auditor in the failover mode. To learn about failover and backup scenarios, read [How to configure Netwrix Auditor in the Failover Mode?](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md)
+> **TIP:** You can configure Netwrix Auditor in the failover mode. To learn about failover and backup scenarios, read [How to Configure Netwrix Auditor in Failover Mode](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md)
Stop all Netwrix services running in your server − run the following line in elevated PowerShell:
@@ -55,4 +55,4 @@ After the upgrade, you might notice warnings in the Health log. These warnings o
## Related articles
-- [How to configure Netwrix Auditor in the Failover Mode?](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md)
+- [How to Configure Netwrix Auditor in Failover Mode](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md)
diff --git a/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md b/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md
index 09fe488f10..8cceebc283 100644
--- a/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md
+++ b/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md
@@ -34,9 +34,9 @@ You can deal with this issue in one of the following ways:
1. Modify Long-Term Archive retention period. For that:
- In Netwrix Auditor, navigate to **Settings**.
- Select the **Long-Term Archive** page and modify the archive retention settings – provide the value in months.
-2. Move the archive to another drive. Learn more in the following article: /docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location (How to Move Long-Term Archive to a New Location).
-3. Exclude Data from the Auditing Scope. For additional information, refer to the following article: /docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui (How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI).
+2. Move the archive to another drive. Learn more in the following article: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
+3. Exclude Data from the Auditing Scope. For additional information, refer to the following article: [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md)
-You can also fine tune your monitoring scope via omit lists — this allows you to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on available omit lists, review the corresponding article applicable to your target system. For example, for Active Directory omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 Plans — Active Directory Plans — Active Directory Monitoring Scope).
+You can also fine tune your monitoring scope via omit lists — this allows you to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on available omit lists, review the corresponding article applicable to your target system. For example, for Active Directory omit lists, refer to the following article: [Active Directory Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/activedirectory/scope)
> **NOTE:** If you are using a virtual machine, either add another drive or expand your current drive.
diff --git a/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md b/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md
index 77dbb7abeb..c15e850d6e 100644
--- a/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md
+++ b/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md
@@ -53,4 +53,4 @@ In most cases, yes it does. However, for the proper uninstallation of all compre
### Related Article
-- [Migrating Netwrix Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md)
+- [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md)
diff --git a/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md b/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md
index a58670cd0e..2efb2e89c4 100644
--- a/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md
+++ b/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md
@@ -34,7 +34,7 @@ knowledge_article_id: kA00g000000H9efCAC
Netwrix Technical Support might request a collection of your Netwrix Auditor logs for troubleshooting purposes. Make sure you gather the following items to help your Technical Support Engineer resolve your issue.
-- **Netwrix Auditor System Health event log**. Refer to the following article for additional information on exporting the System Health event log: /docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log (How to Save and Zip Netwrix Auditor System Health Event Log).
+- **Netwrix Auditor System Health event log**. Refer to the following article for additional information on exporting the System Health event log: [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md)
- **Netwrix Auditor configuration files**. Navigate to ` %Working Folder%\AuditCore\ConfigServer ` and copy the **ConfigServer** folder. The default location of the **ConfigServer** folder is `C:\ProgramData\Netwrix Auditor\AuditCore\ConfigServer`.
@@ -66,17 +66,17 @@ Netwrix Technical Support might request a collection of your Netwrix Auditor log
1. Once you have located all the required logs, copy them to a single folder and compress it by right-clicking the folder and selecting **Send to** > **Compressed (zipped) folder**.
-2. Log in to the Customer Portal and attach the archived logs to the opened ticket. Use the following link to open the **Open tickets** page: https://www.netwrix.com/tickets.html#/tickets/open (My Tickets — Open Tickets).
+2. Log in to the Customer Portal and attach the archived logs to the opened ticket. Use the following link to open the **Open tickets** page: [Netwrix Customer Portal](https://www.netwrix.com/tickets.html#/tickets/open)
> **NOTE:** Once you have opened the **Open Tickets** page and identified the corresponding ticket (with a matching ticket #), you can attach the logs via one of the following ways:
>
-> - Click the **Add attachments** button located under the **Actions** column of the ticket.
+> - Click the **Add attachments** button located under the **Actions** column of the ticket.
> 
>
-> - Expand the ticket details by clicking the **down carat (▼)** button and click the **plus (+)** button next to **Attachments**.
+> - Expand the ticket details by clicking the **down carat (▼)** button and click the **plus (+)** button next to **Attachments**.
> 
## Related links
-- How to Save and Zip Netwrix Auditor System Health Event Log: /docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log
-- My Tickets — Open Tickets: https://www.netwrix.com/tickets.html#/tickets/open
+- [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md)
+- [Netwrix Customer Portal](https://www.netwrix.com/tickets.html#/tickets/open)
diff --git a/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md b/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md
index 9549f0dd2e..9ebc87e02f 100644
--- a/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md
+++ b/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md
@@ -37,27 +37,22 @@ How to update Netwrix Auditor?
> ```
>
> This will stop all Netwrix services and prevent complications during the upgrade.
-
-### Netwrix Auditor v.9.96 and later
-
-Refer to the following video for step-by-step instructions on upgrading to the latest Netwrix Auditor version:
-
-- Video: https://www.youtube.com/embed/M_IfPaf_7ig
-
-For the text version of the guide, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8
-
### Netwrix Auditor v.9.95 and earlier
-> **NOTE:** For additional information on upgrade increments, refer to the following article: /docs/kb/auditor/upgrade-increments-for-netwrix-auditor
+Older versions of Netwrix Auditor must be upgraded incrementally. You must wait 24 hours in between each incremental upgrade.
+> **NOTE:** For additional information on upgrade increments, refer to the following article: [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md)
+
+If you are upgrading from a version earlier than 9.96, view the additional steps under **Post Upgrade** > **Legacy Steps** further in this article.
-The following steps represent a scenario for upgrading from v.9.95 to v.9.96. The upgrade progress for Netwrix Auditor version 8.0 up to 9.96 will be similar. If you are upgrading from an earlier version, view the additional steps under **Post Upgrade** > **Legacy Steps** further in this article.
+### Netwrix Auditor v.9.96 and later
1. When upgrading, it is recommended to log in via your data collection service account. Right-click the installer and choose **Run as administrator**. The following window will include options to view documentation for the new version.
2. Click the **Install** button to continue the upgrade. You will confirm the version you’re upgrading to in the next window.
3. Confirm the version and click **Next**.
4. Read the EULA, check the **I accept the terms of the License Agreement** checkbox and click **Next**.
5. Click **Install**. Once the installation process is complete, you should see the confirmation.
-6. Congratulations, you have successfully upgraded!
+
+For more detailed steps and information, see [Upgrading to the Latest Version](https://docs.netwrix.com/docs/auditor/10_8/install/upgrade)
## Post Upgrade
@@ -73,5 +68,5 @@ Upon completion, Netwrix Auditor will launch. To confirm integrity, run the foll
## Related articles
-- Upgrade to the Latest Version ⸱ 10.7 — https://docs.netwrix.com/docs/auditor/10_8
-- Upgrade Increments for Netwrix Auditor — /docs/kb/auditor/upgrade-increments-for-netwrix-auditor
+- [Upgrading to the Latest Version](https://docs.netwrix.com/docs/auditor/10_8/install/upgrade)
+- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md)
diff --git a/docs/kb/auditor/how-to-use-omit-lists.md b/docs/kb/auditor/how-to-use-omit-lists.md
index 788ec7b470..8b3d271a37 100644
--- a/docs/kb/auditor/how-to-use-omit-lists.md
+++ b/docs/kb/auditor/how-to-use-omit-lists.md
@@ -32,64 +32,64 @@ Omit lists serve as tools for filtering data. It is important to take careful co
### Active Directory
-Active Directory omit lists are found under `\%Netwrix Auditor installation folder%\Active Directory Auditing`. For additional information on Active Directory omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 Directory Plans – Monitoring Scope · v10.7).
+Active Directory omit lists are found under `\%Netwrix Auditor installation folder%\Active Directory Auditing`. For additional information on Active Directory omit lists, refer to the following documentation article: [Active Directory Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/activedirectory/scope)
### Microsoft Entra ID (formerly Azure AD)
-Microsoft Entra ID omit lists are found under `\%Netwrix Auditor installation folder%\Azure AD Auditing`. For additional information on Microsoft Entra ID omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 Entra ID Plans – Monitoring Scope · v10.7).
+Microsoft Entra ID omit lists are found under `\%Netwrix Auditor installation folder%\Azure AD Auditing`. For additional information on Microsoft Entra ID omit lists, refer to the following documentation article: [Entra ID Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/microsoftentraid/scope)
### Event Log Manager
-Event Log Manager omit lists are found under `\%Netwrix Auditor installation folder%\Event Log Management`. For additional information on Event Log Manager omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (Windows Server Plans – Windows Server Monitoring Scope: Event Log · v10.7).
+Event Log Manager omit lists are found under `\%Netwrix Auditor installation folder%\Event Log Management`. For additional information on Event Log Manager omit lists, refer to the following documentation article: [Event Log Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/tools/eventlogmanager/eventlog)
### Exchange
-Exchange omit lists are found under `\%Netwrix Auditor installation folder%\Active Directory Auditing`. For additional information on Exchange omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (Exchange Plans – Monitoring Scope · v10.7).
+Exchange omit lists are found under `\%Netwrix Auditor installation folder%\Active Directory Auditing`. For additional information on Exchange omit lists, refer to the following documentation article: [Exchange Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/exchange/scope)
### Exchange Online
-Exchange Online omit lists are found under `\%Netwrix Auditor installation folder%\Exchange Online Auditing`. For additional information on Exchange Online omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (Exchange Online Plans – Monitoring Scope · v10.7).
+Exchange Online omit lists are found under `\%Netwrix Auditor installation folder%\Exchange Online Auditing`. For additional information on Exchange Online omit lists, refer to the following documentation article: [Exchange Online Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/exchangeonline/scope)
### File Servers
-File Servers omit lists are found under `\%Netwrix Auditor installation folder%\File Server Auditing`. For additional information on File Servers omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (File Servers Plans – Monitoring Scope · v10.7).
+File Servers omit lists are found under `\%Netwrix Auditor installation folder%\File Server Auditing`. For additional information on File Servers omit lists, refer to the following documentation article: [File Server Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/fileservers/scope)
### Group Policy
-Group Policy omit lists are found under `\%Netwrix Auditor installation folder%\Active Directory Auditing`. For additional information on Group Policy omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (Group Policy Plans – Monitoring Scope · v10.7).
+Group Policy omit lists are found under `\%Netwrix Auditor installation folder%\Active Directory Auditing`. For additional information on Group Policy omit lists, refer to the following documentation article: [Group Policy Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/grouppolicy/scope)
### Inactive User Tracker
-Inactive User Tracker omit lists are found under `\%Working Folder%\Inactive Users Tracker`. For additional information on Inactive User Tracker omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 Objects from Monitoring Scope – Inactive Users · v10.7).
+Inactive User Tracker omit lists are found under `\%Working Folder%\Inactive Users Tracker`. For additional information on Inactive User Tracker omit lists, refer to the following article: [Inactive Users Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/tools/inactiveusertracker#monitoring-scope)
### Logon Activity
-Logon Activity omit lists are found under `\%Working Folder%\NLA\Settings`. For additional information on Group Policy omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (Logon Activity Plans – Monitoring Scope · v10.7).
+Logon Activity omit lists are found under `\%Working Folder%\NLA\Settings`. For additional information on Group Policy omit lists, refer to the following documentation article: [Logon Activity Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/logonactivity/scope)
### Oracle Database
-For additional information on Oracle Database omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 (Oracle Database Plans – Monitoring Scope · v10.7).
+For additional information on Oracle Database omit lists, refer to the following article: [Oracle Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/oracle/scope)
-### Netwrix Password Reset
+### Netwrix Password Expiration
-Netwrix Password Reset omit lists are found under `\%Netwrix Auditor installation folder%\Password Expiration Alerting`. For additional information on Netwrix Password Reset omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 Directory Plans – AD Monitoring Scope: Password Expiration · v10.7).
+Netwrix Password Expiration Notifier omit lists are found under `\%Netwrix Auditor installation folder%\Password Expiration Alerting`. For additional information on Netwrix Password Expiration Notifier omit lists, refer to the following documentation article: [Password Expiration Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_7/tools/passwordexpirationnotifier/monitoringscope)
### SharePoint
-SharePoint omit lists are found under `\%Working Folder%\Netwrix Auditor for SharePoint\Configuration\GUID\`. For additional information on SharePoint omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 (SharePoint Plans – Monitoring Scope · v10.7).
+SharePoint omit lists are found under `\%Working Folder%\Netwrix Auditor for SharePoint\Configuration\GUID\`. For additional information on SharePoint omit lists, refer to the following article: [SharePoint Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/sharepoint/scope)
### SharePoint Online
-SharePoint Online omit lists are found under `\%Working Folder%\Netwrix Auditor for SharePoint Online\Configuration\GUID`. For additional information on SharePoint Online omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 (SharePoint Online Plans – Monitoring Scope · v10.7).
+SharePoint Online omit lists are found under `\%Working Folder%\Netwrix Auditor for SharePoint Online\Configuration\GUID`. For additional information on SharePoint Online omit lists, refer to the following article: [SharePoint Online Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/sharepointonline/scope)
### SQL Server Auditing
-SQL Server omit lists are found under `\%Netwrix Auditor installation folder%\SQL Server Auditing`. For additional information on SQL Server omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (SQL Server Plans – Monitoring Scope · v10.7).
+SQL Server omit lists are found under `\%Netwrix Auditor installation folder%\SQL Server Auditing`. For additional information on SQL Server omit lists, refer to the following documentation article: [SQL Server Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/sqlserver/scope)
### VMWare
-VMWare omit lists are found under `\%Netwrix Auditor installation folder%\VMware Auditing`. For additional information on VMWare omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 (VMware Plans – Monitoring Scope · v10.7).
+VMWare omit lists are found under `\%Netwrix Auditor installation folder%\VMware Auditing`. For additional information on VMWare omit lists, refer to the following article: [VMWare Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/vmware/scope)
### Windows Server
-Windows Server omit lists are found under `\%Netwrix Auditor installation folder%\Windows Server Auditing`. For additional information on Windows Server omit lists, refer to the following documentation article: https://docs.netwrix.com/docs/auditor/10_8 (Windows Server Plans – Monitoring Scope · v10.7).
+Windows Server omit lists are found under `\%Netwrix Auditor installation folder%\Windows Server Auditing`. For additional information on Windows Server omit lists, refer to the following documentation article: [Windows Server Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/windows/scope)
diff --git a/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md b/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md
index 1cd55a2429..3c6594c66e 100644
--- a/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md
+++ b/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md
@@ -57,7 +57,7 @@ The source of the issue was resolved in newer versions, and since you are on 9.9
2. Select a data source, check the desired monitoring plan, and set the dates.
3. Click **Run**.
- For additional information on how to import previously collected data, refer to the following article: Investigations https://docs.netwrix.com/docs/auditor/10_8.
+ For additional information on how to import previously collected data, refer to the following article: [Investigations](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations)
2. Resolution 2
@@ -67,4 +67,4 @@ The source of the issue was resolved in newer versions, and since you are on 9.9
After the database retention period passes, you will be able to remove the old database from the SQL Server completely and will not need this empty plan anymore (stale data would be cleared according to database retention settings, and all the current data will be in the new database).
-**IMPORTANT:** If, after these workarounds, you will have the *Archive Service is busy processing activity records* error, refer to the following article: Archive Service is busy processing activity records /docs/kb/auditor/archive-service-is-busy-processing-activity-records).
+**IMPORTANT:** If, after these workarounds, you will have the *Archive Service is busy processing activity records* error, refer to the following article: [Archive Service is Busy Processing Activity Records](/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md).
diff --git a/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md b/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md
index 380a69d173..0837b5736a 100644
--- a/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md
+++ b/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md
@@ -32,4 +32,4 @@ Is it possible to have both: Netwrix Data Classification (NDC) SQL database and
Netwrix strongly recommends **do not keep** these databases on the same SQL Server. This may lead to significant performance loss.
-If, for some reasons, you need to migrate your Netwrix Data Classification (NDC) SQL database to another server, refer to the following article for additional information: [How to Migrate Netwrix Data Classification Database](/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md).
+If, for some reasons, you need to migrate your Netwrix Data Classification (NDC) SQL database to another server, refer to the following article for additional information: [How to Migrate the Netwrix Data Classification Database](/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md).
diff --git a/docs/kb/auditor/long-data-collection-improving-the-performance.md b/docs/kb/auditor/long-data-collection-improving-the-performance.md
index 8d0bc591b3..68ea7bc5bc 100644
--- a/docs/kb/auditor/long-data-collection-improving-the-performance.md
+++ b/docs/kb/auditor/long-data-collection-improving-the-performance.md
@@ -44,27 +44,27 @@ For the initial setup and post-setup stages, it is highly recommended to stick t
> - Average number of activity records of your single data source.
> - Hardware limitations.
-In general, it is recommended to use different databases for different data sources to avoid rapid database size growth and ease the troubleshooting process. For additional information on creation of monitoring plans, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8
+In general, it is recommended to use different databases for different data sources to avoid rapid database size growth and ease the troubleshooting process. For additional information on creation of monitoring plans, refer to the following article: [Monitoring Plans](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/overview)
### Hardware limitations
-In case of recent changes to your environment that led to hindered performance, refer to the following article for reference on hardware requirements for your infrastructure: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+In case of recent changes to your environment that led to hindered performance, refer to the following article for reference on hardware requirements for your infrastructure: [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
### Network traffic compression
-To reduce network traffic in distributed deployments, multi-site networks, and other environments with remote locations that have limited bandwidth, it is recommended to use network traffic compression. This option also helps reduce the CPU load for the Netwrix Auditor host — for additional information on setting up traffic compression, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8
+To reduce network traffic in distributed deployments, multi-site networks, and other environments with remote locations that have limited bandwidth, it is recommended to use network traffic compression. This option also helps reduce the CPU load for the Netwrix Auditor host — for additional information on setting up traffic compression, refer to the following article: [Settings for Data Collection](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/create#settings-for-data-collection)
### Decrease database retention period
-Depending on your environment and needs, the Audit Database retention period can be either increased or decreased. It should be noted, that higher retention period for any database will also lead to greater database sizes and longer times to search for stored data. For additional information on setting a database retention period, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8
+Depending on your environment and needs, the Audit Database retention period can be either increased or decreased. It should be noted, that higher retention period for any database will also lead to greater database sizes and longer times to search for stored data. For additional information on setting a database retention period, refer to the following article: [Configure Database Retention](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase#configure-database-retention)
### Exclude Netwrix-related folders from antivirus scans
-As Netwrix Auditor creates and writes audit data in smaller portions, your antivirus suite will attempt to check every new or edited file to complete the threat check. Full file reads might take extra time to complete, hindering the writing capability of Netwrix Auditor, in some cases leading to timeouts and additional RAM and CPU loads. Refer to the following article for additional information on folders to be excluded from regular antivirus checks: /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor
+As Netwrix Auditor creates and writes audit data in smaller portions, your antivirus suite will attempt to check every new or edited file to complete the threat check. Full file reads might take extra time to complete, hindering the writing capability of Netwrix Auditor, in some cases leading to timeouts and additional RAM and CPU loads. Refer to the following article for additional information on folders to be excluded from regular antivirus checks: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
### Set up data collection for State-in-Time reports
-Some collectors allow for scheduling of State-in-Time data collection — increasing the time window between these events will help to avoid resource consumption spikes. Same applies to Activity Summary reports — increasing the time window between these reports will allow you to decrease the momentary loads. Both these changes won't affect the overall resource consumption, they will distribute the consumption evenly. Refer to the following article for additional information on editing data sources: https://docs.netwrix.com/docs/auditor/10_8
+Some collectors allow for scheduling of State-in-Time data collection — increasing the time window between these events will help to avoid resource consumption spikes. Same applies to Activity Summary reports — increasing the time window between these reports will allow you to decrease the momentary loads. Both these changes won't affect the overall resource consumption, they will distribute the consumption evenly. Refer to the following article for additional information on editing data sources: [Manage Data Sources](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/datasources)
### Specify domain controllers and Exchange servers for data collection
@@ -89,15 +89,15 @@ In case you have an Event Log Manager plan set up, make sure it doesn't monitor
### Omit lists
-You can limit the monitoring scope in your environment via omit lists — this allows to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on how to exclude users and objects via Netwrix Auditor UI, refer to the following article: /docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui. For additional information on available omit lists, review the corresponding article applicable to your target system. For example, for Active Directory omit lists, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8
+You can limit the monitoring scope in your environment via omit lists — this allows to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on how to exclude users and objects via Netwrix Auditor UI, refer to the following article: [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md). For additional information on how to use omit lists, refer to the following article: [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists)
### Related articles
-- https://docs.netwrix.com/docs/auditor/10_8
-- https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- https://docs.netwrix.com/docs/auditor/10_8
-- https://docs.netwrix.com/docs/auditor/10_8
-- /docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor
-- https://docs.netwrix.com/docs/auditor/10_8
-- /docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui
-- https://docs.netwrix.com/docs/auditor/10_8
+- [Monitoring Plans](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/overview)
+- [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
+- [Settings for Data Collection](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/create#settings-for-data-collection)
+- [Configure Database Retention](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase#configure-database-retention)
+- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
+- [Manage Data Sources](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/datasources)
+- [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md)
+- [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists)
diff --git a/docs/kb/auditor/manually-update-user-activity-core-service.md b/docs/kb/auditor/manually-update-user-activity-core-service.md
index 88c884545c..8873727be3 100644
--- a/docs/kb/auditor/manually-update-user-activity-core-service.md
+++ b/docs/kb/auditor/manually-update-user-activity-core-service.md
@@ -29,7 +29,7 @@ The Netwrix Auditor User Activity Core Service version in a target server does n
## Answer
-> **NOTE:** Refer to the following article for additional information on establishing the version of your Auditor server: /docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version (How to Find Out My Netwrix Auditor Version).
+> **NOTE:** Refer to the following article for additional information on establishing the version of your Auditor server: [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md)
> **IMPORTANT:** It is recommended to stop User Activity services in the Netwrix server before making changes to installed Core Services in targets. Run the following command in elevated PowerShell to stop User Activity Core Service and Audit Service:
>
@@ -59,7 +59,7 @@ User Activity Core Service is designed to be deployed automatically when adding
### Manually update Core Service in multiple target servers − Option #1
-1. Download the following PowerShell script: https://www.netwrix.com/download/products/KnowledgeBase/Uninstall-NetwrixProduct.ps1 (Uninstall-NetwrixProduct.ps1).
+1. Download the following PowerShell script: [Uninstall Netwrix Product](https://www.netwrix.com/download/products/KnowledgeBase/Uninstall-NetwrixProduct.ps1).
2. In elevated PowerShell in your Netwrix server, run the script to uninstall Core Service from all target servers in the User Activity monitoring plan:
```powershell
@@ -117,5 +117,5 @@ User Activity Core Service is designed to be deployed automatically when adding
## Related links
-- How to Find Out My Netwrix Auditor Version: /docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version
-- Uninstall-NetwrixProduct.ps1: https://www.netwrix.com/download/products/KnowledgeBase/Uninstall-NetwrixProduct.ps1
+- [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md)
+- [Uninstall Netwrix Product](https://www.netwrix.com/download/products/KnowledgeBase/Uninstall-NetwrixProduct.ps1)
diff --git a/docs/kb/auditor/migrating-auditor-to-new-server.md b/docs/kb/auditor/migrating-auditor-to-new-server.md
index 4f70f24bab..1363013f25 100644
--- a/docs/kb/auditor/migrating-auditor-to-new-server.md
+++ b/docs/kb/auditor/migrating-auditor-to-new-server.md
@@ -43,8 +43,8 @@ This article outlines a step-by-step process for how to migrate a Netwrix Audito
When moving Netwrix Auditor to a new server, ensure the version and build of the Netwrix Auditor instance on your new server matches the old server version and build. Your new server should meet the Software Requirements and Hardware Requirements for the appropriate version:
-- Software Requirements · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- Hardware Requirements · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
+- [Software Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/software)
+- [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
### Exporting the Netwrix Auditor configuration file
@@ -73,13 +73,12 @@ By default, Long-Term Archive is located at `C:\ProgramData\Netwrix Auditor\Data
Navigate to your Long-Term Archive location and copy the entire folder. Proceed by transferring Long-Term Archive to the new Netwrix Auditor server. While you can migrate it to the default location, it is recommended to keep Long-Term Archive on a separate drive. This will prevent rapid storage consumption on the C drive. Take note of where you have placed Long-Term Archive on the new Netwrix Auditor server.
-> **NOTE:** You can split the Long-Term Archive migration into two steps if the size of your ActivityRecords folder doesn't allow for a quick migration. For additional information, refer to the following article: How to Move Long-Term Archive to a New Location: /docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location
+> **NOTE:** You can split the Long-Term Archive migration into two steps if the size of your ActivityRecords folder doesn't allow for a quick migration. For additional information, refer to the following article: How to Move Long-Term Archive to a New Location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
### SQL Databases
-It is important to decide on migration of your SQL databases or keeping them in your current SQL Server instance during the Netwrix Auditor migration. In case you'd like to migrate your SQL Server databases, refer to the following article for additional information: Migrating Netwrix Databases: /docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance
-
-Once SQL migration is complete, refer to the following article for additional information on Report Server Database deployment: Deploying the Report Server Database: /docs/kb/auditor/deploying-the-report-server-database
+It is important to decide on migration of your SQL databases or keeping them in your current SQL Server instance during the Netwrix Auditor migration. In case you'd like to migrate your SQL Server databases, refer to the following article for additional information:[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md)
+Once SQL migration is complete, refer to the following article for additional information on Report Server Database deployment:[Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
### Final Steps
@@ -110,17 +109,17 @@ Start-Service -Displayname Netwrix*
2. Click **Properties** for the instance name.
3. In Netwrix Auditor **Settings** menu, select **Audit Databse** in the left pane and click **Modify** under **Audit database settings**.
4. Specify the SQL Server instance name and credentials of the account used to write data to SQL databases. Refer to the following articles for additional information on SQL permissions and report server database deployment:
- - Requirements for SQL Server to Store Audit Data – Configure Audit Database Account · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
- - Deploying the Report Server Database: /docs/kb/auditor/deploying-the-report-server-database
+ - [Requirements for SQL Server to Store Audit Data](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver)
+ - [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
### Important Notes Post-Migration
-- If you've previously had any omit lists configured, you will have to either copy the contents of these omit lists or copy the files to the new server. For additional information on omit lists and their locations, refer to the following article: How to Use Omit Lists: /docs/kb/auditor/how-to-use-omit-lists
+- If you've previously had any omit lists configured, you will have to either copy the contents of these omit lists or copy the files to the new server. For additional information on omit lists and their locations, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md)
- You cannot migrate Event Log Manager or its configuration files. Remember to manually copy the configuration over to the new server. Event Log Manager data will be migrated in case you've migrated SQL databases.
-- Netwrix Password Reset and Netwrix Inactive Users Tracker do not store any data — their reports are sent daily via email. For more information on how to migrate these Netwrix tools, refer to the following articles:
- - Migrate Netwrix Password Reset to a Different Server: /docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server
- - How to migrate Netwrix Inactive Users Tracker to other servers: /docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers
-- User Activity data will not be collected until the Core Service is redeployed after migration. For more information on how to reset Netwrix Auditor User Activity Core Service to allow the monitoring plan to redeploy with the new configuration settings and registry keys, review the following article: Uninstalling User Activity Monitoring Agents: /docs/kb/auditor/uninstalling-user-activity-monitoring-agents
+- Netwrix Password Expiration Notifier and Netwrix Inactive Users Tracker do not store any data — their reports are sent daily via email. For more information on how to migrate these Netwrix tools, refer to the following articles:
+ - [Migrate PEN to a Different Server](/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md)
+ - How to migrate Netwrix Inactive Users Tracker to other servers: [How to Migrate Netwrix Inactive Users Tracker to Other Servers](/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md)
+- User Activity data will not be collected until the Core Service is redeployed after migration. For more information on how to reset Netwrix Auditor User Activity Core Service to allow the monitoring plan to redeploy with the new configuration settings and registry keys, review the following article: [Uninstalling User Activity Monitoring Agents](/docs/kb/auditor/uninstalling-user-activity-monitoring-agents.md)
### Validation Checklist
@@ -129,20 +128,22 @@ Run the following checks for your migrated Netwrix Auditor instance:
- Run a search with blank parameters (an open search).
- Run a report on a data source you are auditing.
- Confirm your monitoring plans have carried over.
-- Apply the Auditor license. Refer to the following article for additional information: How to Apply Netwrix Auditor License: /docs/kb/auditor/how-to-apply-netwrix-auditor-license
+- Apply the Auditor license. Refer to the following article for additional information:[How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md)
-> **IMPORTANT:** The SSL certificate previously used for Integration API will be missing from the certificate store in your new Netwrix Auditor server. Generate a new SSL certificate for Netwrix Auditor Integration API − refer to the following article for additional information: Integration API − Security ⸱ v10.7: https://docs.netwrix.com/docs/auditor/10_8
+> **IMPORTANT:** The SSL certificate previously used for Integration API will be missing from the certificate store in your new Netwrix Auditor server. Generate a new SSL certificate for Netwrix Auditor Integration API − refer to the following article for additional information: [Integration API](https://docs.netwrix.com/docs/auditor/10_8/api/overview)
Monitor the system over the next few days to confirm the migration has been completed successfully. As long as the system is operable and you can view migrated data, you can delete all traces of Netwrix Auditor from your former server, including the software uninstallation.
## Related Articles
-- Software Requirements · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- Hardware Requirements · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- How to Move Long-Term Archive to a New Location: /docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location
-- Migrating Netwrix Databases: /docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance
-- Deploying the Report Server Database: /docs/kb/auditor/deploying-the-report-server-database
-- Requirements for SQL Server to Store Audit Data – Configure Audit Database Account · v10.7: https://docs.netwrix.com/docs/auditor/10_8/requirements/overview
-- Integration API − Security ⸱ v10.7: https://docs.netwrix.com/docs/auditor/10_8
-- Specified Logon Session Does Not Exist Error in Netwrix Auditor: /docs/kb/auditor/specified-logon-session-does-not-exist-error-in-netwrix-auditor
-- How to Apply Netwrix Auditor License: /docs/kb/auditor/how-to-apply-netwrix-auditor-license
+- [Software Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/software)
+- [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console)
+- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
+- [How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md)
+- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
+- [Requirements for SQL Server to Store Audit Data](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver)
+[Integration API](https://docs.netwrix.com/docs/auditor/10_8/api/overview)
+- [Specified Logon Session Does Not Exist Error in Netwrix Auditor](/docs/kb/auditor/specified-logon-session-does-not-exist-error-in-netwrix-auditor.md)
+- [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md)
+- [Migrate PEN to a Different Server](/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md)
+- [How to Migrate Netwrix Inactive Users Tracker to Other Servers](/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md)
diff --git a/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md b/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md
index 3b0e87390c..cc94f8e9c7 100644
--- a/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md
+++ b/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md
@@ -43,19 +43,19 @@ The following recommendations will allow you to reduce disk space consumption:
Follow these Knowledge Base articles for additional information:
- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md)
- - [How to Prevent Overflow on the Drive Where the Long-Term Archive is Located?](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md)
+ - [How to Prevent Long-Term Archive Overflow](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md)
3. Migrate Working Folder to a new location.
The size of your Working Folder may grow significantly (normally, up to `10 – 20GB`) depending on the workload, especially during activity peaks. If your system drive capacity is limited, you might want to keep the temporary files and trace logs on another drive, i.e. change the Working Folder default location.
- For additional information on how to move the Working Folder, refer to the following article: [How to Migrate Netwrix Auditor Working Folder to a New Location?](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md).
+ For additional information on how to move the Working Folder, refer to the following article: [How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md).
4. Remove the **Netwrix Backup** folder. Netwrix strongly recommends keeping the backups for supported product versions.
For additional information about the Backup folder, refer to the following article: [Backups Folder in Netwrix Auditor](/docs/kb/auditor/backups-folder-in-netwrix-auditor.md).
-5. Additional space might be consumed by the **Local DB** in the **ShortTerm** folder; this can occur when the SQL communication is not working properly or the DB files getting corrupted. Follow the resolution steps in the article: [Netwrix Auditor System Health Log Contains EventID 2002](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000wnpOCAQ.html).
+5. Additional space might be consumed by the **Local DB** in the **ShortTerm** folder; this can occur when the SQL communication is not working properly or the DB files getting corrupted. Follow the resolution steps in the article: [Netwrix Auditor System Health Log Contains EventID 2002](https://docs.netwrix.com/docs/kb/auditor/netwrix-auditor-health-log-contains-eventid-2002).
6. Check the size of the Windows page file. If it grows big, this indicates lack of RAM and Windows tries to compensate it with disk space. Adding more RAM helps fixing disk space consumption by page files.
@@ -75,5 +75,5 @@ The following recommendations will allow you to reduce disk space consumption:
- [Error: Netwrix Auditor for File Servers Audit Service Terminated Unexpectedly](/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly.md)
- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md)
-- [How to Add Additional Space to Long-Term Archive?](/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md)
-- [Netwrix Auditor System Health Log Contains EventID 2002](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000wnpOCAQ.html)
+- [How to Add Additional Space to Long-Term Archive](/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md)
+- [Netwrix Auditor System Health Log Contains EventID 2002](https://docs.netwrix.com/docs/kb/auditor/netwrix-auditor-health-log-contains-eventid-2002)
diff --git a/docs/kb/auditor/netwrix-auditor-licensing-faqs.md b/docs/kb/auditor/netwrix-auditor-licensing-faqs.md
index a84c086b5c..536af1ffee 100644
--- a/docs/kb/auditor/netwrix-auditor-licensing-faqs.md
+++ b/docs/kb/auditor/netwrix-auditor-licensing-faqs.md
@@ -41,8 +41,8 @@ Most Netwrix Auditor applications are licensed per enabled AD user. Review the t
| Netwrix Auditor for Windows File Servers | Per enabled AD user |
| Netwrix Auditor for Qumulo File Servers | Per enabled AD user |
| Netwrix Auditor for Synology File Servers | Per enabled AD user |
-| Netwrix Auditor for Windows Server | Per enabled AD user
-or
+| Netwrix Auditor for Windows Server | Per enabled AD user
+or
Per server |
| Netwrix Auditor for Access Reviews | Per enabled AD user |
@@ -59,51 +59,50 @@ Per server |
| Netwrix Auditor for MS Teams | Per enabled Microsoft Entra ID user |
## How Can I Count Enabled AD Users?
-To count the number of licenses, you should provide the number of `enabled AD user accounts`, that is, calculate the number of your Active Directory user accounts in the Enabled state. Follow the instructions provided in this Netwrix Auditor Knowledge Base article: /docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts. Then round up the calculation result to reserve some space for growth and to prevent scalability issues. For example:
+To count the number of licenses, you should provide the number of `enabled AD user accounts`, that is, calculate the number of your Active Directory user accounts in the Enabled state. Follow the instructions provided in this Netwrix Auditor Knowledge Base article: [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts.md). Then round up the calculation result to reserve some space for growth and to prevent scalability issues. For example:
- If the calculation script returns 214, round up this value to 220 when applying for the license.
- If the calculation script returns 1841, round up this value to 2000 when applying for the license.
-> **IMPORTANT:**
-> - Service accounts are also counted. The accounts under which the services run in your infrastructure are included in the license count and, eventually, in the cost of a license.
-> - Deleted, disabled, group, or computer accounts are not included in the license count.
-> - You can use either `Omitallowedpathlist` omit list to reduce user count by omitting certain OUs from being audited or specify omitted OUs in the Netwrix Auditor UI. You will not gain any information from these OUs; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: /docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts. For additional information on omit lists, refer to the following article: /docs/kb/auditor/how-to-use-omit-lists.
+> **IMPORTANT:**
+> - Service accounts are also counted. The accounts under which the services run in your infrastructure are included in the license count and, eventually, in the cost of a license.
+> - Deleted, disabled, group, or computer accounts are not included in the license count.
+> - You can use either `Omitallowedpathlist` omit list to reduce user count by omitting certain OUs from being audited or specify omitted OUs in the Netwrix Auditor UI. You will not gain any information from these OUs; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md). For additional information on omit lists, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md).
## What Should I Provide for Netwrix Auditor for Network Devices Licensing?
-You should provide the number of `source IP addresses` of your network devices. This count is used to estimate the number of licenses required to audit the Network Devices data source. To learn more, read the How to Count the Number of Your Network Devices in Your Configuration article: /docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.
-
+You should provide the number of `source IP addresses` of your network devices. This count is used to estimate the number of licenses required to audit the Network Devices data source. To learn more, read the How to Count the Number of Your Network Devices in Your Configuration article: [How to count the number of your network devices in your configuration?](/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md).
> **IMPORTANT:** You should count all physical devices regardless of your forwarding configuration.
## What Should I Provide for Netwrix Auditor for Oracle Database Licensing?
-The licensing for Netwrix Auditor for Oracle Database is based on the number of processor licenses utilized by the entire Oracle Database deployment, that is, the number of processor licenses you purchased from Oracle.
-Oracle defines the number of processor licenses as follows:
+The licensing for Netwrix Auditor for Oracle Database is based on the number of processor licenses utilized by the entire Oracle Database deployment, that is, the number of processor licenses you purchased from Oracle.
+Oracle defines the number of processor licenses as follows:
“The number of required licenses shall be determined by multiplying the total number of cores of the processor by a core processor licensing factor specified on the Oracle Processor Core Factor Table.”
-If you are unsure how many Oracle processor licenses you have, check your processor type, find the corresponding factor in the Oracle Processor Core Factor Table: http://www.oracle.com/us/corporate/contracts/processor-core-factor-table-070634.pdf, and multiply it by the number of CPU cores on your Oracle Database deployment.
+If you are unsure how many Oracle processor licenses you have, check your processor type, find the corresponding factor in the [Oracle Processor Core Factor Table](http://www.oracle.com/us/corporate/contracts/processor-core-factor-table-070634.pdf), and multiply it by the number of CPU cores on your Oracle Database deployment.
To obtain the `number of CPU cores`, go to the How to Count Number of CPU Cores on Your Oracle Database Deployment article: /docs/kb/auditor/how-to-count-number-of-cpu-cores-on-your-oracle-database-deployment.
## What Should I Provide for Netwrix Auditor for Windows Server Licensing?
-Netwrix Auditor for Windows Server is licensed either by the number of enabled AD users or the total number of virtual and physical servers.
-Refer to the questions above for more information on how to count the number of AD accounts in the Enabled state.
+Netwrix Auditor for Windows Server is licensed either by the number of enabled AD users or the total number of virtual and physical servers.
+Refer to the questions above for more information on how to count the number of AD accounts in the Enabled state.
For per-server licensing, count and provide the total number of the servers (physical or virtual) you are going to monitor with Netwrix Auditor.
## What Should I Provide for Netwrix Auditor for Microsoft Entra ID Licensing?
You should provide the number of `enabled Microsoft Entra ID user accounts`. Starting from version 9.96, guest/external users are not included in the license count. Follow the instructions outlined in the How to Determine the Count of Enabled Microsoft Entra ID Accounts article: /docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts.
-You can use `omitUPNlist.txt` omit list to reduce user count by omitting certain user UPNs from being audited. You will not gain any information on these users; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: /docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts. For additional information on omit lists, refer to the following article: /docs/kb/auditor/how-to-use-omit-lists.
+You can use `omitUPNlist.txt` omit list to reduce user count by omitting certain user UPNs from being audited. You will not gain any information on these users; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md). For additional information on omit lists, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md).
## What Should I Provide for Netwrix Auditor for Exchange Licensing?
-For the Exchange data source, Netwrix Auditor offers a convenient hybrid pricing model specifically designed for prospects with a hybrid Exchange (on-premises Exchange Server and Exchange Online) deployment. You can also have an on-premises-only or a cloud-only Exchange environment.
+For the Exchange data source, Netwrix Auditor offers a convenient hybrid pricing model specifically designed for prospects with a hybrid Exchange (on-premises Exchange Server and Exchange Online) deployment. You can also have an on-premises-only or a cloud-only Exchange environment.
To get a hybrid Exchange license, you need to provide the `total number of user mailboxes, both on-premises and online`.
For example, if you have 200 online mailboxes and 300 on-premises Exchange mailboxes, you need to purchase a license for 500 mailboxes.
-To calculate the number of user mailboxes used in your Microsoft Office 365 tenants, refer to the guidelines presented in the article titled How to Count Number of Licenses Required for Auditing a Microsoft Office 365 Tenant: /docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.
+To calculate the number of user mailboxes used in your Microsoft Office 365 tenants, refer to the guidelines presented in the article titled How to Count Number of Licenses Required for Auditing a Microsoft Office 365 Tenant: [How to count number of licenses required for auditing a Microsoft Office 365 tenant?](/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md).
> **IMPORTANT:** A **user mailbox** can be a personal mailbox, an Online Archive mailbox, or both. Shared and resource mailboxes do not count. For example, if an Exchange Online user has one personal mailbox and one Online Archive mailbox, this user will be counted as a single licensed object. If a user has no Online Archive mailbox but three personal mailboxes, this will be counted as three licensed objects.
## What Should I Provide for Netwrix Auditor for SharePoint Licensing?
-For the SharePoint data source, Netwrix Auditor offers a convenient hybrid pricing model specifically designed for prospects with a hybrid SharePoint (on-premises SharePoint and SharePoint Online) deployment. You can also have an on-premises-only or a cloud-only SharePoint environment.
+For the SharePoint data source, Netwrix Auditor offers a convenient hybrid pricing model specifically designed for prospects with a hybrid SharePoint (on-premises SharePoint and SharePoint Online) deployment. You can also have an on-premises-only or a cloud-only SharePoint environment.
To get a hybrid SharePoint license, you need to provide the `total number of AD users` (both enabled AD users on-premises and cloud-only Microsoft Entra ID users).
For example, if you have 450 enabled on-premises AD users and 50 active Microsoft Entra ID users, you need to purchase a license for 500 users.
@@ -112,11 +111,11 @@ For example, if you have 450 enabled on-premises AD users and 50 active Microsof
When Netwrix Auditor is running, the number of `enabled AD user accounts` (license count that applies to the corresponding monitoring areas) is refreshed by the Netwrix Auditor component responsible for AD data collection. If this count is exceeded, your SQL Server audit gets out of compliance with the existing license. Moreover, you have no opportunity to start auditing any other data source that depends on this count (for example, VMware or Windows Server).
## How Can I Obtain a License?
-To obtain a proper license for your infrastructure, you should provide the corresponding counts to Netwrix. Then you will receive the license key to address your auditing needs, based on the numbers you provided.
+To obtain a proper license for your infrastructure, you should provide the corresponding counts to Netwrix. Then you will receive the license key to address your auditing needs, based on the numbers you provided.
For evaluation purposes, you can use a free trial version of Netwrix Auditor that has a bundled trial license.
### To update or add a license in Netwrix Auditor Console:
-1. Go to **Settings** > **Licenses** and click **Update**.
+1. Go to **Settings** > **Licenses** and click **Update**.
2. In the dialog that opens, do one of the following:
- Select **Load from file**, click **Browse**, and point to a license file received from your sales representative.
- Select **Enter manually** and type in your company name, license count, and license codes.
@@ -124,7 +123,7 @@ For evaluation purposes, you can use a free trial version of Netwrix Auditor tha
To request more licensing information, please contact licensing@netwrix.com.
## What Is Displayed in the License Window of the Product UI?
-You can use the **Licenses** window to review the status of your current licenses, update them, and add new licenses.
+You can use the **Licenses** window to review the status of your current licenses, update them, and add new licenses.
On the Netwrix Auditor main screen, click the **Settings** tile and then select **Licenses**. The window will look as shown below.
@@ -140,11 +139,11 @@ Here:
You may choose to no longer audit a data source, and thus not renew the license for the corresponding application. Unused licenses do not need to be removed from Netwrix Auditor, with the exception of one special case. This case is upgrading a Netwrix Auditor installation that has some expired licenses. Most recent (9.95 and up) versions of Netwrix Auditor allow you to remove a license directly from the user interface. If you have an older version of Netwrix Auditor and need to remove an expired license as it blocks your upgrade, contact Netwrix Technical Support.
## Related Articles
-- How to Determine the Number of Enabled User Accounts for Auditor: /docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts
-- Reducing the Used License Count: /docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts
-- How to Use Omit Lists: /docs/kb/auditor/how-to-use-omit-lists
-- How to Count the Number of Your Network Devices in Your Configuration: /docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration
-- Oracle Processor Core Factor Table ⸱ Oracle: http://www.oracle.com/us/corporate/contracts/processor-core-factor-table-070634.pdf
-- How to Count Number of CPU Cores on Your Oracle Database Deployment: /docs/kb/auditor/how-to-count-number-of-cpu-cores-on-your-oracle-database-deployment
-- How to Determine the Count of Enabled Microsoft Entra ID Accounts: /docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts
-- How to Count Number of Licenses Required for Auditing a Microsoft Office 365 Tenant: /docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant
+- [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts.md)
+- [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md)
+- [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md)
+- [How to count the number of your network devices in your configuration?](/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md)
+- [Oracle Processor Core Factor Table](http://www.oracle.com/us/corporate/contracts/processor-core-factor-table-070634.pdf)
+- [How to Count Number of CPU Cores on Your Oracle Database Deployment](https://docs.netwrix.com/docs/kb/auditor/how-to-count-number-of-cpu-cores-on-your-oracle-database-deployment)
+- [How to Determine the Count of Enabled Microsoft Entra ID Accounts](https://docs.netwrix.com/docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts#instructions)
+- [How to count number of licenses required for auditing a Microsoft Office 365 tenant?](/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md)
diff --git a/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md b/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md
index 51462bab1f..f35dcbe2e5 100644
--- a/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md
+++ b/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md
@@ -42,7 +42,8 @@ NO MONITORING PLANS FOUND
## Resolutions
-- Create a new monitoring plan for the data source. Refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8 (Monitoring Plans – Create a New Plan).
+- Create a new monitoring plan for the data source. Refer to the following article for additional information: [Monitoring Plans](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/overview)
+
- Review the corresponding data source settings:
- Review your Health Log for errors related to the monitoring plan containing the data source.
@@ -94,8 +95,8 @@ NO MONITORING PLANS FOUND
>
> - The account specified in **Audit database settings** for Report Server should have local admin permissions, as well as permissions to create folders, and upload folders.
> - Any folder/report access permissions set up in Report Manager directly instead of monitoring plans delegation will have to be reconfigured. Alternatively, you can delete a particular affected report instead of deleting the entire **Netwrix Auditor** reports folder.
-> - In case you've previously added a custom report, you will have to manually set it up again. This could apply to the report provided in the following article: /docs/kb/auditor/how-to-monitor-print-service-activity (How to Monitor Print Service Activity).
+> - In case you've previously added a custom report, you will have to manually set it up again. This could apply to the report provided in the following article: [How to Monitor Print Service Activity](/docs/kb/auditor/how-to-monitor-print-service-activity.md).
## Related articles
-- https://docs.netwrix.com/docs/auditor/10_8 (Monitoring Plans – Create a New Plan)
+- [Monitoring Plans](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/overview)
diff --git a/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md b/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md
index 8c71a88638..8a2588edee 100644
--- a/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md
+++ b/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md
@@ -26,7 +26,7 @@ knowledge_article_id: kA04u000001116CCAQ
## Symptoms
-- The Netwrix Password Reset (PEN) email header and footer were reset after the recent upgrade. They were previously disabled as per the following article: /docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails (Hide and Disable Header and Footer in Password Expiration Notifier Emails).
+- The Netwrix Password Expiration Notifier (PEN) email header and footer were reset after the recent upgrade. [Hide and Disable Header and Footer in PEN Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md).
- The **HideEmailAdditionalInfo** key in `HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\Password Expiration Notifier` is still present.
## Resolution
@@ -42,4 +42,4 @@ knowledge_article_id: kA04u000001116CCAQ
## Related articles
-- Hide and Disable Header and Footer in Password Expiration Notifier Emails: /docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails
+- [Hide and Disable Header and Footer in PEN Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md)
diff --git "a/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md" "b/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md"
index 2ca5b991be..184bd3a0f6 100644
--- "a/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md"
+++ "b/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md"
@@ -36,7 +36,7 @@ Error: The remote certificate is invalid according to the validation procedure.
If enforced certificate validation is intended, refer to the following steps to troubleshoot the issue:
- Ensure your SSL certificate is still valid. Netwrix Auditor stops generating reports once your certificate expires. In case you’re using a self-signed certificate in your environment, you can reboot your Netwrix Auditor server to reissue the certificate.
-- If you would like to set up a secure connection between your Netwrix Auditor instance and SQL Server Reporting Services, refer to the following article for additional information: [Set Up Secure Connection Between Netwrix Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md).
+- If you would like to set up a secure connection between your Netwrix Auditor instance and SQL Server Reporting Services, refer to the following article for additional information: [Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md).
- Make sure the FQDN of your SMTP server is stated instead of the IP address in **Netwrix Auditor settings** > **Notifications**.
If certificate validation was not intended, refer to the following steps:
@@ -47,4 +47,4 @@ If certificate validation was not intended, refer to the following steps:
### Related Articles
-[Set Up Secure Connection Between Netwrix Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md)
\ No newline at end of file
+[Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md)
\ No newline at end of file
diff --git a/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md b/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md
index c4bb3b0fb7..c1e2e51260 100644
--- a/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md
+++ b/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md
@@ -28,7 +28,7 @@ Your report states some accounts were not moved or deleted. Why were they not af
## Answer
-Since Inactive User Tracker (IUT) in Netwrix Auditor has the ability to make actual changes within your Active Directory, it has requirements to meet to introduce these changes. IUT requires all DCs to be operating, otherwise it cannot verify that a user is truly inactive. In case there are non-operable or decommissioned domain controllers in your network, you can omit them — refer to the following article for additional information: [Exclude Non-operable Domain Controllers from Monitoring](/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md).
+Since Inactive User Tracker (IUT) in Netwrix Auditor has the ability to make actual changes within your Active Directory, it has requirements to meet to introduce these changes. IUT requires all DCs to be operating, otherwise it cannot verify that a user is truly inactive. In case there are non-operable or decommissioned domain controllers in your network, you can omit them — refer to the following article for additional information: [How to Exclude Non-operable Domain Controllers from Monitoring in Netwrix Auditor](/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md).
If you still encounter reports showing the `Cannot delete the account` status for accounts after omitting the inoperable DCs, refer to the following steps:
diff --git a/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md b/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md
index c6b8560e20..0a95b11eb2 100644
--- a/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md
+++ b/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md
@@ -44,7 +44,7 @@ While it is highly recommended to implement either a SQL Server Standard or Ente
- Recreate the database for the monitoring plan:
- > **IMPORTANT:** The monitoring plan data collected previously will be available in the Long-Term Archive. Refer to the following article for additional information on investigations: https://docs.netwrix.com/docs/auditor/10_8 Auditor Settings − Investigations · v10.6).
+ > **IMPORTANT:** The monitoring plan data collected previously will be available in the Long-Term Archive. Refer to the following article for additional information on investigations:[Investigations](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations)
1. Confirm the name of the affected database − it should be stated both in the error message and **Database Statistics**. The **Database Statistics** data will also include the affected monitoring plan name.
2. Disable the data collection for the affected monitoring plan − in the main Netwrix Auditor screen, select **Monitoring Plans** > **%affected_monitoring_plan%** > **Edit** > **Edit data source** > switch the **Monitor this data source and collect activity data** switch off > click **Save & Close**.
@@ -68,10 +68,10 @@ While it is highly recommended to implement either a SQL Server Standard or Ente
- Split items in multiple monitoring plans to decrease the amount of data written to a single database.
-- Decrease the database retention period. Refer to the following article for additional information: /docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor (How to Reduce Audit Database Size for Netwrix Auditor).
+- Decrease the database retention period. Refer to the following article for additional information: [How to Reduce Audit Database Size for Netwrix Auditor](/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md)
## Related Articles
-- https://docs.netwrix.com/docs/auditor/10_8 Auditor Settings − Investigations · v10.6)
-- /docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor (How to Reduce Audit Database Size for Netwrix Auditor)
-- /docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename)_in_database_(databasename) (Could not allocate space for object (ObjectName) in database (DatabaseName))
+- [Investigations](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations)
+- [How to Reduce Audit Database Size for Netwrix Auditor](/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md)
+- [Could Not Allocate Space for Object (ObjectName) in Database (DatabaseName)](/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md)
diff --git a/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md b/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md
index 43f1c0bce0..e2a6c519c4 100644
--- a/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md
+++ b/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md
@@ -36,4 +36,4 @@ Your TLS\SSL certificate has expired — Netwrix Auditor stops generating report
## Resolution
-To establish whether your certificate has expired, check the Microsoft Management Console (MMC) Certificates Snap-in (your certificate store). For additional information on setting up the SSL\TLS channel communication, refer to the following article: /docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel (Set Up Secure Connection Between Netwrix Auditor and SSRS via SSL/TLS Channel).
+To establish whether your certificate has expired, check the Microsoft Management Console (MMC) Certificates Snap-in (your certificate store). For additional information on setting up the SSL\TLS channel communication, refer to the following article: [Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md)
diff --git a/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md b/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md
index 6bc4b1591a..929554cb15 100644
--- a/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md
+++ b/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md
@@ -44,8 +44,8 @@ Here are the possible causes for the issue:
Review the possible resolutions depending on you cause:
-- For cause 1. Make sure you configured Firewall rules. For additional information on the Firewall rules configuration, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 – Protocols and Ports Required — v10.6).
+- For cause 1. Make sure you configured Firewall rules. For additional information on the Firewall rules configuration, refer to the following article: [Protocols and Ports Required](https://docs.netwrix.com/docs/auditor/10_8/requirements/ports)
-- For cause 2. Make sure you assigned all required rights and permissions to the account used for data collection. For additional information on the data collecting account configuration, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 (Monitoring Plans – Data Collecting Account — v10.6).
+- For cause 2. Make sure you assigned all required rights and permissions to the account used for data collection. For additional information on the data collecting account configuration, refer to the following article: [Data Collecting Account](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts)
-- For cause 3. For additional information on the data collecting account configuration, refer to the following article: /docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable (Error: The RPC server is unavailable).
+- For cause 3. For additional information on the data collecting account configuration, refer to the following article: [Error 0x800706BA − RPC Server Is Unavailable](/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable.md)
diff --git a/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md b/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md
index e4945cf93e..caece417a3 100644
--- a/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md
+++ b/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md
@@ -22,10 +22,10 @@ This is a reference list of articles on troubleshooting errors in SharePoint Ser
### Related Articles
- [SharePoint Core Service Deployment Failed](/docs/kb/auditor/sharepoint-core-service-deployment-failed.md)
-- [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md)
+- [Timeout Expired Error on SharePoint Core Service D](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md)
- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md)
- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md)
-- [Event ID 1206 in Health Log](/docs/kb/auditor/error-event-id-1206-in-health-log.md)
+- [Error: Event ID 1206 in Health Log](/docs/kb/auditor/error-event-id-1206-in-health-log.md)
- [Event ID 1208 in Health Log](/docs/kb/auditor/event-id-1208-in-health-log.md)
- [Event ID 1209 in Health Log](/docs/kb/auditor/event-id-1209-in-health-log.md)
- [Event ID 1210 in Health Log](/docs/kb/auditor/event-id-1210-in-health-log.md)
diff --git a/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md b/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md
index 253e4df255..72dceca070 100644
--- a/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md
+++ b/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md
@@ -35,10 +35,10 @@ Unable to process item: A logon request contained an invalid logon type value.
## Causes
-On January 10th 2023 Microsoft has released a security update affecting the pre-10.5.11041 Netwrix Auditor versions ability to impersonate gMSA. Refer to the following article for additional information on the update: https://support.microsoft.com/en-us/topic/january-10-2023-kb5022291-os-build-20348-1487-38772acf-103f-463e-9d60-486174e806b2 (Update KB5022291).
+On January 10th 2023 Microsoft has released a security update affecting the pre-10.5.11041 Netwrix Auditor versions ability to impersonate gMSA. Refer to the following article for additional information on the update: [Update KB5022291](https://support.microsoft.com/en-us/topic/january-10-2023-kb5022291-os-build-20348-1487-38772acf-103f-463e-9d60-486174e806b2)
-In Netwrix Auditor version 9.96 group managed service accounts can be used instead of regular service accounts in a limited number of cases. Refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8 – Use Group Managed Service Account(gMSA) ⸱ v10.6). Permissions for gMSA are the same as for regular service accounts, refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8 (Monitoring Plans – Data Collecting Account ⸱ v10.6).
+In Netwrix Auditor version 9.96 group managed service accounts can be used instead of regular service accounts in a limited number of cases. Refer to the following article for additional information: [Use Group Managed Service Account(gMSA)](https://docs.netwrix.com/docs/auditor/10_8/requirements/gmsa). Permissions for gMSA are the same as for regular service accounts, refer to the following article for additional information: [Data Collecting Account](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts)
## Solution
-For the pre-10.5.11041 Netwrix Auditor version, make sure to update your Netwrix Auditor instance — refer to the following articles for additional information: /docs/kb/auditor/how-to-upgrade-netwrix-auditor (How to Upgrade Netwrix Auditor) and /docs/kb/auditor/upgrade-increments-for-netwrix-auditor (Upgrade Increments for Netwrix Auditor).
+For the pre-10.5.11041 Netwrix Auditor version, make sure to update your Netwrix Auditor instance — refer to the following articles for additional information: [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md) and [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md)
diff --git a/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md b/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md
index e786e6eac2..529aec7189 100644
--- a/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md
+++ b/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md
@@ -3,7 +3,7 @@ description: >-
This article explains how to resolve the "System cannot find the file
specified" (0x80070002) rsInternalError when running reports in Netwrix
Auditor, typically caused by a missing report server database. It lists
- symptoms, cause, and step-by-step resolution.
+ symptoms, cause, and step-by-step resolution.
keywords:
- report server
- rsInternalError
@@ -49,6 +49,6 @@ A report server database is missing.
Refer to the following steps to resolve the issue:
1. In your Netwrix Auditor server, disable **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service** via **Services**.
-2. Deploy the report server database — refer to the following article for in-depth instructions: /docs/kb/auditor/deploying-the-report-server-database (Deploying the Report Server Database).
-3. Once you've configured the report server database, grant the roles to the SSRS service account the roles required. Refer to the following article for additional information: https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice (Configure SSRS Account).
+2. Deploy the report server database — refer to the following article for in-depth instructions: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md)
+3. Once you've configured the report server database, grant the roles to the SSRS service account the roles required. Refer to the following article for additional information: [Configure SSRS account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice) and [How to Assign db_owner Permissions](docs\kb\auditor\how-to-assign-db-owner-permissions.md)
4. Restart **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service** on your Netwrix Auditor server via **Services**.
diff --git a/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md b/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md
index 88d4676fe8..55346a6961 100644
--- a/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md
+++ b/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md
@@ -67,7 +67,7 @@ This will stop all Netwrix Services and prevent complications during the upgrade
| 8.5 / 9.0 | 9.5 | Not recommended! |
| 9.5 | 9.7 | [Download](https://www.netwrix.com/my_products.html) |
| 9.7 / 9.8 | 9.9 | [Download](https://www.netwrix.com/my_products.html) |
-| 9.9 | 9.96 | [Download](https://www.netwrix.com/my_products.html)
Refer to the following article for additional information:
[Upgrade to from 9.9 to 9.96 if I get the error “Your Netwrix Auditor version cannot be upgraded”](https://docs.netwrix.com/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error) |
+| 9.9 | 9.96 | [Download](https://www.netwrix.com/my_products.html)
Refer to the following article for additional information:
[Upgrade from 9.9 to 9.96 with Your Netwrix Auditor Version Cannot Be Upgraded Error](/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md)|
| 9.96 / 10.0 | 10.5 | [Download](https://www.netwrix.com/my_products.html) |
| 10 / 10.5 | 10.6 | [Download](https://www.netwrix.com/my_products.html) |
| 10.5 / 10.6 | 10.7 | [Download](https://www.netwrix.com/my_products.html) |
@@ -75,4 +75,4 @@ This will stop all Netwrix Services and prevent complications during the upgrade
### Related articles
-[How To Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md)
+[How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md)
diff --git a/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md b/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md
index bcc3145c74..a3a2a45579 100644
--- a/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md
+++ b/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md
@@ -36,4 +36,4 @@ To upgrade to v9.96, contact Technical Support for download links for the latest
## Related Articles
- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md)
-- [How To Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md)
\ No newline at end of file
+- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md)
\ No newline at end of file
diff --git a/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md b/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md
index 55d2cd2498..ffb9aab01a 100644
--- a/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md
+++ b/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md
@@ -47,4 +47,4 @@ During data collection, a collector uses a specific to store copies of the files
## Related articles
-- [How to back up Netwrix Data Classification Index](/docs/kb/dataclassification/how-to-back-up-the-ndc-index.md)
+- [How to back up the Netwrix Data Classification Index](/docs/kb/dataclassification/how-to-back-up-the-ndc-index.md)
diff --git a/docs/kb/dataclassification/classification-troubleshooting.md b/docs/kb/dataclassification/classification-troubleshooting.md
index 1279a389e1..8f97fc7137 100644
--- a/docs/kb/dataclassification/classification-troubleshooting.md
+++ b/docs/kb/dataclassification/classification-troubleshooting.md
@@ -35,7 +35,7 @@ Identify a document with incorrect classifications:
Go to the workflow logs (`https://[YourNDCServerName]/NDC/Workflows/Logs`) on your Netwrix Data Classification server and check the status:
- If it's **negative**, then there was an error. Enable collector tracing and reindex the file, then view the event logs for details of the issue. You will usually see either the `PageID`, `PageURL`, or both in the logs to know which errors are related.
-- If it's less than 400, it means that it is not classified and needs to finish processing first. Check codes in the `Netwrix Data Classification Page Status Codes` article: /docs/kb/dataclassification/ndc_page_status_codes
+- If it's less than 400, it means that it is not classified and needs to finish processing first. Verify codes in the [NDC Page Status Codes](/docs/kb/auditor/ndc-page-status-codes.md) article.
- If the status is **Classified (400)** and the **ReindexStatus** is 3, then it means it hasn't been reindexed or reclassified. This means that a change was detected or the user manually requested reprocessing. Give Netwrix Data Classification time to reprocess the document.
- If the status is 400 and the reindex status is 0, check the **Text** and **Metadata** tabs. This is an easy way to confirm issues where Optical Character Recognition (OCR) has failed to extract the text you're looking for or if there was an issue processing text extraction for the document. If it doesn't match, enable collector tracing and reindex the document for details in the logs.
diff --git a/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md b/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md
index 83718d0367..cb97eaaee8 100644
--- a/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md
+++ b/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md
@@ -36,7 +36,7 @@ This article offers step-by-step guidance for resolving common workflow issues.
- **Failed to run the workflow** – A basic error message will be displayed that may assist you with troubleshooting the issue. If it doesn't give enough details, then enable workflow trace logging and reclassify the document. Check the Windows Event Logs for details of any issues.
- - **No attempts to run the workflow** – Check that the conditions are configured correctly for the workflow and workflow rule. If the workflow and workflow rules are configured correctly, then check the classifications of the document. If the classifications aren't as expected, then please reference the following documentation for the troubleshooting steps: /docs/kb/dataclassification/classification_troubleshooting (Classification Troubleshooting).
+ - **No attempts to run the workflow** – Check that the conditions are configured correctly for the workflow and workflow rule. If the workflow and workflow rules are configured correctly, then check the classifications of the document. If the classifications aren't as expected, then please reference the following documentation for the troubleshooting steps: [Classification Troubleshooting](/docs/kb/dataclassification/classification-troubleshooting.md)
3. Filter the workflow logs and check if there are other workflows being run for the document. Workflows run in a priority order. If there is more than one migration action, then the second migration will fail as the document has already been moved.
@@ -46,4 +46,4 @@ This typically means that the document has a classification that isn't expected
1. Check the workflow rule conditions. Pay attention to the parameters. Learn more about rule configuration and description of classification rules: https://docs.netwrix.com/docs/dataclassification/5_7 (Configure a Workflow using Advanced dialog ⸱ v5.7)
-2. Check the document's classifications. If there is a classification that is not intended, then reference the following documentation for troubleshooting steps: /docs/kb/dataclassification/classification_troubleshooting (Document isn't classified as expected)
+2. Check the document's classifications. If there is a classification that is not intended, then reference the following documentation for troubleshooting steps: [Classification Troubleshooting](/docs/kb/dataclassification/classification-troubleshooting.md)
diff --git a/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md b/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md
index 974adb3b0d..19504baa34 100644
--- a/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md
+++ b/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md
@@ -50,11 +50,11 @@ The following best practices act as preemptive and reactive measures to guard gr
These settings enable you to specify the maximum number of members a group can have.
- You can also set up a group membership update threshold, that compares the existing member count to the new member count in order to detect unusual and large changes to group membership. In the event of a threshold violation, Netwrix Directory Manager notifies the group owner or administrator via email, who can approve or deny the change. Click here for more: https://support.imanami.com/knowledgebase/article/KA-01200/en-us?how-to-prevent-massive-changes-to-group-membership
+ You can also set up a group membership update threshold, that compares the existing member count to the new member count in order to detect unusual and large changes to group membership. In the event of a threshold violation, Netwrix Directory Manager notifies the group owner or administrator via email, who can approve or deny the change.
- Define a workflow that is triggered when a user makes a change to the query of a Smart Group or Dynasty.
- In Netwrix Directory Manager, the Query Designer enables you to define membership update queries for Smart Groups and Dynasties. As a proactive measure, create a workflow for an identity store, that routes an approval request to an authorized approver when a user makes a change to this query in the Query Designer. The request must be approved for changes to take effect. Click here for more: https://imanami.microsoftcrmportals.com/knowledgebase/article/KA-01201/en-us
+ In Netwrix Directory Manager, the Query Designer enables you to define membership update queries for Smart Groups and Dynasties. As a proactive measure, create a workflow for an identity store, that routes an approval request to an authorized approver when a user makes a change to this query in the Query Designer. The request must be approved for changes to take effect.
- For a Netwrix Directory Manager portal, use the Visibility and Access controls to restrict user roles from viewing and updating Smart Group and Dynasty queries.
@@ -63,7 +63,7 @@ The following best practices act as preemptive and reactive measures to guard gr
- **Visibility level** determines the security roles who can view a field in the portal.
- **Access level** determines the security roles that can update the value of a field using the portal.
- You can hide the Smart Group query and Dynasty query fields or render them as read-only in the portal for all except an authoritative user role. Click here for more: https://support.imanami.com/knowledgebase/article/KA-01199/en-us?how-to-control-access-and-visibility-on-the-group-query-in-the-self-service-portal
+ You can hide the Smart Group query and Dynasty query fields or render them as read-only in the portal for all except an authoritative user role.
- Allow selective security roles to access Netwrix Directory Manager Management Shell.
@@ -75,36 +75,28 @@ The following best practices act as preemptive and reactive measures to guard gr
These practices make use of workflows, access controls, and alerts to offer foolproof security for your groups, which in turn secure your organization.
-## References:
-- Netwrix Directory Manager Online Help topic: Workflows
- https://docs.netwrix.com/docs/directorymanager/11_1
-- Netwrix Directory Manager Online Help topic: Query Designer dialog box
- https://docs.netwrix.com/docs/directorymanager/11_1
-- Netwrix Directory Manager Online Help topic: Group Membership Settings
- https://docs.netwrix.com/docs/directorymanager/11_1
-
-- Netwrix Directory Manager Online Help topic: Customize Object Properties
- https://docs.netwrix.com/docs/directorymanager/11_1
### Related Articles:
-- Walkthrough Search Policy - Define Scope and Filter Results
- /docs/kb/directorymanager/walkthrough_search_policy_-_define_scope_and_filter_results
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
+
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
+
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
+
+- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md)
+
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
-- How To Enforce Users to Create Groups in a Specific OU
- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou
+- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md)
+- [Directory Manager Workflows](https://docs.netwrix.com/docs/directorymanager/11_0/signin/workflow/overview)
-- How To Import Members to a Group Using Self-Service Import Wizard
- /docs/kb/directorymanager/how_to_import_members_to_a_group_using_self-service_import_wizard
-- How to Trigger a workflow When a User Сreates a Group
- /docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group
+- [Query Designer](https://docs.netwrix.com/docs/directorymanager/11_0/welcome/group/querydesigner/overview#)
-- How To Add Message Approvers in Group Properties in Self-Service
- /docs/kb/directorymanager/how_to_add_message_approvers_in_group_properties_in_groupid_portal
+- [Group Membership Settings](https://docs.netwrix.com/docs/directorymanager/11_1/admincenter/identitystore/configure/outofbounds)
-- Best Practices for Preventing Accidental Data Leakage
- /docs/kb/directorymanager/best_practices_for_preventing_accidental_data_leakage
+- [Customize Object Properties](https://docs.netwrix.com/docs/directorymanager/11_0/signin/service/mobileservice/design/objectproperties)
diff --git a/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md b/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md
index 29b9634f90..2ca14d6791 100644
--- a/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md
+++ b/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md
@@ -37,14 +37,14 @@ Netwrix Directory Manager uses an RBAC model through which you can define Securi
For more information on how to set up a limit on the search scope for a particular Security Role, visit the following KB article:
-- /docs/kb/directorymanager/walkthrough_search_policy_-_define_scope_and_filter_results (Walkthrough Search Policy - Define Scope and Filter Results)
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
### Using Security Roles to Specify Specific Area Where Groups Can be Created or Have a Fixed and Hidden Path.
In Netwrix Directory Manager, you can apply policies to security roles so that role members use Netwrix Directory Manager in keeping with the policy restrictions. Netwrix Directory Manager’s New Object policy enables you to restrict role members to create new groups in a specific OU only.
For more information on how to set up a New Object policy for specific security roles, visit the following KB article:
-- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou (How To Enforce Users to Create Groups in a Specific OU)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
### Importing Membership via Netwrix Directory Manager Bulk Membership Import Feature for Groups
Many times, organizations create groups (Security and Distribution) in advance, i.e., before the actual usage of groups. To avoid any critical information being leaked out, it is recommended that such groups be created without populating membership upon creation.
@@ -53,7 +53,7 @@ Instead, you can use the **Bulk Import Membership** feature of Netwrix Directory
In Netwrix Directory Manager, bulk import of memberships is possible using the Import Wizard available in the Netwrix Directory Manager Portal. The following KB article provides step-by-step instructions to bulk import members into a group:
-- /docs/kb/directorymanager/how_to_import_members_to_a_group_using_self-service_import_wizard (How To Import Members to a Group Using Self-Service Import Wizard)
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
### Creating Smart Group Without Updating Memberships
Another way to ensure that the group memberships do not update beforehand, if a group has been created in advance, is by just previewing the query results of a Smart group without updating the group memberships.
@@ -97,17 +97,17 @@ Another way to ensure that no unauthorized message is sent to critical groups is
For more information on customization to the portal, visit the following KB article:
-- /docs/kb/directorymanager/how_to_add_message_approvers_in_group_properties_in_groupid_portal (How To Add Message Approvers in Group Properties in Self-Service)
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
### Other Best Practices to Improve Compliance.
In addition to the above-mentioned best practices for making sure the production environment is secure and compliant with company policy, visit the following KB article to learn about best practices for controlling changes to group memberships after creation:
-- /docs/kb/directorymanager/best_practices_for_controlling_changes_to_group_membership (Best Practices for Controlling Changes to Group Membership)
+- [Best Practices for Controlling Changes to Group Membership](/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md)
## Related Articles:
-- /docs/kb/directorymanager/walkthrough_search_policy_-_define_scope_and_filter_results (Walkthrough Search Policy - Define Scope and Filter Results)
-- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou (How To Enforce Users to Create Groups in a Specific OU)
-- /docs/kb/directorymanager/how_to_import_members_to_a_group_using_self-service_import_wizard (How To Import Members to a Group Using Self-Service Import Wizard)
-- /docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group (How to Trigger a workflow When a User Сreates a Group)
-- /docs/kb/directorymanager/how_to_add_message_approvers_in_group_properties_in_groupid_portal (How To Add Message Approvers in Group Properties in Self-Service)
-- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou (Best Practices for Controlling Changes to Group Membership)
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
+- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md)
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
diff --git a/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md b/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md
index 0f67f70afa..0afb794c2b 100644
--- a/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md
+++ b/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md
@@ -36,13 +36,13 @@ We have set up message approvers/moderators for various distribution lists in ou
To enable Netwrix Directory Manager portal customization for displaying Message Approvers for Distribution Lists using Microsoft Exchange-based Active Directory attributes, you can utilize the following Active Directory attributes associated with Message Moderation for On-Premises MS Exchange:
-- **msExchEnableModeration**
+- **msExchEnableModeration**
This attribute is used in Microsoft Exchange to enable or disable message moderation for a specific distribution group. When this attribute is set to true, it indicates that messages sent to the distribution group will be subject to moderation, which means they will need approval from a moderator before being delivered to the group members.
-- **msExchModeratedByLink**
+- **msExchModeratedByLink**
This attribute is used to associate a distribution list or security group that contains the list of moderators for a moderated recipient. When this attribute is configured, it links the moderated recipient to the specified distribution list or security group, allowing the members of that group to act as moderators for the recipient.
-- **msExchBypassModerationLink**
+- **msExchBypassModerationLink**
This attribute is used to associate a distribution list or security group that contains the list of senders who can bypass the moderation process for a moderated recipient. When this attribute is set, it links the moderated recipient to the specified distribution list or security group, allowing the members of that group to send messages that bypass the moderation process.
By leveraging these attributes, you can create a customized view in the Netwrix Directory Manager portal that shows the appropriate Message Approvers for the Distribution Lists. This customization enables you to manage message moderation effectively and efficiently within your organization's Exchange environment.
@@ -89,27 +89,21 @@ Follow the below-provided instructions to customize the portal:
-## Reference:
-- Admin Center — Applications — Customize Properties Pages — v11.0
- https://docs.netwrix.com/docs/directorymanager/11_1
+
+
## Related Articles:
-- Walkthrough Search Policy - Define Scope and Filter Results
- /docs/kb/directorymanager/walkthrough_search_policy_-_define_scope_and_filter_results
+- [Customize Properties Pages](https://docs.netwrix.com/docs/directorymanager/11_0/signin/service/mobileservice/design/objectproperties)
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
-- How To Enforce Users to Create Groups in a Specific OU
- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
-- How To Import Members to a Group Using Self-Service Import Wizard
- /docs/kb/directorymanager/how_to_import_members_to_a_group_using_self-service_import_wizard
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
-- How to Trigger a workflow When a User Сreates a Group
- /docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group
+- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md)
-- Best Practices for Controlling Changes to Group Membership
- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou
+- [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices)
-- Best Practices for Preventing Accidental Data Leakage
- /docs/kb/directorymanager/best_practices_for_preventing_accidental_data_leakage
+- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md)
diff --git a/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md b/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md
index ff80349111..c26aa794fc 100644
--- a/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md
+++ b/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md
@@ -51,20 +51,12 @@ Netwrix Directory Manager’s **New Object** policy enables you to restrict role
Now when members of the security role try to create groups, they will be created in the default OU that you specified in the **New Object** policy.
-## Reference:
-- Admin Center — Security Roles — New Object Policy for Security Roles — v11.0
- https://docs.netwrix.com/docs/directorymanager/11_1
## Related Articles:
-- Walkthrough Search Policy - Define Scope and Filter Results
- /docs/kb/directorymanager/walkthrough_search_policy_-_define_scope_and_filter_results
-- How To Import Members to a Group Using Self-Service Import Wizard
- /docs/kb/directorymanager/how_to_import_members_to_a_group_using_self-service_import_wizard
-- How to Trigger a workflow When a User Сreates a Group
- /docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group
-- How To Add Message Approvers in Group Properties in Self-Service
- /docs/kb/directorymanager/how_to_add_message_approvers_in_group_properties_in_groupid_portal
-- Best Practices for Controlling Changes to Group Membership
- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou
-- Best Practices for Preventing Accidental Data Leakage
- /docs/kb/directorymanager/best_practices_for_preventing_accidental_data_leakage
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
+- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md)
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
+- [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
+- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md)
diff --git a/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md b/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md
index fd7d0511af..0c00bfd5b3 100644
--- a/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md
+++ b/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md
@@ -74,7 +74,7 @@ The process to import members is discussed in these steps:
-5. Click **Next**.
+5. Click **Next**.
6. On the **Import Options** step, select the search option and map the data source fields to the corresponding Active Directory fields. The wizard matches the values of the mapped fields to determine the objects to import.
@@ -92,8 +92,9 @@ The process to import members is discussed in these steps:
### Related Articles:
- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
+- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md)
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
+- [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices)
- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
-- How to Trigger a workflow When a User Сreates a Group
-- [How To Add Message Approvers in Group Properties in Self-Service](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
-- [Best Practices for Controlling Changes to Group Membership](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md)
diff --git "a/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md" "b/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md"
index abc44e9c3c..77a8880005 100644
--- "a/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md"
+++ "b/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md"
@@ -85,9 +85,9 @@ Admin Center — Workflows — Overview — v11.0
### Related Articles
-- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md).
-- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md).
-- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md).
-- [How To Add Message Approvers in Group Properties in Self-Service](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md).
-- [Best Practices for Controlling Changes to Group Membership](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md).
-- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md).
\ No newline at end of file
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
+- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md)
diff --git a/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md b/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md
index 91c3ada997..fd7df4b1de 100644
--- a/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md
+++ b/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md
@@ -96,20 +96,13 @@ A down arrow appears in the applied operator's icon. Click it to display the con
-## Reference:
-Admin Center — Security Roles — Search Policy for Security Roles — v11.0
-https://docs.netwrix.com/docs/directorymanager/11_1
+
### Related Articles:
-- How To Enforce Users to Create Groups in a Specific OU.
- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou
-- How To Import Members to a Group Using Self-Service Import Wizard.
- /docs/kb/directorymanager/how_to_import_members_to_a_group_using_self-service_import_wizard
-- How to Trigger a workflow When a User Сreates a Group.
- /docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group
-- How To Add Message Approvers in Group Properties in Self-Service.
- /docs/kb/directorymanager/how_to_add_message_approvers_in_group_properties_in_groupid_portal
-- Best Practices for Controlling Changes to Group Membership.
- /docs/kb/directorymanager/how_to_enforce_users_to_create_groups_in_a_specific_ou
-- Best Practices for Preventing Accidental Data Leakage.
- /docs/kb/directorymanager/best_practices_for_preventing_accidental_data_leakage
+- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md)
+- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md)
+- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md)
+- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md)
+- [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices)
+- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md)
+- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md)
diff --git a/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md b/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md
index 87fd872d51..74d705e23a 100644
--- a/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md
+++ b/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md
@@ -26,11 +26,11 @@ To troubleshoot issues with 2FA, try one or more of the following steps:
1. Ensure that the **Endpoint Protector** server date/time matches exactly with the date/time on the phone used to scan the QR code. This can be checked by following these steps:
1. In the **Endpoint Protector** console, go to **Appliance** > **Server Maintenance** and click **Synchronize time**.
2. Check the date and time on the phone.
-2. Disable Two-Factor Authentication (2FA) in **Endpoint Protector**, then re-enable it. For detailed steps on enabling or disabling 2FA, see [Enable Two-Factor Authentication](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app.md).
+2. Disable Two-Factor Authentication (2FA) in **Endpoint Protector**, then re-enable it. For detailed steps on enabling or disabling 2FA, see [Enable Two-Factor Authentication for System Admins with Google Authenticator App](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app.md).
3. Instead of scanning the QR code, manually enter the code in the **Google Authenticator** app.
## Related Links
-- [Enable Two-Factor Authentication](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app.md)
+- [Enable Two-Factor Authentication for System Admins with Google Authenticator App](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app.md)
- [Managing System Administrators and Administrator Groups](/docs/kb/endpointprotector/managing-system-administrators-and-administrator-groups.md)
-- [Two-Factor Authentication Overview – Endpoint Protector Documentation](https://docs.netwrix.com/docs/endpointprotector/5_9_4_2/admin/systemconfiguration/overview)
\ No newline at end of file
+- [Two-Factor Authentication](https://docs.netwrix.com/docs/endpointprotector/admin/systemconfiguration/adminandaccess#two-factor-authentication)
diff --git a/docs/kb/endpointprotector/user_remediation_reporting.md b/docs/kb/endpointprotector/user_remediation_reporting.md
index 48ca951a61..6230aec904 100644
--- a/docs/kb/endpointprotector/user_remediation_reporting.md
+++ b/docs/kb/endpointprotector/user_remediation_reporting.md
@@ -30,5 +30,5 @@ This article explains how to locate and review logs of end user responses to **U
## Related Links
-- [How to Configure User Remediation for Device Control](/docs/kb/endpointprotector/how-to-configure-user-remediation-for-device-control.md)
+- [How to Configure User Remediation for Device Contr](/docs/kb/endpointprotector/how-to-configure-user-remediation-for-device-control.md)
- [Enabling User Remediation in Content Aware Protection Policies](/docs/kb/endpointprotector/enabling-user-remediation-in-content-aware-protection-policies.md)
\ No newline at end of file
diff --git a/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations.md b/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations.md
index 4781047c82..42099b836a 100644
--- a/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations.md
+++ b/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations.md
@@ -88,8 +88,8 @@ Perform the following steps to configure an HA pair:
>
> **IMPORTANT:** Do not proceed to the next step until both servers have a green check mark in the HA Manager.
-5. Follow the instructions in How to Configure Encryption Keys in Multiple Netwrix Privilege Secure Server Environments ⸱ Netwrix to export the encryption keys from the primary server to the secondary server.
- /docs/kb/privilegesecure/how_to_configure_encryption_keys_in_multiple_nps_server_environments)
+5. Follow the instructions in How to Configure Encryption Keys in Multiple Netwrix Privilege Secure Server Environments ⸱ Netwrix to export the encryption keys from the primary server to the secondary server.
+ [How to Configure Encryption Keys in Multiple NPS Server Environments](/docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments.md)
6. On the primary server, locate the `appsettings.json` file at `C:\ProgramData\Stealthbits\PAM\HA\appsettings.json` and copy it to the same path on the secondary server.
7. Run the HA tool on the secondary server. Specify the **Primary IP**, **Primary Port**, and **Secondary IP**.
diff --git a/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md b/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md
index fc41269583..fa05fc7fe8 100644
--- a/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md
+++ b/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md
@@ -28,7 +28,7 @@ knowledge_article_id: kA04u0000000JyXCAU
This article will guide the user through the process of setting up a deployment with multiple Netwrix Privilege Secure servers communicating with a single Postgres server. Instructions are included for configuring TLS for all network traffic to the Postgres server. Optional migration steps are included for users who wish to use a Postgres database from an existing Netwrix Privilege Secure deployment.
-This diagram illustrates the desired network architecture.
+This diagram illustrates the desired network architecture.
## Instructions
@@ -103,8 +103,8 @@ Edit this file so that the `Database` key references the hostname of the Postgre
```
3. Obtain a copy of the `\ProgramData\Stealthbits\PAM\tls\cacerts\sbpam-region.crt` certificate from the Postgres server. Open the **Certificate Manager**. Import the `sbpam-region.crt` certificate into the **Trusted Root** of the local machine.
-You should now be able to access the Netwrix Privilege Secure console at `https://[yourNPSServerIP]:6500`, and all traffic should be TLS encrypted. *Note: if you are receiving an IIS certificate warning from your browser, install an IIS certificate using [this KB article](https://kb.netwrix.com/5872).*
+You should now be able to access the Netwrix Privilege Secure console at `https://[yourNPSServerIP]:6500`, and all traffic should be TLS encrypted. *Note: if you are receiving an IIS certificate warning from your browser, install an IIS certificate using [Install an IIS Certificate](https://docs.netwrix.com/docs/kb/privilegesecure/installing-an-iis-certificate)
### Key Export/Import
-*In order to ensure that encryption keys are in agreement between Netwrix Privilege Secure servers, please follow the instructions outlined in [this article](/docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments.md).*
+*In order to ensure that encryption keys are in agreement between Netwrix Privilege Secure servers, please follow the instructions outlined in [How to Configure Encryption Keys in Multiple NPS Server Environments](/docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments.md).*
diff --git a/docs/kb/privilegesecure/how-to-create-a-service-mesh-between-app-servers.md b/docs/kb/privilegesecure/how-to-create-a-service-mesh-between-app-servers.md
index d20529e8c2..40011a2811 100644
--- a/docs/kb/privilegesecure/how-to-create-a-service-mesh-between-app-servers.md
+++ b/docs/kb/privilegesecure/how-to-create-a-service-mesh-between-app-servers.md
@@ -27,12 +27,12 @@ knowledge_article_id: kA04u0000000JqxCAE
This article outlines the steps to configure a service mesh in Netwrix Privilege Secure for Access Management. Follow these instructions to ensure proper setup and high availability.
-- If you have two application servers with internal PostgreSQL on each, you must configure high availability (HA) before configuring a service mesh. For additional information on the HA setup, see Configure and Upgrade Netwrix Privilege Secure in High Availability Mode and Using Remote Services Configurations: /docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations
-- In both PostgreSQL and SQL Server deployments, you must complete the key exchange in your environment before configuring a service mesh. For additional information on the key exchange setup, see How to Configure Encryption Keys in Multiple Netwrix Privilege Secure Server Environments: /docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments
+- If you have two application servers with internal PostgreSQL on each, you must configure high availability (HA) before configuring a service mesh. For additional information on the HA setup, see Configure and Upgrade Netwrix Privilege Secure in High Availability Mode and Using Remote Services Configurations: [Configuring and Upgrading in High Availability Mode and Using Remote Services Configurations](/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations.md)
+- In both PostgreSQL and SQL Server deployments, you must complete the key exchange in your environment before configuring a service mesh. For additional information on the key exchange setup, see [How to Configure Encryption Keys in Multiple NPS Server Environments](/docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments.md)
> **IMPORTANT:** Multi-factor authentication should be disabled for the Netwrix Privilege Secure Administrator account, if used. While this will be indicated by an error message when running `sbpam-proxy.exe`, the error will not indicate the missing 2FA or the need to disable it prior to running.
-For additional information on used protocols and ports, see Installation — System Architecture · v4.2: https://docs.netwrix.com/docs/privilegesecure/4_2
+For additional information on used protocols and ports, see [Port, Firewall, and Datacenter Requirements](https://docs.netwrix.com/docs/privilegesecurediscovery/requirements/portsandfirewalls#firewall-rules)
## Instructions
@@ -130,11 +130,10 @@ To enable replication of session recordings (`.webm` files for web sessions, `.i
3. Once the file is saved, restart the proxy service and recording replication should occur.
-For detailed steps on moving the recording locations, see How to Change the Path Where Session Recordings Are Stored: /docs/kb/privilegesecure/how-to-change-the-path-where-session-recordings-are-stored
+For detailed steps on moving the recording locations, see How to Change the Path Where Session Recordings Are Stored: [How to Change the Path Where Session Recordings Are Stored](/docs/kb/privilegesecure/how-to-change-the-path-where-session-recordings-are-stored.md)
## Related Articles
-- Configure and Upgrade Netwrix Privilege Secure in High Availability Mode and Using Remote Services Configurations: /docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations
-- How to Configure Encryption Keys in Multiple Netwrix Privilege Secure Server Environments: /docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments
-- Installation — System Architecture · v4.2: https://docs.netwrix.com/docs/privilegesecure/4_2
-- How to Change the Path Where Session Recordings Are Stored: /docs/kb/privilegesecure/how-to-change-the-path-where-session-recordings-are-stored
+- [Configuring and Upgrading in High Availability Mode and Using Remote Services Configurations](/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations.md)
+- [How to Configure Encryption Keys in Multiple NPS Server Environments](/docs/kb/privilegesecure/how-to-configure-encryption-keys-in-multiple-nps-server-environments.md)
+- [Port, Firewall, and Datacenter Requirements](https://docs.netwrix.com/docs/privilegesecurediscovery/requirements/portsandfirewalls#firewall-rules)- [How to Change the Path Where Session Recordings Are Stored](/docs/kb/privilegesecure/how-to-change-the-path-where-session-recordings-are-stored.md)
diff --git a/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically.md b/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically.md
index 94470cfa44..6fd4cb70fa 100644
--- a/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically.md
+++ b/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically.md
@@ -54,8 +54,6 @@ To automatically invoke a local SSH client for sessions, you need to register a
-7. If none of these built-in command files are successful, then you may refer to the following provided options: Registering and Using the sbpam-url SSH Protocol Handler /docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler).
+7. If none of these built-in command files are successful, then you may refer to the following provided options: [Registering and Using the sbpam-url SSH Protocol Handler](/docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler.md)
-## Related Article
-- Registering and Using the sbpam-url SSH Protocol Handler — /docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler
diff --git a/docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler.md b/docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler.md
index 6ec972bace..4668d87ee1 100644
--- a/docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler.md
+++ b/docs/kb/privilegesecure/registering-and-using-the-sbpam-url-ssh-protocol-handler.md
@@ -28,7 +28,7 @@ knowledge_article_id: kA0Qk0000002VvlKAE
The `sbpam-url` utility, located in the **Extras** folder of the download package, registers an SSH URL handler. This utility helps you automatically connect to an NPS-proxied SSH session.
-For additional information, refer to the following article: /docs/kb/privilegesecure/invoking_desktop_ssh_client_automatically (How to Invoke a Desktop SSH Client Automatically).
+For additional information, refer to the following article: [Invoking Desktop SSH Client Automatically](/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically.md)
At the time this article was written, the referenced KB article instructed users to download the utility from a static link, which may provide an outdated version. Use the utility bundled in the **Extras** folder to ensure you have the latest version.
@@ -110,8 +110,8 @@ Use the following syntax to register a handler:
You can use WinSCP to install an SSH handler as an alternative to `sbpam-url`. Note that WinSCP requires Putty to be installed first.
-- https://www.putty.org/ (Download Putty ⸱ PuTTY 🐍)
-- https://winscp.net/eng/download.php (Download WinSCP ⸱ WinSCP 🐘)
+- [Download Putty ⸱ PuTTY 🐍](https://www.putty.org/)
+- [Download WinSCP ⸱ WinSCP 🐘](https://winscp.net/eng/download.php)
### Registry Keys Modified by sbpam-url
@@ -164,6 +164,6 @@ The `sbpam-url` utility updates the following registry keys to register the prot
## Related Links
-- /docs/kb/privilegesecure/invoking_desktop_ssh_client_automatically (How to Invoke a Desktop SSH Client Automatically)
-- https://www.putty.org/ (Download Putty ⸱ PuTTY 🐍)
-- https://winscp.net/eng/download.php (Download WinSCP ⸱ WinSCP 🐘)
+- [Invoking Desktop SSH Client Automatically](/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically.md)
+- [Download Putty ⸱ PuTTY 🐍](https://www.putty.org/)
+- [Download WinSCP ⸱ WinSCP 🐘](https://winscp.net/eng/download.php)
diff --git a/docs/kb/privilegesecurediscovery/troubleshooting-linux-registration.md b/docs/kb/privilegesecurediscovery/troubleshooting-linux-registration.md
index 633f756b43..4e22cc8d1f 100644
--- a/docs/kb/privilegesecurediscovery/troubleshooting-linux-registration.md
+++ b/docs/kb/privilegesecurediscovery/troubleshooting-linux-registration.md
@@ -36,8 +36,8 @@ Netwrix Privilege Secure Discovery (formerly SecureONE)
## Common Error Messages
-- [Invalid SSH Credentials: Authentication Failed](/docs/kb/privilegesecurediscovery/error-invalid-ssh-credentials-authentication-failed.md)
+- [Error: Invalid SSH Credentials Authentication Failed](/docs/kb/privilegesecurediscovery/error-invalid-ssh-credentials-authentication-failed.md)
- UnprocessableEntityError: SSH Connection Error: Encountered RSA Key, Expected OPENSSH Key
- UnprocessableEntityError: Missing Result for Task checkAdminPrivilege. Code:9999
- Unhandled Error: there has been an Error Processing the Registration Request: 'ascii' Codec can't Encode Character u
-- [Unhandled Error: MODULE FAILURE See stdout/stderr for the Exact Error](/docs/kb/privilegesecurediscovery/unhandled-error-module-failure.md)
\ No newline at end of file
+- [Unhandled Error: Module Failure](/docs/kb/privilegesecurediscovery/unhandled-error-module-failure.md)
\ No newline at end of file
diff --git a/docs/kb/recoveryad/how-to-reset-multi-factor-authentication.md b/docs/kb/recoveryad/how-to-reset-multi-factor-authentication.md
index 5ce2569cc6..f66e0311e6 100644
--- a/docs/kb/recoveryad/how-to-reset-multi-factor-authentication.md
+++ b/docs/kb/recoveryad/how-to-reset-multi-factor-authentication.md
@@ -39,6 +39,4 @@ Yes, you can reset MFA in Netwrix Recovery for Active Directory (NRAD) by follow
5. Change the `TwoFactorEnabled` column value from `True` to `False` and save the changes.
6. After resetting MFA, users can log in to the console without an authenticator code. To re-enable MFA, refer to the steps in the Configure MFA guide.
-## Related Articles
-- [Configure MFA](/docs/kb/recoveryad/how-to-reset-multi-factor-authentication.md)
diff --git a/docs/partner/implementation/auditor.md b/docs/partner/implementation/auditor.md
index 422ef2b4ea..f1d8f67bcf 100644
--- a/docs/partner/implementation/auditor.md
+++ b/docs/partner/implementation/auditor.md
@@ -11,7 +11,7 @@ import { NDCIntegrationNA } from '@site/src/training/data-classification';
import { Company, NA, NDC, NPS } from '@site/src/training/products';
-Estimated length: 6 hours + 3 hours Lab Experience
+Estimated length: 8.5 hours
This learning path grants certification as a Professional Services Engineer for this product. It contains the following courses:
diff --git a/docs/partner/implementation/data-classification.md b/docs/partner/implementation/data-classification.md
index efac8255f3..e53d28f422 100644
--- a/docs/partner/implementation/data-classification.md
+++ b/docs/partner/implementation/data-classification.md
@@ -11,7 +11,7 @@ import { NDCValue, NDCConcepts, NDCIntro, NDCTaxonomies, NDCWorkflows, NDCUsersR
import { Company, NA, NDC } from '@site/src/training/products';
-Estimated length: 5.25 hours
+Estimated length: 9 hours
In this learning path, you will learn how to use . It contains the following courses:
diff --git a/docs/partner/msp/auditor.md b/docs/partner/msp/auditor.md
index d75cc3672b..6a6c79fff7 100644
--- a/docs/partner/msp/auditor.md
+++ b/docs/partner/msp/auditor.md
@@ -12,7 +12,7 @@ import { NDCValue, NDCConcepts, NDCIntro, NDCTaxonomies, NDCWorkflows, NDCUsersR
import { Company, NA, NDC, NPS } from '@site/src/training/products';
-Estimated length: 7.75 hours + 11 hrs Lab Experiences
+Estimated length: 13.25 hours
This learning path grants certification as an MSP Engineer for these products:
diff --git a/docs/passwordpolicyenforcer/11.1/admin/cmdlets/cmdlets.md b/docs/passwordpolicyenforcer/11.1/admin/cmdlets/cmdlets.md
index 65422a35b5..736362d8e9 100644
--- a/docs/passwordpolicyenforcer/11.1/admin/cmdlets/cmdlets.md
+++ b/docs/passwordpolicyenforcer/11.1/admin/cmdlets/cmdlets.md
@@ -9,6 +9,9 @@ sidebar_position: 60
The PPE Cmdlets are available to manage Password Policy Enforcer from a Windows PowerShell. The
cmdlets are not case-sensitive.
+Starting with version **11.1**, the PowerShell cmdlets are built on .NET 8.0 and require PowerShell version 7.5 or newer to function.
+**Installation link**: [https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.5](https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.5)
+
To establish the connection:
**Step 1 –** Open a Windows PowerShell. Some cmdlets require administrative permissions. You can use
diff --git a/docs/passwordpolicyenforcer/11.1/admin/command_line_interface.md b/docs/passwordpolicyenforcer/11.1/admin/command_line_interface.md
index 6a1dd949f6..8a07f1d9f3 100644
--- a/docs/passwordpolicyenforcer/11.1/admin/command_line_interface.md
+++ b/docs/passwordpolicyenforcer/11.1/admin/command_line_interface.md
@@ -35,9 +35,8 @@ If a reboot was not done, add **/forcerestart** at the end
## Mailer
You can run the Password Policy Enforcer Mailer from the command line to deliver email immediately,
-or to troubleshoot problems. PPEMail.exe is copied into the \Program Files (x86)
-
-\Password Policy Enforcer\ folder when the Password Policy Enforcer Mailer is installed.
+or to troubleshoot problems. PPEMail.exe is copied into the \Program Files\Netwrix\Password Policy
+Enforcer\ folder when the Password Policy Enforcer Mailer is installed.
PPEMail.exe starts a simulation when run without any parameters. It finds users whose password will
expire soon, but no email is sent or saved to the pickup folder. Use the simulation mode to find
diff --git a/docs/passwordpolicyenforcer/11.1/admin/compromisedpasswordcheck.md b/docs/passwordpolicyenforcer/11.1/admin/compromisedpasswordcheck.md
index 5d0c35063d..4cfe7f0140 100644
--- a/docs/passwordpolicyenforcer/11.1/admin/compromisedpasswordcheck.md
+++ b/docs/passwordpolicyenforcer/11.1/admin/compromisedpasswordcheck.md
@@ -6,9 +6,9 @@ sidebar_position: 30
# Compromised Password Check
-The Compromised Password Checker finds compromised passwords. Users can be notified via email and
-advised or forced to change their password. The check can be scheduled to check existing passwords
-against a compromised hash list at any time.
+The Compromised Password Checker identifies weak or unsafe passwords, including compromised, reused,
+or empty ones. Users can be notified via email and advised or forced to change their password.
+The check can be scheduled to run at any time to verify existing passwords against security rules.
:::note
Create the **Compromised Passwords Base** file prior to enabling the Compromised Password
@@ -39,6 +39,9 @@ Click the **Compromised Password Check** toggle to enable/disable the feature.
- **Log events in Windows Application Event Viewer** select this option if you want to log events.
- **Force users to change password** select this option to force users to change compromised
passwords.
+- **Report password reuse by another account** select this option to generate password reuse report.
+- **Force users to change password** select this option to force users to change reused
+ passwords.
- **Recipient of the full report on the found compromised passwords** specify the email address of
the administrator who should receive the full report.
- **From** specify the email sender.
@@ -54,13 +57,27 @@ Click **Save** to save your settings before running the check or setting up a sc
Click **Run now** to run the check. Depending on your network, the check can take quite a while to
complete. You can schedule it for off hours instead of running it now.
-Here is an example of the compromised passwords list:
+Here is an example of the compromised passwords report:
+---
+**List of compromised passwords**
|User | Account | Sid | Email | Description |
| --- | --- | --- | --- | --- |
| admin | Administrator | S-1-5-21-1006207104-1546379664-2458629591-500 | | Sending emails is not possible due to the lack of an email address in the account. |
| user2 | user2 | S-1-5-21-1006207104-1546379664-2458629591-1118 | user2@company.com | Email has been sent |
+
+**List of reused passwords**
+|User | Account | Sid | Email | Description |
+| --- | --- | --- | --- | --- |
+| admin | Administrator | S-1-5-21-1006207104-1546379664-2458629591-500 | | Sending emails is not possible due to the lack of an email address in the account. |
+| user2 | user2 | S-1-5-21-1006207104-1546379664-2458629591-1118 | user2@company.com | Email has been sent |
+
+**Users with empty password:**
+Guest (S-1-5-21-1006207104-1546379664-2458629591-501)
+
+---
+
#### Schedule the Compromised Password Check
Click **Schedule** to set up a schedule to run the Compromised Password Check.
diff --git a/docs/passwordpolicyenforcer/11.1/admin/configconsole.md b/docs/passwordpolicyenforcer/11.1/admin/configconsole.md
index 78ce271c28..9e479b8813 100644
--- a/docs/passwordpolicyenforcer/11.1/admin/configconsole.md
+++ b/docs/passwordpolicyenforcer/11.1/admin/configconsole.md
@@ -86,7 +86,7 @@ Users with write permission to these objects can configure Password Policy Enfor
Policy to distribute a local configuration to many computers. See the
[Domain and Local Policies](/docs/passwordpolicyenforcer/11.1/installation/domain_and_local_policies.md) topic for additional information.
-
+
### Help
@@ -105,10 +105,11 @@ Links to documentation and support tools.
### Settings
-There are three tabs:
+There are four tabs:
- General
- Notifications
+- Mail Service
- License
#### General
@@ -174,6 +175,8 @@ Here are the default settings.
- **Log event when password accepted by service** adds an entry to the Windows Application Event Log
whenever a password is accepted. The logged event includes the username. Default is not checked.
+- **Use old icons in Live Policy Feedback** allows switching between displaying old-style and new-style icons in the Password Policy Enforcer Client on the change password screen.
+
#### Notifications
Open the **Settings** > **Notifications** tab to set up notifications. Notifications are only
@@ -181,21 +184,10 @@ available when **domain** is selected with the Connected To configuration settin
If you make changes, click **Save** to keep your changes or **Discard** to cancel.
-Here are the default settings.
-
- **Send email reminders**: check this option to send reminders. Default is not checked.
-
- - **SMTP Server**: enter IP address.
- - **Port**: enter port number.
- - **Username**: enter your username.
- - **Password**: enter your password.
- - **Use TLS**: check this option to enable TLS email encryption.
-
-- **Save email to a pickup folder**: check this option to have the Mailer save emails to a folder
- for later delivery by a mail server. The mail server must monitor this folder for new email.
-
+- **Save email to a pickup folder**: check this option to have the Mailer save emails to a folder for later delivery by a mail server. The mail server must monitor this folder for new email.
- **Path**: Click **Browse** and select the path to the pickup folder.
:::note
@@ -203,7 +195,6 @@ Saving email to a pickup folder is the fastest and most reliable delivery method
option if your mail server supports pickup folders.
:::
-
The Password Policy Enforcer Mailer sends emails at 2:00 AM every day (local time on your server).
Check the Windows Application Event Log to monitor its progress. You can also run the Password
Policy Enforcer Mailer from the command line to send email immediately, or to troubleshoot problems.
@@ -214,6 +205,74 @@ You can change the time the mailer runs. Set the **PPE Mailer** service startup
desired time.
:::
+##### Configuring Email Settings
+
+There are three possible ways to configure email settings:
+ - **SMTP Server**
+ - **Google OAuth2**
+ - **O365 OAuth2**
+
+###### SMTP Server
+
+
+
+- **SMTP Server**: enter IP address.
+- **Port**: enter port number.
+- **Username**: enter your username.
+- **Password**: enter your password.
+- **Use TLS**: check this option to enable TLS email encryption.
+
+###### Google OAuth2
+
+
+
+- **User Account**: authenticated Google Workspace account.
+- **Client ID**: value configured in the Google Workspace Admin Console.
+- **Client Secret**: value configured in the Google Workspace Admin Console.
+- **Clear Credentials**: removes stored values and tokens.
+- **Update Credentials**: initiates token generation in a browser window.
+
+:::note
+The Google OAuth2 timeout can be configured in **PPEConfiguration.json**.
+By default, it is set to **1 minute**:
+```
+"Configuration": {
+ "GoogleOAuthTimeout": 60
+}
+```
+:::
+
+###### O365 OAuth2
+
+
+
+- **User Account**: Office 365 account.
+- **Client ID**: value configured in the Office 365 Admin Console.
+- **Client Secret**: value configured in the Office 365 Admin Console.
+- **Tenant ID**: Office 365 tenant identifier.
+- **Clear Credentials**: removes values.
+
+#### Mail Service
+
+Open the **Settings** > **Mail Service** tab to set up mail service for notifications.
+
+If you make changes, click **Save** to keep your changes or **Discard** to cancel.
+
+
+
+- **Service**: specify the address of the machine where the mail service is installed.
+- **Port**: specify the port number.
+
+:::note
+If you need to use a port other than 12345, open the **PPEMailService.json** file on the machine where
+the mail service is installed, update the port value, and restart the mail service to apply the changes.
+```
+"MailService": {
+ "HostName": "localhost",
+ "Port": 6000
+}
+```
+:::
#### License
diff --git a/docs/passwordpolicyenforcer/11.1/admin/manage-policies/manage_policies.md b/docs/passwordpolicyenforcer/11.1/admin/manage-policies/manage_policies.md
index a1a8d111ba..7a2d58e6a3 100644
--- a/docs/passwordpolicyenforcer/11.1/admin/manage-policies/manage_policies.md
+++ b/docs/passwordpolicyenforcer/11.1/admin/manage-policies/manage_policies.md
@@ -28,13 +28,12 @@ Policy Guide have been added.
The policy management links are all on the Password Policies tile:
-- Add a Policy.
-- Set Up a Policy (click on existing policy name).
-- Test Policy.
-- Set Priorities.
-- Export.
-- Context menu (3 stacked dots) beside each defined policy Make Copy, Make Default/Remove Default,
- Rename and Delete .
+- [Add a Policy.](#add-a-policy)
+- [Set Up a Policy](#set-up-a-policy) (click on existing policy name).
+- [Test Policy.](#test-policy)
+- [Set Priorities.](#set-priorities)
+- [Export.](#export)
+- Context menu (3 stacked dots) beside each defined policy [Make Copy](#make-copy), [Make Default/Remove Default](#make-defaultremove-default), [Rename](#rename) and [Delete](#delete).
## Add a Policy
diff --git a/docs/passwordpolicyenforcer/11.1/admin/manage-policies/rules/dictionary_rule.md b/docs/passwordpolicyenforcer/11.1/admin/manage-policies/rules/dictionary_rule.md
index 78b6da0aab..2b65c6c1ee 100644
--- a/docs/passwordpolicyenforcer/11.1/admin/manage-policies/rules/dictionary_rule.md
+++ b/docs/passwordpolicyenforcer/11.1/admin/manage-policies/rules/dictionary_rule.md
@@ -18,8 +18,7 @@ for long passwords.
Select the **Dictionary** check box to enable the Dictionary rule.
-Browse to a dictionary file. A sample file **Dict.txt** is installed in the **\Program
-Files\Password Policy Enforcer** folder. This file is sorted and ready to use. It contains
+Browse to a dictionary file. A sample file **Dict.txt** is installed in the **\Program Files\Netwrix\Password Policy Enforcer\\** folder. This file is sorted and ready to use. It contains
approximately 257,000 words, names, and acronyms.
Select the **Detect inclusion of non-alpha characters** check box if Password Policy Enforcer should
@@ -114,7 +113,7 @@ local disk. Using a shared dictionary degrades performance, and could jeopardize
:::note
The `\Program Files (x86)\` folder does not exist on 32-bit Windows, so move the
-dictionary into the `\Program Files\Password Policy Enforcer\` folder if you have 32-bit and 64-bit
+dictionary into the `\Program Files\Netwrix\Password Policy Enforcer\` folder if you have 32-bit and 64-bit
computers sharing a common Password Policy Enforcer configuration.
:::
diff --git a/docs/passwordpolicyenforcer/11.1/index.md b/docs/passwordpolicyenforcer/11.1/index.md
index 6fb267da07..6fd85f1a74 100644
--- a/docs/passwordpolicyenforcer/11.1/index.md
+++ b/docs/passwordpolicyenforcer/11.1/index.md
@@ -76,7 +76,7 @@ Here are the requirements for both the full and evaluation Password Policy Enfor
- 10
- 11
-- .NET 8.0.15 or higher
+- .NET Desktop Runtime 8.0.15 or higher
## Password Policy Enforcer Web
diff --git a/docs/passwordpolicyenforcer/11.1/installation/installationserver.md b/docs/passwordpolicyenforcer/11.1/installation/installationserver.md
index e87dafb918..0e262c7515 100644
--- a/docs/passwordpolicyenforcer/11.1/installation/installationserver.md
+++ b/docs/passwordpolicyenforcer/11.1/installation/installationserver.md
@@ -62,8 +62,7 @@ Agreement**.
selected by default.
- Configuration Console – manages policy configuration. Install where ever needed. Selected by
default.
-- Mailer Service – sends email reminders. Should be installed on a Domain Controller. It is not
- selected by default.
+- Mailer Service – sends email reminders. It is not selected by default.
**Step 8 –** The default location is shown. Click **Browse** and select a new location if needed.
diff --git a/src/training/auditor/6081.md b/src/training/auditor/6081.md
index 58ba5bfe53..56ddfc43eb 100644
--- a/src/training/auditor/6081.md
+++ b/src/training/auditor/6081.md
@@ -6,4 +6,4 @@ Recommended prerequisite: 4080 – Basic Troubleshooting
The – Professional Services Lab Experience provides you with an opportunity to validate you are ready to implement this product within a customer environment. You will be provided with a training lab environment where you can implement the product as if it were in a customer’s environment.
-Estimated length: 3 hours
+Estimated length: 2.5 hours
diff --git a/src/training/data-classification/6121.md b/src/training/data-classification/6121.md
index e061acccf5..e91bf9b604 100644
--- a/src/training/data-classification/6121.md
+++ b/src/training/data-classification/6121.md
@@ -6,4 +6,4 @@ Recommended prerequisite: 4120 – Basic Troubleshooting
The – Professional Services Lab Experience provides you with an opportunity to validate you are ready to implement this product within a customer environment. You will be provided with a training lab environment where you can implement the product as if it were in a customer’s environment.
-Estimated length: 8 hours
+Estimated length: 2.25 hours
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/connecttolocal.webp b/static/images/passwordpolicyenforcer/11.1/administration/connecttolocal.webp
new file mode 100644
index 0000000000..a2be10578d
Binary files /dev/null and b/static/images/passwordpolicyenforcer/11.1/administration/connecttolocal.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration4.webp b/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration4.webp
index afe2ee0587..51cfce3bd0 100644
Binary files a/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration4.webp and b/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration4.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration5.webp b/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration5.webp
index c90a500ac5..273c0f1b96 100644
Binary files a/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration5.webp and b/static/images/passwordpolicyenforcer/11.1/administration/ppc_configuration5.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/settingslicense.webp b/static/images/passwordpolicyenforcer/11.1/administration/settingslicense.webp
index 8b402a00e4..44eafebd8e 100644
Binary files a/static/images/passwordpolicyenforcer/11.1/administration/settingslicense.webp and b/static/images/passwordpolicyenforcer/11.1/administration/settingslicense.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/settingsmailserver.webp b/static/images/passwordpolicyenforcer/11.1/administration/settingsmailserver.webp
new file mode 100644
index 0000000000..1b0e1c3dfb
Binary files /dev/null and b/static/images/passwordpolicyenforcer/11.1/administration/settingsmailserver.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications2.webp b/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications2.webp
new file mode 100644
index 0000000000..19ba5a2875
Binary files /dev/null and b/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications2.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications3.webp b/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications3.webp
new file mode 100644
index 0000000000..181c40d170
Binary files /dev/null and b/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications3.webp differ
diff --git a/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications4.webp b/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications4.webp
new file mode 100644
index 0000000000..ade4b3e2cd
Binary files /dev/null and b/static/images/passwordpolicyenforcer/11.1/administration/settingsnotifications4.webp differ
diff --git a/static/images/training/customer-dashboard.png b/static/images/training/customer-dashboard.png
index 5d22a305fa..1297622418 100644
Binary files a/static/images/training/customer-dashboard.png and b/static/images/training/customer-dashboard.png differ