diff --git a/.github/workflows/sync-dev-to-main.yml b/.github/workflows/sync-dev-to-main.yml new file mode 100644 index 0000000000..22ef914c30 --- /dev/null +++ b/.github/workflows/sync-dev-to-main.yml @@ -0,0 +1,319 @@ +name: Sync dev to main + +# Automatically merge dev → main daily at 8 AM PST (16:00 UTC) +# Uses github-actions[bot] with bypass permissions to skip PR approval requirements +# Handles conflicts gracefully (logs warning, skips merge, doesn't fail) + +on: + schedule: + # Run daily at 8:00 AM PST (16:00 UTC) + - cron: '0 16 * * *' + + workflow_dispatch: # Allow manual triggering + +permissions: + contents: write # Push to main branch + issues: write # Create issues on conflict + actions: read # Check workflow status (optional) + +env: + SOURCE_BRANCH: dev + TARGET_BRANCH: main + # Teams webhook URL stored in GitHub Secrets for security + TEAMS_WEBHOOK_URL: ${{ secrets.TEAMS_WEBHOOK_URL }} + +jobs: + sync-branches: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full history for merge + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Configure git + run: | + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + + - name: Check if dev has new commits + id: check-new-commits + run: | + git fetch origin ${{ env.SOURCE_BRANCH }} + git fetch origin ${{ env.TARGET_BRANCH }} + + # Get commit counts + COMMITS_AHEAD=$(git rev-list --count origin/${{ env.TARGET_BRANCH }}..origin/${{ env.SOURCE_BRANCH }}) + + echo "commits_ahead=$COMMITS_AHEAD" >> $GITHUB_OUTPUT + + if [ "$COMMITS_AHEAD" -eq 0 ]; then + echo "ℹ️ No new commits in ${{ env.SOURCE_BRANCH }} - nothing to sync" + echo "has_new_commits=false" >> $GITHUB_OUTPUT + else + echo "✅ Found $COMMITS_AHEAD new commit(s) in ${{ env.SOURCE_BRANCH }}" + echo "has_new_commits=true" >> $GITHUB_OUTPUT + fi + + - name: Wait for build workflow to complete + if: steps.check-new-commits.outputs.has_new_commits == 'true' + run: | + echo "⏳ Waiting for 'build-and-deploy.yml' workflow to complete on ${{ env.SOURCE_BRANCH }}..." + + MAX_WAIT=1800 # 30 minutes max wait + WAIT_INTERVAL=30 # Check every 30 seconds + ELAPSED=0 + + while [ $ELAPSED -lt $MAX_WAIT ]; do + # Get latest build workflow run on dev + BUILD_RUN=$(gh run list --workflow="build-and-deploy.yml" \ + --branch ${{ env.SOURCE_BRANCH }} --limit 1 --json status,conclusion,databaseId \ + --jq '.[0]' 2>/dev/null || echo '{}') + + STATUS=$(echo "$BUILD_RUN" | jq -r '.status // "unknown"') + CONCLUSION=$(echo "$BUILD_RUN" | jq -r '.conclusion // "none"') + RUN_ID=$(echo "$BUILD_RUN" | jq -r '.databaseId // "none"') + + echo "Build status: $STATUS | Conclusion: $CONCLUSION | Run ID: $RUN_ID" + + # Check if build completed + if [ "$STATUS" = "completed" ]; then + if [ "$CONCLUSION" = "success" ]; then + echo "✅ Build workflow completed successfully!" + break + elif [ "$CONCLUSION" = "failure" ]; then + echo "❌ Build workflow failed on ${{ env.SOURCE_BRANCH }}" + echo "⚠️ Cannot sync to main - build must pass first" + exit 1 + elif [ "$CONCLUSION" = "cancelled" ]; then + echo "⚠️ Build workflow was cancelled" + echo "⚠️ Cannot sync to main - build must complete successfully" + exit 1 + else + echo "⚠️ Build completed with conclusion: $CONCLUSION" + exit 1 + fi + fi + + # Build still in progress + echo "⏳ Build still running... waiting ${WAIT_INTERVAL}s (${ELAPSED}s elapsed)" + sleep $WAIT_INTERVAL + ELAPSED=$((ELAPSED + WAIT_INTERVAL)) + done + + if [ $ELAPSED -ge $MAX_WAIT ]; then + echo "❌ Timeout: Build did not complete within ${MAX_WAIT}s" + exit 1 + fi + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Attempt merge + id: merge + if: steps.check-new-commits.outputs.has_new_commits == 'true' + run: | + echo "🔄 Attempting to merge ${{ env.SOURCE_BRANCH }} → ${{ env.TARGET_BRANCH }}..." + + # Checkout target branch + git checkout ${{ env.TARGET_BRANCH }} + + # Attempt merge (don't fail on conflict) + set +e + git merge --no-edit --no-ff origin/${{ env.SOURCE_BRANCH }} 2>&1 | tee merge_output.txt + MERGE_EXIT_CODE=$? + set -e + + if [ $MERGE_EXIT_CODE -ne 0 ]; then + echo "❌ Merge conflict detected" + echo "conflict=true" >> $GITHUB_OUTPUT + + # Get conflicted files + git status --short | grep '^UU\|^AA\|^DD' > conflicts.txt || echo "Unable to detect specific files" > conflicts.txt + + # Abort the merge + git merge --abort + + echo "⚠️ Skipping automated merge due to conflicts" + exit 0 # Exit success to allow graceful handling + else + echo "✅ Merge completed successfully" + echo "conflict=false" >> $GITHUB_OUTPUT + fi + + - name: Push to main + if: steps.check-new-commits.outputs.has_new_commits == 'true' && steps.merge.outputs.conflict == 'false' + run: | + echo "📤 Pushing merged changes to ${{ env.TARGET_BRANCH }}..." + + # Push directly to main (bypass branch protection via github-actions[bot]) + git push origin ${{ env.TARGET_BRANCH }} + + echo "✅ Successfully synced ${{ env.SOURCE_BRANCH }} → ${{ env.TARGET_BRANCH }}" + + - name: Get merge details for notification + if: steps.check-new-commits.outputs.has_new_commits == 'true' && steps.merge.outputs.conflict == 'false' + id: merge-details + run: | + # Get commit details + COMMIT_COUNT=${{ steps.check-new-commits.outputs.commits_ahead }} + COMMIT_SHA=$(git rev-parse HEAD | cut -c1-7) + + # Get commit messages + git log --oneline origin/${{ env.TARGET_BRANCH }}~$COMMIT_COUNT..origin/${{ env.TARGET_BRANCH }} | head -10 > commits.txt + + echo "commit_count=$COMMIT_COUNT" >> $GITHUB_OUTPUT + echo "commit_sha=$COMMIT_SHA" >> $GITHUB_OUTPUT + + - name: Send success notification to Teams + if: steps.check-new-commits.outputs.has_new_commits == 'true' && steps.merge.outputs.conflict == 'false' + run: | + # Get commit messages (truncate if too long) + COMMITS=$(cat commits.txt | head -5 | sed 's/^/ - /') + + curl -H "Content-Type: application/json" -d '{ + "@type": "MessageCard", + "@context": "https://schema.org/extensions", + "summary": "Dev → Main Sync Successful", + "themeColor": "28a745", + "title": "✅ Automated Sync: dev → main", + "sections": [{ + "activityTitle": "Successfully merged '${{ steps.check-new-commits.outputs.commits_ahead }}' commits", + "activitySubtitle": "Repository: netwrix/docs", + "facts": [ + {"name": "Commits merged:", "value": "${{ steps.merge-details.outputs.commit_count }}"}, + {"name": "Latest commit:", "value": "${{ steps.merge-details.outputs.commit_sha }}"}, + {"name": "Triggered by:", "value": "${{ github.event_name }}"}, + {"name": "Workflow:", "value": "${{ github.workflow }}"} + ], + "text": "**Recent commits:**\n\n'"$(echo "$COMMITS" | sed 's/$/\\n/' | tr -d '\n')"'" + }], + "potentialAction": [{ + "@type": "OpenUri", + "name": "View Workflow Run", + "targets": [{"os": "default", "uri": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"}] + }, { + "@type": "OpenUri", + "name": "View Repository", + "targets": [{"os": "default", "uri": "${{ github.server_url }}/${{ github.repository }}"}] + }] + }' "${{ env.TEAMS_WEBHOOK_URL }}" || echo "Failed to send Teams notification" + + - name: Create GitHub issue for conflict + if: steps.check-new-commits.outputs.has_new_commits == 'true' && steps.merge.outputs.conflict == 'true' + uses: actions/github-script@v7 + with: + script: | + const conflictedFiles = require('fs').readFileSync('conflicts.txt', 'utf8'); + const mergeOutput = require('fs').readFileSync('merge_output.txt', 'utf8'); + + const issue = await github.rest.issues.create({ + owner: context.repo.owner, + repo: context.repo.repo, + title: '⚠️ Automated dev→main sync blocked by merge conflict', + labels: ['automated-sync', 'merge-conflict'], + body: '## Automated Sync Conflict\n\n' + + 'The automated sync from `dev` to `main` encountered merge conflicts and was skipped.\n\n' + + '**Workflow Run:** ' + context.serverUrl + '/' + context.repo.owner + '/' + context.repo.repo + '/actions/runs/' + context.runId + '\n' + + '**Triggered by:** ' + context.eventName + '\n' + + '**Date:** ' + new Date().toISOString() + '\n\n' + + '### Conflicted Files\n\n' + + '```\n' + + conflictedFiles + '\n' + + '```\n\n' + + '### Merge Output\n\n' + + '```\n' + + mergeOutput + '\n' + + '```\n\n' + + '### Resolution Steps\n\n' + + '1. Manually resolve conflicts:\n' + + ' ```bash\n' + + ' git checkout main\n' + + ' git pull origin main\n' + + ' git merge origin/dev\n' + + ' # Resolve conflicts in your editor\n' + + ' git add .\n' + + ' git commit\n' + + ' git push origin main\n' + + ' ```\n\n' + + '2. Or create a PR from dev → main and resolve conflicts there\n\n' + + '3. Once resolved, the next scheduled sync will proceed normally\n\n' + + '---\n' + + '*This issue was created automatically by the sync-dev-to-main workflow.*' + }); + + console.log('Created issue #' + issue.data.number); + + - name: Send conflict notification to Teams + if: steps.check-new-commits.outputs.has_new_commits == 'true' && steps.merge.outputs.conflict == 'true' + run: | + curl -H "Content-Type: application/json" -d '{ + "@type": "MessageCard", + "@context": "https://schema.org/extensions", + "summary": "Dev → Main Sync Blocked by Conflict", + "themeColor": "ff9800", + "title": "⚠️ Automated Sync Blocked: Merge Conflict", + "sections": [{ + "activityTitle": "Manual intervention required", + "activitySubtitle": "Repository: netwrix/docs", + "facts": [ + {"name": "Source branch:", "value": "${{ env.SOURCE_BRANCH }}"}, + {"name": "Target branch:", "value": "${{ env.TARGET_BRANCH }}"}, + {"name": "Commits waiting:", "value": "${{ steps.check-new-commits.outputs.commits_ahead }}"}, + {"name": "Status:", "value": "Merge conflict detected"} + ], + "text": "The automated sync encountered merge conflicts. A GitHub issue has been created with details. Please resolve the conflicts manually." + }], + "potentialAction": [{ + "@type": "OpenUri", + "name": "View Workflow Run", + "targets": [{"os": "default", "uri": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"}] + }, { + "@type": "OpenUri", + "name": "View Issues", + "targets": [{"os": "default", "uri": "${{ github.server_url }}/${{ github.repository }}/issues?q=is:issue+is:open+label:merge-conflict"}] + }] + }' "${{ env.TEAMS_WEBHOOK_URL }}" || echo "Failed to send Teams notification" + + - name: Send skip notification to Teams + if: steps.check-new-commits.outputs.has_new_commits == 'false' + run: | + curl -H "Content-Type: application/json" -d '{ + "@type": "MessageCard", + "@context": "https://schema.org/extensions", + "summary": "No Changes to Sync", + "themeColor": "0078D4", + "title": "ℹ️ No Changes to Sync", + "sections": [{ + "activityTitle": "Branches are already in sync", + "activitySubtitle": "Repository: netwrix/docs", + "text": "No new commits found in dev branch. Nothing to sync." + }] + }' "${{ env.TEAMS_WEBHOOK_URL }}" || echo "Failed to send Teams notification" + + - name: Workflow summary + if: always() + run: | + echo "## Sync Dev to Main - Summary" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + + if [ "${{ steps.check-new-commits.outputs.has_new_commits }}" == "false" ]; then + echo "ℹ️ **Status:** No new commits to sync" >> $GITHUB_STEP_SUMMARY + echo "- Source: \`${{ env.SOURCE_BRANCH }}\`" >> $GITHUB_STEP_SUMMARY + echo "- Target: \`${{ env.TARGET_BRANCH }}\`" >> $GITHUB_STEP_SUMMARY + elif [ "${{ steps.merge.outputs.conflict }}" == "true" ]; then + echo "⚠️ **Status:** Merge conflict detected" >> $GITHUB_STEP_SUMMARY + echo "- Commits waiting: ${{ steps.check-new-commits.outputs.commits_ahead }}" >> $GITHUB_STEP_SUMMARY + echo "- Action: GitHub issue created" >> $GITHUB_STEP_SUMMARY + echo "- Resolution: Manual merge required" >> $GITHUB_STEP_SUMMARY + else + echo "✅ **Status:** Successfully synced" >> $GITHUB_STEP_SUMMARY + echo "- Commits merged: ${{ steps.merge-details.outputs.commit_count }}" >> $GITHUB_STEP_SUMMARY + echo "- Latest commit: \`${{ steps.merge-details.outputs.commit_sha }}\`" >> $GITHUB_STEP_SUMMARY + echo "- Pushed to: \`${{ env.TARGET_BRANCH }}\`" >> $GITHUB_STEP_SUMMARY + fi + + echo "" >> $GITHUB_STEP_SUMMARY + echo "---" >> $GITHUB_STEP_SUMMARY + echo "*Automated by github-actions[bot] with branch protection bypass*" >> $GITHUB_STEP_SUMMARY diff --git a/.gitignore b/.gitignore index bdbef839cf..e2324deeff 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,12 @@ packages npm-debug.log* yarn-debug.log* yarn-error.log* +fix_fullscreen.py +fix_video_dimensions.py +fix_videos_v2.py +fix_videos_v3.py +fix_videos.py +verify_dimensions.py +git_status.txt +touch_all_modified.py +touch_files.py diff --git a/docs/activitymonitor/7.1/install/upgrade/upgrade.md b/docs/activitymonitor/7.1/install/upgrade/upgrade.md index 409d1420c2..39695dec81 100644 --- a/docs/activitymonitor/7.1/install/upgrade/upgrade.md +++ b/docs/activitymonitor/7.1/install/upgrade/upgrade.md @@ -19,7 +19,7 @@ agents will be limited in monitoring capability until upgraded. The installation and configuration paths for Netwrix Activity Monitor 7.1 have been updated from Activity Monitor 7.0. See the -[Netwrix Activity Monitor 7.1 Paths](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u00000111AOCAY.html) article +[Netwrix Activity Monitor 7.1 Paths](/docs/kb/activitymonitor/netwrix_activity_monitor_(nam)_7.0_paths) knowledge base article for additional information. ## Activity Monitor Upgrade Procedure diff --git a/docs/activitymonitor/8.0/install/upgrade/upgrade.md b/docs/activitymonitor/8.0/install/upgrade/upgrade.md index b7992b5c76..b0d70000ab 100644 --- a/docs/activitymonitor/8.0/install/upgrade/upgrade.md +++ b/docs/activitymonitor/8.0/install/upgrade/upgrade.md @@ -18,7 +18,7 @@ agents will be limited in monitoring capability until upgraded. The installation and configuration paths for Netwrix Activity Monitor 8.0 have been updated from Activity Monitor 7.1. See the -[Netwrix Activity Monitor Paths](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u00000111AOCAY.html) article +[Netwrix Activity Monitor Paths](/docs/kb/activitymonitor/netwrix_activity_monitor_(nam)_7.0_paths) knowledge base article for additional information. ## Activity Monitor Upgrade Procedure diff --git a/docs/activitymonitor/9.0/admin/_category_.json b/docs/activitymonitor/9.0/admin/_category_.json new file mode 100644 index 0000000000..51435b6e32 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Administration", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/_category_.json b/docs/activitymonitor/9.0/admin/agents/_category_.json similarity index 60% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/_category_.json rename to docs/activitymonitor/9.0/admin/agents/_category_.json index d92c78eb54..a219cfb8d3 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/_category_.json +++ b/docs/activitymonitor/9.0/admin/agents/_category_.json @@ -1,10 +1,10 @@ -{ - "label": "Knowledge Base", - "position": 10, - "collapsed": true, - "collapsible": true, - "link": { - "type": "doc", - "id": "knowledgebase" - } +{ + "label": "Agents Tab", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } } \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/agents/activedirectory.md b/docs/activitymonitor/9.0/admin/agents/activedirectory.md new file mode 100644 index 0000000000..a585fbcced --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/activedirectory.md @@ -0,0 +1,108 @@ +--- +title: "Active Directory Agent Deployment" +description: "Active Directory Agent Deployment" +sidebar_position: 40 +--- + +# Active Directory Agent Deployment + +Before deploying the Active Directory (AD) agent, ensure all +[AD Agent Server Requirements](/docs/activitymonitor/9.0/requirements/adagent/adagent.md) have been met. To effectively +monitor Active Directory, it is necessary to deploy an AD agent to every domain controller, +including the read only domain controllers. However, it is possible to deploy the agents in batches. +Follow the steps to deploy the AD agents to the domain controllers in the target domain. + +:::note +These steps are specific to deploying AD agents for monitoring Active Directory. +::: + + +**Step 1 –** On the Agents tab, click Add agent to open the Add New Agent(s) window. + +![Install New Agent](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 2 –** Click on the Install agents on Active Directory domain controllers link to deploy +activity agents to multiple domain controllers. + +:::note +The Activity Monitor will validate the entered Host Name or IP Address entered in the +**Server Name** text box. +::: + + +![Specify Agent Port](/images/activitymonitor/9.0/install/agent/portdefault.webp) + +**Step 3 –** Specify the port that should be used by the new agent(s). + +![Agent Install Location](/images/activitymonitor/9.0/admin/agents/add/locationdefault.webp) + +**Step 4 –** Select the agent installation path. + +:::info +Use the default installation path. +::: + + +![Active Directory Connection page with blank text boxes](/images/activitymonitor/9.0/admin/agents/add/adconnectionblank.webp) + +**Step 5 –** On the Active Directory Connection page, enter the domain, and specify an account that +is a member of BUILTIN\Administrators group on the domain. Then, click **Connect**. + +![Example of a successful connection on the Active Directory Connection page](/images/activitymonitor/9.0/admin/agents/add/adconnectionsuccessful.webp) + +When the connection is successful, the Next button is enabled. Click Next to continue. + +:::note +An Administrator’s credentials are required to test the connection to the server. This is +the only way to enable the Next button. +::: + + +![Domains to Monitor page](/images/activitymonitor/9.0/admin/agents/add/domainstomonitorpage.webp) + +**Step 6 –** On the Domains To Monitor page, available domains display in a list, checked by +default. Check/uncheck the boxes as desired to identify the domains to monitor, then click Next. + +![Domain Controllers to Deploy the Agent to page](/images/activitymonitor/9.0/admin/agents/add/dcstodeploytheagenttopage.webp) + +**Step 7 –** On the Domain Controllers to deploy the Agent to page, available domain controllers +display in a list, checked by default. Check/uncheck the boxes as desired to identify the domain +controllers where the AD agent is to be deployed. + +:::note +Agents can be gradually deployed, but the AD agent needs to be installed on all domain +controllers to monitor all activity of the domain. +::: + + +![Test Connection to Domain Controller](/images/activitymonitor/9.0/admin/agents/add/dcsdeployagentconnection.webp) + +**Step 8 –** Click the **Test** button to verify the connection to the domains selected. Once the +connection is verified, click **Next** to continue. + +![Windows Agent Settings Page](/images/activitymonitor/9.0/admin/agents/add/windowsagentsettingspage.webp) + +**Step 9 –** On the Windows Agent Settings page, there are two settings to configure. + +- Add Windows file activity monitoring – Select the check box to add Windows file activity + monitoring after installing the agent. By default a new agent install monitors nothing. If + administrators want to monitor file activity on Windows servers, it is easier to enable it after + installation of the agent. Windows file activity monitoring can be enabled and configured later in + the console. +- Management Group – By default, the agent only accepts commands from members of the + BUILTIN\Administrators group. Less privilege accounts can be configured to manage the agent with + the Management Group setting. Keep in mind that only administrators can install, update and + uninstall the agent. + +**Step 10 –** Click **Finish**. The Add New Agent(s) window closes, and the activity agent is +deployed to and installed on the target host. + +During the installation process, the status will be Installing. If there are any errors, the +Activity Monitor stops the installation and lists the errors in the Agent messages box. + +![AD Agent Installed](/images/activitymonitor/9.0/admin/agents/add/adagentinstalled.webp) + +When the AD agent installation is complete, the status changes to **Installed** and the agent +version populates in the AD Module column. The next step is to configure the domains to be +monitored. See the [Monitored Domains Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/overview.md) section for +additional information. diff --git a/docs/activitymonitor/9.0/admin/agents/linux.md b/docs/activitymonitor/9.0/admin/agents/linux.md new file mode 100644 index 0000000000..832d088cec --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/linux.md @@ -0,0 +1,138 @@ +--- +title: "Linux Agent Deployment" +description: "Linux Agent Deployment" +sidebar_position: 30 +--- + +# Linux Agent Deployment + +**Understanding Linux File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Manager + +Prior to adding a Windows host to the Activity Monitor, the prerequisites for the target environment +must be met. See the [Linux Agent Server Requirements](/docs/activitymonitor/9.0/requirements/linuxagent.md) topic +for additional information. + +## Deploy Linux Agent + +Follow the steps to deploy the agent to the Linux host. + +**Step 1 –** On the Agents tab, click Add agent to open the Add New Agent(s) window. + +![Install New Agent page of the Add New Agent(s) Wizard](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 2 –** On the Install New Agent page, enter the server name for the Linux host. Click +**Next**. + +![Specify Agent Port](/images/activitymonitor/9.0/install/agent/portdefault.webp) + +**Step 3 –** On the Agent Port page, specify the port to be used by the new agent. The default port +is **4498**. Click **Next**. + +![Credentials to Connect](/images/activitymonitor/9.0/admin/agents/add/credentialsservers.webp) + +**Step 4 –** On the Credentials To Connect To The Server(s) page, connect to the Linux Server using +either a **User name** and **Password**, or a Public Key. + +The options for connecting with a Password are: + +- User name +- Password + +![Public Key Credentials](/images/activitymonitor/9.0/admin/agents/add/publickey.webp) + +The options for connecting with a Public Key are: + +- User name +- Private Key + +![Client Certificate Credentials](/images/activitymonitor/9.0/admin/agents/add/clientcertificate.webp) + +To connect with a Client Certificate, select the **Client Certificate** (for already installed +agents) option. Run the following commands on the Linux machine: + +``` +cd /usr/bin/activity-monitor-agentd/ +./activity-monitor-agentd create-client-certificate --name [name] +``` + +The Client Certificate option adds an already installed agent to the console without using SSH. + +To connect with a public key, select the **Public Key** option. Copy the following command into a +command prompt to generate ECDSA key for public key option: + +``` +ssh-keygen -m PEM -t ecdsa +``` + +Netwrix Activity Monitor requires to generate ECDSA Key with a blank passphrase + +``` +cat ~/.ssh/id_ecdsa.pub >> ~/.ssh/authorized_keys +``` + +:::note +It is required to add public key to authorized keys for Activity Monitor. By default, a +private key is generated at ~/.ssh/id_ecdsa location along with the public key (.pub file). A user +can use a different file location. Copy the following command into a command prompt to generate a +private key for Activity Monitor to use: +::: + + +``` +cat ~/.ssh/id_ecdsa +``` + +**Step 5 –** Click **Connect** to test the connection. If the connection is successful, click +**Next**. If the connection is unsuccessful, see the status message that appears for information on +the failed connection. + +![Linux Agent Options](/images/activitymonitor/9.0/admin/agents/add/linuxagentoptions.webp) + +**Step 6 –** On the Linux Agent Options page, select which user name to use to run the daemon. To +use root, leave the **Service user name** field blank. Click **Test** to test the connection. + +**Step 7 –** Click **Finish**. The Add New Agent(s) window closes, and the activity agent is +deployed to and installed on the target host. + +During the installation process, the status will be **Installing**. If there are any errors, +Activity Monitor stops the installation and lists the errors in the **Agent messages** box. + +![Linux Agent Installed](/images/activitymonitor/9.0/admin/agents/add/activitymonitorwithlinuxagentinstalled.webp) + +When the Linux agent installation is complete, the status changes to **Installed**. The Monitored +Host is also configured, and the added Linux host is displayed in the monitored hosts table. See the +[Monitored Hosts & Services Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/overview.md) topic for additional information. + +Once a host has been added for monitoring, configure the desired outputs. See the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for additional information. + +:::info +Activity Monitor Agent uses certificates to secure the connection between the Linux Agent and the Console / API Server. +By default, the Agent uses an automatically generated self-signed certificate. The Console and the API Server do not enforce +validity checks on these self-signed agent certificates. + +This self-signed certificate can be replaced with one issued by a Certification Authority. Once replaced, the Console and +the API Server will ensure the validity of the agent’s certificates. + +See the [Certificate](/docs/activitymonitor/9.0/admin/agents/properties/certificate.md) topic for additional information. +::: + +## Host Properties for Linux + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional +information. diff --git a/docs/activitymonitor/9.0/admin/agents/multiple.md b/docs/activitymonitor/9.0/admin/agents/multiple.md new file mode 100644 index 0000000000..52803fff42 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/multiple.md @@ -0,0 +1,144 @@ +--- +title: "Multiple Activity Agents Deployment" +description: "Multiple Activity Agents Deployment" +sidebar_position: 20 +--- + +# Multiple Activity Agents Deployment + +Before deploying the activity agent, ensure all Prerequisites are met, including those for NAS +devices when applicable. Follow the steps to deploy the activity agent to a multiple Windows +servers. See the [Activity Agent Server Requirements](/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md) topic +for additional information. + +:::note +These steps are specific to deploying activity agents for monitoring supported target +environments. +::: + + +**Step 1 –** On the Agents tab, click Add agent to open the Add New Agent(s) window. + +![Install New Agent](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 2 –** On the Install new agent page, click the install agents on multiple hosts link to +deploy activity agents to multiple hosts. + +![Specify Agent Port page - specify port that should be used by new agent](/images/activitymonitor/9.0/install/agent/portdefault.webp) + +**Step 3 –** On the Specify Agent Port page, specify the port that should be used by the new agent. +The default port is 4498. Click **Next**. + +![Install Agents on Multiple Hosts page](/images/activitymonitor/9.0/admin/agents/add/installagentsonmultiplehosts.webp) + +**Step 4 –** Windows or Linux hosts can be entered as either a name or an IP Address. The options +are: + +- Add server — Opens the Host name or IP address window. See the Manual Entry topic for additional + information. +- Remove — Removes an entered host name or IP address from the table +- Import — Opens the Import from file window. See the Import a List topic for additional + information. + +There are two methods for adding multiple hosts are: + +**Manual Entry** + +Use **Manual Entry** to manually type the host names or IP addresses of the servers to be monitored. + +![Enter Host Name or IP Address window](/images/activitymonitor/9.0/admin/agents/add/hostnameoripaddresswindow.webp) + +For Manual Entry, the options are: + +- Click Add server. The Host name or IP Address window opens. +- Enter the servers, separating the hosts with spaces, commas, or semicolons. + - (Optional) A multi-line list can be pasted into this textbox. When the servers have been + entered, click OK. The Host name or IP address window closes and the identified servers are in + the list. + +**Import a List** + +Use **Import a List** to import host names or IP addresses from an external source. + +![Import Hosts from a CSV File window](/images/activitymonitor/9.0/admin/agents/add/importhostsfromacsvfilewindow.webp) + +For Import a List: + +- Click Import. The Import from file window opens. +- Enter the file path, or use the ellipsis (…) to navigate to the file. +- Identify the Separator used on the file (Comma, Semicolon, Tab, or Space). This is set to + **Comma** for CSV format by default. +- If the first row of the file contains column headers, then check the First row contains field + names box. If there are no column headers, uncheck this box. +- A preview of the selected file displays. Select the column with the host names. +- Click OK. The Import from file window closes and the identified servers are in the list. + +The Activity Monitor will monitor the Host Names or IP Address added to the **Install Agents on +Multiple Hosts** table. Click **Next**. + +![Credentials to Connect to the Server(s) window](/images/activitymonitor/9.0/install/agent/credentials.webp) + +**Step 5 –** On the Credentials To Connect To The Server(s) page, connect to the server using either +a **User name** and **password**, a Public Key, or a Client Certificate. + +The options for connecting with a Password are: + +- User name +- Password + +![Credentials to Connect to the Server(s) ](/images/activitymonitor/9.0/admin/agents/add/publickey.webp) + +The options for connecting with a Public Key are: + +- User name +- Private Key + +- Use the Public Key option to install an agent using SSH + +![clientcertificate](/images/activitymonitor/9.0/admin/agents/add/clientcertificate.webp) + +To connect with a Client Certificate, select the Client Certificate (for already installed agents) +option. Copy the following command into a command prompt: + +**activity-monitor-agentd --create-client-certificate --client-name [NAME]** + +Using an existing Client Certificate installs a new agent without using SSH. + +**Step 6 –** Click **Connect** to test the connection. If the connection is successful, click +**Next**. + +The credentials are tested against each server added on the **Install Agent(s) on Multiple Hosts** +page. If the connection is unsuccessful, see the status message that appears for information on the +failed connection. Activity agents are only successfully deployed for servers where the test status +returns Ok. Failed deployments can be retried through the Connection tab of the agent’s Properties +window. When one or more of the connections are successful, click Next. + +![Agent Installation Path page](/images/activitymonitor/9.0/admin/agents/add/agentinstalllocation.webp) + +**Step 7 –** On the Agent Install Location page, browse to theselect the agent installation path. +The default path is `C:\Program Files\Netwrix\Activity Monitor\Agent`. Click **Next**. + +![Windows Agent Settings](/images/activitymonitor/9.0/admin/agents/add/enablewindowsfileactivitymonitoring.webp) + +**Step 8 –** On the Windows Agent Settings window, configure the following options: + +- Add Windows file activity monitoring after installation — Check the Add Windows file activity + monitoring after installation checkbox to enable monitoring all file system activity on the + targeted Windows server after installation. +- Management Group — By default, the agent only accepts commands from members from the + BUILTIN\Administrators group. Less privileged accounts can be used to manage the agent with the + Management group setting. Keep in mind that an administrator account must be used to install, + upgrade, or uninstall an agent. + +**Step 9 –** Click Finish. The Add New Agent(s) window closes, and the activity agent is deployed to +and installed on the target host. + +During the installation process, the status will be **Installing**. If there are any errors, the +Activity Monitor stops the installation for that host and lists the errors in the **Agent messages** +box. + +![Multiple Agents Installed](/images/activitymonitor/9.0/admin/agents/add/adagentinstalled.webp) + +When the activity agent installation completes, the status changes to **Installed** and the activity +agent version populates. The next step is to add hosts to be monitored. See the +[Monitored Hosts & Services Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/agents/overview.md b/docs/activitymonitor/9.0/admin/agents/overview.md new file mode 100644 index 0000000000..99ba201135 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/overview.md @@ -0,0 +1,72 @@ +--- +title: "Agents Tab" +description: "Agents Tab" +sidebar_position: 10 +--- + +# Agents Tab + +The **Agents** tab is used to deploy activity agents and manage settings. This is the only tab +available until an agent is installed. + +![Image of Agents Home Page](/images/activitymonitor/9.0/admin/agents/agentaddedfinalimage.webp) + +The Agents tab is comprised of a button bar, a table of servers hosting activity agents, and an +Agent Messages box. The button bar allows users to take the following actions: + +- Add Agent – Opens the Add New Agent(s) window to deploy the activity/AD agent to a single server + or to multiple servers at the same time. The following sections provide additional information: + + - [Single Activity Agent Deployment](/docs/activitymonitor/9.0/admin/agents/single.md) + - [Multiple Activity Agents Deployment](/docs/activitymonitor/9.0/admin/agents/multiple.md) + - [Active Directory Agent Deployment](/docs/activitymonitor/9.0/admin/agents/activedirectory.md) + - [Linux Agent Deployment](/docs/activitymonitor/9.0/admin/agents/linux.md) + +- Remove – Opens the Remove Agents window where users can choose to remove the hosting server + from the activity agents table or uninstalling the activity agent from the hosting server + before removing the activity agent from the table. See the + [Remove Agents](/docs/activitymonitor/9.0/install/upgrade/removeagent.md) topic for additional information. + +- Edit – Opens the selected server’s Properties window to modify the server name or credentials. See + the [Agent Properties Window](/docs/activitymonitor/9.0/admin/agents/properties/overview.md) topic for additional information. +- Start pending AD Module – Starts the Active Directory monitoring module, which is part of the Activity Monitor Agent, when the module is in a pending (not yet started) state. + + - Occasionally, a Microsoft Security Bulletin that affects LSASS can interfere with the AD module’s instrumentation, causing LSASS to shut down. + The AD module monitors for LSASS process termination shortly after a server reboot. + It can be configured to run in Safe Mode to prevent the operating system from loading the AD monitoring module if the versions of the DLLs that the module hooks into have changed since the last restart. + +- Install – Deploy or upgrade an activity agent to the selected host +- Upgrade – [When Agent Status is Outdated] Replaces outdated activity agent with current version +- Update AD Module Installer – Allows you to select the newer AD Module installer. A confirmation + window then opens and identifies the new installer version. See the + [Update AD Module Installer](/docs/activitymonitor/9.0/install/upgrade/updateadagentinstaller.md) topic for additional + information. +- Refresh all – Refresh the status of all activity agents + +The table of servers hosting activity agents provides the following information: + +- Server Name – Name or IP Address of the server hosting an activity agent +- Status – Status of the deployed activity agent(s) + + :::note + If the AD agent has been deployed, a status of “outdated” could apply to either the + activity agent or the AD agent installed on the domain controller. + ::: + + +- Version – Version of the deployed activity agent +- AD Module – Version of the deployed AD Module, used for Active Directory monitoring +- Domain – Name of the domain +- Messages – Count of the number of error and warning messages for the selected server +- Archive Location – If archiving is enabled for the activity agent, displays the archive file path +- Archive Size – If archiving is enabled for the activity agent, displays the archive size + +![Agent Messages](/images/activitymonitor/9.0/admin/agents/agentmessages.webp) + +The **Agent messages** box displays any error or warning messages from the selected activity agent. +These messages are related to deployment/installation, communication between the Console and the +Activity Agent, and upgrade of an agent. + + +For additional information on how to deploy agents manually, see the +[Agent Information](/docs/activitymonitor/9.0/install/agents/agents.md) topic. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/_category_.json b/docs/activitymonitor/9.0/admin/agents/properties/_category_.json new file mode 100644 index 0000000000..7f658621ec --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Agent Properties Window", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/agents/properties/activedirectory.md b/docs/activitymonitor/9.0/admin/agents/properties/activedirectory.md new file mode 100644 index 0000000000..12b48125b0 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/activedirectory.md @@ -0,0 +1,83 @@ +--- +title: "Active Directory Tab" +description: "Active Directory Tab" +sidebar_position: 10 +--- + +# Active Directory Tab + +The Active Directory tab provides options to configure the agent settings for monitoring an Active +Directory domain controller. These settings are part of the Active Directory monitoring and can only +be enabled for agents on domain controllers. + +![Agent Properties - Active Directory Tab](/images/activitymonitor/9.0/admin/agents/properties/mainimage.webp) + +The Agent Settings allow users to control the AD agent’s properties: + +- Harden the Agent – Protects the AD agent from being altered, stopped, or started from within the + local Service Control Manager +- Safe Mode – If selected, the AD agent checks LSASS versions upon start up. Any change in LSASS + since the previous start prevents the monitoring modules from loading. + + :::note + This is a safety measure that disables monitoring if the environment changes as in + rare cases the instrumentation may cause LSASS crashes. Should the version change occur, a + warning will be shown next to the agent on the Agents page. The **Start pending AD Module** button + allows you to force the agent to enable monitoring. + ::: + + +- Enable DNS Host Name Resolution – If selected, the AD agent looks up the missing data (a NetBIOS + name, a Fully Qualified Domain Name, or an IP Address) that is missing fromthe event + + :::note + This provides more uniform data, but may have a performance impact on the machine + where the AD agent is deployed, especially if that machine does not handle the name resolution + locally. + ::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. + +## Advanced Active Directory Monitoring using Threat Prevention + +More advanced Active Directory Monitoring features are available for use through Netwrix Threat Prevention. +See the following sections for additional information: + +- See the Configuring Threat Prevention to Send Active Directory Activity to the Activity Monitor + topic for additional information + +## Configuring Threat Prevention to Send Active Directory Activity to Activity Monitor + +Once the activity agent is deployed to a domain controller with an existing Threat Prevention agent, +a connection can be secured between both agents. Follow these instructions to configure the policy +used for Active Directory Activity Monitoring from the Threat Prevention Admin Console. + +**Step 1 –** Configure the File, Syslog, or Threat Manager outputs on the Monitored Domains Tab in +the Activity Monitor Console. See the +[Output for Monitored Domains](/docs/activitymonitor/9.0/admin/monitoreddomains/output/output.md) topic for additional information. + +**Step 2 –** Within the Threat Prevention Admin Console, select the Threat Manager Event Sink +Configuration Window option under the Configuration menu, and enter `amqp://localhost:4499` within the +Threat Manager URI field on the pop-up window. Then click Save. + +**Step 3 –** Still within Threat Prevention, create a New Policy or select an existing one to send +Active Directory events data to Activity Monitor. See the Navigation Pane Right-Click Commands +section of the +[Netwrix Threat Prevention Documentation](https://docs.netwrix.com/docs/threatprevention/7_5) +for additional information. + +**Step 4 –** Enter a description within the General Tab of the New Policy Configuration page to +identify the AD Module policy settings. Click the button in front of the policy status to toggle +from Disabled to Enabled. + +**Step 5 –** On the Event Type Tab, add events and objects to monitor. Click the AD Operations to +include in the policy. + +**Step 6 –** Under the Actions Tab, check the **Send to Threat Manager** checkbox to enable sending +Active Directory Activity events data to Activity Monitor. Click Save + +See the +[Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) +for additional information on policy configurations. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/additionalproperties.md b/docs/activitymonitor/9.0/admin/agents/properties/additionalproperties.md new file mode 100644 index 0000000000..600db09f0d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/additionalproperties.md @@ -0,0 +1,87 @@ +--- +title: "Additional Properties Tab" +description: "Additional Properties Tab" +sidebar_position: 20 +--- + +# Additional Properties Tab + +The Additional Properties Tab provides additional configuration options for the agent. The tab +varies based on the type of agent selected. + +## For Activity Agent + +The Additional Properties tab for the Activity Agent has the following configuration options: + +![Agent Additional Properties Tab](/images/activitymonitor/9.0/admin/agents/properties/additionalpropertiestab.webp) + +- Comment – Create an annotation for the agent in the **Comment** text box. Annotations entered here + will appear in the Comment column in the table on the Agents tab. +- Agent's Trace Level – Select a trace level for the agent log from the drop-down list: + + - Same Level as the Console (uses the global level selected in the console) + - Trace (the most verbose) many collection points and can slow down + + :::warning + Selecting the **Trace** option can slow down collection due to the large amount + of data points + ::: + + + - Debug + - Info (recommended) + - Warning + - Error + - Fatal + +In certain situations, the trace logs are not enough to identify issues. Collect extended debugging +data (ETW) can be useful for problems related to the following: + +- Not getting events +- Missing event attributes +- Getting unexpected events +- High RAM/CPU caused by SBTService +- Issues caused by Antivirus or Backup software + +When this is needed, enable the **Collect extended debugging data (ETW) from the Windows driver when +the Trace level is activated** option to diagnose these problems. + +:::warning +Selecting this option collects a large amount of data. Therefore, it is important to +enable it only for short periods of time. Otherwise, the trace file may overflow with data. +::: + + +In general for troubleshooting, start with trace logs. If the root cause of the problem might be a +low-level functionality the driver, then the ETW logs must be enabled. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. + +## For Linux Agent + +The Additional Properties tab for the Linux Agent has the following configuration options: + +![Linux Agent Additional Properties Tab](/images/activitymonitor/9.0/admin/agents/properties/linuxagentadditionalpropertiestab.webp) + +- Comment – Create an annotation for the agent in the **Comment** text box. Annotations entered here + will appear in the Comment column in the table on the Agents tab. +- Agent's Trace Level – Select a trace level for the agent log from the drop-down list: + + - Same Level as the Console (uses the global level selected in the console) + - Trace (the most verbose) many collection points and can slow down + + :::warning + Selecting the **Trace** option can slow down collection due to the large amount + of data points + ::: + + + - Debug + - Info (recommended) + - Warning + - Error + - Fatal + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/adusers.md b/docs/activitymonitor/9.0/admin/agents/properties/adusers.md new file mode 100644 index 0000000000..512720dcf5 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/adusers.md @@ -0,0 +1,35 @@ +--- +title: "AD Users Tab" +description: "AD Users Tab" +sidebar_position: 30 +--- + +# AD Users Tab + +Use the AD Users tab to customize Active Directory service queries and caching behavior. + +![AD Users Tab](/images/activitymonitor/9.0/admin/agents/properties/aduserstab.webp) + +The configurable options are: + +- Domain Controllers (IPs and FQDNs) – IP addresses or FQDN of domain controllers. IP addresses or + FQDN should be entered as separate addresses with space, comma (,), semicolon (;), or a multi-line + list. Leave the box blank to use the default domain controller. +- Lookup timeout – Specify the time for look-up timeout in milliseconds. The default is 2000 + milliseconds. If a query fails to complete in the specified interval then the product reports an + empty username or a previous result from the cache. The product continues to wait for a response + in the background so that further events can use the resolution result. +- Cache TTL for successful results –Specify the caching interval (time-to-live) for successful AD + responses.The default is 10 hours. When an AD query returns a valid username or SID, the response + is cached for the specified time. It is recommended to use large TTL values as the user + information does not often change. +- Cache TTL for failed results – Specify the caching interval (time-to-live) for failed AD + responses. The default is 1 minute. When an AD query cannot resolve a SID or username, the failed + result is cached for the specified time. Caching of failed responses helps to reduce the load on + domain controllers and improve performance of event processing. Short TTL values are recommended + to make the product report accurate user information. +- Maximum cache size – Specify the maximum cache size for both successful and failed responses. The + default is 300000. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/apiserver.md b/docs/activitymonitor/9.0/admin/agents/properties/apiserver.md new file mode 100644 index 0000000000..43c5ffc223 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/apiserver.md @@ -0,0 +1,66 @@ +--- +title: "API Server Tab" +description: "API Server Tab" +sidebar_position: 40 +--- + +# API Server Tab + +The API Server Tab provides options to configure API server settings to send information about +agents, agent configuration, and agent data to applications remotely. If an application wants to +read the activity data using the API, the API Server must be enabled on each agent collecting +activity. + +![API Server Tab for Agent Properties](/images/activitymonitor/9.0/admin/agents/properties/apiservertab.webp) + +Check the Enable API access on this agent box to utilize the options on this tab: + +- API server port (TCP): [number] (from 1000 to 65535) – Enter the API server port. The default + is 4494. +- Configure what applications have access to the API – Specifies which API servers can be included + or excluded from receiving event data. + - Add Application – Click Add Application to open the Add or edit API client window to add an + Application name to the list + - Remove – Select an Application Name and click Remove to remove an Application name from the + list + - Edit – Select an Application Name and click Edit... to open the Add or edit API client window + for that Application Name + +Grant or revoke access to the API Server by registering applications. + +![Add or Edit API Client popup window](/images/activitymonitor/9.0/admin/agents/properties/addoreditapiclient.webp) + +Click Add Application to open the Add or edit API client window. + +- Application name – Name of application to provide read-only access to +- Permissions – list of permissions for Activity Monitor  through API Server + - Access activity data – Provides a read-only access to the activity log files of the agent + hosting the API Server. The access is provided to the files stored on the agent's server or on + the archival network share. The permission also provides minimal and read-only access to + configuration of monitored hosts/domain, enough to match the monitored hosts/services to their log + files. + - Read – Provides a read-only access to the list of the agents and their configuration settings; + configuration of monitored domains; configuration of monitored hosts/services. The permission does not + provide access to the saved passwords or other secrets. + - Policy change - Provides permissions required to update the AD Monitoring domain configuration + settings + - Modify host - Provides permissions required to update the monitored hosts/services settings + - Modify agent - Provides permissions required to update the agent hosts settings +- Client ID/Generate – Generate button creates a new Client ID and Client Secret (password) + credentials for applications to access API server +- Client Secret/Copy – Copy button copies the Client ID and Client Secret (password) into its + respective textbox after the application is added or the Generate button is pressed +- Secret Expires – Displays the number of days until the Client Secret expires before activated. The + default is 3 days. + +The options below the API Application Access window are: + +- Managing console/Use this console – Use this console button enters the host name of the Activity + Monitor Console within the textbox +- IPv4 or IPv6 whitelist – IP Addresses of the remote hosts, which are allowed to connect to the API + port, can be whitelisted by entering them in the box. IP Addresses should be entered as separate + addresses with space, comma (,), semicolon (;), or a multi-line list. Leave the box blank to + accept connections from any hosts. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/archiving.md b/docs/activitymonitor/9.0/admin/agents/properties/archiving.md new file mode 100644 index 0000000000..7d4d7e0f60 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/archiving.md @@ -0,0 +1,53 @@ +--- +title: "Archiving Tab" +description: "Archiving Tab" +sidebar_position: 6 +--- + +# Archiving Tab + +By default, the Activity Monitor keeps the activity logs on the servers where the activity agents +are deployed. The Archiving tab provides users with options to enable archiving for the activity +agent and move the archived files to another location on the server or to a network location. + +![Archiving Tab for Agent Properties](/images/activitymonitor/9.0/admin/agents/properties/archiving_tab.webp) + +The Days to keep Log files option, listed under the Log Files tab within Host Properties, applies to +Archive log files. When the entered number of days entered have passed, the activity logs and +Archive log files are deleted. The path to the Archive log files is next to the Configure button, +and listed under the Archive Location column within the Agents tab. + +Check the Enable archiving for this agent box to enable the options on this tab. The archive feature +is disabled by default. + +- Disk Quota — Maximum disk space the agent is allowed to use on the server it is installed on (at + least 100MB) – Select the number of megabytes or gigabytes. The default is 5 GB. +- Archive log files on this computer – Select to archive the logs on the server hosting this + activity agent. When archiving is enabled, this is the default selection. Click Configure to open + the Configure a network share on this computer window and provide the following information: + +![Popup window for Configure a network share on this computer option](/images/activitymonitor/9.0/admin/agents/properties/archivingtabconfigure.webp) + +The options in the Configure a network share on this computer window are: + +- Directory – Click the ellipsis (…) to browse to a location on the server +- Share name – Enter the share name for the archives +- Grant read access to – Click the ellipsis (…) to specify an account or group to be granted Read + and Write access to the archive + +The options below the **Configure** button are: + +- Archive log files on an UNC path (e.g. \\host-name.domain.local\share-name) – Click the ellipsis + (…) to browse for a location and select the UNC path +- User name/User password – Specify credentials to access the network share. Leave the credentials + blank to access the share using the credentials supplied for activity agent deployment. +- Test – Click Test to ensure a successful connection to the network share + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. + +:::note +Linux agents move activity logs to a set local path. Remote storage can be mounted to use +this path for archiving. + +::: diff --git a/docs/activitymonitor/9.0/admin/agents/properties/certificate.md b/docs/activitymonitor/9.0/admin/agents/properties/certificate.md new file mode 100644 index 0000000000..9f560cd421 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/certificate.md @@ -0,0 +1,153 @@ +--- +title: "Certificate Tab" +description: "Certificate Tab" +sidebar_position: 5 +--- + +# Certificate Tab + +Activity Monitor Agent uses certificates to secure the connection between the Linux Agent and the Console / API Server; +between NAS devices and the Agent; between the Agent and REST API users. + +By default, the Agent uses an automatically generated self-signed certificate. The Console and the API Server do not enforce +validity checks on these self-signed agent certificates. + +This self-signed certificate can be replaced with one issued by a Certification Authority. Once replaced, the Console and +the API Server will ensure the validity of the agent’s certificates. + + +## Certificate Status + +The details of the current Agent certificate can be accessed via the **Certificate** page within the Agent settings. +The Console displays the Subject, Issuer, validity period, and whether it is a self-signed certificate. +The **Status** field indicates the Console’s trust in the presented certificate. + +An 'untrusted' status indicates that the agent's certificate has either been modified since the agent was initially added +to the Console or its validity period has expired. + + +:::warning +An untrusted certificate will prevent the Console and API Server from connecting to the agent. +::: + +If the change was intentional, use the **Trust this certificate** button to validate the certificate. This action will +establish trust for self-signed certificates, or for the issuing Certificate Authority in the case of CA-issued certificates. + +To replace the current certificate, use the **Manage certificates…** button. + + +:::info +Both **Trust this certificate** and **Manage certificates** functions support batch execution for multiple selected agents. +Also, when multiple agents are selected, the certificate information will only include fields with identical values across +all selected certificates, which can aid in identifying differences. +::: + +## Using CA-issued Certificates + +The **Manage certificates...** button launches a wizard to replace the current certificate of the agent or selected agents +with certificates issued by your Certification Authority. The whole process involves four steps: + + +1. **Generate CSRs** + +The wizard will guide you through the generation of Certificate Signing Request (CSR) for each agent. +This CSR file will contain the agent’s hostname, FQDN, static IP addresses, optional attributes (organization, OU, country, state, locality), and the agent’s digital signature. The generated CSR files, named after their corresponding agents, will be saved to a specified directory. + +2. **Submit CSRs to the Certification Authority** + +The CSR files generated in the previous step must be manually submitted by a user to their Certification Authority. This process must be performed manually, outside of the Activity Monitor, due to the varying workflows and policies inherent to different Certification Authorities. +This step yields a set of certificate files for the agents issued by the Certification Authority based on the CSRs. The CA certificate itself also needs to be collected. +Make sure that the agent certificates have the `Server Authentication` purpose listed in the Extended Key Usage extension and have DER or PEM encoding. + +If you are using OpenSSL’s Micro CA, you can generate a certificate from a CSR file using the `x509 -req` command. + +``` +openssl x509 -req -in AGENT01.req -CA ca.crt -CAkey ca.key -out AGENT01.crt -CAcreateserial -copy_extensions copyall +``` + +3. **Apply Certificates** + +Launch the wizard again to apply the new certificates to the agents. You will be prompted to select the CA certificate file and the directory +containing the certificate files for the agents. By using the **Verify Files** button, the product will validate the certificates, +confirming issuance by the specified CA, the correct association with the agents and their private keys, and their validity period. + +Upon successful validation, the Console will permit the immediate application of the certificates via the **Apply Certificates** button. +Failed application can be retried. + +4. **Update Other Console Instances (optional)** + +If your deployment includes multiple Console instances, each instance must be updated to trust the new certificates via the **Trust this certificate** button. + +## Using Self-Signed Certificates + +The **Manage certificates** wizard can be used to switch to automatically generated self-signed certificates. The wizard presents two options: + +1. **Use existing self-signed certificates** +2. **Generate new private key and self-signed certificate** + +The first option attempts to locate and apply a previously generated self-signed certificate, if one exists, that was in use prior +to application of a CA-issued certificate. If the certificate does not exist, a new one will be created. + +This approach may be beneficial in deployments with multiple instances of the Console or API Server that still rely on this specific +self-signed certificate, so its restoration would reinstate their operational status. + +The second option will generate a new private key and a corresponding self-signed certificate for the agent. +In the event of a suspected compromise of the agent's private key, this option should be employed. + +The **Apply Changes** button immediately applies the changes to the agents. + +If your deployment includes multiple Console instances, each instance must be updated to trust the new certificates via the **Trust this certificate** button. + + +## **Command-Line Interface** + +For automated deployments, the agent executable provides a Command-Line Interface offering equivalent functionality to the Console. +All CLI commands return a non-zero exit code upon failure and output error details in JSON format.  + +### **Get current certificate** + +Command: `certificate-get` - Prints the current agent’s certificate. + +Parameters: + +* `out-file` (optional) - Path to a file where the certificate will be written. If the file exists, it will be overwritten. +If not provided, the certificate content is printed to the standard output. + +### **Generate CSR** + +Command: `certificate-create-csr` - Generates a Certificate Signing Request (CSR) for the agent. + +Parameters: + +* `out-file` (optional) - Path to a file where the CSR will be written. If the file exists, it will be overwritten. +If not provided, the CSR content is printed to the standard output. +* `common-name` (optional) - Common Name. If not specified, the server’s FQDN is used. +* `organization` (optional) - Organization name. +* `organization-unit` (optional) - Organization Unit. +* `country` (optional) - Country name. +* `state` (optional) - State name. +* `locality` (optional) - Locality name. +* `alternative-names` (optional) - A comma-separated list of Subject Alternative Names. If not specified, server’s hostname, +FQDN, and static IP addresses are added to the SAN list. + +### **Apply Certificate** + +Command: `certificate-apply` - Applies the certificate issued by a Certification Authority. + +Parameters: + +* `ca-file` - Path to the CA certificate file. +* `file` - Path to the agent's certificate file to apply. +* `what-if` (optional) - If specified, the CA and agent certificates are validated, but the new certificate is not applied. +Use this option to check the certificates before applying. + +### **Use Self-Signed Certificate** + +Command: `certificate-apply-self-signed` - Applies an automatically generated self-signed certificate. +The command will attempt to use an existing self-signed certificate, if one exists. + +Parameters: + +* `rekey` (optional) - If specified, a new private key and a new self-signed certificate will be generated. +Otherwise, the command will first attempt to use an existing self-signed certificate. If no existing certificate is found, +a new certificate will be created using the existing private key. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/connection.md b/docs/activitymonitor/9.0/admin/agents/properties/connection.md new file mode 100644 index 0000000000..3434ba242b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/connection.md @@ -0,0 +1,119 @@ +--- +title: "Connection Tab" +description: "Connection Tab" +sidebar_position: 1 +--- + +# Connection Tab + +The Connection tab allows users to modify the agent host server name and the credentials used for +installation and communication. The tab varies based on the type of agent selected. + +## For Activity Agent + +The server name can be modified in the text box. Modifying the name value does not move the activity +agent to a new server. The credentials can be updated or modified as well. + +:::tip +Remember, **Test** the credentials before clicking OK to ensure a successful connection. +::: + + +![Connection Tab for Agent Properties](/images/activitymonitor/9.0/admin/agents/properties/connectiontab.webp) + +Agent server fields: + +- Server name – Name or IP address of the server where the agent is deployed +- Port – Port the agent uses for communication with the application + +Credential fields: + +- User name – Account provisioned for use by the agent +- Password – Password for the supplied User name + +**Permissions** + +This account must be: + +- Membership in the local Administrators group + +If the user name is not specified, the currently logged in user's account will be used. + +**Less Privileged Permissions Option** + +By default, the agent accepts commands only from members of the local Administrators group. You can +allow less privileged accounts to manage the agent with the **Management Group** option. Keep in +mind that you still need to be an administrator to install, upgrade, or uninstall the agent. The +Management Group applies to the users of the console and API servers. The Management Group does not +restrict access to the agents, but grants access to its members in addition to existing members of +the local Administrators group. + +The Specify account or group window is opened from a field where a Windows account is needed. + +![Specify Account or Group popup window](/images/activitymonitor/9.0/admin/agents/properties/windowsspecifyaccountorgroup.webp) + +Follow the steps to use this window. + +**Step 1 –** Select the Domain from the drop-down menu. + +**Step 2 –** Enter the Account in the textbox. + +- Accounts can be entered in NTAccount format, UPN format, or SID format. +- Use the ellipsis (…) button to open the Select Users, Computers, Service Accounts, or Groups + window to browse for an account. + +**Step 3 –** Then click Resolve. A message displays indicating whether or not the account could be +resolved. + +**Step 4 –** If successful, click OK. + +The Specify account or group window closes, and the account is added to the field where the window +was opened. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. + +## For Linux Agent + +The server name can be modified in the text box. Modifying the name value does not move the Linux +agent to a new server. The credentials can be updated or modified as well. + +:::tip +Remember, **Test** the credentials before clicking OK to ensure a successful connection. +::: + + +![linuxconnectiontab](/images/activitymonitor/9.0/admin/agents/properties/linuxconnectiontab.webp) + +Agent server fields: + +- Server name – Name or IP address of the server where the agent is deployed +- Port – Port the agent uses for communication with the application + +Credential fields: + +- User name – Account provisioned for use by the agent +- Password – Password for the supplied User name + +**Permissions** + +This account must be: + +- Root privileges with password (or SSH private key) + +The **Trace level** option configures the level for the agent log it includes the following levels: + +- Same Level as the Console (uses the global level selected in the console) +- Trace (the most verbose) many collection points and can slow down + + :::warning + Selecting the **Trace** option can slow down collection due to the large amount of + data points + ::: + + +- Debug +- Info (recommended) +- Warning +- Error +- Fatal diff --git a/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md b/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md new file mode 100644 index 0000000000..ee42ca935b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md @@ -0,0 +1,244 @@ +--- +title: "Dell CEE Options Tab" +description: "Dell CEE Options Tab" +sidebar_position: 70 +--- + +# Dell CEE Options Tab + +The Dell CEE Options tab provides options to configure Dell Common Event Enabler (CEE) settings for +monitoring Dell devices. File activity monitoring leverages the Dell CEE to deliver activity events +from Dell devices. + +CEE supports two protocols to deliver events to Activity Monitor: RPC and HTTP. An agent can receive +activity from several CEEs at the same time. Among them can be a local Windows CEE, remote Windows +and Linux CEEs. Windows versions of CEEs can use both RPC and HTTP protocols. Linux versions can +only support HTTP protocols. + +:::note +Dell CEE can be installed on the same host as the activity agent, or on a different host. +If it is installed on the same host, the activity agent can configure it automatically. +::: + + +![EMC CEE Options Tab](/images/activitymonitor/9.0/admin/agents/properties/emcceeoptionstab.webp) + +The options are: + +- Check CEE Status – Click the button to confirm the status of Dell CEE installed on the agent + server +- Choose the CEE event delivery mode: + + - Synchronous real-time delivery – Events are delivered immediately as they occur, one by one. + - Asynchronous bulk delivery (VCAPS) - Events are delivered in batches with a cadence based on a + time period or a number of events. As this mode provides better throughput, it is recommended + for heavily loaded servers. If selected, specify how often events are delivered by Dell CEE + using the following options: + + - Every [number] seconds (from 60 to 600) - Default is 60 seconds + - Or every [number] events (from 10 to 10000) - Default is 100 events + - The number of events and number of seconds, are used simultaneously, whichever is reached + first + +- Choose network protocols for event delivery: + + - Both – Delivers events via MS-RPC and HTTP protocol + - MS-RPC – Delivers events via the MS-RPC protocol (Windows versions of CEE only) + - HTTP – Delivers events via the HTTP protocol (Windows and Linux versions of CEE) + + - HTTP port – The port number to communicate with the agent. The default port number is + 4492, modify if needed. The agent will add the port to the firewall exclusions + automatically. + - IPv4 or IPv6 allowlist – Specify IP addresses of CEE instance that are allowed to connect + to the agent via the HTTP protocol. Leave blank to accept connections from any host. + +:::note +For Remote Windows CEE or Linux CEE, Manual Configuration is needed. +::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. + +## Windows CEE Manual Configuration + +Windows CEE is configured with the windows registry and depends on the selected event delivery mode, +AUDIT or VCAPS. + +For the synchronous real-time delivery mode (AUDIT), use the following steps. + +**Step 1 –** Navigate to the following windows registry key +`HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration`. + +**Step 2 –** Set the `Enabled` parameter to 1. + +**Step 3 –** If the `EndPoint` parameter is empty, set it to the string listed below. If it is not +empty (i.e. some other 3rd party application is also receiving activity events from CEE), append the +following string to the existing `EndPoint` value, separating them with a semicolon. + +- For the RPC protocol, `StealthAUDIT@ip-address-of-the-agent` +- For the HTTP protocol, `StealthAUDIT@http://ip-address-of-the-agent:port` + +**Step 4 –** Restart the CEE Monitor service. + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key +`HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration`. + +**Step 2 –** Set the `Enabled` parameter to 1. + +**Step 3 –** If the `EndPoint` parameter is empty, set it to the string listed below. If it is not +empty (i.e. some other 3rd party application is also receiving activity events from CEE), append the +following string to the existing `EndPoint` value, separating them with a semicolon. + +- For the RPC protocol, `StealthVCAPS@ip-address-of-the-agent` +- For the HTTP protocol, `StealthVCAPS@http://ip-address-of-the-agent:port` + +**Step 4 –** Set `FeedInterval` to how often, in seconds, information is sent from CEE to the +Activity Monitor. The default is 60 seconds. The range is from 60 seconds to 600 seconds. + +**Step 5 –** Set `MaxEventsPerFeed` to how many events must occur before information is sent from +CEE to Activity Monitor. The default is 100 events. The range is from 10 events to 10,000 events. + +:::note +The `FeedInterval` and `MaxEventsPerFeed` delivery cadences are used simultaneously. +::: + + +**Step 6 –** Restart the CEE Monitor service. + +:::note +All protocol strings are case sensitive. +::: + + +## Linux CEE Manual Configuration + +CEE binaries, configuration, and log files are located in `/opt/CEEPack` directory. + +**Step 1 –** Update the configuration file `/opt/CEEPack/emc_cee_config.xml`. + +**Step 2 –** Restart CEE with `/opt/CEEPack/emc_cee_svc restart` command. + +The CEE configuration file is located at` /opt/CEEPack/emc_cee_config.xml`. You need to add an +endpoint to the `EndPoint` node. In addition to the `EndPoint` node, you need to set `Enabled` to +`1` in either `Audit` or `VCAPS` if the Activity Monitor is the only application getting events from +the CEE. If there are multiple applications, enable the delivery modes accordingly. + +The EndPoint node's format is a semicolon-separated list of applications +in` PartnerId@http://address-of-the-app:port` format. + +For the Activity Monitor use the following strings: + +- For Audit, `StealthAUDIT@http://ip-address-of-the-agent:port` +- For VCAPS, `StealthVCAPS@http://ip-address-of-the-agent:port` + +Here's an example for the synchronous delivery (Audit): + +```xml + + +**** + + + +**** + + + +**1** + +StealthAUDIT@http://[IP Address]:[Port] + +**** + + + +... + +**** + + + +**0** + +StealthVCAPS@http://[IP Address]:[Port] + +**60** + +100 + +**** + + + + +``` + +Here's an example for the asynchronous delivery (VCAPS): + +```xml + + +**** + + + +**** + + + +**0** + +StealthAUDIT@http://[IP Address]:[Port] + +**** + + + +... + +**** + + + +**1** + +StealthVCAPS@http://[IP Address]:[Port] + +**60** + +100 + +**** + + + + +``` + +Make sure to set `Enabled` to `1` only in `Audit` or `VCAPS` if Activity Monitor is the only product +receiving activity from CEE. Otherwise, enable the modes according to all product requirements. + +If you want to send activity to several 3rd party applications, separate them with semicolons. + +```xml + + +**** + +1 + +**Splunk@10.20.30.40:12345;StealthAUDIT@http://[IP Address]:[Port]** + + + + +``` + +:::note +All protocol strings are case sensitive. + +::: diff --git a/docs/activitymonitor/9.0/admin/agents/properties/diskquota.md b/docs/activitymonitor/9.0/admin/agents/properties/diskquota.md new file mode 100644 index 0000000000..695a8f4d98 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/diskquota.md @@ -0,0 +1,22 @@ +--- +title: "Disk Quota Tab" +description: "Disk Quota Tab" +sidebar_position: 7 +--- + +# Disk Quota Tab + +The **Disk Quota Tab** is used to limit the size of logs to save disk space. + +![diskquotatab](/images/activitymonitor/9.0/admin/agents/properties/diskquotatab.webp) + +The configurable options are: + +- Enable disk quota monitoring for this agent – Check the box to enable disk quota monitoring for + the agent +- Maximum disk space the agent is allowed to use on the server it is installed on (at least 100MB) – + Set the maximum disk space that is allowed to be used on the server to store log files. The + default value is **5 GB**. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/dns.md b/docs/activitymonitor/9.0/admin/agents/properties/dns.md new file mode 100644 index 0000000000..5f116d918b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/dns.md @@ -0,0 +1,48 @@ +--- +title: "DNS Tab" +description: "DNS Tab" +sidebar_position: 90 +--- + +# DNS Tab + +Use the DNS tab to customize how the agent queries and caches DNS results. + +![DNS Tab](/images/activitymonitor/9.0/admin/agents/properties/dnstab.webp) + +The configurable options are: + +- Enable local DNS cache service – Select this checkbox to enable the local DNS cache service. Leave + the option unchecked to disable the local DNS cache service. The DNS cache service proactively + updates data, keeping DNS records up to date and available for real-time event reporting. Use this + option if your DNS infrastructure cannot handle the load (requests take hundreds of milliseconds) + during peak hours. +- DNS servers (IPs) – IP addresses of the DNS servers to be used for look-ups. IP addresses should + be entered as separate addresses with space, comma (,), semicolon (;), or a multi-line list. Leave + the box blank to use the default DNS server. +- Lookup timeout – Specify the time for look-up timeout in milliseconds. The default is 1800 + milliseconds. If a DNS request fails to complete during the specified interval, the product + reports an empty host-name or a previous result from the cache. The product continues to wait for + a response in the background so that further events can use the result. +- Cache TTL for successful results – Specify the caching interval (time-to-live) for successful DNS + responses. The default is 1 hour. When a DNS query returns a valid IP address or host-name, the + response is cached for the specified time. The choice of TTL value depends on the environment: how + often IP addresses are reassigned; how much load the DNS server can handle. High TTL values reduce + the load on DNS servers but may result in stale data being reported. + If the DNS Cache service is used, the records are automatically updated when the TTL expires. +- Cache TTL for failed results – Specify the caching interval (time-to-live) for failed DNS + responses. The default is 1 minute. When a DNS query cannot resolve an IP address or host-name, + the failed result is cached for the specified time. Caching of failed responses helps to reduce + the load on DNS servers and improve performance of event processing. + If the DNS Cache service is used, the records are automatically updated when the TTL expires. +- Maximum cache size – Specify the maximum cache size. The default is 100000. +- Refresh throttle time – Specify the time interval between DNS queries that the DNS Cache service + uses to update expired records. The default is 1000 milliseconds. + If the DNS Cache service is used, the records are automatically updated when the TTL expires. This + option allows you to limit the number of DNS requests the service sends to update the cache. A + throttling period of 100 milliseconds will limit the update task to 10 requests per second. +- Parallelism – Specify how many DNS requests the DNS Cache service is allowed to send in parallel. + High values may overload DNS servers. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/inactivityalerts.md b/docs/activitymonitor/9.0/admin/agents/properties/inactivityalerts.md new file mode 100644 index 0000000000..bf22fbcd1b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/inactivityalerts.md @@ -0,0 +1,130 @@ +--- +title: "Inactivity Alerts Tab" +description: "Inactivity Alerts Tab" +sidebar_position: 100 +--- + +# Inactivity Alerts Tab + +The Inactivity Alerts tab, once enabled and configured, sends real-time alerts when the agent stops +receiving events for a specific time frame. The tab varies based on the type of agent selected. + +Check the **Enable Inactivity alerting for this agent** box to enable the options on this tab. + +![Inactivity Alerts Tab for Agent Properties](/images/activitymonitor/9.0/admin/agents/properties/inactivityalerts.webp) + +Once enabled, set the alerting parameters: + +- Length of inactivity – Enter the number of Minutes, Hours, or Days for inactivity before an alert + is triggered. The default is 6 Hours. +- Repeat an alert every – Enter the number of Minutes, Hours, or Days for an alert to be repeated if + inactivity continues. The default is 6 Hours. + +The two tabs at the bottom are for configuring the method used to send the alert: + +- Syslog Alerts – Configure the application to send alerts to a SIEM platform +- Email Alerts – Configure the application to send alerts through an SMTP server + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. + +## Syslog Alerts Tab + +The Syslog alert sends a notification that the activity agent has not received event data for the +configured interval. The alert is sent to the Syslog configured on the **Syslog Alerts** tab. + +![inactivityalertssyslogalerts](/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalerts.webp) + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:PORT format + in the text box. The server name can be short name, fully qualified name (FQDN), or IP Address, as + long as the organization’s environment can resolve the name format used. +- Syslog protocol – Identify the **Syslog protocol** to be used for the alert. The drop-down menu + includes: + + - UDP + - TCP + - TLS + + :::note + The TCP and TLS protocols add the **Message framing** drop-down menu. **Message + framing** options include: + ::: + + + - LS (ASCII 10) delimiter + - CR (ASCII 13) delimiter + - CRLF (ASCII 13, 10) delimiter + - NUL (ASCII 0) delimiter + - Octet Count (RFC 5425) + +- Test Button – The **Test** button sends a test message to the Syslog server to check the + connection. A connection status message displays with either a green check mark or a red X + identifying the success of the sent test message. Messages vary by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + +- Syslog Message Template – Select the **Syslog message template** to be used. Click the ellipsis + (…) to open the Syslog Message Template window. The Syslog template provided is **AlienVault / + Generic Syslog**. + +![Message Template popup window for Syslog Alerts](/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalertsmessagetemplate.webp) + +Custom templates can be created. Select the desired template or create a new template by modifying +an existing template within the Syslog Message Template window. The new message template is named +Custom. + +Click **OK** to apply changes and exit, or **Cancel** to exit without saving any changes. + +## Email Alerts Tab + +The email alert sends a notification that the activity agent has not received event data for the +configured interval. The alert is sent to the configured recipients on the Email Alerts tab. + +![inactivityalertsemailalerts](/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalerts.webp) + +- Syslog server in SERVER[:PORT] format – Type the **SMTP server name** with a SERVER:PORT format in + the text box. The server name can be short name, fully qualified name (FQDN), or IP Address, as + long as the organization’s environment can resolve the name format used. + + - Check the Enable TLS box if an SMTP server requires TLS protocol. + +- User Name/Password – Specify credentials to send email alert. If using the current agent’s machine + account, leave these fields blank. +- From email address – Enter the Sender’s email address +- To email address – Enter the Recipient’s email address. Multiple addresses are comma separated. + +![Email Alerts - Message Subject popup window](/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagesubject.webp) + +- Message subject – Click the ellipsis (…) to open the Message Template window to customize the + subject. Macros can be used to insert + +![Email Alerts - Message Body popup window](/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagebody.webp) + +- Message body – Click the ellipsis (…) to open the Message Template window to customize the body +- Test – The Test button sends a test message to the receiver’s email address to check the + connection. A connection status message displays with either a green check mark or a red X + identifying the success of the sent test message. + +Click **OK** to apply changes and exit, or **Cancel** to exit without saving any changes. + +## Macro Variables for Agents + +Macros are text strings that are replaced with actual values at run time. The following Macro +variables are available to customize the Syslog and Email message template: + +| Macro | Definition | +| --------------------------- | ------------------------------------------------------------- | +| %SYSLOG_DATE% | Date/Time of the alert (local time, Syslog format) | +| %TIME_STAMP% | Date/Time of the alert (local time) | +| %TIME_STAMP_UTC% | Date/Time of the alert (UTC) | +| %AGENT% | Agent host name | +| %PRODUCT% | Product name | +| %PRODUCT_VERSION% | Product Version | +| %INACTIVE_SERVER% | Host name of the monitored host which stopped sending events | +| %INACTIVE_SERVER_IP% | IP address of the monitored host which stopped sending events | +| %LAST_EVENT_TIME_STAMP% | Date/Time of the last received call (local time) | +| %LAST_EVENT_TIME_STAMP_UTC% | Date/Time of the last received event (UTC) | +| %INACTIVITY_PERIOD_MINUTES% | Period of inactivity in minutes | +| %INACTIVITY_PERIOD_HOURS% | Period of inactivity in hours | diff --git a/docs/activitymonitor/9.0/admin/agents/properties/linux.md b/docs/activitymonitor/9.0/admin/agents/properties/linux.md new file mode 100644 index 0000000000..bbf77a57d9 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/linux.md @@ -0,0 +1,17 @@ +--- +title: "Linux Tab" +description: "Linux Tab" +sidebar_position: 110 +--- + +# Linux Tab + +The service user name configured during agent installation can be updated on the Agent Properties +Linux Tab. + +![linuxtab](/images/activitymonitor/9.0/admin/agents/properties/linuxtab.webp) + +Enter a new service user name to run daemon and click **Test** to verify the connection. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.md b/docs/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.md new file mode 100644 index 0000000000..fca6569f53 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.md @@ -0,0 +1,35 @@ +--- +title: "NetApp FPolicy Options Tab" +description: "NetApp FPolicy Options Tab" +sidebar_position: 120 +--- + +# NetApp FPolicy Options Tab + +The NetApp FPolicy Options tab provides options to configure FPolicy server settings for monitoring +a NetApp Data ONTAP Cluster-Mode device. + +![Agent Properties - NetApp FPolicy Options page](/images/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.webp) + +The available options are: + +- FPolicy server port (TCP): [number] (from 1000 to 65535) – Enter the FPolicy server port. The + default is 9999. +- FPolicy authentication – Select from the following options in the drop-down list. For TLS server + authentication, a Server certificate is required. For TLS, mutual authentication, a Server + certificate and Client certificate are required. + + - TCP, no authentication – Default setting, with no server authentication required + - TLS, server authentication – Click Server certificate to open the Server certificate window + and import a certificate + - TLS, mutual authentication – Click Server certificate to open the Server certificate window + and import a certificate, and Client certificate to open the Trusted client or CA certificate + window to import a certificate + +- IPv4 or IPv6 whitelist – IP Addresses of the Clustered Data ONTAP nodes, which are allowed to + connect to the FPolicy server, can be whitelisted by entering them in the box. IP Addresses should + be entered as separate addresses with space, comma, semicolon, or a multi-line list. Leave the box + blank to accept connections from any hosts. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/network.md b/docs/activitymonitor/9.0/admin/agents/properties/network.md new file mode 100644 index 0000000000..7311fd90eb --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/network.md @@ -0,0 +1,20 @@ +--- +title: "Network Tab" +description: "Network Tab" +sidebar_position: 130 +--- + +# Network Tab + +Use the Network Tab to specify the network interface that NAS devices or API Server users use to +connect to this server. + +![Agent Properties - Network Tab](/images/activitymonitor/9.0/admin/agents/properties/networktab.webp) + +If an agent machine has multiple network adapters, network interfaces can be specified in the +Network Tab. Select a network interface option from the **Network Interface** dropdown menu. The +Network Interface is set to Auto Detect by default. **Auto Detect** will use the first network +adapter or IP address that is found. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/networkproxy.md b/docs/activitymonitor/9.0/admin/agents/properties/networkproxy.md new file mode 100644 index 0000000000..2fece877f8 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/networkproxy.md @@ -0,0 +1,32 @@ +--- +title: "Network Proxy Tab" +description: "Network Proxy Tab" +sidebar_position: 140 +--- + +# Network Proxy Tab + +Use the Network Proxy tab to set the proxy for connection to Microsoft Entra ID (formerly Azure AD) +and Office 365 monitoring. You can leave the properties blank to connect to Microsoft Entra ID +directly. + +![Agent Properties - Network Tab](/images/activitymonitor/9.0/admin/agents/properties/networkproxytab.webp) + +The configurable options are: + +- HTTP proxy server in SERVER[:PORT] format – Specify the IP address or name and the port number of + the proxy server to query Microsoft Entra ID and Office 365. You can leave this field blank to + disable HTTP proxy. +- Select one of the following checkboxes: + + - Authenticate as the agent's machine account + - Bypass the proxy server for local addresses + +- User name – Specify a user name for the proxy server +- User password – Specify a password for the user name +- Bypass list – Specify the Bypass list. This is a list of URIs that do not use the proxy server + when accessed. Multiple addresses can be entered separated by space, comma (,), semicolon (;), or + as a multi-line list. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/nutanix.md b/docs/activitymonitor/9.0/admin/agents/properties/nutanix.md new file mode 100644 index 0000000000..5d2e676f48 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/nutanix.md @@ -0,0 +1,28 @@ +--- +title: "Nutanix Tab" +description: "Nutanix Tab" +sidebar_position: 150 +--- + +# Nutanix Tab + +The Nutanix tab provides features to configure settings for monitoring Nutanix devices. + +![Agent Properties - Nutanix](/images/activitymonitor/9.0/admin/agents/properties/nutanix.webp) + +The available Agent server settings for Nutanix are: + +- Agent server port (TCP) – Enter the TCP port that Nutanix will use to connect to the agent. The + agent will add the port to the firewall exclusions automatically. The default is 4501. +- IPv4 or IPv6 allowlist – Specify the IP addresses of the Nutanix nodes, which are allowed to + connect to the agent server port. Multiple addresses can be entered separated by space, comma (,), + semicolon (;), or as a multi-line list. Leave the box blank to accept connections from any hosts. + + :::note + This setting is optional and it allows you to improve security by limiting the number + of IP addresses allowed to connect. + ::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/overview.md b/docs/activitymonitor/9.0/admin/agents/properties/overview.md new file mode 100644 index 0000000000..59d2413086 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/overview.md @@ -0,0 +1,33 @@ +--- +title: "Agent Properties Window" +description: "Agent Properties Window" +sidebar_position: 50 +--- + +# Agent Properties Window + +On the Agents tab, the Edit button opens the agent’s Properties window, which contains the following +tabs: + +- [Connection Tab](/docs/activitymonitor/9.0/admin/agents/properties/connection.md) +- [Certificate Tab](/docs/activitymonitor/9.0/admin/agents/properties/certificate.md) +- [Archiving Tab](/docs/activitymonitor/9.0/admin/agents/properties/archiving.md) +- [Disk Quota Tab](/docs/activitymonitor/9.0/admin/agents/properties/diskquota.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/agents/properties/inactivityalerts.md) +- [Active Directory Tab](/docs/activitymonitor/9.0/admin/agents/properties/activedirectory.md) – AD Agent only +- [AD Users Tab](/docs/activitymonitor/9.0/admin/agents/properties/adusers.md) +- [API Server Tab](/docs/activitymonitor/9.0/admin/agents/properties/apiserver.md) +- [Dell CEE Options Tab](/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md) – Activity Agent only +- [DNS Tab](/docs/activitymonitor/9.0/admin/agents/properties/dns.md) +- [Linux Tab](/docs/activitymonitor/9.0/admin/agents/properties/linux.md) – Linux Agent only +- [NetApp FPolicy Options Tab](/docs/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.md) – Activity Agent only +- [Network Tab](/docs/activitymonitor/9.0/admin/agents/properties/network.md) +- [Network Proxy Tab](/docs/activitymonitor/9.0/admin/agents/properties/networkproxy.md) +- [Nutanix Tab](/docs/activitymonitor/9.0/admin/agents/properties/nutanix.md) – Activity Agent only +- [Panzura Tab](/docs/activitymonitor/9.0/admin/agents/properties/panzura.md) – Activity Agent only +- [Qumulo Tab](/docs/activitymonitor/9.0/admin/agents/properties/qumulo.md) – Activity Agent only +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/agents/properties/additionalproperties.md) + +Select the desired agent and click **Edit** to open the agent’s Properties window. + +![Properties Window](/images/activitymonitor/9.0/admin/agents/properties/mainimage.webp) diff --git a/docs/activitymonitor/9.0/admin/agents/properties/panzura.md b/docs/activitymonitor/9.0/admin/agents/properties/panzura.md new file mode 100644 index 0000000000..f20d618439 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/panzura.md @@ -0,0 +1,30 @@ +--- +title: "Panzura Tab" +description: "Panzura Tab" +sidebar_position: 160 +--- + +# Panzura Tab + +The Panzura Tab provides features to configure settings for monitoring Panzura devices. + +![Agent Properties - Panzura Tab](/images/activitymonitor/9.0/admin/agents/properties/panzuratab.webp) + +The available options are: + +- Agent server port (TCP) - Enter the agent server port. The default is 4497. +- Users can protect the port with a username and password. The credentials will be configured in + Panzura + + - User name – Enter a custom user name or click **Generate** to create a random username and + password + - Password – Enter a custom password or use the generated password. Click **Copy** to copy the + user name and password to the clipboard. + +- IPv4 or IPv6 allowlist – IP Addresses of the remote hosts, which are allowed to connect to the API + port, can be whitelisted by entering them in the box. IP Addresses should be entered as separate + addresses with space, comma (,), semicolon (;), or a multi-line list. Leave the box blank to + accept connections from any hosts. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/properties/qumulo.md b/docs/activitymonitor/9.0/admin/agents/properties/qumulo.md new file mode 100644 index 0000000000..3ae93edd46 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/properties/qumulo.md @@ -0,0 +1,23 @@ +--- +title: "Qumulo Tab" +description: "Qumulo Tab" +sidebar_position: 170 +--- + +# Qumulo Tab + +The Qumulo tab provides features to configure settings for monitoring Qumulo devices. + +![Agent Properties - Qumulo](/images/activitymonitor/9.0/admin/agents/properties/qumulo.webp) + +The available options are: + +- Syslog port (TCP) – Enter the TCP port that Qumulo will use to connect to the agent. The agent + will add the port to the firewall exclusions automatically. The default is 4496. The range of + valid values is from 1000 to 65535. +- IPv4 or IPv6 allowlist – Specify the IP addresses of the Qumulo nodes, which are allowed to + connect to the agent server port. Multiple addresses can be entered separated by space, comma (,), + semicolon (;), or as a multi-line list. Leave the box blank to accept connections from any hosts. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The Agent +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/agents/single.md b/docs/activitymonitor/9.0/admin/agents/single.md new file mode 100644 index 0000000000..bc44fc463d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/agents/single.md @@ -0,0 +1,72 @@ +--- +title: "Single Activity Agent Deployment" +description: "Single Activity Agent Deployment" +sidebar_position: 10 +--- + +# Single Activity Agent Deployment + +Before deploying the activity agent, ensure all +[Activity Agent Server Requirements](/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md) have been met, +including those for NAS devices when applicable. Follow the steps to deploy the activity agent to a +single Windows server. + +:::note +These steps are specific to deploying activity agents for monitoring supported target +environments. +::: + + +**Step 1 –** On the Agents tab, click Add agent to open the Add New Agent(s) window. + +![Install New Agent window](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 2 –** On the Install new agent page, enter the Server name (name or IP Address) to deploy to +a single server. Leave the field blank to deploy the agent on the local server. Click Next. + +![Specify Agent Port page](/images/activitymonitor/9.0/install/agent/portdefault.webp) + +**Step 3 –** On the Specify Port page, specify the port that should be used by the new agent. The +default port is 4498. Click **Next**. + +![Credentials to Connect to the Server(s) page](/images/activitymonitor/9.0/install/agent/credentials.webp) + +**Step 4 –** On the Credentials To Connect To The Server(s) page, select either Windows or Linux file +monitoring. Then, enter the **User name** and **Password** to connect to the API Server. + +![Test Account Connection](/images/activitymonitor/9.0/admin/agents/add/testaccountconnection.webp) + +**Step 5 –** Click **Connect** to test the connection. If the connection is successful, click +**Next**. If the connection is unsuccessful, see the status message that appears for information on +the failed connection and correct the error to proceed. + +![agentinstalllocation](/images/activitymonitor/9.0/admin/agents/add/agentinstalllocation.webp) + +**Step 6 –** On the Agent Install location page, specify the **Agent installation path**. The +default path is `C:\Program Files\Netwrix\Activity Monitor\Agent`. Click **Next**. + +![Enable Windows File Activity Monitoring page](/images/activitymonitor/9.0/admin/agents/add/enablewindowsfileactivitymonitoring.webp) + +**Step 7 –** On the Windows Agent Settings window, configure the following options: + +- Windows Activity Monitoring — Check the Add Windows file activity monitoring after installation + checkbox to enable monitoring all file system activity on the targeted Windows server after + installation. Alternatively, the Windows monitoring can be enabled later on the Monitored Hosts & Services + tab. +- Management Group — By default, the agent only accepts commands from members from the + BUILTIN\Administrators group. Less privileged accounts can be used to manage the agent with the + Management group setting. Keep in mind that an administrator account must be used to install, + upgrade or uninstall an agent. The value must be a domain or local security group entered in the + DOMAIN\groupname format. + +**Step 8 –** Click Finish. The Add New Agent(s) window closes, and the activity agent is deployed to +and installed on the target host. + +During the installation process of the agent, the status will display Installing. If there are any +errors, the Activity Monitor stops the installation and lists the errors in the Agent messages box. + +![consolewithagent](/images/activitymonitor/9.0/install/agent/consolewithagent.webp) + +When the activity agent installation is complete, the status changes to **Installed** and the +activity agent version populates. The next step is to add hosts to be monitored. See the +[Monitored Hosts & Services Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/_category_.json b/docs/activitymonitor/9.0/admin/monitoreddomains/_category_.json new file mode 100644 index 0000000000..d6345b7c09 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Monitored Domains Tab", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/_category_.json b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/_category_.json new file mode 100644 index 0000000000..0f6c7ce58f --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "AD Monitoring Configuration Window", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/authentication.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/authentication.md new file mode 100644 index 0000000000..9e6592f894 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/authentication.md @@ -0,0 +1,190 @@ +--- +title: "Authentication Tab" +description: "Authentication Tab" +sidebar_position: 30 +--- + +# Authentication Tab + +The Authentication tab on a domain’s Configuration window allows users to configure communication +with servers. + +![AD Monitoring Configuration - Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationstab.webp) + +After checking the Enable Authentication box, the following event filters can be modified on the +sub-tabs: + +- Forged PAC Analytic +- Host (From) +- Host (To) +- IP Addresses (From) +- IP Addresses (To) +- Operations +- Servers +- Users + +## Forged PAC Analytic + +The Forged Privilege Account Certificate (PAC) analytic type identifies Kerberos tickets with a +modified PAC. By manipulating the PAC, a field in the Kerberos ticket that contains a user’s +authorization data (in Active Directory this is group membership), an attacker is able to grant +themselves additional elevated privileges. + +![AD Monitoring Configuration - Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/forgedpac.webp) + +Double-click text box to enter specific **RIDs**. Click OK. The AD agent then compares against the +PAC and user’s access token for a mismatch to trigger the incident. + +:::note +The Forged PAC analytic is monitoring for when the user is not a member of a group that is +listed in the PAC section of the user’s Kerberos ticket. This analytic can be scoped to monitor +specific groups. To reduce the number of false positives, the AD agent only checks for a mismatch of +sensitive groups as selected in the policy Settings tab. +::: + + +## Host (From) + +The Hosts (from) option is where the policy can be scoped to only monitor specific hosts as +originators of an authentication event or to exclude specific hosts from being monitored for +authentication events. + +![Host (From) Tab in the Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp) + +Underneath each section, there are additional Host details: + +- IP – Field must contain IP address, e.g. 123.456.7.890 +- DNS – Field must contain a fully qualified domain name of the host, e.g. dc01.nwxtech.com +- Netbios – Field must contain NetBIOS name of the host, e.g. dc01 + +Double-click the text boxes within the column, then enter all three methods of identification for a +host (IP Address, NETBIOS host name, or DNS host name) to include or exclude the originating host +from authentication event collection. + +## Host (To) + +The Hosts (to) option is where the policy can be scoped to only monitor specific hosts as target +hosts of an authentication event or to exclude specific hosts from being monitored as targets of +authentication events. + +![Host (To) Tab in the Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostto.webp) + +Underneath each section, there are additional Host details: + +- IP – Field must contain IP address, e.g. 123.456.7.890 +- DNS – Field must contain a fully qualified domain name of the host, e.g. dc01.nwxtech.com +- Netbios – Field must contain NetBIOS name of the host, e.g. dc01 + +Double-click the text boxes within the column, then enter all three methods of identification for a +host (IP Address, NETBIOS host name, or DNS host name) to include or exclude the target host from +authentication event collection. + +## IP Addresses (From) + +The IP Addresses (from) option is where the policy can be scoped to only monitor specific IP +Addresses as originators of an authentication event or to exclude specific IP Addresses from being +monitored for authentication events. + +![IP Addresses (From) Tab in the Authenticatoin Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesfrom.webp) + +Underneath each section, there is an additional Address detail: + +- Value – Must be provided in IP address format + +Double-click the text box beneath **Value** to enter the desired IP Addresses to include or exclude. +Press the Enter or Tab key to add another text box. + +## IP Addresses (To) + +The IP Addresses (to) option is where the policy can be scoped to only monitor specific IP Addresses +as target hosts of an authentication event or to exclude specific IP Addresses from being monitored +as targets of authentication events. + +![IP Addresses (To) Tab in the Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesto.webp) + +Underneath each section, there is an additional Address detail: + +Value – Must be provided in IP address format + +Double-click the text box beneath **Value** to enter the desired IP Addresses to include or exclude. +Press the Enter or Tab key to add another text box. + +## Operations + +The Operations option filters for successful events, failed events, or both. + +![Operations Tab in the Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationstab.webp) + +The **Monitor These Attempts** section is where monitoring is set to filter for successful events, +failed events, or both: + +- Success – Monitors successful events +- Failure – Monitors failed events + +The **Monitor These Protocols** section is where authentication protocols to be monitored are +selected for the policy. Check the box to select the authentication protocol(s) to be monitored: + +- All +- Kerberos +- NTLM + +:::warning +If Login Type is enabled, authentication events will be received from Domain +Controllers only. +::: + + +The Login Type options apply only to Domain Controllers. These options provide the choice to monitor +Local Interactive and/or Remote Interactive logins to the Domain Controllers: + +- All - Report all authentication activity approved by the Domain Controller which includes any + local or RDP direct connections to the DC. + + - Local - Report only local login to the Domain Controller - ignore all else + - Remote - Report only remote/RDP access to the Domain Controller - ignore all else + +- Exclude failed authentications with previously valid (N-2) password – If enabled, allows to ignore + failed authentications that failed due to use of a previously valid, but now expired, password +- Exclude failed authentications with expired password – If enabled, allows to ignore failed + authentications that failed due to use of still valid, but now expired, password + +## Servers + +The Servers option targets servers to be included or excluded when filtering for authentication. + +![Servers Tab in the Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp) + +In both sections, servers must be specified in the form 'DOMAIN\SERVER', where DOMAIN is NetBIOS +Domain name and SERVER is NetBIOS server name. + +Double-click the text box beneath Name to enter the desired servers to include or exclude. Press the +Enter or Tab key to add another text box. + +## Users + +The Users filter is where the policy can be scoped to only monitor specific security principals +committing changes within Active Directory or to exclude specific users committing changes from +being monitored. + +![Users Tab in the Authentication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp) + +The following details appear beneath both sections: + +- Subtree – If checked, the filter is applied to the parent and all child contexts. If unchecked, + the filter is only applied to the listed context. +- Type – Field must describe the type of the select Active Directory object and can have the + following values: + + - user – Indicates that selected object is user + - group – Indicates that selected object is group + - context – Indicates that selected object is container + - sidType – Indicates that selected object is well-known SID type + +- Distinguished Name – Field must be specified in the form of 'distinguishedName' attribute syntax, + e.g. 'CN=Users,DC=Domain,DC=com'. However, for objects with 'sidType' type, it must be in the form + of WellKnownSidType Enum, e.g. 'AnonymousSid' or 'LocalSid'. + +Double-click the text box beneath Distinguished Name to enter the desired group types to include or +exclude. Double-click the text box beneath **Type** to enter the desired AD object to include or +exclude. Press the Enter or Tab key to add another text box. Check the box under **Subtree** to +include or exclude child contexts. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/changes.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/changes.md new file mode 100644 index 0000000000..cbda892375 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/changes.md @@ -0,0 +1,200 @@ +--- +title: "Changes Tab" +description: "Changes Tab" +sidebar_position: 20 +--- + +# Changes Tab + +The Changes tab for AD Monitoring Configuration window provides additional options to monitor +changes made to the domain. + +![Operations Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationtab.webp) + +After checking the Enable AD Changes box, the following event filters can be modified on the +sub-tabs: + +- Attributes +- Classes +- Context +- Host (From) +- IP Addresses (From) +- Objects +- Operations +- Servers +- Users + +## Attributes + +The Attributes Tab is where monitoring can be scoped to include events with specific attributes +within Active Directory. Further scoping of attributes can enable monitoring to only capture events +based on the new value. + +![Attributes Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/attributestab.webp) + +Double-click the text box beneath Name to enter the desired attribute to include or exclude. +Double-click the text box beneath Value to enter the desired attribute value to reference. Choose +the Operation to relate the Name and Value with. Press the **Enter** or **Tab** key to add another +textbox. + +:::note +Name field must contain Active Directory attribute name. +::: + + +Scoping the filter captures events when the new value matches with the supplied value. To scope the +filter based on the new value of the attribute, use the Operation drop-down menu. + +- AnyValue – No scoping applied for this attribute +- EmptyValue – Blank attribute values +- Equal – Attribute values that are identical to the Value field +- NotEqual – Attribute values that do not match the Value field +- LessThan – Attribute values below the supplied numeric value or before alphabetically +- GreaterThan – Attribute values above the supplied numeric value or after alphabetically +- Contains – Attribute values includes the user supplied string (numbers are treated as strings) +- NotContain – Attribute values do not include the user supplied string (numbers are treated as + strings) +- Startswith – Attribute values start with the user supplied string + +## Classes + +The Classes Tab is where the policy can be scoped to only monitor specific classes within Active +Directory or to exclude specific classes from being monitored. + +![Classes Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/classestab.webp) + +Double-click the text box beneath Name to enter the desired classes to include or exclude. Press the +**Enter** or **Tab** key to add another text box. + +:::note +Class must be specified in the form of `objectClass` attribute syntax but must contain +only last value of this multi-valued attribute. For example, for +`top; person; organizationalPerson; user` it must have 'user' value. +::: + + +## Context + +The Context Tab is where the policy can be scoped to only monitor specific contexts (e.g. Containers +and Organizational Units) within Active Directory or to exclude specific contexts from being +monitored. + +![Context Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/contexttab.webp) + +Underneath each section, there are additional Context details: + +- Subtree – If checked, the filter is applied to the parent and all child contexts. If unchecked, + the filter is only applied to the listed context. +- Distinguished Name – Field must be specified in the form of `distinguishedName` attribute syntax, + e.g. `CN=Users,DC=Domain,DC=com` + +Double-click the text box beneath Distinguished Name to enter the desired context to include or +exclude. Press the **Enter** or **Tab** key to add another text box. Check the box under Subtree to +include or exclude child contexts. + +## Host (From) + +The Hosts (from) Tab is where the policy can be scoped to only monitor specific hosts as originators +of an authentication event or to exclude specific hosts from being monitored for authentication +events. + +![Host (From) Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp) + +Underneath each section, there are additional Host details. + +- IP – Field must contain IP address, e.g. 123.456.7.890 +- DNS – Field must contain a fully qualified domain name of the host, e.g. ex01.nwxtech.com +- Netbios – Field must contain NetBIOS name of the host, e.g. ex01 + +Double-click the text boxes within the column, then enter all three methods of identification for a +host (IP Address, NETBIOS host name, or DNS host name) to include or exclude the originating host +from change event collection. + +## IP Addresses (From) + +The IP Addresses (from) Tab is where the policy can be scoped to only monitor specific IP Addresses +as originators of an authentication event or to exclude specific IP Addresses from being monitored +for authentication events. + +![IP Addresses (From) Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesfrom.webp) + +Underneath each section, there is an additional Address detail. + +- Value – Must be provided in IP address format + +Double-click the text box beneath **Value** to enter the desired IP addresses to include or exclude. +Press **Enter** or **Tab** key to add another text box. + +## Objects + +The Objects Tab is where the policy can be scoped to only monitor specific objects within Active +Directory or to exclude specific objects from being monitored. + +![Objects Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/objectstab.webp) + +Underneath each section, there is an additional Object detail. + +- Distinguished Name – Field must be specified in the form of `distinguishedName` attribute syntax, + e.g. `CN=Users,DC=Domain,DC=com` + +Double-click the text box beneath Distinguished Name to enter the desired objects to include or +exclude. Press the **Enter** or **Tab** key to add another text box. + +## Operations + +The Operations Tab provides additional configuration filters for AD event collection. + +![Operations Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationtab.webp) + +Monitor These Attempts – Filter for successful events, failed events, or both can be selected. + +- Success – Monitors successful events +- Failure – Monitors failed events + +Operations – Filter for Active Directory events to be monitored. + +- Object Added – Monitors for objects being added to Active Directory +- Object Deleted – Monitors for objects being deleted from Active Directory +- Object Modified – Monitors for objects being modified within Active Directory +- Object Moved or Renamed – Monitors for objects being moved or renamed within Active Directory + +## Servers + +The Servers Tab targets servers to be included or excluded when filtering for changes. + +![Servers Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp) + +In both sections, servers must be specified in the form 'DOMAIN\SERVER', where DOMAIN is NetBIOS +Domain name and SERVER is NetBIOS server name. + +Double-click the text box beneath Name to enter the desired servers to include or exclude. Press the +Enter or Tab key to add another text box. + +## Users + +The Users Tab is where the policy can be scoped to only monitor specific security principals +committing changes within Active Directory or to exclude specific users committing changes from +being monitored. + +![Users Tab in the Changes Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp) + +The following details appear beneath both sections. + +- Subtree – If checked, the filter is applied to the parent and all child contexts. If unchecked, + the filter is only applied to the listed context. +- Type – Field must describe the type of the select Active Directory object and can have the + following values: + + - user –  Indicates that selected object is user + - group – Indicates that selected object is group + - context – Indicates that selected object is container + - sidType – Indicates that selected object is well-known SID type + +- Distinguished Name – Field must be specified in the form of `distinguishedName` attribute syntax, + e.g. `CN=Users,DC=Domain,DC=com`. However, for objects with `sidType` type, it must be in the form + of WellKnownSidType Enum, e.g. `AnonymousSid` or `LocalSid`. + +Double-click the text box beneath **Distinguished Name** to enter the desired group types to include +or exclude. Double-click the text box beneath Type to enter the desired AD object to include or +exclude. Press the **Enter** or **Tab** key to add another text box. Check the box under Subtree to +include or exclude child contexts. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilters.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilters.md new file mode 100644 index 0000000000..05af6502bb --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilters.md @@ -0,0 +1,148 @@ +--- +title: "Global Filters Tab" +description: "Global Filters Tab" +sidebar_position: 10 +--- + +# Global Filters Tab + +The Global Filters options are for excluding specific Active Directory and Authentication events +from being monitored. + +![Global Filters Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilterstab.webp) + +The filter options are grouped by AD Global Pre-Filters, and Authentication Global Pre-Filters. +Check the boxes to activate the filters. To disable for diagnostic purposes, simply uncheck the +option(s) and click OK. All Authentication Global Pre-Filters options require configuration before +they can be enabled. + +Enable all of the AD Global Pre-Filters options as well as the Exclude Logins from Machine Accounts +option in the Authentication Global Pre-Filters section. + +When activated, the AD Agent(s) filters out the event data according to configuration defined in the +`filters.json` file located in the installation directory. + +The configurable options in the Global Filters tab are: + +- Exclude ‘Noise’ Events Option +- Exclude AD DNS Events Option +- Exclude Logins from Machine Accounts Option +- Exclude Authentication Events from Selected Hosts Option +- Exclude Authentication Events from Selected Accounts Option + +The ‘Help’ icon (**?**) opens a window that explains the type of “noise” events being filtered. + +## Exclude ‘Noise’ Events Option + +This option is enabled by default to filter out login and internal low level attributes which can be +considered ‘noise’ events. This option can be scoped to include any combination to the following +‘noise’ events: + +- Successful AD User Logins – Excludes events with the following attributes where ‘objectClass’ does + not equal computer: + + - logonCount + - lastLogon + - badPwdCount + - lastLogonTimestamp + +- AD User Logins with Bad Password – Excludes events with the following set of attributes where + ‘objectClass’ does not equal computer: + + - badPwdCount + - badPasswordTime + +- AD Computer Logins – Excludes events with the following set of attributes where ‘objectClass’ + equals computer: + + - logonCount + - lastLogon + - badPwdCount + - lastLogonTimestamp + - badPasswordTime + - badPwdCount + +- Low Level Attributes – Excludes the following attributes from event: + + - lmPwdHistory + - dBCSPwd + - ntPwdHistory + +## Exclude AD DNS Events Option + +This option is enabled by default to filter out DNS events. They must meet both of the following +conditions to be excluded: + +- objectClass = ‘dnsNode’ or ‘dnsZone’ +- Contains the ‘dnsRecord’ or ‘dNSTombstoned’ attribute + +## Exclude Logins from Machine Accounts Option + +This option is enabled by default to filter out machine logins. Click the configure link to open the +Edit Accounts window. + +![Edit Accounts window](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeloginsmachineaccounts.webp) + +The Exclude Logins from Machine Accounts collection is only accessible for configuration through the +Global Filters tab. + +:::note +Only perpetrators with accounts ending in “$” are considered for this filter. Wild cards +(\*) can be used for partial matches to account names. +::: + + +All machine accounts in the textbox are either included or excluded from event data monitoring by +the AD Agent. Machine accounts not in the list have the unselected property applied. + +Repeat the process until all machine accounts to be included or excluded from Authentication event +data have been entered in the list. Then click **OK**. + +**Usage Tip** + +Windows Server 2012 introduced gMSA (Group Managed Service Accounts). The account names for gMSA +accounts include +“$” in their names so by default authentication traffic generated by these accounts is filtered out because they ‘look’ like machine accounts, which prior to Server 2012 were the only account names ending in “$”. +The ability to add a list of filter strings to the “Exclude Logins from Machine Accounts” global +filter provides a means to capture activity by gMSA type accounts as this activity is typically of +interest where as true ‘machine accounts’ is not. By supplying either an explicit list of gMSA +account names, or if a naming convention has been adopted, a set of wild card strings such as +“gMSA\*” or “svc\*”, allows capturing authentication activity from such accounts while ignoring the +noisy ‘machine accounts’. + +## Exclude Authentication Events from Selected Hosts Option + +This option is disabled by default as it requires configuration before it can be enabled. Click the +selected hosts link to open the Edit Hosts window. + +![edithostsexcludeselectedhosts](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/edithostsexcludeselectedhosts.webp) + +The Exclude Authentication Events from selected hosts collection is only accessible for +configuration through the Global Filters tab. All three methods of identification for a host (IP +Address, NETBIOS host name, or DNS host name) must be known in order to effectively exclude +authentication from the host. Identify the host to be excluded in the textbox of the IP Address +column and press the Enter or Tab to add another row on the grid. Activity Monitor attempts to +discover the NETBIOS host name and the DNS host name associated with the supplied IP Address. + +Repeat the process until all hosts for which Authentication event data will not be collected have +been entered in the list. Then click **OK**. + +## Exclude Authentication Events from Selected Accounts Option + +This option is disabled by default as it requires configuration before it can be enabled. Click the +selected accounts link to open the Edit Accounts window. + +![editaccountsexcludeauthenticationselectedaccounts](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeauthenticationselectedaccounts.webp) + +The Exclude Authentication Events from selected accounts collection is only accessible for +configuration through the Global Filtering tab. Account names [domain name\account] can also be +typed in the textbox. Wild cards (\*) can be used as part of either the domain name or account. An +asterisk (\*) appearing anywhere other than as the first character or the last character are treated +as a literal character instead of as a wild card. + +For example, \*\Service1 would exclude all Service1 accounts whether it is a domain or local +account, and Example\Service\* would exclude all accounts that start with “Service” for the Example +domain. + +Repeat the process until all accounts to be excluded from Authentication event data have been +entered in the list. Then click **OK**. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/_category_.json b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/_category_.json new file mode 100644 index 0000000000..9da02d87e2 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "LDAP Monitor Tab", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "ldapmonitor" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapmonitor.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapmonitor.md new file mode 100644 index 0000000000..18b3805a24 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapmonitor.md @@ -0,0 +1,124 @@ +--- +title: "LDAP Monitor Tab" +description: "LDAP Monitor Tab" +sidebar_position: 60 +--- + +# LDAP Monitor Tab + +The LDAP Monitor tab on a domain’s Configuration window allows users to scope monitoring by adding +filters for accounts by name or type. + +![Operations Tab in the LDAP Monitor Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +After checking the Enable Ldap Monitor box, the following event filters can be modified on the +sub-tabs: + +- Host (From) +- LDAP +- Operations +- Servers +- Users + +Each filter tab acts like an “AND” statement for the filter. Any filter tab left blank is treated +like an all for that filter set. + +## Host (From) + +The Hosts (from) option is where the policy can be scoped to only monitor specific hosts as +originators of an authentication event or to exclude specific hosts from being monitored for +authentication events. + +![Host (From) Tab in the LDAP Monitor Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp) + +Underneath each section, there are additional Host details: + +- IP – Field must contain IP address, e.g. 123.456.7.890 +- DNS – Field must contain a fully qualified domain name of the host, e.g. dc01.nwxtech.com +- Netbios – Field must contain NetBIOS name of the host, e.g. dc01 + +Double-click the text boxes within the column, then enter all three methods of identification for a +host (IP Address, NETBIOS host name, or DNS host name) to include or exclude the originating host +from authentication event collection. + +## LDAP + +The LDAP option is where query and result objects can be monitored by group type. + +![LDAP Tab in the LDAP Monitor Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldap.webp) + +The Query section is where monitoring can be scoped to those LDAP queries that contain at least one +of the user-supplied string as a substring in BaseDN or in Query field of the LDAP Search request. +For the Query value, provide the user-supplied string in the text box. + +Double-click the text box beneath Value to enter the desired string. Press the Enter or Tab key to +add another text box. + +Example Values: + +- ‘DC=domain’ +- ‘objectClass=’ + +The Result section is where monitoring can be scoped to those LDAP query results that contain at +least one of the user-supplied string as a substring. For the Result value, provide the +user-supplied string in the text box. + +Double-click the text box beneath Value to enter the desired string. Press the Enter or Tab key to +add another text box. + +Example Value: + +- ‘CN=Domain Admins’ + +## Operations + +The Operations option filters for successful events, failed events, or both. + +![Operations Tab in the LDAP Monitor Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +The Monitor These Attempts section is where monitoring is set to filter for successful events, +failed events, or both: + +- Success – Monitors successful events +- Failure – Monitors failed events + +## Servers + +The Servers option targets servers to be included or excluded when filtering for a LDAP changes. + +![Servers Tab in the LDAP Monitor Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/servers.webp) + +In both sections, servers must be specified in the form 'DOMAIN\SERVER', where DOMAIN is NetBIOS +Domain name and SERVER is NetBIOS server name. + +Double-click the text box beneath Name to enter the desired servers to include or exclude. Press the +Enter or Tab key to add another text box. + +## Users + +The Users option is where the policy can be scoped to only monitor specific security principals +committing changes within Active Directory or to exclude specific users committing changes from +being monitored. + +![Users Tab in the LDAP Monitor Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/users.webp) + +The following details appear beneath both sections: + +- Subtree – If checked, the filter is applied to the parent and all child contexts. If unchecked, + the filter is only applied to the listed context. +- Type – Field must describe the type of the select Active Directory object and can have the + following values: + + - user – Indicates that selected object is user + - group – Indicates that selected object is group + - context – Indicates that selected object is container + - sidType – Indicates that selected object is well-known SID type + +- Distinguished Name – Field must be specified in the form of 'distinguishedName' attribute syntax, + e.g. 'CN=Users,DC=Domain,DC=com'. However, for objects with 'sidType' type, it must be in the form + of WellKnownSidType Enum, e.g. 'AnonymousSid' or 'LocalSid'. + +Double-click the text box beneath Distinguished Name to enter the desired group types to include or +exclude. Double-click the text box beneath Type to enter the desired AD object to include or +exclude. Press the Enter or Tab key to add another text box. Check the box under Subtree to include +or exclude child contexts. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapthreatmanager.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapthreatmanager.md new file mode 100644 index 0000000000..b1a7554c93 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapthreatmanager.md @@ -0,0 +1,33 @@ +--- +title: "Configure LDAP Monitoring for Netwrix Threat Manager" +description: "Configure LDAP Monitoring for Netwrix Threat Manager" +sidebar_position: 10 +--- + +# Configure LDAP Monitoring for Netwrix Threat Manager + +Follow the steps to configure LDAP monitoring within Netwrix Activity Monitor for Netwrix Threat +Manager. + +:::note +LDAP Monitoring is not enabled, it must be enabled in the Monitored Domains tab. +::: + + +![Activity Monitor with SD Only](/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainsdonly.webp) + +**Step 1 –** In the Activity Monitor, click on the **Monitored Domains** tab. + +**Step 2 –** Select a domain and click **Edit**. + +![LDAP Monitoring Configuration for Threat Manager](/images/activitymonitor/9.0/admin/monitoreddomains/sdldapmonitoring.webp) + +**Step 3 –** Select the **LDAP Monitor** tab. + +**Step 4 –** Select the **LDAP** tab. + +**Step 5 –** In the “Query” section, double-click the blank line below the last filled in line. + +**Step 6 –** Paste the string copied from Threat Manager and press **Enter**. + +LDAP monitoring has been configured for Threat Manager. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/lsassguardian.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/lsassguardian.md new file mode 100644 index 0000000000..f40854571c --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/lsassguardian.md @@ -0,0 +1,101 @@ +--- +title: "LSASS Guardian Tab" +description: "LSASS Guardian Tab" +sidebar_position: 50 +--- + +# LSASS Guardian Tab + +The LSASS Guardian tab allows users to modify settings that were populated with the information +entered when the host was added to prevent, monitor, or block LSASS code injections. + +![Operations Tab in the LSASS Guardian Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +After checking the Enable LSASS Guardian box, the following event filters can be modified on the +sub-tabs: + +- Operations +- Processes +- Servers +- Users + +Each filter tab acts like an "AND" statement for the filter. Any filter tab left blank is treated +like an "ALL" for that filter set. + +:::info +Add exclusion process filters for legitimate processes that make changes to +LSASS, e.g. third-party malware applications. +::: + + +## Operations + +The Operations option filters for successful events, failed events, or both. + +![Operations Tab in the LSASS Guardian Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp) + +The Open Process Flags section is where monitoring can be scoped for requested handles that would +maliciously impact LSASS processes. + +Check the box to select the process flag(s) to be monitored: + +- PROCESS_VM_WRITE – Writes to memory in a process +- PROCESS_CREATE_THREAD – Creates a thread + +## Processes + +The Processes option is where legitimate processes, which make changes to LSASS, e.g. third-party +malware applications, can be included/excluded from being monitored by the policy. + +![Processes Tab in the LSASS Guardian Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/processes.webp) + +Double-click the text box beneath Name to enter the desired processes to include or exclude. Press +the Enter or Tab key to add another text box. + +:::note +While a processes inclusion is a filter option, it is not recommended for monitoring +LSASS. Adding a process inclusion filter will limit the scope to only monitor that process. Unknown +malicious processes would not be monitored in this case. +::: + + +## Servers + +The Servers option targets servers to be included or excluded when filtering for LSASS changes. + +![Servers Tab in the LSASS Guardian Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/servers.webp) + +In both sections, servers must be specified in the form 'DOMAIN\SERVER', where DOMAIN is NetBIOS +Domain name and SERVER is NetBIOS server name. + +Double-click the textbox beneath Name to enter the desired servers to include or exclude. Press the +Enter or Tab key to add another textbox. + +## Users + +The Users option is where the policy can be scoped to only monitor specific security principals +committing changes within Active Directory or to exclude specific users committing changes from +being monitored. + +![Users Tab in the LSASS Guardian Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp) + +The following details appear beneath both sections: + +- Subtree – If checked, the filter is applied to the parent and all child contexts. If unchecked, + the filter is only applied to the listed context. +- Type – Field must describe the type of the select Active Directory object and can have the + following values: + + - user – Indicates that selected object is user + - group – Indicates that selected object is group + - context – Indicates that selected object is container + - sidType – Indicates that selected object is well-known SID type + +- Distinguished Name – Field must be specified in the form of 'distinguishedName' attribute syntax, + e.g. 'CN=Users,DC=Domain,DC=com'. However, for objects with 'sidType' type, it must be in the form + of WellKnownSidType Enum, e.g. 'AnonymousSid' or 'LocalSid'. + +Double-click the text box beneath Distinguished Name to enter the desired group types to include or +exclude. Double-click the text box beneath Type to enter the desired AD object to include or +exclude. Press the Enter or Tab key to add another text box. Check the box under Subtree to include +or exclude child contexts. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/overview.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/overview.md new file mode 100644 index 0000000000..79d570a76e --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/overview.md @@ -0,0 +1,23 @@ +--- +title: "AD Monitoring Configuration Window" +description: "AD Monitoring Configuration Window" +sidebar_position: 10 +--- + +# AD Monitoring Configuration Window + +On the Monitored Domains tab, select the domain and click **Edit** to open the AD Monitoring +Configuration window. + +![AD Monitoring Configuration - Global Filters Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilterstab.webp) + +This initially configured when the AD Agent is deployed to a domain controller. However, the +monitoring configuration can be edited after that. Use the following tabs to modify monitoring of AD +events: + +- [Global Filters Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilters.md) +- [Changes Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/changes.md) +- [Authentication Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/authentication.md) +- [Replication Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/replication.md) +- [LSASS Guardian Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/lsassguardian.md) +- [LDAP Monitor Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldapmonitor/ldapmonitor.md) diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/replication.md b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/replication.md new file mode 100644 index 0000000000..42990b4526 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/replication.md @@ -0,0 +1,89 @@ +--- +title: "Replication Tab" +description: "Replication Tab" +sidebar_position: 40 +--- + +# Replication Tab + +The Replication tab on a domain’s Configuration window monitors domain controller syncing and +replication. + +![Servers Tab in the Replication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp) + +After checking the Enable Replication box, the following event filters can be modified on the +sub-tabs: + +- Host (From) +- Servers +- Users + +Each filter tab acts like an “AND” statement for the filter. Any filter tab left blank is treated +like an ALL for that filter set. + +Windows cannot detect if a sync request is coming from a legitimate domain controller. This option +is designed to monitor requests from computers that are not ‘excluded’ by the policy. Therefore, +legitimate domain controllers should be identified in the event filters. + +## Host (From) Filter + +The Hosts (From) option is where the policy can be scoped to only monitor specific hosts as +originators of an authentication event or to exclude specific hosts from being monitored for +authentication events. + +![Host (From) Tab in the Replication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp) + +Underneath each section, there are additional Host details: + +- IP – Field must contain IP address, e.g. 123.456.7.890 +- DNS – Field must contain a fully qualified domain name of the host, e.g. dc01.nwxtech.com +- Netbios – Field must contain NetBIOS name of the host, e.g. dc01 + +Double-click the textboxes within the column, then enter all three methods of identification for a +host (IP Address, NETBIOS host name, or DNS host name) to include or exclude the originating host +from replication event collection. + +The Threat Manager DC Sync threat is sourced by the Activity Monitor's Replication AD monitoring +configuration. It is necessary for it to be configured to exclude domain controllers on the Host +(From) filter. + +## Servers Filter + +The Servers option targets servers to be included or excluded when filtering for replication. + +![Servers Tab in the Replication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp) + +In both cases, servers must be specified in the form 'DOMAIN\SERVER', where DOMAIN is NetBIOS Domain +name and SERVER is NetBIOS server name. + +Double-click the text box beneath Name to enter the desired servers to include or exclude. Press the +Enter or Tab key to add another text box. + +## Users Filter + +The Users option is where the policy can be scoped to only monitor specific security principals +committing changes within Active Directory or to exclude specific users committing changes from +being monitored + +![Users Tab in the Replication Tab](/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp) + +The following details appear beneath both sections: + +- Subtree – If checked, the filter is applied to the parent and all child contexts. If unchecked, + the filter is only applied to the listed context. +- Type – Field must describe the type of the select Active Directory object and can have the + following values: + + - user – Indicates that selected object is user + - group – Indicates that selected object is group + - context – Indicates that selected object is container + - sidType – Indicates that selected object is well-known SID type + +- Distinguished Name – Field must be specified in the form of 'distinguishedName' attribute syntax, + e.g. 'CN=Users,DC=Domain,DC=com'. However, for objects with 'sidType' type, it must be in the form + of WellKnownSidType Enum, e.g. 'AnonymousSid' or 'LocalSid'. + +Double-click the text box beneath Distinguished Name to enter the desired group types to include or +exclude. Double-click the text box beneath Type to enter the desired AD object to include or +exclude. Press the Enter or Tab key to add another textbox. Check the box under Subtree to include +or exclude child contexts. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/output/_category_.json b/docs/activitymonitor/9.0/admin/monitoreddomains/output/_category_.json new file mode 100644 index 0000000000..fca4ddfb78 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/output/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Output for Monitored Domains", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "output" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/output/activedirectoryjson.md b/docs/activitymonitor/9.0/admin/monitoreddomains/output/activedirectoryjson.md new file mode 100644 index 0000000000..c5a046c00b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/output/activedirectoryjson.md @@ -0,0 +1,61 @@ +--- +title: "Active Directory JSON Log File" +description: "Active Directory JSON Log File" +sidebar_position: 10 +--- + +# Active Directory JSON Log File + +The following information lists all of the attributes generated by Active Directory Activity Monitor +into a JSON log file: + +| Attributes | Description | +| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| AffectedObject | If resolved, contains DN of the object affected by operation; otherwise, some textual representation of the object | +| AffectedObjectAccountName | If resolved, contains account name of the object affected by operation | +| AffectedObjectSid | If resolved, contains Sid of the object affected by operation | +| AgentDomain | Domain where SI agent is installed | +| AgentHost | Host name where SI agent is installed | +| AgentIP | IP address where SI agent is installed. If multiple IP addresses, one of them is reported. | +| AuthenticationType | Indicates type of the authentication event. Possible values: Kerberos, NTLM. | +| AuthProtocol | Indicates authentication protocol. Possible values: Unknown, Kerberos, KerberosTgs, KerberosAS, NTLM, NTLMv1, NTLMMixed, NTLMv2. | +| Blocked | Indicates if operation was blocked by SI agent. Blocking policies are required. | +| ClassName | Affected object class | +| DesiredAccess | Security and access rights requested during OpenProcess invoke. List of possible values can be found at:  [https://docs.microsoft.com/en-us/windows/desktop/ProcThread/process-security-and-access-rights](https://docs.microsoft.com/en-us/windows/desktop/ProcThread/process-security-and-access-rights). | +| EncryptionType | Indicates encryption type used in request part of the Kerberos ticket. Possible values: des_cbc_crc, des_cbc_md4, des_cbc_md5, reserved_0x4, des3_cbc_md5, reserved_0x6, des3_cbc_sha1, dsaWithSHA1, md5WithRSAEncryption, rc2CBC, rsaEncryption, rsaES, des_ede3_cbc, des3_cbc_sha1_kd, aes128, aes256, rc4_hmac, rc4_hmac_exp, subkey_keymaterial. | +| EventResult | Result of the operation triggered current event | +| EventType | Identifies event | +| EventsCount | Number of similar events captured during consolidation period which is 1 minute by default | +| From | Contains raw representation of the machine from which event was triggered | +| FromHost | If resolved, contains host name of the machine from which event was triggered | +| FromIp | If resolved, contains the IP address of the machine from which event was triggered | +| FromMac | If resolved, contains mac address of the machine from which event was triggered | +| IsN2Password | Indicates if password that was used for authentication is a previous or one before previous | +| IsUserExist | Indicates if user exists | +| KerbAuthTime | Time at which KDC issued the initial ticket that corresponds to this ticket | +| KerbEndTime | Ticket expiration time | +| KerbRenewTill | Latest time at which renewal of ticket can be valid | +| KerbSPN | Service principal name for which ticket was requested | +| KerbStartTime | Ticket start time | +| LogonType | Contains SECURITY_LOGON_TYPE. More details at [https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/ne-ntsecapi-security_logon_type](https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/ne-ntsecapi-security_logon_type). | +| NewAttributes | Map of new attributes where key is name and value attribute value | +| NewName | New name of the AD object | +| NlpLogonType | NTLM logon type. Possible values: Unknown, Interactive, Network, Service, Generic, TransitiveInteractive, TransitiveNetwork, TransitiveService | +| OldAttributes | Map of old attributes where key is attribute name and value attribute value | +| PAC | List of RIDs extracted from ticket authorization data | +| ProcessID | Contains process ID that attempted to open LSASS process | +| ProcessName | Contains process name that attempted to open LSASS process | +| Protocol | Operation specific details | +| QueryFilter | LDAP filter used in the operation | +| QueryIsSSL | Indicates if LDAP connection is secure or not | +| QueryObjectsReturned | Number of returned objects produced by the LDAP request | +| Source | Indicates source of the operation. Currently can be: ‘Authentication’, ‘Active Directory’, ‘LSASS Guardian – Monitor’, ‘LDAP Monitor’, ‘AD Replication Monitoring’. | +| Success | Indicates if original operation completed successfully or not | +| TargetHost | Contains host name to which authentication attempt took place. In case of failed Kerberos AS, this field contains name of the domain controller. | +| TargetHostIP | If resolved, contains IP address of the target host | +| TargetProcess | Contains process name that is monitored. Currently this is only lsass.exe. | +| TgsReplyEncryptionType | Indicates encryption type used in reply part of the TGS Kerberos ticket. Possible values the same as for EncryptionType. | +| TimeLogged | UTC timestamp of the event | +| UserDN | If resolved, contains DN of the object triggered operation | +| UserName | If resolved, contains account name of the object triggered operation | +| UserSid | If resolved, contains SID of the object triggered operation | diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/output/output.md b/docs/activitymonitor/9.0/admin/monitoreddomains/output/output.md new file mode 100644 index 0000000000..2e2c9e0e8b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/output/output.md @@ -0,0 +1,89 @@ +--- +title: "Output for Monitored Domains" +description: "Output for Monitored Domains" +sidebar_position: 20 +--- + +# Output for Monitored Domains + +Once a domain is being monitored the event stream can be sent to multiple outputs. + +![Monitored Domains tab with Domain Outputs added](/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainoutputsadded.webp) + +Configured outputs are grouped under the domain. You can have multiple outputs configured for a +domain. The domain event outputs are: + +- File – Creates an activity log as a JSON file for every day of activity + + :::note + This is required to search event data for Active Directory within the application. + ::: + + +- Syslog – Sends activity events to the configured SIEM server +- Netwrix Threat Manager – Sends activity events to Netwrix Threat Manager or + receives Active Directory monitoring events from Netwrix Threat Prevention for integration with + Netwrix Access Analyzer + +## Add File Output + +Follow the steps to add a File output. + +**Step 1 –** On the Monitored Domains tab, select the desired domain and click **Add Output**. + +**Step 2 –** Select **File** from the drop-down menu. The Add New Output window opens. + +![Log Files configuration](/images/activitymonitor/9.0/admin/monitoreddomains/logfiles.webp) + +**Step 3 –** Configure the tab(s) as desired. + +**Step 4 –** Click **Add Output** to save your settings. The Add New Output window closes. + +The new output displays in the table. Click the **Edit** button to open the Output properties window +to modify these settings. See the [Output Types](/docs/activitymonitor/9.0/admin/outputs/overview.md) topic for additional +information. + +## Add Syslog Output + +Follow the steps to add a Syslog output. + +**Step 1 –** On the Monitored Domains tab, select the desired domain and click **Add Output**. + +**Step 2 –** Select **Syslog** from the drop-down menu. The Add New Output window opens. + +![Syslog Properties](/images/activitymonitor/9.0/admin/monitoreddomains/syslogudp.webp) + +**Step 3 –** Configure the tab(s) as desired. + +**Step 4 –** Click **Add Output** to save your settings. The Add New Output window closes. + +The new output displays in the table. Click the **Edit** button to open the Output properties window +to modify these settings. See the [Output Types](/docs/activitymonitor/9.0/admin/outputs/overview.md) topic for additional +information. + +## Add Netwrix Threat Manager Output + +:::note +An App Token created by Netwrix Threat Manager is used to authenticate connection between +the applications. See the App Tokens Page topic of the +[Netwrix Threat Manager Documentation](https://docs.netwrix.com/docs/threatmanager/3_0) for +additional information. +::: + + +Follow the steps to add a Netwrix Threat Manager output. + +**Step 1 –** On the Monitored Domains tab, select the desired domain and click **Add Output**. + +**Step 2 –** Select **Netwrix Threat Manager** from the drop-down menu. The Add New +Output window opens. + +![Threat Manager Properties](/images/activitymonitor/9.0/admin/monitoreddomains/stealthdefendproperties.webp) + +**Step 3 –** Configure the tab(s) as desired. + +**Step 4 –** Click **Add Output** to save your settings. The Add New Output window closes. + +The new output displays in the table. Click the **Edit** button to open the Output properties window +to modify these settings. See the [Output Types](/docs/activitymonitor/9.0/admin/outputs/overview.md) topic for additional +information. diff --git a/docs/activitymonitor/9.0/admin/monitoreddomains/overview.md b/docs/activitymonitor/9.0/admin/monitoreddomains/overview.md new file mode 100644 index 0000000000..b0a04c7dc1 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoreddomains/overview.md @@ -0,0 +1,82 @@ +--- +title: "Monitored Domains Tab" +description: "Monitored Domains Tab" +sidebar_position: 20 +--- + +# Monitored Domains Tab + +**Understanding Active Directory Activity Monitoring** + +The Activity Monitor can be configured to monitor the following Active Directory changes: + +- Success and Failure on Object Create +- Success and Failure on Object Delete +- Success and Failure on Object Rename +- Success and Failure on Object Move +- Success and Failure on Logon +- LDAP Activity Monitoring + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Manager + +It also provides the ability to feed activity data to SIEM products. + +**Agents** + +For monitoring an Active Directory domain, the AD Agent must be installed on all domain controllers +within the domain to be monitored. + +**Tab** + +Once the AD Agent(s) installation is complete on a domain controller, the domain appear on the +Monitored Domains tab. The tab is not visible within the console until at least one AD Agent has +been deployed. + +This tab is comprised of a button bar and a table of domains being monitored. The events stream +output needs to be designated to view data after an activity search has been performed. + +## Button Bar + +The button bar allows users to take the following actions: + +![Monitored Domains Tab in the Activiy Monitor](/images/activitymonitor/9.0/admin/monitoreddomains/activtymonitorblank.webp) + +- Add Output – Select an output from the Add Output dropdown. The outputs are: File, Syslog, and + Threat Manager. See the [Output for Monitored Domains](/docs/activitymonitor/9.0/admin/monitoreddomains/output/output.md) +- Remove – Removes the configured domain from the table of domains being monitored and end + monitoring. Confirmation of this option will be asked for. +- Edit – Opens the selected AD Monitoring Configuration window to modify monitoring settings. See + the [AD Monitoring Configuration Window](/docs/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/overview.md) topic for + additional information. + +## Table + +The table of Domains being monitored provides the following information: + +![Monitored Domains Tab with Domain Outputs added](/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainoutputsadded.webp) + +- Domain – Name or IP Address of the domain being monitored + + :::note + The same domain can be monitored for different outputs. Each output is listed under + the domain with destination information. + ::: + + +- Master – Name or IP Address of the domain controller where the AD agent is deployed +- Last Event – Date timestamp of the last event + +## Monitoring Status + +The Error Propagation collapsible section located above the Status Bar of the Activity Monitor +provides visibility into a domain's monitoring state. Domain monitoring status is depicted in the +Monitored Domains table under the Status column. Users can expand the Error Propagation section to +view more information on various status conditions. + +![Error Propagation](/images/activitymonitor/9.0/admin/monitoreddomains/errorpropagation.webp) + +Click the **Down Arrow** to expand the Error Propagation section. The information listed is +dependent on which domain is currently selected in the Monitored Domains table. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/_category_.json b/docs/activitymonitor/9.0/admin/monitoredhosts/_category_.json new file mode 100644 index 0000000000..b5822ef440 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Monitored Hosts Tab", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/_category_.json b/docs/activitymonitor/9.0/admin/monitoredhosts/add/_category_.json new file mode 100644 index 0000000000..dfb29708e2 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Add New Host Window", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/azurefiles.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/azurefiles.md new file mode 100644 index 0000000000..6dbc41a03b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/azurefiles.md @@ -0,0 +1,35 @@ +--- +title: "Azure Files" +description: "Add Azure Files Storage Accounts" +sidebar_position: 11 +--- + +# Add Azure Files Storage Accounts + +Prior to adding Azure Files storage accounts to the Activity Monitor, the prerequisites for the target environment +must be met. See the [Azure Files Requirements](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/azurefiles-activity.md) +topic for additional information. + +Follow the steps to add Azure Files storage accounts to be monitored. + +1. On the **Monitored Hosts & Services** page, select **Add Host/Service**. +2. Select the agent that will be monitoring Azure Files, and then select **Next**. +3. Select **Azure Files**, specify the tenant’s domain name, and then select **Next**. +4. On the **Connection** page, specify the Tenant ID (if it was not resolved automatically), Client ID, and Client Secret—values +copied in the previous steps during application registration. +5. Select **Connect**. +The button will verify the connection to Azure, enumerate all storage accounts, and retrieve their settings visible to the registered application. + +:::note +If the product fails to enumerate storage accounts, the RBAC roles were either assigned incorrectly or have not yet become effective. Retry later. +::: + +6. On the **Storage Accounts** page, select the storage accounts to be monitored, and then select **Next**. +7. Complete the wizard by selecting operations and output settings. + +:::tip +You can use this wizard multiple times to add newly created storage accounts—already added accounts will be ignored. +::: + +8. Check the status of the added storage accounts on the **Monitored Hosts & Services** page. +Address any audit setting misconfigurations or missing RBAC roles. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellcelerravnx.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellcelerravnx.md new file mode 100644 index 0000000000..e6acb1da97 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellcelerravnx.md @@ -0,0 +1,229 @@ +--- +title: "Dell Celerra or VNX" +description: "Dell Celerra or VNX" +sidebar_position: 12 +--- + +# Dell Celerra or VNX + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Dell Celerra or VNX host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[Dell Celerra & Dell VNX Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/celerra-vnx-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Dell VNX/Celerra Host + +Follow the steps to add a Dell Celerra or VNX host to be monitored. + +**Step 1 –** Navigate to the Monitored Hosts & Services tab and click Add. The Add New Host window opens. + +![Choose Agent Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor the storage device. Click +**Next**. + +![Add Dell VNX or Celerra Host](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcvnxcelerra.webp) + +**Step 3 –** On the Add Host page, select the Dell VNX/Celerra radio button and enter the **CIFS +Server NetBIOS Name** for the device. If desired, add a **Comment**. Click **Next**. + +:::note +All Dell event source types must have the CEE Monitor Service installed on the agent in +order to collect events. Activity Monitor will detect if the CEE Monitor is not installed and +display a warning to install the service. If the CEE Monitor service is installed on a remote +machine, manual configuration is required. See the +[Dell CEE Options Tab](/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md) topic for additional information. +::: + + +![Protocol Monitoring Options](/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonprotocols.webp) + +**Step 4 –** On the Protocols page, select which protocols to monitor. The list of protocols that +can be monitored are All, CIFS, or NIFS. Click **Next**. + +![Configure Operations Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsforemcisilon.webp) + +**Step 5 –** On the Configure Operations page, select the **File Operations** and **Directory +Operations** to be monitored. Additional options include: + +:::warning +Suppress Microsoft Office operations on temporary files – Filters out events for +Microsoft Office temporary files. When Microsoft Office files are saved or edited, many temporary +files are created. With this option enabled, events for these temporary files are ignored. This +feature may delay reporting of activity. +::: + + +Click **Next**. + +![Configure Basic Options Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp) + +**Step 6 –** On the Configure Basic Options page, choose which settings to enable. The "Log files" +are the activity logs created by the activity agent on the proxy host. Select the desired options: + +- Report account names – Adds an **Account Name** column in the generated TSV files +- Add C:\ to the beginning of the reported file paths – Adds 'C:\" to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Resolve UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. + - When this option is selected, the user needs to provide credentials in the Auditing tab. If + credentials are not provided, the following warning message is displayed: + - Credentials are required for this feature. Provide the credentials in the Auditing tab. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + +Click **Next**. + +![Where to Log the Activity Page Generic](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 8 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While the Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![Syslog Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 9 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the text box. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization's environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- Syslog message template – Click the ellipsis (…) to open the Syslog Message Template window. The + following Syslog templates have been provided: + - AlienVault / Generic Syslog + - CEF – Incorporates the CEF message format + - HP Arcsight + - LEEF – Incorporates the LEEF message format + - LogRhythm + - McAfee + - QRadar – Use this template for IBM QRadar integration + - Splunk – Use this template for Splunk integration + - Threat Manager – Use this template for Threat Manager integration. This is the only supported + template for Threat Manager. See the + [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) + for additional information. + - Custom templates can be created. Select the desired template or create a new template by + modifying an existing template within the Syslog Message Template window. The new message + template will be named Custom. +- Add C:\ to the beginning of the reported file paths – Adds 'C:\" to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Resolve UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. + - When this option is selected, the user needs to provide credentials in the Auditing tab. If + credentials are not provided, the following warning message is displayed: + - Credentials are required for this feature. Provide the credentials in the Auditing tab. +- The Test button – Sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![activitymonitoremcvnxcelerra](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcvnxcelerra.webp) + +The added Dell Celerra or VNX host is displayed in the Monitored Hosts & Services table. Once a host has been +added for monitoring, configure the desired outputs. See the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for additional information. + +## Host Properties for Dell Celerra or VNX + +Configuration settings can be edited through the tabs in the host's Properties window. The +configurable host properties are: + +- [Dell Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) +- [Unix IDs Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerscale.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerscale.md new file mode 100644 index 0000000000..86ccfc2b37 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerscale.md @@ -0,0 +1,273 @@ +--- +title: "Dell Isilon/PowerScale" +description: "Dell Isilon/PowerScale" +sidebar_position: 20 +--- + +# Dell Isilon/PowerScale + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Dell Isilon/PowerScale host to the Activity Monitor, the prerequisites for the +target environment must be met. See the +[Dell Isilon/PowerScale Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/isilon-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Dell Isilon/PowerScale Host + +Follow the steps to add a Dell Isilon/PowerScale host to be monitored. + +**Step 1 –** Navigate to the Monitored Hosts & Services tab and click Add. The Add New Host window opens. + +![Choose Agent page](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor the storage device. Click +**Next**. + +![Add Host page with Dell Isilon selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcisilon.webp) + +**Step 3 –** On the Add Host page, select the Dell Isilon radio button and enter both the **Server +name or address** and the **CIFS/NFS server name** for the device. The CIFS/NFS server name can be +left blank to collect activity from the Isilon cluster. If desired, add a **Comment**. Click +**Next**. + +:::note +All Dell event source types must have the CEE Monitor Service installed on the agent in +order to collect events. Activity Monitor will detect if the CEE Monitor is not installed and +display a warning to install the service. If the CEE Monitor service is installed on a remote +machine, manual configuration is required. See the +[Dell CEE Options Tab](/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md) topic for additional information. +::: + + +![Isilon Options page](/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonoptions.webp) + +**Step 4 –** On the Isilon Options page, choose whether or not to automatically enable and configure +auditing on the Isilon cluster. If a manual configuration has been completed, do not enable these +options. + +Follow these steps to use this automated option: + +- Check the **Enable Protocol Access Auditing in OneFS if it is disabled** box. +- Enter the User name and User password to connect to the OneFS Platform API. + + :::note + The User name entered must be an Administrator account on the Dell Isilon device. + ::: + + +- Click Connect to test the connection. If the connection is successful, discovered access zones is + displayed in the **Available** box. +- Access Zones: + + - By default, the **Monitored** box is left empty and all available access zones are monitored. + All activity for the host is collected and placed in a single activity log file per day. + - If access zones are selected, only those access zones are monitored and the activity is placed + in a single activity log file per day. + - Use the arrow buttons to move the desired access zones to the **Monitored** box. + - (_Optional_) Activity log files can be generated for each access zone. In order to generate + one activity log file for each access zone, add only one access zone to this configuration of + the monitored host. Then, add the host again for each access zone to be monitored. When adding + an Isilon host for each access zone, the Dell device name will be the same for each + configuration, but the **CIFS/NFS server name** must have a unique value. + + :::note + Although the Isilon Options page allows multiple access zones to be placed in the + Monitored box for a single Isilon host, when generating separate activity log files for each + access zones, Access Analyzer does not support this configuration. Access Analyzer + integration requires all access zones to be monitored from a single configuration. + ::: + + +Click **Next**. + +![Protocols selection page](/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonprotocols.webp) + +**Step 5 –** On the Protocols page, select which protocol to monitor. The list of protocols that can +be monitored are All, CIFS, or NIFS. Click **Next**. + +![Configure Operations page](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsforemcisilon.webp) + +**Step 6 –** On the Configure Operations page, select the **File Operations** and **Directory +Operations** options to be monitored. Additional options include: + +:::warning +Suppress Microsoft Office operations on temporary files – Filters out events for +Microsoft Office temporary files. When Microsoft Office files are saved or edited, many temporary +files are created. With this option enabled, events for these temporary files are ignored. This +feature may delay reporting of activity. +::: + + +Click **Next**. + +![Configure Basic Options](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp) + +**Step 7 –** On the Configure Basic Options page, choose which settings to enable. The “Log files” +are the activity logs created by the activity agent on the proxy host. Select the desired options: + +- Report account names – Adds an **Account Name** column in the generated TSV files +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Resolve UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. + - When this option is selected, the user needs to provide credentials in the Auditing tab. If + credentials are not provided, the following warning message is displayed: + - Credentials are required for this feature. Provide the credentials in the Auditing tab. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + +Click **Next**. + +![Where to Log the Activity Page Generic](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 8 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 9 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While the Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![Syslog Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 10 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the text box. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- Syslog message template – Click the ellipsis (…) to open the Syslog Message Template window. The + following Syslog templates have been provided: + - AlienVault / Generic Syslog + - CEF – Incorporates the CEF message format + - HP Arcsight + - LEEF – Incorporates the LEEF message format + - LogRhythm + - McAfee + - QRadar – Use this template for IBM QRadar integration + - Splunk – Use this template for Splunk integration + - Threat Manager – Use this template for Threat Manager integration. This is the only supported + template for Threat Manager. See the + [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) + for additional information. + - Custom templates can be created. Select the desired template or create a new template by + modifying an existing template within the Syslog Message Template window. The new message + template will be named Custom. +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Resolve UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. + - When this option is selected, the user needs to provide credentials in the Auditing tab. If + credentials are not provided, the following warning message is displayed: + - Credentials are required for this feature. Provide the credentials in the Auditing tab. +- The Test button – Sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with Dell Isilon added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcisilon.webp) + +The added Dell Isilon/PowerScale host is displayed in the monitored hosts/services table. Once a host has +been added for monitoring, configure the desired outputs. See the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for additional information. + +## Host Properties for Dell Isilon/PowerScale + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Dell Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md) +- [Auditing Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/auditing.md) +- [Unix IDs Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerstore.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerstore.md new file mode 100644 index 0000000000..88dcb1a8e9 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerstore.md @@ -0,0 +1,197 @@ +--- +title: "Dell PowerStore" +description: "Dell PowerStore" +sidebar_position: 30 +--- + +# Dell PowerStore + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Dell PowerStore host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[Dell PowerStore Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/powerstore-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Dell PowerStore Host + +Follow the steps to add a Dell PowerStore host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click **Add**. The Add New Host +window opens. + +![addagent01](/images/activitymonitor/9.0/admin/monitoredhosts/add/addagent01.webp) + +**Step 2 –** On the **Choose Agent** page, select the Agent to monitor the file server. +Click**Next**. + +![powerstoreaddhost01](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost01.webp) + +**Step 3 –** On the Add Host page, select the Dell PowerStore radio button and enter the file server +name. Click **Next**. + +:::note +All Dell event source types must have the CEE Monitor Service installed on the agent in +order to collect events. Activity Monitor will detect if the CEE Monitor is not installed and +display a warning to install the service. If the CEE Monitor service is installed on a remote +machine, manual configuration is required. See the +[Dell CEE Options Tab](/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md) topic for additional information. +::: + + +![powerstoreaddhost02](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost02.webp) + +**Step 4 –** On the Protocols page, specify the protocols to monitor. The list of protocols that can +be monitored are, All, CIFS, or NFS. Once a protocol is selected, click **Next**. + +![powerstoreaddhost03](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost03.webp) + +**Step 5 –** On the Configure Operations page, select the File Operations and Directory Operations +to be monitored. + +- Suppress reporting of File Explorer's excessive directory traversal activity – Filters out events + of excessive directory traversal in File Explorer. + +Click **Next**. + +![powerstoreaddhost04](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost04.webp) + +**Step 6 –** On the Configure Basic Operations page, choose which settings to enable. Select one of +the following options: + +- Report account names – Adds an Account Name column in the generated TSV files. +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Report UNC paths – Adds a UNC Path column and a Rename UNC Path column in the generated TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. These columns have also been added as Syslog macros. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second. + +Click **Next**. + +![powerstoreaddhost05](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost05.webp) + +**Step 7 –** On the Where to log the activity page, select whether to send the activity to either a +Log File or Syslog Server. Click **Next**. + +:::note +An option must be selected before moving to the next step. +::: + + +![powerstoreaddhost06](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost06.webp) + +**Step 8 –** If Log File is selected on the Where To Log The Activity page, the File Output page can +be configured. + +- Specify output file path – Specify the file path where TSV log files are saved on the agent's + server. Click the ellipses button (...) to open the Windows Explorer to navigate to a folder + destination. Click **Test** to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered as the number of + days elapses. The default is 10 days. Use the dropdown to specify whether to keep the Log files + for a set amount of Minutes, Hours, or Days. This retention setting applies both to the local + files on the agent's server and to the archived files. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + :::note + While Activity Monitor can have multiple configurations for log file outputs per host, + Access Analyzer can only read one of them. + ::: + + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + + :::note + Access Analyzer does not support log files with the header. + ::: + + +Click **Next**. + +![powerstoreaddhost07](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost07.webp) + +**Step 9 –** If Syslog Server is selected on the Where To Log The Activity page, the Syslog Output +page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the **Message framing** drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![powerstoreaddhost08](/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost08.webp) + +The added Dell PowerStore host is displayed in the monitored hosts/services table. Once a host has been added +for monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) +topic for additional information. + +## Host Properties for Dell PowerStore + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Dell Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellunity.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellunity.md new file mode 100644 index 0000000000..a4e9797ded --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellunity.md @@ -0,0 +1,229 @@ +--- +title: "Dell Unity" +description: "Dell Unity" +sidebar_position: 40 +--- + +# Dell Unity + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Dell Unity host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[Dell Unity Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/unity-activity.md) topic for +additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Dell VNX/Celerra Host + +Follow the steps to add a Dell Unity host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent window](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor the storage device. + +![Add Host window with Dell Unity selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhostemcunity.webp) + +**Step 3 –** On the Add Host page, select the Dell Unity radio button and enter the **NAS Server +Name** for the device. If desired, add a **Comment**. Click **Next**. + +:::note +All Dell event source types must have the CEE Monitor Service installed on the agent in +order to collect events. Activity Monitor will detect if the CEE Monitor is not installed and +display a warning to install the service. If the CEE Monitor service is installed on a remote +machine, manual configuration is required. See the +[Dell CEE Options Tab](/docs/activitymonitor/9.0/admin/agents/properties/dellceeoptions.md) topic for additional information. +::: + + +![Protocol Monitoring Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonprotocols.webp) + +**Step 4 –** On the Protocols page, select which protocols to monitor. The protocols that can be +monitored are All, CIFS, or NIFS. Click **Next**. + +![Configure Operations Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsforemcisilon.webp) + +**Step 5 –** On the Configure Operations page, select the **File Operations** and **Directory +Operations** to be monitored. Additional options include: + +:::warning +Suppress Microsoft Office operations on temporary files – Filters out events for +Microsoft Office temporary files. When Microsoft Office files are saved or edited, many temporary +files are created. With this option enabled, events for these temporary files are ignored. This +feature may delay reporting of activity. +::: + + +Click **Next**. + +![Configure Basic Options Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp) + +**Step 6 –** On the Configure Basic Options page, choose which settings to enable. The “Log files” +are the activity logs created by the activity agent on the proxy host. Select the desired options: + +- Report account names – Adds an **Account Name** column in the generated TSV files +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Resolve UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. + - When this option is selected, the user needs to provide credentials in the Auditing tab. If + credentials are not provided, the following warning message is displayed: + - Credentials are required for this feature. Provide the credentials in the Auditing tab. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + +Click **Next**. + +![wheretologgeneric](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 8 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While the Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![Syslog Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 9 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the text box. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- Syslog message template – Click the ellipsis (…) to open the Syslog Message Template window. The + following Syslog templates have been provided: + - AlienVault / Generic Syslog + - CEF – Incorporates the CEF message format + - HP Arcsight + - LEEF – Incorporates the LEEF message format + - LogRhythm + - McAfee + - QRadar – Use this template for IBM QRadar integration + - Splunk – Use this template for Splunk integration + - Threat Manager – Use this template for Threat Manager integration. This is the only supported + template for Threat Manager. See the + [Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) + for additional information. + - Custom templates can be created. Select the desired template or create a new template by + modifying an existing template within the Syslog Message Template window. The new message + template will be named Custom. +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Resolve UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. + - When this option is selected, the user needs to provide credentials in the Auditing tab. If + credentials are not provided, the following warning message is displayed: + - Credentials are required for this feature. Provide the credentials in the Auditing tab. +- The Test button – Sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with Dell Unity host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcunity.webp) + +The added Dell Unity host is displayed in the monitored hosts/service table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for Dell Unity + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Dell Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md) +- [Unix IDs Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/entraid.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/entraid.md new file mode 100644 index 0000000000..eedd9628cc --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/entraid.md @@ -0,0 +1,162 @@ +--- +title: "Microsoft Entra ID" +description: "Microsoft Entra ID" +sidebar_position: 70 +--- + +# Microsoft Entra ID + +**Understanding Microsoft Entra ID Activity Monitoring** + +The Activity Monitor can be configured to monitor the following Microsoft Entra ID (formerly Azure +AD) changes: + +- Report Sign-In events +- Reports over 800 audit events in different categories, including: + +| | | | +| ----------------------- | ---------------------- | -------------------- | +| Administrative Unit | Application Management | Authentication | +| Authorization | Authorization Policy | Contact | +| Device | Device Configuration | Directory Management | +| Entitlement Management | Group Management | Identity Protection | +| Kerberos Domain | Key Management | Label | +| Permission Grant Policy | Policy | Policy Management | +| Resource Management | Role Management | User Management | + +- Reports on audit events across different services, including: + +| | | | | +| ----------------------------- | -------------------------------- | --------------------- | ------------------- | +| AAD Management UX | Access Reviews | Account Provisioning | Application Proxy | +| Authentication Methods | B2C | Conditional Access | Core Directory | +| Device Registration Service | Entitlement Management | Hybrid Authentication | Identity Protection | +| Invited Users | MIM Service | MyApps | PIM | +| Self-Service Group Management | Self-service Password Management | Terms of Use | | + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding aMicrosoft Entra ID host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[Microsoft Entra ID Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/entraid-activity.md) topic +for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Azure Active Directory / Entra ID Host + +Follow the steps to add a Microsoft Entra ID host to be monitored. + +**Step 1 –** In the Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Add Host - Choose Agent](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor the storage device. + +![Add Host page](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostentraid.webp) + +**Step 3 –** On the Add Host page, select the **Azure Active Directory / Entra ID** radio button and +enter the Primary domain in the **Domain name** field. + +_(Optional)_ Enter a comment for the Microsoft Entra ID host. + +![entraidconnection](/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidconnection.webp) + +**Step 4 –** On the Azure AD / Entra ID Connection page, enter a Tenant ID, Client ID, and Client +Secret. Optional add a Region. Then click **Connect** to grant permissions to read the audit log. +Click **Open Instruction...** for steps on registering the Activity Monitor with Microsoft Entra ID. +Click **Next**. + +![Add Host - Azure AD Operations page](/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidoperations.webp) + +**Step 5 –** On the Azure AD / Entra ID Operations page, select which audit activity to monitor. +Click **Next**. + +![wheretologgeneric](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 6 –** On the Where To Log The Activity page, select where to send the activity events: + +- Log file – Sends to a TSV or JSON file +- Syslog Server – Sends to a configured SIEM system +- Netwrix Threat Manager – Sends to Netwrix Threat Manager + +![fileoutputpage](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 7 –** If **Log Files** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. The configurable options are: + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Netwrix Access Analyzer – Enable this option to have Netwrix Access Analyzer collect this monitored + host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While the Activity Monitor can have multiple configurations per host, Netwrix Access Analyzer + can only read one of them. + +Click **Next**. + +![syslogoutputpage](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp) + +**Step 8 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. The configurable options are: + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Azure Active Directory in Activity Monitor](/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidadded.webp) + +The added Microsoft Entra ID host is displayed in the monitored hosts/service table. Once a host has been +added for monitoring, configure the desired outputs. See the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for additional information. + +## Host Properties for Microsoft Entra ID + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Connection Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md new file mode 100644 index 0000000000..3e653517a6 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md @@ -0,0 +1,143 @@ +--- +title: "Exchange Online" +description: "Exchange Online" +sidebar_position: 50 +--- + +# Exchange Online + +Prior to adding an Exchange Online host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[Exchange Online Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/exchange-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Exchange Online Host + +Follow the steps to add an Exchange Online host to be monitored. + +**Step 1 –** In the Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Add Host - Choose Agent](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor the storage device. + +![Add Host Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/addexchangeonline.webp) + +**Step 3 –** On the Add Host page, select the Exchange Online radio button and enter the domain +name. + +_(Optional)_ Enter a comment for the Exchange Online host. + +![Azure AD Connection - Exchange Online](/images/activitymonitor/9.0/admin/monitoredhosts/add/connection.webp) + +**Step 4 –** On the Azure AD / Entra ID Connection page, enter Tenant ID, Client ID, Client Secret, +and Region(optional) then click **Connect** to verify the connection.. Click **Open Instruction...** +for steps on registering the Activity Monitor with Microsoft Azure. Click **Next**. + +![operations](/images/activitymonitor/9.0/admin/monitoredhosts/add/operations.webp) + +**Step 5 –** On the Exchange Online Operations page, configure the options found in the following +tabs: + +- Admin Activity +- Mailbox Audit +- DLP +- Other + +These options can be configured again in a Exchange Online host's properties window. See the +[Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) for additional information. Click **Next**. + +![Mailboxes to Exclude](/images/activitymonitor/9.0/admin/monitoredhosts/add/mailboxesexclude.webp) + +**Step 6 –** Click **Add Mailbox** to display the Select User dialog box. Specify the mailboxes that +will be filtered during collection. Click **Next**. + +![usersexclude](/images/activitymonitor/9.0/admin/monitoredhosts/add/usersexclude.webp) + +**Step 7 –** Click **Add User** to display the Select User dialog box. Specify the user or email +that will be filtered during collection. Click **Next**. + +![Where to log activity - Exchange Online](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologactivity.webp) + +**Step 8 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. + +![File Output - Exchange Online](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp) + +**Step 9 –** If **Log Files** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. The configurable options are: + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Netwrix Access Analyzer (StealthAUDIT) – Enable + this option to have Netwrix Access Analyzer collect this monitored + host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While the Activity Monitor can have multiple outputs per host, Netwrix Access Analyzer + can only read one of them. + +Click **Next**. + +![Syslog Output - Exchange Online](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 10 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. The configurable options are: + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Exchange Online in Activity Monitor](/images/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.webp) + +The added Exchange Online host is displayed in the monitored hosts/service table. Once a host has been added +for monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) +topic for additional information. + +## Host Properties for Exchange Online + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Connection Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/hitachi.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/hitachi.md new file mode 100644 index 0000000000..feeef08ca0 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/hitachi.md @@ -0,0 +1,167 @@ +--- +title: "Hitachi" +description: "Hitachi" +sidebar_position: 60 +--- + +# Hitachi + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Hitachi host to the Activity Monitor, the prerequisites for the target environment +must be met. See the +[Hitachi Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/hitachi-activity.md) topic for +additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Hitachi NAS Host + +Follow the steps to add a Hitachi host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent page](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor the storage device. Click +**Next**. + +![Add Host page with Hitachi NAS selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhosthitachi.webp) + +**Step 3 –** On the Add Host page, select the Hitachi NAS radio button and enter the **EVS or file +system name** for the device. If desired, add a **Comment**. Click **Next**. + +![Hitachi NAS Options page](/images/activitymonitor/9.0/admin/monitoredhosts/add/hitachinasoptions.webp) + +**Step 4 –** On the Hitachi NAS Options page, enter the **Logs path (UNC)** and the **Active Log +file name**. Then enter the credentials to access the HNAS Log files. Click Connect to validate the +connection with the Hitachi device. Click **Next**. + +![Configure Operations page for Hitachi NAS](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationshitachi.webp) + +**Step 5 –** On the Configure Operations page, select the **File Operations** and **Directory +Operations** to be monitored. Click **Next**. + +![Configure Basic Options page for Hitachi NAS](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionshitachi.webp) + +**Step 6 –** On the Configure Basic Options page, choose which settings to enable. The “Log files” +are the activity logs created by the activity agent on the proxy host. Select the desired options: + +- Report UNC paths – Adds a UNC Path column and a Rename UNC Path column in the generated TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + +Click **Next**. + +![Where To Log The Activity](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologtheactivity.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 8 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Netwrix Access Analyzer + collect this monitored host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Netwrix Access Analyzer + can only read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![syslogoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 9 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with Hitachi Host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorhitachi.webp) + +The added Hitachi host is displayed in the monitored hosts/service table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for Hitachi + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Hitachi NAS Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/hitachinas.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/nasuni.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/nasuni.md new file mode 100644 index 0000000000..3d0ed43c9e --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/nasuni.md @@ -0,0 +1,207 @@ +--- +title: "Nasuni" +description: "Nasuni" +sidebar_position: 80 +--- + +# Nasuni + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Nasuni Edge Appliance host to the Activity Monitor, the prerequisites for the +target environment must be met. See the +[Nasuni Edge Appliance Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nasuni-activity.md) topic +for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Nasuni Host + +Follow the steps to add a Nasuni Edge Appliance host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent page](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor the storage device. Click +**Next**. + +![Add Host page with Nasuni selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnasuni.webp) + +**Step 3 –** On the Add Host page, select the Nasuni radio button and enter the host name or IP +Address of the Nasuni Edge Appliance in the Nasuni Filer textbox. If desired, add a **Comment**. +Click **Next**. + +![Nasuni Options page](/images/activitymonitor/9.0/admin/monitoredhosts/add/nasunioptions.webp) + +**Step 4 –** On the Nasuni Options page, enter the **API Key Name** and the **API Key Value**. Click +Connect to validate the connection with the Nasuni device. + +- Protocol – Select from the following options in the drop-down list: + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors +- Connect – Click to connect using the selected protocol and validate the connection with NetApp + +Click **Next**. + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp) + +- HTTPS Options – Opens the Trusted server certificate window to customize the certificate + verification during a TLS session + - Import – Click to browse for a trusted server certificate + - Remove – Click to remove the selected trusted server certificate + - Enable hostname verification – Select this checkbox to ensure that the host name the product + connects to matches the name in the certificate (CN name) +- Click OK to close the window and save the modifications. + +**Step 5 –** On the Configure Operations page, select the **File Operations, Directory Operations**, +and **Link Operations** to be monitored. Additional options include: + +:::warning +Enabling the Suppress subsequent Read operations in the same folder option can result +in Read events not being monitored. +::: + + +- Suppress subsequent Read operations in the same folder – Logs only one Read operation when + subsequent Read operations occur in the same folder. This option is provided to improve overall + performance and reduce output log volume. +- Suppress reporting of File Explorer's excessive directory traversal activity – Filters out events + of excessive directory traversal in File Explorer. +- Suppress Microsoft Office operations on temporary files – Filters out events for Microsoft Office + temporary files. When Microsoft Office files are saved or edited, many temporary files are + created. With this option enabled, events for these temporary files are ignored. + +Click **Next**. + +![Configure Basic Options page for Nasuni](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnasuni.webp) + +**Step 6 –** On the Configure Basic Options page, choose which settings to enable. The “Log files” +are the activity logs created by the activity agent on the proxy host. Select the desired options: + +- Report account names – Adds an Account Name column in the generated TSV files +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Report UNC paths – Adds a **UNC Path** column and a **Rename UNC Path** column in the generated + TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. These columns have also been added as Syslog macros. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + +Click **Next**. + +![Where to log the activity page](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 8 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer  when integration is + available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![Syslog Output page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp) + +**Step 9 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with Nasuni host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornasuni.webp) + +The added Nasuni host is displayed in the monitored hosts/services table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for Nasuni + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Nasuni Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nasuni.md) +- [Unix IDs Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/netapp.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/netapp.md new file mode 100644 index 0000000000..120ca48942 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/netapp.md @@ -0,0 +1,345 @@ +--- +title: "NetApp" +description: "NetApp" +sidebar_position: 90 +--- + +# NetApp + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a NetApp Data ONTAP host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/ontap-cluster-activity.md) +topic or the +[NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/ontap7-activity.md) +topic in the for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add NetApp Host + +Follow the steps to add a NetApp Data ONTAP host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Add New Host - Choose Agent page](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor the storage device. Click +**Next**. + +![Add New Host - Add Host page with NetApp selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnetapp.webp) + +**Step 3 –** On the Add Host page, select the NetApp radio button. Then, in the NetApp Filer/SVM +textbox, enter the following information: + +- Cluster-Mode devices – Enter the NetApp Filer/SVM +- 7-Mode devices – Enter the NetApp DNS name. If using vFilers, then it is necessary to use the + vFiler name here. + +Click **Next**. + +![NetApp Host Connection Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/netappconnection.webp) + +:::warning +Cluster-Mode is case sensitive. The case of the Filer or SVM name must match exactly to +how it is in NetApp's FPolicy configuration. +::: + + +**Step 4 –** On the NetApp Connection page, enter the following: + +- NetApp Filer or SVM – Enter the name of the NetApp Filer or SVM. The name is case sensitive. +- Management LIF – _(Optional)_ If using Cluster Management LIF, a Management LIF can be specified + if SVM Management LIF is not used (Vserver Tunneling) +- User name – Enter the user name for the credentials to connect to the NetApp server +- User password – Enter the password for the credentials to connect to the NetApp server +- Protocol – Select from the following options in the drop-down list: + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors + - HTTP +- Connect – Click to connect using the selected protocol and validate the connection with NetApp + +Click **Next**. + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp) + +- HTTPS Options – Opens the Trusted server certificate window to customize the certificate + verification during a TLS session + - Import – Click to browse for a trusted server certificate + - Remove – Click to remove selected trusted server certificate + - Enable hostname verification – Select this checkbox to ensure that the host name the product + connects to matches the name in the certificate (CN name) + - Click OK to close the window and save the modifications. + +![NetApp FPolicy Configuration page](/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyconfiguration.webp) + +**Step 5 –** On the NetApp Mode FPolicy Configuration page, choose whether or not to automatically +configure FPolicy through Activity Monitor. If that is desired, check the Configure FPolicy option. +Any additional permissions required are listed. Be sure to select the appropriate file protocol to +configure the FPolicy. + +:::warning +NetApp FPolicy Enable and Connect requires the provisioned user account to have full +permissions. For Cluster-mode devices, the credentials are identified as ‘Employing the “Configure +FPolicy” Option’. +::: + + +Additional permissions that are required if enabling **Configure FPolicy** are: + +- Command `vserver fpolicy` - Access level: `All` +- Command `security certificate install` - Access level `All `(Need for FPolicy TLS only) + +Click **Next**. + +**Important Notes** + +:::info +For NetApp Cluster-Mode, create a tailored FPolicy manually. If manually +configuring the FPolicy, do not select the ConfigureFPolicy checkbox. +::: + + +If automatic configuration is selected, proceed to the Configure Privileged Access section after +successfully adding the host. + +![NetApp FPolicy Enable and Connect window](/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyenableconnect.webp) + +The options on the Configure Operations page require the provisioned user account to have, at a +minimum, the less privileged permissions. For Cluster-mode devices, the credentials are identified +as ‘Employing the “Enable and connect FPolicy” Option’. + +:::warning +On the NetApp FPolicy Enable and Connect page, choose whether or not to Enable and +connect FPolicy, which will “Ensure everything is active with periodic checks.” +::: + + +Additional permissions that are required if enabling **Enable and connect FPolicy** are: + +- Command `vserver fpolicy disable` - Access level `All` +- Command `vserver fpolicy enable` - Access level `All` +- Command `vserver fpolicy engine-connect` - Access level `All` +- Command `network interface` - Access level `readonly` + +**Important Notes** + +:::info +Enable this functionality. Without this option enabled, it is necessary to +manually connect the FPolicy every time it is disconnected for any reason. For reliable, high +availability file monitoring, use this option. +::: + + +Click **Next**. + +![protocolspage](/images/activitymonitor/9.0/admin/monitoredhosts/add/protocolspage.webp) + +**Step 6 –** On the Protocols page, select which protocols to monitor. The protocols that can be +monitored are: + +- All +- CIFS +- NFS + +Click **Next**. + +![Configure Operations window for NetApp](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsnetapp.webp) + +**Step 7 –** On the Configure Operations page, select the File Operations and Directory Operations +to be monitored. + +:::note +NetApp Data ONTAP Cluster-Mode Device folders are now readable by checking the Read / List +option listed under Directory Operations. This option is also accessible within the NetApp server’s +properties > Operations tab. +::: + + +If the Configure FPolicy option is enabled, then Activity Monitor updates the FPolicy according to +these settings. If it was not enabled, then the manually configured FPolicy must be set to monitor +these operations. Only operations being monitored by the FPolicy are available to the activity +agent. + +Additional options include: + +:::warning +Enabling the Suppress subsequent Read operations in the same folder option can result +in Read events not being monitored. +::: + + +- Suppress subsequent Read operations in the same folder – Logs only one Read operation when + subsequent Read operations occur in the same folder. This option is provided to improve overall + performance and reduce output log volume. +- Suppress Microsoft Office operations on temporary files – Filters out events for Microsoft Office + temporary files. When Microsoft Office files are saved or edited, many temporary files are + created. With this option enabled, events for these temporary files are ignored. + +Click **Next**. + +![Configure Basic Options page for NetApp](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnetapp.webp) + +**Step 8 –** On the Configure Basic Options page, choose which settings to enable. The “Log files” +are the activity logs created by the activity agent on the proxy host. Select the desired options: + +- Report account names – Adds an Account Name column in the generated TSV files +- Add C:\ to the beginning of the reported file paths – Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Report UNC paths – Adds a UNC Path column and a Rename UNC Path column in the generated TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + - Access Analyzer 8.1+ is required for this feature + +Click **Next**. + +![wheretologgeneric](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 9 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![fileoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp) + +**Step 10 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Netwrix Access Analyzer + collect this monitored host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Netwrix Access Analyzer + can only read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![syslogoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 11 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with NetApp Host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornetapp.webp) + +The added NetApp host is displayed in the monitored hosts/services table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +:::tip +Remember, if automatic configuration of the FPolicy was selected, it is necessary to Configure +Privileged Access. +::: + + +## Configure Privileged Access + +If automatic configuration of the FPolicy is used for NetApp Data ONTAP Cluster-Mode devices, it is +necessary to configure privileged access. Follow the steps to configure privileged access. Remember, +this requires the provisioned user account to have full permissions, identified as the credentials +‘Employing the “Configure FPolicy” Option’. + +**Step 1 –** On to the Monitored Hosts & Services tab, select the desired host and click Edit. The host’s +Properties window opens. + +![NetApp Host Properties FPolicy Tab](/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicytab.webp) + +**Step 2 –** On the FPolicy tab, select the **Privileged Access** tab. Select the Allow privileged +access checkbox and provide the Privileged user name in the textbox. + +:::note +This option is only available if the Configure FPolicy option is enabled. +::: + + +Privileged access must be allowed and configured with appropriate credentials to leverage Access +Analyzer permission (FSAA) scans for this NetApp device + +For information on the other options for this tab, see the [FPolicy Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicy.md) +section. + +## Host Properties for NetApp + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [NetApp Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/netapp.md) +- [FPolicy Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicy.md) +- [Unix IDs Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/nutanix.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/nutanix.md new file mode 100644 index 0000000000..1a103005da --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/nutanix.md @@ -0,0 +1,204 @@ +--- +title: "Nutanix" +description: "Nutanix" +sidebar_position: 100 +--- + +# Nutanix + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Nutanix files host to the Activity Monitor, the prerequisites for the target +environment must be met. See +[Nutanix Files Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nutanix-activity.md) for more +information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Network Adapter for Nutanix File Server + +Ensure that the correct network adapter is specified in the Network page for an agent before adding +a Nutanix file server to be monitored. + +![nutanixnetworkadapter](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixnetworkadapter.webp) + +The agent registers the IP address of the network adapter in the Nutanix auditing configuration for +activity delivery. Nutanix Files server connects to the agent using the TCP port 4501. See the +[Network Tab](/docs/activitymonitor/9.0/admin/agents/properties/network.md) topic for additional information. + +## Add Nutanix Host + +Follow the steps to add a Nutanix files host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click **Add**. The Add New Host +window opens. + +![Choose Agent](/images/activitymonitor/9.0/admin/monitoredhosts/add/addagent01.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor the file server from the +drop-down list. Click **Next**. + +![Add Host](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost02.webp) + +**Step 3 –** On the Add Host page, select the **Nutanix Files** radio button and enter the file +server name. Click **Next**. + +![Nutanix Options](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_04.webp) + +**Step 4 –** On the Nutanix Options page, enter the user name and password. + +:::note +The credentials used on the Nutanix Options page are for the Nutanix user having REST API +access. +::: + + +- Protocol – Select from the following options in the drop-down list: + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors +- Connect – Click **Connect** to connect to the Nutanix device using the selected protocol and + validate the connection. + +Click **Next**. + +![Configure Operations](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_05.webp) + +**Step 5 –** On the Configure Operations page, select the File Operations and Directory Operations +to be monitored. + +Click **Next**. + +![Configure Operations](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_06.webp) + +**Step 6 –** On the Configure Basic Operations page, choose which settings to enable. The “Log +files” are the activity logs created by the activity agent on the agent's server. Select one of the +following options: + +- Report account names: Adds an Account Name column in the generated TSV files. +- Add C:\ to the beginning of the reported file paths: Adds ‘C:\” to file paths to be displayed like + a Windows file path: + - Display example if checked: C:\Folder\file.txt + - Display example if unchecked: /Folder/file.text +- Report operations with millisecond precision - Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second. + - Access Analyzer 8.1+ is required to use this feature. + +Click **Next**. + +![Where to log the activity](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_07.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +Log File or Syslog Server. Click **Next**. + +:::note +An option must be selected before moving to the next step. +::: + + +![File Output](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_08.webp) + +**Step 8 –** If Log File is selected on the Where To Log The Activity page, configure the File +Output page. + +- Specify output file path – Specify the file path where TSV log files are saved on the agent's + server. Click the ellipses button (...) to open the Windows Explorer to navigate to a folder + destination. Click **Test** to test if the path works. +- Period to keep Log files –Log files will be deleted after the period entered as the number of days + elapses. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. This setting applies to both the local files on the agent's + server and to the archived files. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + :::note + While Activity Monitor can have multiple configurations for log file outputs per host, + Access Analyzer can only read one of them. + ::: + + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + + :::note + Access Analyzer does not support log files with the header. + ::: + + +Click **Next**. + +![Syslog Output](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_09.webp) + +**Step 9 –** If Syslog Server is selected on the Where To Log The Activity page, configure the +Syslog Output page. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the **Message framing** drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![nutanixoptions_10](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_10.webp) + +The added Nutanix host is displayed in the monitored hosts/service table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for Nutanix + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Nutanix Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nutanix.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/overview.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/overview.md new file mode 100644 index 0000000000..5356611a79 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/overview.md @@ -0,0 +1,34 @@ +--- +title: "Add New Host Window" +description: "Add New Host Window" +sidebar_position: 10 +--- + +# Add New Host Window + +Once an agent has been deployed, you can configure a host to be monitored by clicking the Add Host +button on the Monitored Hosts & Services tab. + +![Add New Host window](/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhost.webp) + +The window opens for all types of hosts that can be monitored with an Activity Agent. See the +following topics for additional information: + +- [Azure Files](/docs/activitymonitor/9.0/admin/monitoredhosts/add/azurefiles.md) +- [CTERA](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ctera-activity.md) +- [Dell Celerra or VNX](/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellcelerravnx.md) +- [Dell Isilon/PowerScale](/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerscale.md) +- [Dell PowerStore](/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellpowerstore.md) +- [Dell Unity](/docs/activitymonitor/9.0/admin/monitoredhosts/add/dellunity.md) +- [Exchange Online](/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md) +- [Hitachi](/docs/activitymonitor/9.0/admin/monitoredhosts/add/hitachi.md) +- [Microsoft Entra ID](/docs/activitymonitor/9.0/admin/monitoredhosts/add/entraid.md) +- [Nasuni](/docs/activitymonitor/9.0/admin/monitoredhosts/add/nasuni.md) +- [NetApp](/docs/activitymonitor/9.0/admin/monitoredhosts/add/netapp.md) +- [Nutanix](/docs/activitymonitor/9.0/admin/monitoredhosts/add/nutanix.md) +- [Panzura](/docs/activitymonitor/9.0/admin/monitoredhosts/add/panzura.md) +- [Qumulo](/docs/activitymonitor/9.0/admin/monitoredhosts/add/qumulo.md) +- [SharePoint](/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepoint.md) +- [SharePoint Online](/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.md) +- [SQL Server](/docs/activitymonitor/9.0/admin/monitoredhosts/add/sqlserver.md) +- [Windows](/docs/activitymonitor/9.0/admin/monitoredhosts/add/windows.md) diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/panzura.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/panzura.md new file mode 100644 index 0000000000..ebf894839d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/panzura.md @@ -0,0 +1,203 @@ +--- +title: "Panzura" +description: "Panzura" +sidebar_position: 110 +--- + +# Panzura + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Threat Prevention +- Netwrix Threat Manager + +## Add Panzura Host + +Prior to adding a Panzura host to the Activity Monitor, the prerequisites for the target environment +must be met. See the [Panzura CloudFS Monitoring](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/panzura-activity.md) topic for +additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +Follow the steps to add a Panzura host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor the storage device. Click +**Next**. + +![Add Host](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostpanzura.webp) + +**Step 3 –** On the Add Host page, select the **Panzura** radio button and enter the **Panzura filer +name**. Click **Next**. + +![Panzura Properties](/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraoptions.webp) + +**Step 4 –** On the Panzura Options page, enter the **Username**, **Password**, and select the +**Protocol** to be used by the Panzura host. + +- The different protocols that can be selected are: + + - Auto Detect (Default) + - HTTPS + - HTTPS, ignore certificate errors + + Click **HTTPS Options** to open the Trusted server certificate window. + +Click **Next**. + +![Customize Certifiacte Verification](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp) + +- HTTPS Options – Opens the Trusted server certificate window to customize the certificate + verification during a TLS session + + - Import – Click to browse for a trusted server certificate + - Remove – Click to remove selected trusted server certificate + - Enable hostname verification – Select this checkbox to ensure that the host name the product + connects to matches the name in the certificate (CN name) + - Click OK to close the window and save the modifications + + Click **Connect** to connect to the Panzura device. Click **Next**. + +![Configure Operations](/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraconfigureoperations.webp) + +**Step 5 –** On the Configure Operations page, select the **File Operations** and **Directory +Operations** to be monitored. + +- Suppress Microsoft Office operations on temporary files – Filters out events for Microsoft Office + temporary files. When Microsoft Office files are saved or edited, many temporary files are + created. With this option enabled, events for these temporary files are ignored. + +Click **Next**. + +![configurebasicoptionspanzura](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionspanzura.webp) + +**Step 6 –** On the Configure Basic Options page, choose which of the following settings to enable: + +- Add C:\ to the beginning of the reported file paths - Adds ‘C:\” to file paths to be displayed + like a Windows file path: + - Display example if checked – C:\Folder\file.txt + - Display example if unchecked – /Folder/file.text +- Report UNC paths - Adds a UNC Path column and a Rename UNC Path column in the generated TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – `[HOST]:/[VOLUME]/[PATH]` + - Example NFS activity – `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. +- Report operations with millisecond precision - Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second. + - Access Analyzer 8.1+ is required to use this feature. + +Click **Next**. + +![wheretologgeneric](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +:::note +An option must be selected before moving to the next step. +::: + + +![fileoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp) + +**Step 8 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where TSV log files are saved on the agent's + server. Click the ellipses button (...) to open the Windows Explorer to navigate to a folder + destination. Click **Test** to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered as the number of + days elapses. The default is 10 days. Use the dropdown to specify whether to keep the Log files + for a set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + +Click **Next**. + +![syslogoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 9 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the **Message framing** drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![activitymonitorpanzura](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorpanzura.webp) + +The added Panzura host is displayed in the monitored hosts/services table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for Panzura + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Panzura Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/panzura.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/qumulo.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/qumulo.md new file mode 100644 index 0000000000..e8e78b303d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/qumulo.md @@ -0,0 +1,167 @@ +--- +title: "Qumulo" +description: "Qumulo" +sidebar_position: 120 +--- + +# Qumulo + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Prevention +- Netwrix Threat Manager + +Prior to adding a Qumulo host to the Activity Monitor, the prerequisites for the target environment +must be met. See the [Qumulo Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/qumulo-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add Qumulo Host + +Follow the steps to add a Qumulo host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click **Add**. The Add New Host +window opens. + +![addagent01](/images/activitymonitor/9.0/admin/monitoredhosts/add/addagent01.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor the file server from the +drop-down list. Click **Next**. + +![addhostqumulo01](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo01.webp) + +**Step 3 –** On the Add Host page, select the **Qumulo** radio button and enter the file server +name. Click **Next**. + +![addhostqumulo02](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo02.webp) + +**Step 4 –** On the Qumulo Options page, enter the user name and password. + +- Protocol – Select from the following options in the drop-down list: + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors +- Connect – Click **Connect** to connect to the Qumulo device using the selected protocol and + validate the connection. + +The following values are shown for information purposes. You can use them to configure auditing in +Qumulo. + +- Syslog Address – Address to configure Qumulo cluster. +- Port – Port to configure Qumulo cluster. + +Click **Next**. + +![nutanixoptions_07](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_07.webp) + +**Step 5 –** On the Where To Log The Activity page, select whether to send the activity to either a +Log File or Syslog Server. Click **Next**. + +:::note +An option must be selected before moving to the next step. +::: + + +![addhostqumulo04](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo04.webp) + +**Step 6 –** If Log File is selected on the Where To Log The Activity page, configure the File +Output page. + +- Specify output file path – Specify the file path where TSV log files are saved on the agent's + server. Click the ellipses button (...) to open the Windows Explorer to navigate to a folder + destination. Click **Test** to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered as the number of + days elapses. The default is 10 days. Use the dropdown to specify whether to keep the Log files + for a set number of Hours or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + :::note + While Activity Monitor can have multiple configurations for log file outputs per host, + Access Analyzer can only read one of them. + ::: + + +- Add header to Log files – Adds headers to TSV files. This is used to feed data into Splunk. + + :::note + Access Analyzer does not support log files with the header. + ::: + + +Click **Next**. + +![nutanixoptions_09](/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_09.webp) + +**Step 7 –** If Syslog Server is selected on the Where To Log The Activity page, configure the +Syslog Output page. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the **Message framing** drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![addhostqumulo06](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo06.webp) + +The added Qumulo host is displayed in the monitored hosts/services table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for Qumulo + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Qumulo Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/qumulo.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepoint.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepoint.md new file mode 100644 index 0000000000..827bc2b616 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepoint.md @@ -0,0 +1,162 @@ +--- +title: "SharePoint" +description: "SharePoint" +sidebar_position: 130 +--- + +# SharePoint + +**Understanding SharePoint Activity Monitoring** + +The Activity Monitor can be configured to monitor the following SharePoint changes: + +- Document is checked out +- Document is checked in +- Object is deleted +- Object is updated +- Child object is deleted +- Child object is undeleted +- Child object is moved +- Search operation is performed +- Security group is created +- Security group is deleted +- Security principal is added to a security group +- Security principal is removed from a security group + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer + +Prior to adding a SharePoint host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[SharePoint On-Premise Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-onprem-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to the SharePoint Application server that hosts the +“Central Administration” component of the SharePoint farm. +::: + + +## Add SharePoint Host + +Follow the steps to add a SharePoint host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent page](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the Agent deployed on the SharePoint Application +server that hosts the “Central Administration” component. Click **Next**. + +![Add Host page with SharePoint selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostsharepoint.webp) + +**Step 3 –** On the Add Host page, select the SharePoint radio button. If desired, add a Comment. +Click **Next**. + +![Add Host - SharePoint Options page](/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointoptions.webp) + +**Step 4 –** On the SharePoint Options page, choose to audit all sites or scope the monitoring to +specific site(s): + +- Enable auditing on selected site collections – Enabling this option will ensure that auditing is + enabled for all monitored site collections with periodic checks +- Audit all sites – Leave textbox for URLs blank + + Scope to specific sites – List URLs for sites to be monitored in the textbox. List should be + semicolon separated. + + - Examples – http://sharpoint.local/sites/marketing, + http://sharepoint.local/sites/personal/user1 + - Then enter the credentials configured as the provisioned activity monitoring account. + +- Enter valid **User Name** and **Password** for a domain account with local administrative + permissions +- Connect – Click Connect to verify the provided credentials + +Click **Next**. + +![Configure Operations page for SharePoint](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationssharepoint.webp) + +**Step 5 –** On the Configure Operations page, select the SharePoint Operations and Permissions +Operations to be monitored. Click **Next**. + +![Where to log the activity page](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 6 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 7 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- Log file format – Select whether the log file will be saved as a JSON or TSV file +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +Click **Next**. + +![Syslog Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp) + +**Step 8 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. The configurable options are: + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click Finish. + +![Activity Monitor with SharePoint host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsharepoint.webp) + +The added SharePoint host is displayed in the monitored hosts/services table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for SharePoint + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [SharePoint Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/sharepoint.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.md new file mode 100644 index 0000000000..be02c860d0 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.md @@ -0,0 +1,179 @@ +--- +title: "SharePoint Online" +description: "SharePoint Online" +sidebar_position: 140 +--- + +# SharePoint Online + +**Understanding SharePoint Activity Monitoring** + +The Activity Monitor can be configured to monitor the following SharePoint changes: + +- Document is checked out +- Document is checked in +- Object is deleted +- Object is updated +- Child object is deleted +- Child object is undeleted +- Child object is moved +- Search operation is performed +- Security group is created +- Security group is deleted +- Security principal is added to a security group +- Security principal is removed from a security group + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer + +Prior to adding a SharePoint Online host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[SharePoint Online Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-online-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add SharePoint Online Host + +Follow the steps to add a SharePoint Online host to be monitored. + +**Step 1 –** In the Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the Agent to monitor SharePoint Online. + +:::warning +The domain name must match the SharePoint Online host name in order to properly +integrate SharePoint Online activity monitoring with Access Analyzer. +::: + + +![Add Host page with SharePoint Online selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost.webp) + +**Step 3 –** On the Add Host page, select the SharePoint Online radio button and enter the Microsoft +Entra ID (formerly Azure AD) domain name. Click **Next**. + +![Add New Host - Azure AD Connection for SharePoint Online](/images/activitymonitor/9.0/admin/monitoredhosts/add/azureadconnection.webp) + +**Step 4 –** On the Azure AD / Entra ID Connection page, enter a Client ID and Client Secret, then +click **Sign-In** to grant permissions to read the auditing and directory data. Click **Open +Instruction...** for steps on registering the Activity Monitor with Microsoft Entra ID. + +- After clicking **Sign-In**, the **Sign in to your account window** opens. +- Sign-in with a Global Administrator account. +- Approve consent for the organization. + + :::note + Activity Monitor does not store credentials. The credentials are used to enable + API access using the Client ID and Secret. + ::: + + +- See the + [SharePoint Online Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-online-activity.md) + topic for additional information. + +Click **Next**. + +![SharePoint Online Operations page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileandpagetab.webp) + +**Step 5 –** On the SharePoint Online Operations page, configure the options found in the following +tabs: + +- File and Page +- Folder +- List +- Sharing and Access Request +- Site Permissions +- Site Administration +- Synchronization +- DLP +- Sensitive Label +- Content Explorer +- Other + +These options can be configured again in a SharePoint Online host's properties window. See the +[Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) for additional information. Click **Next**. + +![Where to log the activity page](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 6 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp) + +**Step 7 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. The configurable options are: + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Netwrix Access Analyzer – Enable this option to have Access Analyzer collect this monitored host configuration + + :::info + Identify the configuration to be read by Netwrix Access Analyzer when integration is available. + ::: + + + - While the Activity Monitor can have multiple configurations per host, Netwrix Access Analyzer + can only read one of them. + +Click **Next**. + +![Syslog Output Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp) + +**Step 8 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. The configurable options are: + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with SharePoint Online host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.webp) + +The added SharePoint Online host is displayed in the monitored hosts/services table. Once a host has been +added for monitoring, configure the desired outputs. See the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for additional information. + +## Host Properties for SharePoint Online + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Connection Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/sqlserver.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/sqlserver.md new file mode 100644 index 0000000000..e44a70adaa --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/sqlserver.md @@ -0,0 +1,172 @@ +--- +title: "SQL Server" +description: "SQL Server" +sidebar_position: 150 +--- + +# SQL Server + +**Understanding SQL Server Activity Monitoring** + +The Activity Monitor provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer + +Prior to adding a SQL Server host to the Activity Monitor, the prerequisites for the target +environment must be met. See the +[SQL Server Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sqlserver-activity.md) topic for +additional information. + +:::tip +Remember, the Activity Agent must be deployed to a Windows server that acts as a proxy for +monitoring the target environment. +::: + + +## Add MS SQL Server Host + +Follow the steps to add a SQL Server host to be monitored. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![chooseagent](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor the storage device, then +click **Next**. + +![addhost](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost.webp) + +**Step 3 –** On the **Add Host** page, select **MS SQL Server** and enter the **Server name or +address** for the SQL Server host., then click **Next**. + +![mssqlserveroptionspage](/images/activitymonitor/9.0/admin/monitoredhosts/add/mssqlserveroptionspage.webp) + +**Step 4 –** On the MS SQL Server Options page, configure the following options: + +- Enable Audit automatically — Check the box to enable automatic auditing if it is ever disabled +- Open instruction — Opens the **How to create a SQL Login for Monitoring** page. See the SQL Server + Database section of the + [SQL Server Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sqlserver-activity.md) topic for + additional information. +- User name — Enter the user name for the credentials for the SQL Server +- User password — Enter the password for the credentials for the SQL Server + +Click **Connect** to test the settings, then click **Next**. + +![configureoperations](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperations.webp) + +**Step 5 –** On the Configure Operations page, select which SQL Server events to monitor, then click +**Next**. + +![SQL Server Objects Page](/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverobjects.webp) + +**Step 6 –** On the SQL Server Objects page, click **Refresh**. Select the SQL Server objects to be +monitored. Click **Next**. + +![sqlserverlogontriggerpage](/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggerpage.webp) + +**Step 7 –** On the SQL Server Logon Trigger page, copy and paste the SQL script into a New Query in +the SQL database. Execute the query to create a logon trigger. Netwrix Activity Monitor will monitor +SQL logon events and obtain IP addresses for connections. The script is: + +``` +CREATE TRIGGER SBAudit_LOGON_Trigger ON ALL SERVER FOR LOGON AS BEGIN declare @str varchar(max)=cast(EVENTDATA() as varchar(max));raiserror(@str,1,1);END +``` + +![SQL Server Logon Success](/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggersuccess.webp) + +> Click **Check Status** to see if the trigger is configured properly, then click **Next**. + +![configurebasicoptions](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp) + +**Step 8 –** On the Configure Basic Options page, + +- Period to keep Log files - Activity logs are deleted after the number of days entered. Default is + set to 10 days. + + :::info + Keep a minimum of 10 days of activity logs. Raw activity logs should be + retained to meet an organization’s audit requirements. + ::: + + +Click **Next**. + +![Where To Log The Activity page](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 9 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File (TSV)** or **Syslog Server**, then click **Next**. + +![fileoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp) + +**Step 10 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +![syslogoutput](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp) + +**Step 11 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![activitymonitorsqlserverhost](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsqlserverhost.webp) + +The added SQL Server host is displayed in the monitored hosts/services table. Once a host has been added for +monitoring, configure the desired outputs. See the [Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic +for additional information. + +## Host Properties for SQL Server + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [MS SQL Server Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlserver.md) +- [Logon Trigger Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/logontrigger.md) +- [Tweak Options Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptions.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/add/windows.md b/docs/activitymonitor/9.0/admin/monitoredhosts/add/windows.md new file mode 100644 index 0000000000..7ff4d9561e --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/add/windows.md @@ -0,0 +1,202 @@ +--- +title: "Windows" +description: "Windows" +sidebar_position: 160 +--- + +# Windows + +**Understanding File Activity Monitoring** + +The Activity Monitor can be configured to monitor the following: + +- Ability to collect all or specific file activity for specific values or specific combinations of + values + +It provides the ability to feed activity data to SIEM products. The following dashboards have been +specifically created for Activity Monitor event data: + +- For IBM® QRadar®, see the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) for additional + information. +- For Splunk®, see the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) for + additional information. + +It also provides the ability to feed activity data to other Netwrix products: + +- Netwrix Access Analyzer +- Netwrix Threat Manager + +Prior to adding a Windows host to the Activity Monitor, the prerequisites for the target environment +must be met. See the +[Windows File Server Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/windowsfs-activity.md) +topic for additional information. + +:::tip +Remember, the Activity Agent must be deployed to the server. It cannot be deployed to a proxy +server. +::: + + +## Add Agent's Windows Host + +Follow the steps to add a Windows host to be monitored, if it was not configured when the agent was +deployed. + +**Step 1 –** In Activity Monitor, go to the Monitored Hosts & Services tab and click Add. The Add New Host +window opens. + +![Choose Agent](/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp) + +**Step 2 –** On the Choose Agent page, select the **Agent** to monitor deployed on the Windows file +server. Click **Next**. + +![Add Host page with Windows selected](/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostwindows.webp) + +**Step 3 –** On the Add Host page, select the Agent’s Windows host radio button. Remember, the agent +must be deployed on the Windows file server to be monitored. If desired, add a **Comment**. Click +**Next**. + +![Protocols page](/images/activitymonitor/9.0/admin/monitoredhosts/add/protocolspage.webp) + +**Step 4 –** On the Protocols page, select which protocols to monitor. The protocols that can be +monitored are: + +- All +- CIFS +- NFS + +Click **Next**. + +![Configure Operations page for Windows host](/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationswindows.webp) + +**Step 5 –** On the Configure Operations page, select the **File Operations**,**Directory +Operations**, **Share Operations** and **VSS Operations** to be monitored. Users may also filter +events by operation type by selecting the radio button: + +- All – Reports both allowed and denied operations +- Allowed only – Reports only allowed operations +- Denied only – Reports only denied operations + +Additional options include: + +:::warning +Enabling the Suppress subsequent Read operations in the same folder option can result +in Read events not being monitored. +::: + + +- Suppress subsequent Read operations in the same folder – Logs only one Read operation when + subsequent Read operations occur in the same folder. This option is provided to improve overall + performance and reduce output log volume. +- Suppress reporting of File Explorer's excessive directory traversal activity – Filters out events + of excessive directory traversal in File Explorer. +- Suppress Permission Change operations with reordered ACL – Prevents tracking events where + permission updates occurred resulting in reordered ACEs (Access Control Entries) but with no other + changes in the ACL (Access Control List). For example, if a user is removed in the security + settings of a file, and then the same user is added back with the same security permissions, the + change is not logged. +- Suppress Inherited Permission Changes – Filters out events for inherited permission changes. This + option is provided to improve overall performance and reduce output activity log volume. +- Suppress Microsoft Office operations on temporary files – Filters out events for Microsoft Office + temporary files. When Microsoft Office files are saved or edited, many temporary files are + created. With this option enabled, events for these temporary files are ignored. + +Click **Next**. + +![Configure Basic Options page for Windows](/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionswindows.webp) + +**Step 6 –** On the Configure Basic Options page, choose which settings to enable. The “Log files” +are the activity logs created by the activity agent on the target host. Select the desired options: + +- Report Account Names – Adds an Account Name column in the generated TSV files +- Report UNC paths – Adds a UNC Path column and a Rename UNC Path column in the generated TSV files + - This option corresponds to the REPORT_UNC_PATH parameter in the INI file. It is disabled by + default. The UNC Path is in the following format: + - For CIFS activity – `\\[HOST]\[SHARE]\[PATH]` + - Example CIFS activity – `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - When the option is enabled, the added columns are populated when a file is accessed remotely + through the UNC Path. If a file is accessed locally, these columns are empty. These columns + have also been added as Syslog macros. +- Report operations with millisecond precision – Changes the timestamps of events being recorded in + the TSV log file for better ordering of events if multiple events occur within the same second + +Click **Next**. + +![Where to log activity page](/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp) + +**Step 7 –** On the Where To Log The Activity page, select whether to send the activity to either a +**Log File** or **Syslog Server**. Click **Next**. + +![File Output page](/images/activitymonitor/9.0/admin/monitoredhosts/add/fileouputpage.webp) + +**Step 8 –** If **Log File** is selected on the **Where To Log The Activity** page, the **File +Output** page can be configured. + +- Specify output file path – Specify the file path where log files are saved. Click the ellipses + button (**...**) to open the Windows Explorer to navigate to a folder destination. Click **Test** + to test if the path works. +- Period to keep Log files – Log files will be deleted after the period entered number of days + entered. The default is 10 days. Use the dropdown to specify whether to keep the Log files for a + set amount of Minutes, Hours, or Days. +- This log file is for Access Analyzer – Enable this option to have Access Analyzer collect this + monitored host configuration + + :::info + Identify the configuration to be read by Access Analyzer when integration is + available. + ::: + + + - While Activity Monitor can have multiple configurations per host, Access Analyzer can only + read one of them. + +Click **Next**. + +![Syslog Output page](/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp) + +**Step 9 –** If Syslog Server is selected on the **Where To Log The Activity** page, the Syslog +Output page can be configured. + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. The Event stream is the activity + being monitored according to this configuration for the monitored host. +- Syslog Protocol – Identify the **Syslog protocol** to be used for the Event stream. The drop-down + menu includes: + + - UDP + - TCP + - TLS + + The TCP and TLS protocols add the Message framing drop-down menu. See the + [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +- The Test button sends a test message to the Syslog server to check the connection. A green check + mark or red will determine whether the test message has been sent or failed to send. Messages vary + by Syslog protocol: + + - UDP – Sends a test message and does not verify connection + - TCP/TLS – Sends test message and verifies connection + - TLS – Shows error if TLS handshake fails + + See the [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md) topic for additional information. + +Click **Finish**. + +![Activity Monitor with Windows Host added](/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorwindows.webp) + +The added Windows file server host is displayed in the monitored hosts/services table. Once a host has been +added for monitoring, configure the desired outputs. See the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for additional information. + +## Host Properties for Windows File Server + +Configuration settings can be edited through the tabs in the host’s Properties window. The +configurable host properties are: + +- [Windows Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/windows.md) +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) + +See the [Host Properties Window](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/output/_category_.json b/docs/activitymonitor/9.0/admin/monitoredhosts/output/_category_.json new file mode 100644 index 0000000000..70c4d56051 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/output/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Output for Monitored Hosts", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "output" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/output/filetsv.md b/docs/activitymonitor/9.0/admin/monitoredhosts/output/filetsv.md new file mode 100644 index 0000000000..5845383b96 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/output/filetsv.md @@ -0,0 +1,46 @@ +--- +title: "File TSV Log File" +description: "File TSV Log File" +sidebar_position: 10 +--- + +# File TSV Log File + +The following information lists all of the columns generated by File Activity Monitor into a TSV log +file, along with descriptions. + +| Column Name(s) | Description | +| ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Operation Time | Date timestamp of the event in UTC time Column format is dependent on "Report Operations with millisecond precision" option | +| Host | Host name of the monitored device | +| User Sid/Uid | Unique identifier for the File System user: - For CIFS activity – user SID - For NFS activity – UID | +| Operation Type | Type of operation for each event. Reports the following operations: - Add - Delete (Del) - Rename (Ren) - Network Share (SHARE) - Permission Change (Per) - Read (Rea) - Symlink or hardlink (LINK) - Update (Upd) | +| Object Type | The type of object that was affected. Reports events for the following object types: - Folder (FOLD) - File (FILE) - Unknown (UNK) | +| Path | The Path where the event took place. - For Windows – If a path starts with “VSS:” then it is a shadow copy creation event. For example, “VSS:C” is a shadow copy creation of volume C. | +| Rename Path | New name of the path if a rename event occurs | +| Process or IP | Indicates the source of the activity event: - For local Windows activity – Process name (e.g. notepad.exe) - For network Windows activity – IP Address of the user - For NAS device activity – IP Address for the NAS device of the user | +| 1) Sub-Operation 2) Old Attributes 3) New Attributes | Windows hosts only. These columns are filled with details about: - Permission changes (the “Per” operation type) - Attribute Changes (the “Upd” operation type) - Read events from VSS shadow copies See the Sub-Operation, Old Attributes, and New Attributes Table section for additional details. | +| User Name | Username in NTAccount format. This column is dependent upon the “Report account names” option. | +| Protocol | Protocol of the event, i.e. CIFS, NFS, or VSS | +| 1) UNC 2) Rename UNC Path | Network paths of remote activity. These columns are dependent upon the “Report UNC paths” option. - For CIFS activity – Reported with the following format \\[SERVER]\[SHARE]\Folder\File.txt - For NFS activity – Reported with the following format[SERVER]:/[VOLUME]/Folder/File.txt | +| Volume ID | ID of the volume where the event occurred | +| Share Name | Share name where the event occurred. This column is dependent upon the “Report UNC paths” option. | +| Protocol Version | NetApp Data ONTAP Cluster-Mode devices only. Protocol version of the event, i.e. CIFS or NFS. The following values are potentially reported: - For CIFS activity – 1.0, 2.0, 2.1, 3.0, 3.1 - For NFS activity – 2, 3, 4, 4.1, 4.2 | +| **File Size** | Size of File | +| **Tags** | _(Windows hosts only)_ Contains 'Copy' for read events that are probably file copies | +| Group ID | _Linux hosts only_ Unique identifier for the File System Group (GID) | +| Group Name | _Linux hosts only_ Name of the File System Group (GID) | +| Process ID | Linux hosts only Name of the File System Group (GID) | + +## Sub-Operation, Old Attributes, and New Attributes Table + +The following table lists details for Sub-Operation, Old Attributes, and New Attributes according to +File Operation. + +| File Operation | Sub-Operation | Old Attributes | New Attributes | +| ------------------------------- | ------------- | --------------------------------------------------------------------- | ---------------------------------------------- | +| Owner was changed | Own | Old owner in SDDL format | New owner in SDDL format | +| Permissions were changed (DACL) | Dac | Old DACL in SDDL format | New DACL in SDDL format | +| Audit was changed (SACL) | Sac | Old SACL in SDDL format | New SACL in SDDL format | +| File attributes were changed | Att | Old attributes as a hexadecimal number (0xNNN) | New attributes as a hexadecimal number (0xNNN) | +| File is read from a shadow copy | VSS | Shadow copy creation time in YYYYMMDDThhmmss format (20180905T123456) | | diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/output/linuxtsv.md b/docs/activitymonitor/9.0/admin/monitoredhosts/output/linuxtsv.md new file mode 100644 index 0000000000..ec8b706a86 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/output/linuxtsv.md @@ -0,0 +1,33 @@ +--- +title: "Linux TSV Log File" +description: "Linux TSV Log File" +sidebar_position: 20 +--- + +# Linux TSV Log File + +The following information lists all of the columns generated by Linux Activity Monitor into a TSV +log file, along with descriptions. + +| | | +| ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Operation Time | Date timestamp of the event in UTC time Column format is dependent on "Report Operations with millisecond precision" option | +| Host | Host name of the monitored device | +| User Sid/Uid | Unique identifier for the File System user: - For CIFS activity – user SID - For NFS activity – UID | +| Operation Type | Type of operation for each event. Reports the following operations: - Add - Delete (Del) - Rename (Ren) - Network Share (SHARE) - Permission Change (Per) - Read (Rea) - Symlink or hardlink (LINK) - Update (Upd) | +| Object Type | The type of object that was affected. Reports events for the following object types: - Folder (FOLD) - File (FILE) - Unknown (UNK) | +| Path | The Path where the event took place. - For Windows – If a path starts with “VSS:” then it is a shadow copy creation event. For example, “VSS:C” is a shadow copy creation of volume C. | +| Rename Path | New name of the path if a rename event occurs | +| Process or IP | Indicates the source of the activity event: - For Local activity – Process name (e.g. notepad.exe) - For Remote network activity – IP Address of the user | +| 1) Sub-Operation 2) Old Attributes 3) New Attributes | Windows hosts only. These columns are filled with details about: - Permission changes (the “Per” operation type) - Attribute Changes (the “Upd” operation type) - Read events from VSS shadow copies See the Sub-Operation, Old Attributes, and New Attributes Table section for additional details. | +| User Name | Username in NTAccount format. This column is dependent upon the “Report account names” option. | +| Protocol | Protocol of the event, i.e. CIFS, NFS, or VSS | +| 1) UNC 2) Rename UNC Path | Network paths of remote activity. These columns are dependent upon the “Report UNC paths” option. - For CIFS activity – Reported with the following format \\[SERVER]\[SHARE]\Folder\File.txt - For NFS activity – Reported with the following format[SERVER]:/[VOLUME]/Folder/File.txt | +| Volume ID | ID of the volume where the event occurred | +| Share Name | Share name where the event occurred. This column is dependent upon the “Report UNC paths” option. | +| Protocol Version | NetApp Data ONTAP Cluster-Mode devices only. Protocol version of the event, i.e. CIFS or NFS. The following values are potentially reported: - For CIFS activity – 1.0, 2.0, 2.1, 3.0, 3.1 - For NFS activity – 2, 3, 4, 4.1, 4.2 | +| File Size | Size of File | +| Tags | Windows hosts only Contains 'Copy' for read events that are probably file copies | +| Group ID | Linux hosts only Unique identifier for the File System Group (GID). | +| Group Name | Linux hosts only Name of the File System Group (GID). | +| Process ID | Linux hosts only Name of the File System Group (GID). | diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md b/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md new file mode 100644 index 0000000000..0eb06a7223 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md @@ -0,0 +1,54 @@ +--- +title: "Output for Monitored Hosts/Services" +description: "Output for Monitored Hosts/Services" +sidebar_position: 30 +--- + +# Output for Monitored Hosts/Services + +Once a host is being monitored the event stream can be sent to multiple outputs. + +![Output Properties Overview](/images/activitymonitor/9.0/admin/monitoredhosts/outputpropertiesoverview.webp) + +Configured outputs are grouped under the host. You can have multiple outputs configured for a host. +The host event outputs are: + +- File – Creates an activity log as a TSV or JSON file for every day of activity +- Syslog – Sends activity events to the configured SIEM server or Netwrix Threat Manager, where + supported + +## Add File Output + +Follow the steps to add a File output. + +**Step 1 –** On the Monitored Hosts & Services tab, select the desired host and click **Add Output**. + +**Step 2 –** Select **File** from the drop-down menu. The Add New Output window opens. + +![addnewoutputfile](/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputfile.webp) + +**Step 3 –** Configure the tab(s) as desired. + +**Step 4 –** Click **Add Output** to save your settings. The Add New Output window closes. + +The new output displays in the table. Click the **Edit** button to open the Output properties window +to modify these settings. See the [Output Types](/docs/activitymonitor/9.0/admin/outputs/overview.md) topic for additional +information. + +## Add Syslog Output + +Follow the steps to add a Syslog output. + +**Step 1 –** On the Monitored Hosts & Services tab, select the desired host and click **Add Output**. + +**Step 2 –** Select **Syslog** from the drop-down menu. The Add New Output window opens. + +![addnewoutputsyslog](/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputsyslog.webp) + +**Step 3 –** Configure the tab(s) as desired. + +**Step 4 –** Click **Add Output** to save your settings. The Add New Output window closes. + +The new output displays in the table. Click the **Edit** button to open the Output properties window +to modify these settings. See the [Output Types](/docs/activitymonitor/9.0/admin/outputs/overview.md) topic for additional +information. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/output/sharepointjson.md b/docs/activitymonitor/9.0/admin/monitoredhosts/output/sharepointjson.md new file mode 100644 index 0000000000..212b8af530 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/output/sharepointjson.md @@ -0,0 +1,54 @@ +--- +title: "SharePoint JSON Log File" +description: "SharePoint JSON Log File" +sidebar_position: 30 +--- + +# SharePoint JSON Log File + +The JSON log file format is used to send SharePoint activity monitoring data to Access Analyzer +v10.0 consoles. The following information lists all of the attributes generated by SharePoint +Activity Monitor into a JSON log file: + +| Attribute Name | Description | Example | +| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | +| TimeLogged | DateTime/ string | 2019-03-14T18:13:39.00Z | +| ActivityType | Constant “SharePoint” | SharePoint | +| AgentHost | Host name where agent is installed | sphost | +| UserSid | User SID who caused the event | S-1-0-0 | +| UserName | User Name who caused the event | System Account | +| UserID | ID of the user who caused the event | 1073741823 | +| UserLogin | User Login who caused the event | SHAREPOINT\system | +| Protocol | Protocol: HTTP / HTTPS.. | HTTP | +| AbsoluteUrl | Full Url: SiteUrl + DocLocation | http://sphost/Lists/Comments/1\_.000 | +| WebApplication | Web application name | SharePoint – 80 | +| SiteId | Site Id (guid) | 7b2c8d23-a74f-4c3c-985d-2c7facb5ebae | +| SiteUrl | Site Url | http://sphost/sites/mysite | +| WebTitle | Web title | my site | +| DocLocation | Location of an audited object at the time of the audited event | Lists/Comments/1\_.000 | +| ItemId | A Guid that the object whose event is represented by the entry | 2c4174dc-322d-47bc-a420-52968fc3ba6c | +| ItemTitle | Title of the object | Welcome to my blog! | +| ItemType | Type of the object: Document / ListItem / List / Folder / Web / Site | ListItem | +| EventType | An SPAuditEventType that represents the type of event | Update | +| EventSource | A value that indicates whether the event occurred as a result of user action in the SharePoint Foundation user interface (UI) or programmatically. Values: SharePoint / ObjectModel | SharePoint | +| LocationType | Specifies the actual location of a document in a SharePoint document library: Invalid, Url, ClientLocation | Url | +| AppPrincipalId | The ID of the app principal who caused the event. If the value of EventSource is ObjectModel, thenAppPrincipalId holds the ID of the app principal whose context the code that caused the event was running. If there is no app context, the AppPrincipalId is null. | 0 | +| SourceName | The name of the application that caused the event | `` | +| RawEventData | A String that holds XML markup providing data that is specific to the type of event that the entry object represents. | `06C49477-0498-4858-900C-45B595337462 MyDocs/myfile.zip` marker for the list-like settings. Leave +the `<-Different-Values->` marker to preserve the difference in each selected object, or delete it +to remove all divergent elements. When the window closes, only changed properties are saved to all +selected objects, leaving unchanged properties untouched. + +## Table + +The monitored hosts/services table provides the following information: + +- State — State of the monitored host. The two states are Enabled and Disabled. +- Monitored Host – Name or IP Address of the host being monitored +- Report As — How the Monitored Host is being reported as. This can be customized in the host's + properties. +- Details — Displays additional details about the monitored host, such as the Platform and the Log + Path. +- Agent – Name or IP Address of the server where the activity agent is deployed +- Retention – Number of days for which the activity log files are retained +- Log Size – Size of the activity log files +- Status – Indicates the status of activity monitoring for the host. See the Error Propagation topic + for additional information. +- Received Events – Timestamp of the last event received +- Comment – Comment provided by user: + - Often this indicates the desired output, e.g. Access Analyzer. + - This can be useful if adding the same monitored host multiple times with different + configurations for different outputs. + - If a Activity Monitor Agent has been deployed to a Windows server where an activity agent is + deployed, then the Comment identifies the host as "Managed by Activity Monitor", and that + 'monitored host' is not editable. Add the host again for other outputs. + +Hosts can have more than one output. To view a host's outputs, expand the host by clicking the white +arrow to the left of the Monitored Host name. + +For integration with Netwrix Access Analyzer, only one configuration +of a 'monitored host' can be set as the Netwrix Access Analyzer +output. After a 'monitored host' has been added, use the Edit feature to identify the configuration +as being for Netwrix Access Analyzer on the Log Files tab of the +host's Properties window. See the [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md) topic for additional +information. + +## Monitoring Status + +The Status collapsible section located above the Status Bar of the Activity Monitor provides +visibility into a host's monitoring state and history of state changes. Host monitoring status is +depicted in the Monitored Hosts & Services table under the Status column. Users can expand the Status section +to view more information on various status conditions. + +![errorpropogationpopulated](/images/activitymonitor/9.0/admin/monitoredhosts/errorpropogationpopulated.webp) + +Click the **Down Arrow** to expand the Status section. The information listed is dependent on which +host or output is currently selected in the Monitored Hosts & Services table. Users can find information on the +**Current State** of a host, as well as viewing a history of changes in state. + +The possible statuses depend on the type of hosts being monitored. What is common is that the status +can help identify a problem and provide a possible workaround. The following sections provide more +information about device-specific states. + +### Linux Monitoring Status + +For file activity monitoring on Linux, Activity Monitor relies on **auditd** component of the Linux +Auditing System. One of the features of auditd is the immutable mode, which locks the audit +configuration and protects it from being changed. When the immutable mode is enabled, the only way +to change the auditing configuration is to reboot the server. + +Activity Monitor supports the immutable mode. It compares the current auditd configuration with the +desired one. If they differ and the immutable mode is enabled, the product displays a warning in the +status section that a server restart is required. After the reboot, the changes take effect and the +immutable mode is enabled. + +### Qumulo Monitoring Status + +The **No connections from Qumulo clusters** error may be displayed in the status section. This error +indicates that the Qumulo nodes have not yet connected to the agent. This can happen either because +an incorrect address or port is specified in the Audit page of the Qumulo Web Interface, or because +the port (4496 by default) is blocked by a firewall. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/_category_.json b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/_category_.json new file mode 100644 index 0000000000..f7ab5883da --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Host Properties Window", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/auditing.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/auditing.md new file mode 100644 index 0000000000..cb8b0937ce --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/auditing.md @@ -0,0 +1,29 @@ +--- +title: "Auditing Tab" +description: "Auditing Tab" +sidebar_position: 10 +--- + +# Auditing Tab + +The Auditing tab allows users to modify to modify the Isilon Options setting which was populated +with the information entered when the Dell Isilon host is added to the Monitored Hosts & Services list. + +![Auditing Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/auditingtab.webp) + +The **Enable Protocol Access Auditing in OneFS if it is disabled** box allows the activity agent to +automatically enable and configure auditing on the Isilon cluster. If a manual configuration has +been completed, do not enable these options. This option requires credentials for an Administrator +account on the Dell Isilon device and click Connect. + +If the connection is successful, discovered access zones appear in the **Available** box. By +default, all available access zones are monitored. To monitor specific access zones, use the arrow +buttons to move access zones to the **Monitored** box. All activity for this configuration for the +host is collected and placed in a single activity log file per day. This is the supported option for +integration with StealthAUDIT, which requires all access zones to be monitored from a single +configuration. + +To have one activity log file per access zone, create multiple output configurations for the Dell +Isilon device. Add one access zone to each configuration of the monitored host. When adding an +Isilon host for each access zone, the Dell device name will be the same for each configuration, but +the **CIFS/NFS server name** must have a unique value. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md new file mode 100644 index 0000000000..2a82598be2 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md @@ -0,0 +1,28 @@ +--- +title: "Connection Tab" +description: "Connection Tab" +sidebar_position: 20 +--- + +# Connection Tab + +Once a host is added to the monitored hosts/services table, the configuration settings are edited through the +tabs in the host’s Properties window. The Connection tab on a host’s Properties window is specific +to Microsoft Entra ID (formerly Azure AD), Exchange Online, and SharePoint Online hosts. + +![Conneciton Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/azure.webp) + +Configure App Registration information for a Microsoft Entra ID host in the Connection Tab of the +host's Properties window. Click **Open instructions...** for steps on registering the +Activity Monitor. Click **Sign out** to sign out of the Azure account. + +The options that can be configured on the Connection Tab are: + +- Domain +- Azure Cloud +- Tenant ID +- Client ID +- Client Secret +- Region + +Click **OK** to apply changes and exit, or **Cancel** to exit without saving any changes. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md new file mode 100644 index 0000000000..9ad6e090c6 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md @@ -0,0 +1,16 @@ +--- +title: "Dell Tab" +description: "Dell Tab" +sidebar_position: 30 +--- + +# Dell Tab + +The Dell tab on a host’s Properties window displays the Dell Celerra/VNX, Dell Isilon/PowerScale, +Dell PowerStore, or Dell Unity host to be monitored for activity and any host aliases. This tab is +populated with the information entered when the Dell host is added to the monitored hosts/services table. If +desired, specify a different device to be monitored for activity. + +![Dell Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/emctabemcvnxcelerra.webp) + +If changes are made to these configuration options, click **OK** to save the changes. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicy.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicy.md new file mode 100644 index 0000000000..d55811dd54 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicy.md @@ -0,0 +1,73 @@ +--- +title: "FPolicy Tab" +description: "FPolicy Tab" +sidebar_position: 40 +--- + +# FPolicy Tab + +The FPolicy tab allows users to modify FPolicy settings for NetApp devices, privileged access, and +enabling/connecting to cluster nodes. + +![FPolicy Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicytab.webp) + +On the **FPolicy** tab, the agent can configure and/or enable FPolicy automatically. The recommended +setting is dependent on the type of NetApp device being targeted. The permissions required for each +option are listed. See the +[NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/ontap7-activity.md) +topic or the +[NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/ontap-cluster-activity.md) +topic for additional information. + +At the bottom are two additional tabs with setting options. On this tab, specify the protocols to +monitor by selecting the radio buttons. + +## Privileged Access Tab + +![Privileged Access section in the FPolicy Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/privilegedaccess.webp) + +The Privileged Access tab is enabled when the Configure FPolicy checkbox is selected at the top. The +Privileged Access tab must be configured if automatic configuration of the FPolicy for NetApp Data +ONTAP Cluster-Mode devices is used. See the +[Configure Privileged Access](/docs/activitymonitor/9.0/admin/monitoredhosts/add/netapp.md#configure-privileged-access) topic for additional +information. + +## Enable and Connect settings Tab + +![Enable and Connect Settings - FPolicy Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettings.webp) + +The Enable and Connect settings tab is enabled when the Enable and connect FPolicy checkbox is +selected. + +:::note +Adding nodes are not needed if set user is using a role that has Network Interface +permissions. +::: + + +![Add or Edit Cluster Node popup window](/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsaddoreditclusternode.webp) + +Add a list of cluster nodes to connect to FPolicy by clicking Add, which opens the Add or Edit +Cluster Node window. Enter at least one cluster node in the textbox. Separate multiple nodes with +either commas (,), semicolons (;), or spaces. Click OK and the node(s) is displayed in the **Node +name** list. + +![Connect to Cluster popup window](/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsconnecttocluster.webp) + +Click Discover to open the Connect to cluster window and retrieve nodes from the cluster. + +Specify the Cluster-management LIF and then enter user credentials which will be used to retrieve a +list of the cluster nodes. This credential must have at least read-only rights to run the system +node show command on the cluster. Click Get Nodes. If a successful connection is not achieved, the +message indicates the error. If a successful connection is achieved, the message indicates how many +cluster nodes were discovered. Click OK and all discovered nodes are displayed in the **Node name** +list. + +Use the Remove button to remove the selected node from the list. + +## Resources Required for NetApp Monitoring + +Each individual NetApp filer being monitored impacts local system resources and requires disk space. +These vary based on configuration settings chosen along with user activity. Average FPolicy and +associated Logging service resource consumption may be around 2% CPU usage and 10 MB of RAM. Average +disk space required per daily activity log file retained locally may be around 300 MB per filer. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/hitachinas.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/hitachinas.md new file mode 100644 index 0000000000..b4a8669b30 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/hitachinas.md @@ -0,0 +1,17 @@ +--- +title: "Hitachi NAS Tab" +description: "Hitachi NAS Tab" +sidebar_position: 50 +--- + +# Hitachi NAS Tab + +Once a Hitachi host is added to the monitored hosts/services table, the configuration settings are edited +through the tabs in the host’s Properties window. The Hitachi NAS tab on a host’s Properties window +is specific to Hitachi hosts. + +![Host Properties - Hitachi Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/hitachihostproperties.webp) + +The Hitachi NAS tab allows users to modify settings that were populated with the information entered +when the Hitachi host was added. Additionally, the Path pooling interval can be configured. The Path +pooling interval is set to 15 seconds by default. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md new file mode 100644 index 0000000000..58714f76cb --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md @@ -0,0 +1,61 @@ +--- +title: "Inactivity Alerts Tab" +description: "Inactivity Alerts Tab" +sidebar_position: 60 +--- + +# Inactivity Alerts Tab + +The Inactivity Alerts tab on a host's Properties window is used to configure alerts that are sent +when monitored hosts/services receive no events for a specified period of time. + +![inactivityalertstab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalertstab.webp) + +The configurable options are: + +- Customize inactivity alerting for this host. Otherwise, the agent's settings will be used – Check + this box to enable customization of alert settings for the Monitored Host/Service +- Enable inactivity alerting for this host – Check this box to enable inactivity alerts for the host. +- Length of inactivity – Specify how much time must pass before an inactivity alert is sent out. The + default is **6 hours**. +- Repeat an alert every – Specify how often an alert is sent out during periods of inactivity. The + default is **6 hours**. + +## Syslog Alerts Tab + +Configure Syslog alerts using the Syslog Alerts Tab. + +![Syslog Alerts Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/syslogalertstab.webp) + +The configurable options are: + +- Syslog server in SERVER[:PORT] format – Type the **Syslog server name** with a SERVER:Port format + in the textbox. +- Syslog protocol – Identify the Syslog protocol to be used for the alerts + + - UDP + - TCP + - TLS + +- Syslog message template – Click the ellipsis (…) to open the Syslog Message Template window. + +## Email Alerts Tab + +Configure Email alerts using the Email Alerts Tab. + +![Email Alerts Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/emailalertstab.webp) + +The configurable options are: + +- SMTP server in SERVER[:PORT] format – Enter the SMTP server for the email alerts + + - Enable TLS – Check the box to enable TLS encryption + +- User name – *(Optional)* User name for the email alert +- User password – *(Optional)* Password for the username +- From email address – Email address that the alert is sent from +- To email address – Email address that the alert is sent to +- Message subject – Subject line used for the email alert. Click the ellipses (...) to open the + **Message Template** window. +- Message body – Body of the message used for the email alert. Click the ellipses (...) to open the + **Message Template** window. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/logontrigger.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/logontrigger.md new file mode 100644 index 0000000000..88a3419986 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/logontrigger.md @@ -0,0 +1,16 @@ +--- +title: "Logon Trigger Tab" +description: "Logon Trigger Tab" +sidebar_position: 70 +--- + +# Logon Trigger Tab + +The Logon trigger tab on a SQL Server host's properties window is used to configure logon triggers +for SQL activity monitoring. + +![logontriggertab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/logontriggertab.webp) + +Copy and paste the SQL Script into a SQL query and execute to enable the Activity Monitor to obtain +IP addresses of client connections. Click **Check Status** to check if the trigger is properly +configured on the SQL server. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlserver.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlserver.md new file mode 100644 index 0000000000..024f263802 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlserver.md @@ -0,0 +1,27 @@ +--- +title: "MS SQL Server Tab" +description: "MS SQL Server Tab" +sidebar_position: 80 +--- + +# MS SQL Server Tab + +The MS SQL Server tab on SQL Server host's properties window is used to configure properties for +SQL activity monitoring on the host. + +![MS SQL Server Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlservertab.webp) + +The configurable options are: + +- Enable Trace automatically — Check the box to enable the activity monitor to enable Trace + automatically if it is disabled +- Audit polling interval — Configure the interval between audits. The default is **15 seconds**. +- Open instruction... — Click **Open Instruction...** to view steps on how to create a login for + SQL monitoring + + - Certain permissions are required to create a login for SQL monitoring. See the + +- Server name\instance — Server name\instance of the SQL Server to be monitored +- User name — User for the SQL Server +- User password — Password for the SQL Server +- Connect — Click **Connect** to test the settings diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nasuni.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nasuni.md new file mode 100644 index 0000000000..ef629472fe --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nasuni.md @@ -0,0 +1,38 @@ +--- +title: "Nasuni Tab" +description: "Nasuni Tab" +sidebar_position: 90 +--- + +# Nasuni Tab + +After a Nasuni host is added to the monitored hosts/services table, the configuration settings are edited +using the tabs in the Properties window of the host. + +![Nasuni Host Properties - Nasuni Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/nasunitab.webp) + +The **Nasuni** tab allows users to modify settings which were populated with the information entered +when the Nasuni host was added. + +The configurable options are: + +- Nasuni Filer – Enter the name of the filer +- Username – Enter the user name for the Nasuni account +- Password – Enter the password for the user name +- Protocol – Select from the following options in the drop-down list: + + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors + +- Connect – Click to connect using the selected protocol and validate the connection with Nasuni + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp)- +HTTPS Options – Opens the Trusted server certificate window to customize the certificate +verification during a TLS session + +- Import – Click to browse for a trusted server certificate +- Remove – Click to remove the selected trusted server certificate +- Enable hostname verification – Select this checkbox to ensure that the host name the product + connects and matches the name in the certificate (CN name) +- Click **OK** to close the window and save the modifications. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/netapp.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/netapp.md new file mode 100644 index 0000000000..b9a2524fa0 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/netapp.md @@ -0,0 +1,32 @@ +--- +title: "NetApp Tab" +description: "NetApp Tab" +sidebar_position: 100 +--- + +# NetApp Tab + +The NetApp tab on a host’s Properties window allows users to modify settings, which are populated +with the information entered when the NetApp host is added to the monitored hosts/services table. + +![Host Properties NetApp Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/netapptab.webp) + +Modify the targeted NetApp device by specifying a NetApp device to be monitored for activity and +credentials to access it with the Data ONTAP API. + +- Protocol – Select from the following options in the drop-down list: + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors + - HTTP +- Connect – Click to connect using the selected protocol and validate the connection with NetApp + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp)- +HTTPS Options – Opens the Trusted server certificate window to customize the certificate +verification during a TLS session + +- Import – Click to browse for a trusted server certificate +- Remove – Click to remove the selected trusted server certificate +- Enable hostname verification – Select this checkbox to ensure that the host name the product + connects and matches the name in the certificate (CN name) +- Click **OK** to close the window and save the modifications. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nutanix.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nutanix.md new file mode 100644 index 0000000000..63fdbfdd61 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nutanix.md @@ -0,0 +1,43 @@ +--- +title: "Nutanix Tab" +description: "Nutanix Tab" +sidebar_position: 110 +--- + +# Nutanix Tab + +The Nutanix tab allows users to modify settings after a Nutanix host has been configured. Once a +Nutanix host is added to the monitored hosts/services table, the configuration can be edited in the host +Properties. + +![Nutanix Host Properties](/images/activitymonitor/9.0/admin/monitoredhosts/properties/nutanixhostprop01.webp) + +The configurable options are: + +- Nutanix Filer – Enter the name of the filer +- Username – Enter the user name for the Nutanix account with REST API access +- Password – Enter the password for the user name +- Protocol – Select a protocol for the REST API access from the drop-down menu: + + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors + +- Connect – Click to connect using the selected protocol and validate the connection with Nutanix + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp) + +- HTTPS Options – Opens the Trusted server certificate window to customize the certificate +verification during a TLS session + +- Import – Click to browse for a trusted server certificate +- Remove – Click to remove the selected trusted server certificate +- Enable hostname verification – Select this checkbox to ensure that the host name the product + connects and matches the name in the certificate (CN name) +- Click **OK** to close the window and save the modifications. + +:::note +Nutanix Files does not report events for activity originating from a server where the +Activity Monitor Agent is installed. + +::: diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md new file mode 100644 index 0000000000..aac4c08b70 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/overview.md @@ -0,0 +1,34 @@ +--- +title: "Host Properties Window" +description: "Host Properties Window" +sidebar_position: 20 +--- + +# Host Properties Window + +Once a host has been added to the Monitored Hosts & Services list, the configuration settings can be modified +through the host’s Properties window. + +![Activity Monitor with Edit button identified ](/images/activitymonitor/9.0/admin/monitoredhosts/properties/hostpropertiesoverview.webp) + +On the Monitored Hosts tab, select the host and click Edit, or right-click on a host and select +**Edit Host** from the right-click menu, to open the host’s Properties window. The tabs vary based +on the type of host selected: + +- [Auditing Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/auditing.md) — Dell Isilon/PowerScale devices only +- [Connection Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/connection.md) — Microsoft Entra ID, Exchange Online, and SharePoint Online only +- [Dell Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/dell.md) — Dell devices only +- [FPolicy Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicy.md) — NetApp devices only +- [Hitachi NAS Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/hitachinas.md) — Hitachi NAS devices only +- [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) +- [Logon Trigger Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/logontrigger.md) — SQL Server hosts only +- [MS SQL Server Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlserver.md) — SQL Server hosts only +- [Nasuni Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nasuni.md) — Nasuni Edge Appliances only +- [NetApp Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/netapp.md) — NetApp devices only +- [Nutanix Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nutanix.md) — Nutanix devices only +- [Panzura Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/panzura.md) — Panzura devices only +- [Qumulo Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/qumulo.md) — Qumulo devices only +- [SharePoint Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/sharepoint.md) — SharePoint only +- [Tweak Options Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptions.md) — SQL Server hosts only +- [Unix IDs Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md) — NetApp devices, Dell devices, and Nasuni Edge Appliances only +- [Windows Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/windows.md) — Windows hosts only diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/panzura.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/panzura.md new file mode 100644 index 0000000000..cd9b0d2dbc --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/panzura.md @@ -0,0 +1,38 @@ +--- +title: "Panzura Tab" +description: "Panzura Tab" +sidebar_position: 120 +--- + +# Panzura Tab + +After a Panzura host is added to the monitored hosts/services table, the configuration settings are edited +using the tabs in the Properties window of the host. + +![panzuratab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/panzuratab.webp) + +The **Panzura** tab allows users to modify settings which were populated with the information +entered when the Panzura host was added. + +The configurable options are: + +- Panzura Filer – Enter the name of the filer +- Username – Enter the user name for the Panzura account +- Password – Enter the password for the user name +- Protocol – Select from the following options in the drop-down list: + + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors + +- Connect – Click to connect using the selected protocol and validate the connection with Panzura + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp)- +HTTPS Options – Opens the Trusted server certificate window to customize the certificate +verification during a TLS session + +- Import – Click to browse for a trusted server certificate +- Remove – Click to remove the selected trusted server certificate +- Enable hostname verification – Select this checkbox to ensure that the host name the product + connects and matches the name in the certificate (CN name) +- Click **OK** to close the window and save the modifications. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/qumulo.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/qumulo.md new file mode 100644 index 0000000000..abde3b5a15 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/qumulo.md @@ -0,0 +1,36 @@ +--- +title: "Qumulo Tab" +description: "Qumulo Tab" +sidebar_position: 130 +--- + +# Qumulo Tab + +The Qumulo tab allows users to modify settings after a Qumulo host has been configured. Once a +Qumulo host is added to the monitored hosts/services table, the configuration can be edited in the host +Properties. + +![Qumulo Host Properties](/images/activitymonitor/9.0/admin/monitoredhosts/properties/qumulohostproperties.webp) + +The configurable options are: + +- Cluster name – Enter the name of the filer +- Username – Enter the user name for the Qumulo user +- Password – Enter the password for the user name +- Protocol – Select one of the following protocols from the drop-down menu: + + - Auto Detect + - HTTPS + - HTTPS, ignore certificate errors + +- Connect – Click to connect using the selected protocol and validate the connection with Qumulo + +![Trusted Server Certificate popup window](/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp)- +HTTPS Options – Opens the Trusted server certificate window to customize the certificate +verification during a TLS session + +- Import – Click to browse for a trusted server certificate +- Remove – Click to remove the selected trusted server certificate +- Enable hostname verification – Select this checkbox to ensure that the host name the product + connects and matches the name in the certificate (CN name) +- Click **OK** to close the window and save the modifications. diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/sharepoint.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/sharepoint.md new file mode 100644 index 0000000000..aba47f2739 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/sharepoint.md @@ -0,0 +1,32 @@ +--- +title: "SharePoint Tab" +description: "SharePoint Tab" +sidebar_position: 140 +--- + +# SharePoint Tab + +The SharePoint tab on a host’s Properties window allows users to modify settings that are populated +with the information entered when the SharePoint host is added. + +![SharePoint Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/sharepointtab.webp) + +The configurable options are: + +- Enable auditing on selected site collections - Check the box to enable auditing on selected site + collections. Enabling this option will ensure that auditing is enabled for all monitored site + collections with periodic checks. +- Choose to audit all sites or scope the monitoring to specific site(s): + + - Audit all sites – Leave textbox for URLs blank + - Scope to specific sites – List URLs for sites to be monitored in the textbox. List should be + semicolon separated. For example: + +**http://sharepoint.local/sites/marketing; http://sharepoint.local/sites/personal/user1** + +- Audit polling interval – Select the interval for how often the activity agent will request new + events from SharePoint. Number of seconds between polling request, set to 15 seconds by default +- User name - Enter the user name for the domain account with local admin permissions +- User password - Enter the password for the user name + +- Connect – Click Connect to validate the connection with SharePoint diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptions.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptions.md new file mode 100644 index 0000000000..d0ae6d2035 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptions.md @@ -0,0 +1,12 @@ +--- +title: "Tweak Options Tab" +description: "Tweak Options Tab" +sidebar_position: 150 +--- + +# Tweak Options Tab + +The Tweak Options tab on a SQL Server host's properties window is used to configure extended events +operations for SQL activity monitoring. + +![Tweak Options Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptionstab.webp) diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md new file mode 100644 index 0000000000..2c2dfc3f86 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/unixids.md @@ -0,0 +1,30 @@ +--- +title: "Unix IDs Tab" +description: "Unix IDs Tab" +sidebar_position: 160 +--- + +# Unix IDs Tab + +The Unix IDs tab provides configuration options to translate Unix IDs (UID) to SIDs. This tab +applies to NetApp devices, Dell devices, and Nasuni Edge Appliances. + +When activity is performed on an NFS resource, UIDs are returned for that activity event. Depending +on the operating system, the UID can be mapped to Active Directory accounts using the uidNumber +attribute in Active Directory. The activity agent resolves the Active Directory SID based on the UID +from the activity event. + +![Unix ID Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/unixid.webp) + +The options are: + +- Translate Unix IDs to SIDs – Enables all controls on the page +- Search in container (DN) – Default naming context of the agent's domain +- Search scope – Select from the following radio buttons: + - This container and its descendants + - This container only +- Search - Search using the following specifications: + - by an attribute – Specify an LDAP filter. This attribute cannot be empty. + - with a custom filter – Use the %UID% macro for a Unix ID value + - Provide UID for test/Test – Test button performs a search in the specified container with the + scope and the filter, replacing %UID% with 0 for the test diff --git a/docs/activitymonitor/9.0/admin/monitoredhosts/properties/windows.md b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/windows.md new file mode 100644 index 0000000000..97ff0873d2 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/monitoredhosts/properties/windows.md @@ -0,0 +1,14 @@ +--- +title: "Windows Tab" +description: "Windows Tab" +sidebar_position: 170 +--- + +# Windows Tab + +The Windows tab on a host's Properties window is specific to Windows hosts. + +![Host Properties - Windows Tab](/images/activitymonitor/9.0/admin/monitoredhosts/properties/windows.webp) + +Select whether to report the host name as either a **NETBIOS name** or a **Fully qualified domain +name**. The Host Name can be previewed to see how it appears depending on the option selected. diff --git a/docs/activitymonitor/9.0/admin/outputs/_category_.json b/docs/activitymonitor/9.0/admin/outputs/_category_.json new file mode 100644 index 0000000000..79eee1ab1e --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Output Types", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/accountexclusions/_category_.json b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/_category_.json new file mode 100644 index 0000000000..a4c6e98173 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Account Exclusions Tab", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "accountexclusions" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md new file mode 100644 index 0000000000..76954fb874 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md @@ -0,0 +1,182 @@ +--- +title: "Account Exclusions Tab" +description: "Account Exclusions Tab" +sidebar_position: 10 +--- + +# Account Exclusions Tab + +The Account Exclusions tab on an output Properties window is where monitoring scope by account name +can be modified. These settings are initially configured when the output is added. + +Select an output from the Monitored Hosts & Services tab and click **Edit** to open the output Properties +window. The tab varies based on the type of host selected. + +## For Exchange Online Hosts + +The tab contains the following settings: + +![Account Exclusions tab for Exchange Online](/images/activitymonitor/9.0/admin/outputs/accountexclusions_exchangeonline.webp) + +- Add Windows Account – Opens the Specify account or group window to add an account for exclusion. + See the [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for additional + information. +- Add Unix Account – Opens the Specify Unix Account window to add an account for exclusion. See the + [Specify Unix Account Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifyunixaccount.md) topic for additional information. +- Remove – Removes the selected account from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Process group membership when filtering – Indicates if group memberships is processed when + filtering accounts + +The table lists accounts that are being excluded from monitoring, displaying columns for Account +Name and Account Type. By default, no accounts are being excluded. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Linux Hosts + +The tab contains the following settings: + +![linux](/images/activitymonitor/9.0/admin/outputs/linux.webp) + +- Add Windows Account – Opens the Specify account or group window to add an account for exclusion. + See the [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for additional + information. +- Add Unix Account – Opens the Specify Unix Account window to add an account for exclusion. See the + [Specify Unix Account Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifyunixaccount.md) topic for additional information. +- Remove – Removes the selected account from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Process group membership when filtering – Indicates if group memberships is processed when + filtering accounts + +The table lists accounts that are being excluded from monitoring, displaying columns for Account +Name and Account Type. By default, no accounts are being excluded. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For NAS Device Hosts + +The tab contains the following settings: + +![Account Exclusions tab for NAS Hosts](/images/activitymonitor/9.0/admin/outputs/nasdevices.webp) + +- Add Windows Account – Opens the Specify account or group window to add an account for exclusion. + See the [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for additional + information. +- Add Unix Account – Opens the Specify Unix Account window to add an account for exclusion. See the + [Specify Unix Account Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifyunixaccount.md) topic for additional information. +- Remove – Removes the selected account from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Process group membership when filtering – Indicates if group memberships is processed when + filtering accounts + +The table lists accounts that are being excluded from monitoring, displaying columns for Account +Name and Account Type. By default, no accounts are being excluded. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SharePoint Hosts + +The tab contains the following settings: + +![Account Exclusions tab for SharePoint hosts](/images/activitymonitor/9.0/admin/outputs/sharepoint.webp) + +- Add Windows Account – Opens the Specify account or group window to add an account for exclusion. + See the [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for additional + information. +- Add SharePoint Account – Opens the Specify account window to add an account for exclusion. See the + [Specify Account Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysharepointaccount.md) topic for additional information. +- Remove – Removes the selected account from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Process group membership when filtering – Indicates if group memberships is processed when + filtering accounts + +The table lists accounts that are being excluded from monitoring, displaying columns for Account +Name and Account Type. By default, no accounts are being excluded. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SQL Server Hosts + +The tab contains the following settings: + +![sqlhosts](/images/activitymonitor/9.0/admin/outputs/sqlhosts.webp) + +- Add Sql User – Opens the Specify Sql User name window to add an account for exclusion. See the + [Specify Sql User Name Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysqluser.md) topic for additional information. +- Remove – Removes the selected account from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Process group membership when filtering – Indicates if group memberships is processed when + filtering accounts + +The table lists accounts that are being excluded from monitoring, displaying columns for Account +Name and Account Type. By default, no accounts are being excluded. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Windows File Server Hosts + +The tab contains the following settings: + +![Account Exlcusions tab for Windows Hosts](/images/activitymonitor/9.0/admin/outputs/windows.webp) + +- Add Windows Account – Opens the Specify account or group window to add an account for exclusion. + See the [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for additional + information. +- Remove – Removes the selected account from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Process group membership when filtering – Indicates if group memberships is processed when + filtering accounts + +The table lists accounts that are being excluded from monitoring, displaying columns for Account +Name and Account Type. By default, the Windows File Server monitoring is excluding the following +accounts: + +- NT Authority\IUSR +- NT Authority\SYSTEM +- NT Authority\LOCAL SERVICE +- NT Authority\NETWORK SERVICE + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysharepointaccount.md b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysharepointaccount.md new file mode 100644 index 0000000000..0caf42a1e7 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysharepointaccount.md @@ -0,0 +1,23 @@ +--- +title: "Specify Account Window" +description: "Specify Account Window" +sidebar_position: 10 +--- + +# Specify Account Window + +The Specify account window is opened from a field where a SharePoint account is needed. + +![Specify Account popup window](/images/activitymonitor/9.0/admin/outputs/window/sharepointspecifyaccount.webp) + +There are two options for specifying an account: + +- SharePoint System Accounts – Check the boxes for the desired system accounts: SHAREPOINT\system, + -1, S-1-0-0 (Null SID) +- Custom – Enter the account in the textbox. Multiple accounts can be added using a semicolon (;). + + - For System Service Accounts – Enter the SID for system service accounts + - For Local User Accounts – Enter either the user name or SID for the local account + +Click **OK**. The Specify account window closes, and the account is added to the field where the +window was opened. diff --git a/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysqluser.md b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysqluser.md new file mode 100644 index 0000000000..f72a6d524d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifysqluser.md @@ -0,0 +1,15 @@ +--- +title: "Specify Sql User Name Window" +description: "Specify Sql User Name Window" +sidebar_position: 30 +--- + +# Specify Sql User Name Window + +The Specify Sql User name window is opened from a field where a SQL Server account is needed. + +![specifysqlusernamewindow](/images/activitymonitor/9.0/admin/outputs/window/specifysqlusernamewindow.webp) + +Enter the SQL Server user name into the text box. Multiple user names can be added using a semicolon +(;), a comma (,), or a space. Then click OK. The Specify Sql User name window closes, and the +account is added to the field where the window was opened. diff --git a/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifyunixaccount.md b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifyunixaccount.md new file mode 100644 index 0000000000..7f0a42eb62 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifyunixaccount.md @@ -0,0 +1,15 @@ +--- +title: "Specify Unix Account Window" +description: "Specify Unix Account Window" +sidebar_position: 40 +--- + +# Specify Unix Account Window + +The Specify Unix Account or group window is opened from a field where a Unix account is needed. + +![Specify Unix Account popup window](/images/activitymonitor/9.0/admin/outputs/window/unixspecifyunixaccount.webp) + +Type the UID for the desired account in the textbox. Multiple UIDs can be added using a semicolon +(;), a comma (,), or a space. Then click OK. The Specify Unix Account window closes, and the account +is added to the field where the window was opened. diff --git a/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md new file mode 100644 index 0000000000..15e3fe7d08 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md @@ -0,0 +1,29 @@ +--- +title: "Specify Account or Group Window" +description: "Specify Account or Group Window" +sidebar_position: 20 +--- + +# Specify Account or Group Window + +The Specify account or group window is opened from a field where a Windows account is needed. + +![Specify Account or Group popup window](/images/activitymonitor/9.0/admin/agents/properties/windowsspecifyaccountorgroup.webp) + +Follow the steps to use this window. + +**Step 1 –** Select the Domain from the drop-down menu. + +**Step 2 –** Enter the Account in the textbox. + +- Accounts can be entered in NTAccount format, UPN format, or SID format. +- Use the ellipsis (…) button to open the Select Users, Computers, Service Accounts, or Groups + window to browse for an account. + +**Step 3 –** Then click Resolve. A message displays indicating whether or not the account could be +resolved. + +**Step 4 –** If successful, click OK. + +The Specify account or group window closes, and the account is added to the field where the window +was opened. diff --git a/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md b/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md new file mode 100644 index 0000000000..aa95f6aa72 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md @@ -0,0 +1,38 @@ +--- +title: "Additional Properties Tab" +description: "Additional Properties Tab" +sidebar_position: 20 +--- + +# Additional Properties Tab + +The Additional Properties tab on an output Properties window is where comments and displayed host +name can be modified. These settings are initially configured when the output is added. + +Select an output from the Monitored Hosts & Services tab and click **Edit** to open the output Properties +window. + +![Additional Properties](/images/activitymonitor/9.0/admin/outputs/additionalpropertiestab.webp) + +The options are: + +- Report hostname as – The value entered here will customize the hostname that is reported for the + event in the activity log outputs +- Comment – The value entered here will appear in the Comments column in the Monitored Hosts & Services tab + table. + +Often, the Additional Properties Tab is used to indicate the purpose of the output, e.g. for Netwrix +Access Analyzer . This can be useful if using multiple outputs with +different configurations for different purposes. For example, a SharePoint site could be added as a +host and configured for Netwrix Access Analyzer data collection. It +can be added again with different monitoring options and be configured for SIEM notification. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +**Integration with Netwrix Threat Prevention for NAS Monitoring** + +If a Threat Prevention Agent has been deployed to the same Windows proxy server where and activity +agent is deployed to monitor NAS devices, then the **Comment** column in the monitored hosts/services table +identifies the host as being “Managed by Threat Prevention”, and that ‘monitored host’ configuration +is not editable through the Activity Monitor Console. Simply add the host again for other outputs. diff --git a/docs/activitymonitor/9.0/admin/outputs/gidexclusions/_category_.json b/docs/activitymonitor/9.0/admin/outputs/gidexclusions/_category_.json new file mode 100644 index 0000000000..7f90b35438 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/gidexclusions/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "GID Exclusions Tab", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "gidexclusions" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/gidexclusions/addeditgid.md b/docs/activitymonitor/9.0/admin/outputs/gidexclusions/addeditgid.md new file mode 100644 index 0000000000..6071172afe --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/gidexclusions/addeditgid.md @@ -0,0 +1,14 @@ +--- +title: "Add or Edit GID Window" +description: "Add or Edit GID Window" +sidebar_position: 10 +--- + +# Add or Edit GID Window + +The Add or Edit GID window is opened from a field where a Linux group is needed. + +![addoreditgidwindow](/images/activitymonitor/9.0/admin/outputs/window/addoreditgidwindow.webp) + +Type the GID for the desired group in the textbox. Then click OK. The Add or Edit GID window closes, +and the group is added to the field where the window was opened. diff --git a/docs/activitymonitor/9.0/admin/outputs/gidexclusions/gidexclusions.md b/docs/activitymonitor/9.0/admin/outputs/gidexclusions/gidexclusions.md new file mode 100644 index 0000000000..db7e1cf684 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/gidexclusions/gidexclusions.md @@ -0,0 +1,35 @@ +--- +title: "GID Exclusions Tab" +description: "GID Exclusions Tab" +sidebar_position: 30 +--- + +# GID Exclusions Tab + +The GID Exclusions tab on an output Properties window is where monitoring scope by group can be +modified. These settings are initially configured when the output is added. + +Select an output for a Linux host on the Monitored Hosts & Services tab and click **Edit** to open the output +Properties window. + +![gidexclusionstab](/images/activitymonitor/9.0/admin/outputs/gidexclusionstab.webp) + +The tab contains the following settings: + +- Add – Opens the Add or Edit GID window to add a group for exclusion. See the + [Add or Edit GID Window](/docs/activitymonitor/9.0/admin/outputs/gidexclusions/addeditgid.md) topic for additional information. +- Remove – Removes the selected group from exclusion. Confirmation is not requested. + + :::warning + If an account is removed by group, use the **Cancel** button to discard the change. + ::: + + +- Edit – Opens the Add or Edit GID window to edit a selected group for exclusion. See the + [Add or Edit GID Window](/docs/activitymonitor/9.0/admin/outputs/gidexclusions/addeditgid.md) topic for additional information. + +The table lists groups that are being excluded from monitoring, displayed in the GID column. By +default, no groups are being excluded. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/logfiles.md b/docs/activitymonitor/9.0/admin/outputs/logfiles.md new file mode 100644 index 0000000000..a24ba54ba3 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/logfiles.md @@ -0,0 +1,261 @@ +--- +title: "Log Files Tab" +description: "Log Files Tab" +sidebar_position: 40 +--- + +# Log Files Tab + +The Log Files tab on an output Properties window is where the activity log settings can be modified. +These settings are initially configured when the output is added. + +Select a File output from either the Monitored Domains tab or the Monitored Hosts & Services tab and click +**Edit** to open the output Properties window. The tab varies based on the type of domain/host +selected. + +## For Active Directory Domains + +The tab contains the following settings: + +![logfilesactivedirectory](/images/activitymonitor/9.0/admin/outputs/logfilesactivedirectory.webp) + +- Log file path – Identifies the full path of the activity log files on the activity agent server. + The date timestamp is appended to the file name automatically. +- Period to keep Log files – Activity logs are deleted after the number of days entered. The default + is 10 days. The Active Directory activity log settings also affect log size by controlling the + information recorded per event. + + :::note + This setting effects activity log retention whether or not the archiving feature is + enabled. + ::: + + + :::info + Keep a minimum of 10 days of activity logs. Raw activity logs should be + retained to meet an organization’s audit requirements. + ::: + + +- This log file is for Netwrix Access Analyzer (StealthAUDIT) – + Indicates whether Netwrix Access Analyzer collect the data from this + configured output + + :::note + While the Activity Monitor can have multiple configurations per host, Netwrix Access + Analyzer can only read one of them. + ::: + + +- Enable periodic AD Status Check event reporting – Indicates periodic AD Status Check event + reporting is enabled, which means the agent will send out status messages every five minutes to + verify whether the connection is still active. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For File Server and NAS Device Hosts + +The tab contains the following settings: + +![Log File Tab - Windows File servers and NAS devices hosts](/images/activitymonitor/9.0/admin/outputs/windowsfilenasdevices.webp) + +- Log file path – Identifies the full path of the activity log files on the activity agent server. + The date timestamp is appended to the file name automatically. +- Period to keep Log files – Activity logs are deleted after the number of days entered. The default + is 10 days. + + :::note + This setting effects activity log retention whether or not the archiving feature is + enabled. + ::: + + + :::info + Keep a minimum of 10 days of activity logs. Raw activity logs should be + retained to meet an organization’s audit requirements. + ::: + + + - For integration with Netwrix Access Analyzer File System + Solution, this value must be higher than the number of days between the 0.Collection > 1-FSAC + System Scans Job scans. See the + [Netwrix Access Analyzer Documentation](https://helpcenter.netwrix.com/category/accessanalyzer) + for additional information. + - For integration with Netwrix Threat Prevention NAS monitoring, this setting only controls the + log retention period for NAS devices, as Netwrix Threat Prevention does not read Windows file + server activity from Activity Monitor. + +- Report account names – Indicates if an Account Name column is added in the activity log files +- Add header to Log files – Indicates if headers are added in the activity log filesAdd header to + Log files – Indicates if headers are added in the activity log files + + :::note + This is needed to feed data into Splunk in a Syslog output. However, Netwrix Access + Analyzer does not support log files with headers. Therefore, do + not select this option for a File output designed for Netwrix Access Analyzer. + ::: + + +- Report UNC paths – Indicates if a UNC Path column and a Rename UNC Path column are added in the + activity log files. This option corresponds to the REPORT_UNC_PATH parameter in the INI file. When + the option is enabled, the added columns are populated when a file is accessed remotely through + the UNC Path. If a file is accessed locally, these columns are empty. + + - The UNC Path is in the following format: + + - For CIFS activity – The path is in `\\[HOST]\[SHARE]\[PATH]` format, e.g. + `\\ExampleHost\TestShare\DocTeam\Temp.txt` + - For NFS activity – The path is in `[HOST]:/[VOLUME]/[PATH] `format, e.g. + `ExampleHost:/ExampleVolume/DocTeam/Temp.txt` + + :::note + When this option is selected, a warning message might be displayed. + ::: + + +- Report operations with millisecond precision – Indicates the timestamps of events being recorded + in the activity log file has been changed for better ordering of events if multiple events occur + within the same second +- This log file is for Netwrix Access Analyzer (StealthAUDIT) – + Indicates whether Netwrix Access Analyzer collect the data from this + configured output + + :::note + While the Activity Monitor can have multiple configurations per host, Netwrix Access + Analyzer can only read one of them. + ::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Linux Hosts + +The tab contains the following settings: + +![Log Files Tab for Linux Hosts](/images/activitymonitor/9.0/admin/outputs/linux.webp) + +- Log file path – Identifies the full path of the activity log files on the activity agent server. + The date timestamp is appended to the file name automatically. +- Period to keep Log files – Activity logs are deleted after the number of days entered. The default + is 10 days. + + :::note + This setting effects activity log retention whether or not the archiving feature is + enabled. + ::: + + + :::info + Keep a minimum of 10 days of activity logs. Raw activity logs should be + retained to meet an organization’s audit requirements. + ::: + + +- Add header to Log files – Indicates if headers are added in the activity log filesAdd header to + Log files – Indicates if headers are added in the activity log files + + :::note + This is needed to feed data into Splunk in a Syslog output. However, Netwrix Access + Analyzer does not support log files with headers. Therefore, do + not select this option for a File output designed for Netwrix Access Analyzer. + ::: + + +- Add C:\ to the beginning of the reported file paths – Adds C:\ to the beginning of the reported + file paths in the activity log file +- Report UNC paths – Indicates if a UNC Path column and a Rename UNC Path column are added in the + activity log files. This option corresponds to the REPORT_UNC_PATH parameter in the INI file. When + the option is enabled, the added columns are populated when a file is accessed remotely through + the UNC Path. If a file is accessed locally, these columns are empty. +- Report operations with millisecond precision – Indicates the timestamps of events being recorded + in the activity log file has been changed for better ordering of events if multiple events occur + within the same second +- This log file is for Netwrix Access Analyzer (StealthAUDIT) – + Indicates whether Netwrix Access Analyzer collect the data from this + configured output + + :::note + While the Activity Monitor can have multiple configurations per host, Netwrix Access + Analyzer can only read one of them. + ::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Microsoft Entra ID, SharePoint Online, and SQL Server Hosts + +The tab contains the following settings: + +![Log File Tab - Azure Active Directory](/images/activitymonitor/9.0/admin/outputs/azuread.webp) + +- Log file path – Identifies the full path of the activity log files on the activity agent server. + The date timestamp is appended to the file name automatically. +- Period to keep Log files – Activity logs are deleted after the number of days entered. The default + is 10 days. + + :::note + This setting effects activity log retention whether or not the archiving feature is + enabled. + ::: + + + :::info + Keep a minimum of 10 days of activity logs. Raw activity logs should be + retained to meet an organization’s audit requirements. + ::: + + +- This log file is for Netwrix Access Analyzer (StealthAUDIT) – + Indicates whether Netwrix Access Analyzer collect the data from this + configured output + + :::note + While the Activity Monitor can have multiple configurations per host, Netwrix Access + Analyzer can only read one of them. + ::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SharePoint Hosts + +The tab contains the following settings: + +![Log File Tab - SharePoint On-Premises hosts](/images/activitymonitor/9.0/admin/outputs/sharepointonprem.webp) + +- Log file path – Identifies the full path of the activity log files on the activity agent server. + The date timestamp is appended to the file name automatically. +- Log file format – Indicates the file type used for the activity log. The default is JSON. See + [SharePoint JSON Log File](/docs/activitymonitor/9.0/admin/monitoredhosts/output/sharepointjson.md) topic and the + [SharePoint TSV Log File](/docs/activitymonitor/9.0/admin/monitoredhosts/output/sharepointtsv.md) topic for additional information. +- Period to keep Log files – Activity logs are deleted after the number of days entered. The default + is 10 days. + + :::note + This setting effects activity log retention whether or not the archiving feature is + enabled. + ::: + + + :::info + Keep a minimum of 10 days of activity logs. Raw activity logs should be + retained to meet an organization’s audit requirements. + ::: + + +- This log file is for Netwrix Access Analyzer (StealthAUDIT) – + Indicates whether Netwrix Access Analyzer collect the data from this + configured output + + :::note + While the Activity Monitor can have multiple configurations per host, Netwrix Access + Analyzer can only read one of them. + ::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/objects.md b/docs/activitymonitor/9.0/admin/outputs/objects.md new file mode 100644 index 0000000000..5893ef1b78 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/objects.md @@ -0,0 +1,21 @@ +--- +title: "Objects Tab" +description: "Objects Tab" +sidebar_position: 50 +--- + +# Objects Tab + +The Objects tab on an output Properties window is where monitoring scope by SQL Server objects can +be modified. These settings are initially configured when the output is added. + +Select an output for a SQL Server host on the Monitored Hosts & Services tab and click **Edit** to open the +output Properties window. + +![Objects Tab](/images/activitymonitor/9.0/admin/outputs/objectstab.webp) + +The **Refresh** button populates the list of SQL Server objects for the selected host. By default, +all objects are checked and will be monitored. Check and uncheck objects as desired. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/operations/_category_.json b/docs/activitymonitor/9.0/admin/outputs/operations/_category_.json new file mode 100644 index 0000000000..77005a0b76 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/operations/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Operations Tab", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "operations" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/operations/operations.md b/docs/activitymonitor/9.0/admin/outputs/operations/operations.md new file mode 100644 index 0000000000..a259d240dd --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/operations/operations.md @@ -0,0 +1,344 @@ +--- +title: "Operations Tab" +description: "Operations Tab" +sidebar_position: 60 +--- + +# Operations Tab + +The Operations tab on an output Properties window is where monitoring scope by operation can be +modified. These settings are initially configured when the output is added. + +Select an output from the Monitored Hosts & Services tab and click **Edit** to open the output Properties +window. The tab varies based on the type of host selected. + +## For Linux Hosts + +The tab contains the following settings and features: + +![linux](/images/activitymonitor/9.0/admin/outputs/linux.webp) + +Use the options in the Operations tab to filter the list of available audit activities. The options +are: + +- File Operations – Scope by file operation events: Add, Delete, Rename, Permission change, Read, + Update +- Directory Operations – Scope by directory operation events: Add, Delete, Rename, Permission + change, Read / List + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Microsoft Entra ID Hosts + +The tab contains the following settings and features: + +![Host Properties - Azure AD Operations tab](/images/activitymonitor/9.0/admin/outputs/azureadoperationstab.webp) + +- Monitor Sign-Ins activity – Indicates if user sign-ins activity is monitored +- Monitor Audit activity – Indicates if audit for all operations is monitored +- Service – Filter the table by Service using the drop-down menu +- Category – Filter the table by Category using the drop-down menu +- Operation – Filter the table by Operation using the textbox + +The table lists operations being monitored, displaying columns for Service, Category, and Operation. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Nasuni Hosts + +The tab contains the following settings and features: + +- File Operations – Scope by file operation events: Add, Delete, Rename, Permission change, Read, + Update +- Directory Operations – Scope by directory operation events: Add, Delete, Rename, Permission + change, Read / List +- Link Operations – Scope by link operation events: Add, Delete +- Suppress reporting of File Explorer's excessive directory traversal activity – When you open a + folder, Windows File Explorer tends to read all sub-folders to display proper icons and meta-data. + This activity occurs without the explicit intent of the user. This option tries to suppress such + automatic activity. It is only available when the Read / List option for Directory Operations is + selected. +- Suppress reporting of File Explorer's excessive file read activity – When you open a folder, + Windows File Explorer tends to read files in the folder to display proper icons and meta-data. + This activity occurs without the explicit intent of the user. This option tries to suppress such + automatic activity. It is only available when the Read option for File Operations is selected. +- Suppress Microsoft Office operations on temporary files – Filters out events for Microsoft Office + temporary files. When Microsoft Office files are saved or edited, many temporary files are + created. With this option enabled, events for these temporary files are ignored. +- Suppress operations on common temporary files – Filters out events for common temporary files. + With this option enabled, events for these common temporary files are ignored. +- Suppress duplicate operations for [VALUE] seconds + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Nutanix Hosts + +The tab contains the following settings and features: + +![operations](/images/activitymonitor/9.0/admin/outputs/operations.webp) + +- File Operations – Scope by file operation events: Add, Delete, Rename, Permission change, Read, + Update +- Directory Operations – Scope by directory operation events: Add, Delete, Rename, Permission change + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Qumulo Hosts + +The tab contains the following settings and features: + +![qumulooutputproperties](/images/activitymonitor/9.0/admin/outputs/qumulooutputproperties.webp) + +- File Operations – Scope by file operation events: Add, Delete, Rename, Permission change, Read, + Update +- Directory Operations – Scope by directory operation events: Add, Delete, Rename, Permission + change, Read / List +- Share Operations – Scope by share operation events: Add, Delete, Update, Read / Connect +- Suppress operations on common temporary files – Filters out events for common temporary files. + With this option enabled, events for these common temporary files are ignored. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SharePoint Host + +The tab contains the following settings and features: + +![Operations Tab for SharePoint](/images/activitymonitor/9.0/admin/outputs/sp.webp) + +- SharePoint operations – Scope by SharePoint operation events: Check-Out, View, Update, Child + Delete, Undelete, Copy, Audit Mask Change, Child Move, Custom, Check-In, Delete, Profile Change, + Schema Change, Workflow, Move, Search, File Fragment Write +- Permission Operations – Scope by permission operation events: Creation of a user group, Addition + of a new member to a group, creation of a new role, Changing a role, Changing the permissions of a + user or group, Turning off inheritance of security settings, Granting App Permissions, Deletion of + a group, Deletion of a member from a group, Removal of a role, Turning off inheritance of role, + Turning on inheritance of security settings, Deletion of audited events, Revoking App Permissions + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SharePoint Online Host + +The tab contains a subset of tabs. Each tab has a **Select All** check box to include all events for +that tab. + +![Operations Tab for SharePoint Online Properties](/images/activitymonitor/9.0/admin/outputs/operationstab.webp) + +You can scope by the following events: + +| Tab | Event | +| -------------------------- | --------------------------------------------- | +| Content Explorer | Accessed item | +| DLP | Designated false positive | +| DLP | Matched DLP rule | +| DLP | Undone DLP action | +| File and Page | Accessed File | +| File and Page | Accessed File (ext) | +| File and Page | Changed compliance policy label | +| File and Page | Changed record status to locked | +| File and Page | Changed record status to unlocked | +| File and Page | Checked in file | +| File and Page | Checked out file | +| File and Page | Copied file | +| File and Page | Deleted file | +| File and Page | Deleted file from recycle bin | +| File and Page | Deleted file from second-stage recycle bin | +| File and Page | Deleted record compliance policy label | +| File and Page | Detected document sensitivity mismatch | +| File and Page | Detected malware in file | +| File and Page | Discarded file checkout | +| File and Page | Downloaded file | +| File and Page | Modified file | +| File and Page | Modified file (ext) | +| File and Page | Moved file | +| File and Page | Performed search query | +| File and Page | Prefetched page | +| File and Page | Previewed file | +| File and Page | Recycled all minor versions of file | +| File and Page | Recycled all versions of file | +| File and Page | Recycled version of file | +| File and Page | Renamed file | +| File and Page | Restored file | +| File and Page | Uploaded file | +| File and Page | View signaled by client | +| File and Page | Viewed page | +| File and Page | Viewed page (ext) | +| Folder | Copied folder | +| Folder | Created folder | +| Folder | Deleted folder | +| Folder | Deleted folder from recycle bin | +| Folder | Deleted folder from second-stage recycle bin | +| Folder | Modified folder | +| Folder | Moved folder | +| Folder | Renamed folder | +| Folder | Restored folder | +| List | Created list | +| List | Created list column | +| List | Created list column | +| List | Created list content type | +| List | Created list item | +| List | Created site column | +| List | Created site content type | +| List | Deleted list | +| List | Deleted list column | +| List | Deleted list content type | +| List | Deleted list item | +| List | Deleted site column | +| List | Deleted site content type | +| List | Recycled list item | +| List | Restored list | +| List | Restored list item | +| List | Updated list | +| List | Updated list column | +| List | Updated list content type | +| List | Updated list item | +| List | Updated site column | +| List | Updated site content type | +| Other | Other events | +| Sensitive Label | Applied sensitivity label to file | +| Sensitive Label | Applied sensitivity label to site | +| Sensitive Label | Changed sensitivity label applied to file | +| Sensitive Label | Removed sensitivity label from file | +| Sensitive Label | Removed sensitivity label from site | +| Sharing and Access Request | Accepted access request | +| Sharing and Access Request | Accepted sharing invitation | +| Sharing and Access Request | Added permission level to site collection | +| Sharing and Access Request | Blocked sharing invitation | +| Sharing and Access Request | Created a company shareable link | +| Sharing and Access Request | Created access request | +| Sharing and Access Request | Created an anonymous link | +| Sharing and Access Request | Created secure link | +| Sharing and Access Request | Created sharing invitation | +| Sharing and Access Request | Deleted secure link | +| Sharing and Access Request | Denied access request | +| Sharing and Access Request | Removed a company shareable link | +| Sharing and Access Request | Removed an anonymous link | +| Sharing and Access Request | Shared file, folder, or site | +| Sharing and Access Request | Unshared file, folder, or site | +| Sharing and Access Request | Updated access request | +| Sharing and Access Request | Updated an anonymous link | +| Sharing and Access Request | Updated sharing invitation | +| Sharing and Access Request | Used a company shareable link | +| Sharing and Access Request | Used an anonymous link | +| Sharing and Access Request | Used secure link | +| Sharing and Access Request | User added to secure link | +| Sharing and Access Request | User removed from secure link | +| Sharing and Access Request | Withdrew sharing invitation | +| Site Administration | Added allowed data location | +| Site Administration | Added exempt user agent | +| Site Administration | Added geo location admin | +| Site Administration | Allowed user to create groups | +| Site Administration | Canceled site geo move | +| Site Administration | Changed a sharing policy | +| Site Administration | Changed device access policy | +| Site Administration | Changed exempt user agents | +| Site Administration | Changed network access policy | +| Site Administration | Completed site geo move | +| Site Administration | Created Sent To connection | +| Site Administration | Created site collection | +| Site Administration | Deleted orphaned hub site | +| Site Administration | Deleted Sent To connection | +| Site Administration | Deleted site | +| Site Administration | Enabled document preview | +| Site Administration | Enabled legacy workflow | +| Site Administration | Enabled Office on Demand | +| Site Administration | Enabled result source for People Searches | +| Site Administration | Enabled RSS feeds | +| Site Administration | Joined site to hub site | +| Site Administration | Registered hub site | +| Site Administration | Removed allowed data location | +| Site Administration | Removed geo location admin | +| Site Administration | Renamed site | +| Site Administration | Scheduled site geo move | +| Site Administration | Set host site | +| Site Administration | Set storage quota for geo location | +| Site Administration | Unjoined site from hub site | +| Site Administration | Unregistered hub site | +| Site Permissions | Added site collection admin | +| Site Permissions | Added user or group to SharePoint group | +| Site Permissions | Broke permission level inheritance | +| Site Permissions | Broke sharing inheritance | +| Site Permissions | Created group | +| Site Permissions | Deleted group | +| Site Permissions | Modified access request setting | +| Site Permissions | Modified 'Members Can Share' setting | +| Site Permissions | Modified permissions level on site collection | +| Site Permissions | Modified site permissions | +| Site Permissions | Removed permission level from site collection | +| Site Permissions | Removed site collection admin | +| Site Permissions | Removed user or group from SharePoint group | +| Site Permissions | Requested site admin permissions | +| Site Permissions | Restored sharing inheritance | +| Site Permissions | Updated group | +| Synchronization | Allowed computer to sync files | +| Synchronization | Blocked computer from syncing files | +| Synchronization | Downloaded file changes to computer | +| Synchronization | Downloaded files to computer | +| Synchronization | Uploaded file changes to document library | +| Synchronization | Uploaded files to document library | + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SQL Server Hosts + +The tab contains the following settings and features: + +![sql](/images/activitymonitor/9.0/admin/outputs/sql.webp) + +- DML operations – Scope by DML operation events: Select, Update, Merge, Insert, Delete, Execute +- Audit operations – Scope by audit operation events: Login, Logout, Login Failed, Error +- Permission operations – Scope by permission operation events: Grant, Deny, Revoke, Alter Role +- Suppress subsequent logon/logout events from the same user in [VALUE] minutes interval + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Windows File Server Hosts + +The tab contains the following settings and features: + +![Operations Tab for File System](/images/activitymonitor/9.0/admin/outputs/fs.webp) + +- Operation Type – Scope events by operation type: + + - All – Both allowed and denied operations + - Allowed only – Only allowed operations + - Denied only – Only denied operations + +- File Operations – Scope by file operation events: Add, Delete, Rename, Permission change, Read, + Update +- Directory Operations – Scope by directory operation events: Add, Delete, Rename, Permission + change, Read / List +- Share Operations – Scope by share operation events: Add, Delete, Update, Permission change +- VSS Operations – Scope by VSS operation events: Snapshot add, Snapshot delete, Read +- Suppress reporting of File Explorer's excessive directory traversal activity – When you open a + folder, Windows File Explorer tends to read all sub-folders to display proper icons and meta-data. + This activity occurs without the explicit intent of the user. This option tries to suppress such + automatic activity. It is only available when the Read / List option for Directory Operations is + selected. +- Suppress reporting of File Explorer's excessive file read activity – When you open a folder, + Windows File Explorer tends to read files in the folder to display proper icons and meta-data. + This activity occurs without the explicit intent of the user. This option tries to suppress such + automatic activity. It is only available when the Read option for File Operations is selected. +- Suppress Permission Change operations with reordered ACL – Prevents tracking events where + permission updates occurred resulting in reordered ACEs, but with no other changes in the ACL +- Suppress Inherited Permissions Changes – Prevents tracking events where changes for inherited + permissions occurred. This option is provided to improve overall performance and reduce output log + volume. +- Suppress Microsoft Office operations on temporary files – Filters out events for Microsoft Office + temporary files. When Microsoft Office files are saved or edited, many temporary files are + created. With this option enabled, events for these temporary files are ignored. +- Suppress operations on common temporary files – Filters out events for common temporary files. + With this option enabled, events for these common temporary files are ignored. +- Suppress duplicate operations for [VALUE] seconds + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +See[Suppress Windows Explorer Activity](/docs/activitymonitor/9.0/admin/outputs/operations/suppress.md) topic for more information. diff --git a/docs/activitymonitor/9.0/admin/outputs/operations/suppress.md b/docs/activitymonitor/9.0/admin/outputs/operations/suppress.md new file mode 100644 index 0000000000..d3f4f6e0f3 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/operations/suppress.md @@ -0,0 +1,72 @@ +--- +title: "Suppress Windows Explorer Activity" +description: "Suppress Windows Explorer Activity" +sidebar_position: 10 +--- + +# Suppress Windows Explorer Activity + +Not all file operations are deliberate. Operating systems and third-party software have the +capability to execute operations on files without explicit user action. While this functionality can +improve user experience, it also presents a challenge to IT teams as it generates a record of +actions that have not been explicitly triggered by users. + +One of the most prominent examples is the Windows File Explorer - the standard application for file +system browsing on the Windows family of operating systems. Over the years, File Explorer has had a +number of improvements and new features. File Explorer displays various information about files to +provide a better user experience. This allows users to view file content without having to open +them. + +File Explorer displays icons for certain file types like executable (.exe) files. Depending on the +View mode, it can display thumbnails of various file formats and meta-data with things like author, +number of pages, image dimensions, etc. Hovering a mouse cursor over a file also provides detailed +information about a file in a tool tip. When working with sub-folders, File Explorer may display a +thumbnail of the files contained within the sub-folder on top of the sub-folder icon. This +additional functionality is executed automatically, mostly without the user's explicit action or +intention. + +As an example, a user may wish to open the MySampleReport.docx document located in the +MyTestDepartment folder. The user opens the folder, locates the file and double-clicks to open it. +From the user's perspective, only two actions were performed: + +1. Open MyTestMyDepartment folder. +2. Open MySampleReport.docx. + +However, File Explorer performs a number of additional operations on behalf of the user: + +- It reads and displays icons for certain files types in MyTestMyDepartment folder. +- It reads the meta-data of the files or sub-folders under the mouse cursor while the user is + locating the document. +- It reads the meta-data and preview if the user accidentally selects an incorrect file. +- It lists the content of all sub-folders and generates thumbnails to be displayed on top of the + sub-folder icon. +- It may create or update Thumbs.db file - a cache of thumbnail images. + +None of these additional file operations, which can be called Preview Reads, are explicitly +initiated by the user. However, the audit log records all of them as originating from the user. + +Preview Reads and similar unintentional automatic operations pose a significant challenge for IT +teams and IT auditing software. At the file system level, preview reads are perceived as normal read +operations, like file copying or opening a file in an application. There exists no distinguishing +factor between explicit user activity and implicit actions by File Explorer. Whether it is a preview +read, opening the file in Notepad, or copying the file, all these operations are perceived as the +same Read operation at the file system level. Therefore, it is not possible to reliably filter +unintentional activity without the risk of suppressing genuine user actions. + +The Activity Monitor employs various techniques to minimize noise. These methods all rely on +identifying patterns in the sequence of events. However, their effectiveness is severely limited, as +research has shown that clear patterns of preview reads activity in File Explorer are lacking. For +the Windows Server, the effectiveness is slightly higher since theActivity Monitor's file system +driver can observe all the low-level details about operations. + +The product provides the following filtering options to reduce File Explorer preview reads: + +- Suppress reporting of File Explorer’s excessive directory traversal activity - This option aims to + identify and suppress preview reads of sub-folders that occur immediately after the parent folder + is opened. +- Suppress reporting of File Explorer’s excessive file read activity - This option attempts to + identify and suppress preview reads of files that occur immediately after the parent folder is + opened. + +Both filtering options prioritize the accuracy of audit data over noise reduction. In other words, +they will report a noise event rather than suppress a genuine user action. diff --git a/docs/activitymonitor/9.0/admin/outputs/overview.md b/docs/activitymonitor/9.0/admin/outputs/overview.md new file mode 100644 index 0000000000..64a89efbc2 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/overview.md @@ -0,0 +1,121 @@ +--- +title: "Output Types" +description: "Output Types" +sidebar_position: 40 +--- + +# Output Types + +Once a domain or a host/service is being monitored the event stream can be sent to multiple outputs. There +are three types of outputs: + +- File – Creates an activity log as a TSV or JSON file for every day of activity + +- Syslog – Sends activity events to the configured SIEM server. + For file servers, this option is also used to send activity events to Netwrix Threat Manager. + +- Netwrix Threat Manager – Sends Active Directory activity events to Netwrix Threat Manager + + :::note + This output type is only available for Monitored Domains + ::: + + +See the [Output for Monitored Domains](/docs/activitymonitor/9.0/admin/monitoreddomains/output/output.md) topic and the +[Output for Monitored Hosts](/docs/activitymonitor/9.0/admin/monitoredhosts/output/output.md) topic for information on adding an output. + +Output configurations vary based on the type of domain/host selected. + +## For Active Directory Domains + +Output Properties window has the following tabs: + +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only +- [Threat Manager Tab](/docs/activitymonitor/9.0/admin/outputs/threatmanager.md), Netwrix Threat Manager output only + +## For File System Hosts + +Output Properties window has the following tabs: + +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) +- [Path Filtering Tab](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/pathfiltering.md) +- [Protocols Tab](/docs/activitymonitor/9.0/admin/outputs/protocols.md) +- [Account Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md) +- [Process Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/processexclusions/processexclusions.md), Windows only +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) + +## For Linux Hosts + +In addition to common File System tabs, Linux outputs have the following tabs: + +- [GID Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/gidexclusions/gidexclusions.md) + + +## For Exchange Online Hosts + +Output Properties window has the following tabs: + +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) +- [Account Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md) +- Application Exclusions Tab +- Mailbox Exclusions Tab +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) + + +## For Microsoft Entra ID Hosts + +Output Properties window has the following tabs: + +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) + + +## For SharePoint Hosts + +Output Properties window has the following tabs: + +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) +- [Path Filtering Tab](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/pathfiltering.md) +- [Account Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md) +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) + +## For SharePoint Online Hosts + +Output Properties window has the following tabs: + +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only + +## For SQL Server Hosts + +Output Properties window has the following tabs: + +- [Account Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md) +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) +- [Objects Tab](/docs/activitymonitor/9.0/admin/outputs/objects.md) +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only + +## For Windows File Server Hosts + +Output Properties window has the following tabs: + +- [Account Exclusions Tab](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/accountexclusions.md) +- [Additional Properties Tab](/docs/activitymonitor/9.0/admin/outputs/additionalproperties.md) +- [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md), File output only +- [Operations Tab](/docs/activitymonitor/9.0/admin/outputs/operations/operations.md) +- [Path Filtering Tab](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/pathfiltering.md) +- [Protocols Tab](/docs/activitymonitor/9.0/admin/outputs/protocols.md) +- [Syslog Tab](/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md), Syslog output only diff --git a/docs/activitymonitor/9.0/admin/outputs/pathfiltering/_category_.json b/docs/activitymonitor/9.0/admin/outputs/pathfiltering/_category_.json new file mode 100644 index 0000000000..abd798d0ab --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/pathfiltering/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Path Filtering Tab", + "position": 70, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "pathfiltering" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md b/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md new file mode 100644 index 0000000000..140c6128cf --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md @@ -0,0 +1,36 @@ +--- +title: "Add or Edit Path Window" +description: "Add or Edit Path Window" +sidebar_position: 10 +--- + +# Add or Edit Path Window + +The Add or Edit Path window is opened from the Path Filtering tab of a monitored host's output +Properties window. + +![addoreditpath](/images/activitymonitor/9.0/admin/outputs/window/addoreditpath.webp) + +- Specify a path to filter during collection – Enter a file path in the textbox or use the ellipsis + (…) to browse for a folder +- Filter Type – Indicates if the filter will be **Included** or **Excluded** + +Then click OK. The Add or Edit Path window closes, and the path is added to the filtering list for +the monitored host. + +## Special Consideration for NAS Device Hosts + +For NAS devices, the activity agent can configured to add ‘C:\’ to the beginning of the path, which +is a requirement for the output that is designated for StealthAUDIT.exe or being read by a Netwrix +Threat Prevention agent. That configuration is on the [Log Files Tab](/docs/activitymonitor/9.0/admin/outputs/logfiles.md). If the option +is enabled for this monitored device, start your paths with C:\. + +## Wildcard + +Wildcard filtering can be configured using the following wildcard characters: + +| Wildcard | Definition | +| -------- | ------------------------------------------------------------ | +| \* | matches zero or more characters (except for "\" or "/") | +| ? | matches any single character (except for "\" or "/") | +| \*\* | matches zero or more characters (useful for directory trees) | diff --git a/docs/activitymonitor/9.0/admin/outputs/pathfiltering/pathfiltering.md b/docs/activitymonitor/9.0/admin/outputs/pathfiltering/pathfiltering.md new file mode 100644 index 0000000000..99a34d988a --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/pathfiltering/pathfiltering.md @@ -0,0 +1,180 @@ +--- +title: "Path Filtering Tab" +description: "Path Filtering Tab" +sidebar_position: 70 +--- + +# Path Filtering Tab + +The Path Filtering tab on an output Properties window is where monitoring scope by file paths can be +modified. Specified paths can be included in or excluded. These settings are initially configured +when the output is added. + +Select an output from the Monitored Hosts & Services tab and click **Edit** to open the output Properties +window. The tab varies based on the type of host selected. + +## For Linux Hosts + +The tab contains the following settings and features: + +![pathfilteringtab](/images/activitymonitor/9.0/admin/outputs/pathfilteringtab.webp) + +- Add – Opens the Add or Edit Path window to add a new path to the list. See the + [Add or Edit Path Window](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md) topic for additional information. +- Remove – Removes the selected path from the list. Confirmation is not requested. + + :::warning + If a path is removed by accident, use the **Cancel** button to discard the change. + ::: + + +- Move Up / Move Down – Since path filters are evaluated in the order specified by the table, these + buttons move the selected path up or down in the list +- Edit – Opens the Add or Edit Path window to modify the selected path. See the + [Add or Edit Path Window](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md) topic for additional information. +- Type a path below to test whether it will be included or excluded – Enter a path in the textbox to + test whether it will be included/excluded based on the path filtering list + + - Result – Under the text box, a description of whether the indicated path is included or + excluded will appear, as well as a reason for why the indicated path is included or excluded. + Additionally, the path in the list that is applied to the test will be highlight ed: green + highlight for an included path and red highlight for an excluded path. + +- Exclude extensions – Displays a space separated list of file extensions that are excluded +- Exclude streams – Displays a space separated list of streams that are excluded + +The table lists paths that are being filtered, displaying columns for Type, indicating if it is +being Included or Excluded, and Pattern. The order of the list determines what paths are included +and what paths are excluded. + +:::warning +Exclude takes precedence over the Include. For example, if the C:\OpenShare is +excluded, but the C:\OpenShare\Edward is included, the ‘OpenShare’ parent exclusion takes +precedence, and the ‘Edward’ child folder will not be monitored. +::: + + +:::note +If ‘Include’ is not listed under the Filter Type column (or no Include filter paths are +added), then all current and new discovered drives will be monitored. +::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For NAS Device Hosts + +The tab contains the following settings and features: + +![Host Properties - Path Filtering Tab](/images/activitymonitor/9.0/admin/outputs/pathfilteringtab.webp) + +- Add – Opens the Add or Edit Path window to add a new path to the list. See the + [Add or Edit Path Window](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md) topic for additional information. +- Remove – Removes the selected path from the list. Confirmation is not requested. + + :::warning + If a path is removed by accident, use the **Cancel** button to discard the change. + ::: + + +- Move Up / Move Down – Since path filters are evaluated in the order specified by the table, these + buttons move the selected path up or down in the list +- Edit – Opens the Add or Edit Path window to modify the selected path. See the + [Add or Edit Path Window](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md) topic for additional information. +- Type a path below to test whether it will be included or excluded – Enter a path in the textbox to + test whether it will be included/excluded based on the path filtering list + + - Result – Under the text box, a description of whether the indicated path is included or + excluded will appear, as well as a reason for why the indicated path is included or excluded. + Additionally, the path in the list that is applied to the test will be highlight ed: green + highlight for an included path and red highlight for an excluded path. + +- Exclude extensions – Displays a space separated list of file extensions that are excluded +- Exclude streams – Displays a space separated list of streams that are excluded + +The table lists paths that are being filtered, displaying columns for Type, indicating if it is +being Included or Excluded, and Pattern. The order of the list determines what paths are included +and what paths are excluded. + +:::warning +Exclude takes precedence over the Include. For example, if the C:\OpenShare is +excluded, but the C:\OpenShare\Edward is included, the ‘OpenShare’ parent exclusion takes +precedence, and the ‘Edward’ child folder will not be monitored. +::: + + +:::note +If ‘Include’ is not listed under the Filter Type column (or no Include filter paths are +added), then all current and new discovered drives will be monitored. +::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For SharePoint Hosts + +For a SharePoint host, the Path Filtering tab is for including and excluding sites. The tab contains +the following settings and features: + +![Path Filtering Tab for SharePoint Hosts](/images/activitymonitor/9.0/admin/outputs/pathfilteringsharepointhosts.webp) + +- To audit all sites, leave the textbox blank +- To include a specific site, enter the URL +- To exclude a specific site, enter the URL but add a minus sign (-) as a prefix to the URL, for + example: + +**-http://sharepoint.local/sites/marketing** + +Use a semicolon (;) to separate multiple URLs. + +## For Windows File Server Hosts + +The tab contains the following settings and features: + +- Add – Opens the Add or Edit Path window to add a new path to the list. See the + [Add or Edit Path Window](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md) topic for additional information. +- Remove – Removes the selected path from the list. Confirmation is not requested. + + :::warning + If a path is removed by accident, use the **Cancel** button to discard the change. + ::: + + +- Move Up / Move Down – Since path filters are evaluated in the order specified by the table, these + buttons move the selected path up or down in the list +- Edit – Opens the Add or Edit Path window to modify the selected path. See the + [Add or Edit Path Window](/docs/activitymonitor/9.0/admin/outputs/pathfiltering/addeditpath.md) topic for additional information. +- Add all local drives – Retrieves and adds all local drives to the bottom of the list with a type + of Include +- Type a path below to test whether it will be included or excluded – Enter a path in the textbox to + test whether it will be included/excluded based on the path filtering list + + - Result – Under the text box, a description of whether the indicated path is included or + excluded will appear, as well as a reason for why the indicated path is included or excluded. + Additionally, the path in the list that is applied to the test will be highlight ed: green + highlight for an included path and red highlight for an excluded path. + +- Exclude extensions – Displays a space separated list of file extensions that are excluded +- Exclude streams – Displays a space separated list of streams that are excluded + +The table lists paths that are being filtered, displaying columns for Type, indicating if it is +being Included or Excluded, and Pattern. The order of the list determines what paths are included +and what paths are excluded. + +:::warning +Exclude takes precedence over the Include. For example, if the C:\OpenShare is +excluded, but the C:\OpenShare\Edward is included, the ‘OpenShare’ parent exclusion takes +precedence, and the ‘Edward’ child folder will not be monitored. +::: + + +:::note +If ‘Include’ is not listed under the Filter Type column (or no Include filter paths are +added), then all current and new discovered drives will be monitored. +::: + + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/processexclusions/_category_.json b/docs/activitymonitor/9.0/admin/outputs/processexclusions/_category_.json new file mode 100644 index 0000000000..e0e40e3721 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/processexclusions/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Process Exclusions Tab", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "processexclusions" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/processexclusions/addeditprocess.md b/docs/activitymonitor/9.0/admin/outputs/processexclusions/addeditprocess.md new file mode 100644 index 0000000000..215dd6bc2f --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/processexclusions/addeditprocess.md @@ -0,0 +1,20 @@ +--- +title: "Add or Edit Process Window" +description: "Add or Edit Process Window" +sidebar_position: 10 +--- + +# Add or Edit Process Window + +The Add or Edit Process window is opened from the Process Exclusions tab of a monitored host's +output Properties window. + +![Add or Edit Process popup window](/images/activitymonitor/9.0/admin/outputs/window/addoreditprocessprocessexclusions.webp) + +- Process name – Displays the name of the process to be excluded. You can enter a process name in + the textbox or select a process from the Running processes list. +- Filter – Indicates if the filter will be for **All events** or only **Read events** +- Running Processes – Lists all processes currently running on the host + +Then click OK. The Add or Edit Path window closes, and the path is added to the filtering list for +the monitored host. diff --git a/docs/activitymonitor/9.0/admin/outputs/processexclusions/processexclusions.md b/docs/activitymonitor/9.0/admin/outputs/processexclusions/processexclusions.md new file mode 100644 index 0000000000..74b079cab3 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/processexclusions/processexclusions.md @@ -0,0 +1,40 @@ +--- +title: "Process Exclusions Tab" +description: "Process Exclusions Tab" +sidebar_position: 80 +--- + +# Process Exclusions Tab + +The Process Exclusions tab on an output Properties window is where monitoring scope by Windows +processes can be modified. These settings are initially configured when the output is added. + +:::note +Netwrix product processes are excluded by default from activity monitoring. +::: + + +Select an output for a Windows file server host on the Monitored Hosts & Services tab and click **Edit** to +open the output Properties window. + +![Process Exclusions Tab](/images/activitymonitor/9.0/admin/outputs/processexclusions.webp) + +The tab contains the following settings and features: + +- Add – Opens the Add or Edit Process window to add a new process to the list. See the + [Add or Edit Process Window](/docs/activitymonitor/9.0/admin/outputs/processexclusions/addeditprocess.md) topic for additional information. +- Remove – Removes the selected path from the list. Confirmation is not requested. + + :::warning + If a process is removed by accident, use the **Cancel** button to discard the + change. + ::: + + +- Edit – Opens the Add or Edit Process window to modify the selected process. See the + [Add or Edit Process Window](/docs/activitymonitor/9.0/admin/outputs/processexclusions/addeditprocess.md) topic for additional information. + +The table lists process that will be excluded, displaying columns for Process Name and Events. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/protocols.md b/docs/activitymonitor/9.0/admin/outputs/protocols.md new file mode 100644 index 0000000000..f8b18ab844 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/protocols.md @@ -0,0 +1,23 @@ +--- +title: "Protocols Tab" +description: "Protocols Tab" +sidebar_position: 90 +--- + +# Protocols Tab + +The Protocols tab on an output Properties window is where monitoring scope by protocol can be +modified. These settings are initially configured when the output is added. + +Select an output from the Monitored Hosts & Services tab and click **Edit** to open the output Properties +window. + +![Protocols Tab](/images/activitymonitor/9.0/admin/outputs/protocolstab.webp) + +The tab contains the following settings: + +- Protocols – Indicates if **All** protocols, only **CIFS** protocols, or only **NFS** protocols are + included + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/syslog/_category_.json b/docs/activitymonitor/9.0/admin/outputs/syslog/_category_.json new file mode 100644 index 0000000000..f02dff6af7 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/syslog/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Syslog Tab", + "position": 100, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "syslog" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md b/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md new file mode 100644 index 0000000000..8e748ef3b7 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md @@ -0,0 +1,209 @@ +--- +title: "Message Template Window" +description: "Message Template Window" +sidebar_position: 10 +--- + +# Message Template Window + +The Message Template window is opened from the ellipsis (…) button for the Syslog Message Template +field on the Syslog tab of the output Properties window. + +![Message Template window](/images/activitymonitor/9.0/admin/outputs/window/syslogmessagetemplate.webp) + +You can select a preconfigured template from the drop-down menu or create a custom template. The +available preconfigured templates vary based on the type of domain/host selected. + +## For Monitored Domains + +Monitored Domains Syslog outputs have the following preconfigured Templates: + +- V 1.0 for AlienVault SIEM +- V 1.0 for Generic CEF SIEM – Incorporates the CEF message format +- V 1.0 for Generic LEEF SIEM – Incorporates the LEEF message format +- V 1.0 for Generic SYSLOG SIEM +- V 1.0 for HP ArcSight SIEM +- V 1.0 for LogRhythm SIEM +- V 1.0 for McAfee ESM SIEM +- V 1.0 for IBM QRadar SIEM +- V 1.0 for Splunk SIEM +- V 2.0 for IBM QRadar SIEM 7.2.4 +- V 2.0 for Splunk SIEM + +Custom templates can be created. Select the desired template or create a new template by modifying +an existing template within the Message Template window. The new message template will be named +Custom. Macro variables are also available to customize the Syslog message template. + +**Macro Variables for Monitored Domains** + +Macros are text strings that are replaced with actual values at run time. The following Macro +variables are available to customize the Syslog message template: + +| Variable | Definition | +| ------------------------------ | ------------------------------------------------------------------------------------ | +| %AFFECTED_OBJECT_ACCOUNT_NAME% | Affected Object Name | +| %AFFECTED_OBJECT_SID% | Affected Object SID | +| %ATTRIBUTE_NAME% | Attribute Name | +| %ATTRIBUTE_VALE% | New Attribute Value | +| %BLOCKED_EVENT% | True if the operation was denied, False otherwise | +| %CLASS_NAME% | Class Name | +| %COMPANY% | Company Name | +| %DN% | Distinguished Name of the Affected Object | +| %ERTYPE_ID% | Event Type ID | +| %EVENT_CODE% | Code | +| %EVENT_NAME% | Event Name | +| %EVENT_SOURCE_NAME% | Event Source Name | +| %EVENT_SOURCE_TYPE% | Event Source Type | +| %EVENTNAMETRANSLATED% | Translated Event Name | +| %EVENTS_COUNT% | Consolidated Events Count | +| %HOST% | Message Source Hostname | +| %OLD_ATTRIBUTE_VALUE% | Old Attribute Value | +| %OPERATION% | Operation Performed | +| %ORIGINATING_CLIENT% | Originating Client | +| %ORIGINATING_SERVER% | Originating Server | +| %ORIGINATING_SERVERIP% | Originating Server IP Address | +| %ORIGINATINGCLIENTHOST% | Originating Server Host Name | +| %ORIGINATINGCLIENTIP% | Originating Client IP Address | +| %ORIGINATINGCLIENTMAC% | Originating Client MAC | +| %ORIGINATINGCLIENTPROTOCOL% | Originating Client Protocol | +| %PERMISSIONS_SDDL_DESCRIPTION% | Windows only: Permission change details in readable format | +| %PERPETRATOR% | Perpetrator | +| %PERPETRATOR_NAME% | Perpetrator Name | +| %PERPETRATOR_SID% | Perpetrator SID | +| %USERNAME% | 'Username' part of the %PERPETRATOR_NAME% field if it is in 'DOMAIN\Username' format | +| %PRODUCT% | Product Name | +| %PRODUCT_VERSION% | Product Version | +| %SETTING_NAME% | Setting Name | +| %SUCCESS% | Success | +| %STATUS% | Status | +| %SYSLOG_DATE% | Current Date Time in Syslog Format | +| %SYSLOG_EVENTID% | Syslog Event ID | +| %TARGETHOST% | Target Host | +| %TARGETHOSTIP% | Target Host IP | +| %TIME_STAMP% | Date Timestamp of Event | +| %TIME_STAMP_UTC% | Date Timestamp of Event in UTC | + +## For Monitored Hosts/Services + +Monitored Hosts/Services Syslog outputs have the following preconfigured Templates: + +- AlienVault / Generic Syslog +- CEF – Incorporates the CEF message format +- HP Arcsight +- LEEF – Incorporates the LEEF message format +- LogRhythm +- McAfee +- QRadar – Use this template for IBM QRadar integration. See the + [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) topic for + additional information. +- Splunk – Use this template for Splunk integration. See the Configure the + [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) topic for additional + information. +- Netwrix Threat Manager (StealthDEFEND) – Use this template for Netwrix Threat Manager integration. + This is the only supported template for Threat Manager. + +Custom templates can be created. Select the desired template or create a new template by modifying +an existing template within the Message Template window. The new message template will be named +Custom. Macro variables are also available to customize the Syslog message template. + +**Macro Variables** + +Macros are text strings that are replaced with actual values at run time. Not all macro variables +are applicable to all environment types. The following Macro variables are available to customize +the Syslog message template: + +| Environment | Variable | Definition | +| ------------------------------------------------------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------ | +| SharePoint Online | %ABSOLUTE_URL% | Absolute URL of the affected object | +| SharePoint Online | %ACCESS% | Access granted by the sharing operation | +| SharePoint | %APPPRINCIPAL_ID% | App Principal ID | +| File Servers & NAS Devices | %ATTRIBUTE_NAME% | Rename events only: Fixed string: Filename | +| File Servers & NAS Devices | %ATTRIBUTE_VALUE% | Rename events only: New file path | +| File Servers & NAS Devices SharePoint | %BLOCKED_EVENT% | True if the operation was denied, False otherwise | +| SharePoint SharePoint Online | %CLIENT_IP% | IP address of the user | +| File Servers & NAS Devices SharePoint SharePoint Online | %COMPANY% | Fixed string: Netwrix | +| SharePoint Online | %CUSTOM_EVENT% | Custom Event information | +| SharePoint Online | %DEST_FILE_EXT% | New file extension of copied or moved file | +| SharePoint Online | %DEST_FILENAME% | Name of the file that is copied or moved | +| SharePoint Online | %DEST_RELATIVE_PATH% | URL of the destination folder where a folder is copied or moved | +| SharePoint Online | %DLP_EXCEPTION% | Reasons why a policy no longer applies and any information about false positive or override | +| SharePoint Online | %DLP_POLICY% | Policy(s) that triggered the event | +| SharePoint Online | %DLP_SENSITIVE% | Indicates whether the event contains the value of the sensitive data type (true/false) | +| SharePoint SharePoint Online | %DOC_LOCATION% | A relative URL of the file or document accessed by the user | +| SharePoint SharePoint Online | %EVENT_DATA% | - For SharePoint, raw event data - Fore SharePoint Online, additional event data | +| File Servers & NAS Devices | %EVENT_NAME% | Operation type: Read/Create/Update/Delete/Access Rights Change/ Rename/ ``. The same as %OPERATION% | +| SharePoint SharePoint Online | %EVENT_SOURCE% | Originating source of the event (SharePoint or ObjectModel) | +| File Servers & NAS Devices | %EVENT_SOURCE_NAME% | Domain name | +| SharePoint SharePoint Online | %EVENT_TYPE% | Event type | +| File Servers & NAS Devices | %FILE_NAME% | File name | +| File Servers & NAS Devices | %FILE_PATH% | Full path | +| File Servers & NAS Devices | %FILE_SIZE% | Size of File | +| File Servers & NAS Devices | %FILE_TYPE% | File extension | +| SharePoint | %FULL_PATH% | Full Path | +| File Servers & NAS Devices SharePoint SharePoint Online | %HOST% | Hostname of Agent | +| SharePoint Online | %ID% | Unique ID of the audit record | +| File Servers & NAS Devices | %IO_TYPE% | Type of I/O: Filesystem/VSS | +| SharePoint | %ITEM_ID% | Item ID | +| SharePoint SharePoint Online | %ITEM_TITLE% | Item title | +| SharePoint SharePoint Online | %ITEM_TYPE% | Item type (File, Folder, Web, Site, Tenant, DocumentLibrary, Page) | +| SharePoint Online | %LIST_ID% | ID of the List | +| SharePoint Online | %LIST_ITEM_ID% | ID of the List Item | +| SharePoint Online | %LIST_NAME% | Name of the List | +| SharePoint Online | %LIST_URL% | URL of the List | +| SharePoint | %LOCATION_TYPE% | Location type of the SharePoint document location | +| SharePoint Online | %MACHINE_DOMAIN_INFO% | Information about device sync operation | +| SharePoint Online | %MACHINE_ID% | Information about device sync operation | +| SharePoint Online | %NEW_DOC_LOCATION% | A relative URL to which the object is copied or moved | +| File Servers & NAS Devices | %NEW_FILE_NAME% | Rename event only: New file name | +| File Servers & NAS Devices | %NEW_FILE_PATH% | Rename event only: New full path | +| File Servers & NAS Devices | %NEW_FILE_TYPE% | New File Extension | +| File Servers & NAS Devices | %OBJECT_TYPE% | Object type: FILE/FOLD/UNK | +| File Servers & NAS Devices | %OLD_ATTRIBUTE_VALUE% | Rename only: Old file path | +| File Servers & NAS Devices | %OPERATION% | Operation type: Read/Create/Update/Delete/Access Rights Change/Rename/Unknown | +| SharePoint Online | %ORGANIZATION_ID% | Organization tenant ID | +| File Servers & NAS Devices | %ORIGINATING_CLIENT% | IP Address of originating client or process name | +| File Servers & NAS Devices | %ORIGINATING_CLIENT_HOST% | Hostname of originating client | +| File Servers & NAS Devices | %ORIGINATING_SERVER% | Hostname of monitored host | +| File Servers & NAS Devices | %ORIGINTAING_SERVER_IP% | IP Address of monitored host | +| SharePoint | %PARAM% | Parameters that come with the event | +| SharePoint | %PATH% | Truncated path | +| File Servers & NAS Devices | %PERMISSIONS_SDDL_DESCRIPTION% | Windows events only: Permission change details in readable format | +| File Servers & NAS Devices | %PERMISSIONS_SDDL_DIFF% | Windows events only: Permission change details in SDDL format, '`` ``' | +| File Servers & NAS Devices | %PERPETRATOR% | User name | +| File Servers & NAS Devices SharePoint SharePoint Online | %PRODUCT% | Fixed string: Activity Monitor | +| File Servers & NAS Devices SharePoint SharePoint Online | %PRODUCT_VERSION% | Product Version | +| File Servers & NAS Devices SharePoint SharePoint Online | %PROTOCOL% | Protocol type: CIFS/NFS/VSS/FTP/HDFS/HTTP/HTTPS/Unknown | +| File Servers & NAS Devices | %PROTOCOL_VERSION% | NetApp Data ONTAP Cluster-Mode device events only: Protocol Version | +| File Servers & NAS Devices | %RENAMEUNCPATH% | Rename events only: New UNC path / New NFS export path | +| SharePoint Online | %RESULT_STATUS% | Succeeded, PartiallySucceeded, Failed, True, or False | +| SharePoint Online | %SCOPE% | online or onprem | +| SharePoint Online | %SHARING_ID% | Unique ID of the sharing operation | +| SharePoint SharePoint Online | %SITE_ID% | ID of the Site | +| SharePoint Online | %SITE_NAME% | Name of the Site | +| SharePoint SharePoint Online | %SITE_URL% | URL of the Site | +| SharePoint Online | %SOURCE% | Source (SharePoint, SharePointFileOperation, …) | +| SharePoint Online | %SOURCE_FILE_EXT% | File extension | +| SharePoint Online | %SOURCE_FILENAME% | File or folder name | +| SharePoint | %SOURCE_NAME% | Source Name | +| SharePoint Online | %SOURCE_RELATIVE_PATH% | URL of the folder that contains the file accessed by the user | +| File Servers & NAS Devices SharePoint SharePoint Online | %SUCCESS% | True if the operation was allowed, False otherwise | +| File Servers & NAS Devices SharePoint SharePoint Online | %SYSLOG_DATE% | Timestamp of event (server time, Syslog format: MMM dd HH:mm:ss) | +| File Servers & NAS Devices | %TAGS% | Operation Tags. Reports 'Copy' for events that are probable copies | +| SharePoint Online | %TARGET_NAME% | UPN or name of the target user or group that a resource was shared with | +| SharePoint Online | %TARGET_TYPE% | Type of target user or group that a resource was shared with (Member, Guest, Group, or Partner) | +| File Servers & NAS Devices SharePoint SharePoint Online | %TIME_STAMP% | Timestamp of event (server time, format: yyyy-MM-dd HH:mm:ss.zzz) | +| SharePoint Online | %TIME_STAMP_OFFSET% | Timestamp of event with timezone offset (server time, format: yyyy-MM-ddTHH:mm:ss.zz+HH:mm) | +| File Servers & NAS Devices SharePoint SharePoint Online | %TIME_STAMP_UTC% | Timestamp of event (UTC, format: yyyy-MM-dd HH:mm:ss.zzz) | +| SharePoint Online | %TIME_STAMP_Z% | Timestamp of event (UTC, format: yyyy-MM-ddTHH:mm:ss.zzZ) | +| File Servers & NAS Devices | %UNCPATH% | UNC path / NFS export path | +| SharePoint Online | %UPDATE_TYPE% | Added, Removed, or Updated | +| SharePoint Online | %USER_AGENT% | User client or browser | +| SharePoint SharePoint Online | %USER_ID% | - For SharePoint, ID of the SharePoint user - For SharePoint Online, UPN of the user who performed the operation | +| SharePoint SharePoint Online | %USER_LOGIN% | - For SharePoint, SharePoint User Login / Encoded Claim - For SharePoint Online, An alternative ID of the user. "DlpAgent" for DLP events. | +| SharePoint SharePoint Online | %USER_NAME% | SharePoint user name | +| File Servers & NAS Devices SharePoint | %USER_SID% | User SID or UID | +| SharePoint Online | %USER_TYPE% | Type of the user performed the operation | +| SharePoint Online | %VERSION% | New version of the document/version of deleted document | +| SharePoint | %WEB_APPLICATION_NAME% | Title of the SharePoint Web Application | +| SharePoint SharePoint Online | %WEB_TITLE% | Title of the Site Collection | +| SharePoint Online | %WORKLOAD% | Office 356 service where the activity occurred | diff --git a/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md b/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md new file mode 100644 index 0000000000..49e9be7f76 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/syslog/syslog.md @@ -0,0 +1,203 @@ +--- +title: "Syslog Tab" +description: "Syslog Tab" +sidebar_position: 100 +--- + +# Syslog Tab + +The Syslog tab on an output Properties window is where the SIEM integration settings can be +modified. These settings are initially configured when the output is added. For a monitored hosts/services +output, this tab can also be used for integration with Netwrix Threat Manager. + +Select a Syslog output from either the Monitored Domains tab or the Monitored Hosts & Services tab and click +**Edit** to open the output Properties window. The tab varies based on the type of domain/host +selected. + +## For Active Directory Domains + +The tab contains the following settings: + +![syslogactivedirectory](/images/activitymonitor/9.0/admin/outputs/syslogactivedirectory.webp) + +- Syslog server in SERVER:PORT format – Server name of the SIEM server and the communication port + being used between the applications. The format must be SERVER:PORT, e.g. newyorksrv20:10000. + + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. + +- Syslog protocol – Identifies which protocol is used for the Event stream. The drop-down menu + includes: UDP, TCP, and TLS. +- Message framing – The TCP and TLS Syslog protocols require Message framing to be set. The + drop-down menu includes: LS (ASCII 10) delimiter, CR (ASCII 13) delimiter, CRLF (ASCII 13, 10) + delimiter, NUL (ASCII 0) delimiter, and Octet Count (RFC 5425). +- Syslog message template – Template that controls what data is sent in the event stream. The + ellipsis (…) button opens the Syslog Message Template window. See the + [Message Template Window](/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md) topic for additional information. +- Enable periodic AD Status Check event reporting – Indicates periodic AD Status Check event + reporting is enabled, which means the agent will send out status messages every five minutes to + verify whether the connection is still active. + +The Test button sends a test message to the Syslog server to check the connection. A green check +mark or red x will indicate whether the test message has been sent or failed to send. Test messages +vary by Syslog protocol: + +- UDP protocol – Sends a test message and does not verify connection +- TCP protocol – Sends test message and verifies connection +- TLS protocol – Sends test message and verifies connection and shows an error if TLS handshake + fails + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Linux Hosts + +The tab contains the following settings: + +![sysloglinux](/images/activitymonitor/9.0/admin/outputs/sysloglinux.webp) + +- Syslog server in SERVER:PORT format – Server name of the SIEM server and the communication port + being used between the applications. The format must be SERVER:PORT, e.g. newyorksrv20:10000. + + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. + - The default port for Netwrix Threat Manager is 10001. + +- Syslog protocol – Identifies which protocol is used for the Event stream. The drop-down menu + includes: UDP, TCP, and TLS. + + - UPD is the only protocol supported for Threat Manager. + +- Message framing – The TCP and TLS Syslog protocols require Message framing to be set. The + drop-down menu includes: LS (ASCII 10) delimiter, CR (ASCII 13) delimiter, CRLF (ASCII 13, 10) + delimiter, NUL (ASCII 0) delimiter, and Octet Count (RFC 5425). +- Syslog message template – Template that controls what data is sent in the event stream. The + ellipsis (…) button opens the Syslog Message Template window. See the + [Message Template Window](/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md) topic for additional information. +- Add C:\ to the beginning of the reported file paths – Indicates a Windows-style drive path (C:\) + is added to the beginning of the NAS file paths in the activity data stream, e.g. + `C:\Folder\file.txt` + +The Test button sends a test message to the Syslog server to check the connection. A green check +mark or red x will indicate whether the test message has been sent or failed to send. Test messages +vary by Syslog protocol: + +- UDP protocol – Sends a test message and does not verify connection +- TCP protocol – Sends test message and verifies connection +- TLS protocol – Sends test message and verifies connection and shows an error if TLS handshake + fails + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Microsoft Entra ID, SharePoint Online, and SQL Server Hosts + +The tab contains the following settings: + +![syslogentraid](/images/activitymonitor/9.0/admin/outputs/syslogentraid.webp) + +- Syslog server in SERVER:PORT format – Server name of the SIEM server and the communication port + being used between the applications. The format must be SERVER:PORT, e.g. newyorksrv20:10000. + + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. + +- Syslog protocol – Identifies which protocol is used for the Event stream. The drop-down menu + includes: UDP, TCP, and TLS. +- Message framing – The TCP and TLS Syslog protocols require Message framing to be set. The + drop-down menu includes: LS (ASCII 10) delimiter, CR (ASCII 13) delimiter, CRLF (ASCII 13, 10) + delimiter, NUL (ASCII 0) delimiter, and Octet Count (RFC 5425). +- Syslog message template – Template that controls what data is sent in the event stream. The + ellipsis (…) button opens the Syslog Message Template window. See the + [Message Template Window](/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md) topic for additional information. + +The Test button sends a test message to the Syslog server to check the connection. A green check +mark or red x will indicate whether the test message has been sent or failed to send. Test messages +vary by Syslog protocol: + +- UDP protocol – Sends a test message and does not verify connection +- TCP protocol – Sends test message and verifies connection +- TLS protocol – Sends test message and verifies connection and shows an error if TLS handshake + fails + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For NAS Device Hosts + +The tab contains the following settings: + +![syslognas](/images/activitymonitor/9.0/admin/outputs/syslognas.webp) + +- Syslog server in SERVER:PORT format – Server name of the SIEM server and the communication port + being used between the applications. The format must be SERVER:PORT, e.g. newyorksrv20:10000. + + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. + - The default port for Netwrix Threat Manager is 10000. + +- Syslog protocol – Identifies which protocol is used for the Event stream. The drop-down menu + includes: UDP, TCP, and TLS. + + - UPD is the only protocol supported for Threat Manager. + +- Message framing – The TCP and TLS Syslog protocols require Message framing to be set. The + drop-down menu includes: LS (ASCII 10) delimiter, CR (ASCII 13) delimiter, CRLF (ASCII 13, 10) + delimiter, NUL (ASCII 0) delimiter, and Octet Count (RFC 5425). +- Syslog message template – Template that controls what data is sent in the event stream. The + ellipsis (…) button opens the Syslog Message Template window. See the + [Message Template Window](/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md) topic for additional information. +- Add C:\ to the beginning of the reported file paths – Indicates a Windows-style drive path (C:\) + is added to the beginning of the NAS file paths in the activity data stream, e.g. + `C:\Folder\file.txt` +- Resolve UNC paths + +The Test button sends a test message to the Syslog server to check the connection. A green check +mark or red x will indicate whether the test message has been sent or failed to send. Test messages +vary by Syslog protocol: + +- UDP protocol – Sends a test message and does not verify connection +- TCP protocol – Sends test message and verifies connection +- TLS protocol – Sends test message and verifies connection and shows an error if TLS handshake + fails + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. + +## For Windows File Server Hosts + +The tab contains the following settings: + +![syslogwindows](/images/activitymonitor/9.0/admin/outputs/syslogwindows.webp) + +- Syslog server in SERVER:PORT format – Server name of the SIEM server and the communication port + being used between the applications. The format must be SERVER:PORT, e.g. newyorksrv20:10000. + + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. + - The default port for Netwrix Threat Manager is 10001. + +- Syslog protocol – Identifies which protocol is used for the Event stream. The drop-down menu + includes: UDP, TCP, and TLS. + + - UPD is the only protocol supported for Threat Manager. + +- Message framing – The TCP and TLS Syslog protocols require Message framing to be set. The + drop-down menu includes: LS (ASCII 10) delimiter, CR (ASCII 13) delimiter, CRLF (ASCII 13, 10) + delimiter, NUL (ASCII 0) delimiter, and Octet Count (RFC 5425). +- Syslog message template – Template that controls what data is sent in the event stream. The + ellipsis (…) button opens the Syslog Message Template window. See the + [Message Template Window](/docs/activitymonitor/9.0/admin/outputs/syslog/messagetemplate.md) topic for additional information. +- Resolve UNC paths + +The Test button sends a test message to the Syslog server to check the connection. A green check +mark or red x will indicate whether the test message has been sent or failed to send. Test messages +vary by Syslog protocol: + +- UDP protocol – Sends a test message and does not verify connection +- TCP protocol – Sends test message and verifies connection +- TLS protocol – Sends test message and verifies connection and shows an error if TLS handshake + fails + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/outputs/threatmanager.md b/docs/activitymonitor/9.0/admin/outputs/threatmanager.md new file mode 100644 index 0000000000..6c8b71842b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/outputs/threatmanager.md @@ -0,0 +1,39 @@ +--- +title: "Threat Manager Tab" +description: "Threat Manager Tab" +sidebar_position: 110 +--- + +# Threat Manager Tab + +The Threat Manager tab on an output Properties window is where the connection between Activity +Monitor and Netwrix Threat Manager can be modified. These settings are initially configured when the +output is added. + +An App Token created by Netwrix Threat Manager is used to authenticate connection between the +applications. See the App Tokens Page topic of the +[Netwrix Threat Manager Documentation](https://helpcenter.netwrix.com/category/stealthdefend) for +additional information. + +Select a Threat Manager output from the Monitored Domains tab and click **Edit** to open the output +Properties window. + +![threatmanager](/images/activitymonitor/9.0/admin/outputs/threatmanager.webp) + +The tab contains the following settings: + +- Server in SERVER:PORT format – Server name of the Netwrix Threat Manager application server and + the communication port being used between the applications. The format must be SERVER:PORT, e.g. + newyorksrv10:10001. + + - The server name can be short name, fully qualified name (FQDN), or IP Address, as long as the + organization’s environment can resolve the name format used. + - The default port for Netwrix Threat Manager is 10001. + +- App Token – App Token generated on the App Tokens page of the Netwrix Threat Manager console. +- Enable periodic AD Status Check event reporting – Indicates periodic AD Status Check event + reporting is enabled, which means the agent will send out status messages every five minutes to + verify whether the connection is still active. + +Click **OK** to commit the modifications. Click **Cancel** to discard the modifications. The output +Properties window closes. diff --git a/docs/activitymonitor/9.0/admin/overview.md b/docs/activitymonitor/9.0/admin/overview.md new file mode 100644 index 0000000000..aee308ac09 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/overview.md @@ -0,0 +1,36 @@ +--- +title: "Administration" +description: "Administration" +sidebar_position: 40 +--- + +# Administration + +The Activity Monitor Console is used to deploy and manage activity agents, configure host +monitoring, and search events within activity log files. + +![Activity Monitor with Navigation tabs identified](/images/activitymonitor/9.0/admin/activitymonitormain.webp) + +There are up to three tabs at the top left of the window: + +- Agents – Deploy activity / AD agents and manage settings. This is the only tab available until an + agent is installed. See the [Agent Information](/docs/activitymonitor/9.0/install/agents/agents.md) topic for additional + information +- Monitored Domains – Configure activity monitoring per host (appears after the first Active + Directory agent is deployed). See the [Monitored Domains Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/overview.md) topic + for additional information. +- Monitored Hosts & Services – Configure activity monitoring per host (appears after first activity agent is + deployed). See the [Monitored Hosts & Services Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/overview.md) +- Search – Magnifying glass icon used to search activity log files (appears after first activity + agent is deployed) + + - See the [Search Feature](/docs/activitymonitor/9.0/admin/search/overview.md) topic for additional information. + +In the Status bar at the bottom of the console is the following information: + +- Version – Version number for the Activity Monitor +- License information – Identifies the organization associated with the license. See the + [Install Application](/docs/activitymonitor/9.0/install/application.md) topic for additional information. +- Trace Level – Creates Trace Logs to provide troubleshooting information. See the + [Trace Logs](/docs/activitymonitor/9.0/troubleshooting/tracelogs.md) topic for additional information. +- Collect Logs – Collects Trace Logs produced by Trace level diff --git a/docs/activitymonitor/9.0/admin/search/_category_.json b/docs/activitymonitor/9.0/admin/search/_category_.json new file mode 100644 index 0000000000..2d95527c49 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Search Feature", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/activedirectory/_category_.json b/docs/activitymonitor/9.0/admin/search/activedirectory/_category_.json new file mode 100644 index 0000000000..0f8206778d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/activedirectory/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Active Directory Search Query", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "activedirectory" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/activedirectory/activedirectory.md b/docs/activitymonitor/9.0/admin/search/activedirectory/activedirectory.md new file mode 100644 index 0000000000..6c9544708d --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/activedirectory/activedirectory.md @@ -0,0 +1,139 @@ +--- +title: "Active Directory Search Query" +description: "Active Directory Search Query" +sidebar_position: 10 +--- + +# Active Directory Search Query + +You can search domain activity that has been monitored and recorded to a File output. When you +select **Active Directory** from the magnifying glass drop-down menu, a New Search tab opens with +the applicable query filters. + +![Search - Active Directory New Search Tab](/images/activitymonitor/9.0/admin/search/query/activedirectorynewsearchtab.webp) + +The filters are separated into the following categories: + +- General +- Object Changes +- LSASS Guardian +- LDAP Queries +- Authentication + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters. You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +When the drop-down menu is in front of a query filter, it is used to show or hide the filter entry +field. Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## General Category + +The General category addresses who, what, where, and when an object, user, host, or domain +controller is affected by the events selected in the other categories. The time frame filter must be +configured for every search query. + +![Active Directory Search - General Filter](/images/activitymonitor/9.0/admin/search/query/generalfilters.webp) + +This section has the following filters: + +- From – Set the date and timestamp for the start of the activity range. The drop-down menu opens a + calendar. +- To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. +- Event Source – Set which query categories will be used. The drop-down menu displays a checkbox + list of categories. +- Event Result – Filter the data for a specific event result: Any, Success, or Failure +- Event Block – Filter the data for a specific event result related to blocking: Any, Allowed, or + Blocked +- Agent Hosts – Filter the data for a specific agent +- Agent Domains – Filter the data for a specific domain +- Affected Object Name – Filter the data for a specific affected object name +- Affected Object Class – Filter the data for a specific affected object class +- User – Filter the data for a specific user, or perpetrator of the event + + - Specify account or group (...) – The ellipsis button beside the User textbox opens the Specify + account or group window. Use this window to resolve the account for the user. See the + [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for + additional information. + +- From Hosts – Filter the data for a specific originating host of the event +- Search Limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. + +## Object Changes Category + +The Object Changes category scopes the query by objects with change activity. + +![Object Changes Filter](/images/activitymonitor/9.0/admin/search/query/objectchangesfilters.webp) + +This section has the following filters: + +- Account Changes – Filter the data by the type of account change: All, Account Locked, Account + Unlocked, Account Disabled, Account Enabled, Password Changed +- Membership Changes – Filter the data by the type of group membership change: All, Group Members + Added, Group Members Removed, Group Members Changed +- Object Changes – Filter the data by the type of group membership change: All, Object Moved, Object + Renamed, Object Added, Object Modified, Object Deleted +- New Object Name – Filter the data for a specific new object name +- Old Object Name – Filter the data for a specific old object name +- Attribute Name – Filter the data for a specific attribute name +- Attribute Value – Filter the data for a specific attribute value + +## LSASS Guardian Category + +The LSASS Guardian category scopes the query by LSASS Guardian activity. + +![LSASS Guardian Filters](/images/activitymonitor/9.0/admin/search/query/lsassguardianfilters.webp) + +This section has the following filters: + +- Process Name – Filter the data for a specific process name +- Process ID – Filter the data for a specific process ID +- Events – Filter the data by the type of event: All, Create Handle, Duplicate Handle + +## LDAP Queries Category + +The LDAP Queries category scopes the query by LDAP query activity. + +![LDAP Queries Filter](/images/activitymonitor/9.0/admin/search/query/ldapqueriesfilters.webp) + +This section has the following filters: + +- Query – Filter the data for a specific LDAP query +- Connection – Filter the data by the type of connection : Any, Secure, Nonsecure + +## Authentication Category + +The Authentication category scopes the query by authentication activity. + +![Authentication Filters](/images/activitymonitor/9.0/admin/search/query/authenticationfilters.webp) + +This section has the following filters: + +- Target Host – Filter the data for a specific host +- Authentication – Filter the data by the type of authentication: All, Kerberos, NTLM +- NTLM Logon Type – Filter the data by the type of NTLM Logon: All, Interactive, Network, Service, + Generic, Transitive Interactive, Transitive Network, Transitive Service +- NTLM Version – Filter the data by the type of NTLM version: Any, V1, V2 +- Encryption – Filter the data for a specific encryption +- SPN – Filter the data for a specific service principal name (SPN) +- Accounts – Filter the data by the type of account: Any, Existing, Nonexistent +- Ticket Type – Filter the data by the type of ticket type: Any, AS, TGS +- Search For – Filter the data by the selected item: Previous passwords usage only, Forged PAC only diff --git a/docs/activitymonitor/9.0/admin/search/activedirectory/activedirectory_1.md b/docs/activitymonitor/9.0/admin/search/activedirectory/activedirectory_1.md new file mode 100644 index 0000000000..429dc0dfc0 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/activedirectory/activedirectory_1.md @@ -0,0 +1,58 @@ +--- +title: "Active Directory Search Results" +description: "Active Directory Search Results" +sidebar_position: 10 +--- + +# Active Directory Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per AD agent. +You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![Active Directory Search Results](/images/activitymonitor/9.0/admin/search/results/activedirectorysearchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Server where the Agent is deployed +- Host – Target host where the event was recorded +- Host Name – Name of the target host +- Host IP – IP address of the target host +- Host MAC – Network adapter identifier +- User – Security principal of the account that triggered the event +- User SID – Security Identifier of the account used in the event +- User Name –  Name for the security principal that triggered the event +- User Class – Active Directory class of the affected object +- Blocked – Indicates the Agent blocked the event from occurring +- Success – Indicates the event completed successfully +- Event Source – Location of Monitored host where event occurred +- Event Type – Indicates the type of event +- Affected Object – Active Directory distinguished name for the affected object +- Affected Object SID – Security Identifier of the object/account affected by the event +- Affected Object Name – Name of the Affected Object +- Protocol – Protocol(s) used for the monitored operation +- Query Filter – LDAP filter used in the operation +- Secured Query – Indicates if LDAP connection is secured or not +- Query Objects – Number of returned objects produced by the LDAP request +- Process Name – Contains process name that is monitored. Currently this is only lsass.exe. +- PID – Process Identifier generated for each active process +- Old Name – Value prior to the monitored change +- New Name – Value after the monitored change +- Authentication Type – Indicates type of authentication event. Possible values: Kerberos, NTLM. +- Target Host – Name of the originating host +- Target IP – IP address of the originating host +- Authentication Protocol – Indicates authentication protocol. Possible values: Unknown, Kerberos, + KerberosTgs, KerberosAs, NTLM, NTLMv1, NTLMMixed, NTLMv2. +- NTLM Logon Type – Indicates type of protocol used to authenticate a connection between client and + server +- Ticket Encryption – Indicates encryption type used in request part of the Kerberos ticket +- PAC – RID for the group that does not have access +- SPN – Detects attempts to obtain a list of Service Principal Name values +- User Exists –  Indicates if user exists +- N2 Password – Indicates if an invalid password matches the user’s password history + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/admin/search/entraid/_category_.json b/docs/activitymonitor/9.0/admin/search/entraid/_category_.json new file mode 100644 index 0000000000..a074277bbf --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/entraid/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Microsoft Entra ID Search Query", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "entraid" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/entraid/entraid.md b/docs/activitymonitor/9.0/admin/search/entraid/entraid.md new file mode 100644 index 0000000000..19147abcbc --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/entraid/entraid.md @@ -0,0 +1,136 @@ +--- +title: "Microsoft Entra ID Search Query" +description: "Microsoft Entra ID Search Query" +sidebar_position: 40 +--- + +# Microsoft Entra ID Search Query + +You can search activity in Microsoft Entra ID (Azure AD) that has been monitored and recorded to a +File output. When you select **Azure AD / Entra ID** from the magnifying glass drop-down menu, a New +Search tab opens with the applicable query filters. + +![Search Query - Entra ID](/images/activitymonitor/9.0/admin/search/query/searchquery.webp) + +The filters are separated into the following categories: + +- General +- User +- Audit Events +- Target Resource +- Sign-in Events +- Location + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters. You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +When the drop-down menu is in front of a query filter, it is used to show or hide the filter entry +field. Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## General Category + +The General category scopes the query by the most common types of filters. The time frame filter +must be configured for every search query. + +![Search Query - General Filter](/images/activitymonitor/9.0/admin/search/query/generalfilters.webp) + +This section has the following filters: + +- From – Set the date and timestamp for the start of the activity range. The drop-down menu opens a + calendar. +- To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. +- Source – Set which query categories will be used. The drop-down menu displays a checkbox list of + categories. +- Event Result – Filter the data for a specific event result: Any, Success, or Failure +- Reason +- Agent Hosts – Filter the data for a specific agent +- Search Limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. + +## User Category + +The User category scopes the query by the user, or perpetrator of the activity. + +![Search Query - User](/images/activitymonitor/9.0/admin/search/query/userfilters.webp) + +This section has the following filters: + +- Name or ID +- IP Address +- Client App or Browser +- Client OS + +## Audit Events Category + +The Audit Events category scopes the query by the event type of the activity. + +![Search Query - Audit Events](/images/activitymonitor/9.0/admin/search/query/auditeventsfilters.webp) + +This section has the following filters: + +- Service – Filter the data by the Microsoft Entra ID service: All, AAD Management UX, Access + Reviews, Account Provisioning, Application Proxy, Authentication Methods, B2C, Conditional Access, + Core Directory, Device Registration Service, Entitlement Management, Hybrid Authentication, + Identity Protection, Invited Users, MIM Service, MyApps, PIM, Self-service Group Management, + Self-service Password Management, Terms of Use +- Category – Filter the data by the category type of activity: All, AdministrativeUnit, + ApplicationManagement, Authentication, Authorization, AuthorizationPolicy, Contact, Device, + DeviceConfiguration, DirectoryManagement, EntitlementManagement, GroupManagement, + IdentityProtection, KerberosDomain, KeyManagement, Label, Other, PermissionGrantPolicy, Policy, + PolicyManagement, ResourceManagement, RoleManagement, UserManagement +- Type – Filter the data by the type of activity: All, Add, Delete, Update, Assign, Unassign +- Operation + +## Target Resource Category + +The Target Resource category scopes the query by the target of the activity. + +![Search Query - Target Resource](/images/activitymonitor/9.0/admin/search/query/targetresourcefilters.webp) + +This section has the following filters: + +- Target +- Property +- Modifications – Filter the data to a specific type of modification: All, No changes, Has attribute + changes + +## Sign-in Events Category + +The Sign-in Events category scopes the query by the sign-in event. + +![Search Query - Sign-in Events](/images/activitymonitor/9.0/admin/search/query/signinevents.webp) + +This section has the following filters: + +- Risk +- Conditional Access + +## Location Category + +The Location category scopes the query by the location of the user. + +![Search Query - Location](/images/activitymonitor/9.0/admin/search/query/locationfilters.webp) + +This section has the following filters: + +- City +- State +- Country diff --git a/docs/activitymonitor/9.0/admin/search/entraid/entraid_1.md b/docs/activitymonitor/9.0/admin/search/entraid/entraid_1.md new file mode 100644 index 0000000000..eca85a7094 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/entraid/entraid_1.md @@ -0,0 +1,52 @@ +--- +title: "Microsoft Entra ID Search Results" +description: "Microsoft Entra ID Search Results" +sidebar_position: 10 +--- + +# Microsoft Entra ID Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per activity +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![Azure Active Directory - Search Results](/images/activitymonitor/9.0/admin/search/results/searchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Agent which monitored the event +- Source – Indicates the source of the activity event +- Result – Indicates whether the event resulted in a Success or Failure +- Result Reason – If an event resulted in a Failure, the reason for it will be listed in the Result + Reason column +- User – Indicates user account associated with the event +- IP Address – Indicates the IP Address associated with the event +- Application – Indicates the Application associated with the event +- Service – Indicates the Service associated with the event +- Category – Indicates the Category associated with the event. Categories returned from search + queries can be configured using the Category filter drop-down. +- Operation - Indicates the Operation associated with the event. Operations returned from search + queries can be configured using the Operation filter drop-down. +- Type – Indicates the Type associated with the event. Types returned from search queries can be + configured using the Type filter drop-down. +- Target(s) – Indicates the Target(s) of the event +- Modified – Indicates modifications associated with the event +- Client App – Indicates the Client App associated with the event +- OS – Indicates the OS associated with the event +- Browser – Indicates the browser associated with the event +- City – Indicates the City associated with the event +- State – Indicates the State associated with the event +- Country – Indicates the Country associated with the event +- Coordinates – Indicates the Coordinates associated with the event +- Interactive – Indicates whether the event was an Interactive event +- Risk – Indicates the level of Risk associated with events +- Conditional Access – Indicates whether Conditional Access was applied to the event +- Conditional Policy – Indicates whether a Conditional Policy was applied to the event +- Details – If applicable, provides additional information associated with the event that is not + provided by the other Results columns + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/admin/search/exchangeonline/_category_.json b/docs/activitymonitor/9.0/admin/search/exchangeonline/_category_.json new file mode 100644 index 0000000000..b1c8e07fad --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/exchangeonline/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Exchange Online Search Query", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "exchangeonline" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/exchangeonline/exchangeonline.md b/docs/activitymonitor/9.0/admin/search/exchangeonline/exchangeonline.md new file mode 100644 index 0000000000..6b380a1d4a --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/exchangeonline/exchangeonline.md @@ -0,0 +1,105 @@ +--- +title: "Exchange Online Search Query" +description: "Exchange Online Search Query" +sidebar_position: 50 +--- + +# Exchange Online Search Query + +You can search Exchange Online activity that has been monitored and recorded to a File output. When +you select **Exchange Online** from the magnifying glass drop-down menu, a New Search tab opens with +the applicable query filters. + +![Exchange Online - Search Quary Bar](/images/activitymonitor/9.0/admin/search/query/searchquerybar.webp) + +The filters are separated into the following categories: + +- General Category +- User Category +- Target Category +- DLP Category + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters.You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +When the drop-down menu is in front of a query filter, it is used to show or hide the filter entry +field. Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## General Category + +The General category scopes the query by the most common types of filters. The time frame filter +must be configured for every search query. + +![Exchange Online - General Category](/images/activitymonitor/9.0/admin/search/query/general.webp) + +This section has the following filters: + +- From – Set the date and timestamp for the start of the activity range. The drop-down menu opens a + calendar. +- To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. +- Source – Filter the data by the source type: All, Admin Audit, Mailbox Access, DLP, Sensitivity + Label, Other + + :::note + Disabling a source that is also a category will hide that category from the query + options. + ::: + + +- Agent Hosts – Filter the data for a specific agent +- Search Limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. + +## User Category + +The User category scopes the query by the user, or perpetrator of the activity. + +![Exchange Online Search - User Filter](/images/activitymonitor/9.0/admin/search/query/user.webp) + +This section has the following filters: + +- Name or UPN – Filter the data by name or User Principal Name (UPN) +- User Type – Filter the data by the type of user: All, Regular, Reserved, Admin, DcAdmin, System, + Application, ServicePrincipal, CustomPolicy, SystemPolicy, Unknown +- IP Address – Filter the data by IP address. +- Client App or Browser – Filter the data by specified client application or browser. + +## Target Category + +The Target category scopes the query by the target of the file. + +![Exchange Online Search - Target Filter](/images/activitymonitor/9.0/admin/search/query/target.webp) + +This section has the following filters: + +- Object +- Mailbox +- Accessed Mail + +## DLP Category + +The DLP category scopes the query by the DLP policy. + +![Exchange Online Search - DLP Filter](/images/activitymonitor/9.0/admin/search/query/dlp.webp) + +This section has the following filters: + +- Policy Name diff --git a/docs/activitymonitor/9.0/admin/search/exchangeonline/exchangeonline_1.md b/docs/activitymonitor/9.0/admin/search/exchangeonline/exchangeonline_1.md new file mode 100644 index 0000000000..f4ad663c59 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/exchangeonline/exchangeonline_1.md @@ -0,0 +1,33 @@ +--- +title: "Exchange Online Search Results" +description: "Exchange Online Search Results" +sidebar_position: 10 +--- + +# Exchange Online Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per activity +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![Exchange Online - Search Results](/images/activitymonitor/9.0/admin/search/results/searchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Agent which monitored the event +- Source – Indicates the source of the activity event +- Operation - Operation associated with event +- User – Indicates user account associated with the event +- User Type - Type of user associated with event +- External – Indicates whether external sharing is associated with the event +- IP Address – Indicates the IP Address associated with the event +- Object - Object associated with event +- Mailbox - The mailbox associated with the event +- Modified - Indicates whether a modification is associated with the event +- DLP Policy - If applicable, indicates the DLP Policy associated with the event + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/admin/search/file/_category_.json b/docs/activitymonitor/9.0/admin/search/file/_category_.json new file mode 100644 index 0000000000..2d6c8a01bf --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/file/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "File Search Query", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "file" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/file/file.md b/docs/activitymonitor/9.0/admin/search/file/file.md new file mode 100644 index 0000000000..c8d1b17e0b --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/file/file.md @@ -0,0 +1,73 @@ +--- +title: "File Search Query" +description: "File Search Query" +sidebar_position: 20 +--- + +# File Search Query + +You can search Windows file server and NAS device activity that has been monitored and recorded to a +File output. When you select **File** from the magnifying glass drop-down menu, a New Search tab +opens with the applicable query filters. + +![Search UI Options Toolbar](/images/activitymonitor/9.0/admin/search/query/searchuitop.webp) + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters. You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## Query Filter Options + +The sections have the following filters: + +- Events time range – The time frame filter must be configured for every search query: + + - From – Set the date and timestamp for the start of the activity range. The drop-down menu + opens a calendar. + - To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. + +- File Path – Filter the data for a specific file path where activity has occurred +- Hosts – Filter the data for a specific target host of the event +- Source – Filter the data for a specific source of the activity: + + - For local Windows activity, filter by a process name like notepad.exe + - For network Windows activity, filter by the IP Address of the user + - For NAS device activity, filter by the IP Address for the NAS device of the user + +- User/Group – Filter the data for a specific user, or perpetrator of the event. You can also filter + by a group. + + - Specify account or group (...) – The ellipsis button beside the User textbox opens the Specify + account or group window. Use this window to resolve the account for the user. See the + [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for + additional information. + +- GID +- Types – Filter the data for a specific event result: All, Success, Fail +- Operations – Filter the data by the type of file operation: Read, Add, Update, Delete, Rename, + Permissions. The Operations checkbox at the top acts as select/deselect all option. +- I/O Type – Filter the data by the type of input/output: Filesystem, Shadow copy (VSS). The I/O + Type checkbox at the top acts as select/deselect all option. +- Object Type – Filter the data by the type of file object: File, Folder, Link, Share. The Object + Types checkbox at the top acts as select/deselect all option. +- Search limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. diff --git a/docs/activitymonitor/9.0/admin/search/file/file_1.md b/docs/activitymonitor/9.0/admin/search/file/file_1.md new file mode 100644 index 0000000000..6e70de1e46 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/file/file_1.md @@ -0,0 +1,78 @@ +--- +title: "File Search Results" +description: "File Search Results" +sidebar_position: 10 +--- + +# File Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per activity +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![File Search Results UI](/images/activitymonitor/9.0/admin/search/results/filesearchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Agent which monitored the event +- Host – Monitored host where the event occurred +- Operation – Type of the activity event which was monitored +- User – User account that performed the activity event +- Object – Type of object the activity event occurred upon: + + - File + - Folder + - Unknown + +- Path – Path where the operation occurred +- New Path – For rename operation events only, the path’s new location/name +- UNC Path – UNC path employed by a remote user to access the share, folder, and/or file +- New UNC Path – For rename operation events only, the UNC path’s new location/name employed by a + remote user +- Source – Indicates the source of the activity event + + - For local Windows activity – Process name (e.g. notepad.exe) + - For network Windows activity – IP Address of the user + - For NAS device activity – IP Address for the NAS device of the user + +- Share Name – Name of share where the activity event occurred. This includes NFS. +- I/O Type – Displays the input/output type +- Protocol – Communication protocol used to access the share, folder, and/or file: + + - CIFS + - NFS + - VSS + - HTTP + +- Protocol Version – Displays the Protocol Version for NetApp Data ONTAP Cluster-Mode device. This + field is empty for all other servers/devices. +- File Size — Displays the file size +- Tags — _(Windows Only)_ Operation tags. Reports 'Copy' for events that are probably copies. +- Group — Displays the Group Name or ID (GID) + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. + +## Permissions Changes + +When the results data grid displays information about permissions changes, additional information is +made available. + +![Search Results with Permissions listed in the Operations Column](/images/activitymonitor/9.0/admin/search/results/filesearchresultspermissionsimage.webp) + +A link displays in the **Operation** column of the results data grid. Click the Permissions Change +link to open the Permissions Change Details window. + +![File Search Results Permissions link popup window](/images/activitymonitor/9.0/admin/search/results/permissionslpopupwindow.webp) + +The window displays details about the changes of the security descriptor with information from the +new line added to a DACL: + +- Change – Type of change which occurred (Added, Removed, etc.) +- Trustee – SAM account name of the affected object +- Type – Type of permission applied (Allow/Deny) +- Access Rights – Rights associated with the type of permission change +- Inheritance – Indicates how the permission change is inherited diff --git a/docs/activitymonitor/9.0/admin/search/linux/_category_.json b/docs/activitymonitor/9.0/admin/search/linux/_category_.json new file mode 100644 index 0000000000..427a7451c6 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/linux/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Linux Search Query", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "linux" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/linux/linux.md b/docs/activitymonitor/9.0/admin/search/linux/linux.md new file mode 100644 index 0000000000..005e362d76 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/linux/linux.md @@ -0,0 +1,66 @@ +--- +title: "Linux Search Query" +description: "Linux Search Query" +sidebar_position: 30 +--- + +# Linux Search Query + +You can search Linux file server and NAS device activity that has been monitored and recorded to a +File output. When you select **Linux** from the magnifying glass drop-down menu, a New Search tab +opens with the applicable query filters. + +![Linux Search Query](/images/activitymonitor/9.0/admin/search/query/linuxsearchquerybar.webp) + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters. You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## Query Filter Options + +The sections have the following filters: + +- Events time range – The time frame filter must be configured for every search query: + + - From – Set the date and timestamp for the start of the activity range. The drop-down menu + opens a calendar. + - To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. + +- File Path – Filter the data for a specific file path where activity has occurred +- Hosts – Filter the data for a specific target host of the event +- Source – Filter the data for a specific source of the activity +- User/Group – Filter the data for a specific user, or perpetrator of the event. You can also filter + by a group. + + - Specify account or group (...) – The ellipsis button beside the User textbox opens the Specify + account or group window. Use this window to resolve the account for the user. See the + [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for + additional information. + +- GID +- Types – Filter the data for a specific event result: All, Success, Fail +- Operations – Filter the data by the type of file operation: Read, Add, Update, Delete, Rename, + Permissions. The Operations checkbox at the top acts as select/deselect all option. +- I/O Type – Filter the data by the type of input/output: Filesystem, Shadow copy (VSS). The I/O + Type checkbox at the top acts as select/deselect all option. +- Object Type – Filter the data by the type of file object: File, Folder, Link, Share. The Object + Types checkbox at the top acts as select/deselect all option. diff --git a/docs/activitymonitor/9.0/admin/search/linux/linux_1.md b/docs/activitymonitor/9.0/admin/search/linux/linux_1.md new file mode 100644 index 0000000000..ac975d3d8a --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/linux/linux_1.md @@ -0,0 +1,43 @@ +--- +title: "Linux Search Results" +description: "Linux Search Results" +sidebar_position: 10 +--- + +# Linux Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per Linux +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![linuxsearchresults](/images/activitymonitor/9.0/admin/search/results/linuxsearchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Agent which monitored the event +- Host – Monitored host where the event occurred +- Operation – Type of the activity event which was monitored +- User – User account that performed the activity event +- Object – Type of object the activity event occurred upon: + + - File + - Folder + - Unknown + +- Path – Path where the operation occurred +- New Path – For rename operation events only, the path’s new location/name +- UNC Path – UNC path employed by a remote user to access the share, folder, and/or file +- New UNC Path – For rename operation events only, the UNC path’s new location/name employed by a + remote user +- Source – Indicates the source of the activity event +- Share Name – Name of share where the activity event occurred. This includes NFS. +- I/O Type – Displays the input/output type +- Protocol — Will be LOCAL for Linux Activity +- Protocol Version — This field is empty for Linux Activity +- GID — Group ID associated with event + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/admin/search/overview.md b/docs/activitymonitor/9.0/admin/search/overview.md new file mode 100644 index 0000000000..f52d47c288 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/overview.md @@ -0,0 +1,99 @@ +--- +title: "Search Feature" +description: "Search Feature" +sidebar_position: 50 +--- + +# Search Feature + +The search feature consolidates and compartmentalizes search results based on events, time, objects, +users, hosts, etc. Search results populate based on which query filters are chosen. Results may then +be sorted, filtered, and/or exported into a CSV file or JSON file, depending on the type data. + +![Search Tab](/images/activitymonitor/9.0/admin/search/searchtab.webp) + +:::note +Search results are pulled from the File output of the monitored host or domain. +::: + + +To open the search feature, click the magnifying glass icon and select from the following options: + +- File – Search for monitored file activity on Windows servers and NAS devices. See the File Search + Query topic for additional information. +- Active Directory – Search for monitored domain activity. See the Active Directory Search Query + topic for additional information. +- Azure AD / Entra ID – Search for monitored tenant activity in Microsoft Entra ID (formerly Azure + AD). See the Microsoft Entra ID Search Query topic for additional information. +- SharePoint – Search for monitored SharePoint activity. See the SharePoint Search Query topic for + additional information. +- SharePoint Online – Search for monitored SharePoint Online activity. See the SharePoint Online + Search Query topic for additional information. +- Exchange Online – Search for monitored Exchange Online activity. See the Exchange Online Search + Query topic for additional information. +- SQL Server – Search for monitored SQL Server activity. See the SQL Server Search Query topic for + additional information. +- Linux – Search for monitored file activity on Linux servers. See the Linux Search Query topic for + additional information. + +Queries that may be useful to an organization include the following: + +- Who accessed a particular folder/file on X day or during Y date range? +- Who renamed a particular folder/file on X day or during Y date range? +- Who deleted a particular folder/file on X day or during Y date range? +- Who created a particular folder/file? +- What did user X do on day Y? +- What did user X do between days Y and Z? +- Administrator activity details? + +Follow the steps to use the search feature. + +**Step 1 –** Click the magnifying glass icon and select the source type. + +**Step 2 –** Set the desired filters and click **Search**. + +**Step 3 –** Filter and Sort the results in the table as desired. + +**Step 4 –** Export the results table if desired. + +## Filter + +The drop-down menu for a column header in the search results data grid provides the option to filter +the search results further. + +![Operations Filter Dropdown Menu](/images/activitymonitor/9.0/admin/search/operationssdropdownfiltermenu.webp) + +Choose between checking/unchecking the desired field values from the list of available values and +typing in the search textbox. The Clear filter option removes all filters from the selected column. +A filter icon appears on the header where filters have been applied. Multiple columns can be +filtered in the search results data grid. + +:::note +The columns that can be filtered will vary depending on what results are. +::: + + +## Sort + +Clicking on any column header in the search results data grid sorts the results alphanumerically for +that column, and an arrow shows next to the column name indicating the sort to be ascending or +descending order. + +![Sort Options](/images/activitymonitor/9.0/admin/search/sort.webp) + +The drop-down menu on the column header has options to Sort A to Z or Sort Z to A for the selected +column. Sorting can only occur for one column at a time. + +:::note +The columns that can be sorted will vary depending on what results are. +::: + + +## Export + +The search results data grid can be exported to a CSV/JSON file. + +![Export Button](/images/activitymonitor/9.0/admin/search/exportbutton.webp) + +Once the search results are configured as desired, click the Export button located at the top left +corner of the window. Set the name and location of the CSV/JSON file. diff --git a/docs/activitymonitor/9.0/admin/search/sharepoint/_category_.json b/docs/activitymonitor/9.0/admin/search/sharepoint/_category_.json new file mode 100644 index 0000000000..0baabb2daa --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sharepoint/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "SharePoint Search Query", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "sharepoint" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/sharepoint/sharepoint.md b/docs/activitymonitor/9.0/admin/search/sharepoint/sharepoint.md new file mode 100644 index 0000000000..e85036f7e4 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sharepoint/sharepoint.md @@ -0,0 +1,162 @@ +--- +title: "SharePoint Search Query" +description: "SharePoint Search Query" +sidebar_position: 60 +--- + +# SharePoint Search Query + +You can search SharePoint activity that has been monitored and recorded to a File output. When you +select **SharePoint** from the magnifying glass drop-down menu, a New Search tab opens with the +applicable query filters. + +![SharePoint New Search Tab](/images/activitymonitor/9.0/admin/search/query/sharepointnewsearchtab.webp) + +The filters are separated into the following categories: + +- General +- Audit +- Move/Delete/Copy/Checkin +- Delete +- Search +- Permissions + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters.You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +When the drop-down menu is in front of a query filter, it is used to show or hide the filter entry +field. Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## General Category + +The General category addresses who, what, where, and when an object, user, host, or domain +controller is affected by the events selected in the other categories. The time frame filter must be +configured for every search query. + +![General Category - SharePoint](/images/activitymonitor/9.0/admin/search/query/generalfilters.webp) + +This section has the following filters: + +- From – Set the date and timestamp for the start of the activity range. The drop-down menu opens a + calendar. +- To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. +- Event Type – Filter the data by the event type: All, CheckOut, CheckIn, View, Delete, Update, + ProfileChange, ChildDelete, SchemaChange, Undelete, Workflow, Copy, Move, AuditMaskChange, Search, + ChildMove, FileFragmentWrite, SecGroupCreate, SecGroupDelete, SecGroupMemberAdd, + SecGroupMemberDel, SecRoleDefCreate, SecRoleDefDelete, SecRoleDefModify, SecRoleDefBreakInherit, + SecRoleBindUpdate, SecRoleBindInherit, SecRoleBindBreakInherit, EventsDeleted, AppPermissionGrant, + AppPermissionDelete, Custom + + :::note + Disabling an event type that is also a category will hide that category from the query + options. + ::: + + +- Item Type – Filter the data by the type of SharePoint item: All, Document, ListItem, List, Folder, + Web, Site +- Protocol – Filter the data by the protocol: Any, HTTP, HTTPS +- Agent Hosts – Filter the data for a specific agent +- Agent Domains – Filter the data for a specific domain +- Item +- Source Name +- Site – Filter the data for a specific SharePoint site +- Document Location +- Web Application – Filter the data for a specific SharePoint web application +- Web Title +- User – Filter the data for a specific user, or perpetrator of the event + + - Specify account or group (...) – The ellipsis button beside the User textbox opens the Specify + account or group window. Use this window to resolve the account for the user. See the + [Specify Account or Group Window](/docs/activitymonitor/9.0/admin/outputs/accountexclusions/specifywindowsaccount.md) topic for + additional information. + +- Search Limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. +- Event Source – Filter the data by the source: Any, SharePoint, ObjectModel +- Location Type – Filter the data by the type of location: Any, Url, ClientLocation + +## Audit Category + +The Audit category scopes the query by audit mask activity. + +![SharePoint Search - Audit filter section](/images/activitymonitor/9.0/admin/search/query/auditmask.webp) + +This section has the following filters: + +- Audit Mask – Filter the data by the audit mask type: All, None, CheckOut, CheckIn, View, Delete, + Update, ProfileChange, ChildDelete, SchemaChange, SecurityChange, Undelete, Workflow, Copy, Move, + Search + +## Move/Delete/Copy/Checkin Category + +The Move/Delete/Copy/Checkin category scopes the query by file move and version activity. + +![SharePoint Search Query - Move/Delete/Copy/Checkin Filters](/images/activitymonitor/9.0/admin/search/query/movedeletecopycheckinfilters.webp) + +This section has the following filters: + +- Child Document Location +- New Child Document Location +- Version + +## Delete Category + +The Delete category scopes the query by type of delete activity. + +![SharePoint Search Query - Delete FIlters](/images/activitymonitor/9.0/admin/search/query/delete.webp) + +This section has the following filters: + +- Delete Type – Filter the data by the type of deletion: Any, MovedToRecycle, DeletedCompletely + +## Search Category + +The Search category scopes the query by search activity. + +![SharePoint Search Query - Search Filters](/images/activitymonitor/9.0/admin/search/query/searchfilters.webp) + +This section has the following filters: + +- Search Query +- Search Constraint + +## Permissions Category + +The Permissions category scopes the query by permission change activity. + +![SharePoint Search Query - Permissions Filters](/images/activitymonitor/9.0/admin/search/query/permissionsfilters.webp) + +This section has the following filters: + +- Group +- Trustee +- Trustee Type – Filter the data by the type of trustee: Any, Group, User +- Role +- Update Type – Filter the data by the type of update: All, Added, Removed, Updated +- Permission – Filter the data by the permission: All, EmptyMask, ViewListItems, AddListItems, + EditListItems, DeleteListItems, CancelCheckout, ManagePersonalViews, ManageLists, + AnonymousSearchAccessList, AnonymousSearchAccessWebLists, Open, ViewFormPages, ViewPages, + AddAndCustomizePages, ApplyThemeAndBorder, ApplyStyleSheets, ViewUsageData, CreateSSCSite, + ManageSubwebs, ManagePermissions, BrowseDirectories, BrowseUserInfo, AddDelPrivateWebParts, + UpdatePersonalWebParts, ManageWeb, FullMask, UseClientIntegration, UseRemoteAPIs, ManageAlerts, + CreateAlerts, EditMyUserInfo, EnumeratePermissions, ApproveItems, OpenItems, ViewVersions, + DeleteVersions, CreateGroups diff --git a/docs/activitymonitor/9.0/admin/search/sharepoint/sharepoint_1.md b/docs/activitymonitor/9.0/admin/search/sharepoint/sharepoint_1.md new file mode 100644 index 0000000000..3a3da6e432 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sharepoint/sharepoint_1.md @@ -0,0 +1,34 @@ +--- +title: "SharePoint Search Results" +description: "SharePoint Search Results" +sidebar_position: 10 +--- + +# SharePoint Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per activity +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![SharePoint Search - Results](/images/activitymonitor/9.0/admin/search/results/sharepointsearchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent Host – Agent used to collect event information +- Event Type – Indicates the type of event +- User – User account that performed the activity event +- User Login – User login associated with the event +- Protocol – Protocol used for the monitored operation +- Absolute URL - Indicates the Absolute URL associated with the event +- Web Application – Indicates the web application associated with the event +- Site URL – Site URL associated with the event +- Web Title - If applicable, indicates the Web Title associated with the event +- Doc Location – If applicable, indicates the location of the document associated with the event +- New Doc Location – If applicable, indicates the new location of the document associated with the + event + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/admin/search/sharepointonline/_category_.json b/docs/activitymonitor/9.0/admin/search/sharepointonline/_category_.json new file mode 100644 index 0000000000..4488e90a1c --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sharepointonline/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "SharePoint Online Search Query", + "position": 70, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "sharepointonline" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/sharepointonline/sharepointonline.md b/docs/activitymonitor/9.0/admin/search/sharepointonline/sharepointonline.md new file mode 100644 index 0000000000..a7d5a28dd0 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sharepointonline/sharepointonline.md @@ -0,0 +1,148 @@ +--- +title: "SharePoint Online Search Query" +description: "SharePoint Online Search Query" +sidebar_position: 70 +--- + +# SharePoint Online Search Query + +You can search SharePoint Online activity that has been monitored and recorded to a File output. +When you select **SharePoint Online** from the magnifying glass drop-down menu, a New Search tab +opens with the applicable query filters. + +![SharePoint Online - Search Quary Bar](/images/activitymonitor/9.0/admin/search/query/sharepointonlinesearchquerybar.webp) + +The filters are separated into the following categories: + +- General +- User +- Location +- Item +- Sharing +- DLP +- Custom + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters. You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +When the drop-down menu is in front of a query filter, it is used to show or hide the filter entry +field. Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## General Category + +The General category scopes the query by the most common types of filters. The time frame filter +must be configured for every search query. + +![SharePoint Online Search - General Filters](/images/activitymonitor/9.0/admin/search/query/generalfilters.webp) + +This section has the following filters: + +- From – Set the date and timestamp for the start of the activity range. The drop-down menu opens a + calendar. +- To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. +- Source – Filter the data by the source type: All, File and Page, Folder, List, Sharing and Access + Request, Site Permissions, Site Administration, Synchronization, DLP, Sensitivity Label, Content + Explorer, Other + + :::note + Disabling a source that is also a category will hide that category from the query + options. + ::: + + +- Workload +- Agent Hosts – Filter the data for a specific agent +- Search Limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. + +## User Category + +The User category scopes the query by the user, or perpetrator of the activity. + +![SharePoint Online Search - User Filter](/images/activitymonitor/9.0/admin/search/query/user.webp) + +This section has the following filters: + +- Name or ID +- Login +- IP Address +- Client App or Browser +- User Type – Filter the data by the type of user: All, Regular, Reserved, Admin, DcAdmin, System, + Application, ServicePrincipal, CustomPolicy, SystemPolicy, Unknown + +## Location Category + +The Location category scopes the query by the location of the file. + +![SharePoint Online Search - Location Filter](/images/activitymonitor/9.0/admin/search/query/location.webp) + +This section has the following filters: + +- URL +- File Name +- File Extension + +## Item Category + +The Item category scopes the query by the item. + +![SharePoint Online Search - Item Filter](/images/activitymonitor/9.0/admin/search/query/item.webp) + +This section has the following filters: + +- Item +- Item Type – Filter the data by the type of item: All, Unknown, File, Folder, Web, Site, Tenant, + DocumentLibrary, Page +- Modifications – Filter the data by the type of item: All, No Changes, Has attribute changes + +## Sharing Category + +The Sharing category scopes the query by the type of sharing. + +![SharePoint Online Search - Sharing Filter](/images/activitymonitor/9.0/admin/search/query/sharing.webp) + +This section has the following filters: + +- Target Account +- Access +- Target Type – Filter the data by the type of target: All, Member, Guest, SharePointGroup, + SecurityGroup, Partner, Unknown + +## DLP Category + +The DLP category scopes the query by the DLP policy. + +![SharePoint Online Search - DLP Filter](/images/activitymonitor/9.0/admin/search/query/dlp.webp) + +This section has the following filters: + +- Policy Name + +## Custom Category + +The Custom category scopes the query by custom event activity. + +![SharePoint Online Search - Custom Filter](/images/activitymonitor/9.0/admin/search/query/custom.webp) + +This section has the following filters: + +- Event Data +- Custom Event diff --git a/docs/activitymonitor/9.0/admin/search/sharepointonline/sharepointonline_1.md b/docs/activitymonitor/9.0/admin/search/sharepointonline/sharepointonline_1.md new file mode 100644 index 0000000000..2463e342de --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sharepointonline/sharepointonline_1.md @@ -0,0 +1,49 @@ +--- +title: "SharePoint Online Search Results" +description: "SharePoint Online Search Results" +sidebar_position: 10 +--- + +# SharePoint Online Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per activity +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![SharePoint Online Search Results](/images/activitymonitor/9.0/admin/search/results/sharepointonlinesearchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Agent which monitored the event +- Source – Indicates the source of the activity event +- Operation - Operation associated with event +- User – User account that performed the activity event +- User Type - Type of user associated with event +- External – Indicates whether external sharing is associated with the event +- IP Address - IP Address associated with event +- Object Url - Object Url associated with event +- Item Type - The type of the item associated with the event +- Item Title - The title of the item associated with the event +- Modified - Indicates whether a modification is associated with the event +- Site - Site where the event occurred +- List - Indicates which list the event is associated with +- Relative URL - Indicates the Relative URL associated with the event +- File Name - The name of the file associated with the event +- Extension - If applicable, indicates the extension of the file associated with the event +- New Relative URL - If applicable, indicates the new relative URL of the file associated with the + event +- New File Name - If applicable, indicates the new name for the file associated with the event +- New Extension - If applicable, indicates the new extension of the file associated with the event +- Workload - Workload associated with the event +- Access - If applicable, indicates what level of access is associated with the event +- Target Account - If applicable, indicates the recipient of the event +- Target Type - If applicable, indicates the type of account of the recipient of the event +- DLP Policy - If applicable, indicates the DLP Policy associated with the event +- Event Data – Data associated with the event +- Custom Event - If the Custom Event filter was configured in the Query bar, it will appear here + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/admin/search/sqlserver/_category_.json b/docs/activitymonitor/9.0/admin/search/sqlserver/_category_.json new file mode 100644 index 0000000000..5588cda134 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sqlserver/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "SQL Server Search Query", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "sqlserver" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/admin/search/sqlserver/sqlserver.md b/docs/activitymonitor/9.0/admin/search/sqlserver/sqlserver.md new file mode 100644 index 0000000000..11a4680bb2 --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sqlserver/sqlserver.md @@ -0,0 +1,88 @@ +--- +title: "SQL Server Search Query" +description: "SQL Server Search Query" +sidebar_position: 80 +--- + +# SQL Server Search Query + +You can search SQL Server activity that has been monitored and recorded to a File output. When you +select **SQL Server** from the magnifying glass drop-down menu, a New Search tab opens with the +applicable query filters. + +![SQL Server Search Query](/images/activitymonitor/9.0/admin/search/query/sqlsearchquerytoolbar.webp) + +The filters are separated into the following categories: + +- General +- User +- SQL + +By default, the query is set to return all event activity for the past day. Configuring query +filters will scope results returned. + +Set the filters as desired and click **Search**. The application searches through the appropriate +activity log files and returns the events that match the filters. You can +[Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the column +headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +**Filter Value Entry** + +When the drop-down menu is in front of a query filter, it is used to show or hide the filter entry +field. Field options vary based on the selected query filter: + +- Textbox – Enter the filter value. If the field has a drop-down arrow, then you can select from + values known to the application. +- Gray drop-down menu – Provides options to match the value against on of the following, which vary + based on the filter: + + - Selected values – Filters by the value selected from the drop-down menu for the textbox + - Simple string with wildcards – Filters by the value entered into the textbox, which contains + an asterisk (\*) as the wildcard + - Regular expression – Filters by the Regex entered into the textbox + +## General Category + +The General category scopes the query by the most common types of filters. The time frame filter +must be configured for every search query. + +![General Filters](/images/activitymonitor/9.0/admin/search/query/generalfilter.webp) + +This section has the following filters: + +- From – Set the date and timestamp for the start of the activity range. The drop-down menu opens a + calendar. +- To – Set the date and timestamp for the end of the activity range. The drop-down menu opens a + calendar. +- Event Result – Filter the data for a specific event result: Any, Success, or Failure +- Reason +- Agent Hosts – Filter the data for a specific agent +- Search Limit – Set the maximum number of rows returned in the search results. The default is + 10,000 rows. + +## User Category + +The User category scopes the query by the user, or perpetrator of the activity. + +![userfilter](/images/activitymonitor/9.0/admin/search/query/userfilter.webp) + +This section has the following filters: + +- Name or ID +- IP Address + +## SQL Category + +The SQL category scopes the query by SQL Server activity. + +![SQL Filters](/images/activitymonitor/9.0/admin/search/query/sqlfilters.webp) + +This section has the following filters: + +- Server name +- Database +- Operation – Filter the data by the type of Operation: All, Select, Insert, Update, Delete, merge, + Execute, Login, Logout, Grant, Revoke, Deny, Error, AlterRole +- Application +- Object +- SQL Text diff --git a/docs/activitymonitor/9.0/admin/search/sqlserver/sqlserver_1.md b/docs/activitymonitor/9.0/admin/search/sqlserver/sqlserver_1.md new file mode 100644 index 0000000000..810f3b66ff --- /dev/null +++ b/docs/activitymonitor/9.0/admin/search/sqlserver/sqlserver_1.md @@ -0,0 +1,34 @@ +--- +title: "SQL Server Search Results" +description: "SQL Server Search Results" +sidebar_position: 10 +--- + +# SQL Server Search Results + +When a search has been started, the Search Status table at the bottom displays the percentage +complete according to the size and quantity of the activity log files being searched per activity +agent. You can [Filter](/docs/activitymonitor/9.0/admin/search/overview.md#filter) and [Sort](/docs/activitymonitor/9.0/admin/search/overview.md#sort) the results using the +column headers. Below the Search button is the [Export](/docs/activitymonitor/9.0/admin/search/overview.md#export) option. + +![SQL Server Search Results](/images/activitymonitor/9.0/admin/search/results/sqlsearchresults.webp) + +The results data grid columns display the following information for each event: + +- Event Time – Date timestamp of the event +- Agent – Agent which monitored the event +- Result – Indicates whether the event type was a success +- User – User account that performed the activity event +- IP Address – IP Address of the client host associated with the event +- Client Host – Name of the client host associated with the event +- Application Name – Name of the application associated with the event +- Operation – The type of operation associated with the event +- Database – The type of database associated with the event +- SQL – The SQL Server Query text associated with the event +- Error – Indicates SQL Server Error Code associated with the event +- Message – Description of the error associated with the event +- Category – Category of the error associated with the event + +At the bottom of the search interface, additional information is displayed for selected events in +the data grid. The Attribute Name, Operation, Old Value, and New Value for the logged event (as +applicable to the event) are displayed. diff --git a/docs/activitymonitor/9.0/gettingstarted.md b/docs/activitymonitor/9.0/gettingstarted.md new file mode 100644 index 0000000000..6ee993a1ee --- /dev/null +++ b/docs/activitymonitor/9.0/gettingstarted.md @@ -0,0 +1,57 @@ +--- +title: "Getting Started" +description: "Getting Started" +sidebar_position: 10 +--- + +# Getting Started + +Once Netwrix Activity Monitor is installed, the following workflow enables organizations to quickly +and easily get started with activity monitoring. + +## Requirements + +The Activity Monitor console needs to be installed on a server or workstation. After that agents are deployed to +the target environment and configured to monitor activity. It is necessary to prepare the target +environment and configure the credentials used by the agents. Each supported environment has +different requirements. See the following topics for additional information: + +- Console machine [Requirements ](/docs/activitymonitor/9.0/requirements/overview.md) +- [Activity Agent Server Requirements](/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md) for monitoring: + + - Windows File servers + - NAS devices + - Microsoft Entra ID + - SharePoint On-Premise + - SharePoint Online + - Exchange Online + - SQL Servers + +- [AD Agent Server Requirements](/docs/activitymonitor/9.0/requirements/adagent/adagent.md) for monitoring Active Directory +- [Linux Agent Server Requirements](/docs/activitymonitor/9.0/requirements/linuxagent.md) for monitoring Linux file servers + +## Install & Deploy Agents + +Once the prerequisites are accomplished, you are ready to install the application and deploy agents. +See the following topics for additional information: + +- [Install Application](/docs/activitymonitor/9.0/install/application.md) +- [Agent Information](/docs/activitymonitor/9.0/install/agents/agents.md) +- [Import License Key](/docs/activitymonitor/9.0/install/importlicensekey.md) + +## Configure Monitoring + +After the agents have been deployed, you can configure the monitoring of the target environment. For +Windows File Servers, this can be done at the same time as the agent is deployed, but for all other +target environments it is done after the agent is deployed. You will configure what will be +monitored as well as where the collected data will go (outputs). See the following topics for +additional information: + +- [Monitored Domains Tab](/docs/activitymonitor/9.0/admin/monitoreddomains/overview.md) for Active Directory monitoring +- [Monitored Hosts & Services Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/overview.md) for all other target environments. + +## Search Activity Event Data + +You can query the activity logs created by the activity agents from within the console. Using the +search feature, set filters for the query to view monitored events. See the +[Search Feature](/docs/activitymonitor/9.0/admin/search/overview.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/index.md b/docs/activitymonitor/9.0/index.md new file mode 100644 index 0000000000..d7a1550fc2 --- /dev/null +++ b/docs/activitymonitor/9.0/index.md @@ -0,0 +1,15 @@ +--- +title: "Netwrix Activity Monitor v9.0 Documentation" +description: "Netwrix Activity Monitor v9.0 Documentation" +sidebar_position: 1 +--- + +# Netwrix Activity Monitor v9.0 Documentation + +The Netwrix Activity Monitor deploys agents to target environments to provide real-time monitoring +of activity. It can be configured to provide the event data to other Netwrix products for reporting +and alerting purposes. The Activity Monitor also provides operational efficiencies and visibility +into a wide spectrum of human and machine data interactions with a standardized format that is used +to gain deeper visibility into activity associated with the access, use, and modification of data. + +See the [Getting Started](/docs/activitymonitor/9.0/gettingstarted.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/install/_category_.json b/docs/activitymonitor/9.0/install/_category_.json new file mode 100644 index 0000000000..f87e537fff --- /dev/null +++ b/docs/activitymonitor/9.0/install/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Installation", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/install/agents/_category_.json b/docs/activitymonitor/9.0/install/agents/_category_.json new file mode 100644 index 0000000000..89391c7ce3 --- /dev/null +++ b/docs/activitymonitor/9.0/install/agents/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Agent Information", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "agents" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/install/agents/agents.md b/docs/activitymonitor/9.0/install/agents/agents.md new file mode 100644 index 0000000000..7dbf19d9a9 --- /dev/null +++ b/docs/activitymonitor/9.0/install/agents/agents.md @@ -0,0 +1,81 @@ +--- +title: "Agent Information" +description: "Agent Information" +sidebar_position: 20 +--- + +# Agent Information + +Activity Monitor agents perform real-time monitoring of events occurring across supported systems and applications. + +A typical deployment consists of multiple agents, each monitoring either the system where it is installed or remote systems, +including in scale-out and fault-tolerant configurations. + +There are two deployment modes: + +1. **The agent monitors the server it is installed on** + +The agent must be deployed on the target system for the following event sources: + +|Event source|Additional requirements| +|------------|-----------------------| +|Windows File Server| | +|Linux File Server| | +|Active Directory domain controllers| The agent must be installed on all domain controllers of the monitored domain.| +|SharePoint On-Premise|The agent must be deployed to the server that hosts the _Central Administration_ component of the SharePoint farm.| + + +2. **The agent monitors remote hosts or services** + +In this mode, the agent is installed on a Windows Server and configured to monitor the following event sources: + +|Event source|Additional requirements| +|------------|-----------------------| +|**File Systems**|| +|Azure Files|| +|CTERA|| +|Dell VNX/Celerra|Dell Common Event Enabler| +|Dell Isilon/PowerScale|Dell Common Event Enabler| +|Dell Unity|Dell Common Event Enabler| +|Dell PowerStore|Dell Common Event Enabler| +|Hitachi NAS|| +|Nasuni|| +|NetApp|| +|NetApp 7-mode|| +|Nutanix Files|| +|Panzura|| +|Qumulo|| +|**Identity & Access Management**|| +|Microsoft Entra ID|| +|**Communication & Messaging**|| +|Exchange Online|| +|SharePoint Online|| +|**Database Operations**|| +|Microsoft SQL Server|| + + +:::info +For file storage, the agent's server should be located close to the monitored NAS device on the network to reduce latency. +::: + +:::info +For Dell devices, the **Dell Common Event Enabler (CEE)** must be installed on the same server as the agent (recommended) or +on another Windows or Linux server. If installed remotely, the CEE must be configured manually to forward activity to the agent. +::: + +To perform centralized agent maintenance from the application console server, WMI must be enabled on the Windows server where the agent is installed. + +You will need the following information to deploy agents from the Console: + +- Server name – Name or an IP Address of the server +- Credentials + - Windows: Account must be a member of the BUILTIN\Administrators group on the target server + - Linux: Account must have permissions to deploy the agent over SSH on the target server + +See the [Agents Tab](/docs/activitymonitor/9.0/admin/agents/overview.md) topic for additional information on how to deploy agents using the Console. + +The Activity Monitor Agent may also be deployed manually. Use one of the following to manually install an agent: + +- [Manually Install the Windows Agent](/docs/activitymonitor/9.0/install/agents/manual.md) +- [Manually Install the Linux Agent](/docs/activitymonitor/9.0/install/agents/manuallinux.md) +- [Manually Install the Agent for Active Directory](/docs/activitymonitor/9.0/install/agents/manualad.md) diff --git a/docs/activitymonitor/9.0/install/agents/manual.md b/docs/activitymonitor/9.0/install/agents/manual.md new file mode 100644 index 0000000000..b92e65324f --- /dev/null +++ b/docs/activitymonitor/9.0/install/agents/manual.md @@ -0,0 +1,169 @@ +--- +title: "Manually Install the Activity Agent" +description: "Manually Install the Activity Agent" +sidebar_position: 10 +--- + +# Manually Install the Activity Agent + +The Netwrix Activity Monitor Agent can be deployed via the console or manually. + +Follow the steps to manually install the agent. + +**Step 1 –** Navigate to the Activity Monitor Console installation path and locate the agent +installation package. The default location is: + +`C:\Program Files\Netwrix\Activity Monitor\Console\Agents\x64\SBFileMonAgent.msi` + +**Step 2 –** Copy the Activity Monitor agent installation package to the target server. + +**Step 3 –** Click the Activity Monitor agent installation package and the Wizard opens. + +![Activity Monitor Agent Setup Wizard - Welcome Page](/images/activitymonitor/9.0/install/agent/welcome_1.webp) + +**Step 4 –** On the welcome page click **Next**. + +![End-User License Agreement Page](/images/activitymonitor/9.0/install/agent/eula.webp) + +**Step 5 –** On the End-User License Agreement page, select the **I accept the terms in the License +Agreement** option and click **Next**. + +![Destination Folder Page](/images/activitymonitor/9.0/install/agent/destinationfolder_1.webp) + +**Step 6 –** (Optional) On the Destination Folder page, click **Change** to change the installation +directory location. + +![Change Destination Folder Page](/images/activitymonitor/9.0/install/agent/changedestination.webp) + +**Step 7 –** Click **OK** on the Change destination folder page to return to the Destination folder +page. Click **Next**. + +![Ready to install Netwrix Activity Monitor Agent 64-bit Page](/images/activitymonitor/9.0/install/agent/readyinstall.webp) + +**Step 8 –** On the Ready to install page, click **Install**. The installation process begins. The +Setup wizard displays the installation status. + +![Completion Page](/images/activitymonitor/9.0/install/agent/complete.webp) + +**Step 9 –** When installation is complete, click Finish. + +## (Optional) Command Line Installation + +If needed, the following command line options can be used with extra logging and install options. +The Activity Monitor Agent command line has the following parameters: + +- `AGENT_PORT` + + - To specify Activity Monitor Agent port. + - Default value: `4498` + - Example: `AGENT_PORT=1234` + +- `AGENTINSTALLLOCATION` + + - To specify the Activity Monitor Agent installation path. + - Default value: `C:\Program Files\Netwrix\Activity Monitor\Agent` + - Example: `AGENTINSTALLLOCATION="D:\AMAgent"` + +- `MANAGEMENT_GROUP` + + - To specify the Activity Monitor Agent Management Group (This allows user to limit users in the + specified group to manage agents, but does not allow users in specified group to install, + upgrade, or uninstall agents). + - Default value: `BUILTIN\Administrators` + - Example: `MANAGEMENT_GROUP=CORP\ActivityMonitorGroup` + +- `/l*v` + + - To include verbose install logging. + - Example: `/l*v "C:\amagent.log"` + + :::note + If installation fails, locate the log file, and search for "Return value 3". The lines + above "Return value 3" should contain information on what caused the installation to fail. + ::: + + +- `/qn` + + - To install the agent in quiet / Unattended Mode (without UI) + +Example: + +``` +msiexec.exe /i C:\SBFileMonAgent.msi AGENT_PORT=1234 AGENTINSTALLLOCATION="D:\AMAgent" MANAGEMENT_GROUP=CORP\ActivityMonitorGroup /l*v c:\amagent.log /qn +``` + +## Add the Activity Agent to the Console + +Before deploying the Activity Monitor agent, ensure all +[Activity Agent Server Requirements](/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md) have been met, including +those for NAS devices when applicable. + +:::note +These steps are specific to deploying activity agents for monitoring file systems, +SharePoint, SQL Server, Azure and Office 365 environments. See the +[Active Directory Agent Deployment](/docs/activitymonitor/9.0/admin/agents/activedirectory.md) section for +instruction on deploying the AD agent. See the +[Linux Agent Deployment](/docs/activitymonitor/9.0/admin/agents/linux.md) topic for instructions on deploying agents +to Linux servers. +::: + + +Follow the steps to deploy the activity agent to a single Windows server. + +**Step 1 –** Open the Activity Monitor Console. + +**Step 2 –** On the Agents tab, click **Add Agent**. The Add New Agent(s) window opens. + +![Install New Agent Page](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 3 –** Specify the server name where the agent will be deployed. To add multiple server names, +see the [Multiple Activity Agents Deployment](/docs/activitymonitor/9.0/admin/agents/multiple.md) topic for +additional information. Click **Next**. + +![Agent Port Configuration](/images/activitymonitor/9.0/install/agent/portdefault.webp) + +**Step 4 –** Specify the port to be used for the agent. Click **Next**. + +![Credentials to connect to servers](/images/activitymonitor/9.0/install/agent/credentials.webp) + +**Step 5 –** On the Credentials to Connect to the Server(s) page, specify the credentials for the +server to which the agent is deployed. See the +[Single Activity Agent Deployment](/docs/activitymonitor/9.0/admin/agents/single.md) topic for additional +information on credential options. Click **Connect**. + +:::note +When clicking **Connect** while adding the Agent to the Console, the connection may fail. +When clicking Connect, the Activity Monitor verifies not only its ability to manage the agent but +the console's ability to deploy the agent as well. Errors can be ignored if the agent was manually +installed. +::: + + +**Step 6 –** Regardless of the warning messages that the agent cannot be installed or upgraded, +click **Next**. The console will automatically detect the agent as it is already installed. + +![Agent Install Location](/images/activitymonitor/9.0/install/agent/installlocation.webp) + +**Step 7 –** Specify the path of the Activity Monitor Agent, that has already been installed. Click +**Next**. + +![Windows Agent Settings](/images/activitymonitor/9.0/install/agent/windowsagent.webp) + +**Step 8 –** Specify the Activity Monitor Agent Management Group (if desired). Click Finish. + +:::note +The Activity Monitor Agent Management Group allows users in the specified group to manage +agents, but does not allow users in specified group to install, upgrade, or uninstall agents. +::: + + +The Agent is now added to the Activity Monitor. + +During the installation process of the agent, the status will display Installing. If there are any +errors, the Activity Monitor stops the installation and lists the errors in the Agent messages box. + +![Activity Monitor Agent Installed](/images/activitymonitor/9.0/install/agent/consolewithagent.webp) + +When the Activity Monitor agent installation is complete, the status changes to **Installed** and +the activity agent version populates. The next step is to add hosts to be monitored. diff --git a/docs/activitymonitor/9.0/install/agents/manualad.md b/docs/activitymonitor/9.0/install/agents/manualad.md new file mode 100644 index 0000000000..08a8f87329 --- /dev/null +++ b/docs/activitymonitor/9.0/install/agents/manualad.md @@ -0,0 +1,166 @@ +--- +title: "Manually Install the AD Module" +description: "Manually Install the AD Module" +sidebar_position: 30 +--- + +# Manually Install the AD Module + +The AD Module, powered by Threat Prevention, can only be installed on domain controllers. + +Follow the steps to manually deploy the AD Module. + +**Step 1 –** From the Activity Monitor Console machine, copy the AD Agent executable ( +`%ProgramFiles%\Netwrix\Activity Monitor\Console\Agents\SI Agent.exe`) to the domain controller where +you want to install the Agent. Then run the executable. The Netwrix Threat Prevention Windows Agent +Setup wizard opens. + +![Threat Prevention Windows Agent Setup wizard on the Welcome page](/images/activitymonitor/9.0/install/agent/welcome_1.webp) + +**Step 2 –** On the Welcome page, click **Install**. The Setup Progress page is displayed, followed +by another Welcome page. + +![Threat Prevention Windows Agent - Welcome Page](/images/activitymonitor/9.0/install/agent/welcome.webp) + +**Step 3 –** Click **Next**. + +![End-User License Agreement Page](/images/activitymonitor/9.0/install/agent/license.webp) + +**Step 4 –** On the End-User License Agreement page, check the **I accept the terms in the License +Agreement** box and click **Next**. + +![Destination Folder Page](/images/activitymonitor/9.0/install/agent/destinationfolder_1.webp) + +**Step 5 –** _(Optional)_ On the Destination Folder page, change the installation directory +location. + +- To change the default installation directory location, click **Change…**. + +![Change Destination Folder Page](/images/activitymonitor/9.0/install/agent/changedestination.webp) + +> > - Use the Look In field to select the desired installation folder. +> > - When the Folder name is as desired, click **OK**. The wizard returns to the Destination Folder +> > page. +> > - Click **Next**. + +> To use the default installation directory location, skip the previous step and click **Next** on +> the Destination Folder page. + +![CA Certificate Configiration Page](/images/activitymonitor/9.0/install/agent/cacertconfig.webp) + +**Step 6 –** Keep the default radio button selection, Managed by Threat Prevention. + +:::note +The CA Certificate Configuration page is not applicable to the Activity Monitor. +::: + + +![Enterprise Manager Location Information Page](/images/activitymonitor/9.0/install/agent/enterprisemanageram.webp) + +**Step 7 –** On the Enterprise Manager Location Information page, select the **Option** button for a +product to enable communication with it. + +- Select the **SAM configuration file** radio button. +- In the **Address or Path** field, enter the path to the activity agent configuration file for this + host. Remember, the Activity Monitor activity agent must already be deployed on the domain + controller and enabled before installing the AD Agent. The default path is: + `%ProgramFiles%\Netwrix\Netwrix Threat Prevention\SIWindowsAgent\SAMConfig.xml` +- The port configuration only applies to the Enterprise Manager Host option. +- Configure additional Agent options as desired: + + - Safe Mode + + - The Safe Mode option prevents the **Windows AD Events** monitoring module from loading if + the LSASS DLL versions has been modified since the last time the Threat Prevention Windows + Agent service was started. + + - Start Agent Service + + - The **Start Agent Service** option starts the Threat Prevention Windows Agent service + after the installation is complete. If the Threat Prevention Windows Agent service is not + started at the time of installation, the Activity Monitor Agent will start as needed. + + - Create Windows Firewall Rules + + - The **Create Windows Firewall Rules** option creates the rules needed to open this port + during the installation process. If using a third party firewall, uncheck this option and + manually create the necessary firewall rules. + +- When the settings are configured, click **Next**. + +![Select Event Sources Page](/images/activitymonitor/9.0/install/agent/eventsourcesad.webp) + +**Step 8 –** On the Select Event Sources page, select **Windows Active Directory Events** as needed +by the Activity Monitor for the Active Directory solution. Click **Next**. + +![Windows Agent Setup wizard on the Ready page](/images/activitymonitor/9.0/install/agent/readytoinstall.webp) + +**Step 9 –** On the Ready to install Threat Prevention Windows Agent page, click **Install**. The +Setup wizard displays the installation status. + +![Windows Agent Setup wizard on the Operation successful page](/images/activitymonitor/9.0/install/agent/success.webp) + +**Step 10 –** When installation is complete, click **Close**. + +The AD Module (NTP Agent) is now installed on the server. + +## Add the AD Agent to the Console + +Follow the steps to add the Activity Monitor Windows Agent (with the AD Module) to the Console: + +**Step 1 –** Open the Activity Monitor Console. + +**Step 2 –** On the Agents tab, click **Add Agent**. The Add New Agent(s) window opens. + +![Install New Agent](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 3 –** Click the **install agents on Active Directory domain controllers** link. + +![Specify Agent Port](/images/activitymonitor/9.0/install/agent/specifyport.webp) + +**Step 4 –** Specify the port for the Activity Monitor Agent. Click **Next**. + +![Agent Install Location](/images/activitymonitor/9.0/install/agent/installlocation.webp) + +**Step 5 –** Specify the path of the Activity Monitor Agent, that has already been installed. Click +**Next**. + +![Active Directory Connection](/images/activitymonitor/9.0/install/agent/adconnection.webp) + +**Step 6 –** On the Active Directory Connection page, specify the credentials for the domain or +domain controller(s) where the agent is installed. Click **Connect** to verify connection to the +domain. Click **Next**. + +![Domains to Monitor](/images/activitymonitor/9.0/install/agent/domains.webp) + +**Step 7 –** Select the domain of the domain controller(s) where the agent is installed. Click +**Next**. + +![Domain Controllers to Deploy Agent](/images/activitymonitor/9.0/install/agent/domaincontroller.webp) + +**Step 8 –** Select the domain controller(s) where the agent is installed. Click **Test**. + +:::note +When clicking Test while adding the Agent to the Console, the connection may fail. When +clicking Test, the Activity Monitor verifies not only its ability to manage the agent but the +console's ability to deploy the agent as well. Errors can be ignored if the agent was manually +installed. +::: + + +**Step 9 –** Ignore the warning messages that the agent cannot be installed or upgraded and click +**Next**. + +![Windows Agent Settings](/images/activitymonitor/9.0/install/agent/windowsagent.webp) + +**Step 10 –** Specify the Activity Monitor Agent Management Group (if desired). Click **Finish**. + +:::note +The Activity Monitor Agent Management Group allows users in the specified group to manage +agents, but does not allow users in specified group to install, upgrade, or uninstall agents. +::: + + +The console will automatically detect the agent as it is already installed. + +The Agent is now added to the Activity Monitor Console. diff --git a/docs/activitymonitor/9.0/install/agents/manuallinux.md b/docs/activitymonitor/9.0/install/agents/manuallinux.md new file mode 100644 index 0000000000..e19547afb1 --- /dev/null +++ b/docs/activitymonitor/9.0/install/agents/manuallinux.md @@ -0,0 +1,128 @@ +--- +title: "Manually Install the Linux Agent" +description: "Manually Install the Linux Agent" +sidebar_position: 20 +--- + +# Manually Install the Linux Agent + +Follow the steps to manually install the agent. + +**Step 1 –** Transfer the rpm package to the Linux server. + +For example, following is a pscp command: + +``` +pscp.exe -P 22 -p -v "C:\Program Files\Netwrix\Activity +Monitor\Console\Agents\activity-monitor-agentd-9.0.0-1421.rhel.x86_64.rpm" +root@123.456.789.123:/tmp/ +``` + +![pscp Command](/images/activitymonitor/9.0/install/agent/screen1.webp) + +**Step 2 –** Install the Activity Monitor Linux Agent RPM Package on the Linux server. + +For example, the following command can be used: + +``` +sudo yum localinstall activity-monitor-agentd-9.0.0-1421.rhel.x86_64.rpm +``` + +![Install Linux Agent RPM Package on the Linux server](/images/activitymonitor/9.0/install/agent/screen2.webp) + +**Step 3 –** Add firewall rules to the Linux server, and restart firewall service. + +:::note +This should be the same port number specified in the Activity Monitor console for the +Linux agent. Default port is 4498. +::: + + +For example, the following commands can be used: + +``` +sudo firewall-cmd --zone=public --add-port=4498/tcp --permanent +sudo systemctl restart firewalld +sudo firewall-cmd --list-all +``` + +**Step 4 –** Generate the Activity Monitor Agent client certificate on Linux server from the +Activity Monitor Agent install directory. + +The following commands can be used: + +``` +cd /usr/bin/activity-monitor-agentd/ +sudo ./activity-monitor-agentd create-client-certificate --name amagent +``` + +![Generate the Activity Monitor Agent Client Certificate](/images/activitymonitor/9.0/install/agent/screen3.webp) + +**Step 5 –** Copy full certificate output from previous command on the Linux server. + +:::note +This will be needed to add the agent to the console. +::: + + +## Add the Linux Agent to the Console + +Before deploying the Activity agent in a Linux environment, ensure all Prerequisites have been met. +To effectively monitor activity on a Linux host, it is necessary to deploy an agent to the host. +Follow the steps to deploy the agent to the Linux host. See the +[Linux Agent Server Requirements](/docs/activitymonitor/9.0/requirements/linuxagent.md) topic for additional +information. + +Follow the steps to add the agent to the console. + +**Step 1 –** Open the Activity Monitor Console. + +**Step 2 –** On the Agents tab, click **Add Agent**. The Add New Agent(s) window opens. + +![Install New Agent](/images/activitymonitor/9.0/install/agent/installnew.webp) + +**Step 3 –** Specify the server name or IP Address that already has the Linux agent installed. To +add multiple server names, see the Multiple Activity Agents Deployment topic for additional +information. Click **Next**. + +![Specify Agent Port](/images/activitymonitor/9.0/install/agent/specifyagentport.webp) + +**Step 4 –** Specify the port to be used for the agent. Click **Next**. + +![Credentials to Connect to Server.](/images/activitymonitor/9.0/install/agent/credentials.webp) + +**Step 5 –** In Activity Monitor console add the Linux agent using the client certificate option, +and paste the full output of the client certificate information (from Step 3 of ‘Manually Installing +Activity Monitor Linux Agent’) into the client certificate field. Click **Connect**. Then click +**Next**. + +:::note +When clicking Connect while adding the Agent to the Console, the connection may fail. When +clicking Connect, the Activity Monitor verifies not only its ability to manage the agent but the +console's ability to deploy the agent as well. Errors can be ignored if the agent was manually +installed. +::: + + +![Linux Agent Options](/images/activitymonitor/9.0/install/agent/linuxagentoptions.webp) + +**Step 6 –** On the Linux Agent Options page, select which user name to use to run the daemon. To +use root, leave the **Service user name** field blank. Click **Test** to test the connection. + +**Step 7 –** Click **Finish**. The Add New Agent(s) window closes, and the activity agent is +deployed to and installed on the target host. + +:::note +The console will automatically detect the agent as it is already installed. +::: + + +The Agent is now added to the Activity Monitor Console. + +**Step 8 –** On the Agents tab of the console, select the newly added agent. Click **Edit** to view +Agent Properties. + +![Server Properties](/images/activitymonitor/9.0/install/agent/properties.webp) + +**Step 9 –** Specify Linux account credentials (to be able to install, upgrade, and uninstall +agent). Click **Test** to verify. Then press **OK** to save changes. diff --git a/docs/activitymonitor/9.0/install/application.md b/docs/activitymonitor/9.0/install/application.md new file mode 100644 index 0000000000..9945ee3371 --- /dev/null +++ b/docs/activitymonitor/9.0/install/application.md @@ -0,0 +1,48 @@ +--- +title: "Install Application" +description: "Install Application" +sidebar_position: 10 +--- + +# Install Application + +Netwrix Activity Monitor comes with a 10-day trial license to start. If an organization's license +key has been acquired already, which should be provided by a Netwrix Representative, the file should +be saved in the same location where the Activity Monitor will be installed. + +Follow the steps to install the Netwrix Activity Monitor Console. + +**Step 1 –** Run the NetwrixActivityMonitorSetup.msi executable to open the Netwrix Activity Monitor +Setup wizard. + +![Activty Monitor Setup Wizard - Welcome Page](/images/activitymonitor/9.0/install/welcome.webp) + +**Step 2 –** On the Activity Monitor Setup Wizard welcome page, click **Next** . + +![End-User License Agreement Page](/images/activitymonitor/9.0/install/eula.webp) + +**Step 3 –** On the End User License Agreement page, check the I accept the terms in the License +Agreement box and click Next. + +![Destination Folder Page](/images/activitymonitor/9.0/install/destinationfolder.webp) + +**Step 4 –** On the Destination Folder page, select a destination folder for Activity Monitor. The +default destination folder is `C:\Program Files\Netwrix\Activity Monitor\Console\`. Click **Next**. + +![Ready to Install Netwrix Activity Monitor Page](/images/activitymonitor/9.0/install/ready.webp) + +**Step 5 –** Click **Install** to begin installation. + + +**Step 6 –** The installer displays a status page during the installation process. Wait for the next +window to appear when the status is complete. + +![Installation Complete Page](/images/activitymonitor/9.0/install/complete.webp) + +**Step 7 –** Once installation is complete, click Finish. + +The setup wizard closes and the Activity Monitor Console opens. + +The Activity Monitor Console installs with a 10-day, 1-host license key. After completing the +installation, see the [Import License Key](/docs/activitymonitor/9.0/install/importlicensekey.md) topic for instructions on importing +an organization’s license key. diff --git a/docs/activitymonitor/9.0/install/importlicensekey.md b/docs/activitymonitor/9.0/install/importlicensekey.md new file mode 100644 index 0000000000..95b19452f0 --- /dev/null +++ b/docs/activitymonitor/9.0/install/importlicensekey.md @@ -0,0 +1,48 @@ +--- +title: "Import License Key" +description: "Import License Key" +sidebar_position: 40 +--- + +# Import License Key + +The Activity Monitor comes with a temporary 10-day license. Uploading a new license key or importing +a Access Analyzer key can be done from the Activity Monitor Console. If the Activity Monitor Console +is installed on a server where Access Analyzer has already been installed, it reads the license +information from the Access Analyzer installation directory. + +Follow the steps to import a license key file. + +![Activity Monitor Installation with Trial License](/images/activitymonitor/9.0/install/triallicense.webp) + +**Step 1 –** Click the `__Licensed to: __` hyperlink in the lower-left corner of the +Console. Alternatively, click the **View License** link in the yellow warning bar at the top. The +License Information window opens. + +![Trial License Information](/images/activitymonitor/9.0/install/triallicenseinfo.webp) + +**Step 2 –** Click Load New License File and navigate to where the key is located. A Windows file +explorer opens. + +![Open Dialog Box to load New License File](/images/activitymonitor/9.0/install/loadlicense.webp) + +**Step 3 –** Select the `.lic` file and click Open. The selected license key is then read. + +![Activity Monitor License Information](/images/activitymonitor/9.0/install/licenseinfo.webp) + +**Step 4 –** In the License Information window, click **Apply** to import the License Key. + +![Activity Monitor with License](/images/activitymonitor/9.0/install/licenseadded.webp) + +**Step 5 –** The organization's license key is now imported into the Activity Monitor. The Console +returns to the Agents tab and is ready to deploy activity agents. + +:::note +License keys are crafted for companies based on their preference for Active Directory, +Microsoft Entra ID (formerly Azure AD), File System, SharePoint, and SharePoint Online monitoring. +Any environment that is omitted from the license has its corresponding features disabled. +::: + + +Once a key has expired, the Console displays an Open License File… option for importing a new key. +Once a new key is loaded, the Console returns to the Agents tab. diff --git a/docs/activitymonitor/9.0/install/overview.md b/docs/activitymonitor/9.0/install/overview.md new file mode 100644 index 0000000000..c3e32b4012 --- /dev/null +++ b/docs/activitymonitor/9.0/install/overview.md @@ -0,0 +1,30 @@ +--- +title: "Installation" +description: "Installation" +sidebar_position: 30 +--- + +# Installation + +This topic describes the console installation and agent deployment the process for Activity Monitor. +Prior to installing the application, ensure that all requirements have been met. See the +[Requirements ](/docs/activitymonitor/9.0/requirements/overview.md) topic for additional information. + +## Software Compatibility & Versions + +For proper integration between the Activity Monitor and other Netwrix products, it is necessary for +the versions to be compatible. + +| Component | Version | +| ----------------------------------------------------- | ------- | +| Netwrix Activity Monitor | 9.0.x | +| Netwrix Access Analyzer | 12.0.x | +| Netwrix Threat Prevention | 7.5.x | +| Netwrix Threat Manager | 3.0.x | + +## Software Download + +Current customers can log in to the Netwrix Customer Portal to download software binaries and +license keys for purchased products. See the +[Customer Portal Access](https://helpcenter.netwrix.com/bundle/NetwrixCustomerPortalAccess/page/Customer_Portal_Access.html) +topic for information on how to register for a Customer Portal account. diff --git a/docs/activitymonitor/9.0/install/upgrade/_category_.json b/docs/activitymonitor/9.0/install/upgrade/_category_.json new file mode 100644 index 0000000000..f79fb801b7 --- /dev/null +++ b/docs/activitymonitor/9.0/install/upgrade/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Upgrade Procedure", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "upgrade" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/install/upgrade/removeagent.md b/docs/activitymonitor/9.0/install/upgrade/removeagent.md new file mode 100644 index 0000000000..29ce1b0320 --- /dev/null +++ b/docs/activitymonitor/9.0/install/upgrade/removeagent.md @@ -0,0 +1,18 @@ +--- +title: "Remove Agents" +description: "Remove Agents" +sidebar_position: 20 +--- + +# Remove Agents + +On the Agents tab of the Activity Monitor Console, the Remove button allows users to remove the +selected activity agent from the Agents list and/or uninstall the activity agent from the hosting +server. + +![Remove Agents Popup Window](/images/activitymonitor/9.0/install/removeagents.webp) + +To only remove the server from the Agents list, click Remove. To also uninstall the activity agent +from the server, click Uninstall and remove. During the uninstall process, the status will be +Uninstalling. If there are any errors, the list of errors appears in the **Agent messages** box. +When the activity agent uninstall is complete, it is removed from the Agents list. diff --git a/docs/activitymonitor/9.0/install/upgrade/updateadagentinstaller.md b/docs/activitymonitor/9.0/install/upgrade/updateadagentinstaller.md new file mode 100644 index 0000000000..7cf2efcca3 --- /dev/null +++ b/docs/activitymonitor/9.0/install/upgrade/updateadagentinstaller.md @@ -0,0 +1,41 @@ +--- +title: "Update AD Module Installer" +description: "Update AD Module Installer" +sidebar_position: 10 +--- + +# Update AD Module Installer + +Netwrix periodically releases updated AD Module installation packages. Typically these updates are +associated with Microsoft KB’s (hotfixes) which alter the LSASS components interfering with AD +Module instrumentation. + +:::note +The **AD Module** is the same component as the **Netwrix Threat Prevention Agent** used in the Netwrix Threat Prevention product. +::: + +Current customers can log in to the Netwrix Customer Portal to download software binaries and +license keys for purchased products. See the +[Customer Portal Access](https://helpcenter.netwrix.com/bundle/NetwrixCustomerPortalAccess/page/Customer_Portal_Access.html) +topic for information on how to register for a Customer Portal account. Navigate to the Netwrix +Threat Prevention Download section for the 7.5. Download the Threat Prevention Agent binary. + +Then follow the steps to update the AD Module installer used by the Activity Monitor Console. + +**Step 1 –** On the Agents tab, select **Update AD Module Installer**. The Select AD Module +installer package (SI Agent.exe) window opens. + +![Update AD Module Installer](/images/activitymonitor/9.0/install/updateagentinstaller.webp) + +**Step 2 –** Navigate to the location of the latest AD Module / Threat Prevention Agent installation package. Select the +installer and click **Open**. + +![Confirmation Window](/images/activitymonitor/9.0/install/updateagentinstallerpopup.webp) + +**Step 3 –** A confirmation window opens displaying the version information for the selected +installer. Click **Yes** to update to this version or **No** to cancel the operation. A confirmation +window opens displaying the version information for the selected installer. Click **Yes** to update +to this version or **No** to cancel the operation. + +The AD Module installer is update. Use the Install button on the Agents tab to upgrade the deployed +agents that are monitoring Active Directory to the new version. diff --git a/docs/activitymonitor/9.0/install/upgrade/upgrade.md b/docs/activitymonitor/9.0/install/upgrade/upgrade.md new file mode 100644 index 0000000000..658176cd99 --- /dev/null +++ b/docs/activitymonitor/9.0/install/upgrade/upgrade.md @@ -0,0 +1,49 @@ +--- +title: "Upgrade Procedure" +description: "Upgrade Procedure" +sidebar_position: 30 +--- + +# Upgrade Procedure + +The purpose of this chapter is to provide the basic steps needed for upgrading Activity Monitor. See +the [Software Compatibility & Versions](/docs/activitymonitor/9.0/install/overview.md) section for information on integration with +other Netwrix products. + +## Considerations + +While it is strongly recommended to match the versions of both the console and the activity agent, +activity agent(s) V8.0+ can be managed by Activity Monitor Console V9.0+. Older versions of activity +agents will be limited in monitoring capability until upgraded. + +The installation and configuration paths for Netwrix Activity Monitor have been updated from +Activity Monitor 7.1. See the +[Netwrix Activity Monitor Paths](/docs/kb/activitymonitor/netwrix_activity_monitor_(nam)_7.0_paths) knowledge base article +for additional information. + +## Activity Monitor Upgrade Procedure + +Follow the steps to upgrade from an older version of Netwrix Activity Monitor to Netwrix Activity Monitor 9.0. + +:::info +Uninstall of the existing Activity Monitor Console is not required. +::: + +**Step 1 –** Install the Activity Monitor 9.0 on the same machine where the older console resides +following the instructions in the [Install Application](/docs/activitymonitor/9.0/install/application.md) section. +Launch the Activity Monitor Console and navigate to the Agents tab. + + +**Step 2 –** Select the activity agent(s) to be upgraded. The Windows Ctrl-select option can be used +to select multiple activity agents. Then click Upgrade. + +:::info +Update the activity agents in batches to ensure continuity of monitoring. +::: + + +The selected activity agents are updated to V9.0. If a Netwrix Threat Prevention Agent is also installed on +the Windows server for monitoring file systems, the Monitored Hosts & Services tab identifies the host as being +“Managed by Threat Prevention”, and that ‘monitored host’ is not editable. However, multiple outputs +can be configured for hosts. Add the Windows host to the Monitored Hosts & Services tab to monitor file system +for outputs to Access Analyzer, Threat Manager, and/or SIEM products. diff --git a/docs/activitymonitor/9.0/requirements/_category_.json b/docs/activitymonitor/9.0/requirements/_category_.json new file mode 100644 index 0000000000..8a00596580 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Requirements", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/_category_.json new file mode 100644 index 0000000000..f16db16af6 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Activity Agent Server Requirements", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "activityagent" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md b/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md new file mode 100644 index 0000000000..9a80e9e829 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md @@ -0,0 +1,233 @@ +--- +title: "Activity Agent Server Requirements" +description: "Activity Agent Server Requirements" +sidebar_position: 10 +--- + +# Activity Agent Server Requirements + +The Activity Agent is installed on Windows servers to monitor Microsoft Entra ID, Network Attached +Storage (NAS) devices, SharePoint farms, SharePoint Online, SQL Server, and Windows file servers. +The server where the agent is deployed can be physical or virtual. The supported operating systems +are: + +- Windows Server 2025 +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 +- Windows Server 2012 R2 + +**RAM, Processor, and Disk Space** + +- RAM – 4 GB minimum +- Processor – x64. 4+ cores recommended; 2 cores minimum +- Disk Space – 1 GB minimum plus additional space needed for activity log files +- Network – a fast low-latency connection to the monitored platforms (file servers, SQL Server), + preferably the same data center + +:::note +Disk usage depends on the monitoring scope, user activity, types of client applications, +and the retention settings. Number of events per user per day may vary from tens to millions. A +single file system event is roughly 300 bytes. +::: + + +Old files are zipped, typical compression ratio is 20. Optionally, old files are moved from the +server to a network share. See the [Archiving Tab](/docs/activitymonitor/9.0/admin/agents/properties/archiving.md) topic +for additional information. + +**Additional Server Requirements** + +The following are additional requirements for the agent server: + +- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article +- WMI enabled on the machine, which is optional but required for centralized Agent maintenance +- Remote Registry Service enabled +- For monitoring Dell devices, Dell CEE (Common Event Enabler) installed + +**Permissions for Installation** + +The following permission is required to install and manage the agent: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +**Activity Agent Ports** + +See the [Activity Agent Ports](/docs/activitymonitor/9.0/requirements/activityagent/activityagentports.md) topic for firewall port requirements. + +## Supported File Storage Platforms + +The Activity Monitor provides the ability to monitor Windows and various NAS file servers. + +:::note +For monitoring NAS devices, the Activity Agent must be deployed to a Windows server that acts as a proxy for monitoring the target environment. +::: + + +**Supported Windows File Servers Platforms** + +The Activity Monitor provides the ability to monitor Windows file servers: + +:::note +To monitor a Windows file server, the Activity Agent must be deployed on the server being monitored. +::: + + +- Windows Server 2025 +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +See the [Windows File Server Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/windowsfs-activity.md) +topic for target environment requirements. + + + +**Azure Files** + + +See [Azure Files Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/azurefiles-activity.md) topic for target +environment requirements. + + + +**CTERA Edge Filter** + +- CTERA Portal 7.5.x+ +- CTERA Edge Filer 7.5.x+ + +See the [CTERA Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ctera-activity.md) topic for target +environment requirements. + +**Dell Celerra® & VNX** + +- Celerra 6.0+ +- VNX 7.1 +- VNX 8.1 + +See the +[Dell Celerra & Dell VNX Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/celerra-vnx-activity.md) +topic for target environment requirements. + +**Dell Isilon/PowerScale** + +- 7.0+ + +See the +[Dell Isilon/PowerScale Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/isilon-activity.md) +topic for target environment requirements. + +**Dell PowerStore®** + +See the [Dell PowerStore Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/powerstore-activity.md) +topic for target environment requirements. + +**Dell Unity** + +See the [Dell Unity Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/unity-activity.md) topic for +target environment requirements. + +**Hitachi** + +- 11.2+ + +See the [Hitachi Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/hitachi-activity.md) topic for target +environment requirements. + +**Nasuni Nasuni Edge Appliances** + +- 8.0+ + +See the [Nasuni Edge Appliance Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nasuni-activity.md) +topic for target environment requirements. + +**NetApp Data ONTAP** + +- Data ONTAP 8.2+ +- 7-Mode Data ONTAP 7.3+ + +See the following topics for target environment requirements: + +- [NetApp Data ONTAP Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/ontap-cluster-activity.md) +- [NetApp Data ONTAP 7-Mode Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/ontap7-activity.md) + +**Nutanix** + +See the [Nutanix Files Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nutanix-activity.md) topic for +target environment requirements. + +**Panzura** + +See the [Panzura CloudFS Monitoring](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/panzura-activity.md) topic for target environment +requirements. + +**Qumulo** + +- Qumulo Core 5.0.0.1B+ + +See the [Qumulo Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/qumulo-activity.md) topic for target +environment requirements. + +## Supported Microsoft Entra ID + +The Activity Monitor provides the ability to monitor Microsoft Entra ID: + +See the [Microsoft Entra ID Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/entraid-activity.md) topic +for target environment requirements. + + +## Supported Exchange Online + +The Activity Monitor provides the ability to monitor Exchange Online: + +See the [Exchange Online Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/exchange-activity.md) +topic for target environment requirements. + + +## Supported SharePoint Online + +The Activity Monitor provides the ability to monitor SharePoint Online: + +See the +[SharePoint Online Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-online-activity.md) topic +for target environment requirements. + +## Supported SharePoint On-Premise Platforms + +The Activity Monitor provides the ability to monitor SharePoint On-Premise farms: + +:::note +For monitoring a SharePoint farm, the Activity Agent must be deployed to the SharePoint +Application server that hosts the "Central Administration" component of the SharePoint farm. +::: + +- SharePoint® Server Subscription Edition +- SharePoint® 2019 +- SharePoint® 2016 +- SharePoint® 2013 + +See the [SharePoint On-Premise Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-onprem-activity.md) +topic for target environment requirements. + + +## Supported SQL Server Platforms + +The Activity Monitor provides the ability to monitor SQL Server: + +:::note +For monitoring SQL Server, it is recommended to install the Activity Agent must be +deployed to a Windows server that acts as a proxy for monitoring the target environment. +::: + + +- SQL Server 2022 +- SQL Server 2019 +- SQL Server 2017 +- SQL Server 2016 + +See the [SQL Server Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/activityagent/sqlserver-activity.md) topic for +target environment requirements. + diff --git a/docs/activitymonitor/9.0/requirements/activityagent/activityagentports.md b/docs/activitymonitor/9.0/requirements/activityagent/activityagentports.md new file mode 100644 index 0000000000..ea3f5e93ba --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/activityagentports.md @@ -0,0 +1,224 @@ +--- +title: "Activity Agent Ports" +description: "Activity Agent Ports" +sidebar_position: 10 +--- + +# Activity Agent Ports + +Firewall settings depend on the type of environment being targeted. The following firewall settings +are required for communication between the Agent server and the Netwrix Activity Monitor Console: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ------------------- | +| Activity Monitor to Agent Server | TCP | 4498 | Agent Communication | + +The Windows firewall rules need to be configured on the Windows server, which require certain +inbound rules be created if the scans are running in applet mode. These scans operate over a default +port range, which cannot be specified via an inbound rule. For more information, see the Microsoft +[Connecting to WMI on a Remote Computer](https://msdn.microsoft.com/en-us/library/windows/desktop/aa389290(v=vs.85).aspx) +article. + +There might be a need for additional ports for the target environment. + +## CTERA Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Agent +and the CTERA Portal. + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------- | -------- | ----- | --------------------- | +| Agent Server to CTERA Portal | HTTPS | 443 | CTERA Portal API | +| CTERA Portal to Agent Server | TCP/TLS | 4488 | CTERA Event Reporting | + +## Dell Celerra & Dell VNX Devices Additional Firewall Rules + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +## Dell Isilon/PowerScale Devices Additional Firewall Rules + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell Isilon/PowerScale device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Isilon/PowerScale to CEE Server | TCP | TCP 12228 | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +## Dell PowerStore Devices Additional Firewall Rules + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +## Dell Unity Devices Additional Firewall Rules + +The following firewall settings are required for communication between the CEE server/ Activity +Monitor Activity Agent server and the target Dell device: + +| Communication Direction | Protocol | Ports | Description | +| ---------------------------------------------------------- | -------- | ----------------- | ----------------- | +| Dell Device CEE Server | TCP | RPC Dynamic Range | CEE Communication | +| CEE Server to Activity Agent Server (when not same server) | TCP | RPC Dynamic Range | CEE Event Data | + +## Exchange Online Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target tenant: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------------------------- | -------- | ----- | -------------------------------------------------- | +| Activity Agent Server to Microsoft Entra ID Tenant | HTTPS | 443 | Entra ID authentication, Graph API, Office 365 API | + +## Microsoft Entra ID Tenant Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target tenant: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------------------------- | -------- | ----- | -------------------------------------------------- | +| Activity Agent Server to Microsoft Entra ID Tenant | HTTPS | 443 | Entra ID authentication, Graph API, Office 365 API | + +## Nasuni Edge Appliance Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Nasuni Edge Appliance: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | ------------- | ----- | ---------------------- | +| Agent Server to Nasuni | HTTPS | 8443 | Nasuni API calls | +| Nasuni to Activity Agent Server | AMQP over TCP | 5671 | Nasuni event reporting | + +## NetApp Data ONTAP 7-Mode Device Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target NetApp Data ONTAP 7-Mode device: + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------- | ---------------- | ------------------------------------ | ----------- | +| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | +| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | +| Activity Agent Server to NetApp | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | +| Activity Agent Server to NetApp | TCP | 445 | SMB | +| Activity Agent Server to NetApp | UDP | 137, 138 | RPC | +| NetApp to Activity Agent Server | TCP | 135, 139 Dynamic Range (49152-65535) | RPC | +| NetApp to Activity Agent Server | TCP | 445 | SMB | +| NetApp to Activity Agent Server | UDP | 137, 138 | RPC | + +\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in +Activity Monitor. + +:::note +If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode +device must be configured manually. Also, the External Engine will not reconnect automatically in +the case of a server reboot or service restart. +::: + + +## NetApp Data ONTAP Cluster-Mode Device Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target NetApp Data ONTAP Cluster-Mode device: + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------- | ---------------- | ----- | -------------- | +| Activity Agent Server to NetApp\* | HTTP (optional) | 80 | ONTAPI | +| Activity Agent Server to NetApp\* | HTTPS (optional) | 443 | ONTAPI | +| NetApp to Activity Agent Server | TCP | 9999 | FPolicy events | + +\*Only required if using the FPolicy Configuration and FPolicy Enable and Connect options in +Activity Monitor. + +:::note +If either HTTP or HTTPS are not enabled, the FPolicy on the NetApp Data ONTAP 7-Mode +device must be configured manually. Also, the External Engine will not reconnect automatically in +the case of a server reboot or service restart. +::: + + +## Nutanix Devices Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Nutanix device: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------- | -------- | ----- | ----------------------- | +| Activity Agent Server to Nutanix | TCP | 9440 | Nutanix API | +| Nutanix to Activity Agent Server | TCP | 4501 | Nutanix Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Nutanix. + +## Panzura Devices Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Panzura device: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------------------ | ------------- | ----- | ----------------------- | +| Activity Agent Server to Panzura | HTTPS | 443 | Panzura API | +| Panzura filers to to Activity Agent Server | AMQP over TCP | 4497 | Panzura Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Panzura. + +## Qumulo Devices Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target Qumulo device: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ----- | ---------------------- | +| Activity Agent Server to Qumulo | TCP | 8000 | Qumulo API | +| Qumulo to Activity Agent Server | TCP | 4496 | Qumulo Event Reporting | + +Protect the port with a username and password. The credentials will be configured in Qumulo. + +## Azure Files Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target tenant: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------------------------- | -------- | ----- | -------------------------------------------------- | +| Activity Agent Server to Microsoft Entra ID Tenant | HTTPS | 443 | Entra ID authentication, Graph API, Blob Storage | + + +## SharePoint Online Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target tenant: + +| Communication Direction | Protocol | Ports | Description | +| -------------------------------------------------- | -------- | ----- | -------------------------------------------------- | +| Activity Agent Server to Microsoft Entra ID Tenant | HTTPS | 443 | Entra ID authentication, Graph API, Office 365 API | + +## SQL Server Additional Firewall Rules + +The following firewall settings are required for communication between the Activity Monitor Activity +Agent server and the target SQL Server: + +| Communication Direction | Protocol | Ports | Description | +| ----------------------------------- | -------- | ----- | ----------------------- | +| SQL Server to Activity Agent Server | TCP | 1433 | Default SQL Server Port | + +If the Activity Monitor cannot connect to the SQL Server, ensure that SQL Server Browsing state is +**Running**. + +## Integration with Netwrix Access Analyzer Additional Firewall Rules + +Firewall settings are dependent upon the type of environment being targeted. The following firewall +settings are required for communication between the agent server and the Access Analyzer Console: + +| Communication Direction | Protocol | Ports | Description | +| ------------------------------- | -------- | ---------- | ------------------------------ | +| Access Analyzer to Agent Server | TCP | 445 | SMB, used for Agent Deployment | +| Access Analyzer to Agent Server | TCP | Predefined | WMI, used for Agent Deployment | diff --git a/docs/activitymonitor/9.0/requirements/activityagent/entraid-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/entraid-activity.md new file mode 100644 index 0000000000..17e5aa1972 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/entraid-activity.md @@ -0,0 +1,225 @@ +--- +title: "Microsoft Entra ID Activity Auditing Configuration" +description: "Microsoft Entra ID Activity Auditing Configuration" +sidebar_position: 30 +--- + +# Microsoft Entra ID Activity Auditing Configuration + +It is necessary to register Activity Monitor as a web application to the targeted Microsoft Entra ID +(formerly Azure AD), in order for Activity Monitor to monitor the environment. This generates the +Client ID and Client Secret needed by the Activity Agent. See +[Microsoft Support](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-api-prerequisites-azure-portal) +for assistance in configuring the Microsoft Entra ID web application. + +:::note +A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. +::: + + +**Configuration Settings from the Registered Application** + +The following settings are needed from your tenant once you have registered the application: + +- Tenant ID – This is the Tenant ID for Microsoft Entra ID +- Client ID – This is the Application (client) ID for the registered application +- Client Secret – This is the Client Secret Value generated when a new secret is created + + :::warning + It is not possible to retrieve the value after saving the new key. It must be + copied first. + ::: + + +## Permissions + +The following permissions are required: + +- Microsoft Graph API + + - Application Permissions: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - User.Read.All – Read all users' full profiles + +## Register a Microsoft Entra ID Application + +Follow the steps to register Activity Monitor with Microsoft Entra ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor + Entra ID +- Supported account types – Select **Accounts in this organizational directory only** +- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop + down menu. In the text box, enter the following: + +**Urn:ietf:wg:oauth:2.0:oob** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to set up permissions to enable the Activity Monitor to monitor data and collect +logs from Microsoft Entra ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Under Application Permissions, select: + + - AuditLog.Read.All – Read all audit log data + - Directory.Read.All – Read directory data + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the settings required for Activity Monitor need to +be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding an Microsoft Entra ID host in the Activity Monitor. Next identify the +Tenant ID. + +## Identify the Tenant ID + +The Tenant ID is available in two locations within Microsoft Entra ID. + +**Registered Application Overview Blade** + +You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps +to copy the Tenant ID from the registered application Overview blade. + +**Step 1 –** Copy the Directory (tenant) ID value. + +**Step 2 –** Save this value in a text file. + +This is needed for adding an Microsoft Entra ID host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +**Overview Page** + +Follow the steps to find the tenant name where the registered application resides. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** Copy the Tenant ID value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding an Microsoft Entra ID host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +:::warning +It is not possible to retrieve the value after saving the new key. It must be copied +first. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + :::note + Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + ::: + + +**Step 5 –** Click **Add** to generate the key. + +:::warning +If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. +::: + + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This is needed for adding an Microsoft Entra ID in the Activity Monitor. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/exchange-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/exchange-activity.md new file mode 100644 index 0000000000..70d4003a02 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/exchange-activity.md @@ -0,0 +1,287 @@ +--- +title: "Exchange Online Activity Auditing Configuration" +description: "Exchange Online Activity Auditing Configuration" +sidebar_position: 10 +--- + +# Exchange Online Activity Auditing Configuration + +In order to collect logs and monitor Exchange Online activity using the Netwrix Activity Monitor, it +needs to be registered with Microsoft® Entra ID® (formerly Azure AD). + +:::note +A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. +::: + + +**Additional Requirement** + +In addition to registering the application with Microsoft Entra ID, the following is required: + +- Enable Auditing for Exchange Online + +See the Enable Auditing for Exchange Online topic for additional information. + +**Configuration Settings from the Registered Application** + +The following settings are needed from your tenant once you have registered the application: + +- Tenant ID – This is the Tenant ID for Microsoft Entra ID +- Client ID – This is the Application (client) ID for the registered application +- Client Secret – This is the Client Secret Value generated when a new secret is created + + :::warning + It is not possible to retrieve the value after saving the new key. It must be + copied first. + ::: + + +**Permissions for Microsoft Graph API** + +- Application: + + - Directory.Read.All – Read directory data + - User.Read.All – Read all users' full profiles + +**Permissions for Office 365 Management APIs** + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +## Register a Microsoft Entra ID Application + +Follow the steps to register Activity Monitor with Microsoft Entra ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor + for Exchange +- Supported account types – Select **Accounts in this organizational directory only** +- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop + down menu. In the text box, enter the following: + +**urn:ietf:wg:oauth:2.0:oob** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Application: + + - Directory.Read.All – Read directory data + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** In the top toolbar, click **Add a permission**. + +**Step 7 –** On the Request API permissions blade, select Office 365 Management APIs on the +Microsoft APIs tab. Select the following permissions: + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +**Step 8 –** At the bottom of the page, click **Add Permissions**. + +**Step 9 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the settings required for Activity Monitor need to +be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a Exchange Online host in the Activity Monitor. See the +[Exchange Online](/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md) topic for +additional information. Next identify the Tenant ID. + +## Identify the Tenant ID + +The Tenant ID is available in two locations within Microsoft Entra ID. + +**Registered Application Overview Blade** + +You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps +to copy the Tenant ID from the registered application Overview blade. + +**Step 1 –** Copy the Directory (tenant) ID value. + +**Step 2 –** Save this value in a text file. + +This is needed for adding a Exchange Online host in the Activity Monitor. See the +[Exchange Online](/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md) topic for +additional information. Next identify the Tenant ID. Next generate the application’s Client Secret +Key. + +**Overview Page** + +Follow the steps to find the tenant name where the registered application resides. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** Copy the Tenant ID value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a Exchange Online host in the Activity Monitor. See the +[Exchange Online](/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md) topic for +additional information. Next identify the Tenant ID. Next generate the application’s Client Secret +Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +:::warning +It is not possible to retrieve the value after saving the new key. It must be copied +first. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + :::note + Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + ::: + + +**Step 5 –** Click **Add** to generate the key. + +:::warning +If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. +::: + + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This is needed for adding a Exchange Online host in the Activity Monitor. See the +[Exchange Online](/docs/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.md) topic for +additional information. + +## Enable Auditing for Exchange Online + +Follow the steps to enable auditing for Exchange Online so the Activity Monitor can receive events. + +**Step 1 –** In the Microsoft Purview compliance portal at +[https://compliance.microsoft.com](https://compliance.microsoft.com/), go to **Solutions** > +**Audit**. Or, to go directly to the Audit page at +[https://compliance.microsoft.com/auditlogsearch](https://compliance.microsoft.com/auditlogsearch). + +**Step 2 –** If auditing is not turned on for your organization, a banner is displayed prompting you +start recording user and admin activity. + +**Step 3 –** Select the **Start recording** user and **admin activity** banner. + +It may take several hours before events appear in the application. The Activity Monitor now has +Exchange Online auditing enabled as needed to receive events. See the Microsoft +[Turn auditing on or off](https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide) +article for additional information on enabling or disabling auditing. + +**Alternative Verification Method** + +Use the following command in Exchange Online PowerShell to verify auditing has been enabled: + +``` +Get-AdminAuditLogConfig | Format-List UnifiedAuditLogIngestionEnabled +``` + +A value of **True** for the `UnifiedAuditLogIngestionEnabled` property indicates that auditing is +turned on. + +If auditing is turned off, use either the button on the Audit page or the following command: + +``` +Set-AdminAuditLogConfig -UnifiedAuditLogIngestionEnabled $true +``` + +Auditing is now enabled. You can rerun the previous command to verify this. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/_category_.json new file mode 100644 index 0000000000..56d8e89ce6 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "NAS Device Configuration", + "position": 40, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/_category_.json new file mode 100644 index 0000000000..99bd0e8259 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Azure Files Activity Auditing Configuration", + "position": 5, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "azurefiles-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/azurefiles-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/azurefiles-activity.md new file mode 100644 index 0000000000..535265481b --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/azure-files/azurefiles-activity.md @@ -0,0 +1,207 @@ +--- +title: "Azure Files Activity Auditing Configuration" +description: "Azure Files Activity Auditing Configuration" +sidebar_position: 5 +--- + +# Azure Files Activity Auditing Configuration +Activity Monitor can monitor CIFS activity on Azure Files shares. + +The product uses the native auditing capability of Azure Files, which writes audit data to a separate storage account. +This feature requires manual configuration. + +There are several steps in preparing Azure Files for monitoring: + +1. Enable auditing for storage accounts. +2. Register an application in Azure. +3. Assign permissions and RBAC roles. +4. Configure Activity Monitor. + +## Enable auditing for storage accounts + +Auditing in Azure Files is disabled by default. It must be enabled for each storage account to be monitored. + +![Azure Files auditing](/images/activitymonitor/9.0/config/azure-files/azure-files-audit.webp) + +### Logs storage account +You must provide a storage account for audit data. The audit data is written as blobs named `insight-logs` to that storage account. +It must be a different storage account — it cannot be the same account that hosts Azure Files. + +It is recommended to share such a *logs storage account* among multiple *files storage accounts*. +A single account can store nearly unlimited blobs and up to 5 PB of data, which is more than enough for audit logs. +A shared account also helps stay within the Azure limit of 250–500 accounts per region per subscription. + +However, for security reasons, you may choose to use separate *logs storage accounts* so that activity from different accounts is not mixed in the same blob storage. + +The *logs storage account* must be in the same Azure region as the monitored Azure Files storage account, but it does not need +to be in the same resource group or subscription. + +Because the product does not require historical logs, it is recommended to configure an **Azure Lifecycle Management rule** for this storage account +to control storage volume and cost (not documented here). Otherwise, the data will be stored indefinitely. + +### Diagnostic setting + +To enable auditing, you must enable the Diagnostic Setting for each Azure Files storage account to be monitored. + +This can be done for each storage account individually or in bulk using Azure Policy to set Diagnostic Settings +at the management group, subscription, or resource group scope (not documented here). + +1. Open the storage account in the Microsoft Azure portal. + Navigate to **Monitoring > Diagnostic settings > File**. + +2. Click **Add diagnostic setting** to create a new auditing configuration or open an existing one. + +3. Under the **Logs** section, select **audit**, **StorageRead**, **StorageWrite**, and **StorageDelete**. + You can adjust these categories based on your needs; for example, unselect **StorageRead** if you are not interested in read activity. + +4. Under the **Destination details** section, select **Archive to a storage account**, then choose the storage account prepared in Step 1. + +5. Click **Save** to apply the diagnostic changes. + +:::note +It may take up to 90 minutes for the changes to take effect. +::: + +## Register an application in Azure + +Monitoring of Azure Files requires an application to be registered in the Azure portal, assigning it permissions to access the Graph API and +RBAC roles to access storage accounts. + +:::note +A user account with the **Global Administrator** role is required to register an app and grant admin consent in Microsoft Azure. +::: + +If you already have an application registered for Activity Monitor for Entra ID, SharePoint Online, or Exchange Online, you can reuse that +registration for Azure Files by assigning additional RBAC roles. + +Follow these steps to register the application in Azure. + +### Open Microsoft Azure portal + +- Azure Public – https://portal.azure.com/ +- Azure for US Government GCC – https://portal.azure.com/ +- Azure for US Government GCC High – https://portal.azure.us/ +- Azure for US Government DoD – https://portal.azure.us/ +- Azure Germany – https://portal.microsoftazure.de/ +- Azure China by 21Vianet – https://portal.azure.cn/ + +Use the search box to locate the **App registrations** page, then select **New registration**. + +### Register an application + +1. Specify **Netwrix Activity Monitor** as the application name. +2. Choose **Accounts in this organizational directory only**. +3. Change the type of Redirect URI to **Public client/native (mobile & desktop)**. +4. Specify `urn:ietf:wg:oauth:2.0:oob` as the value. +5. Click **Register**. + +### Copy Application (client) ID and Tenant (directory) ID + +On the **Overview** page, copy the **Application (client) ID** and **Directory (tenant) ID** values and save them for later. + +### Create a new client secret + +1. Open the **Manage > Certificates & secrets** page. +2. Select **New client secret**. +3. Specify a description and an expiration period. +4. On the **Certificates & secrets** page, copy the **Value** of the created secret and save it for later. + +:::note +Be aware of the client secret's expiration date. You'll need to generate a new one before it expires to ensure uninterrupted monitoring. +::: + +:::warning +Make sure you copy the **Value**, not the **Secret ID**. +::: + +### Grant API permissions + +Activity Monitor requires the `User.Read.All` permission to resolve user SIDs in activity events to user names. + +1. Open the **API permissions** page. +2. Select **Add a permission** and add the following to the existing **User.Read**: + **Microsoft Graph** + Type: **Application permissions** + Permission: `User.Read.All` +3. Click **Grant admin consent for [tenant name]**, then confirm when prompted. + This action requires a Global Administrator. + +## Assign Azure RBAC roles for storage accounts + +The registered application requires Azure RBAC role assignments to list storage accounts and read audit data. + +Assign the following roles to the registered application: + +- `Reader` – the management plane role. + Allows enumeration of storage accounts and reading of their settings. + +- `Storage Blob Data Reader` – the data plane role. + Allows reading of audit data from the logs storage account(s). + +You can assign these roles at different levels, which grant access to all storage accounts within the selected scope: + +- **Management group** – grants access to all storage accounts under the management group. +- **Subscription** – grants access to all storage accounts under the subscription. +- **Resource group** – grants access to all storage accounts under the resource group. +- **Storage account** – grants access to the specified storage account only. + +![RBAC Roles Scopes](/images/activitymonitor/9.0/config/azure-files/rbac-roles-scopes.webp) + +Choose the appropriate scope, and then follow these steps: + +1. In the Azure portal, open the target scope resource (management group, subscription, resource group, or storage account). +2. Open the **Access control (IAM)** page. +3. Select **Add > Add role assignment**. +4. Select `Reader` on the **Role** page, and then select **Next**. +5. Select the registered application on the **Members** page, and then select **Review + assign**. +6. Select **Add > Add role assignment** again. +7. Select `Storage Blob Data Reader` on the **Role** page, and then select **Next**. +8. Select the registered application on the **Members** page, and then select **Next**. +9. _(Optional)_ Select **Add condition** on the **Conditions** page, change the editor type to **Code**, and enter the following: + + +``` +( + ( + !(ActionMatches{'Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read'}) + ) + OR + ( + @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:name] StringStartsWith 'insights-logs-' + ) +) +``` + +This condition grants access only to blob containers that store audit data. Access to all other containers is denied. + +10. Select **Review + assign**. + +:::warning +It may take some time for the RBAC assignments to become effective. +::: + +## Configure Activity Monitor + +The last step is adding the Azure Files storage account to Activity Monitor. + +1. On the **Monitored Hosts & Services** page, select **Add Host/Service**. +2. Select the agent that will be monitoring Azure Files, and then select **Next**. +3. Select **Azure Files**, specify the tenant’s domain name, and then select **Next**. +4. On the **Connection** page, specify the Tenant ID (if it was not resolved automatically), Client ID, and Client Secret—values +copied in the previous steps during application registration. +5. Select **Connect**. +The button will verify the connection to Azure, enumerate all storage accounts, and retrieve their settings visible to the registered application. + +:::note +If the product fails to enumerate storage accounts, the RBAC roles were either assigned incorrectly or have not yet become effective. Retry later. +::: + +6. On the **Storage Accounts** page, select the storage accounts to be monitored, and then select **Next**. +7. Complete the wizard by selecting operations and output settings. + +:::info +You can use this wizard multiple times to add newly created storage accounts—already added accounts will be ignored. +::: + +8. Check the status of the added storage accounts on the **Monitored Hosts & Services** page. +Address any audit setting misconfigurations or missing RBAC roles. \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/_category_.json new file mode 100644 index 0000000000..6f60d370f4 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Dell Celerra & Dell VNX Activity Auditing Configuration", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "celerra-vnx-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/celerra-vnx-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/celerra-vnx-activity.md new file mode 100644 index 0000000000..7268d6eb62 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/celerra-vnx-activity.md @@ -0,0 +1,63 @@ +--- +title: "Dell Celerra & Dell VNX Activity Auditing Configuration" +description: "Dell Celerra & Dell VNX Activity Auditing Configuration" +sidebar_position: 20 +--- + +# Dell Celerra & Dell VNX Activity Auditing Configuration + +An Dell Celerra or VNX device can be configured to audit Server Message Block (SMB) protocol access +events. All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Activity Monitor +listens for all events coming through the Dell CEE and translates all relevant information into +entries in the Log files or syslog messages. + +Complete the following checklist prior to configuring the Activity Monitor to monitor the host. +Instructions for each item of the checklist are detailed within the following sections. + +**Checklist Item 1: Plan Deployment** + +- Prior to beginning the deployment, gather the following: + + - DNS name of Celerra or VNX CIFS share(s) to be monitored + - Data Mover or Virtual Data Mover hosting the share(s) to be monitored + - Account with access to the CLI + - Download the Dell CEE from: + + - [https://www.dell.com/support](https://www.dell.com/support) + +**Checklist Item 2: Install Dell CEE** + +- Dell CEE can be installed on the same Windows server as the Activity Agent, or on a different + server. If it is installed on the same host, the activity agent can configure it automatically. + + :::info + The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + ::: + + +- Important: + + - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE + is installed + - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server + +- See the [Install & Configure Dell CEE](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md) topic for instructions. + +**Checklist Item 3: Dell Device Configuration** + +- Configure the `cepp.conf` file on the Celerra VNX Cluster +- See the + [Connect Data Movers to the Dell CEE Server](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md#connect-data-movers-to-the-dell-cee-server) + topic for instructions. + +**Checklist Item 4: Activity Monitor Configuration** + +- Deploy the Activity Monitor Activity Agent, preferably on the same server where Dell CEE is + installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent's Properties + window within the Activity Monitor Console + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md new file mode 100644 index 0000000000..44921fd78f --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md @@ -0,0 +1,207 @@ +--- +title: "Install & Configure Dell CEE" +description: "Install & Configure Dell CEE" +sidebar_position: 10 +--- + +# Install & Configure Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +:::tip +Remember, the latest version is the recommended version of Dell CEE. +::: + + +:::info +The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. +::: + + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +:::info +The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. +::: + + +See the [CEE Debug Logs](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/validate.md#cee-debug-logs) section for information on +troubleshooting issues related to Dell CEE. + +After Dell CEE installation is complete, it is necessary to Connect Data Movers to the Dell CEE +Server. + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration** + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +**StealthAUDIT@[IP ADDRESS]** + +Examples: + +**StealthAUDIT@192.168.30.15** + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. + +## Connect Data Movers to the Dell CEE Server + +The `cepp.conf` file contains information that is necessary to connect the Data Movers to the Dell +CEE server. An administrator must create a configuration file which contains at least one event, one +pool, and one server. All other parameters are optional. The `cepp.conf` file resides on the Data +Mover. + +**Step 1 –** Log into the Dell Celerra or VNX server with an administrator account. The +administrative account should have a $ character in the terminal. + +:::note +Do not use a # charter. +::: + + +**Step 2 –** Create or retrieve the `cepp.conf` file. + +If there is not a `cepp.conf` file on the Data Mover(s), use a text editor to create a new blank +file in the home directory named `cepp.conf`. The following is an example command if using the text +editor 'vi' to create a new blank file: + +**$ vi cepp.conf** + +> If a `cepp.conf` file already exists, it can be retrieved from the Data Movers for modification +> with the following command: + +**$ server_file [DATA_MOVER_NAME] -get cepp.conf cepp.conf** + +**Step 3 –** Configure the `cepp.conf` file. For information on the `cepp.conf` file, see the Dell +[Using the Common Event Enabler for Windows Platforms](https://www.dellemc.com/en-us/collaterals/unauth/technical-guides-support-information/products/storage-3/docu48055.pdf) +guide instructions on how to add parameters or edit the values or existing parameters. + +:::note +The information can be added to the file on one line or separate lines by using a space +and a "\"" at the end of each line, except for the last line and the lines that contain global +options: `cifsserver`, `surveytime`, `ft`, and `msrpcuser`. +::: + + +The Activity Monitor requires the following parameters to be set in the `cepp.conf` file: + +- `pool name= ` + - This should equal the name assigned to the configuration container. This container is composed + of the server(s) IP Address or FQDN where the Dell CEE is installed and where the list of + events to be monitored is located. It can be named as desired but must be a pool name. +- `servers= ` + - This should equal the IP Address or FQDN of the Windows server where the Dell CEE is + installed. If several servers are specified, separate them with the vertical bar (|) or a + colon (:). +- `postevents= ` + - The following events are required (separated with the vertical bar): + `CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile ` + - If "Directory Read/List" operations are needed, append `OpenDir` to the list. +- `msrpcuser= ` + + - This should equal the domain account used to run the Dell CEE Monitor and Dell CAVA services + on the Windows server. This parameter is a security measure used to ensure events are only + sent to the appropriate servers. + + All unspecified parameters use the default setting. For most configurations, the default + setting is sufficient. + + Example cepp.conf file format: + +**msrpcuser=[DOMAIN\DOMAINUSER]** + + pool name=[POOL_NAME] \ + +**servers=[IP_ADDRESS1]|[IP_ADDRESS2]|... \** + + postevents=[EVENT1]|[EVENT2]|... + + Example cepp.conf file format for the Activity Monitor: + +**msrpcuser=[DOMAIN\DOMAINUSER running CEE services]** + + pool name=[POOL_NAME for configuration container] \ + +**servers=[IP_ADDRESS where CEE is installed]|... \** + + postevents=[EVENT1]|[EVENT2]|... + + Example of a completed cepp.conf file for the Activity Monitor: + +**msrpcuser=example\user1** + + pool name=pool \ + +**servers=192.168.30.15 \** + + postevents=CloseModified|CloseUnmodified|CreateDir|CreateFile|DeleteDir|DeleteFile|RenameDir|RenameFile|SetAclDir|SetAclFile + +**Step 4 –** Move the `cepp.conf` file to the Data Mover(s) root file system. Run the following +command: + +**$ server_file [DATA_MOVER_NAME]-put cepp.conf cepp.conf** + +:::note +Each Data Mover which runs Celerra Event Publishing Agent (CEPA) must have a `cepp.conf` +file, but each configuration file can specify different events. +::: + + +**Step 5 –** (This step is required only if using the `msrpcuser` parameter) Register the MSRPC user +(see Step 3 for additional information on this parameter). Before starting CEPA for the first time, +the administrator must issue the following command from the Control Station and follow the prompts +for entering information: + +**/nas/sbin/server_user server_2 -add -md5 -passwd [DOMAIN\DOMAINUSER for msrpcuser]** + +**Step 6 –** Start the CEPA facility on the Data Mover. Use the following command: + +**server_cepp [DATA_MOVER_NAME] -service –start** + +Then verify the CEPA status using the following command: + +**server_cepp [DATA_MOVER_NAME] -service –status** + +Once the `cepp.config` file has been configured, it is time to configure and enable monitoring with +the Activity Monitor. See the +[Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) +for additional information. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/validate.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/validate.md new file mode 100644 index 0000000000..167a8b34fe --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/validate.md @@ -0,0 +1,159 @@ +--- +title: "Validate Setup" +description: "Validate Setup" +sidebar_position: 20 +--- + +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate Dell CEE Registry Key Settings + +:::note +See the +[Configure Dell Registry Key Settings](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md#configure-dell-registry-key-settings) +topic for information on manually setting the registry key. +::: + + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration** + +![registryeditorendpoint](/images/activitymonitor/9.0/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +:::note +All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. +::: + + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +**For Asynchronous Bulk Delivery Mode** + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration** + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +:::note +All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. +::: + + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the Validate +Dell CEE Services are Running topic for additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## Dell CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts & Services tab +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +**> [https://docs.microsoft.com/en-us/sysinternals/downloads/debugview](https://docs.microsoft.com/en-us/sysinternals/downloads/debugview)** + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration** + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +:::note +If the Debug DWORD Value does not exist, it needs to be added. +::: + + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +:::note +If the Verbose DWORD Value does not exist, it needs to be added. +::: + + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts & Services tab +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +:::info +After the logs have been gathered and sent to Netwrix Support, reset these +configurations. + +::: diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ctera-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ctera-activity.md new file mode 100644 index 0000000000..e3adc627c7 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ctera-activity.md @@ -0,0 +1,189 @@ +--- +title: "CTERA Activity Auditing Configuration" +description: "CTERA Activity Auditing Configuration" +sidebar_position: 10 +--- + +# CTERA Activity Auditing Configuration + +The Netwrix Activity Monitor can be configured to monitor file system activity on CTERA Edge Filer +appliances. + +The monitoring process relies on the SMB auditing feature of the CTERA Edge Filer. A local audit log +file is generated by each Edge Filer and audit events from these files are collected by the CTERA +Portal. The CTERA Portal forwards the events from the Edge Filers to the Activity Monitor Agent +through the Messaging and Syslog services. + +![Monitoring Process -CTERA Portal](/images/activitymonitor/9.0/config/ctera/cterasyslogmsg.webp) + +To prepare CTERA for monitoring: + +- Provision an account. +- Enable auditing on the CTERA Edge Filer. +- Enable Messaging and Edge Filer Syslog services on the CTERA Portal. + +## Provision Account + +Netwrix Activity Monitor uses the CTERA Portal API to retrieve information about portals, Edge +Filers, their auditing configurations, and optionally to enable syslog forwarding automatically. To +access the API, Activity Monitor requires an account in the CTERA Portal with the **Read Only +Administrator** role. + +**Step 1 –** Log in to the CTERA Portal web interface. In the global administration view, select +**Users** > **Administrators**. + +**Step 2 –** Click New Admin, specify a username, password, email, and the **Read Only +Administrator** role. + +This credential will then be used when configuring the Activity Monitor Agent to monitor the CTERA +portal. + +## Enable Auditing on CTERA Edge Filer + +The CTERA Edge Filer can generate audit log events for the SMB access. Audit events are stored in a +local file and then forwarded to the CTERA Portal for further processing. The audit log is disabled +by default and must be enabled. + +Follow the steps to enable SMB audit logs. + +**Step 1 –** Log in to the Edge Filer web interface. In the Configuration view, select **Logs** > +**Audit Logs**. + +**Step 2 –** Select the **Enable CIFS/SMB Audit Logs** option. + +**Step 3 –** Specify a share to save the audit logs in the Save log files option. If a share does +not exist, create a new one first. + +:::note +CTERA recommends that SMB Audit logging is saved to a folder that is local on the Edge +Filer and not synced to the cloud. For example, in the root of vol1, which can then be used to +create a share. +::: + + +**Step 4 –** Adjust the **Keep closed files for** parameter. Otherwise, use the default value. + +**Step 5 –** Check all events except the **Read Extended Attributes** event in Events to log list. +If you do not require monitoring of _Directory Read/List_ operations, which typically generate a +high volume of data, uncheck the **List Folder Read Data** event. + +**Step 6 –** Make sure that **Log permission changes in human readable format** is unchecked. + +**Step 7 –** Click **Save**. + +To verify that the auditing is enabled, generate some file activity and check the share specified in +**Step 3**. An audit log should be created in `audit.log.dir/audit.log`. + +See the [Auditing SMB File Access](https://kb.ctera.com/docs/auditing-smb-file-access-5) article in +the CTERA Edge Filer Administrator Guide for additional information. + +## Enable Services on CTERA Portal + +The following services must be enabled and configured on the CTERA Portal: + +- CTERA Messaging Service -– Enables sending notifications to various consumers, including the + Edge Filer Syslog service. +- CTERA Edge Filer Syslog Service – Consolidates audit events from Edge Filers and sends them to the + Activity Monitor Agent and other consumers. + +Both services are disabled by default and must be enabled. The Messaging service must be enabled +first. + +### Enable the Messaging Service + +See the +[Managing the CTERA Messaging Service](https://kb.ctera.com/docs/managing-the-ctera-messaging-service-2) +article in the CTERA Portal Global Administrator Guide for additional information on requirements +and recommendations for production and POC environments. + +**Step 1 –** Before setting up the Messaging Service in the web interface, first initialize the +messaging components with the following CLI command: + +**set /settings/platformServicesSetting/enabled true** + +Initialization takes a few minutes. + +**Step 2 –** Log in to the CTERA Portal web interface. In the global administration view, select +**Services** > **Messaging**. + +**Step 3 –** To add a new messaging server, click **Add Messaging Servers**. Select the servers to +use as messaging servers. Click **Save**. + +:::note +In a production environment, designate three servers as messaging servers. In a small or +test environment, CTERA supports using a single messaging server, typically the main database +server. However, in all other cases, exactly three servers must be assigned as messaging servers. +See the +[Managing the CTERA Messaging Service](https://kb.ctera.com/docs/managing-the-ctera-messaging-service-2) +article for additional information. +::: + + +**Step 4 –** Deploying the messaging service takes a few minutes. The status will change to STARTING +and then to ACTIVE. Wait until the status is ACTIVE before proceeding to the next step. + +:::note +If the status does not change to ACTIVE, the log files need to be collected from +`/usr/local/lib/ctera/work/logs/services` directory. +See the +[CTERA Messaging Service Logs](https://kb.ctera.com/docs/setting-up-the-ctera-messaging-service-2#ctera-messaging-service-logs) +article for additional information. +::: + + +### Enable the Edge Filer Syslog Service + +Ensure the Enable the Messaging Service section is completed before proceeding to enable the Syslog +Service. + +The Edge Filer Syslog Service can be configured in two ways: + +- Automatically by the Activity Monitor using the API from CTERA Portal. +- Manually using the CTERA Portal web interface. + +It is recommended to configure the service automatically. With automatic configuration, the Activity +Monitor Agent will apply the settings and perform periodic checks to ensure correctness. To enable +automatic configuration, use the **Enable Edge Filer Syslog auditing** option in the host properties +and specify credentials to access the CTERA Portal API. + +Follow the steps to configure the Edge Filer Syslog Service manually. + +**Step 1 –** Configure monitoring of the CTERA Portal in the Activity Monitor Console. + +**Step 2 –** Add a CTERA host on the Monitored Hosts & Services tab and specify the portal host name, +username, password, and complete the wizard. + +**Step 3 –** Enable the newly added host. + +**Step 4 –** Copy a TLS certificate file, `certca.pem`, from +`%ProgramData%\Netwrix\Activity Monitor\Agent\Data` folder on the agent's server. + +**Step 5 –** Log in to the CTERA Portal web interface. In the global administration view, select +**Services** > **Edge Filer Syslog**. + +**Step 6 –** Click **Add a Server**. + +**Step 7 –** Specify the **FQDN of the agent** or **IP address** in the Addressfield. + +**Step 8 –** Specify 4488 in the Port field. + +:::note +The default port can be changed in the properties of the agent on the CTERA page. +::: + + +**Step 9 –** Change the protocol to **TCP/TLS**. + +**Step 10 –** Click **Server Certificate** > **Select File** to upload the file collected at Step 2. + +**Step 11 –** Click **Save**. + +**Step 12 –** Click **Enable** in the status bar. + +The status will change to STARTING. If the CTERA Portal manages to connect to the Activity Monitor +Agent, the status changes to ACTIVE. If not, review the error message and check **Logs & Alerts** > +**System Log** for details. + +See the +[Managing the Edge Filer Syslog Service](https://kb.ctera.com/docs/managing-the-edge-filer-syslong-service) +article in the CTERA Portal Global Administrator Guide for additional information. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/_category_.json new file mode 100644 index 0000000000..c328bb831d --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Hitachi Activity Auditing Configuration", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "hitachi-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configureaccesstologs.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configureaccesstologs.md new file mode 100644 index 0000000000..deade0c148 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configureaccesstologs.md @@ -0,0 +1,30 @@ +--- +title: "Configure Access to HNAS Audit Logs on Activity Agent Server" +description: "Configure Access to HNAS Audit Logs on Activity Agent Server" +sidebar_position: 20 +--- + +# Configure Access to HNAS Audit Logs on Activity Agent Server + +Follow the steps to configure access to the HNAS audit logs on the Windows server hosting the +Activity Monitor activity agent. + +**Step 1 –** On the Windows computer, go to Run and type `compmgmt.msc`. + +**Step 2 –** In the right-hand panel, select More Actions > Connect to another computer. + +**Step 3 –** In the Select Computer dialog box, enter the IP Address for EVS for HNAS and then click +OK. + +**Step 4 –** In the Computer Management window, go to Computer Management > System tools > Shared +Folders > Shares. + +**Step 5 –** Select the Security tab and click Advanced. + +**Step 6 –** In the Advanced Security Settings dialog box, select the Audit tab. Click Add or Edit +to select the users and groups to be audited and add the desired user or group. + +**Step 7 –** Select All for Type, and Full Control for Basic permissions. + +Once access has been configured on both the Hitachi device and the Activity Agent server, it is time +to configure and enable monitoring with the Activity Monitor Console. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configurelogs.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configurelogs.md new file mode 100644 index 0000000000..216ea99581 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configurelogs.md @@ -0,0 +1,39 @@ +--- +title: "Configure Audit Logs on HNAS" +description: "Configure Audit Logs on HNAS" +sidebar_position: 10 +--- + +# Configure Audit Logs on HNAS + +Follow the steps to configure access to the HNAS audit logs on the Hitachi device. + +**Step 1 –** Open a browser and enter the IP Address for HNAS in the address bar to launch the +Hitachi Storage Navigator (SN). Enter the username and password. + +**Step 2 –** At the Storage Navigator home page, click File Services. + +**Step 3 –** On the File Services screen, click Enable File Service. + +**Step 4 –** On the Enable File Services screen, verify that the CIFS/Windows service is selected. + +**Step 5 –** On the File Services screen, click File System Security. + +**Step 6 –** Click Switch Mode and set the default file system security mode to Mixed (Windows and +UNIX) for all virtual file systems. + +**Step 7 –** Configure the Hitachi NAS Platform audit policy by returning to the File Services page. + +**Step 8 –** Click File System Audit Policies. + +**Step 9 –** Select the correct EVS and click details for the file system to enable auditing. + +**Step 10 –** In the Access via Unsupported Protocols section, select Allow Access (without +auditing). In the Audit Log section, set the maximum log file size to a value of at least 8 MB. It +is recommended to set it to 16 MB. In the Log roll over policy section, select New. The product does +not support the Wrap policy. Click OK to close. + +Once access has been configured on the Hitachi device, it is necessary to configure access to the +HNAS audit logs on the Windows server. See the +[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configureaccesstologs.md) topic for +additional information. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/hitachi-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/hitachi-activity.md new file mode 100644 index 0000000000..c3e8fee835 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/hitachi-activity.md @@ -0,0 +1,64 @@ +--- +title: "Hitachi Activity Auditing Configuration" +description: "Hitachi Activity Auditing Configuration" +sidebar_position: 60 +--- + +# Hitachi Activity Auditing Configuration + +The Hitachi NAS (HNAS) server can host multiple Enterprise Virtual Servers (EVS). Each EVS has +multiple file systems. Auditing is enabled and configured per file system. This guide explains how +to enable auditing on an HNAS and to configure the Activity Monitor to monitor activity coming from +the Hitachi device auditing. + +The Activity Monitor does not use the EVS or file system name to connect to HNAS. Therefore, all +that is required of the user for HNAS activity collection is the following: + +- Logs path (UNC) + + - Active Log file name – Active Log File name needs with an `.evt` extension, and it should be + the same as in the HNAS configuration. This is usually `audit.evt`. + +- Credentials to access the HNAS log files + + - The only requirement for the credentials is the ability to read files from the `logs` + directory. + +- A polling interval between log collections (15 seconds by default) + + - The Activity Monitor minimizes IO by remembering a file offset where it stopped reading and + continuing from that offset next time. + +:::warning +The following disclaimer is provided by Hitachi: +::: + + +“Because CIFS defines open and close operations, auditing file system object access performed by +clients using other protocols would be costly in terms of system performance, because each I/O +operation would have to be audited as an open operation. **Therefore, when file system auditing is +enabled, by default, only clients connecting through the CIFS protocol are allowed access to the +file system.** Access by clients using other protocols, like NFS, can, however, be allowed. When +such access is allowed, access to file system objects through these protocols is not audited.” + +:::note +File system auditing can be configured to deny access to clients connecting with protocols +that cannot be audited (NFS). Please see the Hitachi +[Server and Cluster Administration Guide](https://support.hds.com/download/epcra/hnas0106.pdf) for +additional information. +::: + + +**Configuration Checklist** + +Complete the following checklist prior to configuring activity monitoring of Hitachi devices. +Instructions for each item of the checklist are detailed within the following topics. + +**Checklist Item 1: [Configure Audit Logs on HNAS](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configurelogs.md)** + +Checklist Item 2: +[Configure Access to HNAS Audit Logs on Activity Agent Server](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/hitachi-aac/configureaccesstologs.md) + +**Checklist Item 3: Activity Monitor Configuration** + +- Deploy the Activity Monitor Activity Agent to a Windows proxy server diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/_category_.json new file mode 100644 index 0000000000..0e292bab7c --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Dell Isilon/PowerScale Activity Auditing Configuration", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "isilon-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/installcee.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/installcee.md new file mode 100644 index 0000000000..39bfb11e36 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/installcee.md @@ -0,0 +1,82 @@ +--- +title: "Install Dell CEE" +description: "Install Dell CEE" +sidebar_position: 10 +--- + +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +:::tip +Remember, the latest version is the recommended version of Dell CEE. +::: + + +:::info +The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. +::: + + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +:::info +The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. +::: + + +After installation, open MS-RPC ports between the Dell device and the Dell CEE server. See the +[Dell CEE Debug Logs](validate.md#dell-cee-debug-logs) section for information on troubleshooting +issues related to Dell CEE. + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration** + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +**StealthAUDIT@[IP ADDRESS]** + +Examples: + +**StealthAUDIT@192.168.30.15** + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/isilon-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/isilon-activity.md new file mode 100644 index 0000000000..97f28cdc32 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/isilon-activity.md @@ -0,0 +1,114 @@ +--- +title: "Dell Isilon/PowerScale Activity Auditing Configuration" +description: "Dell Isilon/PowerScale Activity Auditing Configuration" +sidebar_position: 30 +--- + +# Dell Isilon/PowerScale Activity Auditing Configuration + +Dell Isilon/PowerScale can be configured to audit Server Message Block (SMB) and NFS protocol access +events on the Dell Isilon/PowerScale cluster. All audit data can be forwarded to the Dell Common +Event Enabler (CEE). The Activity Monitor listens for all events coming through the Dell CEE and +translates all relevant information into entries in the log files or syslog messages. + +Protocol auditing must be enabled and then configured on a per-access zone basis. For example, all +SMB protocol events on a particular access zone can be audited, while only attempts to delete files +on a different access zone can be audited. + +The audit events are logged and stored on the individual OneFS nodes where the SMB/NFS client +initiated the activity. The stored events are then forwarded by the node to the Dell CEE instance or +concurrently to several instances. At this point, Dell CEE forwards the audit event to a defined +endpoint, such as Activity Monitor agent. + +Complete the following checklist prior to configuring Activity Monitor to monitor the host. +Instructions for each item of the checklist are detailed within the following sections. + +**Checklist Item 1: Plan Deployment** + +- Prior to beginning the deployment, gather the following: + + - DNS name of Isilon/PowerScale CIFS share(s) to be monitored + - Access Zone(s) containing the CIFS shares to be monitored + - Account with access to the OneFS UI or CLI + - Download the Dell CEE from: + + - [https://www.dell.com/support/home/en-us/](https://www.dell.com/support/home/en-us/) + +:::info +You can achieve higher throughput and fault tolerance by monitoring the +Isilon/PowerScale cluster with more than one pair of Dell CEE and Activity Monitor Agent. The +activity will be evenly distributed between the pairs. +::: + + +**Checklist Item 2: [Install Dell CEE](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/installcee.md)** + +- Dell CEE should be installed on a Windows or a Linux server. + + :::info + Dell CEE can be installed on the same server as the Activity Agent, or on a + different Windows or Linux server. If CEE is installed on the same server, the Activity Agent + can configure it automatically. + ::: + + +- Important: + + - Dell CEE 8.8 is the minimum supported version. It is recommended to use the latest available + version. + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows server + +Checklist Item 3: Configure Auditing on the Dell Isilon/PowerScale Cluster + +- Select method: + + - **_RECOMMENDED:_** Allow the Activity Monitor to configure auditing automatically. + + - Automation completed while the Activity Monitor is configured to monitor the + Isilon/PowerScale device + - Automatically sets CEE Server with the IP Address of the server where CEE is installed + - Automatically sets Storage Cluster Name to exactly match the name known to the Activity + Monitor + - Choose between monitoring all Access Zones or scoping to specific Access Zones + + - [Manually Configure Auditing in OneFS](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/manualconfiguration.md) + + - After configuration, add the Isilon/PowerScale device to be monitored by the Activity + Monitor + +- Important: + + - Value of the **Storage Cluster Name** field must exactly match the name entered for the + monitored host in the Activity Monitor Console. If the Storage Cluster Name cannot be modified + (for example, another 3rd party depends on it), you need to set the Host Aliases parameter in + the Activity Monitor Console. Otherwise, if for some reason the Storage Cluster Name must be + left empty, one can list OneFS cluster node names in the Host Aliases. + + - If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value + - If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list + of OneFS node names + + - Include all Access Zones to be monitored in the auditing configuration + - As soon as the first CEE is installed, Isilon/PowerScale will start to send all activity, + including all previous audit events, to the agent. The start time can be modified to exclude + previously recorded audit events to prevent the agent from becoming overloaded with data. It + can be done using OneFS CLI only with isi audit modify command to edit the start time. + + - Start time command: + + ``` + isi audit settings global modify --cee-log-time [Protocol@2021-04-23 14:00:00] + ``` + + - View progress: + + ``` + isi_for_array isi audit progress view + ``` + + - See the Audit log time adjustment section of the Dell + [File System Auditing with Dell PowerScale and Dell Common Event Enabler](https://www.dellemc.com/resources/en-us/asset/white-papers/products/storage/h12428-wp-best-practice-guide-isilon-file-system-auditing.pdf) + documentation for additional information. + +Checklist Item 4: Configure Dell CEE to Forward Events to the Activity Agent. See the +[Validate Setup](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/validate.md) topic for additional information. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/manualconfiguration.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/manualconfiguration.md new file mode 100644 index 0000000000..e9006d0363 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/manualconfiguration.md @@ -0,0 +1,90 @@ +--- +title: "Manually Configure Auditing in OneFS" +description: "Manually Configure Auditing in OneFS" +sidebar_position: 20 +--- + +# Manually Configure Auditing in OneFS + +Manual configuration for auditing is optional for newer versions as the Activity Agent can configure +the auditing automatically using the OneFS API. Follow the steps through the OneFS Storage +Administration Console. + +**Step 1 –** Navigate to the **Cluster Management** tab, and select **Auditing**. + +![settings](/images/activitymonitor/9.0/config/dellpowerscale/settings.webp) + +**Step 2 –** In the Settings section, check the Enable Protocol Access Auditing box. + +**Step 3 –** In the Audited Zones section, add at least one zone to be audited. The **System** zone +is typically used. If the CIFS or NFS shares are accessible through different zones on the OneFS +cluster, include all relevant zones. + +Ensure that OneFS collects only events you are interested in. By default, OneFS may monitor things +like directory reads, which can take up a large amount of space. Configuring the OneFS events that +need monitoring is not done through the Activity Monitor console. Configure OneFS event monitoring +using OneFS CLI with the isi audit modify command for each access zone. Enabling monitoring for only +what is needed for the environment will reduce the data load to the agent. + +Activity Monitor monitors the following events: `close_file_modified`, `close_file_unmodified`, +`create_file`, `create_directory`, `delete_file`, `delete_directory`, `rename_file`, +`rename_directory`, `set_security_file`, `set_security_directory`, and `open_directory` (if you want +to monitor Directory List/Read events). + +For each monitored access zone: + +- Use isi audit settings view `isi --zone ZONENAME` to check current settings. +- Disable reporting of failure and syslog audit events with: + +**isi audit settings modify --zone ZONENAME --clear-audit-failure --clear-syslog-audit-events** + +- Set the success audit events with: + + isi audit settings modify --zone ZONENAME + --audit-success=close_file_modified,close_file_unmodified,create_file,create_directory,delete_file,delete_directory,rename_file,rename_directory,set_security_file,set_security_directory + +![eventforwarding](/images/activitymonitor/9.0/config/dellpowerscale/eventforwarding.webp) + +**Step 4 –** In the Event Forwarding section, add the CEE Server URI value for the Windows or Linux +server hosting CEE. Use either of the following format: + +- `http://[IP ADDRESS]:[PORT]/cee` + +- `http://[SERVER Name]:[PORT]/cee` + + +:::info +When deploying multiple Dell CEE instances at scale, it is recommended that an +accommodating agent must be configured with each CEE instance. If multiple CEE instances send events +to just one agent, it may create an overflow of data and overload the agent. Distributing the +activity stream into pairs will be the most efficient way of monitoring large data sets at scale. +::: + + +**Step 5 –** Also in the Event Forwarding section, set the **Storage Cluster Name** value. It must +be an exact match to the name which is entered in the Activity Monitor for the **Monitored Host** +list. + +This name is used as a ‘tag’ on all events coming through the CEE. This name must exactly match what +is in the Activity Monitor or it does not recognize the events. + +:::info +Use the CIFS DNS name for Dell OneFS. +::: + + +:::note +To use the Activity Monitor with Access Analyzer for Activity Auditing (FSAC) scans, the +name entered here must exactly match what is used for Access Analyzer as a target host. +::: + + +If the Storage Cluster Name cannot be modified (for example, another third-party depends on it), you +need to set the Host Aliases parameter in the Activity Monitor Console: + +- If the Storage Cluster Name is not empty, set the Host Aliases parameter to its value +- If the Storage Cluster Name is empty, set the Host Aliases to a semicolon-separated list of OneFS + node names + +Next, it is time to configure the monitoring agent on the Windows server to monitor the +Isilon/PowerScale device. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/validate.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/validate.md new file mode 100644 index 0000000000..2bd4def69e --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/isilon-powerscale-aac/validate.md @@ -0,0 +1,190 @@ +--- +title: "Validate Setup" +description: "Validate Setup" +sidebar_position: 30 +--- + +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate Dell CEE Registry Key Settings + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration** + +![registryeditorendpoint](/images/activitymonitor/9.0/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +:::note +All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. +::: + + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +**For Asynchronous Bulk Delivery Mode** + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration** + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +:::note +All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. +::: + + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the Validate +Dell CEE Services are Running topic for additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## Dell CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts & Services tab +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +**> [https://docs.microsoft.com/en-us/sysinternals/downloads/debugview](https://docs.microsoft.com/en-us/sysinternals/downloads/debugview)** + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration** + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +:::note +If the Debug DWORD Value does not exist, it needs to be added. +::: + + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +:::note +If the Verbose DWORD Value does not exist, it needs to be added. +::: + + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts & Services tab +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +:::info +After the logs have been gathered and sent to Netwrix Support, reset these +configurations. +::: + + +## Linux CEE Debug Log + +The debug log is stored in `/opt/CEEPack/emc_cee_svc.log` file. To enable verbose logging set Debug +and Verbose parameters under **Configuration** to 255 and restart the CEE. + +:::note +Debug logs should only be used for troubleshooting purposes. It's recommended to have +Debug Logs disabled by default. +::: + + +... + +```xml + + +100 +255 +10 +10 +20 +255 +12228 + +2 +5 +86400 + + +/opt/CEEPack/ +100 + + + + +__NOTE:__ All protocol strings are case sensitive. +``` diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nasuni-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nasuni-activity.md new file mode 100644 index 0000000000..a74a220d97 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nasuni-activity.md @@ -0,0 +1,80 @@ +--- +title: "Nasuni Edge Appliance Activity Auditing Configuration" +description: "Nasuni Edge Appliance Activity Auditing Configuration" +sidebar_position: 70 +--- + +# Nasuni Edge Appliance Activity Auditing Configuration + +Generation of an API Access Key is required for Nasuni activity monitoring. The Nasuni Edge +Appliance generates its own audit trail. An API Access Key is used by the Activity Monitor to form a +network connection to the appliance. Nasuni will then stream event data to the activity agent. See +[Nasuni Support Documentation](https://www.nasuni.com/support/) for additional information. + +**Configuration Checklist** + +Complete the following checklist prior to configuring activity monitoring of Nasuni Edge Appliances. +Instructions for each item of the checklist are detailed within the following topics. + +**Checklist Item 1: Generate Nasuni API Access Key** + +- Generate an API Access Key for each Nasuni Edge Appliance to be monitored through one of the + following: + + - Nasuni Filer Management Interface + - Nasuni Management Console + +**Checklist Item 2: Activity Monitor Configuration** + +- Deploy the Activity Monitor activity agent to a Windows proxy server + +## Nasuni Filer Management Interface + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Filer Management Interface. + +**Step 1 –** Within the **Configuration** menu, under **USERS & SECURITY**, select API Access Keys. +The API Access Keys page opens. + +**Step 2 –** Click Add API Key button. The Add API Key window opens. + +**Step 3 –** Enter a Name for thekey; for example, the name of the application. + +**Step 4 –** Click Create Key. + +**Step 5 –** In the Successfully Generated API Key window, copy the Key Passcode. + +Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to +the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable +monitoring with the Activity Monitor console. + +:::note +Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. +::: + + +## Nasuni Management Console + +Follow the steps to generate a Nasuni API Access Key in the Nasuni Management Console. + +**Step 1 –** Click Filers and select API Keys from the menu on the left. The Filer API Access Key +Settings page opens. + +**Step 2 –** Click New API Key button. The Add API Access Key window opens. + +**Step 3 –** From the Filer drop-down menu, select the desired Nasuni Edge Appliance. Then enter a +Name for the key; for example, the name of the application. + +**Step 4 –** Click Add API Key. + +**Step 5 –** A message appears which includes the Key Passcode; copy the Key Passcode. + +Both the Key Name and the Key Passcode are required by the Activity Monitor in order to connect to +the Nasuni Edge Appliance. Once the API Key has been generated, it is time to configure and enable +monitoring with the Activity Monitor console. + +:::note +Nasuni API key names are case sensitive. When providing them, ensure they are entered in +the exact same case as generated. + +::: diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nutanix-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nutanix-activity.md new file mode 100644 index 0000000000..eff70052ec --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/nutanix-activity.md @@ -0,0 +1,43 @@ +--- +title: "Nutanix Files Activity Auditing Configuration" +description: "Nutanix Files Activity Auditing Configuration" +sidebar_position: 100 +--- + +# Nutanix Files Activity Auditing Configuration + +The Netwrix Activity Monitor can be configured to monitor file activity on Nutanix Files devices. + +A user having REST API access must be created on the Nutanix Files server to monitor the files +server using Activity Monitor. Additional configurations are done automatically by Activity Monitor +using the Nutanix API with the help of this user. + +Follow the steps to create a new user account with Nutanix Prism: + +**Step 1 –** Open Nutanix Prism web portal. + +**Step 2 –** Select **File Server** category. In the list of servers, select the server you want to +audit. + +**Step 3 –** Click **Manage roles**. + +**Step 4 –** In the Manage roles dialog box locate the REST API access user section and click **+New +user**. + +![Manage Roles - File Server](/images/activitymonitor/9.0/config/nutanix/activitynutanix.webp) + +**Step 5 –** Enter local user account name and password, then click **Save** to save the settings. + +**Step 6 –** Click **Close** to close the Manage roles dialog box. + +:::note +The user credentials created here are used when adding a Nutanix file server in Activity +Monitor. +::: + + +:::note +Nutanix Files does not report events for activity originating from a server where the +Activity Monitor Agent is installed. + +::: diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/_category_.json new file mode 100644 index 0000000000..1496020c88 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration", + "position": 90, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "ontap-cluster-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefirewall.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefirewall.md new file mode 100644 index 0000000000..6926d8d108 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefirewall.md @@ -0,0 +1,191 @@ +--- +title: "Configure Network" +description: "Configure Network" +sidebar_position: 20 +--- + +# Configure Network + +Activity Monitor requires two communication channels for ONTAP monitoring: + +1. ONTAP API – Activity Monitor Agent connects to ONTAP on port 80 (http) or 443 (https) for access + to ONTAP API (ONTAPI/ZAPI or REST API). +2. FPolicy – Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy + notifications. + +The following sections discuss network configuration required to enable API and FPolicy +communication. + +## ONTAP API + +The ONTAP API access is mandatory; without the API access the agent will not be able to receive and +translate events from FPolicy. The agent uses the API to retrieve information about the SVM: CIFS +settings, list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve +the state of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. + +The API access is needed either through the SVM's LIF or through the cluster management LIF with +_vserver tunneling_ feature. If you want to use the vserver tunneling feature, specify the cluster +management LIF's address in the "Management LIF" parameter in the host's settings in the Activity +Monitor. + +Both classic ONTAPI/ZAPI and the new REST API are supported. Starting with ONTAP 9.13.1, the product +uses REST API by default if it is available. HTTP and HTTPS protocols are supported. For HTTPS, two +modes are supported: strict and ignore errors. For the strict mode, the product allows you to +disable the host name validation in case the agent cannot resolve the FQDN of the LIF. + +Enabling the API access varies depending on ONTAP version. The following sections list common steps +on enabling the API access. Please refer to the NetApp documentation for more details. + +### Management-http Service + +Starting with ONTAP 9.6, data LIFs used for HTTPS communication with the Activity Monitor are +required to use a service policy that includes the `management-https` service. This service enables +HTTPS access to the LIF. + +The following examples offer guidance for managing service policies, but may vary depending on the +NetApp environment’s specific configuration and needs. + +**Step 1** – Display LIFs of the SVM. Take note of the _service policy_ name used by the LIF you +want to be used for API access. + +``` +network interface show -vserver [SVM] -instance +``` + +**Step 2** – Check the services included in the SVM service policy + +``` +network interface service-policy show -policy [POLICY_NAME] +``` + +**Step 3** – Add the `management-https` service if it is missing + +``` +set -privilege advanced +network interface service-policy add-service -service management-https -policy [POLICY_NAME] -vserver [SVM] +``` + +Example: + +``` +set -privilege advanced +network interface service-policy add-service -service management-https -policy default-data-files -vserver testserver +``` + +### Firewall Policy + +For ONTAP 9.5 and older, the following commands can be used to either create a new firewall policy +or modify an existing policy if ONTAPI is blocked. + +#### Create New Firewall HTTP Policy + +Use the following commands with the Cluster Management LIF to create a new firewall HTTP policy: + +``` +system services firewall policy clone -policy data -vserver [ADMIN_SVM_NAME] -destination-policy [FIREWALL_POLICY_NAME] -destination-vserver [SVM_NAME] +system services firewall policy create -vserver [SVM_NAME] -policy [FIREWALL_POLICY_NAME] -service http -allow-list [IP_ADDRESS]/[NETMASK], [IP_ADDRESS]/[NETMASK] +``` + +Example: + +``` +system services firewall policy clone -policy data -vserver myontap -destination-policy enterpriseauditorfirewall -destination-vserver testserver +system services firewall policy create -vserver testserver -policy enterpriseauditorfirewall -service http -allow-list 192.168.30.15/32 +``` + +#### Create New Firewall HTTPS Policy + +Use the following commands with the Cluster Management LIF to create a new firewall HTTPS policy: + +``` +system services firewall policy clone -policy data -vserver [ADMIN_SVM_NAME] -destination-policy [FIREWALL_POLICY_NAME] -destination-vserver [SVM_NAME] +system services firewall policy create -vserver [SVM_NAME] -policy [FIREWALL_POLICY_NAME] -service https -allow-list [IP_ADDRESS]/[NETMASK], [IP_ADDRESS]/[NETMASK] +``` + +Example: + +``` +system services firewall policy clone -policy data -vserver myontap -destination-policy enterpriseauditorfirewall -destination-vserver testserver +system services firewall policy create -vserver testserver -policy enterpriseauditorfirewall -service https -allow-list 192.168.30.15/32 +``` + +#### Apply Firewall Policy to SVM Data LIF + +Use the following command to modify an existing firewall policy: + +``` +network interface modify -vserver [SVM_NAME] -lif [DATA LIF NAME] -firewall-policy [FIREWALL_POLICY_NAME] +``` + +Example: + +``` +network interface modify -vserver testserver -lif datal -firewall-policy enterpriseauditorfirewall +``` + +For more information about creating a firewall policy and assigning it to a LIF, read the +[Configure firewall policies for LIFs](https://docs.netapp.com/us-en/ontap/networking/configure_firewall_policies_for_lifs.html)[ ](https://docs.netapp.com/us-en/ontap/networking/configure_firewall_policies_for_lifs.html) +article. + +#### Validate Firewall Policy + +Run the following command to validate the firewall policy: + +``` +system services firewall policy show -policy [FIREWALL_POLICY_NAME] -service [HTTP_HTTPS] +``` + +Example: + +``` +system services firewall policy show -policy enterpriseauditorfirewall -service http +``` + +Verify that the output is displayed as follows: + +![validatefirewall](/images/activitymonitor/9.0/config/netappcmode/validatefirewall.webp) + +## FPolicy + +The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to +the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or +several agents and sends notifications as soon as the file transaction occurs. The FPolicy +connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to +make sure that connections are alive and working. The connection can be secured using TLS with +server or mutual authentication. + +ONTAP cluster nodes connect to the agent on port 9999 by default. The port can be changed in the +agent's settings. The agent adds this port to Windows Firewall exclusions automatically. Please +ensure the port is not blocked by other firewalls between ONTAP and the agent. + +### Data-fpolicy-client Service + +Starting with ONTAP 9.8, each data LIF of the SVM must have the **data-fpolicy-client** service +included in its service-policy configuration. This service enables the FPolicy protocol for the LIF. +Use the following commands to ensure that the service is included. + +**Step 1** – Display LIFs of the SVM. Take note of the _service policy_ name used by the data LIFs. + +``` +network interface show -vserver [SVM] -instance +``` + +**Step 2** – Check the services included in the SVM service policy + +``` +network interface service-policy show -policy [POLICY_NAME] +``` + +**Step 3** – Add the **data-fpolicy-client** service if it is missing + +``` +set -privilege advanced +network interface service-policy add-service -service data-fpolicy-client -policy [POLICY_NAME] -vserver [SVM] +``` + +Example: + +``` +set -privilege advanced +network interface service-policy add-service -service data-fpolicy-client -policy default-data-files -vserver testserver +``` diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md new file mode 100644 index 0000000000..b0ba05a883 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md @@ -0,0 +1,937 @@ +--- +title: "Configure FPolicy" +description: "Configure FPolicy" +sidebar_position: 30 +--- + +# Configure FPolicy + +Activity Monitor relies on the NetApp FPolicy framework for monitoring of file access events on +Storage Virtual Machines (SVM). FPolicy needs to be configured for each SVM. + +There are two ways to configure FPolicy: + +- Activity Monitor agent can facilitate the Automatic Configuration of FPolicy for the monitored SVM + using the ONTAP API. This mode is simple, but does not allow you to exclude certain volumes or + shares of the SVM from being monitored. It also requires additional permissions to create and + modify FPolicy. +- Another option is to Manually Configure FPolicy for each SVM. This mode allows you to fine tune + FPolicy by excluding certain volumes or shares from being monitored. It also reduces product + permissions. + +Regardless of the chosen approach for FPolicy configuration, one also needs to perform extra steps +if the FPolicy communication has to be secured with TLS. + +## TLS Authentication Options + +There are two TLS FPolicy Authentication options that can be used: + +- TLS, server authentication – Server only authentication + + - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a + PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor + Console server. + - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM, and + then server-authentication set. + - For automatic FPolicy configuration, the Activity Monitor manages installation of the Server + Certificate. + +- TLS, mutual authentication – Mutual authentication + + - A certificate (Server Certificate) for the Agent server needs to be generated and copied to a + PEM file. The Server Certificate PEM file needs to be saved locally on the Activity Monitor + Console server. + - A certificate (Client Certificate) for the SVM needs to be copied to a PEM file and saved + locally on the Activity Monitor Console server. + - For manual FPolicy configuration, the Server Certificate needs to be installed on the SVM and + then mutual-authentication set. + - For automatic FPolicy configuration, mutual-authentication set before the configuration + process. The Activity Monitor manages installation of both certificates. + +### Generate Server Certificate + +A certificate (Server Certificate) for the Agent server needs to be generated and copied to a PEM +file. This is required for both of the TLS authentication options. + +The PEM file must contain both Public Key and Private Key parts. A certificate may be self-signed or +issued by a certification authority. Below are the steps for generation of a self-signed certificate +using OpenSSL toolkit. + +Use the following command on the agent server to create the Server Certificate and copy it to a .pem +file: + +``` +openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=[ACTIVITY_AGENT_SERVER_NAME]"  +copy cert.pem+key.pem [CERTIFICATE_FILE_NAME.pem] +del cert.pem key.pem .rnd +``` + +Example: + +``` +openssl.exe req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=testagentserver"  +copy cert.pem+key.pem agentkey.pem +del cert.pem key.pem .rnd +``` + +In this example ` agentkey.pem` would be used as the Server Certificate. Save the Server Certificate +locally on the Activity Monitor Console server. + +### Create PEM File for Client Certificate + +A certificate (Client Certificate) for the SVM needs to be copied to a PEM file. This is required +for the TLS, mutual authentication option. Follow the steps to create the PEM file for the Client +Certificate. + +**Step 1 –** On the SVM , use the following command to show the security certificate details: + +``` +security certificate show -vserver [SVM_NAME] -type server instance +``` + +Example: + +``` +security certificate show -vserver testserver -type server instance +``` + +**Step 2 –** Copy the security certificate details into a text file and copy the public key to a PEM +file. The following variables from security details will be needed to set mutual-authentication +during Part 6 of manual configuration and prior to automatic configuration: + +- SVM +- Common Name +- Certificate Serial +- Public Key Certificate + +**Step 3 –** Copy the value of Public Key Certificate field to a PEM file. The value spans multiple +lines, starts with "`----BEGIN CERTIFICATE-----`" and ends with "`-----END CERTIFICATE-----`". + +The Client Certificate PEM file has been created. + +## Persistent Store + +For ONTAP 9.15.1 and later, enabling the Persistent Store feature is recommended regardless of the +chosen FPolicy configuration approach. The Persistent Store provides resilience and predictable +latency in scenarios such as network delays or bursts of activity events. The feature uses a +dedicated volume for each SVM as a staging buffer before events are sent to the agent. + +Persistent Store requires the following parameters: + +- Volume name – If the volume does not exist, it will be created automatically (recommended). +- Initial volume size – Specifies the starting size of the volume. +- Autosize mode – Options include Off, Grow, or Grow/Shrink. + +The size depends on the time duration for which you want to persist the events and the rate of +events. For example, if you want 30 minutes of events to persist in an SVM with a capacity of 5000 +events per second and the average event record size of 0.6 KB, the required volume size is +`5000 * 30 * 60 * 0.6 KB = 5400000 KB ≈ 5 GB`. + +:::note +To find the approximate event rate, use the FPolicy counter `requests_dispatched_rate`. +::: + + +:::note +For the Persistent Store to automatically create a volume, the SVM must have at least one +local tier (aggregate) assigned. +::: + + +To check that the SVM has assigned local tiers, use the following command: + +**vserver show -vserver [SVM_NAME] -fields aggr-list** + +The command shows currently local tiers. If no tiers are assigned, "-" is displayed. + +To assign local tiers to the SVM use the following command: + +**vserver add-aggregates -vserver [SVM_NAME] -aggregates [AGGREGATE_LIST]** + +Example: + +**vserver add-aggregates -vserver testserver -aggregates aggr1,aggr2** + +:::note +This command is available to cluster administrators at the admin privilege level. +::: + + +It is recommended to allow the volume to be created automatically. In this case, the FPolicy +subsystem manages the volume, maintains the directory structure, and protects it from accidental +deletion by marking it as not mountable. + +If you choose to create the volume manually, ensure the following: + +- The volume is not mounted and has no junction point. +- The snapshot policy for the volume is set to none. + +For additional and up-to-date recommendations on volumes for the Persistent Store, refer to the +NetApp documentation. + +## Manually Configure FPolicy + +This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is +recommended if the policy needs to be scoped to monitor select volumes or shares. It is necessary to +create several FPolicy components and then enable the FPolicy. See the sections corresponding to +each part of this list: + +- Part 1: Install Server Certificate on the SVM (only if using TLS authentication) + + - This is only needed if using either of the TLS, … authentication options. + +- Part 2: Create External Engine + + - The External Engine defines how FPolicy makes and manages connections to external FPolicy + servers like Activity Monitor Agent. + +- Part 3: Create FPolicy Events + + - An FPolicy event defines which protocol(s) to monitor and which file access events to monitor. + +- Part 4: Create Persistent Store (only if Persistent Store is used. RECOMMENDED) + + - A Persistent Store is used as a temporary on-disk storage before the events are sent to + Activity Monitor Agent. + +- Part 5: Create FPolicy Policy + + - The FPolicy policy associates the other three FPolicy components and allows for the + designation of a privileged FPolicy user + - If running the Access Auditing (FSAA), Activity Auditing (FSAC), and/or Sensitive Data + Discovery Auditing scans, then this is the user account credential to be added to the Access + Analyzer Connection Profile. + +- Part 6: Create FPolicy Scope + + - The FPolicy scope creates the filters necessary to perform scans on specific shares or + volumes. + +- Part 7: Set TLS Authentication (optional) + + - This is only needed if using either of the TLS authentication options. + +- Part 8: Enable the FPolicy + + - Once the FPolicy is enabled, the Activity Monitor Agent can be configured to monitor the SVM. + +- Part 9: Connect FPolicy Server / Agent to Cluster Node (optional) + + - This is only needed if there is an issue with connection to the Cluster node or for + troubleshooting a disconnection issue. + +### Part 1: Install Server Certificate on the SVM + +If using the TLS authentication options, it is necessary to install the Server Certificate on the +SVM. + +Use the following command to install the Server Certificate: + +``` +security certificate install type client-ca -vserver [SVM_NAME] +``` + +Example: + +``` +security certificate install type client-ca -vserver testserver +``` + +The command will ask you to provide a public certificate. Copy the public key from the Server +Certificate PEM file, i.e. the block starting with "`-----BEGIN CERTIFICATE-----`" and ending with +"`-----END CERTIFICATE-----`". Paste the block to the terminal window. + +#### Validate Part 1: Server Certificate Install + +Run the following command to validate the Server Certificate is installed: + +``` +security certificate show -vserver [SVM_NAME] -commonname [ACTIVITY_AGENT_SERVER_NAME] -type client-ca instance +``` + +Example: + +``` +security certificate show -vserver testserver -commonname testagentserver -type client-ca instance +``` + +### Part 2: Create External Engine + +The External Engine defines how FPolicy makes and manages connections to external FPolicy servers. + +IMPORTANT: + +- The `-primary-servers` must be the server or servers hosting the Activity Monitor Agent. +- If intending to use the Activity Monitor with Access Analyzer, then the primary server must also + be the proxy server from which the Access Analyzer Access Auditing (FSAC) scans are running, e.g. + the Access Analyzer Console server for local mode or the proxy server if running in any of the + proxy mode options. +- The following values are required: + + - `engine-name StealthAUDITEngine`, the names of the external engine object can be customized + (see below). + - `port 9999`, Port number can be customized, but it is recommended to use 9999. + - `extern-engine-type asynchronous` + - `ssl-option no-auth` + - `send-buffer-size 6291456`, for ONTAP 9.10+ use `send-buffer-size 8388608` + +:::warning +All parameters are case sensitive. +::: + + +Use the following command to create the external engine: + +``` +set -privilege advanced +vserver fpolicy policy external-engine create -vserver [SVM_NAME] -engine-name StealthAUDITEngine -primary-servers [IP_ADDRESS,…] -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 +``` + +Example: + +``` +set -privilege advanced +vserver fpolicy policy external-engine create -vserver testserver -engine-name StealthAUDITEngine -primary-servers 192.168.30.15 -port 9999 -extern-engine-type asynchronous -ssl-option no-auth -send-buffer-size 6291456 +``` + +#### Validate Part 2: External Engine Creation + +Run the following command to validate the creation of the external engine: + +``` +fpolicy policy external-engine show -vserver [SVM_NAME] -engine-name StealthAUDITEngine -instance +``` + +Verify that the output is displayed as follows: + +``` +Ontap915::> fpolicy policy external-engine show -vserver svm0 -engine-name StealthAUDITEngine -instance +  (vserver fpolicy policy external-engine show) +                                Vserver: svm0 +                                 Engine: StealthAUDITEngine +                Primary FPolicy Servers: 192.168.11.35 +         Port Number of FPolicy Service: 9999 +              Secondary FPolicy Servers: - +                   External Engine Type: asynchronous +  SSL Option for External Communication: no-auth +             FQDN or Custom Common Name: - +           Serial Number of Certificate: - +                  Certificate Authority: - +          Is Resiliency Feature Enabled: false +Maximum Notification Retention Duration: 3m +     Directory for Notification Storage: - +                 External Engine Format: xml +``` + +Relevant NetApp Documentation: To learn more about creating an external engine, please visit the +NetApp website and read the +[vserver fpolicy policy external-engine create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-external-engine-create.html) +article. + +### Part 3: Create FPolicy Event + +An event defines which protocol to monitor and which file access events to monitor. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- Access Analyzer and the Activity Monitor are capable of monitoring both NFS and CIFS. However, it + is necessary to create separate events for each protocol. +- The following values are required: + + - `event-name` + + - For CIFS shares – ` StealthAUDITScreeningCifs` for successful events; + `StealthAUDITScreeningFailedCifs` for failed events. + - For NFS shares – `StealthAUDITScreeningNfsV3, StealthAUDITScreeningNfsV4` for successful + events; `StealthAUDITScreeningFailedNfsV3, StealthAUDITScreeningFailedNfsV4` for failed + events. + The names of the event objects can be customized (see Customization of FPolicy Object + Names). + + - `volume-operation true` + - `protocol` – one of the following `cifs`, `nfsv3`, `nfsv4` + - `monitor-fileop-failure` – `true `or `false`, indicates whether failed file operations are + reported. + +- Limiting the file operations to be monitored is an excellent way to limit the performance impact + the FPolicy will have on the NetApp device. The file operations from which to choose are below + with additional filter options: + + - `create` – File create operations + - `create_dir` – Directory create operations + - `close` – File close operations + + - Enable this operation for NFSv4 to capture all read operations + + - `delete` – File delete operations + - `delete_dir` – Directory delete operations + - `link` – Link operations + - `open` – File open operations for CIFS protocol + + - `open-with-delete-intent` – Limits notification to only when an attempt is made to open a + file with the intent to delete it, according to the `FILE_DELETE_ON_CLOSE` flag + specification + + :::note + File open operations are only supported with the `open-with-delete-intent` + filter applied. + ::: + + + - `read` – File read operations + + - `first-read` – Limits notification to only first read operations for CIFS protocol. For + ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. + + - `rename`– File rename operations + - `rename_dir`– Directory rename operations + - `setattr` – Set attribute operations and permission changes. The following filters are + available for ONTAP 9.0+ to limit events to permission changes only: + + - CIFS: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-sacl-change` + - `setattr-with-dacl-change` + + - NFSv3: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-mode-change` + + - NFSv4: + + - `setattr-with-owner-change` + - `setattr-with-group-change` + - `setattr-with-mode-change` + - `setattr-with-sacl-change` + - `setattr-with-dacl-change` + + - `symlink` – Symbolic link operations + - `write` – File write operations + + - `first-write` – Limits notification to only first write operations for CIFS protocol. For + ONTAP 9.2+, this filter can be used for both CIFS and NFS protocols. + +- For failed/denied events, the list of supported file operations is limited to the following + values: + + - CIFS: `open` + - NFSv3: + `create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` + - NFSv4: + `open, create, create_dir, read, write, delete, delete_dir, rename, rename_dir, setattr, link` + +:::warning +All parameters are case sensitive. +::: + + +Use the following command to create the FPolicy event for CIFS protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningCifs -volume-operation true -protocol cifs -file-operations create,create_dir,delete,delete_dir,open,read,write,rename,rename_dir,setattr -filters first-read,first-write,open-with-delete-intent,setattr-with-owner-change,setattr-with-group-change,setattr-with-sacl-change,setattr-with-dacl-change +``` + +Use the following command to create the FPolicy event for NFSv3 protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV3 -volume-operation true -protocol nfsv3 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink -filters first-read,first-write,setattr-with-owner-change,setattr-with-group-change,setattr-with-mode-change +``` + +Use the following command to create the FPolicy event for NFSv4 protocols: + +``` +vserver fpolicy policy event create -vserver [SVM_NAME] -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations [COMMA_SEPARATED_FILE_OPERATIONS] -filters [COMMA_SEPARATED_FILTERS] +``` + +Example: + +``` +vserver fpolicy policy event create -vserver testserver -event-name StealthAUDITScreeningNfsV4 -volume-operation true -protocol nfsv4 -file-operations create,create_dir,delete,delete_dir,read,write,rename,rename_dir,setattr,link,symlink,close -filters setattr-with-group-change,setattr-with-mode-change,setattr-with-sacl-change,setattr-with-dacl-change +``` + +#### Validate Part 3: FPolicy Event Creation + +Run the following command to validate the creation of the FPolicy event: + +``` +fpolicy policy event show -vserver [SVM_NAME] -event-name [StealthAUDITScreeningCifs or StealthAUDITScreeningNfsV3 or StealthAUDITScreeningNfsV4 or ...] -instance +``` + +Example: + +``` +fpolicy policy event show -vserver [SVM_NAME] -event-name StealthAUDITScreeningCifs -instance +``` + +Verify that the output is displayed as follows: + +``` +Ontap915::> fpolicy policy event show -vserver svm0 -event-name StealthAUDITScreeningCifs +  (vserver fpolicy policy event show) +                                 Vserver: svm0 +                                   Event: StealthAUDITScreeningCifs +                                Protocol: cifs +                         File Operations: create, create_dir, delete, +                                          delete_dir, open, read, write, +                                          rename, rename_dir, setattr +                                 Filters: first-read, first-write, +                                          open-with-delete-intent, +                                          setattr-with-owner-change, +                                          setattr-with-group-change, +                                          setattr-with-sacl-change, +                                          setattr-with-dacl-change, +                                          setattr-with-mode-change +     Send Volume Operation Notifications: true +Send Failed File Operation Notifications: false +``` + +Relevant NetApp Documentation: To learn more about creating an event, please visit the NetApp +website and read the +[vserver fpolicy policy event create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-event-create.html) +article. + +### Part 4: Create Persistent Store + +The Persistent Store provides a temporary on-disk storage for activity events before they are sent +to Activity Monitor Agent. The Persistent Store is optional but recommended for ONTAP 9.15.1 and +later versions. + +IMPORTANT: + +- Persistent Store is supported for ONTAP 9.15.1 and later versions. +- The SVM used must be the one hosting the CIFS or NFS shares to be monitored. +- There is no need to use an existing volume. A new volume will be created automatically and managed + by the FPolicy subsystem. +- The volume size depends on the duration for which the events persist and the event rate. For + example, if you want 30 minutes of events to persist in an SVM with a capacity of 5000 + events/second and the average event record size of 0.6 KB, the required volume size is + `5000 * 30 * 60 * 0.6 KB = 5400000 KB ≈ 5 GB`. +- For the Persistent Store to create a volume automatically, at least one local tier (aggregate) + must be assigned to the SVM. Use `vserver add-aggregates` to assign local tiers. + + The following values are required: + + - `vserver` – The name of the SVM where you want to create the Persistent Store. + - `persistent-store` – The name of the Persistent Store object. + + - The default name is `StealthAUDITPersistentStore`. + The names of the event objects can be customized (see Customization of FPolicy Object + Names). + + - `volume` – The name of the volume used for event storage. + + - If the volume does not exist, it will be automatically created on an assigned local tier. + This is recommended. + + - `size` – The initial size of the volume. The format is `[KB|MB|GB]`. + + The following values are optional: + + - `autosize-mode` – Specifies the auto size behavior for the volume. Options include `off` + (default), `grow`, or `grow_shrink`. + +:::warning +All parameters are case sensitive. +::: + + +Use the following command to create the Persistent Store: + +vserver fpolicy persistent-store create -vserver [SVM_NAME] -persistent-store [STORE_NAME] -volume +[VOLUME_NAME] -size [SIZE] -autosize-mode [AUTOSIZE] + +Example: + +vserver fpolicy persistent-store create -vserver testserver -persistent-store +StealthAUDITPersistentStore -volume testserver_ps_vol -size 5GB -autosize-mode grow_shrink + +#### Validate Part 4: Create Persistent Store + +Run the following command to validate the creation of the Persistent Store: + +vserver fpolicy persistent-store show -vserver [SVM_NAME] -persistent-store +StealthAUDITPersistentStore -instance + +Ensure that the output is displayed as follows: + +cluster1::> vserver fpolicy persistent-store show -vserver testserver -persistent-store +StealthAUDITPersistentStore -instance + Vserver: testserver + Persistent Store Name: StealthAUDITPersistentStore + Volume name of the Persistent store: testserver_ps_vol + Size of the Persistent Store: 5GB + Autosize Mode for the Volume: grow_shrink + +Visit the NetApp website and see the +[vserver fpolicy persistent store create](https://docs.netapp.com/us-en/ontap-cli/vserver-fpolicy-persistent-store-create.html) +article for additional information about creating a Persistent Store. + +### Part 5: Create FPolicy Policy + +The FPolicy policy associates the other three FPolicy components and allows for the designation of a +privileged FPolicy user, or the provisioned FPolicy account. If running the Access Auditing (FSAA), +Activity Auditing (FSAC), and/or Sensitive Data Discovery Auditing scans in Access Analyzer, then +this is also the user account credential to be added to the Access Analyzer Connection Profile. + +IMPORTANT: + +- To monitor both CIFS and NFS protocols, two FPolicy Event were created. Multiple events can be + included in the FPolicy policy. +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- The External Engine, FPolicy Event, Persistent Store used in this command must be configuration + objects created in the preceding steps. + + The following values are required: + + - `vserver` – The name of SVM. + - `policy-name StealthAUDIT` – The name of the policy object can be customized (see + Customization of FPolicy Object Names). + - `engine` – The name of the External Engine created in Part 2: Create External Engine. + - `events` – A list of FPolicy Event objects created in Part 3: Create FPolicy Event. + - `persistent-store` – The name of the Persistent Store created in Part 4: Create Persistent + Store. Required only if the Persistent Store is used. + + The following values are required for Access Analyzer integration: + + - `privileged-user-name` – Must be a provisioned FPolicy account. + - `allow-privileged-access` – Set to yes. + +:::warning +All parameters are case sensitive. +::: + + +Use the following command to create the FPolicy policy to monitor both CIFS and NFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs,StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +Use the following command to create the FPolicy policy to monitor only CIFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningCifs -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +Use the following command to create the FPolicy policy to monitor only NFS protocols: + +``` +vserver fpolicy policy create -vserver [SVM_NAME] -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +vserver fpolicy policy create -vserver testserver -policy-name StealthAUDIT -events StealthAUDITScreeningNfsV3,StealthAUDITScreeningNfsV4 -engine StealthAUDITEngine -persistent-store StealthAUDITPersistentStore -is-mandatory false -allow-privileged-access yes -privileged-user-name example\user1 +``` + +#### Validate Part 5: FPolicy Policy Creation + +Run the following command to validate the creation of the FPolicy policy: + +``` +fpolicy policy show -vserver [SVM_NAME] -policy-name StealthAUDIT -instance +``` + +``` +Ontap915::> fpolicy policy show -instance +  (vserver fpolicy policy show) +                        Vserver: svm0 +                         Policy: StealthAUDIT +              Events to Monitor: StealthAUDITScreeningCifs, +                                 StealthAUDITScreeningFailedCifs, +                                 StealthAUDITScreeningNfsV3, +                                 StealthAUDITScreeningFailedNfsV3, +                                 StealthAUDITScreeningNfsV4, +                                 StealthAUDITScreeningFailedNfsV4 +                 FPolicy Engine: StealthAUDITEngine +Is Mandatory Screening Required: false +        Allow Privileged Access: no +User Name for Privileged Access: - +    Is Passthrough Read Enabled: false +          Persistent Store Name: - +``` + +Relevant NetApp Documentation: To learn more about creating a policy, please visit the NetApp +website and read the +[vserver fpolicy policy create](https://docs.netapp.com/us-en/ontap-cli/vserver-fpolicy-policy-create.html) +article. + +### Part 6: Create FPolicy Scope + +The FPolicy scope creates the filters necessary to perform scans on specific shares or volumes. It +is possible to set the scope to monitor all volumes or all shares by replacing the volume/share name +variable [SVM_NAME] in the command with an asterisk (\*). + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. +- It is not necessary to specify both volumes and shares. One or the other is sufficient. +- If you want to monitor everything, set the "`volumes-to-include`" value to "`*`". + +Use the following command to create the FPolicy scope by specifying volume(s): + +``` +vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -volumes-to-include [VOLUME_NAME],[VOLUME_NAME] +``` + +Example: + +``` +vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -volumes-to-include samplevolume1,samplevolume2 +``` + +Use the following command to create the FPolicy scope by specifying share(s): + +``` +vserver fpolicy policy scope create -vserver [SVM_NAME] -policy-name StealthAUDIT -shares-to-include [SHARE_NAME],[SHARE_NAME] +``` + +Example: + +``` +vserver fpolicy policy scope create -vserver testserver -policy-name StealthAUDIT -shares-to-include sampleshare1,sampleshare2 +``` + +#### Validate Part 6: FPolicy Scope Creation + +Run the following command to validate the FPolicy scope creation: + +``` +fpolicy policy scope show -instance +``` + +``` +Ontap915::> fpolicy policy scope show -instance +  (vserver fpolicy policy scope show) +                   Vserver: svm0 +                    Policy: StealthAUDIT +         Shares to Include: * +         Shares to Exclude: - +        Volumes to Include: * +        Volumes to Exclude: - +Export Policies to Include: * +Export Policies to Exclude: - +File Extensions to Include: - +File Extensions to Exclude: - +``` + +Relevant NetApp Documentation: To learn more about creating scope, please visit the NetApp website +and read the +[vserver fpolicy policy scope create](https://docs.netapp.com/us-en/ontap-cli-9141/vserver-fpolicy-policy-scope-create.html) +article. + +### Part 7: Set TLS Authentication + +If using the TLS authentication options, it is necessary to set authentication for the type of +authentication. + +#### Set Server-Authentication + +Use the following command to set server-authentication: + +``` +vserver fpolicy policy externalengine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option server-auth +``` + +Example: + +``` +vserver fpolicy policy externalengine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option server-auth +``` + +#### Set Mutual-Authentication + +Use the following command to set mutual-authentication: + +``` +vserver fpolicy policy external-engine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] +``` + +Example: + +``` +vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" +``` + +#### Validate Mutual-Authentication Is Set + +Run the following command to confirm mutual-authentication is set: + +``` +vserver fpolicy policy external-engine show -fields ssl-option +``` + +### Part 8: Enable the FPolicy + +The FPolicy must be enabled before the Activity Monitor Agent can be configured to monitor the SVM. + +IMPORTANT: + +- The SVM used must be the SVM hosting the CIFS or NFS shares to be monitored. + +Use the following command to enable the FPolicy: + +``` +vserver fpolicy enable -vserver [SVM_NAME] -policy-name StealthAUDIT -sequence-number [INTEGER] +``` + +Example: + +``` +vserver fpolicy enable -vserver testserver -policy-name StealthAUDIT -sequence-number 10 +``` + +#### Validate Part 8: FPolicy Enabled + +Run the following command to validate the FPolicy scope creation: + +``` +vserver fpolicy show +``` + +``` +Ontap915::> fpolicy show +    show                             show-enabled +    show-engine                      show-passthrough-read-connection +Ontap915::> fpolicy show +  (vserver fpolicy show) +                                      Sequence +Vserver       Policy Name               Number  Status   Engine +------------- ----------------------- --------  -------- --------- +svm0          StealthAUDIT                  10  on       StealthAU +                                                         DITEngine +``` + +Relevant NetApp Documentation: To learn more about enabling a policy, please visit the NetApp +website and read the +[vserver fpolicy enable](https://docs.netapp.com/us-en/ontap-cli-9121//vserver-fpolicy-enable.html) +article. + +### Part 9: Connect FPolicy Server / Agent to Cluster Node + +Manually connecting the FPolicy server (or Agent server) to the Cluster Node is only needed if there +is an issue with connection to the Cluster Node or for troubleshooting a disconnection issue. + +Use the following command to connect the `StealthAUDITEngine` that belongs to the `StealthAUDIT` +policy to all Cluster Nodes: + +``` +policy engine-connect -vserver [SVM_NAME] -policy-name StealthAUDIT -node * +``` + +Example: + +``` +policy engine-connect -vserver testserver -policy-name StealthAUDIT -node * +``` + +#### Validate Part 9: Connection to Cluster Node + +Run the following command to validate connection to the Cluster Node: + +``` +fpolicy show-engine -vserver [SVM_NAME] -policy-name StealthAUDIT -node * +``` + +``` +Ontap915::> fpolicy show-engine -vserver svm0 -policy-name StealthAUDIT -node * +  (vserver fpolicy show-engine) +                                   FPolicy           Server         Server +Vserver Policy Name   Node         Server            Status         Type +------- ------------- ------------ ----------------- -------------- ----------- +svm0    StealthAUDIT  Ontap915-01  192.168.11.35     disconnected   primary +``` + +## Automatic Configuration of FPolicy + +The Activity Monitor can automatically configure FPolicy on the targeted SVM. The FPolicy created +will monitor file system activity from all volumes and shares of the SVM. This feature can be +enabled using the **Configure FPolicy. Create or modify FPolicy objects if needed** checkbox on the +FPolicy page in the monitored host's properties in the Activity Monitor. + +Starting ONTAP 9.15.1 and later versions, it is recommended to enable the Persistent Store feature +that stores events on disk before they are sent to the Activity Monitor Agent. This reduces +client-side latency and increases resilience during network delays or bursts of activity. To enable +the Persistent Store, specify a volume name and size on the Persistent Store tab of the FPolicy page +in the monitored host properties. The volume will be automatically created if it does not already +exist. See the Persistent Store topic for additional information on the recommended volume size. + +If using the TLS, mutual authentication option, you will need to create the PEM file for the Client +Certification, which is needed during the monitored host configuration in the Activity Monitor. It +will also be necessary to set mutual authentication on the SVM. + +### Set TLS Mutual-Authentication + +If using the TLS, mutual authentication options, it is necessary to set authentication. + +Use the following command to set mutual-authentication: + +``` +vserver fpolicy policy external-engine modify -vserver [SVM_NAME] -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name [COMMON_NAME] -certificate-serial [CERTIFICATE_SERIAL] -certificate-ca [CERTIFICATE_AUTHORITY] +``` + +Example: + +``` +vserver fpolicy policy external-engine modify -vserver testserver -engine-name StealthAUDITEngine -ssl-option mutual-auth -certificate-common-name testserver -certificate-serial 461AC46521B31321330EBBE4321AC51D -certificate-ca "VeriSign Universal Root Certification Authority" +``` + +#### Validate: Mutual-Authentication + +Run the following command to confirm mutual-authentication is set: + +``` +vserver fpolicy policy external-engine show -fields ssl-option +``` + +## Customization of FPolicy Object Names + +Activity Monitor uses the following FPolicy object names by default: + +- Policy name – `StealthAUDIT` +- External Engine name – `StealthAUDITEngine` +- CIFS Event name – `StealthAUDITScreeningCifs` +- NFS v3 Event name – `StealthAUDITScreeningNfsV3` +- NFS v4 Event name – `StealthAUDITScreeningNfsV4` +- Failed CIFS Event name – `StealthAUDITScreeningFailedCifs` +- Failed NFS v3 Event name – `StealthAUDITScreeningFailedNfsV3` +- Failed NFS v4 Event name – `StealthAUDITScreeningFailedNfsV4` +- Persistent Store name – `StealthAUDITPersistentStore` + +These names can be customized in the monitored host's settings in the Activity Monitor. It can be +useful in two scenarios: + +- You want the names to match the company policies; +- You want to configure FPolicy manually using your custom names, but also want to leverage the + "Enable and Connect FPolicy" feature of the Activity Monitor, so that the product ensures that + FPolicy stays enabled and connected at all times. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/ontap-cluster-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/ontap-cluster-activity.md new file mode 100644 index 0000000000..894559daad --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/ontap-cluster-activity.md @@ -0,0 +1,229 @@ +--- +title: "NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration" +description: "NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration" +sidebar_position: 90 +--- + +# NetApp Data ONTAP Cluster-Mode Activity Auditing Configuration + +The Activity Monitor agent employed to monitor NetApp leverages NetApp ONTAP API, and the NetApp +FPolicy framework to monitor file system events. This includes both NetApp 7-Mode and Cluster-Mode +configurations. For more information about FPolicy read the +[What are the two parts of the FPolicy solution ](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) +article. + +Activity Monitor requires two communication channels for ONTAP monitoring: + +1. Activity Monitor Agent connects to ONTAP on port 80 or 443 for access to ONTAP API (ONTAPI/ZAPI + or REST API). +2. Data LIFs of the SVM connect to Activity Monitor Agent on port 9999 for FPolicy notifications. + +The ONTAP API access is mandatory; without the API access the agent will not be able to receive and +translate events from FPolicy. Both classic ONTAPI/ZAPI and the new REST API are supported. The +agent uses the API to retrieve information about the storage virtual machines (SVM): CIFS settings, +list of volumes, list of LIFs. Depending on the configuration, the agent can also retrieve the state +of FPolicy to ensure it is enabled; configure FPolicy and register or unregister itself. + +The FPolicy framework enables the collection of audit events on the ONTAP side and their transfer to +the agent(s) via the designated Data LIFs. Each LIF establishes its own connection with one or +several agents and sends notifications as soon as the file transaction occurs. The FPolicy +connection is asynchronous and buffered; both ONTAP and Activity Monitor have techniques in place to +make sure that connections are alive and working. The connection can be secured using TLS with +server or mutual authentication. + +FPolicy may have a significant impact on file system throughput, and it is always a best practice to +monitor performance when enabling FPolicy. + +:::info +Create a tailored FPolicy which only collects the desired activity from the +environment to limit the scope and impact. +::: + + +For scale-out and fault tolerance purposes, the product supports a range of deployment options. A +single agent can receive events from multiple SVMs. Or events from a single SVM can be distributed +among multiple agents. Or a set of SVMs can distribute events among a set of agents. The choice +depends on the fault tolerance requirements and the expected event flow. As a rule of thumb, the +_average_ load on a single agent should not exceed 5000 events per second. + +Starting with ONTAP 9.15.1, the FPolicy Persistent Store provides resilience and predictable latency +during scenarios such as network delays or bursts of activity. The feature uses a dedicated volume +for each SVM as a staging buffer before events are sent to the agent. FPolicy will automatically +create a volume if one does not already exist. + +:::info +Enable the Persistent Store feature and allow it to create a volume +automatically. +::: + + +## Configuration Checklist + +Complete the following checklist prior to configuring the activity monitoring of NetApp Data ONTAP +Cluster-Mode devices. Instructions for each item of the checklist are detailed within the following +sections. + +**Checklist Item 1: Plan Deployment** + +- Gather the following information: + + - Names of the SVM(s) to be monitored + + - FPolicy is configured for each SVM separately + - This should be the SVM(s) hosting the CIFS or NFS shares(s) to be monitored + + - Credentials to access ONTAP to provision a role and account. + - Desired functionality level: + + - _Manual_. A user configures FPolicy manually and ensures it stays enabled. + - _Enable and Connect FPolicy_. The product ensures that FPolicy stays enabled and connected + all the time. RECOMMENDED. + - _Configure FPolicy_. The product configures FPolicy automatically and ensures it stays + enabled and connected all the time. RECOMMENDED. + + - Volumes or shares on each SVM to be monitored + + - Limiting the FPolicy to select volumes or shares is an effective way to limit the + performance impact of FPolicy + + - Successful/failed file operations to be monitored + + - Limiting the FPolicy to specific file operations is an effective way to limit the + performance impact of FPolicy + + - IP Address of the server(s) where the Activity Monitor Agent is deployed + - API enabled in ONTAP: the classic ONTAPI/ZAPI or the new REST API + + - The product supports the REST API for ONTAP 9.13.1 and above. + - Volume names and sizes to be used as a Persistent Store for each SVM. This is recommended. + - The product supports the Persistent Store feature for ONTAP 9.15.1 and later. + - At least one local tier (aggregate) is assigned to the SVM. + + - Encryption and Authentication protocol for FPolicy connection + + - No Authentication (default) + - TLS, server authentication (the SVM authenticates the agent) + - TLS, mutual authentication (both the SVM and the agent authenticate each other) + +Persistent Store provides resilience and predictable latency in scenarios such as network delays or +bursts of activity events. + +It uses a dedicated volume for each SVM as a staging buffer before the events are sent to Activity +Monitor Agent. + +**Checklist Item 2: [Provision ONTAP Account](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/provisionactivity.md)** + +- Permission names depend on the API used, ONTAPI/ZAPI or REST API. +- The case of domain and username created during the account provisioning process must match exactly + to the credentials provided to the activity agent for authentication to work. +- The credential associated with the FPolicy used to monitor activity must be provisioned with + access to (at minimum) the following CLI or API commands, according to the level of collection + desired: + + - Manual, Collect Activity Events Only (Least Privilege) + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + + - Employ the “Enable and connect FPolicy” Option (Less Privilege) – RECOMMENDED + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `network interface` – Readonly access + - `vserver fpolicy disable` – All access + - `vserver fpolicy enable` – All access + - `vserver fpolicy engine-connect` – All access + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + - `/api/network/ip/interfaces` – Readonly access + - `/api/protocols/fpolicy` – All access + + - Employ the “Configure FPolicy” Option (Automatic Configuration of FPolicy) – RECOMMENDED + + - ONTAPI/ZAPI + + - `version` – Readonly access + - `volume` – Readonly access + - `vserver` – Readonly access + - `network interface` – Readonly access + - `vserver fpolicy` – All access + - `security certificate install` – All access (only if FPolicy uses a TLS connection) + + - REST API + + - `/api/cluster` – Readonly access + - `/api/protocols/cifs/services` – Readonly access + - `/api/storage/volumes` – Readonly access + - `/api/svm/svms` – Readonly access + - `/api/network/ip/interfaces` – Readonly access + - `/api/protocols/fpolicy` – All access + - `/api/security/certificates` – All access (only if FPolicy uses a TLS connection) + + - Access Analyzer Integration requires the addition of the following CLI command: + + - `security login role show-ontapi` – Readonly access + +**Checklist Item 3: [Configure Network](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefirewall.md)** + +- Agent must be able to connect to ONTAP API via a management LIF on ports HTTP (80) or HTTPS (443) + + - NetApp firewall policy may need to be modified. + - LIF's service policy may need to be modified to include `management-https` or + `management-http` services. + - Either of these ports is required. Activity Monitor requires ONTAP API access. + +- ONTAP cluster nodes, which serve the SVM, must be able to connect to the agent on port 9999. + + - LIFs' service policy may need to be modified to include `data-fpolicy-client` service. + - Each data serving node should have its own LIF with the `data-fpolicy-client` service. + - The default port 9999 can be changed in the agent's settings. + +**Checklist Item 4: [Configure FPolicy](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md)** + +- Remember: all FPolicy objects and SVM names are case sensitive. +- FPolicy must be configured for each SVM to be monitored. +- If using TLS, … authentication options, generate needed certificates and PEM files +- Select method: + + - Configure FPolicy Manually – If you want to exclude certain volumes or shares; a tailored + FPolicy decreases the impact on NetApp. + + - Required when the FPolicy account is provisioned for either Least Privileged or Less + Privilege permission model + - If using TLS, … authentication options, set authentication + + - Allow the Activity Monitor to create an FPolicy automatically + + - If using TLS, … authentication options, set authentication + - This option is enabled using the **Configure FPolicy. Create or modify FPolicy objects if + needed** checkbox for each monitored SVM. + - It monitors file system activity on all volumes and shares of the SVM. + - FPolicy configuration is automatically updated to reflect the Activity Monitor + configuration. + - Requires a Privileged Access credential be provided. + +- Enable the Persistent Store to increase the resilience and control the latency in case of network + outages or bursts of activity + +**Checklist Item 5: Activity Monitor Configuration** + +- Deploy the Activity Monitor Agent to a Windows server. +- Configure the Agent to monitor the SVM. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/provisionactivity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/provisionactivity.md new file mode 100644 index 0000000000..8689a54726 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/provisionactivity.md @@ -0,0 +1,397 @@ +--- +title: "Provision ONTAP Account" +description: "Provision ONTAP Account" +sidebar_position: 10 +--- + +# Provision ONTAP Account + +This topic describes the steps needed to create a user account with the privileges required to +connect the Activity Monitor Agent to ONTAP API and to execute the API calls required for activity +monitoring and configuration. + +Provisioning this account is a two part process: + +- Part 1: Create Security Role +- Part 2: Create Security Login + +## Part 1: Create Security Role + +This section provides instructions for creating an access-control role. An access-control role +consists of a role name and a set of commands or API endpoints to which the role has access. It also +includes an access level (none, read-only, or all) and a query that applies to the specified command +or API endpoint. + +The permissions needed depends on the functionality level: + +- Least Privileged: ONLY Collect Events – This is the minimal functionality level. A user manually + configures FPolicy and ensures that it stays enabled and connected. The product only collects + events. This functionality level is not recommended as it requires an additional solution that + tracks the state of FPolicy and fixes the problem should ONTAP disconnect or should the policy + become disabled. +- **_RECOMMENDED:_** Less Privileged: Enable/Connect Policy & Collect Events – With this level, the + user still performs the initial FPolicy configuration manually. The product tracks the state of + FPolicy with periodic checks to ensure it stays enabled and connected all the time. +- **_RECOMMENDED:_** Automatically Configure the FPolicy – With this full-blown level, no manual + configuration is needed. The product performs the initial FPolicy configuration; updates FPolicy + to reflect configuration changes; ensures that FPolicy stays enabled and connected all the time. + +No matter which set of permissions you provision, validate the configuration before continuing to +Part 2. See the Validate Part 1: Security Role Configuration topic for additional information. + +If the FPolicy is to be used for both the Activity Monitor and Access Analyzer, the account also +needs to be provisioned with an additional permission. See the Access Analyzer Integration topic for +additional information. + +The commands to create a role and names of permissions depend on the ONTAP API used. The product +supports both the classic ONTAPI/ZAPI and the new REST API. For ONTAPI/ZAPI you need to use +`security login role create` command to create a RBAC access control role. The required commands are +listed in the `cmddirname` parameter. For REST API, use `security login rest-role create` command to +create a REST access control role. The required API endpoint is specified in the `api` parameter. +The following sections provide instructions for both API modes. + +### Least Privileged: ONLY Collect Events + +If the desire is for a least privileged model, the Activity Monitor requires the following +permissions to collect events. + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + +Use the following commands to provision read-only access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME]     +``` + +Example: + +``` +security login role create -role enterpriseauditor -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditor -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditor -cmddirname "vserver" -access readonly -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access + +Use the following commands to provision read-only access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +``` + +:::note +If the FPolicy account is configured with these permissions, it is necessary to manually +configure the FPolicy. See the [Configure FPolicy](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md) topic for additional +information. +::: + + +### Less Privileged: Enable/Connect FPolicy & Collect Events + +If the desire is for a less privileged model, the Activity Monitor requires the following +permissions to collect events: + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + + `network interface` – Readonly access + +- `vserver fpolicy disable` – All access +- `vserver fpolicy enable` – All access + + :::tip + Remember, this permission permits the Activity Monitor to enable the FPolicy. If the “Enable + and connect FPolicy” option is employed but the permission is not provided, the agent will + encounter “Failed to enable policy” errors, but it will still be able to connect to the FPolicy. + Since this permission model requires a manual configuration of the FPolicy, then the need to + manually enable the FPolicy will be met. + ::: + + +- `vserver fpolicy engine-connect` – All access + +Use the following command to provision access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy disable" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy enable" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy disable" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy enable" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy engine-connect" -access all -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access +- `/api/network/ip/interfaces` – Readonly access +- `/api/protocols/fpolicy` – All access + +Use the following commands to provision read-only access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver +``` + +:::note +If the FPolicy account is configured with these permissions, it is necessary to manually +configure the FPolicy. See the [Configure FPolicy](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md) topic for additional +information. +::: + + +### Automatically Configure the FPolicy + +If the desire is for the Activity Monitor to automatically configure the FPolicy, the security role +requires the following permissions: + +#### ONTAPI/ZAPI + +- `version` – Readonly access +- `volume` – Readonly access +- `vserver` – Readonly access + + `network interface` – Readonly access + +- `vserver fpolicy` – All access +- `security certificate install` – All access + + :::tip + Remember, this permission is only needed for FPolicy TLS connections. + ::: + + +Use the following command to provision access to all required commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "version" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "volume" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "network interface" -access readonly -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "vserver fpolicy" -access all -query "" -vserver [SVM_NAME] +security login role create -role [ROLE_NAME] -cmddirname "security certificate install" -access all -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditorrest -cmddirname "version" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "volume" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "network interface" -access readonly -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "vserver fpolicy" -access all -query "" -vserver testserver +security login role create -role enterpriseauditorrest -cmddirname "security certificate install" -access all -query "" -vserver testserver +``` + +#### REST API + +- `/api/cluster` – Readonly access +- `/api/protocols/cifs/services` – Readonly access +- `/api/storage/volumes` – Readonly access +- `/api/svm/svms` – Readonly access +- `/api/network/ip/interfaces` – Readonly access +- `/api/protocols/fpolicy` – All access +- `/api/security/certificates` – All access + + Remember, this permission is only needed for FPolicy TLS connections. + +Use the following commands to provision access to all required API endpoints: + +``` +security login rest-role create -role [ROLE_NAME] -api "/api/cluster" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/cifs/services" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/storage/volumes" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/svm/svms" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/network/ip/interfaces" -access readonly -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/protocols/fpolicy" -access all -vserver [SVM_NAME] +security login rest-role create -role [ROLE_NAME] -api "/api/security/certificates" -access all -vserver [SVM_NAME] +``` + +Example: + +``` +security login rest-role create -role enterpriseauditorrest -api "/api/cluster" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/cifs/services" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/storage/volumes" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/svm/svms" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/network/ip/interfaces" -access readonly -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/protocols/fpolicy" -access all -vserver testserver +security login rest-role create -role enterpriseauditorrest -api "/api/security/certificates" -access all -vserver testserver +``` + +:::note +If the FPolicy account is configured with these permissions, the Activity Monitor can +automatically configure the FPolicy. See the [Configure FPolicy](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap-cluster-aac/configurefpolicy.md) topic for +additional information. +::: + + +### Access Analyzer Integration + +If the desire is for FPolicy to be used with both the Activity Monitor and Access Analyzer, then the +following permission is also required: + +- `security login role show-ontapi` – Readonly access + +Use the following command to provision read-only access to security login role show-ontapi commands: + +``` +security login role create -role [ROLE_NAME] -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver [SVM_NAME] +``` + +Example: + +``` +security login role create -role enterpriseauditor -cmddirname "security login role show-ontapi" -access readonly -query "" -vserver testserver +``` + +### Validate Part 1: Security Role Configuration + +For ONTAPI, run the following command to validate the RBAC security role configuration: + +``` +security login role show [ROLE_NAME] +``` + +Example: + +``` +security login role show enterpriseauditor +``` + +Relevant NetApp Documentation: For more information about creating RBAC access control roles, read +the +[security login role create](https://docs.netapp.com/us-en/ontap-cli-9141//security-login-role-create.html) +article. + +For REST API, run the following command to validate the REST security role configuration: + +``` +security login rest-role show [ROLE_NAME] +``` + +Example: + +``` +security login rest-role show enterpriseauditorrest +``` + +For more information about creating REST access control roles, read the +[security login rest-role create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-rest-role-create.html) +article. + +## Part 2: Create Security Login + +Once the access control role has been created, apply it to a domain account. Ensure the following +requirements are met: + +- The SVM used in the following command must be the same SVM used when creating the access control + role in Part 1. +- All parameters are case sensitive. +- It is recommended to use lowercase for both domain and username. The case of domain and username + created during the account provisioning process must match exactly to the credentials provided to + the Activity Monitor activity agent for authentication to work. +- In the `application` parameter, use `ontapi` for the ONTAPI/ZAPI and `http` for the REST API. + +Use the following command to create the security login for the security role created in Part 1: + +#### ONTAPI/ZAPI +``` +security login create -user-or-group-name [DOMAIN\DOMAINUSER] -application ontapi -authentication-method [DOMAIN_OR_PASSWORD_AUTH] -role [ROLE_NAME] -vserver [SVM_NAME] +``` + +Example: +``` +security login create -user-or-group-name example\user1 -application ontapi -authentication-method domain -role enterpriseauditor -vserver testserver +``` + +#### REST API +``` +security login create -user-or-group-name [DOMAIN\DOMAINUSER] -application http -authentication-method [DOMAIN_OR_PASSWORD_AUTH] -role [ROLE_NAME] -vserver [SVM_NAME] +``` +Example: +``` +security login create -user-or-group-name example\user1 -application http -authentication-method domain -role enterpriseauditor -vserver testserver +``` + +Validate this security login was created. + +### Validate Part 2: Security Login Creation + +Run the following command to validate security login: + +``` +security login show [DOMAIN\DOMAINUSER] +``` + +Example: + +``` +security login show example\user1 +``` + +Verify that the output is displayed as follows: + +![validatesecuritylogincreation](/images/activitymonitor/9.0/config/netappcmode/validatesecuritylogincreation.webp) + +For more information about creating security logins, read the +[security login create](https://docs.netapp.com/us-en/ontap-cli-9141/security-login-create.html) +article. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/_category_.json new file mode 100644 index 0000000000..2ccca62bc8 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "NetApp Data ONTAP 7-Mode Activity Auditing Configuration", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "ontap7-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/configurefpolicy.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/configurefpolicy.md new file mode 100644 index 0000000000..64cf6f42c9 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/configurefpolicy.md @@ -0,0 +1,177 @@ +--- +title: "Configure FPolicy" +description: "Configure FPolicy" +sidebar_position: 30 +--- + +# Configure FPolicy + +Select a method to configure the FPolicy for NetApp Data ONTAP 7-Mode devices: + +:::info +Manually Configure FPolicy (Recommended Option) – A tailored FPolicy +::: + + +- If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target + the vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing + these commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler + run command). +- Allow the Activity Monitor to create an FPolicy automatically. See the Automatic Configuration of + FPolicy topic for additional information. + + - This option is enabled when the Activity Monitor Activity Agent is configured to monitor the + NetApp device on the NetApp FPolicy Configuration page of the Add New Hosts window. + - It monitors all file system activity. + +## Manually Configure FPolicy (Recommended Option) + +This section describes how to manually configure FPolicy. Manual configuration of the FPolicy is +recommended so that the policy can be scoped. It is necessary to create six FPolicy components and +then enable the FPolicy. See the sections corresponding to each part of this list: + +- Part 1: Create FPolicy +- Part 2: Set FPolicy Required to Off +- Part 3: Set FPolicy to Collect Permission Changes +- Part 4: Set FPolicy to Monitor Alternate Data Streams +- Part 5: Set FPolicy to Monitor Disconnected Sessions +- Part 6: Scope FPolicy for Specific Volumes +- Part 7: Enable FPolicy + +If using vFilers the FPolicy must be created on the vFiler, and the Activity Monitor must target the +vFiler. This is because FPolicy operates on the affected vFiler. Therefore, when executing these +commands on a vFiler, the commands must be run from a vFiler context (e.g. via the vFiler run +command). + +Relevant NetApp Documentation: To learn more about configuring file policies, please visit the +NetApp website and read +[na_fpolicy – configure file policies](https://library.netapp.com/ecmdocs/ECMP1196890/html/man1/na_fpolicy.1.html) +article. + +### Part 1: Create FPolicy + +Create the FPolicy on the vFiler. + +IMPORTANT: + +- The policy should be named "StealthAUDIT" +- The only supported policy type is "screen" for file screening. + +Use the following command to create the FPolicy: + +``` +fpolicy create StealthAUDIT screen +``` + +### Part 2: Set FPolicy Required to Off + +If the `FPolicy Required` value is set to on, user requests are denied if an FPolicy server is not +available to implement the policy. If it is set to off, user requests are allowed when it is not +possible to apply the policy to the file because no FPolicy server is available. + +IMPORTANT: + +- The `FPolicy Required` value should be set to **off** + +Use the following command to set the `FPolicy Required` value to off: + +``` +fpolicy options StealthAUDIT required off +``` + +### Part 3: Set FPolicy to Collect Permission Changes + +The cifs_setattr value must be set to on in order for CIFS requests to change file security +descriptors to be screened by the policy. + +IMPORTANT: + +- The `cifs_setattr` value must be set to **on** + +Use the following command to enable the FPolicy to collect permission changes: + +``` +fpolicy options StealthAUDIT cifs_setattr on +``` + +### Part 4: Set FPolicy to Monitor Alternate Data Streams + +The monitor_ads value must be set to on in order for CIFS requests for alternate data streams (ADS) +to be monitored by the policy. + +IMPORTANT: + +- The `monitor_ads` value must be set to **on** + +Use the following command to enable the FPolicy to monitor ADS: + +``` +fpolicy options StealthAUDIT monitor_ads on +``` + +### Part 5: Set FPolicy to Monitor Disconnected Sessions + +The cifs_disconnect_check value must be set to on in order for CIFS requests associated with +disconnected sessions to be monitored by the policy. + +IMPORTANT: + +- The `cifs_disconnect_check` value must be set to **on** + +Use the following command to enable the FPolicy to monitor disconnected sessions: + +``` +fpolicy options StealthAUDIT cifs_disconnect_check on +``` + +### Part 6: Scope FPolicy for Specific Volumes + +The FPolicy can be scoped either to monitor only specified volumes (inclusion) or to not monitor +specific volumes (exclusion). + +IMPORTANT: + +- Choose to scope by including or excluding volumes + +Use the following command to scope the FPolicy by volume: + +``` +fpolicy -volume [INCLUDE OR EXCLUSION] -add StealthAUDIT [VOLUME_NAME],[VOLUME_NAME] +``` + +Inclusion Example: + +``` +fpolicy -volume include -add StealthAUDIT samplevolume1,samplevolume2 +``` + +Exclusion Example: + +``` +fpolicy -volume exclusion -add StealthAUDIT samplevolume1,samplevolume2 +``` + +### Part 7: Enable FPolicy + +The FPolicy must be enabled before the Activity Monitor Activity Agent can be configured to monitor +the NetApp device. + +IMPORTANT: + +- The Activity Monitor must register with the NetApp device as an FPolicy server. By default, it + looks for a policy named `StealthAUDIT`. See the + [Customize FPolicy Policy Name](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/customizefpolicy.md) section for information on using a different + policy name. + +Use the following command to enable the FPolicy to monitor disconnected sessions: + +``` +fpolicy enable StealthAUDIT +``` + +## Automatic Configuration of FPolicy + +The Activity Monitor can automatically configure FPolicy on the targeted NetApp Data ONTAP 7-Mode +device. The FPolicy created monitors all file system activity. This is done when the NetApp device +is assigned to the agent for monitoring. This option is enabled on the NetApp FPolicy Configuration +page of the Add New Host window. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/customizefpolicy.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/customizefpolicy.md new file mode 100644 index 0000000000..52ede5e022 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/customizefpolicy.md @@ -0,0 +1,10 @@ +--- +title: "Customize FPolicy Policy Name" +description: "Customize FPolicy Policy Name" +sidebar_position: 40 +--- + +# Customize FPolicy Policy Name + +There may be situations when FPolicy needs to be named something other than StealthAUDIT. +Use **Host properties > FPolicy > Customize FPolicy** page to change the FPolicy object names. \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/enablehttp.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/enablehttp.md new file mode 100644 index 0000000000..2cdbc8a4ce --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/enablehttp.md @@ -0,0 +1,35 @@ +--- +title: "Enable HTTP or HTTPS" +description: "Enable HTTP or HTTPS" +sidebar_position: 20 +--- + +# Enable HTTP or HTTPS + +The Activity Monitor Activity Agent must be able to send ONTAPI calls to the vFiler’s data LIF over +HTTP or HTTPS. The following commands will enable the HTTP or HTTPS communication between the vFiler +and the Activity Monitor. + +Use the following command to enable HTTP: + +``` +options httpd.admin.enable on +``` + +Check HTTP Status: + +``` +options httpd.admin.enable +``` + +Use the following command to enable HTTPS: + +``` +options httpd.admin.ssl.enable on +``` + +Check HTTP Status: + +``` +options httpd.admin.ssl.enable +``` diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/ontap7-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/ontap7-activity.md new file mode 100644 index 0000000000..e6d8b4881f --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/ontap7-activity.md @@ -0,0 +1,108 @@ +--- +title: "NetApp Data ONTAP 7-Mode Activity Auditing Configuration" +description: "NetApp Data ONTAP 7-Mode Activity Auditing Configuration" +sidebar_position: 80 +--- + +# NetApp Data ONTAP 7-Mode Activity Auditing Configuration + +The Activity Monitor agent employed to monitor NetApp leverages 128-bit encrypted Remote Procedure +Calls (RPC), NetApp ONTAP-API, and NetApp FPolicy to monitor file system events. This includes both +NetApp 7-Mode and Cluster-Mode configurations. To learn more about FPolicy please visit the NetApp +website and read the +[What FPolicy is](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-54FE1A84-6CF0-447E-9AAE-F43B61CA2138.html) +article. + +If the activity agent is stopped, a notification will be sent to the NetApp device to disconnect and +disable the associated FPolicy policy, but it will not be removed. + +If the network connection is lost between the activity agent and the NetApp device, the NetApp +device is configured with a default timeout to wait for a response. If a response is not received +from the Activity Agent within the timeout, then the NetApp device will disconnect and disable the +FPolicy policy. The Activity Agent will check every minute by default to see if the FPolicy policy +has been disabled and will enable it (if the auto-enable functionality is enabled for the agent). +The default setting to check every minute is configurable. + +The NetApp FPolicy uses a “push” mechanism such that notification will only be sent to the activity +agent when a transaction occurs. Daily activity log files are created only if activity is performed. +No activity log file will be created if there is no activity for the day. + +**Configuration Checklist** + +Complete the following checklist prior to configuring activity monitoring of NetApp Data ONTAP +7-Mode devices. Instructions for each item of the checklist are detailed within the following +topics. + +**Checklist Item 1: Plan Deployment** + +- Gather the following information: + - Names of the vFiler™(s) to be monitored + - DNS name of the CIFS shares(s) to be monitored + +**Checklist Item 2: [Provision FPolicy Account](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/provisionactivity.md)** + +- Group membership with a role granting access to the following commands: + + ``` + login-http-admin + api-system-api-list + api-system-get-version + api-cifs-share-list-iter-* + api-volume-list-info-iter-* + ``` + +- For Automatic FPolicy creation (Checklist Item 4), group membership with a role granting access to + the following command: + + ``` + api-fpolicy* + ``` + +- To use the “Enable and connect FPolicy” option within the Activity Monitor, group membership with + a role granting access to the following command: + + ``` + cli-fpolicy* + ``` + +- Group membership in: + + - ONTAP Power Users + - ONTAP Backup Operators + +**Checklist Item 3: Firewall Configuration** + +- HTTP (80) or HTTPS (443) +- HTTP or HTTPS protocols need to be enabled on the NetApp filer +- TCP 135 +- TCP 445 +- Dynamic port range: TCP/UDP 137-139 +- See the [Enable HTTP or HTTPS](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/enablehttp.md) topic for instructions. + +**Checklist Item 4: [Configure FPolicy](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/configurefpolicy.md)** + +- If using vFilers: + + - FPolicy operates on the vFiler so the FPolicy must be created on the vFiler + + :::note + Activity Monitor must target the vFiler + ::: + + +- Select method: + + :::info + Configure FPolicy Manually – A tailored FPolicy + ::: + + + - Allow the Activity Monitor to create an FPolicy automatically + - This option is enabled when the Activity Monitor agent is configured to monitor the NetApp + device on the NetApp FPolicy Configuration page of the Add New Hosts window. + - It monitors all file system activity. + +**Checklist Item 5: Activity Monitor Configuration** + +- Deploy the Activity Monitor Activity Agent to a Windows proxy server +- Configure the Activity Agent to monitor the NetApp device diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/provisionactivity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/provisionactivity.md new file mode 100644 index 0000000000..f334e6dce4 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/ontap7-aac/provisionactivity.md @@ -0,0 +1,105 @@ +--- +title: "Provision FPolicy Account" +description: "Provision FPolicy Account" +sidebar_position: 10 +--- + +# Provision FPolicy Account + +This topic describes the steps needed to create a user account with the privileges required to +connect the Activity Monitor Activity Agent to the FPolicy engine and to execute the NetApp API +calls required for activity monitoring and configuration. + +Provisioning this account is a three part process: + +- Part 1: Create Role with API/CLI Access +- Part 2: Create a Group & Assign Role +- Part 3: Add User to Group + +Relevant NetApp Documentation: To learn more about node access controls, please visit the NetApp +website and read the +[na_useradmin – Administers node access controls](https://library.netapp.com/ecmdocs/ECMP1511537/html/man1/na_useradmin.1.html) +article. + +## Part 1: Create Role with API/CLI Access + +This section provides instructions for creating a role with access to the following commands: + +``` +login-http-admin +api-system-api-list +api-system-get-version +api-cifs-share-list-iter-* +api-volume-list-info-iter-* +api-fpolicy* +cli-fpolicy* +``` + +:::note +The `api-fpolicy*` command is required for automatic configuration of FPolicy. The +`cli-fpolicy*` command is required to use the “Enable and connect FPolicy” option for a Monitored +Host configuration. +::: + + +The following command needs to be run to create the role. + +Run the following command when provisioning an account for manual configuration of FPolicy; it +includes the "Enable and connect FPolicy" option requirement: + +``` +useradmin role -add [ROLE_NAME] -c "[ROLE_DESCRIPTION]" -a login-http-admin,api-system-api-list,api-system-get-version,api-cifs-share-list-iter-*,api-volume-list-info-iter-*,cli-fpolicy* +``` + +Example: + +``` +useradmin role -add activitymonitor -c "Role for Activity Monitor" -a login-http-admin,api-system-api-list,api-system-get-version,api-cifs-share-list-iter-*,api-volume-list-info-iter-*,cli-fpolicy* +``` + +Run the following command when provisioning an account for automatic configuration of FPolicy; it +includes the "Enable and connect FPolicy" option requirement: + +``` +useradmin role -add [ROLE_NAME] -c "[ROLE_DESCRIPTION]" -a login-http-admin,api-system-api-list,api-system-get-version,api-cifs-share-list-iter-*,api-volume-list-info-iter-*,api-fpolicy*,cli-fpolicy* +``` + +Example: + +``` +useradmin role -add activitymonitor -c "Role for Activity Monitor" -a login-http-admin,api-system-api-list,api-system-get-version,api-cifs-share-list-iter-*,api-volume-list-info-iter-*,api-fpolicy*,cli-fpolicy* +``` + +After the role is created, complete Part 2: Create a Group & Assign Role. + +## Part 2: Create a Group & Assign Role + +Once the role has been created, it must be attached to a group. The following command needs to be +run to create a group and assign the role to it. + +``` +useradmin group -add [GROUP_NAME] -r [ROLE_NAME] +``` + +Example: + +``` +useradmin group -add nwxgroup -r enterpriseauditor +``` + +After the group is created and the role is assigned, complete Part 3: Add User to Group. + +## Part 3: Add User to Group + +The final step is to add the domain user to the new group, Backup Operators group, and Power Users +group. The following command needs to be run to add the user to all three groups. + +``` +useradmin domainuser -add [DOMAIN\USER] -g [GROUP_NAME, WITHIN " MARKS IF MULTIPLE WORDS],"Backup Operators","Power Users" +``` + +Example: + +``` +useradmin domainuser -add example\user1 -g nwxgroup,"Backup Operators","Power Users" +``` diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/panzura-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/panzura-activity.md new file mode 100644 index 0000000000..21593ed15b --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/panzura-activity.md @@ -0,0 +1,123 @@ +--- +title: "Panzura CloudFS Monitoring" +description: "Panzura CloudFS Monitoring" +sidebar_position: 110 +--- + +# Panzura CloudFS Monitoring + +Netwrix Activity Monitor can be configured to monitor file system activity on Panzura CloudFS +file-based storage. + +The monitoring process is based on two technologies: + +- Third Party Vendor Support auditing feature – Delivers audit events to Activity Monitor Agents +- CloudFS API – Used to register Activity Monitor as a consumer of audit events to query and update + auditing settings + +Auditing must be enabled on the master Panzura node and optionally overridden on the subordinate +nodes to support different deployment scenarios depending on the expected load and network latency. +A single agent monitors several Panzura nodes. + +![panzurasingleagntmonitor](/images/activitymonitor/9.0/config/panzura/panzurasingleagntmonitor.webp) + +Audit events are distributed between two agents. Audit settings are overridden on one Panzura node. + +![auditeventstwoagnt_panzura](/images/activitymonitor/9.0/config/panzura/auditeventstwoagnt_panzura.webp) + +The monitoring process relies on the Third Party Vendor Support auditing feature of the Panzura +CloudFS platform, which uses the AMQP protocol for event delivery. Unlike typical uses of the AMQP +protocol that require messaging middleware, the Panzura master and subordinate nodes connect +directly to the Netwrix Activity Monitor Agent, eliminating the need for middleware. + +Netwrix Activity Monitor uses Panzura API to register itself as a consumer of auditing events. It +also uses the API to perform periodic checks to ensure the auditing settings in Panzura are correct. +The credentials to access the API must be specified when a Panzura host is added to Activity Monitor +for monitoring. Additionally, the IP address of the port is 4497 by default and can be customized in +the properties for the Agent. + +:::note +See the [Panzura](/docs/activitymonitor/9.0/admin/monitoredhosts/add/panzura.md) topic for +additional information on Panzura Host. +::: + + +To prepare Panzura CloudFS for monitoring, auditing must be enabled. + +## Enable Auditing in CloudFS + +Auditing in CloudFS can be enabled either automatically or manually. + +:::info +Using the automatic option using the CloudFS API streamlines the configuration +process and ensures that auditing remains enabled and accurate. +::: + + +## Automatic Configuration + +Netwrix Activity Monitor uses the CloudFS API to configure Third Party Vendor Support auditing +option. + +If a master node is targeted, the product will configure the global audit settings and assign to be +pushed to subordinate nodes. If a subordinate node is targeted, the product will configure the local +audit settings to override the global ones. + +The product will also ensure the settings are correct with periodic checks. + +## Manual Configuration + +Follow these steps to enable auditing. + +**Step 1 –** Navigate to **Audit Settings** > **Third Party Support**. + +**Step 2 –** Enable the **Generate Third Party Logs** option. + +**Step 3 –** Enable the **Push to Subordinate(s)** option. + +**Step 4 –** Enter **other** as the Vendor Name. + +**Step 5 –** Under Actions, specify close, create, delete, delxattr, mkdir, move, open, read, +remove, rename, rlclaim, rmdir, setxattr, and writeUnder . + +If you require monitoring of Directory Read/List operations, which typically generate a high volume +of data, also include readdir to the list. + +**Step 6 –** Specify \* in Include Files. + +**Step 7 –** Specify - in Exclude Files. + +**Step 8 –** Finally, add the Panzura host to be monitored in the Activity Monitor Console. + +Auditing is now enabled. + +## Network Configuration + +Activity Monitor agents register themselves as consumers of audit data via the CloudFS API. The +agents pass their IP address and port along with other AMQP parameters. Panzura nodes use this +information to establish connections with the Activity Monitor agents. + +:::note +The address and port used for registration can be found or modified in the agent’s +settings. +::: + + +Follow the steps for network configuration. + +**Step 1 –** Open Activity Monitor Console. + +**Step 2 –** On the Agents tab, select an agent and click **Edit**. + +**Step 3 –** Use the Network tab to select the network interface that will be used for registration. + +**Step 4 –** Use the Panzura tab to modify the port. The default port is 4497. + +The agent will configure the Windows Firewall to allow incoming connections to the specified port +automatically. Use the following table to configure the firewall. + +| Communication Direction | Protocol | Ports | Description | +| --------------------------------------------------- | --------- | ----- | ------------------- | +| Activity Monitor Console to Activity Monitor Agents | TCP | 4498 | Agent communication | +| Activity Monitor Agent to Panzura nodes | TCP/HTTPS | 443 | CloudFS API | +| Panzura nodes to Activity Monitor Agent | TCP/AMQP | 4497 | Audit events | diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/_category_.json new file mode 100644 index 0000000000..e8053ec6a3 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Dell PowerStore Activity Auditing Configuration", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "powerstore-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/auditing.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/auditing.md new file mode 100644 index 0000000000..b873219695 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/auditing.md @@ -0,0 +1,124 @@ +--- +title: "Enable Auditing for Dell PowerStore" +description: "Enable Auditing for Dell PowerStore" +sidebar_position: 20 +--- + +# Enable Auditing for Dell PowerStore + +Follow the steps to enable auditing on Dell PowerStore. + +- Create an Event Publishing Pool +- Create an Event Publisher +- Enable Event Publishing for the NAS Server OR Enable or Disable Event Publishing for File System + +See the +[Dell PowerStore - File Capabilities](https://www.delltechnologies.com/asset/en-us/products/storage/industry-market/h18155-dell-powerstore-file-capabilities.pdf) +white paper for additional information. + +## Create an Event Publishing Pool + +Follow the steps tTo create a new event publishing pool.: + +**Step 1 –** Select **Storage** > **NAS Servers** > **NAS Settings** > **Publishing Pools**. + +**Step 2 –** Click **Create** and specify the name of the pool. + +**Step 3 –** Specify CEE's address or addresses. + +![Create Event Publishing Pool](/images/activitymonitor/9.0/config/dellpowerstore/eventpublishingpool.webp) + +- For SMB shares monitoring (CIFS) enable following Post-Events: – + + - CloseModified + - CloseUnmodified + - CreateDir + - CreateFile + - DeleteDir + - DeleteFile + - OpenFileNoAccess + - RenameDir + - RenameFile + - SetAclDir + - SetAclFile + +- For NFS exports monitoring enable following Post-Events: – + + - CloseModified, + - CloseUnmodified + - CreateDir + - CreateFile + - DeleteDir + - DeleteFile + - FileRead + - FileWrite + - OpenFileNoAccess + - RenameDir + - RenameFile + - SetAclDir + - SetAclFile + - SetSecDir + - SetSecFile + +**Step 4 –** Click **Apply**. + +## Create an Event Publisher + +Follow the steps tTo create a an event publisher.: + +**Step 1 –** Select **Storage** > **NAS Servers** > **NAS Settings** > **Events Publishers**. + +![Events Publishing](/images/activitymonitor/9.0/config/dellpowerstore/nasservers.webp) + +**Step 2 –** Click **Create**. + +![publishingpools](/images/activitymonitor/9.0/config/dellpowerstore/publishingpools.webp) + +**Step 3 –** Specify the name of the publisher. + +**Step 4 –** Select the pool and click **Next**. + +![configeventpublisher](/images/activitymonitor/9.0/config/dellpowerstore/configeventpublisher.webp) + +**Step 5 –** Specify Pre-Events Failure Policy as "Ignore - Consider pre-event acknowledged when +CEPA servers are offline". + +**Step 6 –** Specify Post-Events Failure Policy as "Accumulate - Continue and persist lost events in +an internal circular buffer". + +**Step 7 –** Click **Create Events Publisher**. + +The events publisher is created. + +## Enable Event Publishing for the NAS Server + +Follow the steps tTo enable or disable event publishing for the NAS Server.: + +**Step 1 –** Select **Storage** > **NAS Servers**. + +![NAS Servers](/images/activitymonitor/9.0/config/dellpowerstore/nasserver.webp) + +**Step 2 –** Go to **[NAS SERVER]** > **Security & Events** > **Events Publishing**. + +**Step 3 –** Enable and select the publisher. + +![nasserver1](/images/activitymonitor/9.0/config/dellpowerstore/nasserver1.webp) + +**Step 4 –** You can enable the event publishing for all file systems on the NAS by checking the box +and selecting protocols. + +Dell PowerStore is enabled for auditing. + +## Enable or Disable Event Publishing for File System + +Follow the steps toYou can enable or disable the feature for each file system individually. using +the following: + +**Step 1 –** Select **Storage** > **File Systems** > **[FILE SYSTEM]** > **Security & Events** > +**Events Publishing**. + +![Event Publising Option for File System](/images/activitymonitor/9.0/config/dellpowerstore/fseventpublishing.webp) + +**Step 2 –** Enable and select protocols needed. + +Dell PowerStore is enabled for auditing. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/installcee.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/installcee.md new file mode 100644 index 0000000000..1a44db4585 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/installcee.md @@ -0,0 +1,78 @@ +--- +title: "Install Dell CEE" +description: "Install Dell CEE" +sidebar_position: 10 +--- + +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +:::tip +Remember, the latest version is the recommended version of Dell CEE. +::: + + +:::info +The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. +::: + + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +:::info +The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. +::: + + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration** + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +**StealthAUDIT@[IP ADDRESS]** + +Examples: + +**StealthAUDIT@192.168.30.15** + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/powerstore-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/powerstore-activity.md new file mode 100644 index 0000000000..1b8e914c01 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/powerstore-activity.md @@ -0,0 +1,77 @@ +--- +title: "Dell PowerStore Activity Auditing Configuration" +description: "Dell PowerStore Activity Auditing Configuration" +sidebar_position: 40 +--- + +# Dell PowerStore Activity Auditing Configuration + +A Dell PowerStore device can be configured to audit Server Message Block (SMB) protocol access +events. All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Netwrix Activity +Monitor listens for all events coming through the Dell CEE and translates all relevant information +into entries in the TSV files or syslog messages. + +If the service is turned off, a notification will be sent to the Dell CEE framework to turn off the +associated Activity Monitor filter, but the policy will not be removed. + +The Dell CEE Framework uses a “push” mechanism so a notification is sent only to the activity agent +when a transaction occurs. Daily activity log files are created only if activity is performed. No +activity log file is created if there is no activity for the day. + +**Configuration Checklist** + +Complete the following checklist prior to configuring activity monitoring of Dell PowerStore +devices. Instructions for each item of the checklist are detailed within the following topics. + +**Checklist Item 1: Plan Deployment** + +- Prior to beginning the deployment + + - See the + [Dell PowerStore: File Capabilities](https://www.delltechnologies.com/asset/en-us/products/storage/industry-market/h18155-dell-powerstore-file-capabilities.pdf) + white paper for additional information. + - Download the Dell CEE from: + + - [https://support.emc.com](https://support.emc.com/) + +**Checklist Item 2: [Install Dell CEE](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/installcee.md)** + +- Dell CEE should be installed on the Windows proxy server(s) where the Activity Monitor activity + agent will be deployed + + :::info + The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + ::: + + +- Important: + + Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE is + installed + +**Checklist Item 3: Dell PowerStore Device Configuration** + +- Enable auditing on the PowerStore device + + - See the [Enable Auditing for Dell PowerStore](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/powerstore-aac/auditing.md) topic for additional information. + +**Checklist Item 4: Activity Monitor Configuration** + +- Deploy the Activity Monitor activity agent to a Windows proxy server where Dell CEE was installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent’s Properties + window within the Activity Monitor Console + + - Automatically sets the Dell registry key settings + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent + +:::note +When Dell CEE is installed on Windows proxy server(s) where the Activity Monitor activity +agent will be deployed, the following steps are not needed. +::: + + +- Ensure the Dell CEE registry key has enabled set to 1 and has an EndPoint set to StealthAUDIT. +- Ensure the Dell CAVA service and the Dell CEE Monitor service are running. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/qumulo-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/qumulo-activity.md new file mode 100644 index 0000000000..e99c8b54a8 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/qumulo-activity.md @@ -0,0 +1,57 @@ +--- +title: "Qumulo Activity Auditing Configuration" +description: "Qumulo Activity Auditing Configuration" +sidebar_position: 120 +--- + +# Qumulo Activity Auditing Configuration + +The Netwrix Activity Monitor can be configured to monitor activity on Qumulo devices. To prepare +Qumulo to be monitored, an account needs to be provisioned and the audit event format may need to be +modified. + +## Provision Account + +Activity Monitor requires an account with the Observers role to monitor a Qumulo cluster. Follow the +steps to create a new account in the Qumulo web user interface with the Observers role. + +**Step 1 –** Create a new user in **Cluster** > **Local Users & Groups**. + +**Step 2 –** Assign the Observers role to the user using **Cluster** > **Role Management**. + +This credential will then be used when configuring the Activity Agent to monitor the Qumulo device. + +## Verify Audit Event Format + +Qumulo reports audit events in one of two formats: CSV and JSON. While the Netwrix Activity Monitor +supports both, the JSON format is recommended as it provides more detail. In particular, it allows +the product to distinguish between permission change events and attribute change events, presents +granular information for permission changes, and includes user SIDs instead of just usernames. The +advanced filtering of Microsoft Office activity also requires the JSON format. + +The JSON format for audit events was introduced in Qumulo Core 6.0.1. The new format can be enabled +via an SSH session to the Qumulo cluster. + +Follow the steps to verify that audit event format and change the format, if needed. + +**Step 1 –** Connect to the Qumulo cluster with SSH. + +**Step 2 –** Execute the following command to log in: + +```bash +qq --host login -u + +The command will ask for the password. + +__Step 3 –__ Execute the following command to check current format: + +**qq audit_get_syslog_config** + +The format will be shown in the __format__ field. The old format is __csv__; the new format is __json__. + +__Step 4 –__ Execute the following command to change the format, if needed: + +**qq audit_set_syslog_config --json** + +The change willshould be reflected in the __format__ field. +``` diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/_category_.json b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/_category_.json new file mode 100644 index 0000000000..41f04f5b3e --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Dell Unity Activity Auditing Configuration", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "unity-activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/installcee.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/installcee.md new file mode 100644 index 0000000000..34daed915e --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/installcee.md @@ -0,0 +1,81 @@ +--- +title: "Install Dell CEE" +description: "Install Dell CEE" +sidebar_position: 10 +--- + +# Install Dell CEE + +Dell CEE should be installed on a Windows or a Linux server. The Dell CEE software is not a Netwrix +product. Dell customers have a support account with Dell to access the download. + +:::tip +Remember, the latest version is the recommended version of Dell CEE. +::: + + +:::info +The Dell CEE package can be installed on the Windows server where the Activity +Monitor agent will be deployed (recommended) or on any other Windows or Linux server. +::: + + +Follow the steps to install the Dell CEE. + +**Step 1 –** Obtain the latest CEE install package from Dell and any additional license required for +this component. It is recommended to use the most current version. + +**Step 2 –** Follow the instructions in the Dell +[Using the Common Event Enabler on Windows Platforms](https://www.dell.com/support/home/en-us/product-support/product/common-event-enabler/docs) +guide to install and configure the CEE. The installation will add two services to the machine: + +- EMC Checker Service (Display Name: EMC CAVA) +- EMC CEE Monitor (Display Name: EMC CEE Monitor) + +:::info +The latest version of .NET Framework and Dell CEE is recommended to use with the +asynchronous bulk delivery (VCAPS) feature. +::: + + +After Dell CEE installation is complete, it is necessary to complete the +[Unity Initial Setup with Unisphere](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/setupunisphere.md). + +## Configure Dell Registry Key Settings + +There may be situations when Dell CEE needs to be installed on a different Windows server than the +one where the Activity Monitor activity agent is deployed. In those cases it is necessary to +manually set the Dell CEE registry key to forward events. + +**Step 1 –** Open the Registry Editor (run regedit). + +![registryeditor](/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp) + +**Step 2 –** Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\AUDIT\Configuration** + +**Step 3 –** Right-click on **Enabled** and select Modify. The Edit DWORD Value window opens. + +**Step 4 –** In the Value data field, enter the value of 1. Click OK, and the Edit DWORD Value +window closes. + +**Step 5 –** Right-click on **EndPoint** and select Modify. The Edit String window opens. + +**Step 6 –** In the Value data field, enter the StealthAUDIT value with the IP Address for the +Windows proxy server hosting the Activity Monitor activity agent. Use the following format: + +**StealthAUDIT@[IP ADDRESS]** + +Examples: + +**StealthAUDIT@192.168.30.15** + +**Step 7 –** Click OK. The Edit String window closes. Registry Editor can be closed. + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +**Step 8 –** Open Services (run `services.msc`). Start or Restart the EMC CEE Monitor service. + +The Dell CEE registry key is now properly configured to forward event to the Activity Monitor +activity agent. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/setupunisphere.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/setupunisphere.md new file mode 100644 index 0000000000..9845a39663 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/setupunisphere.md @@ -0,0 +1,33 @@ +--- +title: "Unity Initial Setup with Unisphere" +description: "Unity Initial Setup with Unisphere" +sidebar_position: 20 +--- + +# Unity Initial Setup with Unisphere + +Follow the steps to configure the initial setup for a Unity device with Unisphere. + +**Step 1 –** Edit the NAS Server > Protection and Events > Events Publishing > Select Pool settings: + +- Add CEPA server – This is the server where CEE is installed. It is recommended that this is also + the server were the Activity Monitor activity agent is deployed. +- Enable the following events for Post Events. + +Required Unity events needed for CIFS Activity: + +![NAM Required Events For CIFS](/images/activitymonitor/9.0/config/dellunity/eventscifs.webp) + +Required Unity events needed for NFS Activity: + +![NAM Required Events For NFS](/images/activitymonitor/9.0/config/dellunity/eventsnfs.webp) + +**Step 2 –** Enable Events Publishing: + +- Edit the FileSystem > Advanced settings: + + - NFS Events Publishing – Enabled (required for NFS protocol monitoring) + - SMB Events publishing – Enabled (required for SMB / CIFS protocol monitoring) + +Once Unity setup is complete, it is time to configure and enable monitoring with the Activity +Monitor. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/unity-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/unity-activity.md new file mode 100644 index 0000000000..6792883a00 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/unity-activity.md @@ -0,0 +1,79 @@ +--- +title: "Dell Unity Activity Auditing Configuration" +description: "Dell Unity Activity Auditing Configuration" +sidebar_position: 50 +--- + +# Dell Unity Activity Auditing Configuration + +A Dell Unity device can be configured to audit Server Message Block (SMB) protocol access events. +All audit data can be forwarded to the Dell Common Event Enabler (CEE). The Netwrix Activity Monitor +listens for all events coming through the Dell CEE and translates all relevant information into +entries in the TSV files or syslog messages. + +If the service is turned off, a notification will be sent to the Dell CEE framework to turn off the +associated Activity Monitor filter, but the policy will not be removed. + +The Dell CEE Framework uses a "push" mechanism so a notification is sent only to the activity agent +when a transaction occurs. Daily activity log files are created only if activity is performed. No +activity log file is created if there is no activity for the day. + +**Configuration Checklist** + +Complete the following checklist prior to configuring activity monitoring of Dell Unity devices. +Instructions for each item of the checklist are detailed within the following topics. + +**Checklist Item 1: Plan Deployment** + +- Prior to beginning the deployment, gather the following: + + - Data Mover or Virtual Data Mover hosting the share(s) to be monitored + - Account with access to the CLI + - Download the Dell CEE from: + + - [https://support.emc.com](https://support.emc.com/) + +**Checklist Item 2: [Install Dell CEE](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/installcee.md)** + +- Dell CEE should be installed on the Windows proxy server(s) where the Activity Monitor activity + agent will be deployed + + :::info + The latest version of Dell CEE is the recommended version to use with the + asynchronous bulk delivery (VCAPS) feature. + ::: + + +- Important: + + - Open MS-RPC ports between the Dell device and the Windows proxy server(s) where the Dell CEE + is installed + - Dell CEE 8.4.2 through Dell CEE 8.6.1 are not supported for use with the VCAPS feature + - Dell CEE requires .NET Framework 3.5 to be installed on the Windows proxy server + +**Checklist Item 3: Dell Unity Device Configuration** + +- Configure initial setup for a Unity device + + - [Unity Initial Setup with Unisphere](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/setupunisphere.md) + +**Checklist Item 4: Activity Monitor Configuration** + +- Deploy the Activity Monitor activity agent to a Windows proxy server where Dell CEE was installed + + - After activity agent deployment, configure the Dell CEE Options tab of the agent's Properties + window within the Activity Monitor Console + + - Automatically sets the Dell registry key settings + +Checklist Item 5: Configure Dell CEE to Forward Events to the Activity Agent + +:::note +When Dell CEE is installed on Windows proxy server(s) where the Activity Monitor activity +agent will be deployed, the following steps are not needed. +::: + + +- Ensure the Dell CEE registry key has enabled set to 1 and has an EndPoint set to StealthAUDIT. +- Ensure the Dell CAVA service and the Dell CEE Monitor service are running. +- See the [Validate Setup](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/validate.md) topic for instructions. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/validate.md b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/validate.md new file mode 100644 index 0000000000..a8f5f5176a --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/unity-aac/validate.md @@ -0,0 +1,159 @@ +--- +title: "Validate Setup" +description: "Validate Setup" +sidebar_position: 30 +--- + +# Validate Setup + +Once the Activity Monitor agent is configured to monitor the Dell device, the automated +configuration must be validated to ensure events are being monitored. + +## Validate CEE Registry Key Settings + +:::note +See the +[Configure Dell Registry Key Settings](/docs/activitymonitor/9.0/requirements/activityagent/nas-device-configuration/celerra-vnx-aac/installcee.md#configure-dell-registry-key-settings) +topic for information on manually setting the registry key. +::: + + +After the Activity Monitor activity agent has been configured to monitor the Dell device, it will +configure the Dell CEE automatically if it is installed on the same server as the agent. This needs +to be set manually in the rare situations where it is necessary for the Dell CEE to be installed on +a different server than the Windows proxy server(s) where the Activity Monitor activity agent is +deployed. + +If the monitoring agent is not registering events, validate that the EndPoint is accurately set. +Open the Registry Editor (run regedit). For the synchronous real-time delivery mode (AUDIT), use the +following steps. + +**Step 1 –** Navigate to the following windows registry key: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\Audit\Configuration** + +![registryeditorendpoint](/images/activitymonitor/9.0/config/dellunity/registryeditorendpoint.webp) + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthAUDIT@'ip-address-of-the-agent'` + +- For the HTTP protocol,` StealthAUDIT@http://'ip-address-of-the-agent':'port'` + +:::note +All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. +::: + + +**Step 4 –** If you changed any of the settings, restart the CEE Monitor service. + +**For Asynchronous Bulk Delivery Mode** + +For the asynchronous bulk delivery mode with a cadence based on a time period or a number of events +(VCAPS), use the following steps. + +**Step 1 –** Navigate to the following windows registry key: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\CEPP\VCAPS\Configuration** + +**Step 2 –** Ensure that the Enabled parameter is set to 1. + +**Step 3 –** Ensure that the EndPoint parameter contains an address string for the Activity Monitor +agent in the following formats: + +- For the RPC protocol, `StealthVCAPS@'ip-address-of-the-agent'` +- For the HTTP protocol, `StealthVCAPS@http://'ip-address-of-the-agent':'port'` + +:::note +All protocol strings are case sensitive. The EndPoint parameter may also contain values +for other applications, separated with semicolons. +::: + + +**Step 4 –** Ensure that the FeedInterval parameter is set to a value between 60 and 600; the +MaxEventsPerFeed - between 10 and 10000. + +**Step 5 –** If you changed any of the settings, restart the CEE Monitor service. + +Set the following values under the Data column: + +- Enabled – 1 +- EndPoint – StealthAUDIT + +If this is configured correctly, validate that the Dell CEE services are running. See the Validate +Dell CEE Services are Running topic for additional information. + +## Validate Dell CEE Services are Running + +After the Activity Monitor Activity Agent has been configured to monitor the Dell device, the Dell +CEE services should be running. If the Activity Agent is not registering events and the EndPoint is +set accurately, validate that the Dell CEE services are running. Open the Services (run +`services.msc`). + +![services](/images/activitymonitor/9.0/config/dellpowerstore/services.webp) + +The following services laid down by the Dell CEE installer should have Running as their status: + +- Dell CAVA +- Dell CEE Monitor + +## CEE Debug Logs + +If an issue arises with communication between the Dell CEE and the Activity Monitor, the debug logs +need to be enabled for troubleshooting purposes. Follow the steps. + +**Step 6 –** In the Activity Monitor Console, change the **Trace level** value in the lower right +corner to Trace. + +**Step 7 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts & Services tab +and Disable monitoring. + +**Step 8 –** Download and install the Debug View tool from Microsoft on the CEE server: + +**> [https://docs.microsoft.com/en-us/sysinternals/downloads/debugview](https://docs.microsoft.com/en-us/sysinternals/downloads/debugview)** + +**Step 9 –** Open the Registry Editor (run regedit). Navigate to following location: + +**HKEY_LOCAL_MACHINE\SOFTWARE\EMC\CEE\Configuration** + +**Step 10 –** Right-click on **Debug** and select Modify. The Edit DWORD Value window opens. In the +Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +:::note +If the Debug DWORD Value does not exist, it needs to be added. +::: + + +**Step 11 –** Right-click on **Verbose** and select Modify. The Edit DWORD Value window opens. In +the Value data field, enter the value of 3F. Click OK, and the Edit DWORD Value window closes. + +:::note +If the Verbose DWORD Value does not exist, it needs to be added. +::: + + +**Step 12 –** Run the Debug View tool (from Microsoft). In the Capture menu, select the following: + +- Capture Win32 +- Capture Global Win32 +- Capture Events + +**Step 13 –** In the Activity Monitor Console, select all Dell hosts from the Monitored Hosts & Services tab +and Enable monitoring. + +**Step 14 –** Generate some file activity on the Dell device. Save the Debug View Log to a file. + +**Step 15 –** Send the following logs to [Netwrix Support](https://www.netwrix.com/support.html): + +- Debug View Log (from Dell Debug View tool) +- Use the **Collect Logs** button to collect debug logs from the activity agent + +:::info +After the logs have been gathered and sent to Netwrix Support, reset these +configurations. + +::: diff --git a/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-online-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-online-activity.md new file mode 100644 index 0000000000..655a7680c6 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-online-activity.md @@ -0,0 +1,264 @@ +--- +title: "SharePoint Online Activity Auditing Configuration" +description: "SharePoint Online Activity Auditing Configuration" +sidebar_position: 60 +--- + +# SharePoint Online Activity Auditing Configuration + +In order to collect logs and monitor SharePoint Online activity using the Netwrix Activity Monitor, +it needs to be registered with Microsoft® Entra ID® (formerly Azure AD). + +:::note +A user account with the Global Administrator role is required to register an app with +Microsoft Entra ID. +::: + + +**Additional Requirement** + +In addition to registering the application with Microsoft Entra ID, the following is required: + +- Enable Auditing for SharePoint Online + +See the Enable Auditing for SharePoint Online topic for additional information. + +**Configuration Settings from the Registered Application** + +The following settings are needed from your tenant once you have registered the application: + +- Tenant ID – This is the Tenant ID for Microsoft Entra ID +- Client ID – This is the Application (client) ID for the registered application +- Client Secret – This is the Client Secret Value generated when a new secret is created + + :::warning + It is not possible to retrieve the value after saving the new key. It must be + copied first. + ::: + + +**Permissions for Microsoft Graph API** + +- Application: + + - Directory.Read.All – Read directory data + - Sites.Read.All – Read items in all site collections + - User.Read.All – Read all users' full profiles + +**Permissions for Office 365 Management APIs** + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +## Register a Microsoft Entra ID Application + +Follow the steps to register Activity Monitor with Microsoft Entra ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** On the left navigation menu, navigate to **Identity** > **Applications** and click App +registrations. + +**Step 3 –** In the top toolbar, click **New registration**. + +**Step 4 –** Enter the following information in the Register an application page: + +- Name – Enter a user-facing display name for the application, for example Netwrix Activity Monitor + for SharePoint +- Supported account types – Select **Accounts in this organizational directory only** +- Redirect URI – Set the Redirect URI to **Public client/native** (Mobile and desktop) from the drop + down menu. In the text box, enter the following: + +**Urn:ietf:wg:oauth:2.0:oob** + +**Step 5 –** Click **Register**. + +The Overview page for the newly registered app opens. Review the newly created registered +application. Now that the application has been registered, permissions need to be granted to it. + +## Grant Permissions to the Registered Application + +Follow the steps to grant permissions to the registered application. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **API permissions** in the Manage section. + +**Step 3 –** In the top toolbar, click **Add a permission**. + +**Step 4 –** On the Request API permissions blade, select **Microsoft Graph** on the Microsoft APIs +tab. Select the following permissions: + +- Application: + + - Directory.Read.All – Read directory data + - Sites.Read.All – Read items in all site collections + - User.Read.All – Read all users' full profiles + +**Step 5 –** At the bottom of the page, click **Add Permissions**. + +**Step 6 –** In the top toolbar, click **Add a permission**. + +**Step 7 –** On the Request API permissions blade, select **Office 365 Management APIs** on the +Microsoft APIs tab. Select the following permissions: + +- Application Permissions: + + - ActivityFeed.Read – Read activity data for your organization + - ActivityFeed.ReadDlp – Read DLP policy events including detected sensitive data + +**Step 8 –** At the bottom of the page, click **Add Permissions**. + +**Step 9 –** Click **Grant Admin Consent for [tenant]**. Then click **Yes** in the confirmation +window. + +Now that the permissions have been granted to it, the settings required for Activity Monitor need to +be collected. + +## Identify the Client ID + +Follow the steps to find the registered application's Client ID. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** Copy the **Application (client) ID** value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next identify the Tenant +ID. + +## Identify the Tenant ID + +The Tenant ID is available in two locations within Microsoft Entra ID. + +**Registered Application Overview Blade** + +You can copy the Tenant ID from the same page where you just copied the Client ID. Follow the steps +to copy the Tenant ID from the registered application Overview blade. + +**Step 1 –** Copy the Directory (tenant) ID value. + +**Step 2 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +**Overview Page** + +Follow the steps to find the tenant name where the registered application resides. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +**Step 1 –** Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com/). + +**Step 2 –** Copy the Tenant ID value. + +**Step 3 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. Next generate the +application’s Client Secret Key. + +## Generate the Client Secret Key + +Follow the steps to find the registered application's Client Secret, create a new key, and save its +value when saving the new key. + +:::note +The steps below are for registering an app through the Microsoft Entra admin center. These +steps may vary slightly if you use a different Microsoft portal. See the relevant Microsoft +documentation for additional information. +::: + + +:::warning +It is not possible to retrieve the value after saving the new key. It must be copied +first. +::: + + +**Step 1 –** Select the newly-created, registered application. If you left the Overview page, it +will be listed in the **Identity** > **Applications** > **App registrations** > **All applications** +list. + +**Step 2 –** On the registered app blade, click **Certificates & secrets** in the Manage section. + +**Step 3 –** In the top toolbar, click **New client secret**. + +**Step 4 –** On the Add a client secret blade, complete the following: + +- Description – Enter a unique description for this secret +- Expires – Select the duration. + + :::note + Setting the duration on the key to expire requires reconfiguration at the time of + expiration. It is best to configure it to expire in 1 or 2 years. + ::: + + +**Step 5 –** Click **Add** to generate the key. + +:::warning +If this page is left before the key is copied, then the key is not retrievable, and +this process will have to be repeated. +::: + + +**Step 6 –** The Client Secret will be displayed in the Value column of the table. You can use the +Copy to clipboard button to copy the Client Secret. + +**Step 7 –** Save this value in a text file. + +This is needed for adding a SharePoint Online host in the Activity Monitor. + +## Enable Auditing for SharePoint Online + +Follow the steps to enable auditing for SharePoint Online so the Activity Monitor can receive +events. + +**Step 1 –** In the Microsoft Purview compliance portal at +[https://compliance.microsoft.com](https://compliance.microsoft.com/), go to **Solutions** > +**Audit**. Or, to go directly to the Audit page at +[https://compliance.microsoft.com/auditlogsearch](https://compliance.microsoft.com/auditlogsearch). + +**Step 2 –** If auditing is not turned on for your organization, a banner is displayed prompting you +start recording user and admin activity. + +**Step 3 –** Select the **Start recording** user and **admin activity** banner. + +It may take up to 60 minutes for the change to take effect. The Activity Monitor now has SharePoint +Online auditing enabled as needed to receive events. See the Microsoft +[Turn auditing on or off](https://learn.microsoft.com/en-us/microsoft-365/compliance/audit-log-enable-disable?view=o365-worldwide) +article for additional information on enabling or disabling auditing. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-onprem-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-onprem-activity.md new file mode 100644 index 0000000000..fecb0fa571 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/sharepoint-onprem-activity.md @@ -0,0 +1,50 @@ +--- +title: "SharePoint On-Premise Activity Auditing Configuration" +description: "SharePoint On-Premise Activity Auditing Configuration" +sidebar_position: 50 +--- + +# SharePoint On-Premise Activity Auditing Configuration + +SharePoint Event Auditing must be enabled for each site collection to be monitored by the Netwrix +Activity Monitor and/or audited by Netwrix Access Analyzer. + +## User Requirements + +Following are the SharePoint On-Premise user requirements: + +- Local Administrator on SharePoint server (that hosts Central Administration) +- SharePoint SQL server, which includes login on SharePoint Admin, Config, and all content + databases, with the following role permissions: + + - SharePoint 2013+ + + - SPDataAccess + + - SharePoint 2010 + + - db_owner + +## Enable Event Auditing + +Follow the steps for each site collection within a SharePoint 2013 through SharePoint 2019 farm. + +**Step 1 –** Select Settings > Site settings. + +**Step 2 –** Under Site Collection Administration, click Go to top level site settings. + +**Step 3 –** On the Site Settings page, under Site Collection Administration, select Site collection +audit settings. + +**Step 4 –** On the Configure Audit Settings page, in the Documents and Items section select the +events to be audited. + +**Step 5 –** Still on the Configure Audit Settings page, in the List, Libraries, and Site section +select the events to be audited. + +**Step 6 –** Click OK to save the changes. + +SharePoint will create the audit logs to be monitored by the Netwrix Activity Monitor and/or audited +by Access Analyzer. See the Microsoft +[Configure audit settings for a site collection (SharePoint 2013/2016/2019)](https://support.office.com/en-us/article/Configure-audit-settings-for-a-site-collection-a9920c97-38c0-44f2-8bcb-4cf1e2ae22d2) +article for additional information. diff --git a/docs/activitymonitor/9.0/requirements/activityagent/sqlserver-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/sqlserver-activity.md new file mode 100644 index 0000000000..f735298b95 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/sqlserver-activity.md @@ -0,0 +1,77 @@ +--- +title: "SQL Server Activity Auditing Configuration" +description: "SQL Server Activity Auditing Configuration" +sidebar_position: 70 +--- + +# SQL Server Activity Auditing Configuration + +In order for the Netwrix Activity Monitor to monitor SQL Server activity, a SQL login with certain +server permissions, and must be mapped to user databases. + +## SQL Database Server Permissions + +- ALTER ANY EVENT SESSION + + - Allows agent to start or stop an event session or change an event session configuration. + +- VIEW ANY DEFINITION + + - Allows agent to view the SQL Server object definitions. + +- VIEW SERVER STATE + + - Allows agent to access dynamic management views. + +## Windows Authentication + +Use the following command to create a new login: + +``` +create login [DOMAIN\USER] from WINDOWS +``` + +Use the following command to grant server permissions: + +``` +grant alter any event session to [DOMAIN\USER] +grant view any definition to [DOMAIN\USER] +grant view server state to [DOMAIN\USER] +``` + +Use the following command to create a user in each database: + +``` +declare @s varchar(max)='';select @s=@s+(case when @s<>'' then char(13)+char(10) else '' end)+'use ['+name+'];create user [DOMAIN\USER] for login [DOMAIN\USER];' from sys.databases;exec(@s) +``` + +## SQL Authentication + +Use the following command to create a new login: + +``` +create login [USER] with password='[PUT_PASSWORD_HERE]' +``` + +Use the following command to grant server permissions: + +``` +grant alter any event session to [USER] +grant view any definition to [USER] +grant view server state to [USER] +``` + +Use the following command to create a user in each database: + +``` +declare @s varchar(max)='';select @s=@s+(case when @s<>'' then char(13)+char(10) else '' end)+'use ['+name+'];create user [USER] for login [USER];' from sys.databases;exec(@s) +``` + +## Logon Trigger (Optional) + +The logon trigger is required to obtain IP Addresses of client connections. Run the following script +in order to allow the Activity Monitor to report client IP Addresses. + +``` +CREATE TRIGGER SBAudit_LOGON_Trigger ON ALL SERVER FOR LOGON AS BEGIN declare @str varchar(max)=cast(EVENTDATA() as varchar(max));raiserror(@str,1,1);END +``` diff --git a/docs/activitymonitor/9.0/requirements/activityagent/windowsfs-activity.md b/docs/activitymonitor/9.0/requirements/activityagent/windowsfs-activity.md new file mode 100644 index 0000000000..b0809653b4 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/activityagent/windowsfs-activity.md @@ -0,0 +1,50 @@ +--- +title: "Windows File Server Activity Auditing Configuration" +description: "Windows File Server Activity Auditing Configuration" +sidebar_position: 80 +--- + +# Windows File Server Activity Auditing Configuration + +In order for the Netwrix Activity Monitor to monitor Windows file server activity, an Activity Agent +must be deployed to the server. It cannot be deployed to a proxy server. However, additional +considerations are needed when targeting a Windows File System Clusters or DFS Namespaces. + +## Windows File System Clusters + +In order to monitor a Windows File System Cluster, an Activity Agent needs to be deployed on all +nodes that comprise the Windows File System Cluster. The credential used to deploy the Activity +Agent must have the following permissions on the server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +After the agent has been deployed, it is necessary to modify the HOST parameter in the +`SBTFilemon.ini` file to be the name of the cluster. For integration with Netwrix Access Analyzer +, this must be an exact match to the name of the cluster in the Master Host Table. + +## DFS Namespaces + +In order to monitor activity on DFS Namespaces, an Activity Agent needs to be deployed on all DFS +servers. + +:::note +The FileSystem > 0.Collection > 0-FSDFS System Scans Job in Netwrix Access Analyzer + can be used to identify all DFS servers. +::: + + +The credential used to deploy the Activity Agent must have the following permissions on the server: + +- Membership in the local Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +It is also necessary to enable the Remote Registry Service on the Activity Agent server. + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. diff --git a/docs/activitymonitor/9.0/requirements/adagent/_category_.json b/docs/activitymonitor/9.0/requirements/adagent/_category_.json new file mode 100644 index 0000000000..c84f42629d --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/adagent/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "AD Agent Server Requirements", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "adagent" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/adagent/activity/_category_.json b/docs/activitymonitor/9.0/requirements/adagent/activity/_category_.json new file mode 100644 index 0000000000..05cf87c439 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/adagent/activity/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Active Directory Activity Auditing Configuration", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "activity" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/requirements/adagent/activity/activity.md b/docs/activitymonitor/9.0/requirements/adagent/activity/activity.md new file mode 100644 index 0000000000..c3b3af7300 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/adagent/activity/activity.md @@ -0,0 +1,274 @@ +--- +title: "Active Directory Activity Auditing Configuration" +description: "Active Directory Activity Auditing Configuration" +sidebar_position: 10 +--- + +# Active Directory Activity Auditing Configuration + +There are two methods to configure Activity Monitor to provide Active Directory domain activity to +Access Analyzer: + +- API Server +- File Archive Repository + +See the [File Archive Repository Option](/docs/activitymonitor/9.0/requirements/adagent/activity/filearchive.md) topic for additional information on that +option. + +## API Server Option + +In this method, you will be deploying two agents: + +- First, deploy an Activity Agent to a Windows server that will act as the API server. This is a + non-domain controller server. + + :::info + Deploy the API Server to the same server where the Activity Monitor Console + resides. + ::: + + +- Next, deploy the AD Agent to all domain controllers in the target domain. + +Follow the steps to setup integration between Activity Monitor and Access Analyzer through an API +server. + +**Step 1 –** Deploy the Activity Agent to the API server. + +**Step 2 –** Deploy the AD Agent to each domain controller in the target domain. + +The next step is to configure the agent deployed to the API server. + +## Configure API Server Agent + +Follow the steps to configure the agent deployed to the API server. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select the agent deployed to the +API server. + +**Step 2 –** Click **Edit**. The Agent properties window opens. + +**Step 3 –** Select the **API Server** tab and configure the following: + +- Select the **Enable API access on this agent** checkbox. +- The default **API server port (TCP)** is 4494, but it can be modified if desired. Ensure the + modified port is also used by Access Analyzer. +- Click **Add Application**. The Add or edit API client window opens. +- Configure the following: + + - Provide a descriptive and unique **Application name**, for example `Access Analyzer`. + - Select the **Read** checkbox to grant this permission to this application. + - Click **Generate** to generate the Client ID and Client Secret. + - Copy the Client ID value to a text file. + - Click **Copy** and save the Client Secret value to a text file. + + :::warning + It is not possible to retrieve the value after closing the Add or edit + API client window. It must be copied first. + ::: + + + - By default, the **Secret Expires** in 3 days. That means it must be used in the Access + Analyzer Connection Profile within 72 hours or a new secret will need to be generated. Modify + if desired. + - Click **OK** to save the configuration and close the Add or edit API client window. + +- If the Activity Monitor Console server is not the API Server, then click **Use this console** to + grant the Activity Monitor the ability to manage the API server. +- The IPv4 or IPv6 allowlist allows you to limit access to the API server data to specific hosts. + +**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. + +The next step is to configure the agents deployed to the domain controllers. + +## Configure Domain Controller Agent + +Follow the steps to configure the agent deployed to the domain controller. + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain +controller. + +**Step 2 –** Click **Edit**. The Agent properties window opens. + +**Step 3 –** Select the **Archiving** tab and configure the following: + +- Select the **Enable Archiving for this agent** checkbox. +- Select the **Archive log files on a UNC path** option. Click the **...** button and navigate to + the desired network share on the API server. +- The **User name** and **User password** fields only need to be filled in if the account used to + install the agent does not have access to this share. + + :::tip + Remember, The account used to install the agent on a domain controller is a Domain + Administrator account. + ::: + + +- Click **Test** to ensure a successful connection to the network share. + +**Step 4 –** Click **OK** to save the configuration and close the Agent properties window. + +**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller. + +These agent are configured to save the Archive logs to the selected share. + +## Configure Monitored Domain Output + +Follow the steps configure the monitored domain output for Netwrix Access Analyzer. + +**Step 1 –** Select the **Monitored Domains** tab. + +**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. + +**Step 3 –** Configure the following: + +- Configure the desired number of days for the **Period to keep Log files**. This is the number of + days the log files are kept on the API server configured in the sections above. This needs to be + set to a greater value than the days between Access Analyzer scans. + + - For example, if Access Analyzer runs the **AD_ActivityCollection** Job once a week (every 7 + days), then the Activity Monitor output should be configured to retain at least 10 days of log + files. + +- Check the **This log file is for StealthAUDIT** box. +- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, + the agent will send out status messages every five minutes to verify whether the connection is + still active. + +**Step 4 –** Click **Add Output** to save and close the Add New Output window. + +Access Analyzer now has access to the agent log files for this domain. + +## Configure Connection Profile + +Follow the steps to configure the Connection Profile in Access Analyzer. + +:::tip +Remember, the Client ID and Client Secret were generated by the API server and copied to a text +file. If the secret expired before the Connection Profile is configured, it will need to be +re-generated. +::: + + +**Step 1 –** On the **Settings** > **Connection** node of the Access Analyzer Console, select the +Connection Profile for the Active Directory solution. If you haven't yet created a Connection +Profile or desire a specific one for AD Activity, create a new one and provide a unique descriptive +name. + +**Step 2 –** Click **Add User credential**. The User Credentials window opens. + +**Step 3 –** Configure the following: + +- Select Account Type – Select **Web Services (JWT)** +- User name – Enter the Client ID generated by the Activity Monitor API Server +- Access Token – Enter the Client Secret generated by the Activity Monitor API Server + +**Step 4 –** Click **OK** to save and close the User Credentials window. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +**Step 6 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** Job +Group. Select the **Settings > Connection** node. + +**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the +drop-down menu and select the Connection Profile with this credential. + +**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. + +The Connection Profile will now be used for AD Activity collection. + +## Configure the AD_ActivityCollection Job + +The Access Analyzer requires additional configurations in order to collect domain activity data. +Follow the steps to configure the **AD_ActivityCollection** Job. + +:::note +Ensure that the **.Active Directory Inventory** Job Group has been successfully run +against the target domain. +::: + + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/images/activitymonitor/9.0/config/activedirectory/categoryimportfromnam.webp) + +**Step 4 –** On the Category page, choose **Import from SAM** option and click **Next**. + +![Active Directory Activity DC wizard SAM connection settings page](/images/activitymonitor/9.0/config/activedirectory/namconnection.webp) + +**Step 5 –** On the SAM connection page, the **Port** is set to the default 4494. This needs to +match the port configured for the Activity Monitor API Server agent. + +**Step 6 –** In the **Test SAM host** textbox, enter the Activity Monitor API Server name using +fully qualified domain format. For example, `NEWYORKSRV30.NWXTech.com`. Click **Connect**. + +**Step 7 –** If connection is successful, the archive location displays along with a Refresh token. +Copy the **Refresh token**. This will replace the Client Secret in the Connection Profile in the +last step. + +**Step 8 –** Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/images/activitymonitor/9.0/config/activedirectory/scope.webp) + +**Step 9 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +:::info +The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Access Analyzer runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. +::: + + +**Step 10 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps +the collected data in the SQL Server database. + +**Step 11 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 12 –** Click **OK** to save the changes and close the Query Properties page. + +**Step 13 –** Navigate to the global **Settings** > **Connection** node to update the User +Credential with the Refresh token: + +- Select the Connection Profile assigned to the **6.Activity** > **0.Collection** Job Group. +- Select the Web Services (JWT) User Credential and click **Edit**. +- Replace the Access Token with the Refresh token generated by the data collector in Step 7. +- Click **OK** to save and close the User Credentials window. +- Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +The query is now configured to target the Activity Monitor API Server to collect domain activity +logs. + +### (Optional) Configure Import of AD Activity into Netwrix Access Information Center + +AD Activity data can be imported into Netwrix Access Information Center by the +**AD_ActivityCollection** Job. However, this is disabled by default. Follow the steps to enable the +importing of AD activity data into the Access Information Center. + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. + +**Step 2 –** On the job's Overview page, enable the import of AD Events. + +- Click on the **Enable to import AD events into the AIC** parameter. +- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. + +**Step 3 –** On the job's Overview page, enable the import of authentication Events. + +- Click on the **Enable to import authentication events into the AIC** parameter. +- On the Parameter Configuration window, select the **Enabled** checkbox and click **Save**. + +**Step 4 –** Optionally, modify the **List of attributes to track for Object Modified changes** and +**Number of days to retain activity data in the AIC** parameters. + +The **AD_ActivityCollection** Job is now configured to import both AD events and authentication +events into the Netwrix Access Information Center. diff --git a/docs/activitymonitor/9.0/requirements/adagent/activity/filearchive.md b/docs/activitymonitor/9.0/requirements/adagent/activity/filearchive.md new file mode 100644 index 0000000000..235cdfabfc --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/adagent/activity/filearchive.md @@ -0,0 +1,171 @@ +--- +title: "File Archive Repository Option" +description: "File Archive Repository Option" +sidebar_position: 10 +--- + +# File Archive Repository Option + +As an alternative to using an API Server, Netwrix Activity Monitor can be configured to store all +archived logs to a network share. This option requires all of the domain logs to be stored in the +same share location in order for Access Analyzer to collect the AD Activity data. + +**Prerequisite** + +Deploy the AD Agent to each domain controller in the target domain. + +## Configure Domain Controller Agent + +Follow the steps to configure the agent deployed to the domain controller. + +:::note +These steps assume the network share where the activity log files will be archived already +exists. +::: + + +**Step 1 –** On the Agents tab of the Activity Monitor Console, select an agent deployed to domain +controller. + +**Step 2 –** Click Edit. The Agent properties window opens. + +**Step 3 –** Select the Archiving tab and configure the following: + +- Check the Enable Archiving for this agent box. +- Select the **Archive log files on a UNC path** option. Click the ... button and navigate to the + desired network share. +- The **User name** and **User password** fields only need to be filled in if the account used to + install the agent does not have access to this share. + + :::tip + Remember, The account used to install the agent on a domain controller is a Domain + Administrator account. This is typically the credential that will be used in the Netwrix Access + Analyzer Connection Profile. However, a least privilege option is + a domain user account with Read access to this share. + ::: + + +- Click **Test** to ensure a successful connection to the network share. + +**Step 4 –** Click OK to save the configuration and close the Agent properties window. + +**Step 5 –** Repeat Steps 1-4 for each agent deployed to domain controller pointing to the same +network share in Step 3 for each agent. + +These agent are configured to save the Archive logs to the selected share. + +## Configure Monitored Domain Output + +Follow the steps configure the monitored domain output for Netwrix Access Analyzer. + +**Step 1 –** Select the **Monitored Domains** tab. + +**Step 2 –** Select the desired domain and click **Add Output**. The Add New Ouptut window opens. + +**Step 3 –** Configure the following: + +- Configure the desired number of days for the **Period to keep Log files**. This is the number of + days the log files are kept on the API server configured in the sections above. This needs to be + set to a greater value than the days between Access Analyzer scans. + + - For example, if Access Analyzer runs the **AD_ActivityCollection** Job once a week (every 7 + days), then the Activity Monitor output should be configured to retain at least 10 days of log + files. + +- Check the **This log file is for Access Analyzer** box. +- Optionally select the **Enable periodic AD Status Check event reporting** checkbox. When enabled, + the agent will send out status messages every five minutes to verify whether the connection is + still active. + +**Step 4 –** Click **Add Output** to save and close the Add New Output window. + +Access Analyzer now has access to the agent log files for this domain. + +## Configure Connection Profile + +Follow the steps to configure the Connection Profile in Access Analyzer. + +**Step 1 –** On the Settings > Connection node of the Access Analyzer Console, select the Connection +Profile for the Active Directory solution. If you haven't yet created a Connection Profile or desire +a specific one for AD Activity, create a new one and provide a unique descriptive name. + +**Step 2 –** Click Add User credential. The User Credentials window opens. + +**Step 3 –** Configure the following: + +- Select Account Type – Select **Active Directory Account** +- Domain – Select the domain where the network share resides +- User name – Enter the account with Read access to the network share +- Provide the account password: + + - Password Storage – Select the password storage location, if it is being stored in a vault, + like CyberArk + - Password / Confirm – Enter the account password in both fields + +**Step 4 –** Click OK to save and close the User Credentials window. + +**Step 5 –** Click **Save** and then **OK** to confirm the changes to the Connection Profile. + +**Step 6 –** Navigate to the Jobs > Active Directory > 6.Activity > 0.Collection Job Group. Select +the **Settings > Connection** node. + +**Step 7 –** Select the **Select one of the following user defined profiles** option. Expand the +drop-down menu and select the Connection Profile with this credential. + +**Step 8 –** Click **Save** and then **OK** to confirm the changes to the job group settings. + +The Connection Profile will now be used for AD Activity collection. + +## Configure the AD_ActivityCollection Job + +Access Analyzer requires additional configurations in order to collect domain activity data. Follow +the steps to configure the **AD_ActivityCollection** Job. + +:::note +Ensure that the .Active Directory Inventory Job Group has been successfully run against +the target domain. +::: + + +**Step 1 –** Navigate to the **Jobs** > **Active Directory** > **6.Activity** > **0.Collection** > +**AD_ActivityCollection** Job. Select the **Configure** > **Queries** node. + +**Step 2 –** Click **Query Properties**. The Query Properties window displays. + +**Step 3 –** On the Data Source tab, select **Configure**. The Active Directory Activity DC wizard +opens. + +![Active Directory Activity DC wizard Category page](/images/activitymonitor/9.0/config/activedirectory/categoryimportfromshare.webp) + +**Step 4 –** On the Category page, choose **Import from Share** option and click **Next**. + +![Active Directory Activity DC wizard Share settings page](/images/activitymonitor/9.0/config/activedirectory/share.webp) + +**Step 5 –** On the Share page, provide the UNC path to the AD Activity share archive location. If +there are multiple archives in the same network share, check the **Include Sub-Directories** box. +Click **Next**. + +![Active Directory Activity DC wizard Scoping and Retention page](/images/activitymonitor/9.0/config/activedirectory/scope.webp) + +**Step 6 –** On the Scope page, set the Timespan as desired. There are two options: + +- Relative Timespan – Set the number of days of activity logs to collect when the scan is run +- Absolute Timespan – Set the date range for activity logs to collect when the scan is run + +:::info +The threshold should be set to ensure the logs are collected before the Activity +Monitor domain output log retention expires. For example, if Access Analyzer runs the +**AD_ActivityCollection** Job once a week (every 7 days), then the Activity Monitor output should be +configured to retain at least 10 days of log files. +::: + + +**Step 7 –** Set the Retention period as desired. This is the number of days Access Analyzer keeps +the collected data in the SQL Server database. + +**Step 8 –** Click **Next** and then **Finish** to save the changes and close the wizard. + +**Step 9 –** Click **OK** to save the changes and close the Query Properties page. + +The query is now configured to target the network share where the Activity Monitor domain activity +logs are archived. diff --git a/docs/activitymonitor/9.0/requirements/adagent/adagent.md b/docs/activitymonitor/9.0/requirements/adagent/adagent.md new file mode 100644 index 0000000000..c1d32aa6f2 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/adagent/adagent.md @@ -0,0 +1,125 @@ +--- +title: "AD Agent Server Requirements" +description: "AD Agent Server Requirements" +sidebar_position: 20 +--- + +# AD Agent Server Requirements + +Active Directory (AD) monitoring can be accomplished through two primary methods: + +- Activity Monitor Agents with the AD Module +- Retrieving activity data from Netwrix Threat Prevention + +Both approaches require the installation of agents on each domain controller within the monitored +domain and are compatible with Netwrix Access Analyzer and Netwrix +Threat Manager, feeding them AD activity data. + +Activity Monitor Agents: This option focuses solely on monitoring AD activity, providing basic +visibility into AD events without additional features. + +![nam_admodule](/images/activitymonitor/9.0/requirements/nam_admodule.webp) + +Netwrix Threat Prevention: Offers a more comprehensive and flexible monitoring experience, including +advanced features like operation blocking and enhanced monitoring capabilities. + +![ntp](/images/activitymonitor/9.0/requirements/ntp.webp) + +These methods provide organizations with a choice between basic AD activity monitoring and a more +versatile, security-enhanced option. + +**Activity Monitor and Threat Prevention Compatibility Matrix** + +| Activity Monitor Version | Threat Prevention (formerly Stealth Intercept) Version | Threat Prevention Version | +| ------------------------ | ------------------------------------------------------ | ------------------------- | +| 7.1 | 7.3 | 7.4 | +| 7.0 | 7.3 | | + +## Requirements + +The AD Agent is deployed to every domain controllers to monitor Active Directory domains. The server +can be physical or virtual. The supported operating systems are: + +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +**RAM, Cores, and Disk Space** + +These depend on the amount of activity expected: + +| Environment | Recommended | Minimum | +| ----------- | ----------- | ------- | +| RAM | 8+ GB | 4+ GB | +| Cores | 4+ CPU | 2 CPU | +| Disk Space | 50 GB | 50 GB | + +The disk space requirement covers the following: + +- Agent Size – 150 MB +- Agent Queues – In the event of a network outage, the agent will cache up to 40 GB of event data +- Diagnostic Logging – 1 GB + +Old files are zipped, typical compression ratio is 20. Optionally, old files are moved from the +server to a network share. See the [Archiving Tab](/docs/activitymonitor/9.0/admin/agents/properties/archiving.md) topic +for additional information. + +**Additional Server Requirements** + +The following are additional requirements for the agent server: + +- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article +- WMI enabled on the machine, which is optional but required for centralized Agent maintenance + +**Permissions for Installation** + +The following permission is required to install and manage the agent: + +- Membership in the Domain Administrators group +- READ and WRITE access to the archive location for Archiving feature only + +## Supported Active Directory Platforms + +The Activity Monitor provides the ability to monitor Active Directory: + +:::note +For monitoring an Active Directory domain, the AD Agent must be installed on all domain +controllers within the domain to be monitored. +::: + + +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +See the [Active Directory Activity Auditing Configuration](/docs/activitymonitor/9.0/requirements/adagent/activity/activity.md) +topic for target environment requirements. + +## AD Agent Compatibility with Non-Netwrix Security Products + +The following products conflict with the agent: + +:::warning +Do not install these products on a server where an agent is deployed. Do NOT install an +agent on a server where these products are installed. +::: + + +- Quest Change Auditor (aka Dell ChangeAuditor) +- PowerBroker Auditor for Active Directory by BeyondTrust + +The following products, which protect LSASS, may prevent the agent from injecting into LSASS, and +thereby prevent monitoring Active Directory events: + +- Cisco AMP for Endpoints Connector +- Avast Business Antivirus + + - Specifically the “Avast self-defense module” + +:::note +These products and other similar products can be configured via a whitelist to allow the +agent to operate. + +::: diff --git a/docs/activitymonitor/9.0/requirements/adagent/threatprevention.md b/docs/activitymonitor/9.0/requirements/adagent/threatprevention.md new file mode 100644 index 0000000000..9cc890344e --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/adagent/threatprevention.md @@ -0,0 +1,53 @@ +--- +title: "Getting Data from NTP for AD Activity Reporting" +description: "Getting Data from NTP for AD Activity Reporting" +sidebar_position: 20 +--- + +# Getting Data from NTP for AD Activity Reporting + +When Netwrix Threat Prevention is configured to monitor a domain, the event data collected by the +policies can be provided to Netwrix Access Analyzer for Active +Directory Activity reporting. This is accomplished by configuring Threat Prevention to send data to +Netwrix Activity Monitor, which in turn creates the activity log files that Access Analyzer +collects. + +:::note +Threat Prevention can only be configured to send event data to one Netwrix application, +either Netwrix Activity Monitor or Netwrix Threat Manager but not both. However, the Activity +Monitor can be configured with outputs for Access Analyzer and Threat Manager +::: + + +Follow these steps to configure this integration. + +:::info +It is a best practice to use the API Server option of the Activity Monitor for +this integration between Threat Prevention and Access Analyzer. +::: + + +**Step 1 –** In the Threat Prevention Administration Console, click **Configuration** > **Netwrix +Threat Manager Configuration** on the menu. The Netwrix Threat Manager Configuration window opens. + +**Step 2 –** On the Event Sink tab, configure the following: + +- Netwrix Threat Manager URI – Enter the name of the Activity Monitor agent host and port, which is + 4499 by default, in the following format: + + `amqp://localhost:4499` + + You must use localhost, even if Activity Monitor and Threat Prevention are installed on + different servers. + +- App Token – Leave this field blank for integration with Activity Monitor +- Policies – The table displays all policies created in Threat Prevention along with a State icon + indicating if the policy is active. Check the **Send** box for the desired policies monitoring the + target domain activity. + +**Step 3 –** Click **Save**. + +All real-time event data from the selected policies are now being sent to Activity Monitor. +Additional policies can be added to this data stream through the Netwrix Threat Manager +Configuration window or by selecting the **Send to Netwrix Threat Manager** option on the Actions +tab of the policy. diff --git a/docs/activitymonitor/9.0/requirements/linuxagent.md b/docs/activitymonitor/9.0/requirements/linuxagent.md new file mode 100644 index 0000000000..8d6575c593 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/linuxagent.md @@ -0,0 +1,76 @@ +--- +title: "Linux Agent Server Requirements" +description: "Linux Agent Server Requirements" +sidebar_position: 30 +--- + +# Linux Agent Server Requirements + +The server where the agent is deployed can be physical or virtual. The supported operating systems +are: + +- Red Hat Enterprise Linux + + - V 9.x + - V 8.x + +- Activity Monitor supports RHEL kernels in FIPS mode compliant with FIPS 140-2 and FIPS 140-3. + +## Target Requirements + +:::note +For monitoring a Linux file server, the The Linux Agent is deployed to Linux servers to be +monitored. It cannot be deployed to a proxy server. +::: + + +## Supported Protocols + +The following protocols are supported for the Linux agent: + +- Local +- Common Internet File System (CIFS) / Server Message Block (SMB) +- Network File System (Mounted Client-Side) + +:::note +Server-Side NFS protocol is not supported. +::: + + +## Permissions for Installation + +The following permission is required by the account used to install and manage the agent: + +- Root privileges with password (or SSH private key) + +For integration between the Activity Monitor and Access Analyzer, the credential used by Access +Analyzer to read the activity log files must have also have this permission. + +:::info +Activity Monitor Agent uses certificates to secure the connection between the Linux Agent and the Console / API Server. +By default, the Agent uses an automatically generated self-signed certificate. The Console and the API Server do not enforce +validity checks on these self-signed agent certificates. + +This self-signed certificate can be replaced with one issued by a Certification Authority. Once replaced, the Console and +the API Server will ensure the validity of the agent’s certificates. + +See the [Certificate](/docs/activitymonitor/9.0/admin/agents/properties/certificate.md) topic for additional information. +::: + + +## Immutable Mode + +For file activity monitoring on Linux, Activity Monitor relies on **auditd** component of the Linux +Auditing System. One of the features of auditd is the **immutable mode** or `-e 2` command, which +locks the audit configuration and protects it from being changed. When the immutable mode is +enabled, the only way to change the auditing configuration is to reboot the server. + +To check if the immutable mode is enabled, use the `auditctl -s` command. If the immutable mode is +active, the command will print `enabled 2`. Alternatively, check for the `-e 2` line in the +`/etc/audit/rules.d/audit.rules` file. + +Activity Monitor supports the immutable mode. It compares the current auditd configuration with the +desired one. If they differ and the immutable mode is enabled, the product displays a warning that a +server restart is required in the status section of the **Monitored Hosts & Services** tab. After the reboot, +the changes take effect and the immutable mode is enabled. + diff --git a/docs/activitymonitor/9.0/requirements/overview.md b/docs/activitymonitor/9.0/requirements/overview.md new file mode 100644 index 0000000000..205e2700d9 --- /dev/null +++ b/docs/activitymonitor/9.0/requirements/overview.md @@ -0,0 +1,78 @@ +--- +title: "Requirements" +description: "Requirements" +sidebar_position: 20 +--- + +# Requirements + +This topic describes the recommended configuration of the servers needed to install the application +in a production environment. Depending on the size of the organization, it is recommended to review +your environment and requirements with a Netwrix engineer prior to deployment to ensure all +exceptions are covered. + +## Architecture Overview + +The following servers are required for installation of the application: + +**Core Components** + +- **Activity Monitor Console** Machine – This is where the management console is installed. + The Console can be installed on several machines to manage the same set of agents. + + :::note + The Activity Monitor Console can be hosted on the same machine as other Netwrix + products. + ::: + + +- **Agents** – There are three deployment scenarios that that differ in their requirements: + + - Activity monitoring of Windows file servers, Network Attached Storage (NAS) devices, Azure Files, Microsoft Entra ID, SharePoint On-premise, + SharePoint Online, Exchange Online, and SQL Server. The agent is deployed on a Windows Server. + See the [Activity Agent Server Requirements](/docs/activitymonitor/9.0/requirements/activityagent/activityagent.md) topic + for additional information. + - Active Directory monitoring – the agent is deployed to every domain controllers to monitor Active Directory + domains. See the [AD Agent Server Requirements](/docs/activitymonitor/9.0/requirements/adagent/adagent.md) topic for additional information. + - Linux monitoring – the agent is deployed to Linux servers to be monitored. See the + [Linux Agent Server Requirements](/docs/activitymonitor/9.0/requirements/linuxagent.md) topic for additional information. + +**Target Environment Considerations** + +The target environment encompasses all servers, devices, or infrastructure to be monitored by +Activity Monitor. Most solutions have additional target requirements. + +## Activity Monitor Console Machine Requirements + +The machine can be a Windows Server or desktop, as well as physical or virtual. The Console can be installed on serveral machines to manage the same agents. +The following Windows Server operating systems are supported: + +- Windows Server 2025 +- Windows Server 2022 +- Windows Server 2019 +- Windows Server 2016 + +The following Windows desktop operating systems are supported: + +- Windows 11 +- Windows 10 + +**RAM, Processor, and Disk Space** + +- RAM – 4 GB minimum +- Processor – x64 +- Disk Space – 1 GB minimum + +**Additional Machine Requirements** + +The following are additional requirements for the Console machine: + +- .NET Framework 4.7.2 installed, which can be downloaded from the link in the Microsoft + [.NET Framework 4.7.2 offline installer for Windows](https://support.microsoft.com/en-us/topic/microsoft-net-framework-4-7-2-offline-installer-for-windows-05a72734-2127-a15d-50cf-daf56d5faec2) + article + +**Permissions for Installation** + +The following permission is required to install and use the application: + +- Membership in the local Administrators group for the Activity Monitor Console machine diff --git a/docs/activitymonitor/9.0/restapi/_category_.json b/docs/activitymonitor/9.0/restapi/_category_.json new file mode 100644 index 0000000000..37dc66e9c5 --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "REST API", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/restapi/overview.md b/docs/activitymonitor/9.0/restapi/overview.md new file mode 100644 index 0000000000..63b6d64e6d --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/overview.md @@ -0,0 +1,29 @@ +--- +title: "REST API" +description: "REST API" +sidebar_position: 60 +--- + +# REST API + +## Overview + +Netwrix Activity Monitor API gives you access to the most information and functionality available in +the console. You can manage agents, monitored hosts and services, AD monitoring using API. + +The REST-style API is provided by the API Server feature which is a component of the Activity +Monitor Agent (Windows only). It is pre-installed with the Agent, disabled by default. + +Like the console, a single API Server can manage many agents. A single API Server can manage the +whole organization. However, one capability requires running the API Server on each and every +Activity Monitor Agent and is the HTTPS access to the log files. + +See the following topics for additional information: + +- [Security and Access Control](/docs/activitymonitor/9.0/restapi/security.md) +- [Schema and Resources](/docs/activitymonitor/9.0/restapi/resources/resources.md) + + - [Agent](/docs/activitymonitor/9.0/restapi/resources/agent.md) + - [Domain](/docs/activitymonitor/9.0/restapi/resources/domain.md) + - [Host](/docs/activitymonitor/9.0/restapi/resources/host.md) + - [Output](/docs/activitymonitor/9.0/restapi/resources/output.md) diff --git a/docs/activitymonitor/9.0/restapi/resources/_category_.json b/docs/activitymonitor/9.0/restapi/resources/_category_.json new file mode 100644 index 0000000000..9a2c4705c7 --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/resources/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Schema and Resources", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "resources" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/restapi/resources/agent.md b/docs/activitymonitor/9.0/restapi/resources/agent.md new file mode 100644 index 0000000000..30ef470331 --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/resources/agent.md @@ -0,0 +1,262 @@ +--- +title: "Agent" +description: "Agent" +sidebar_position: 10 +--- + +# Agent + +| Attribute | Type | Detailed Only | Description | +| ---------------------------------------- | -------- | ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| id | string | | Agent ID | +| platformId | string | | Platform of the agent: Windows , Linux | +| url | string | | Self URL | +| host | string | | Host name/address as specified by user | +| netbiosName | string | | NETBIOS name | +| authenticationMethod | string | | The authentication method for connecting to the agent: Password, PublicKey | +| agentPort | int | | The port that is used by the agent. Default: 4498. | +| userName | string | | Account for connecting to the agent. | +| password | string | X | Account password for connecting to the agent. Password is not exposed. | +| privateKey | string | | The private key used when PublicKey authentication method is used. The private key is not exposed. | +| clientCertificate | string | | The agent's client certificate. | +| protocol | string | | The protocol used for connecting to the agent: GRPC | +| domain | string | | Domain name of the agent | +| machineSid | string | | The Machine SID of the Agent Server. | +| osVersion | string | | OS version or version servicepack | +| isDC | bool | | Is Agent a domain controller | +| errorMessage | string | | Description of the failure condition | +| installState | string | | State of Activity Monitor agent: `NotInstalled`, `Unknown`, `Installed`, `Installing`, `Upgrading`, `Uninstalling`, `Outdated`, `Failed`, `ManagedBySI` (last one for Threat Prevention agents) | +| version | string | | Activity Monitor agent version | +| siInstallState | string | | State of Threat Prevention agent: `NotInstalled`, `Unknown`, `Installed`, `Installing`, `Upgrading`, `Uninstalling`, `Outdated`, `Failed`, `ManagedBySI` (last one for Threat Prevention agents) | +| siVersion | string | | Threat Prevention agent version | +| managedBySI | bool | | True if the Threat Prevention Agent configuration is managed by Threat Prevention. Otherwise Activity Monitor managed the Threat Prevention Agent | +| configVersion | string | | A hash of the config file | +| monitoredHostsUrl | string | | URL to the list of agent's hosts | +| monitoredDomainUrl | string | | URL to the domain monitored by the agent, if any | +| warnings | string[] | X | Array of errors/warnings if any | +| ad.safeModeStatus | string | X | `pending`, `approved`. If `pending`, the AD Module is in the safe (not yet loaded) mode. | +| ad.safeModeMessage | string | X | If in the safe mode, contains a reason why the agent switched to the mode. | +| ad.hardeningIsEnabled | bool | X | AD Module hardening is enabled or disabled. | +| ad.safeModeIsEnabled | bool | X | AD Module safe mode is enabled or disabled. | +| ad.dnsResolveIsEnabled | bool | X | AD Module DNS hostname resolution is enabled or disabled. | +| ad.siIpWhitelist | string[] | X | Whitelist of IPs allowed to connect to the AD Module port. | +| archive.IsEnabled | bool | X | Whether the archiving feature is enabled | +| archive.path | string | X | UNC path of the archival location | +| archive.userName | string | X | An account to access the archival location. | +| archive.password | string | X | User password to access the archival location. Password is not exposed. | +| archive.maxLocalSize | string | X | Maximum space the agent is allowed to use on the local drives. | +| fpolicy.port | int | X | NetApp c-mode fpolicy port | +| fpolicy.auth | string | X | `NoAuth`, `Server`, `Mutual` | +| fpolicy.ipWhitelist | string[] | X | IP whitelist | +| fpolicy.clientCertificate | string | X | The Client or CA certificate that is currently set. | +| fpolicy.serverCertificate | string | X | The FPolicy Server certificate that is currently set. Server Certificate is not exposed. | +| minLocalFreeSpace | string | X | Free disk threshold after which the agent stops writing data to the log files | +| cee.vcapsIsEnabled | bool | X | CEE Asynchronous bulk delivery (VCAPS) is enabled or disabled. | +| cee.vcapsInterval | int | X | Interval in seconds on how often events are delivered by CEE. | +| cee.vcapsEvents | int | X | Interval in number of events on how often events are delivered by CEE. | +| cee.httpEnabled | bool | X | CEE HTTP protocol is enabled or disabled | +| cee.rpcEnabled | bool | X | CEE RPC protocol is enabled or disabled | +| cee.ipWhitelist | string[] | X | Whitelist of IPs that are allowed to connect to the agent via http protocol. If blank the agent will accept connections from any host. | +| inactivityAlerts.isEnabled | bool | X | Whether Inactivity Alerting is enabled | +| inactivityAlerts.inactivityInterval | int | X | The time interval to elapse after the Monitored Host stops receiving events. | +| inactivityAlerts.replayInterval | int | X | How often to repeat an alert if the inactivity period is long lasting. | +| inactivityAlerts.inactivityCheckInterval | int | X | The time interval to check the Monitored Host for new events. | +| inactivityAlerts.syslog.server | string | X | The syslog server that is sent inactivity alerts. | +| inactivityAlerts.syslog.protocol | string | X | The syslog server protocol that is used: "UDP" , "TCP" , "TLS" | +| inactivityAlerts.syslog.separator | string | X | The syslog server separator / message framing that is used: "LF ASCII 10" , "CR ASCII 13" , "CRLF ASCII 13, 10" , "NUL ASCII 0" , "Octet Count RFC 5425". Only used for TCP and TLS protocols. | +| inactivityAlerts.syslog.template | string | X | The syslog server template text that is used. | +| inactivityAlerts.email.server | string | X | The email SMTP server that is sent inactivity alerts. | +| inactivityAlerts.email.ssl | bool | X | Email SMTP Server SSL / TLS is enabled or disabled. | +| inactivityAlerts.email.userName | string | X | Email SMTP Server Username. | +| inactivityAlerts.email.password | string | X | Email SMTP Server Password. Password is not exposed. | +| inactivityAlerts.email.from | string | X | Email address of where the inactivity alert is from. | +| inactivityAlerts.email.to | string | X | Email address of where the inactivity alert is sent to. | +| inactivityAlerts.email.subject | string | X | Email message subject of the inactivity alert. | +| inactivityAlerts.email.body | string | X | Email message body of the inactivity alert. | +| apiServerIsEnabled | bool | | API Server is enabled or disabled | +| apiServerPort | int | | API Server TCP/IP port | +| apiServerIpWhitelist | string[] | X | Whitelist of IPs allowed to connect to the API Server port. | +| apiServerMgmtConsole | string | X | NETBIOS name of the Console machine that manages the agent list of the API Server (only available for agent(s) that are running the api server) | +| traceLevel | string | X | The logging trace level of the agent. | +| externalNicName | string | X | The selected network interface that is used for connections. If blank, the agent will auto-detect the network interface to use. | +| comment | string | | The agent's set comment. | +| etwLogEnabled | bool | | If true or enabled the windows agent will produce extended debugging data (ETW) logs from the windows driver when Trace logging is enabled for the agent. | +| linux.serviceUsername | string | X | The linux agent's service username that is used to run the agent service / daemon. If blank, root user is used. | +| networkProxy.address | string | X | HTTP Proxy Server set in SERVER[:PORT] format. If blank HTTP Proxy is disabled. | +| networkProxy.useDefaultCredentials | bool | X | If enabled the proxy server authenticates as the agent's machine account. | +| networkProxy.bypassProxyOnLocal | bool | X | If enabled the agent will bypass the proxy server for local addresses. | +| networkProxy.userName | string | X | The Proxy Server Username | +| networkProxy.password | string | X | The Proxy Server Password. Password is not exposed. | +| networkProxy.bypassList | string[] | X | List of regular expressions that describe URIs that do not use the proxy server when accessed. | +| dns.isEnabled | bool | X | Local DNS caching service is enabled or disabled. | +| dns.listenPort | int | X | Port used by the DNS caching service. | +| dns.parallelism | int | X | Parallelism level to use while processing DNS requests. | +| dns.perfStatsTimeDebug | TimeSpan | X | Period to dump performance statistics on debug level. | +| dns.perfStatsTimeInfo | TimeSpan | X | Period to dump performance statistics on info level. | +| dns.forwardDnsServer | string[] | X | List of DNS servers specified to be used for lookups. If blank, the default DNS servers of the agent are used. | +| dns.cacheFile | string | X | The DNS cache buffer filename that is used. | +| dns.successTtl | TimeSpan | X | How long to cache successful lookup results before attempting the search again. | +| dns.failedTtl | TimeSpan | X | How long to cache a failed lookup result before attempting the search again. | +| dns.clientWaitTimeout | TimeSpan | X | The amount of the DNS service is allowed to process a request before sending a not found response. If no results are received the lookup operation continues in the background. | +| dns.refreshThreshold | TimeSpan | X | An interval between expired items in the cache check. | +| dns.maxCacheSize | int | X | The max size of the dns service buffer file. | +| dns.uselessAge | TimeSpan | X | The DNS service does not resolve names for events older then the set time period. | +| dns.maxAttemptsToResolve | int | X | Maximum attempts that the DNS service will use to resolve addresses. If 0 is set, the DNS service will resolve addresses infinitely. | +| dns.suffix | string | X | The DNS suffix identifies the domain name that is appended to an unqualified host name to obtain a fully qualified domain name (FQDN) suitable for a dns name query. | +| adUsers.domainControllers | string[] | X | List of Domain Controllers to be used for user lookups. If blank, the default behavior is used. | +| adUsers.lookupTimeout | TimeSpan | X | The amount of time the agent will wait for the query results. If no results are received , the agent reports an empty username in the events, but continues the lookup operation in the background. | +| adUsers.successCacheTtl | TimeSpan | X | How long to cache successful lookup results before attempting the lookup from Active Directory again. | +| adUsers.failedCacheTtl | TimeSpan | X | How long to cache failed lookup results before attempting the lookup from Active Directory again. | +| adUsers.maxCacheSize | int | X | The max size of the cache buffer file. | +| panzura.port | int | X | Agent port used for Panzura. | +| panzura.useCredentials | bool | X | Protection of Panzura port is enabled or disabled. | +| panzura.username | string | X | Panzura's MQ username used for port protection. | +| panzura.password | string | X | Panzura's MQ password used for port protection. Password is not exposed. | +| panzura.ipWhitelist | string[] | X | Whitelist of IP addresses of Panzura nodes that are allowed to connect to the Agent's Panzura port. If blank, connections from any host are accepted. | +| nutanix.port | int | X | Agent port used for Nutanix. | +| nutanix.ipWhitelist | string[] | X | Whitelist of IP addresses of Nutanix nodes that are allowed to connect to the Agent's Nutanix port. If blank, connections from any host are accepted. | +| qumulo.port | int | X | Agent port used for Qumulo. | +| qumulo.ipWhitelist | string[] | X | Whitelist of IP addresses of Qumulo nodes that are allowed to connect to the Agent's Qumulo port. If blank, connections from any host are accepted. | +| ctera.port | int | X | Agent port used for Ctera. | +| ctera.ipWhitelist | string[] | X | Whitelist of IP addresses of CTERA portals that are allowed to connect to the Agent's CTERA port. If blank, connections from any host are accepted. | + +**Response Example** + +``` +{ +    "warnings": [], +    "archive": { +        "isEnabled": false, +        "path": "\\\\KDVM01\\SBACTIVITYLOGS", +        "userName": "", +        "maxLocalSize": "5GB" +    }, +    "cee": { +        "vcapsIsEnabled": false, +        "vcapsInterval": 60, +        "vcapsEvents": 100, +        "httpEnabled": false, +        "rpcEnabled": true, +        "ipWhitelist": [] +    }, +    "ad": { +        "safeModeStatus": null, +        "safeModeMessage": null, +        "hardeningIsEnabled": false, +        "safeModeIsEnabled": true, +        "dnsResolveIsEnabled": true, +        "siIpWhitelist": [] +    }, +    "minLocalFreeSpace": "64MB", +    "fpolicy": { +        "port": 9999, +        "auth": "NoAuth", +        "ipWhitelist": [], +        "clientCertificate": "", +        "serverCertificate": "" +    }, +    "inactivityAlerts": { +        "isEnabled": false, +        "inactivityInterval": 360, +        "replayInterval": 360, +        "inactivityCheckInterval": 1, +        "syslog": { +            "server": "", +            "protocol": "UDP", +            "separator": "Lf", +            "template": "<14>1 %TIME_STAMP_UTC% %AGENT% %PRODUCT% - NO_DATA - [origin ip=\"%INACTIVE_SERVER_IP%\"][noactivity@33334 host=\"%INACTIVE_SERVER%\" lastEvent=\"%LAST_EVENT_TIME_STAMP_UTC%\" activityType=\"%ACTIVITY_TYPE%\"] No activity events from %INACTIVE_SERVER% for %INACTIVITY_PERIOD_HOURS% hours." +        }, +        "email": { +            "server": "", +            "ssl": false, +            "userName": "", +            "from": "", +            "to": "", +            "subject": "[Activity Monitor] No activity events from %INACTIVE_SERVER% for %INACTIVITY_PERIOD_HOURS% hours", +            "body": "There were no activity events from %INACTIVE_SERVER% for %INACTIVITY_PERIOD_HOURS% hours.\n  \nHost:                 %INACTIVE_SERVER%\n  Activity Type: %ACTIVITY_TYPE%\n  Period of inactivity: %INACTIVITY_PERIOD_HOURS% hours / %INACTIVITY_PERIOD_MINUTES% minutes\n  Last event received:  %LAST_EVENT_TIME_STAMP_UTC% (UTC)\n  Last event received:  %LAST_EVENT_TIME_STAMP% (agent time)\n  Agent:                %AGENT%\n  \n  \n  %PRODUCT% %PRODUCT_VERSION%\n" +        } +    }, +    "panzura": { +        "port": 4497, +        "useCredentials": false, +        "username": "guest", +        "ipWhitelist": [] +    }, +    "nutanix": { +        "port": 4501, +        "ipWhitelist": [] +    }, +    "qumulo": { +        "port": 4496, +        "ipWhitelist": [] +    }, +    "ctera": { +        "port": 4499, +        "ipWhitelist": [] +    }, +    "linux": { +        "serviceUsername": "" +    }, +    "apiServerIpWhitelist": [], +    "apiServerMgmtConsole": "KDVM01", +    "traceLevel": "Info", +    "externalNicName": "", +    "dns": { +        "isEnabled": false, +        "listenPort": 4503, +        "parallelism": 4, +        "perfStatsTimeDebug": "00:01:00", +        "perfStatsTimeInfo": "00:10:00", +        "forwardDnsServer": [], +        "cacheFile": "dns.cache", +        "successTtl": "01:00:00", +        "failedTtl": "00:01:00", +        "clientWaitTimeout": "00:00:01.8000000", +        "refreshThreshold": "00:00:01", +        "maxCacheSize": 1000000, +        "uselessAge": "1.00:00:00", +        "maxAttemptsToResolve": 30, +        "suffix": "" +    }, +    "adUsers": { +        "domainControllers": [], +        "lookupTimeout": "00:00:02", +        "successCacheTtl": "10:00:00", +        "failedCacheTtl": "00:01:00", +        "maxCacheSize": 300000 +    }, +    "networkProxy": { +        "address": "", +        "useDefaultCredentials": false, +        "bypassProxyOnLocal": false, +        "userName": "", +        "bypassList": [] +    }, +    "id": "AGENT0", +    "platformId": "windows", +    "url": "https://127.0.0.1:4494/api/v1/agents/AGENT0", +    "host": "KDVM01", +    "netbiosName": "KDVM01", +    "authenticationMethod": "Password", +    "userName": "KDUD1\\Administrator", +    "clientCertificate": "", +    "protocol": "GRPC", +    "domain": "KDUD1", +    "machineSid": "S-1-5-21-3126412784-2087258618-1984987930-1105", +    "osVersion": "10.0.14393.0", +    "isDC": false, +    "errorMessage": "", +    "installState": "Installed", +    "version": "7.1.164", +    "siInstallState": "NotInstalled", +    "siVersion": "", +    "managedBySI": false, +    "configVersion": "xVdvRQnWGvifzQ8Q9rpfVj227Jo=", +    "monitoredHostsUrl": "https://127.0.0.1:4494/api/v1/agents/AGENT0/hosts", +    "monitoredDomainUrl": "https://127.0.0.1:4494/api/v1/agents/AGENT0/domain", +    "apiServerIsEnabled": true, +    "apiServerPort": 4494, +    "comment": "", +    "agentPort": 4498 +} +``` diff --git a/docs/activitymonitor/9.0/restapi/resources/domain.md b/docs/activitymonitor/9.0/restapi/resources/domain.md new file mode 100644 index 0000000000..ecf67dfcca --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/resources/domain.md @@ -0,0 +1,99 @@ +--- +title: "Domain" +description: "Domain" +sidebar_position: 20 +--- + +# Domain + +| Attribute | Type | Detailed Only | Description | +| -------------- | -------- | ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| id | string | | Domain ID | +| url | string | | Self URL | +| name | string | | Domain NETBIOS name | +| managedBySI | bool | | Whether the monitoring configuration is managed by Threat Prevention or Activity Monitor | +| outputs | output[] | | Domain outputs. Domain outputs are common for all the domain controllers. However, there are several agent-specific settings, like `archivePath`. Do get agent-specific outputs use `api/v1/agents/«agentId»/domain`. | +| outputsUrl | string | | URL to domain outputs | +| agentsUrl | string | | URL to domain controllers | +| masterAgentId | string | | ID of the Master agent - the one whose configuration is considered the master one. | +| masterAgentUrl | string | | URL to the Master agent. | +| policies | policy[] | | Domain Policies. The list of policies for the domain. | + +**Response Example** + +``` +{ +    "id": "KDUD1", +    "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1", +    "name": "KDUD1", +    "managedBySI": false, +    "outputs": [ +        { +            "id": "69cce1100fce406192d1d8553083af43", +            "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/outputs/69cce1100fce406192d1d8553083af43", +            "domainId": "KDUD1", +            "domainUrl": "https://127.0.0.1:4494/api/v1/domains/KDUD1", +            "agentsIds": [], +            "isEnabled": true, +            "type": "LogFile", +            "logFile": { +                "format": "Json", +                "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\KDUD1_Log_.json", +                "archivePath": "\\\\KDVM01\\SBACTIVITYLOGS\\KDDC01\\KDUD1_69cce110-0fce-4061-92d1-d8553083af43\\KDUD1_Log_.json", +                "periodToRetainLog": 10, +                "reportUserName": false, +                "reportUncPath": false, +                "addCToPath": true, +                "reportMilliseconds": true, +                "stealthAudit": true +            }, +            "comment": "", +            "managedBy": "", +            "altHost": "" +        }, +        { +            "id": "cd34eb7a0c1d40c097b56056af2afd73", +            "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/outputs/cd34eb7a0c1d40c097b56056af2afd73", +            "domainId": "KDUD1", +            "domainUrl": "https://127.0.0.1:4494/api/v1/domains/KDUD1", +            "agentsIds": [], +            "isEnabled": true, +            "type": "Syslog", +            "syslog": { +                "reportUncPath": false, +                "addCToPath": true, +                "server": "1.2.3.4:514", +                "protocol": "UDP", +                "separator": "Lf", +                "template": "%SYSLOG_DATE% %HOST% LEEF:1.0|%COMPANY%|%PRODUCT%|%PRODUCT_VERSION%|%EVENT_SOURCE_TYPE%%CLASS_NAME%%EVENTNAMETRANSLATED%%SUCCESS%%BLOCKED_EVENT%|cat=%EVENTNAMETRANSLATED%\tdevTimeFormat=yyyy-MM-dd HH:mm:ss.SSS\tdevTime=%TIME_STAMP%\tSettingName=%SETTING_NAME%\tdomain=%EVENT_SOURCE_NAME%\tusrName=%PERPETRATOR_NAME%\tsrc=%ORIGINATINGCLIENTIP%\tdst=%ORIGINATING_SERVERIP%\tDistinguishedName=%DN%\tAffectedObject=%AFFECTED_OBJECT_ACCOUNT_NAME%\tClassName=%CLASS_NAME%\tOrigServer=%ORIGINATING_SERVER%\tSuccess=%SUCCESS%\tBlocked=%BLOCKED_EVENT%\tAttrName=%ATTRIBUTE_NAME%\tAttrNewValue=%ATTRIBUTE_VALUE%\tAttrOldValue=%OLD_ATTRIBUTE_VALUE%\tOperation=%OPERATION%" +            }, +            "comment": "", +            "managedBy": "", +            "altHost": "" +        }, +        { +            "id": "bee61b424f214f7583e9cece222b8f41", +            "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/outputs/bee61b424f214f7583e9cece222b8f41", +            "domainId": "KDUD1", +            "domainUrl": "https://127.0.0.1:4494/api/v1/domains/KDUD1", +            "agentsIds": [], +            "isEnabled": true, +            "type": "Amqp", +            "amqp": { +                "server": "5.6.7.8:10001", +                "userName": "StealthINTERCEPT", +                "queue": "", +                "exchange": "StealthINTERCEPT", +                "vhost": "" +            }, +            "comment": "", +            "managedBy": "", +            "altHost": "" +        } +    ], +    "outputsUrl": "https://127.0.0.1:4494/api/v1/domains/KDUD1/outputs", +    "agentsUrl": "https://127.0.0.1:4494/api/v1/domains/KDUD1/agents", +    "masterAgentId": "AGENT1", +    "masterAgentUrl": "https://127.0.0.1:4494/api/v1/agents/AGENT1" +} +``` diff --git a/docs/activitymonitor/9.0/restapi/resources/host.md b/docs/activitymonitor/9.0/restapi/resources/host.md new file mode 100644 index 0000000000..68d698d4cd --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/resources/host.md @@ -0,0 +1,480 @@ +--- +title: "Host" +description: "Host" +sidebar_position: 30 +--- + +# Host + +| Attribute | Type | Detailed Only | Description | +| ---------------------------------------- | -------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| id | string | | ID of the host. | +| url | string | | Self URL | +| host | string | | Host name/Address as specified by a user | +| type | string | | `Windows`,`NetApp`,`Celerra`,`Isilon`,`Hitachi`,`SharePoint`,`Unity`,`Nasuni`, `Panzura`, `SharePointOnline`, `AzureAD`, `Linux`, `SqlServer` | +| userName | string | | An account to connect the host to | +| password | string | X | Account password to connect the host to. Password is not exposed. | +| autoConfigureAuditing | bool | | Automatically enable the auditing on the device, if supported | +| monitorAuditingStatus | bool | | Constantly verify that the auditing is enabled, fix if needed | +| hostAliases | string[] | | List of server names for NAS if they are different from the set name of the host. | +| outputs | output[] | | Array of host's outputs | +| inactivityAlerts.isEnabled | bool | | Whether Inactivity Alerting is enabled | +| inactivityAlerts.useCustomSettings | bool | | Whether to use custom host settings, or inherit from agent settings. | +| inactivityAlerts.inactivityInterval | int | | The time interval to elapse after the Monitored Host stops receiving events. | +| inactivityAlerts.replayInterval | int | | How often to repeat an alert if the inactivity period is long lasting. | +| inactivityAlerts.inactivityCheckInterval | int | | The time interval to check the Monitored Host for new events. | +| inactivityAlerts.syslog.server | string | | The syslog server that is sent inactivity alerts. | +| inactivityAlerts.syslog.protocol | string | | The syslog protocol that is used: "UDP" , "TCP" , "TLS" | +| inactivityAlerts.syslog.separator | string | | The syslog server separator / message framing that is used: "LF ASCII 10" , "CR ASCII 13" , "CRLF ASCII 13, 10" , "NUL ASCII 0" , "Octet Count RFC 5425". Only used for TCP and TLS protocols. | +| inactivityAlerts.syslog.template | string | | The syslog message template text. | +| inactivityAlerts.email.server | string | | The email or SMTP server or IP that is used to send host inactivity alerts. | +| inactivityAlerts.email.ssl | bool | | Email SMTP Server SSL / TLS is enabled or disabled. | +| inactivityAlerts.email.userName | string | | The email or SMTP server user name. | +| inactivityAlerts.email.password | string | X | The email or SMTP server password. Password is not exposed. | +| inactivityAlerts.email.from | string | | Email address of where the inactivity alert is from. | +| inactivityAlerts.email.to | string | | Email address of where the inactivity alert is sent to. | +| inactivityAlerts.email.subject | string | | Email message subject of the inactivity alert. | +| inactivityAlerts.email.body | string | | Email message body of the inactivity alert. | +| uidTranslate.isEnabled | bool | | NFS UID translation to Windows SID is enabled or disabled. | +| uidTranslate.domainController | string | | The name of the forest or a Domain Controller. Used for Active Directory searches. | +| uidTranslate.port | int | | The port used for Active Directory searches. | +| uidTranslate.options | string | | The set options used for Active Directory searches. | +| uidTranslate.container | string | | The Active Directory container set to be searched. | +| uidTranslate.scope | string | | The scope of the Active Directory search. | +| uidTranslate.filter | string | | The filter of the Active Directory search. | +| hitachi.uncLogPath | string | | The path of the hitachi audit event log file. | +| hitachi.logFileName | string | | The filename of the hitachi audit event log. | +| hitachi.pollingInterval | TimeSpan | | The interval of polling the log for new events. | +| api.protocol | string | | The API Protocol being used: "AutoDetect", "HTTPS", "HTTPSIgnoreErrors", "HTTP". | +| api.certificate | string | | The text output of the HTTPS certificate. | +| api.hostNameVerification | bool | | If certificate hostname verification is enabled or disabled. | +| api.channel | string | | The communication method being used: "AutoDetect", "ONTAPI", "REST" (only used for netapp hosts) | +| netapp.managementLif | string | | The Management LIF of the netapp host. Disabled / Empty by default. | +| netapp.nfs3EventName | string | | The fpolicy Event Name for successful NFSv3 Events. Default: "StealthAUDITScreeningNfsV3" | +| netapp.nfs3FailedEventName | string | | The fpolicy Event Name for failed NFSv3 Events. Default: "StealthAUDITScreeningFailedNfsV3" | +| netapp.nfs4FailedEventName | string | | The fpolicy Event Name for failed NFSv4 Events. Deafult: "StealthAUDITScreeningFailedNfsV4" | +| netapp.nfs4EventName | string | | The fpolicy Event Name for successful NFSv4 Events. Default: "StealthAUDITScreeningNfsV4" | +| netapp.cifsEventName | string | | The fpolicy Event Name for successful CIFS Events. Default: "StealthAUDITScreeningCifs" | +| netapp.cifsFailedEventName | string | | The fpolicy Event Name for failed CIFS Events. Default: "StealthAUDITScreeningCifs" | +| netapp.policyName | string | | The fpolicy Policy Name used for the Activity Monitor. Default: "StealthAUDIT" | +| netapp.externalEngineName | string | | The fpolicy External Engine Name used for the Activity Monitor. Default: "StealthAUDITEngine" | +| netapp.persistentStore.volume | string | | Name of the volume to use for the Persistent Store feature.| +| netapp.persistentStore.size | long | | Initial size of the volume for the Persistent Store feature.| +| netapp.persistentStore.autoSize | string | | `off` (default), `grow`, or `grow_shrink`.| +| sharePoint.pollingInterval | TimeSpan | | The polling interval set for sharepoint on premise hosts. | +| spo.azure.domain | string | | The Azure Active Directory domain being monitored for SharePoint Online. | +| spo.azure.azureCloud | string | | The selected Azure Cloud being used: "Azure", "Azure for US Government GCC", "Azure for Government GCC High", "Azure for US Government DoD", "Azure Germany", "Azure China by 21Vianet" | +| spo.azure.tenantId | string | | The azure Tenant ID | +| spo.azure.tenantName | string | | The azure Tenant Name | +| spo.azure.clientId | string | | The azure Tenant Client ID. | +| spo.azure.clientSecret | string | X | The azure Client Secret. Client Secret is not exposed. | +| spo.azure.region | string | | The azure Region. | +| azureAd.azure.domain | string | | The Azure Active Directory domain being monitored. | +| azureAd.azure.azureCloud | string | | The selected Azure Cloud being used: "Azure", "Azure for US Government GCC", "Azure for Government GCC High", "Azure for US Government DoD", "Azure Germany", "Azure China by 21Vianet" | +| azureAd.azure.tenantId | string | | The azure Tenant ID | +| azureAd.azure.tenantName | string | | The azure Tenant Name | +| azureAd.azure.clientId | string | | The azure Tenant Client ID. | +| azureAd.azure.clientSecret | string | X | The azure Client Secret. Client Secret is not exposed. | +| azureAd.azure.region | string | | The azure Region. | +| exchangeOnline.azure.domain | string | | The Azure Active Directory domain being monitored for Exchange Online. | +| exchangeOnline.azure.azureCloud | string | | The selected Azure Cloud being used: "Azure", "Azure for US Government GCC", "Azure for Government GCC High", "Azure for US Government DoD", "Azure Germany", "Azure China by 21Vianet" | +| exchangeOnline.azure.tenantId | string | | The azure Tenant ID | +| exchangeOnline.azure.tenantName | string | | The azure Tenant Name | +| exchangeOnline.azure.clientId | string | | The azure Tenant Client ID. | +| exchangeOnline.azure.clientSecret | string | X | The azure Client Secret. Client Secret is not exposed. | +| exchangeOnline.azure.region | string | | The azure Region. | +| sql.pollingInterval | string | | The interval for polling SQL log for new events. | +| sql.tweakOptions | string[] | | Extended Events tweaking options for SQL hosts. | +| outputsUrl | string | | URL to the host's outputs | +| agentsUrl | string | | URL to the agents that are monitoring the host | +| status.updatedAt | DateTime | | A timestamp when the status has changed to this value. | +| status.type | string | | OK, Error, or Warning - indicates a type of the status. | +| status.summary | string | | A user-friendly summary string of the status. May be empty for the OK type, non-empty otherwise. | +| status.details | string | | A user-friendly message that describes the status. May be empty. | +| status.helpUrl | string | | A URL to a documentation or KB article about the issue. May be empty. | +| statusHistoryUrl | string | | URL to the status history of the host. | +| stats.receivedAt | DateTime | | Timestamp indicating the last time the Agent received something from the Host. | +| stats.receivedCount | long | | Total number of events received by the agent for the Host. | +| stats.lastEventTime | DateTime | | The most recent timestamp among all recent events received for the Host. File servers and other event sources can deliver events out of order. For example, each node of PowerScale cluster has its log and delivery cadence. This field shows the MAX(timestamp) for recent events. | + +**Response Example** + +``` +{ +    "autoConfigureAuditing": false, +    "monitorAuditingStatus": false, +    "hostAliases": [], +    "inactivityAlerts": { +        "isEnabled": false, +        "useCustomSettings": false, +        "inactivityInterval": 360, +        "replayInterval": 360, +        "inactivityCheckInterval": 1, +        "syslog": { +            "server": "", +            "protocol": "UDP", +            "separator": "Lf", +            "template": "<14>1 %TIME_STAMP_UTC% %AGENT% %PRODUCT% - NO_DATA - [origin ip=\"%INACTIVE_SERVER_IP%\"][noactivity@33334 host=\"%INACTIVE_SERVER%\" lastEvent=\"%LAST_EVENT_TIME_STAMP_UTC%\" activityType=\"%ACTIVITY_TYPE%\"] No activity events from %INACTIVE_SERVER% for %INACTIVITY_PERIOD_HOURS% hours." +        }, +        "email": { +            "server": "", +            "ssl": false, +            "userName": "", +            "from": "", +            "to": "", +            "subject": "[Activity Monitor] No activity events from %INACTIVE_SERVER% for %INACTIVITY_PERIOD_HOURS% hours", +            "body": "There were no activity events from %INACTIVE_SERVER% for %INACTIVITY_PERIOD_HOURS% hours.\n  \nHost:                 %INACTIVE_SERVER%\n  Activity Type: %ACTIVITY_TYPE%\n  Period of inactivity: %INACTIVITY_PERIOD_HOURS% hours / %INACTIVITY_PERIOD_MINUTES% minutes\n  Last event received:  %LAST_EVENT_TIME_STAMP_UTC% (UTC)\n  Last event received:  %LAST_EVENT_TIME_STAMP% (agent time)\n  Agent:                %AGENT%\n  \n  \n  %PRODUCT% %PRODUCT_VERSION%\n" +        } +    }, +    "id": "Windows-kdvm01", +    "url": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01", +    "host": "KDVM01", +    "type": "Windows", +    "userName": "", +    "outputs": [ +        { +            "id": "b08e3c84905b4aed8718f42d2ecc523d", +            "url": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/outputs/b08e3c84905b4aed8718f42d2ecc523d", +            "hostId": "Windows-kdvm01", +            "hostUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01", +            "agentsIds": [ +                "AGENT0" +            ], +            "logsUrl": "https://127.0.0.1:4494/api/v1/logs/b08e3c84905b4aed8718f42d2ecc523d", +            "isEnabled": true, +            "type": "LogFile", +            "logFile": { +                "format": "Tsv", +                "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\KDVM01_Log_.tsv", +                "archivePath": "", +                "periodToRetainLog": 10, +                "reportUserName": false, +                "reportUncPath": false, +                "addCToPath": true, +                "reportMilliseconds": true, +                "stealthAudit": true +            }, +            "fileFilter": { +                "allowed": true, +                "denied": true, +                "cifs": true, +                "nfs": true, +                "read": true, +                "dirRead": false, +                "create": true, +                "dirCreate": true, +                "rename": true, +                "dirRename": true, +                "delete": true, +                "dirDelete": true, +                "update": true, +                "permission": true, +                "dirPermission": true, +                "attribute": true, +                "dirAttribute": true, +                "readOptimize": false, +                "shareAdd": false, +                "shareDelete": false, +                "shareUpdate": false, +                "sharePermission": false, +                "streamRead": true, +                "streamUpdate": true, +                "streamDelete": true, +                "streamAdd": true, +                "includePaths": [], +                "excludePaths": [], +                "excludeExtensions": [ +                    ".TMP", +                    ".RCV", +                    ".DS_STORE", +                    ".POLICY", +                    ".MANIFEST", +                    ".LACCDB", +                    ".LDB" +                ], +                "excludeProcesses": [ +                    "SBTService.exe", +                    "FPolicyServerSvc.exe", +                    "CelerraServerSvc.exe", +                    "FSACLoggingSvc.exe", +                    "HitachiService.exe", +                    "SIWindowsAgent.exe", +                    "SIGPOAgent.exe", +                    "LogProcessorSrv.exe", +                    "SearchIndexer.exe", +                    "WindowsSearch.exe", +                    "StealthAUDIT", +                    "MonitorService35.exe", +                    "MonitorService40.exe", +                    "MonitorService45.exe", +                    "Configuration.exe", +                    "ConfigurationAgent.exe", +                    "ConfigurationAgent.Grpc.Host.exe" +                ], +                "excludeReadProcesses": [], +                "excludeAccounts": [ +                    "S-1-5-17", +                    "S-1-5-18", +                    "S-1-5-19", +                    "S-1-5-20" +                ], +                "filterGroups": false, +                "officeFiltering": false, +                "pathFilters": [ +                    "-**\\~$*.DOC", +                    "-**\\~$*.DOCX", +                    "-**\\~$*.ODT", +                    "-**\\~$*.PPT", +                    "-**\\~$*.PPTX", +                    "-**\\~$*.PUB", +                    "-**\\~$*.RTF", +                    "-**\\~$*.TXT", +                    "-**\\~$*.WPS", +                    "-**\\~$*.XLSX", +                    "-**\\~$*.XSN", +                    "-**\\~$*.XML", +                    "-**\\~$*.DOCM", +                    "-**\\~$*.DOTX", +                    "-**\\~$*.DOTM", +                    "-**\\~$*.DOT", +                    "-**\\~$*.MHT", +                    "-**\\~$*.HTM", +                    "-**\\~$*.XLSM", +                    "-**\\~$*.XLSB", +                    "-**\\~$*.XLTX", +                    "-**\\~$*.XLTM", +                    "-**\\~$*.XLAM", +                    "-**\\~$*.ODS", +                    "-**\\~$*.PPTM", +                    "-**\\~$*.POTX", +                    "-**\\~$*.POTM", +                    "-**\\~$*.POT", +                    "-**\\~$*.THMX", +                    "-**\\~$*.PPSX", +                    "-**\\~$*.PPSM", +                    "-**\\~$*.PPS", +                    "-**\\~$*.ODP", +                    "-**\\~$*.PDF", +                    "-**\\~$*.XPS", +                    "-**\\.TEMPORARYITEMS\\**", +                    "-**\\~SNAPSHOT\\**", +                    "-**\\WATSONRC.DAT", +                    "-**\\DESKTOP.INI", +                    "-C:\\Windows\\**", +                    "-C:\\Program Files\\**", +                    "-C:\\Program Files (x86)\\**", +                    "-C:\\ProgramData\\**", +                    "-C:\\Documents and Settings\\**", +                    "-C:\\Users\\**" +                ], +                "discardPreviewSubfolderReads": true, +                "discardPreviewSubfolderReadsInterval": 10, +                "discardPreviewFileReads": false, +                "discardPreviewFileReadsInterval": 60, +                "discardPreviewFileReadsFilenames": [ +                    "*.exe", +                    "*.url", +                    "*.lnk" +                ], +                "duplicateReadsInterval": 60 +            }, +            "comment": "", +            "managedBy": "", +            "windows": { +                "vssCreation": true, +                "vssDeletion": true, +                "vssActivity": true, +                "discardReorderedAcl": true, +                "discardInheritedAcl": false +            }, +            "status": { +                "updatedAt": "2024-09-16T17:32:24.9987211Z", +                "type": "OK" +            }, +            "statusHistoryUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/outputs/b08e3c84905b4aed8718f42d2ecc523d/statusHistory", +            "altHost": "", +            "stats": { +                "reportedAt": "2024-09-16T16:33:13.803Z", +                "reportedCount": 0, +                "lastEventTime": "2024-09-16T16:33:13.803Z", +                "filesCount": 2, +                "filesSize": 1440, +                "archiveFilesCount": 0, +                "archiveFilesSize": 0 +            } +        }, +        { +            "id": "f20aa0a8b7de4961b8ea9016b0d5d579", +            "url": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/outputs/f20aa0a8b7de4961b8ea9016b0d5d579", +            "hostId": "Windows-kdvm01", +            "hostUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01", +            "agentsIds": [ +                "AGENT0" +            ], +            "isEnabled": true, +            "type": "Syslog", +            "syslog": { +                "reportUncPath": false, +                "addCToPath": true, +                "server": "192.168.2.1:514", +                "protocol": "UDP", +                "separator": "Lf", +                "template": "%SYSLOG_DATE% %HOST% LEEF:1.0|%COMPANY%|%PRODUCT%|%PRODUCT_VERSION%|%EVENT_SOURCE_TYPE%%CLASS_NAME%%EVENT_NAME%%SUCCESS%%BLOCKED_EVENT%|cat=%EVENT_NAME%\tdevTimeFormat=yyyy-MM-dd HH:mm:ss.SSS\tdevTime=%TIME_STAMP%\tSettingName=%SETTING_NAME%\tdomain=%EVENT_SOURCE_NAME%\tusrName=%PERPETRATOR%\tsrc=%ORIGINATING_CLIENT_IP%\tdst=%ORIGINATING_SERVER_IP%\tDistinguishedName=%FILE_PATH%\tAffectedObject=\tClassName=%CLASS_NAME%\tOrigServer=%ORIGINATING_SERVER%\tSuccess=%SUCCESS%\tBlocked=%BLOCKED_EVENT%\tAttrName=%ATTRIBUTE_NAME%\tAttrNewValue=%ATTRIBUTE_VALUE%\tAttrOldValue=%OLD_ATTRIBUTE_VALUE%\tOperation=%OPERATION%" +            }, +            "fileFilter": { +                "allowed": true, +                "denied": true, +                "cifs": true, +                "nfs": true, +                "read": true, +                "dirRead": false, +                "create": true, +                "dirCreate": true, +                "rename": true, +                "dirRename": true, +                "delete": true, +                "dirDelete": true, +                "update": true, +                "permission": true, +                "dirPermission": true, +                "attribute": true, +                "dirAttribute": true, +                "readOptimize": false, +                "shareAdd": false, +                "shareDelete": false, +                "shareUpdate": false, +                "sharePermission": false, +                "streamRead": true, +                "streamUpdate": true, +                "streamDelete": true, +                "streamAdd": true, +                "includePaths": [], +                "excludePaths": [], +                "excludeExtensions": [ +                    ".TMP", +                    ".RCV", +                    ".DS_STORE", +                    ".POLICY", +                    ".MANIFEST", +                    ".LACCDB", +                    ".LDB" +                ], +                "excludeProcesses": [ +                    "SBTService.exe", +                    "FPolicyServerSvc.exe", +                    "CelerraServerSvc.exe", +                    "FSACLoggingSvc.exe", +                    "HitachiService.exe", +                    "SIWindowsAgent.exe", +                    "SIGPOAgent.exe", +                    "LogProcessorSrv.exe", +                    "SearchIndexer.exe", +                    "WindowsSearch.exe", +                    "StealthAUDIT", +                    "MonitorService35.exe", +                    "MonitorService40.exe", +                    "MonitorService45.exe", +                    "Configuration.exe", +                    "ConfigurationAgent.exe", +                    "ConfigurationAgent.Grpc.Host.exe" +                ], +                "excludeReadProcesses": [], +                "excludeAccounts": [ +                    "S-1-5-17", +                    "S-1-5-18", +                    "S-1-5-19", +                    "S-1-5-20" +                ], +                "filterGroups": false, +                "officeFiltering": false, +                "pathFilters": [ +                    "-**\\~$*.DOC", +                    "-**\\~$*.DOCX", +                    "-**\\~$*.ODT", +                    "-**\\~$*.PPT", +                    "-**\\~$*.PPTX", +                    "-**\\~$*.PUB", +                    "-**\\~$*.RTF", +                    "-**\\~$*.TXT", +                    "-**\\~$*.WPS", +                    "-**\\~$*.XLSX", +                    "-**\\~$*.XSN", +                    "-**\\~$*.XML", +                    "-**\\~$*.DOCM", +                    "-**\\~$*.DOTX", +                    "-**\\~$*.DOTM", +                    "-**\\~$*.DOT", +                    "-**\\~$*.MHT", +                    "-**\\~$*.HTM", +                    "-**\\~$*.XLSM", +                    "-**\\~$*.XLSB", +                    "-**\\~$*.XLTX", +                    "-**\\~$*.XLTM", +                    "-**\\~$*.XLAM", +                    "-**\\~$*.ODS", +                    "-**\\~$*.PPTM", +                    "-**\\~$*.POTX", +                    "-**\\~$*.POTM", +                    "-**\\~$*.POT", +                    "-**\\~$*.THMX", +                    "-**\\~$*.PPSX", +                    "-**\\~$*.PPSM", +                    "-**\\~$*.PPS", +                    "-**\\~$*.ODP", +                    "-**\\~$*.PDF", +                    "-**\\~$*.XPS", +                    "-**\\.TEMPORARYITEMS\\**", +                    "-**\\~SNAPSHOT\\**", +                    "-**\\WATSONRC.DAT", +                    "-**\\DESKTOP.INI", +                    "-C:\\Windows\\**", +                    "-C:\\Program Files\\**", +                    "-C:\\Program Files (x86)\\**", +                    "-C:\\ProgramData\\**", +                    "-C:\\Documents and Settings\\**", +                    "-C:\\Users\\**" +                ], +                "discardPreviewSubfolderReads": true, +                "discardPreviewSubfolderReadsInterval": 10, +                "discardPreviewFileReads": false, +                "discardPreviewFileReadsInterval": 60, +                "discardPreviewFileReadsFilenames": [ +                    "*.exe", +                    "*.url", +                    "*.lnk" +                ], +                "duplicateReadsInterval": 60 +            }, +            "comment": "", +            "managedBy": "", +            "windows": { +                "vssCreation": true, +                "vssDeletion": true, +                "vssActivity": true, +                "discardReorderedAcl": true, +                "discardInheritedAcl": false +            }, +            "status": { +                "updatedAt": "2024-09-16T17:32:24.9987211Z", +                "type": "OK" +            }, +            "statusHistoryUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/outputs/f20aa0a8b7de4961b8ea9016b0d5d579/statusHistory", +            "altHost": "", +            "stats": { +                "reportedCount": 0 +            } +        } +    ], +    "outputsUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/outputs", +    "agentsUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/agents", +    "status": { +        "updatedAt": "2024-09-16T17:32:24.9987211Z", +        "type": "OK" +    }, +    "statusHistoryUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm01/statusHistory", +    "stats": { +        "receivedCount": 0, +        "lastEventTime": "2024-09-16T16:33:13.803Z" +    } +} +``` diff --git a/docs/activitymonitor/9.0/restapi/resources/output.md b/docs/activitymonitor/9.0/restapi/resources/output.md new file mode 100644 index 0000000000..5d881c9d1b --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/resources/output.md @@ -0,0 +1,462 @@ +--- +title: "Output" +description: "Output" +sidebar_position: 40 +--- + +# Output + +| Attribute | Type | Detailed Only | Description | +| -------------------------- | ---------------- | ------------- | -------------------------------------------------------------------------------------------------------- | +| id | string | | ID of the output. | +| url | string | | Self URL | +| hostId | string | | ID of the host that owns the output. | +| hostUrl | string | | URL of the host that owns the output. | +| agentsIds | string[] | | List of Agent IDs of the agents managing the output. | +| domainId | string | | AD only: ID of the owning domain | +| domainUrl | string | | AD only: Link to the owning domain | +| logsUrl | string | | Link to the file output log files (for the local agent only, that has the API Server running) | +| isEnabled | bool | | Whether or not the output is enabled. If disabled, no activity is forwarded to it. | +| type | string | | `LogFile`,`Syslog`,`Amqp` | +| logFile | FileOutput | | Log file settings | +| syslog | SyslogOutput | | Syslog settings | +| amqp | AmqpOutput | | AMQP/DEFEND settings | +| fileFilter | FileFilter | | Filtering settings for file activity | +| sharePointFilter | SharePointFilter | | Filtering settings for SharePoint | +| comment | string | | User's comment | +| managedBy | string | | Name of a product that manages this output, if not self managed by NAM Agent. Values: `Threat Prevention`| +| windows | WindowsOptions | | Windows filtering settings | +| status.updatedAt | DateTime | | A timestamp when the status has changed to this value. | +| status.type | string | | OK, Error, or Warning - indicates a type of the status. | +| status.summary | string | | A user-friendly summary string of the status. May be empty for the OK type, non-empty otherwise. | +| status.details | string | | A user-friendly message that describes the status. May be empty. | +| statusHistoryUrl | string | | URL of the output's status history. | +| altHost | string | | A hostname that is reported in the activity events instead of the real hostname. | +| stats.reportedAt | DateTime | | Timestamp indicating the last time when an event was reported to the Output. | +| stats.reportedCount | long | | Total number of events reported to the Output. | +| stats.lastEventTime | DateTime | | The most recent timestamp among all reported events to the Output. | +| stats.filesCount | int | | Number of log files on the agent's server. | +| stats.filesSize | long | | Total size of log files on the agent's server. | +| stats.archiveFilesCount | int | | Number of log files in the archival location. | +| stats.archiveFilesSize | long | | Total size of log files in the archival location. | +| stats.archiveLastEventTime | DateTime | | The most recent timestamp in the recently archived log file. | + +## FileOutput + +| Attribute | Type | Detailed Only | Description | +| ------------------ | ------ | ------------- | ------------------------------------------------------------------------------------- | +| format | string | | `Tsv`, `Json` | +| path | string | | Log file path on the agent's drive. Timestamp is added before the extension. | +| archivePath | string | | Log file path in the archival location (UNC path) | +| periodToRetainLog | int | | Number of days to keep the log files alive both on the local drive and in the archive | +| reportUserName | bool | | Resolve and report user name | +| reportUncPath | bool | | Report UNC paths in addition to local/native paths | +| addCToPath | bool | | Prepend the path `C:\` and change the forward slashes to backslashes. | +| reportMilliseconds | bool | | Report events' time with milliseconds | +| stealthAudit | bool | | The file was marked for consumption by Access Analyzer | + +## SyslogOutput + +| Attribute | Type | Detailed Only | Description | +| ------------- | ------ | ------------- | --------------------------------------------------------------------- | +| server | string | | Hostname/address of the syslog server in the format HOST:PORT. | +| protocol | string | | `UDP`, `TCP`, `TLS` | +| separator | string | | `Lf`,Cr, `CrLf`, `Nul`, `Rfc5425` | +| reportUncPath | bool | | Report UNC paths in addition to local/native paths | +| addCToPath | bool | | Prepend the path `C:\` and change the forward slashes to backslashes. | +| template | string | | Text of the syslog template that is currently set to be used. | + +## AmqpOutput + +| Attribute | Type | Detailed Only | Description | +| --------- | ------ | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- | +| server | string | | Hostname/address of the AMQP server or the Threat Manager server and the port in the SERVER:PORT format | +| userName | string | | User name for the AMQP connection, if needed. ForThreat Managerintegration, use an empty string. | +| password | string | | Password / App Token for the AMQP connection. Password / App Token is not exposed. | +| queue | string | | Message queue name to post events to. ForThreat Manager integration, use an empty string. | +| exchange | string | | Exchange name to post events to. For Threat Manager integration, use "StealthINTERCEPT" for domain outputs or "AM" for host outputs. | +| vhost | string | | Virtual Host name, if needed. ForThreat Managerintegration, use an empty string. | +| caCertificate| string | | Certificate Autority certificate to validate the TLS connection. | +| protocol | string | | `TCP` (default) or `TLS`. | +| hostNameVerification | bool | | Whether or not verify the hostname during the TLS handshake. | + +## FileFilter + +| Attribute | Type | Detailed Only | Description | +| ------------------------------------ | -------- | ------------- | ------------------------------------------------------------------------------- | +| allowed | bool | | | +| denied | bool | | | +| cifs | bool | | | +| nfs | bool | | | +| read | bool | | | +| dirRead | bool | | | +| create | bool | | | +| dirCreate | bool | | | +| rename | bool | | | +| dirRename | bool | | | +| delete | bool | | | +| dirDelete | bool | | | +| update | bool | | | +| permission | bool | | | +| dirPermission | bool | | | +| attribute | bool | | | +| dirAttribute | bool | | | +| readOptimize | bool | | Suppress subsequent read operations in the same folder, by the same user. | +| shareAdd | bool | | | +| shareDelete | bool | | | +| shareUpdate | bool | | | +| sharePermission | bool | | | +| streamRead | bool | | Reads of Alternate Data Streams. | +| streamUpdate | bool | | Updates of Alternate Data Streams. | +| streamDelete | bool | | Deletes of Alternate Data Streams. | +| streamAdd | bool | | Adds of Alternate Data Streams. | +| includePaths | string[] | | Depreciated. This has been replaced by 'pathFilters'. | +| excludePaths | string[] | | Depreciated. This has been replaced by 'pathFilters'. | +| excludeExtensions | string[] | | | +| excludeProcesses | string[] | | | +| excludeReadProccesses | string[] | | | +| excludeAccounts | string[] | | | +| filterGroups | bool | | Process group membership when filtering. | +| officeFiltering | bool | | Suppress Microsoft Office and other applications operations on temporary files. | +| pathFilters | string[] | | List of paths to include and exclude. | +| discardPreviewSubfolderReads | bool | | | +| discardPreviewSubfolderReadsInterval | int | | | +| discardPreviewFileReads | bool | | | +| discardPreviewFileReadsInterval | int | | | +| discardPreviewFileReadsFilenames | string[] | | | +| duplicateReadsInterval | int | | | + +## SharePointFilter + +| Attribute | Type | Detailed Only | Description | +| --------------- | -------- | ------------- | ----------- | +| operations | string[] | | | +| includeUrls | string[] | | | +| excludeUrls | string[] | | | +| excludeAccounts | string[] | | | + +## WindowsOptions + +| Attribute | Type | Detailed Only | Description | +| ------------------- | ---- | ------------- | ----------- | +| vssCreation | bool | | | +| vssDeletion | bool | | | +| vssActivity | bool | | | +| discardReorderedAcl | bool | | | +| discardInheritedAcl | bool | | | + +**Response Example** + +``` +{ +    "id": "fcf4ad5d951548f0af10a8909c9cc284", +    "url": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm02/outputs/fcf4ad5d951548f0af10a8909c9cc284", +    "hostId": "Windows-kdvm02", +    "hostUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm02", +    "agentsIds": [ +        "AGENT2" +    ], +    "isEnabled": false, +    "type": "LogFile", +    "logFile": { +        "format": "Tsv", +        "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\KDVM02_Log_.tsv", +        "archivePath": "", +        "periodToRetainLog": 10, +        "reportUserName": false, +        "reportUncPath": false, +        "addCToPath": true, +        "reportMilliseconds": true, +        "stealthAudit": true +    }, +    "fileFilter": { +        "allowed": true, +        "denied": true, +        "cifs": true, +        "nfs": true, +        "read": true, +        "dirRead": false, +        "create": true, +        "dirCreate": true, +        "rename": true, +        "dirRename": true, +        "delete": true, +        "dirDelete": true, +        "update": true, +        "permission": true, +        "dirPermission": true, +        "attribute": true, +        "dirAttribute": true, +        "readOptimize": false, +        "shareAdd": false, +        "shareDelete": false, +        "shareUpdate": false, +        "sharePermission": false, +        "streamRead": true, +        "streamUpdate": true, +        "streamDelete": true, +        "streamAdd": true, +        "includePaths": [], +        "excludePaths": [], +        "excludeExtensions": [ +            ".TMP", +            ".RCV", +            ".DS_STORE", +            ".POLICY", +            ".MANIFEST", +            ".LACCDB", +            ".LDB" +        ], +        "excludeProcesses": [ +            "SBTService.exe", +            "FPolicyServerSvc.exe", +            "CelerraServerSvc.exe", +            "FSACLoggingSvc.exe", +            "HitachiService.exe", +            "SIWindowsAgent.exe", +            "SIGPOAgent.exe", +            "LogProcessorSrv.exe", +            "SearchIndexer.exe", +            "WindowsSearch.exe", +            "StealthAUDIT", +            "MonitorService35.exe", +            "MonitorService40.exe", +            "MonitorService45.exe", +            "Configuration.exe", +            "ConfigurationAgent.exe", +            "ConfigurationAgent.Grpc.Host.exe" +        ], +        "excludeReadProcesses": [], +        "excludeAccounts": [ +            "S-1-5-17", +            "S-1-5-18", +            "S-1-5-19", +            "S-1-5-20" +        ], +        "filterGroups": false, +        "officeFiltering": false, +        "pathFilters": [ +            "-**\\~$*.DOC", +            "-**\\~$*.DOCX", +            "-**\\~$*.ODT", +            "-**\\~$*.PPT", +            "-**\\~$*.PPTX", +            "-**\\~$*.PUB", +            "-**\\~$*.RTF", +            "-**\\~$*.TXT", +            "-**\\~$*.WPS", +            "-**\\~$*.XLSX", +            "-**\\~$*.XSN", +            "-**\\~$*.XML", +            "-**\\~$*.DOCM", +            "-**\\~$*.DOTX", +            "-**\\~$*.DOTM", +            "-**\\~$*.DOT", +            "-**\\~$*.MHT", +            "-**\\~$*.HTM", +            "-**\\~$*.XLSM", +            "-**\\~$*.XLSB", +            "-**\\~$*.XLTX", +            "-**\\~$*.XLTM", +            "-**\\~$*.XLAM", +            "-**\\~$*.ODS", +            "-**\\~$*.PPTM", +            "-**\\~$*.POTX", +            "-**\\~$*.POTM", +            "-**\\~$*.POT", +            "-**\\~$*.THMX", +            "-**\\~$*.PPSX", +            "-**\\~$*.PPSM", +            "-**\\~$*.PPS", +            "-**\\~$*.ODP", +            "-**\\~$*.PDF", +            "-**\\~$*.XPS", +            "-**\\.TEMPORARYITEMS\\**", +            "-**\\~SNAPSHOT\\**", +            "-**\\WATSONRC.DAT", +            "-**\\DESKTOP.INI", +            "-C:\\Windows\\**", +            "-C:\\Program Files\\**", +            "-C:\\Program Files (x86)\\**", +            "-C:\\ProgramData\\**", +            "-C:\\Documents and Settings\\**", +            "-C:\\Users\\**" +        ], +        "discardPreviewSubfolderReads": true, +        "discardPreviewSubfolderReadsInterval": 10, +        "discardPreviewFileReads": false, +        "discardPreviewFileReadsInterval": 60, +        "discardPreviewFileReadsFilenames": [ +            "*.exe", +            "*.url", +            "*.lnk" +        ], +        "duplicateReadsInterval": 60 +    }, +    "comment": "", +    "managedBy": "", +    "windows": { +        "vssCreation": true, +        "vssDeletion": true, +        "vssActivity": true, +        "discardReorderedAcl": true, +        "discardInheritedAcl": false +    }, +    "status": { +        "updatedAt": "2024-10-01T18:46:00.6768171Z", +        "type": "OK", +        "summary": "OK", +        "details": "OK" +    }, +    "statusHistoryUrl": "https://127.0.0.1:4494/api/v1/hosts/Windows-kdvm02/outputs/fcf4ad5d951548f0af10a8909c9cc284/statusHistory", +    "altHost": "", +    "stats": { +        "reportedAt": "2024-09-30T18:49:12.282Z", +        "reportedCount": 12, +        "lastEventTime": "2024-09-30T18:49:12.282Z", +        "filesCount": 1, +        "filesSize": 2204, +        "archiveFilesCount": 0, +        "archiveFilesSize": 0 +    } +} +``` + +## File + +| Attribute | Type | Detailed Only | Description | +| ------------ | -------- | ------------- | ----------------------------------------------------------------------------------------------- | +| id | string | | Activity Log File ID. | +| size | int | | File size in bytes | +| localPath | string | | File path on the local disk | +| isZip | bool | | Is it a Zip archive | +| isArchived | bool | | Determines whether the file is on a local drive of the agent or moved to the archival location. | +| type | string | | `Tsv`, `Json` | +| updatedAt | DateTime | | Last time the file was updated | +| activityFrom | DateTime | | Activity events in the file are not younger than the date. | +| activityTo | DateTime | | Activity events in the file are not older than the date. | +| outputId | string | | ID of the output that produced the file. | +| contentUrl | string | | Link to the file content. MIME type `application/x-msdownload` | + +**Response Example** + +``` +[ +    { +        "id": "localhost_Log_20190410_000000.tsv", +        "size": 81658576, +        "localPath": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\localhost_Log_20190410_000000.tsv", +        "isZip": false, +        "isArchived": false, +        "type": "Tsv", +        "updatedAt": "2019-04-10T17:45:07.2211753Z", +        "activityFrom": "2019-04-05T18:16:57", +        "activityTo": "2019-04-10T17:45:07", +        "outputId": "9c90791891774715bdb3415823790d7c", +        "contentUrl": "https://localhost:4494/api/v1/logs/get/localhost_Log_20190410_000000.tsv" +    }, +    { +        "id": "localhost_Log_20190401_000000.tsv.zip", +        "size": 11, +        "localPath": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\localhost_Log_20190401_000000.tsv.zip", +        "isZip": true, +        "isArchived": false, +        "type": "Tsv", +        "updatedAt": "2019-04-10T02:03:48.8899252Z", +        "activityFrom": "0001-01-01T00:00:00", +        "activityTo": "2019-04-10T02:03:48.8879242Z", +        "outputId": "9c90791891774715bdb3415823790d7c", +        "contentUrl": "https://localhost:4494/api/v1/logs/get/localhost_Log_20190401_000000.tsv.zip" +    }, +  { +    "id": "localhost_Log_20190405.tsv.zip", +    "size": 295102, +    "localPath": "\\\\WRKST0100\\SBACTIVITYLOGS\\WRKST0100\\WRKST0100_9c907918-9177-4715-bdb3-415823790d7c\\localhost_Log_20190405.tsv.zip", +    "isZip": true, +    "isArchived": true, +    "type": "Tsv", +    "updatedAt": "2019-04-05T20:59:55.1462518Z", +    "activityFrom": "2019-04-05T18:16:57", +    "activityTo": "2019-04-05T20:59:55", +    "outputId": "9c90791891774715bdb3415823790d7c", +    "contentUrl": "https://localhost:4494/api/v1/logs/archive/get/WRKST0100/WRKST0100_9c907918-9177-4715-bdb3-415823790d7c/localhost_Log_20190405.tsv.zip" +  } +] + +``` + +## Policy + +| Attribute | Type | Detailed Only | Read-Only | Description | +| ----------- | -------- | ------------- | --------- | ------------------------------------------------------------------------------------- | +| id | string | | X | Policy ID. | +| url | string | | X | Self URL. | +| name | string | | | Policy name. | +| description | string | | | Policy description. | +| path | string | | | Policy location. | +| guid | string | | X | Policy GUID. | +| isEnabled | bool | | | Whether the policy is enabled. | +| updatedAt | DateTime | | X | When the policy was last modified. | +| xml | string | | | Policy body in XML format. It's the same format used by Threat Prevention Powershell. | + +**Response Example** + +``` +[ +    { +        "id": "1000", +        "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/policies/1000", +        "name": "SAM AD Changes", +        "description": "", +        "path": "Policies\\Auditing", +        "guid": "56abcb01-0248-4f9c-8e61-aaeb8a30b5ff", +        "isEnabled": true, +        "updatedAt": "2024-08-22T19:05:31.22", +        "xml": "\r\n\r\n  \r\n  \r\n  \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      false\r\n      \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n        Object Added\r\n        Object Modified\r\n        Object Deleted\r\n        Object Moved/Renamed\r\n      \r\n    \r\n    \r\n      \r\n      \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n  \r\n" +    }, +    { +        "id": "1001", +        "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/policies/1001", +        "name": "SAM Authentication", +        "description": "", +        "path": "Policies\\Auditing", +        "guid": "b3d5397b-ef67-4d72-860c-4efa311ad37f", +        "isEnabled": false, +        "updatedAt": "2024-08-22T19:05:31.251", +        "xml": "\r\n\r\n  \r\n  \r\n  \r\n    \r\n    \r\n    \r\n      false\r\n      \r\n      \r\n      \r\n        \r\n        \r\n        \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n  \r\n" +    }, +    { +        "id": "1002", +        "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/policies/1002", +        "name": "SAM Ldap Monitor", +        "description": "", +        "path": "Policies\\Auditing", +        "guid": "b119a08c-5304-45b1-b981-22023a113690", +        "isEnabled": false, +        "updatedAt": "2024-08-22T19:05:31.251", +        "xml": "\r\n\r\n  \r\n  \r\n  \r\n    \r\n      \r\n    \r\n    \r\n    \r\n      false\r\n      \r\n      \r\n      \r\n    \r\n    \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      false\r\n    \r\n    \r\n      \r\n      \r\n    \r\n  \r\n" +    }, +    { +        "id": "1003", +        "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/policies/1003", +        "name": "SAM LSASS Guardian", +        "description": "", +        "path": "Policies\\Auditing", +        "guid": "409b77be-f0c2-4ba9-9fb9-d17d2c19084a", +        "isEnabled": false, +        "updatedAt": "2024-08-22T19:05:31.251", +        "xml": "\r\n\r\n  \r\n  \r\n  \r\n    \r\n      false\r\n      \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n        MsMpEng.exe\r\n        svchost.exe\r\n        VsTskMgr.exe\r\n        WmiPrvSE.exe\r\n        scan64.exe\r\n        mcshield.exe\r\n      \r\n    \r\n    3\r\n    \r\n      \r\n      \r\n    \r\n  \r\n" +    }, +    { +        "id": "1004", +        "url": "https://127.0.0.1:4494/api/v1/domains/KDUD1/policies/1004", +        "name": "SAM Replication", +        "description": "", +        "path": "Policies\\Auditing", +        "guid": "e6feb176-8a14-4a61-914b-6c864babd55a", +        "isEnabled": false, +        "updatedAt": "2024-08-22T19:05:31.251", +        "xml": "\r\n\r\n  \r\n  \r\n  \r\n    \r\n      \r\n      \r\n    \r\n    \r\n      false\r\n      \r\n      \r\n      \r\n    \r\n    \r\n      \r\n      \r\n    \r\n  \r\n" +    } +] +``` diff --git a/docs/activitymonitor/9.0/restapi/resources/resources.md b/docs/activitymonitor/9.0/restapi/resources/resources.md new file mode 100644 index 0000000000..8234d03ee4 --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/resources/resources.md @@ -0,0 +1,1918 @@ +--- +title: "Schema and Resources" +description: "Schema and Resources" +sidebar_position: 20 +--- + +# Schema and Resources + +The 9.0 API model consists of the following resources: + +- Agent – Represents an Activity Monitor Agent. API allows you to view existing agents and their + status, register, modify, or remove agents. You can list all the agents or the agents of a domain + (AD-monitoring agents on the domain controllers). + Children: Host, Domain + See the [Agent](/docs/activitymonitor/9.0/restapi/resources/agent.md) topic for additional information. + +- Host – Represents a host or service monitored by the product (Windows, NetApp, SharePoint, SQL + Server, etc.). It is a Monitored Host/Service in the Console. You can list all the hosts of the agent, or + just all the hosts. The API Provides access to the settings of the host and its status; allows you + to create new hosts, modify, enable/disable, or delete existing. Typical properties include a + hostname, credentials to access API, connection settings. A Host is associated with at least one + Output. Each Host can have multiple child Outputs, and each Output has its own unique filter + settings. + Children: Output + See the [Host](/docs/activitymonitor/9.0/restapi/resources/host.md) topic for additional information. + +- Domain – It is a Monitored Domain in the Console. The API provides summary information about each + monitored domain. Similar to host, the domain also has one or more output. These outputs are + common for all AD-monitoring agents of the domain. Each domain controller has the same log file + settings, syslog, and AMQP. + Children: Output, Agent + See the [Domain](/docs/activitymonitor/9.0/restapi/resources/domain.md) topic for additional information. + +- Output – A log file or Syslog or AMQP destination for the activity data. Typical + properties of the **Output** include log file settings (path, retention etc.), syslog settings + (server, UDP/TCP, message template etc.), path filtering (include C:, exclude C:\temp), operations + (Write File, Create File, Delete File, Create Share etc.), account filtering (exclude + DOMAIN\service-account1), protocol (CIFS, NFS), etc. + Children: File + See the [Output](/docs/activitymonitor/9.0/restapi/resources/output.md) topic for additional information. + +- File - Represents a log file created by a File Output - an actual .tsv, .json, or .zip file stored on + the agent or on a network share. A file can be downloaded. + +- Policy - Represents an Active Directory nonitoring policy. The API allows you to create new + policies, list, modify, and delete existing. + + + +Data is transmitted as JSON objects or as JSON Merge Patch for PATCH requests. Dates are formatted +in UTC using the `YYYY-MM-DDTHH:MM:SS` DateTime format. Security-sensitive data like passwords, +certificates, and access tokens are not returned by the GET requests but can be set using POST and +PATCH requests. + +## API + +The API supports the following: + +- GET – Returns a single resource or a list of resources. Additional parameters can be included in + the URL. A successful response returns a `200 OK `status. +- POST – Creates a new resource. The request body contains a JSON object, content type + `application/json`. A successful response returns a `201 Created` status. +- PATCH – Modifies a subset of attributes of the resource. The request body contains the change in + the JSON Merge Patch format + ([https://tools.ietf.org/html/rfc7396](https://tools.ietf.org/html/rfc7396)), content type + `application/merge-patch+json`. A successful response returns a `200 OK` status. +- DELETE – Deletes the resource. A successful response returns a `204 No Content status.` + +**GET /api/v1/agents** + +Lists all the agents managed by the API server. If the client has no `Read` permission, returns only +the current agent. + +- Permission – Read or Access activity data +- Response – Array of Agent + +**Permission: Read or Access activity data** + +Response: Array of Agent + +Response Example: + +``` +[ +  { +    "warnings": [], +    "safeModeStatus": "", +    "safeModeMessage": "", +    "archiveIsEnabled": false, +    "archivePath": "\\\\WRKST0100\\SBACTIVITYLOGS", +    "archiveUserName": "", +    "archiveMaxLocalSize": "5GB", +    "fpolicyPort": 9999, +    "fpolicyAuth": "NoAuth", +    "fpolicyIpWhitelist": [], +    "minLocalFreeSpace": "64MB", +    "ceeVcapsIsEnabled": false, +    "ceeVcapsInterval": 60, +    "ceeVcapsEvents": 100, +    "alertsIsEnabled": false, +    "alertsInactivityInterval": 360, +    "alertsReplayInterval": 360, +    "alertsInactivityCheckInterval": 10, +    "alertsSyslog": { +      "server": "", +      "protocol": "UDP", +      "separator": null +    }, +    "alertsEmail": { +      "server": "", +      "ssl": false, +      "userName": "", +      "from": "", +      "to": "", +      "subject": "" +    }, +    "hardeningIsEnabled": false, +    "safeModeIsEnabled": true, +    "dnsResolveIsEnabled": false, +    "siIpWhitelist": [], +    "apiServerIpWhitelist": [], +    "apiServerMgmtConsole": "WRKST0100", +    "id": "AGENT0", +    "url": "https://localhost:4494/api/v1/agents/AGENT0", +    "host": "192.168.1.124", +    "netbiosName": "VAGRANT-2016", +    "userName": "test01\\administrator", +    "domain": "TEST01", +    "machineSid": "S-1-5-21-1367674131-2422966069-737923105-1001", +    "osVersion": "6.2.9200.0", +    "isDC": false, +    "errorMessage": "", +    "installState": "Installed", +    "version": "4.1.119", +    "siInstallState": "Installed", +    "siVersion": "6.0.0.388", +    "managedBySI": false, +    "configVersion": "UFZXT9Fijt5mZ6GNOaoclaVMRy4=", +    "monitoredHostsUrl": "https://localhost:4494/api/v1/agents/AGENT0/hosts", +    "monitoredDomainUrl": "https://localhost:4494/api/v1/agents/AGENT0/domain", +    "apiServerIsEnabled": false, +    "apiServerPort": 4494 +  }, +  { +    "warnings": [], +    "safeModeStatus": null, +    "safeModeMessage": null, +    "archiveIsEnabled": false, +    "archivePath": "", +    "archiveUserName": "", +    "archiveMaxLocalSize": "5GB", +    "fpolicyPort": 9999, +    "fpolicyAuth": "NoAuth", +    "fpolicyIpWhitelist": [], +    "minLocalFreeSpace": "64MB", +    "ceeVcapsIsEnabled": false, +    "ceeVcapsInterval": 60, + "ceeVcapsEvents": 100, +    "alertsIsEnabled": false, +    "alertsInactivityInterval": 360, +    "alertsReplayInterval": 360, +    "alertsInactivityCheckInterval": 10, +    "alertsSyslog": { +      "server": "", +      "protocol": "UDP", +      "separator": null +    }, +    "alertsEmail": { +      "server": null, +      "ssl": false, +      "userName": null, +      "from": null, +      "to": null, +      "subject": "" +    }, +    "hardeningIsEnabled": false, +    "safeModeIsEnabled": true, +    "dnsResolveIsEnabled": false, +    "siIpWhitelist": [ +      "127.0.0.1", +      "::1" +    ], +    "apiServerIpWhitelist": null, +    "apiServerMgmtConsole": null, +    "id": "AGENT1", +    "url": "https://localhost:4494/api/v1/agents/AGENT1", +    "host": "nonexistent", +    "netbiosName": "nonexistent", +    "userName": "", +    "domain": "", +    "machineSid": "", +    "osVersion": "", +    "isDC": false, +    "errorMessage": "Cannot detect if an agent is installed. The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)", +    "installState": "Failed", +    "version": null, +    "siInstallState": "Failed", +    "siVersion": "", +    "managedBySI": false, +    "configVersion": null, +    "monitoredHostsUrl": "https://localhost:4494/api/v1/agents/AGENT1/hosts", +    "monitoredDomainUrl": "https://localhost:4494/api/v1/agents/AGENT1/domain", +    "apiServerIsEnabled": false, +    "apiServerPort": 4494 +  }, +  { +    "warnings": [], +    "safeModeStatus": "", +    "safeModeMessage": "", +    "archiveIsEnabled": false, +    "archivePath": "\\\\WRKST0100\\SBACTIVITYLOGS", +    "archiveUserName": "wrkst0100\\testuser", +    "archiveMaxLocalSize": "5GB", +    "fpolicyPort": 9999, +    "fpolicyAuth": "Server", +    "fpolicyIpWhitelist": [], +    "minLocalFreeSpace": "64MB", +    "ceeVcapsIsEnabled": false, +    "ceeVcapsInterval": 60, +    "ceeVcapsEvents": 100, +    "alertsIsEnabled": true, +    "alertsInactivityInterval": 360, +    "alertsReplayInterval": 360, +    "alertsInactivityCheckInterval": 10, +    "alertsSyslog": { +      "server": "12", +      "protocol": "UDP", +      "separator": null +    }, +    "alertsEmail": { +      "server": "", +      "ssl": false, +      "userName": "", +      "from": "", +      "to": "", +      "subject": "" +    }, +    "hardeningIsEnabled": false, +    "safeModeIsEnabled": true, +    "dnsResolveIsEnabled": false, +    "siIpWhitelist": [ +      "127.0.0.1", +      "::1" +    ], +    "apiServerIpWhitelist": [], +    "apiServerMgmtConsole": "WRKST0100", +    "id": "AGENT3", +    "url": "https://localhost:4494/api/v1/agents/AGENT3", +    "host": "WRKST0100", +    "netbiosName": "WRKST0100", +    "userName": "", +    "domain": "LOGIC-LAB", +    "machineSid": "", +    "osVersion": "6.2.9200.0", +    "isDC": false, +    "errorMessage": "", +    "installState": "Installed", +    "version": "4.1.119", +    "siInstallState": "NotInstalled", +    "siVersion": "", +    "managedBySI": false, +    "configVersion": "efkL3mKD8BJF/LtD/SC+ClS/xuE=", +    "monitoredHostsUrl": "https://localhost:4494/api/v1/agents/AGENT3/hosts", +    "monitoredDomainUrl": "https://localhost:4494/api/v1/agents/AGENT3/domain", +    "apiServerIsEnabled": false, +    "apiServerPort": 4494 +  } +] + +``` + +**POST /api/v1/agents** + +Adds a new agent but does not install it. The host attribute must be unique. + +- Permission – Modify agents +- Response Body – Agent +- Response – 201, Agent + +**Permission: Modify agents** + +Response Body: Agent + +**Response: 201, Agent** + +Required attributes: + +- host +- platformId + + - Values: + + - windows + - rhel8 (Redhat Enterprise Linux version 8 and 9 use the same "rhel8" platformId) + +- authenticationMethod + + - Values: + + - Password + - PublicKey + +- userName +- password +- privateKey (only required if PublicKey authenticationMethod is used) + +Request Body Example: + +``` +{ +    "host" : "SBNJQASAMDEV04", +    "platformId" : "windows", +    "authenticationMethod" : "Password", +    "userName" : "TESTDOMAIN\\TestUser1", +    "password" : "password123$" +} +``` + +**POST /api/v1/agents/«agentId»/deploy** + +Installs, upgrades, or uninstalls a single agent that is already added to the console. + +- Permission – `Modify agents` +- Response – 200 +- Required attributes: + + - operation + +Permission: `Modify agents` + +**Response: 200** + +Required attributes: + +**operation** + +The following attributes can be set: + +- operation + + - Values + + - install + - uninstall + +- install.adModule + + - Default – False + +- install.upgrade + + - Default – True + +- install.installPath +- install.managementGroup +- uninstall.remove + + - Default – False + +Request Body Structure: + +``` +{ +    "operation" : "string", +    "install" : { +        "adModule" : bool, +        "upgrade" : bool, +        "installPath" : "string", +        "managementGroup" : "string" +    }, +    "uninstall" : { +        "remove" : bool +    } +} +``` + +**POST /api/v1/agents/deploy** + +Installs, upgrades, or uninstalls a set of agents that are already added to the console. + +- Permission – Modify agents +- Response – 200 + +**Permission: Modify agents** + +Response: 200 + +**Required attributes** + +- operation +- agentsIds + +The following attributes can be set: + +- operation + + - Values + + - install + - uninstall + +- agentsIds +- install.adModule + + - Default – False + +- install.upgrade + + - Default – True + +- install.installPath +- install.managementGroup +- uninstall.remove + + - Default – False + +Request Body Structure: + +``` +{ +    "operation" : "string",  +    "agentsIds" : [ "string",  "string", "string", ... ], +    "install" : { +        "adModule" : bool, +        "upgrade" : bool, +        "installPath" : "string", +        "managementGroup" : "string" +    }, +    "uninstall" : { +        "remove" : bool +    } +} +``` + +**GET /api/v1/agents/«agentId»** + +Returns the agent by ID. If not found or no rights - 404. + +- Permission – Read or Access activity data +- Response – Agent (with or without details) + +**Permission: Read or Access activity data** + +Response: Agent (with or without details) + +**PATCH /api/v1/agents/«agentId»** + +Modifies a subset of attributes of the specified agent. + +- Permission – Modify agents +- Body: Content type – `application/merge-patch+json`, changes to the Agent in the JSON Merge Patch + format +- Response – 200, Agent + +**Permission: Modify agents** + +Body: Content type: `application/merge-patch+json`, changes to the Agent in the JSON Merge Patch +format + +**Response: 200, Agent** + +The following attributes can be modified: + +- `archive.isEnabled` +- `archive.path` +- `archive.password` +- `archive.userName` +- `archive.maxLocalSize` – Expected format: number of bytes +- `fpolicy.port` +- `fpolicy.auth` - `NoAuth` (default), `Server`, or `Mutual`. +- `fpolicy.ipWhitelist` +- `fpolicy.clientCertificate` +- `fpolicy.serverCertificate` – Must include a private key. +- `minLocalFreeSpace` – Expected format: number of bytes +- `cee.vcapsIsEnabled` +- `cee.vcapsInterval` +- `cee.vcapsEvents` +- `cee.httpEnabled` +- `cee.rpcEnabled` +- `cee.ipWhitelist` +- `inactivityAlerts.isEnabled` +- `inactivityAlerts.inactivityInterval` +- `inactivityAlerts.replayInterval` +- `inactivityAlerts.inactivityCheckInterval` +- `inactivityAlerts.syslog.server` – Must be a valid hostname of ip4/ip6 address. +- `inactivityAlerts.syslog.protocol` – `UDP` (default), `TCP`, or `TLS`. +- `inactivityAlerts.syslog.separator` – `Lf` (default), `Cr`, `CrLf`, `Nul`, or `Rfc5425`. +- `inactivityAlerts.syslog.template` +- `inactivityAlerts.email.server` – Must be a valid hostname of ip4/ip6 address. +- `inactivityAlerts.email.ssl` +- `inactivityAlerts.email.userName` +- `inactivityAlerts.email.password` +- `inactivityAlerts.email.from` +- `inactivityAlerts.email.to` +- `inactivityAlerts.email.subject` +- `inactivityAlerts.email.body` +- `ad.hardeningIsEnabled` +- `ad.safeModeIsEnabled` +- `ad.dnsResolveIsEnabled` +- `ad.siIpWhitelist` +- `panzura.port` +- `panzura.useCredentials` +- `panzura.username` +- `panzura.password` +- `panzura.ipWhitelist` +- `nutanix.port` +- `nutanix.ipWhitelist` +- `qumulo.port` +- `qumulo.ipWhitelist` +- `ctera.port` +- `ctera.ipWhitelist` +- `linux.serviceUsername` +- `dns.isEnabled` +- `dns.listenPort` +- `dns.parallelism` +- `dns.perfStatsTimeDebug` +- `dns.perfStatsTimeInfo` +- `dns.forwardDnsServer` +- `dns.cacheFile` +- `dns.successTtl` +- `dns.failedTtl` +- `dns.clientWaitTimeout` +- `dns.refreshThreshold` +- `dns.maxCacheSize` +- `dns.uselessAge` +- `dns.maxAttemptsToResolve` +- `dns.suffix` +- `adUsers.domainControllers` +- `adUsers.lookupTimeout` +- `adUsers.successCacheTtl` +- `adUsers.failedCacheTtl` +- `adUsers.maxCacheSize` +- `networkProxy.address` +- `networkProxy.useDefaultCredentials` +- `networkProxy.bypassProxyOnLocal` +- `networkProxy.userName` +- `networkProxy.password` +- `networkProxy.bypassList` +- `apiServerIpWhitelist` +- `apiServerMgmtConsole` +- `host` – Must be a unique and valid hostname or ip4/ip6 address. +- `userName` +- `password` +- `privateKey` +- `comment` +- `etwLogEnabled` +- `agentPort` +- `traceLevel` – `Trace`, `Debug`, `Info`, `Warning`, or `Error` +- `externaNicName` – Must be a valid NIC name of the agent. Use an empty string for auto detect. + +**DELETE /api/v1/agents/«AgentId»** + +Removes the agent without uninstalling it. + +- Permission – Modify agents +- Response – 204 + +**Permission: Modify agents** + +Response: 204 + +**GET /api/v1/domains** + +Returns an array of monitored domains, or only the current domain if the client has no `Read` +permission. + +- Permission – Read or Access activity data +- Response – Array of Domain + +**Permission: Read or Access activity data** + +Response: Array of Domain + +Response Example: + +``` +[ +  { +    "id": "TEST01", +    "url": "https://localhost:4494/api/v1/domains/TEST01", +    "name": "TEST01", +    "managedBySI": false, +    "outputs": [ +      { +        "id": "657eaa95f0804608acef581e728868e2", +        "url": "https://localhost:4494/api/v1/domains/TEST01/outputs/657eaa95f0804608acef581e728868e2", +        "domainId": "TEST01", +        "domainUrl": "https://localhost:4494/api/v1/domains/TEST01", +        "agentsIds": [], +        "isEnabled": true, +        "type": "LogFile", +        "logFile": { +          "format": "Json", +          "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\192.168.1.124_Log_.json", +          "archivePath": "", +          "daysToRetain": 10, +          "reportUserName": false, +          "reportUncPath": false, +          "addCToPath": true, +          "reportMilliseconds": false, +          "stealthAudit": true +        }, +        "syslog": null, +        "amqp": null, +        "fileFilter": null, +        "sharePointFilter": null, +        "comment": "", +        "managedBy": "", +        "windows": null +      }, +      { +        "id": "fe9eb58ef02e40b8ab4a3e02e51a9d95", +        "url": "https://localhost:4494/api/v1/domains/TEST01/outputs/fe9eb58ef02e40b8ab4a3e02e51a9d95", +        "domainId": "TEST01", +        "domainUrl": "https://localhost:4494/api/v1/domains/TEST01", +        "agentsIds": [], +        "isEnabled": true, +        "type": "Amqp", +        "logFile": null, +        "syslog": null, +        "amqp": { +          "server": "127.0.0.1:10001", +          "userName": "StealthINTERCEPT", +          "queue": "StealthINTERCEPT", +          "vhost": "" +        }, +        "fileFilter": null, + "sharePointFilter": null, +        "comment": "", +        "managedBy": "", +        "windows": null +      } +    ], +    "outputsUrl": "https://localhost:4494/api/v1/domains/TEST01/outputs", +    "agentsUrl": "https://localhost:4494/api/v1/domains/TEST01/agents", +    "masterAgentId": "AGENT0", +    "masterAgentUrl": "https://localhost:4494/api/v1/agents/AGENT0" +  } +] + +``` + +**GET /api/v1/domains/«domainId»** + +Returns the domain by its ID, or a 404 error if it is not found or the client lacks sufficient +permissions. + +- Permission – Read or Access activity data +- Response – Domain + +**Permission: Read or Access activity data** + +Response: Domain + +**GET /api/v1/agents/«agentId»/domain** + +Returns a domain monitored by the specified agent, or a 404 error if the domain is not found, the +client lacks the necessary permissions, or the agent is not monitoring AD activity. + +This endpoint is useful to get `Output` settings specific to the agent. Domain outputs are logical, +they are described once and used by all the domain controllers to create actual files/syslog/amqp +messages. However, there are some output fields that are different on each agent. For example, the +`archivePath`. If you need such agent-specific fields, use this endpoint. + +- Permission – Read or Access activity data +- Response – Domain + +**Permission: Read or Access activity data** + +Response: Domain + +**GET /api/v1/domains/«domainId»/agents** + +Returns the domain controllers (agents) monitoring the specified domain, or a 404 error if the +domain is not found or the client lacks the necessary permissions. + +- Permission – Read or Access activity data +- Response – Array of Agent + +**Permission: Read or Access activity data** + +Response: Array of Agent + +**GET /api/v1/domains/«domainId»/outputs** + +Returns the configured outputs for the specified domain, or 404 if no rights for the domain or the +domain was not found. + +- Permission – Read or Access activity data +- Response – Array of Output + +**Permission: Read or Access activity data** + +Response: Array of Output + +Response Example: + +``` +[ +  { +    "id": "657eaa95f0804608acef581e728868e2", +    "url": "https://localhost:4494/api/v1/domains/TEST01/outputs/657eaa95f0804608acef581e728868e2", +    "domainId": "TEST01", +    "domainUrl": "https://localhost:4494/api/v1/domains/TEST01", +    "agentsIds": [], +    "isEnabled": true, +    "type": "LogFile", +    "logFile": { +      "format": "Json", +      "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\192.168.1.124_Log_.json", +      "archivePath": "", +      "daysToRetain": 10, +      "reportUserName": false, +      "reportUncPath": false, +      "addCToPath": true, +      "reportMilliseconds": false, +      "stealthAudit": true +    }, +    "syslog": null, +    "amqp": null, +    "fileFilter": null, +    "sharePointFilter": null, +    "comment": "", +    "managedBy": "", +    "windows": null +  }, +  { +    "id": "fe9eb58ef02e40b8ab4a3e02e51a9d95", +    "url": "https://localhost:4494/api/v1/domains/TEST01/outputs/fe9eb58ef02e40b8ab4a3e02e51a9d95", +    "domainId": "TEST01", +    "domainUrl": "https://localhost:4494/api/v1/domains/TEST01", +    "agentsIds": [], +    "isEnabled": true, +    "type": "Amqp", +    "logFile": null, + "syslog": null, +    "amqp": { +      "server": "127.0.0.1:10001", +      "userName": "StealthINTERCEPT", +      "queue": "StealthINTERCEPT", +      "vhost": "" +    }, +    "fileFilter": null, +    "sharePointFilter": null, +    "comment": "", +    "managedBy": "", +    "windows": null +  } +] + +``` + +**GET /api/v1/domains/«domainId»/outputs/«outputId»** + +Returns the output for the specified domain, or a 404 error if the domain is not found or the client +lacks the necessary permissions. + +- Permission –Read or Access activity data +- Response – Output + +**Permission: Read or Access activity data** + +Response: Output + +Response Example: + +``` +{ +  "id": "657eaa95f0804608acef581e728868e2", +  "url": "https://localhost:4494/api/v1/domains/TEST01/outputs/657eaa95f0804608acef581e728868e2", +  "domainId": "TEST01", +  "domainUrl": "https://localhost:4494/api/v1/domains/TEST01", +  "agentsIds": [], +  "isEnabled": true, +  "type": "LogFile", +  "logFile": { +    "format": "Json", +    "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\192.168.1.124_Log_.json", +    "archivePath": "", +    "daysToRetain": 10, +    "reportUserName": false, +    "reportUncPath": false, +    "addCToPath": true, +    "reportMilliseconds": false, +    "stealthAudit": true +  }, +  "syslog": null, +  "amqp": null, +  "fileFilter": null, +  "sharePointFilter": null, +  "comment": "", +  "managedBy": "", +  "windows": null +} + +``` + +**POST /api/v1/domains/«domainId»/outputs** + +Adds a new output for the specified domain. + +- Permission – Modify hosts +- Response – 201, Output + +**Permission: Modify hosts** + +Response: 201, Output + +Required attributes: + +- type + - Values (Case Sensitive) + - LogFile + - Syslog + - Amqp +- syslog.server (Required only if Syslog is set to type) +- amqp.server (Required only if Amqp is set to type) + +Request Body Structure: + +``` +{           +    "type" : "string", +    "syslog" : { +        "server" : "string" +    }, +    "amqp" : { +        "server" : "string" +    } +} +``` + +**GET /api/v1/hosts** + +Returns a combined list of hosts monitored by all agents. If the client lacks Read permission, only +the hosts of the current agent are returned. + +- Permission – Read or Access activity data +- Response – Array of Host + +**Permission: Read or Access activity data** + +Response: Array of Host + +**GET /api/v1/hosts/«hostId»** + +Returns the specified host. If not found or no rights - 404. + +- Permission – Read or Access activity data +- Response – Host + +**Permission: Read or Access activity data** + +Response: Host + +Response Example: + +``` +{ +  "autoConfigureAuditing": false, +  "monitorAuditingStatus": false, +  "id": "Windows-wrkst0100", +  "url": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100", +  "host": "WRKST0100", +  "type": "Windows", +  "altHost": "", +  "userName": "", +  "outputs": [ +    { +      "id": "9c90791891774715bdb3415823790d7c", +      "url": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100/outputs/9c90791891774715bdb3415823790d7c", +      "hostId": "Windows-wrkst0100", +      "hostUrl": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100", +      "agentsIds": [ +        "AGENT3" +      ], +      "logsUrl": "https://localhost:4494/api/v1/logs/9c90791891774715bdb3415823790d7c", +      "isEnabled": false, +      "type": "LogFile", +      "logFile": { +        "format": "Tsv", +        "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\localhost_Log_.tsv", +        "archivePath": "\\\\WRKST0100\\SBACTIVITYLOGS\\WRKST0100\\WRKST0100_9c907918-9177-4715-bdb3-415823790d7c\\localhost_Log_.tsv", +        "daysToRetain": 11111, +        "reportUserName": false, +        "reportUncPath": false, +        "addCToPath": true, +        "reportMilliseconds": false, +        "stealthAudit": true +      }, +      "syslog": null, +      "amqp": null, +      "fileFilter": { +        "allowed": true, +        "denied": true, +        "cifs": true, +        "nfs": true, +        "read": true, +        "dirRead": false, +        "create": true, +        "dirCreate": true, +        "rename": true, +        "dirRename": true, +        "delete": true, +        "dirDelete": true, +        "update": true, +        "permission": true, +        "dirPermission": true, +        "readOptimize": false, +        "includePaths": [ +          "C:" +        ], +        "excludePaths": [], +        "excludeExtensions": [], +        "excludeProcesses": [], +        "excludeReadProccesses": [], +        "excludeAccounts": [], +        "filterGroups": false, +        "officeFiltering": true +      }, +      "sharePointFilter": null, +      "comment": "", +      "managedBy": "", +      "windows": { +        "vssCreation": true, +        "vssActivity": true, + "discardReorderedAcl": true, +        "discardInheritedAcl": false +      } +    }, +    { +      "id": "a556d7c3666d46babe895f2b9ce1316b", +      "url": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100/outputs/a556d7c3666d46babe895f2b9ce1316b", +      "hostId": "Windows-wrkst0100", +      "hostUrl": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100", +      "agentsIds": [ +        "AGENT3" +      ], +      "logsUrl": "https://localhost:4494/api/v1/logs/a556d7c3666d46babe895f2b9ce1316b", +      "isEnabled": false, +      "type": "LogFile", +      "logFile": { +        "format": "Tsv", +        "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\WRKST0100_E_Activity_Log_.Tsv", +        "archivePath": "\\\\WRKST0100\\SBACTIVITYLOGS\\WRKST0100\\WRKST0100_a556d7c3-666d-46ba-be89-5f2b9ce1316b\\WRKST0100_E_Activity_Log_.Tsv", +        "daysToRetain": 3, +        "reportUserName": false, +        "reportUncPath": false, +        "addCToPath": true, +        "reportMilliseconds": false, +        "stealthAudit": false +      }, +      "syslog": null, +      "amqp": null, +      "fileFilter": { +        "allowed": true, +        "denied": true, +        "cifs": true, +        "nfs": true, +        "read": false, +        "dirRead": false, +        "create": true, +        "dirCreate": true, +        "rename": true, +        "dirRename": true, +        "delete": true, +        "dirDelete": true, +        "update": true, +        "permission": true, +        "dirPermission": true, +        "readOptimize": false, +        "includePaths": [ +          "E:" +        ], +        "excludePaths": [], +        "excludeExtensions": [], +        "excludeProcesses": [ +          "SBTService.exe", +          "FSAC", +          "FPolicyServerSvc.exe", +          "CelerraServerSvc.exe", +          "FSACLoggingSvc.exe", +          "HitachiService.exe", +          "SIWindowsAgent.exe", +          "SIGPOAgent.exe", +          "SIWorkstationAgent.exe", +          "StealthAUDIT", +          "LogProcessorSrv.exe", +          "SearchIndexer.exe", +          "WindowsSearch.exe" +        ], +        "excludeReadProccesses": [], +        "excludeAccounts": [ +          "S-1-5-17", +          "S-1-5-18", +          "S-1-5-19", +          "S-1-5-20" +        ], +        "filterGroups": false, +        "officeFiltering": false +      }, +      "sharePointFilter": null, +      "comment": "Updates on E:", +      "managedBy": "", +      "windows": { +        "vssCreation": true, +        "vssActivity": true, +        "discardReorderedAcl": true, +        "discardInheritedAcl": true +      } +    }, +    { +      "id": "e7c98bc9e96a41d0813b35858a0475bd", +      "url": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100/outputs/e7c98bc9e96a41d0813b35858a0475bd", +      "hostId": "Windows-wrkst0100", +      "hostUrl": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100", +      "agentsIds": [ +        "AGENT3" +      ], +      "logsUrl": "https://localhost:4494/api/v1/logs/e7c98bc9e96a41d0813b35858a0475bd", +      "isEnabled": false, +      "type": "Syslog", +      "logFile": null, +      "syslog": { +        "reportUncPath": false, +        "addCToPath": true, +        "server": "192.168.1.1", +        "protocol": "UDP", +        "separator": "Lf" +      }, +      "amqp": null, +      "fileFilter": { +        "allowed": true, +        "denied": true, +        "cifs": true, +        "nfs": true, +        "read": false, +        "dirRead": false, +        "create": true, +        "dirCreate": true, +        "rename": true, +        "dirRename": true, +        "delete": true, +        "dirDelete": true, +        "update": true, +        "permission": true, +        "dirPermission": true, +        "readOptimize": false, +        "includePaths": [ +          "O:" +        ], +        "excludePaths": [], +        "excludeExtensions": [], +        "excludeProcesses": [ +          "SBTService.exe", +          "FSAC", +          "FPolicyServerSvc.exe", +          "CelerraServerSvc.exe", +          "FSACLoggingSvc.exe", +          "HitachiService.exe", +          "SIWindowsAgent.exe", +          "SIGPOAgent.exe", +          "SIWorkstationAgent.exe", +          "StealthAUDIT", +          "LogProcessorSrv.exe", +          "SearchIndexer.exe", +          "WindowsSearch.exe" +        ], +        "excludeReadProccesses": [], +        "excludeAccounts": [ +          "S-1-5-17", +          "S-1-5-18", +          "S-1-5-19", +          "S-1-5-20" +        ], +        "filterGroups": false, +        "officeFiltering": false +      }, +      "sharePointFilter": null, +      "comment": "SIEM feed", +      "managedBy": "", +      "windows": { +        "vssCreation": false, +        "vssActivity": false, +        "discardReorderedAcl": true, +        "discardInheritedAcl": false +      } +    } +  ], +  "outputsUrl": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100/outputs", +  "agentsUrl": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100/agents" +} + +``` + +**GET /api/v1/hosts/«hostId»/statusHistory** + +Returns a journal of status changes for the host, ordered by time in descending order. + +- Permission – Read +- Response – Array of Status + +**Permission: Read** + +Response: Array of Status + +**GET /api/v1/agents/«agentId»/hosts** + +Returns a list of hosts for the specified agent. If the agent is not found or the client lacks the +necessary permissions, a 404 error is returned. + +- Permission – Read or Access activity data +- Response – Array of Host + +**Permission: Read or Access activity data** + +Response: Array of Host + +**POST /api/v1/agents/«agentId»/hosts** + +Adds a new Host to be monitored by the specified agent. A host is added with at least one output. + +- Permission – Modify hosts +- Response Body – Host +- Response – 201, Host + +**Permission: Modify hosts** + +Response Body: Host + +**Response: 201, Host** + +Required Attributes: + +- type + - Values (Case Sensitive): + - AzureAD + - Celerra + - Ctera + - ExchangeOnline + - Hitachi + - Isilon + - Nasuni + - NetApp + - Nutanix + - Panzura + - PowerStore + - Qumulo + - SharePoint + - SharePointOnline + - SqlServer + - Unity + - Windows + - Linux +- host +- outputs + +Request Body Example: + +``` +{ +    "type" : "Windows", +    "host" : "SBNJQASAMDEV03", +    "outputs" : [ +        { +            "type" : "LogFile" +        } +    ] +} +``` + +**PATCH /api/v1/hosts/«hostId»** + +Modifies the host on all the agents that monitor the host. + +- Permission – Modify hosts +- Body – Content type: `application/merge-patch+json`, changes to the Host resource in the JSON + Merge Patch format +- Response – 200, Host + +**Permission: Modify hosts** + +Body: Content type: `application/merge-patch+json`, changes to the Host resource in the JSON Merge +Patch format + +**Response: 200, Host** + +The following attributes can be modified: + +- `host` ¬ must be a valid hostname or ip4/ip6 address +- `autoConfigureAuditing` +- `monitorAuditingStatus` +- `hostAliases` +- `userName` +- `password` +- `inactivityAlerts.isEnabled` +- `inactivityAlerts.useCustomSettings` +- `inactivityAlerts.inactivityInterval` +- `inactivityAlerts.replayInterval` +- `inactivityAlerts.inactivityCheckInterval` +- `inactivityAlerts.syslog.server` +- `inactivityAlerts.syslog.protocol` +- `inactivityAlerts.syslog.separator` +- `inactivityAlerts.syslog.template` +- `inactivityAlerts.email.server` +- `inactivityAlerts.email.ssl` +- `inactivityAlerts.email.userName` +- `inactivityAlerts.email.password` +- `inactivityAlerts.email.from` +- `inactivityAlerts.email.to` +- `inactivityAlerts.email.subject` +- `inactivityAlerts.email.body` +- `uidTranslate.isEnabled` +- `uidTranslate.domainController` +- `uidTranslate.port` +- `uidTranslate.options` +- `uidTranslate.container` +- `uidTranslate.scope` +- `uidTranslate.filter` +- `hitachi.uncLogPath` +- `hitachi.logFileName` +- `hitachi.pollingInterval` +- `spo.azure.domain` +- `spo.azure.azureCloud` +- `spo.azure.tenantId` +- `spo.azure.tenantName` +- `spo.azure.clientId` +- `spo.azure.clientSecret` +- `spo.azure.region` +- `azureAd.azure.domain` +- `azureAd.azure.azureCloud` +- `azureAd.azure.tenantId` +- `azureAd.azure.tenantName` +- `azureAd.azure.clientId` +- `azureAd.azure.clientSecret` +- `azureAd.azure.region` +- `exchangeOnline.azure.domain` +- `exchangeOnline.azure.azureCloud` +- `exchangeOnline.azure.tenantId` +- `exchangeOnline.azure.tenantName` +- `exchangeOnline.azure.clientId` +- `exchangeOnline.azure.clientSecret` +- `exchangeOnline.azure.region` +- `sharePoint.pollingInterval` +- `api.protocol` +- `api.certificate` +- `api.hostNameVerification` +- `api.channel` +- `sql.pollingInterval` +- `sql.tweakOptions` +- `netapp.nfs3EventName` +- `netapp.nfs3FailedEventName` +- `netapp.nfs4FailedEventName` +- `netapp.nfs4EventName` +- `netapp.cifsEventName` +- `netapp.cifsFailedEventName` +- `netapp.policyName` +- `netapp.externalEngineName` + +**PATCH /api/v1/agents/«agentId»/hosts/«hostId»** + +Modifies the host on the specified agent only. The method is useful to set agent-specific settings. + +- Permission – Modify hosts +- Body – Content type: `application/merge-patch+json`, changes to the Host resource in the JSON + Merge Patch format +- Response – 200, Host + +**Permission: Modify hosts** + +Body: Content type: `application/merge-patch+json`, changes to the Host resource in the JSON Merge +Patch format + +**Response: 200, Host** + +The following attributes can be modified: + +- `host` - must be a valid hostname or ip4/ip6 address +- `autoConfigureAuditing` +- `monitorAuditingStatus` +- hostAliases +- `userName` +- `password` +- `inactivityAlerts.isEnabled` +- `inactivityAlerts.useCustomSettings` +- `inactivityAlerts.inactivityInterval` +- `inactivityAlerts.replayInterval` +- `inactivityAlerts.inactivityCheckInterval` +- `inactivityAlerts.syslog.server` +- `inactivityAlerts.syslog.protocol` +- `inactivityAlerts.syslog.separator` +- `inactivityAlerts.syslog.template` +- `inactivityAlerts.email.server` +- `inactivityAlerts.email.ssl` +- `inactivityAlerts.email.userName` +- `inactivityAlerts.email.password` +- `inactivityAlerts.email.from` +- `inactivityAlerts.email.to` +- `inactivityAlerts.email.subject` +- `inactivityAlerts.email.body` +- `uidTranslate.isEnabled` +- `uidTranslate.domainController` +- `uidTranslate.port` +- `uidTranslate.options` +- `uidTranslate.container` +- `uidTranslate.scope` +- `uidTranslate.filter` +- `hitachi.uncLogPath` +- `hitachi.logFileName` +- `hitachi.pollingInterval` +- `spo.azure.domain` +- `spo.azure.azureCloud` +- `spo.azure.tenantId` +- `spo.azure.tenantName` +- `spo.azure.clientId` +- `spo.azure.clientSecret` +- `spo.azure.region` +- `azureAd.azure.domain` +- `azureAd.azure.azureCloud` +- `azureAd.azure.tenantId` +- `azureAd.azure.tenantName` +- `azureAd.azure.clientId` +- `azureAd.azure.clientSecret` +- `azureAd.azure.region` +- `exchangeOnline.azure.domain` +- `exchangeOnline.azure.azureCloud` +- `exchangeOnline.azure.tenantId` +- `exchangeOnline.azure.tenantName` +- `exchangeOnline.azure.clientId` +- `exchangeOnline.azure.clientSecret` +- `exchangeOnline.azure.region` +- `sharePoint.pollingInterval` +- `api.protocol` +- `api.certificate` +- `api.hostNameVerification` +- `api.channel` +- `sql.pollingInterval` +- `sql.tweakOptions` +- `netapp.nfs3EventName` +- `netapp.nfs3FailedEventName` +- `netapp.nfs4FailedEventName` +- `netapp.nfs4EventName` +- `netapp.cifsEventName` +- `netapp.cifsFailedEventName` +- `netapp.policyName` +- `netapp.externalEngineName` + +**DELETE /api/v1/hosts/«hostId»** + +Removes the host from being monitored from all the agents. + +- Permission – Modify hosts +- Response – 204 + +**Permission: Modify hosts** + +Response: 204 + +**DELETE /api/v1/agents/«agentId»/hosts/«hostId»** + +Removes the host from being monitored from the specified agent. + +- Permission – Modify hosts +- Response – 204 + +**Permission: Modify hosts** + +Response: 204 + +**GET /api/v1/hosts/«hostId»/outputs** + +Returns a list of outputs for the specified host. If the host is not found or the client lacks the +necessary permissions, a 404 error is returned. + +- Permission – Read or Access activity data +- Response – Array of Output + +**Permission: Read or Access activity data** + +Response: Array of Output + +**POST /api/v1/hosts/«hostId»/outputs** + +Adds a new output for the specified host on all agents that monitor the host. + +- Permission – Modify hosts +- Response – 201, Output + +**Permission: Modify hosts** + +Response: 201, Output + +Required Attributes: + +- type + - Values (Case Sensitive) + - LogFile + - Syslog + - Amqp +- syslog.server (Required only if Syslog is set to type) +- amqp.server (Required only if Amqp is set to type) + +Request Body Structure: + +``` +{           +    "type" : "string", +    "syslog" : { +        "server" : "string" +    }, +    "amqp" : { +        "server" : "string" +    } +} +``` + +**POST /api/v1/agents/«agentId»/hosts/«hostId»/outputs** + +Adds a new output for the specified host on the specified agent only. The method may be useful to +have agent-specific outputs but is not recommended. + +- Permission – Modify hosts +- Response – 201, Output + +**Permission: Modify hosts** + +Response: 201, Output + +Required attributes: + +- type + - Values (Case Sensitive) + - LogFile + - Syslog + - Amqp +- syslog.server (Required only if Syslog is set to type) +- amqp.server (Required only if Amqp is set to type) + +Request Body Structure: + +``` +{           +    "type" : "string", +    "syslog" : { +        "server" : "string" +    }, +    "amqp" : { +        "server" : "string" +    } +} +``` + +**GET /api/v1/hosts/«hostId»/outputs/«outputId»** + +Returns the specified output of the host. If the host or output is not found, or the client lacks +the necessary permissions, a 404 error is returned. + +- Permission – Read or Access activity data +- Response – Output + +**Permission: Read or Access activity data** + +Response: Output + +Response Example: + +``` +{ +  "id": "a556d7c3666d46babe895f2b9ce1316b", +  "url": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100/outputs/a556d7c3666d46babe895f2b9ce1316b", +  "hostId": "Windows-wrkst0100", +  "hostUrl": "https://localhost:4494/api/v1/hosts/Windows-wrkst0100", +  "agentsIds": [ +    "AGENT3" +  ], +  "logsUrl": "https://localhost:4494/api/v1/logs/a556d7c3666d46babe895f2b9ce1316b", +  "isEnabled": false, +  "type": "LogFile", +  "logFile": { +    "format": "Tsv", +    "path": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\WRKST0100_E_Activity_Log_.Tsv", +    "archivePath": "\\\\WRKST0100\\SBACTIVITYLOGS\\WRKST0100\\WRKST0100_a556d7c3-666d-46ba-be89-5f2b9ce1316b\\WRKST0100_E_Activity_Log_.Tsv", +    "daysToRetain": 3, +    "reportUserName": false, +    "reportUncPath": false, +    "addCToPath": true, +    "reportMilliseconds": false, +    "stealthAudit": false +  }, +  "syslog": null, +  "amqp": null, +  "fileFilter": { +    "allowed": true, +    "denied": true, +    "cifs": true, +    "nfs": true, +    "read": false, +    "dirRead": false, +    "create": true, +    "dirCreate": true, +    "rename": true, +    "dirRename": true, +    "delete": true, +    "dirDelete": true, +    "update": true, +    "permission": true, +    "dirPermission": true, +    "readOptimize": false, +    "includePaths": [ +      "E:" +    ], +    "excludePaths": [], +    "excludeExtensions": [], +    "excludeProcesses": [ +      "SBTService.exe", +      "FSAC", +      "FPolicyServerSvc.exe", +      "CelerraServerSvc.exe", +      "FSACLoggingSvc.exe", +      "HitachiService.exe", +      "SIWindowsAgent.exe", +      "SIGPOAgent.exe", +      "SIWorkstationAgent.exe", +      "StealthAUDIT", +      "LogProcessorSrv.exe", +      "SearchIndexer.exe", +      "WindowsSearch.exe" +    ], +    "excludeReadProccesses": [], +    "excludeAccounts": [ +      "S-1-5-17", +      "S-1-5-18", +      "S-1-5-19", +      "S-1-5-20" +    ], +    "filterGroups": false, +    "officeFiltering": false +  }, +  "sharePointFilter": null, +  "comment": "Updates on E:", +  "managedBy": "", +  "windows": { +    "vssCreation": true, +    "vssActivity": true, +    "discardReorderedAcl": true, +    "discardInheritedAcl": true +  } +} + +``` + +**GET /api/v1/hosts/«hostId»/outputs/«outputId»/statusHistory** + +Returns a journal of status changes for the output, ordered by time in descending order. + +- Permission – Read +- Response – Array of Status + +**Permission: Read** + +Response: Array of Status + +**PATCH /api/v1/hosts/«hostId»/outputs/«outputId»** + +Modifies the specified output on all the agents that monitor the host. + +- Permission – Modify hosts +- Body – content type: `application/merge-patch+json`, changes to the Output resource in the JSON + Merge Patch format + +**Permission: Modify hosts** + +Body: content type: `application/merge-patch+json`, changes to the Output resource in the JSON Merge +Patch format + +**Response: 200, Output** + +The following attributes can be modified: + +- `comment` +- `isEnabled` +- `managedBy` +- `type` ¬ for `LogFile`, the `logFile` attribute must be set; for `Syslog` ¬ the `syslog` + attribute; for `Amqp` ¬ the `amqp` attribute. +- `windows.discardInheritedAcl` +- `windows.discardReorderedAcl` +- `windows.vssActivity` +- `windows.vssCreation` +- `amqp.server` - must be a a vaild hostname or ip4/ip6 address. +- `amqp.userName` +- `amqp.password` +- `amqp.vhost` +- `amqp.queue` +- `fileFilter.cifs` +- `fileFilter.nfs` +- `fileFilter.create` +- `fileFilter.delete` +- `fileFilter.dirCreate` +- `fileFilter.dirDelete` +- `fileFilter.dirPermission` +- `fileFilter.dirRead` +- `fileFilter.dirRename` +- `fileFilter.excludeExtensions` +- `fileFilter.excludeProcesses` +- `fileFilter.excludeReadProccesses` +- `fileFilter.filterGroups` +- `fileFilter.officeFiltering` +- `fileFilter.permission` +- `fileFilter.read` +- `fileFilter.readOptimize` +- `fileFilter.rename` +- `fileFilter.update` +- `logFile.addCToPath` +- `logFile.archivePath` +- `logFile.daysToRetain` +- `logFile.format` - `Tsv` or `Json` +- `logFile.path` +- `logFile.reportMilliseconds` +- `logFile.reportUncPath` +- `logFile.reportUserName` +- `logFile.stealthAudit` +- `syslog.protocol` - `UDP` (default), `TCP`, `TLS` +- `syslog.addCToPath` +- `syslog.reportUncPath` +- `syslog.separator` - `Lf` (default), `Cr`, `CrLf`, `Nul`, or `Rfc5425` +- `syslog.server` - must be a vaild hostname or ip4/ip6 address. + +For File System hosts: + +- `fileFilter.excludeAccounts` +- `fileFilter.includePaths` ¬ Depreciated. Has been replaced by 'pathFilters'. +- `fileFilter.excludePaths` ¬ Depreciated. Has been replaced by 'pathFilters'. +- `fileFilter.pathFilters` ¬ An ordered array of strings where each element has `{+/-}path` format. + `+` means include path, `-` means exclude path. `?`, `*`, and `**` wildcards are supported. + Example: `['+c:/windows/**', '-c:/temp/**']` + +For SharePoint hosts: + +- `sharePointFilter.excludeAccounts` +- `sharePointFilter.excludeUrls` +- `sharePointFilter.includeUrls` +- `sharePointFilter.operations` - `CheckOut`, `CheckIn`, `View`, `Delete`, `Update`, + `ProfileChange`, `ChildDelete`, `SchemaChange`, `Undelete`, `Workflow`, `Copy`, `Move`, + `AuditMaskChange`, `Search`, `ChildMove`, `FileFragmentWrite`, `SecGroupCreate`, `SecGroupDelete`, + `SecGroupMemberAdd`, `SecGroupMemberDel`, `SecRoleDefCreate`, `SecRoleDefDelete`, + `SecRoleDefModify`, `SecRoleDefBreakInherit`, `SecRoleBindUpdate`, `SecRoleBindInherit`, + `SecRoleBindBreakInherit`, `EventsDeleted`, `AppPermissionGrant`, `AppPermissionDelete`, `Custom` + +**PATCH /api/v1/agents/«agentId»/hosts/«hostId»/outputs/«outputId»** + +Modifies the specified output on the specified agent only. The method may be useful to set +agent-specific attributes. + +- Permission – Modify hosts +- Body – content type: `application/merge-patch+json`, changes to the Output resource in the JSON + Merge Patch format +- Response – 200, Output + +**Permission: Modify hosts** + +Body: content type: `application/merge-patch+json`, changes to the Output resource in the JSON Merge +Patch format + +**Response: 200, Output** + +The following attributes can be modified: + +- `comment` +- `isEnabled` +- `managedBy` +- `type` - for `LogFile`, the `logFile` attribute must be set; for `Syslog` ¬ the `syslog` + attribute; for `Amqp` ¬ the `amqp` attribute. +- `windows.discardInheritedAcl` +- `windows.discardReorderedAcl` +- `windows.vssActivity` +- `windows.vssCreation` +- `amqp.server` ¬ must be a a vaild hostname or ip4/ip6 address. +- `amqp.userName` +- amqp.password +- `amqp.vhost` +- `amqp.queue` +- `fileFilter.cifs` +- `fileFilter.nfs` +- `fileFilter.create` +- `fileFilter.delete` +- `fileFilter.dirCreate` +- `fileFilter.dirDelete` +- `fileFilter.dirPermission` +- `fileFilter.dirRead` +- `fileFilter.dirRename` +- `fileFilter.excludeExtensions` +- `fileFilter.excludeProcesses` +- `fileFilter.excludeReadProccesses` +- `fileFilter.filterGroups` +- `fileFilter.officeFiltering` +- `fileFilter.permission` +- `fileFilter.read` +- `fileFilter.readOptimize` +- `fileFilter.rename` +- `fileFilter.update` +- `logFile.addCToPath` +- `logFile.archivePath` +- `logFile.daysToRetain` +- `logFile.format` - `Tsv` or `Json` +- `logFile.path` +- `logFile.reportMilliseconds` +- `logFile.reportUncPath` +- `logFile.reportUserName` +- `logFile.stealthAudit` +- `syslog.protocol` - `UDP` (default), `TCP`, `TLS` +- `syslog.addCToPath` +- `syslog.reportUncPath` +- `syslog.separator` - `Lf` (default), `Cr`, `CrLf`, `Nul`, or `Rfc5425` +- `syslog.server` - must be a vaild hostname or ip4/ip6 address. + +For File System hosts: + +- `fileFilter.excludeAccounts` +- `fileFilter.includePaths` ¬ Depreciated. Has been replaced by 'pathFilters'. +- `fileFilter.excludePaths` ¬ Depreciated. Has been replaced by 'pathFilters'. +- `fileFilter.pathFilters` ¬ an ordered array of strings where each element has `{+/-}path` format. + `+` means include path, `-` means exclude path. `?`, `*`, and `**` wildcards are supported. + Example: `['+c:/windows/**', '-c:/temp/**']` + +For SharePoint hosts: + +- `sharePointFilter.excludeAccounts` +- `sharePointFilter.excludeUrls` +- `sharePointFilter.includeUrls` +- `sharePointFilter.operations` - `CheckOut`, `CheckIn`, `View`, `Delete`, `Update`, + `ProfileChange`, `ChildDelete`, `SchemaChange`, `Undelete`, `Workflow`, `Copy`, `Move`, + `AuditMaskChange`, `Search`, `ChildMove`, `FileFragmentWrite`, `SecGroupCreate`, `SecGroupDelete`, + `SecGroupMemberAdd`, `SecGroupMemberDel`, `SecRoleDefCreate`, `SecRoleDefDelete`, + `SecRoleDefModify`, `SecRoleDefBreakInherit`, `SecRoleBindUpdate`, `SecRoleBindInherit`, + `SecRoleBindBreakInherit`, `EventsDeleted`, `AppPermissionGrant`, `AppPermissionDelete`, `Custom` + +**GET /api/v1/hosts/«hostId»/agents** + +Returns a list of agents monitoring the specified host. + +- Permission – Read or Access activity data +- Response – Array of Agent + +**Permission: Read or Access activity data** + +Response: Array of Agent + +**GET /api/v1/logs/«outputId»?includeLocal=true&includeArchived=false** + +Returns a list of files produced by the specified output. + +**Parameters:** + +| Name | Type | Default | Description | +| --------------- | ---- | ------- | ---------------------------------------------- | +| includeLocal | bool | true | Return log files on a local drive of the agent | +| includeArchived | bool | false | Return log files in the archival location | + +- Permission – Read or Access activity data +- Response – Array of File + +**Permission: Read or Access activity data** + +Response: Array of File + +Response Example: + +``` +[ +  { +    "id": "localhost_Log_20190419.tsv", +    "size": 20619226, +    "localPath": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\localhost_Log_20190419.tsv", +    "isZip": false, +    "isArchived": false, + "type": "Tsv", +    "updatedAt": "2019-04-19T10:17:32.0546644Z", +    "activityFrom": "2019-04-15T14:30:51", +    "activityTo": "2019-04-19T10:17:32", +    "outputId": "9c90791891774715bdb3415823790d7c", +    "contentUrl": "https://localhost:4494/api/v1/logs/get/localhost_Log_20190419.tsv" +  }, +  { +    "id": "localhost_Log_20190419.tsv.zip", +    "size": 1413338, +    "localPath": "C:\\ProgramData\\Netwrix\\Activity Monitor\\Agent\\ActivityLogs\\localhost_Log_20190419.tsv.zip", +    "isZip": true, +    "isArchived": false, +    "type": "Tsv", +    "updatedAt": "2019-04-19T10:17:32.0546644Z", +    "activityFrom": "2019-04-15T14:30:51", +    "activityTo": "2019-04-19T10:17:32", +    "outputId": "9c90791891774715bdb3415823790d7c", +    "contentUrl": "https://localhost:4494/api/v1/logs/get/localhost_Log_20190419.tsv.zip" +  }, +  { +    "id": "localhost_Log_20290410.tsv.zip", +    "size": 16861634, +    "localPath": "\\\\WRKST0100\\SBACTIVITYLOGS\\WRKST0100\\WRKST0100_9c907918-9177-4715-bdb3-415823790d7c\\localhost_Log_20290410.tsv.zip", +    "isZip": true, +    "isArchived": true, +    "type": "Tsv", +    "updatedAt": "2019-04-10T02:01:42.4996667Z", +    "activityFrom": "2019-04-05T18:16:57", +    "activityTo": "2019-04-10T02:01:45", +    "outputId": "9c90791891774715bdb3415823790d7c", +    "contentUrl": "https://localhost:4494/api/v1/logs/archive/get/WRKST0100/WRKST0100_9c907918-9177-4715-bdb3-415823790d7c/localhost_Log_20290410.tsv.zip" +  } +] + +``` + +**GET /api/v1/domains/«domainId»/policies** + +Returns an array of existing policies for the specified domain. + +- Permission – Read +- Response – Array of Policies + +**Permission: Read** + +Response: Array of Policies + +Response Example: + +``` +[ +  { +    "id": "10013", +    "url": "https://localhost:4494/api/v1/domains/TEST01/policies/10013", +    "name": "LDAP Monitor", +    "description": "", +    "path": "Policies\\Auditing", +    "guid": "8f5e4870-6d28-4f32-af18-2e6e6ed623ce", +    "isEnabled": true, +    "updatedAt": "2019-04-19T10:17:32.0546644Z" +  }, +  { +    "id": "10014", +    "url": "https://localhost:4494/api/v1/domains/TEST01/policies/10014", +    "name": "Authentication Monitor", +    "description": "", +    "path": "Policies\\Auditing", +    "guid": "8f5e4870-6d28-4f32-af18-2e6e6ed623cf", +    "isEnabled": true, +    "updatedAt": "2019-04-19T10:17:32.0546644Z" +  } + ] + +``` + +**POST /api/v1/domains/«domainId»/policies** + +Creates a new policy for the specified domain using the provided XML. ID and GUID attributes in the +XML are ignored, and new values are assigned. + +**Permission: Policy change** + +Input: + +- Content type ¬ application/json, Body: Policy, `xml` is required. Other fields, if set, replace + values in XML. +- Content type ¬ application/xml, Body: XML of the policy to be created + +**Response: 201, Policy** + +Required attributes: + +- xml + +**PATCH /api/v1/domains/«domainId»/policies/«policyId»** + +Modifies attributes of the policy. If XML is updated, ID and GUID attributes in the XML are ignored, +and existing values are preserved. + +**Permission: Policy change** + +Input: + +- Content type: application/merge-patch+json, Body: JSON Merge Patch of Policy. + +**Response: 200, Policy** + +Response Example: + +``` +  { +    "id": "10014", +    "url": "https://localhost:4494/api/v1/domains/TEST01/policies/10014", +    "name": "Authentication Monitor", +    "description": "", +    "path": "Policies\\Auditing", +    "guid": "8f5e4870-6d28-4f32-af18-2e6e6ed623cf", +    "isEnabled": false, +    "updatedAt": "2019-06-19T10:11:12Z" +    "xml": "......" +  } + +``` + +Request body example: + +``` +{ +  "isEnabled": false +} +``` + +**DELETE /api/v1/domains/«domainId»/policies/«policyId»** + +Deletes the specified policy. + +- Permission – Policy change +- Response – 204 + +**Permission: Policy change** + +Response: 204 diff --git a/docs/activitymonitor/9.0/restapi/security.md b/docs/activitymonitor/9.0/restapi/security.md new file mode 100644 index 0000000000..8584763f91 --- /dev/null +++ b/docs/activitymonitor/9.0/restapi/security.md @@ -0,0 +1,84 @@ +--- +title: "Security and Access Control" +description: "Security and Access Control" +sidebar_position: 10 +--- + +# Security and Access Control + +## Security + +The REST-style API is exposed via TLS v1.2, with a self-signed certificate by default. The port is +customizable, 4494 by default. The IP whitelist can be used to restrict access to the port. + +You can use the Activity Monitor Console to allow applications to access the API, change +permissions, or revoke access. The console generates unique Client ID and Secret for each +application. + +### Authentication + +OAuth 2.0 client-credentials grant is used for authentication. A pair of Client ID and Secret are +used to obtain an access token from the access token URL: `https://localhost:4494/api/v1/token`. +Token expiration intervals are not configurable. + +| Type | Expires in | +| ------------- | ---------- | +| Client Secret | 72 hours | +| Access Token | 7 days | +| Refresh Token | never | + +It is considered a best practice to use short expiration periods for OAuth 2.0 tokens, like 1 hour +for the access token. A shorter period allows you to revoke the access quicker if needed. In case of +Activity Monitor, the Agent is both the authentication server and the resource server. Therefore, it +can validate the token on each and every access to a resource. So, for Activity Monitor long +expiration periods do not make the protocol less secure. + +A client is expected to pass the access token in the `Authorization` request header. + +:::note +**Use a client library that is secure and fully implements the OAuth 2.0 protocol.** The +sample below shows just a piece of OAuth 2 interaction. +::: + + +``` +curl -X POST -d "client_id=&client_secret=&grant_type=client_credentials" https://:4494/api/v1/token --insecure +{"access_token":"AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAAZpRDOzeUzUikVK9ydmsV1QAAAAACAAAAAAAQZgAAAAEAACAAAAAFzYG4Tasvowq939pou5ADE883Ns2DV-X6_S20RMDcwAAAAAAOgAAAAAIAACAAAAB1IcZrZavgp2Ab63P +8kbCr7NwopOsfz0SeSaXjKVhVC-AAAACix_0klwXoiwiqTZTlaUXCqn9MkquZC84ew9E0-E_vu6FNJ6NDLj7MGCPR-mCi4MRmwr6TYtZ_XfAXRtSh66gbABv-gTnmimruLRWxN2is5twUl563kGpHqnbKydqPNgOy4gXxgR_V08kFut2qPxZ +LsN14yK8Prp1paaQy4-mhONaFIrVx7bOmVIdfVnjEYjwIRdd9QjQEY3wJtnDIEBWi2s-6uYo8tcCEztPiraBpLJC3Tib8NQYu_YxwbzeRun_h2KZOMewLzkfZGS2h9SvvnlxECQ0G5PEfslnAEwC7VEAAAAAxZTm06tyRQNMbw_bLr4FiZi0 +y-QipaafBBRtm83q-l6bG9bQ-C1Hr19-0H6KgzDb3_JJWxxNmGdD-wG95wjlD","token_type":"bearer","expires_in":604799,"refresh_token":"AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAAZpRDOzeUzUikVK9ydmsV1QAAAA +ACAAAAAAAQZgAAAAEAACAAAAAocNSP3GFuJ0RK_1dsX5uSR4dmiqzhV7-LYhc9sYbF2gAAAAAOgAAAAAIAACAAAABQuudDm06II62U6vM2u9CczyRa1siP-H3WfP6iDYOmh-AAAADjzqzTweG14Gngd68rC3BX4GA4kBR5FA8JVVly3KHUS2 +Q-SD9q4S9C3yLZxv2k_zGr2YA_bVdfZ78vRCUYC3QgbpJTjzYPWnPNW5RsqLLtd47h6THU5Wc0RkoBG4c8gB569Jvl0WkAG3xJFHitbUQISYbSosd-cIW4JZkHzcT3zkPgAtLkNyhqQd1g1jgCzP63MCAFq1AN2NB2wLCk_jNRi8aypxR1Ty +F5HpSlZ6QzVNycMNeckayAEOCAUAXwx_tBVhqvUwn7YEF_bT2WYoW9boU_IUzWKtO8R5MXsVR6aEAAAAATVk3stUcghjkgv6abuLddE9Hf2S0o9Gpmp4UPallX6dIbAvm10f-De1aTU-jG7LJMdAv2PKVyuGiyUzI-DE0K"} + +``` + +### Authorization + +A user assigns permissions to a client application. Permissions can be combined. + +Activity Monitor 9.0 permissions: + +| Permission | Description | +| -------------------- | --------------------------------------------------------------------------------------------------------------------------- | +| Access activity data | Provides minimal access rights to list and download the log files. | +| Read | Read-only access to all the information about all agents, domains, and hosts. Does not allow one to download the log files. | +| Policy change | Add, modify, and delete the AD monitoring policies. | +| Modify host | Add, modify, enable, disable, and delete Hosts and their Outputs. | +| Modify agent | Add, modify, and delete agents. | + +An unauthorized request fails with `401 Unauthorized` (instead of `403 Forbidden`) when the resource is +specified explicitly, by ID. For collections, the API Server removes unauthorized resources from +results. + +`Access activity data` is special. It provides limited information only about the agent which hosts +the API server, limited monitored domain information, limited monitored hosts/services information, and +outputs - just enough to get information about the log files. See "Detailed Only" column in the next +section for the list of attributes not included into the limited information. + +Here is how the permissions affect the returned resources: + +| Permission\Resource | Agent | Host | Domain | Output | Policy | Log File | +| -------------------- | ------------------------------ | -------------------------------------- | --------------------------------------- | ---------------------------------------- | ------ | ----------------------- | +| Read | All agents, all info | All hosts, all info | All domains, all info | All | All | None | +| Access activity data | Only this agent. Limited info. | This agent's hosts only. Limited info. | This agent's domain only. Limited info. | Outputs of this agent's hosts and domain | None | All files of this agent | diff --git a/docs/activitymonitor/9.0/siem/_category_.json b/docs/activitymonitor/9.0/siem/_category_.json new file mode 100644 index 0000000000..97ac249831 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "SIEM Integrations", + "position": 70, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/siem/overview.md b/docs/activitymonitor/9.0/siem/overview.md new file mode 100644 index 0000000000..d21156690a --- /dev/null +++ b/docs/activitymonitor/9.0/siem/overview.md @@ -0,0 +1,22 @@ +--- +title: "SIEM Integrations" +description: "SIEM Integrations" +sidebar_position: 70 +--- + +# SIEM Integrations + +Netwrix activity monitoring solutions enable organizations to successfully, efficiently, +and affordably monitor file access and permission changes across Windows and Network Attached +Storage (NAS) file systems in real-time. Using preconfigured Netwrix Activity Monitor Apps, +users can quickly understand all file activities as a whole, for specific resources or users, as +well as patterns of activity indicative of threats such as crypto ransomware or data exfiltration +attempts. With full control over the data, users can create custom searches, all while enabling apps +to correlate file system activity with any log source. + +Preconfigured Netwrix Activity Monitor Apps are: + +- Splunk - See the [File Activity Monitor App for Splunk](/docs/activitymonitor/9.0/siem/splunk/overview.md) topic for additional + information +- QRadar - See the [Netwrix File Activity Monitor App for QRadar](/docs/activitymonitor/9.0/siem/qradar/overview.md) topic for + additional information diff --git a/docs/activitymonitor/9.0/siem/qradar/_category_.json b/docs/activitymonitor/9.0/siem/qradar/_category_.json new file mode 100644 index 0000000000..82c7f803f7 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Netwrix File Activity Monitor App for QRadar", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/siem/qradar/app/_category_.json b/docs/activitymonitor/9.0/siem/qradar/app/_category_.json new file mode 100644 index 0000000000..58035c056d --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "File Activity Monitor App for QRadar", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "app" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/siem/qradar/app/about.md b/docs/activitymonitor/9.0/siem/qradar/app/about.md new file mode 100644 index 0000000000..7b577b29f0 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/about.md @@ -0,0 +1,13 @@ +--- +title: "About Dashboard" +description: "About Dashboard" +sidebar_position: 70 +--- + +# About Dashboard + +The About dashboard provides information about the application. + +![About Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/aboutdashboard.webp) + +Information on how to obtain a license for the applicable Netwrix software is included. diff --git a/docs/activitymonitor/9.0/siem/qradar/app/app.md b/docs/activitymonitor/9.0/siem/qradar/app/app.md new file mode 100644 index 0000000000..a6762fd75f --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/app.md @@ -0,0 +1,44 @@ +--- +title: "File Activity Monitor App for QRadar" +description: "File Activity Monitor App for QRadar" +sidebar_position: 10 +--- + +# File Activity Monitor App for QRadar + +Netwrix Activity Monitor App for QRadar (File Activity Monitor tab) contains several +predefined dashboards: File Activity (Home), Ransomware, Permission Changes, Deletions, User +Investigation, and Host Investigation. There is also an About dashboard with additional information +and a Settings interface for configuring the QRadar SEC token. + +![file_activity_monitor_app](/images/activitymonitor/9.0/siem/qradar/file_activity_monitor_app.webp) + +The User Investigation and Host Investigation dashboards only appear when a search is conducted. +This can be done by clicking a hyperlink within the Username or Destination IP columns of a table +card. Alternatively, type the complete user name or host IP Address in the Search box on the right +side of the navigation bar. + +## Table Card Features + +Within the dashboards are several cards with a tabular format. Each of these cards have the +following features: + +- Only five pages of data will be loaded at a time. Applying the Search or Sort features or moving + beyond the five ‘loaded’ pages will result in a “Processing” banner being temporarily displayed + over the table while the server is directly queried for the necessary data. +- Search data entries for the Username, Destination IP, and File Path columns by typing in the + Search box in the upper-right corner of the card: + + - Any entries with a match will remain in the table, all non-matching entries will be filtered + out. + - Total number of entries “Showing” will adjust for the filtered total. + - Search can also apply to the Operation column, but only for exact matches. + +- Sort can be applied to one column at a time by clicking on the desired column header. +- Show 10, 25, 100, or All entries in the table. Only visible entries can be exported. +- Result data currently visible within the table page displayed can be exported from the dashboard: + + - Copy – Copy to clipboard in order to paste to another application + - CSV – Export to a Comma Separated Value file + - Excel – Export to an Excel Workbook file + - Print – Send currently displayed table to printer diff --git a/docs/activitymonitor/9.0/siem/qradar/app/deletions.md b/docs/activitymonitor/9.0/siem/qradar/app/deletions.md new file mode 100644 index 0000000000..828f3c9d5b --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/deletions.md @@ -0,0 +1,25 @@ +--- +title: "Deletions Dashboard" +description: "Deletions Dashboard" +sidebar_position: 40 +--- + +# Deletions Dashboard + +The Deletions dashboard contains the following cards: + +![Deletions Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/deletionsdashboard.webp) + +- Activity – Timeline of all deletion events over the specified time interval +- Top Users – Displays up-to the top five users associated with deletion events over the specified + time interval +- Latest Events – Tabular format of all deletion events which occurred over the specified time + interval + + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +The time interval is identified in the upper-right corner with the Start and End boxes. This is set +by default to the “past day,” or 24 hours. To search within a different interval, either manually +type the desired date and time or use the calendar buttons to set the desired date and time +interval. Then click Search to refresh the card data. diff --git a/docs/activitymonitor/9.0/siem/qradar/app/home.md b/docs/activitymonitor/9.0/siem/qradar/app/home.md new file mode 100644 index 0000000000..a0855f8b25 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/home.md @@ -0,0 +1,36 @@ +--- +title: "Home Dashboard" +description: "Home Dashboard" +sidebar_position: 10 +--- + +# Home Dashboard + +The File System Activity Home dashboard contains the following cards: + +![Home Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/homedashboard.webp) + +- Active Users – Number of distinct users recorded performing any type of file activity to/from any + host over the specified time interval +- Active Servers – Number of distinct servers accessed (destination IP Addresses) with any type of + file activity recorded over the specified time interval +- Open Offenses – Number of ransomware offenses detected within QRadar from the file activity event + data + + - The value for this card is a hyperlink to the [Ransomware Dashboard](/docs/activitymonitor/9.0/siem/qradar/app/ransomware.md). + +- File Activity – Timeline of all file activity over the specified time interval +- Top Users – Displays up-to the top five users associated with file activity over the specified + time interval +- Top Servers – Displays up-to the top five servers (destination IP Addresses) associated with file + activity over the specified time interval +- Latest Events – Tabular format of all file activity events which occurred over the specified time + interval + + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +The time interval is identified in the upper-right corner with the Start and End boxes. This is set +by default to the “past day,” or 24 hours. To search within a different interval, either manually +type the desired date and time or use the calendar buttons to set the desired date and time +interval. Then click Search to refresh the card data. diff --git a/docs/activitymonitor/9.0/siem/qradar/app/hostinvestigation.md b/docs/activitymonitor/9.0/siem/qradar/app/hostinvestigation.md new file mode 100644 index 0000000000..7bc4275f67 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/hostinvestigation.md @@ -0,0 +1,40 @@ +--- +title: "Host Investigation Dashboard" +description: "Host Investigation Dashboard" +sidebar_position: 60 +--- + +# Host Investigation Dashboard + +The Host Investigation dashboard only appears when a search is conducted. This can be done by +clicking a hyperlink within the Destination IP column of a table card. Alternatively, type the +complete host IP Address in the Search box on the right side of the navigation bar. + +![Home Investigation Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/userinvestigationdashboard.webp) + +The Host Investigation dashboard contains the following cards: + +- Total Actions – Number of all file activity events associated with the host over the specified + time interval +- Users – Number of usernames associated with the host over the specified time interval +- Resources – Number of distinct files associated with the host over the specified time interval +- File Activity – Timeline of all events associated with the host over the specified time interval + + - The graph values can be toggled on an off by clicking on individual elements in the legend. + +- Details of File Activity – Tabular format of all file activity events associated with the host + which occurred over the specified time interval + + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +- Destination Host Offenses – QRadar offenses associated with the host which occurred over the + specified time interval + + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +The time interval is identified in the upper-right corner with the Start and End boxes. This is set +by default to the “past day,” or 24 hours. To search within a different interval, either manually +type the desired date and time or use the calendar buttons to set the desired date and time +interval. Then click Search to refresh the card data. diff --git a/docs/activitymonitor/9.0/siem/qradar/app/permissionchanges.md b/docs/activitymonitor/9.0/siem/qradar/app/permissionchanges.md new file mode 100644 index 0000000000..1ddc441a97 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/permissionchanges.md @@ -0,0 +1,28 @@ +--- +title: "Permission Changes Dashboard" +description: "Permission Changes Dashboard" +sidebar_position: 30 +--- + +# Permission Changes Dashboard + +The Permission Changes Dashboard for QRadar shows information on changes made to permissions using +various metrics. + +![Permission Changes Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/permissionchangesdashboard.webp) + +The Permission Changes dashboard contains the following cards: + +- Activity – Timeline of all permission change events over the specified time interval +- Top Users – Displays up-to the top five users associated with permission change events over the + specified time interval +- Latest Events – Tabular format of all permission change events which occurred over the specified + time interval + + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +The time interval is identified in the upper-right corner with the Start and End boxes. This is set +by default to the “past day,” or 24 hours. To search within a different interval, either manually +type the desired date and time or use the calendar buttons to set the desired date and time +interval. Then click Search to refresh the card data. diff --git a/docs/activitymonitor/9.0/siem/qradar/app/ransomware.md b/docs/activitymonitor/9.0/siem/qradar/app/ransomware.md new file mode 100644 index 0000000000..154d56d939 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/ransomware.md @@ -0,0 +1,37 @@ +--- +title: "Ransomware Dashboard" +description: "Ransomware Dashboard" +sidebar_position: 20 +--- + +# Ransomware Dashboard + +The Ransomware Dashboard for QRadar shows a list of suspected ransomware events. + +![Ransomware Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/ransomwaredashboard.webp) + +The Ransomware dashboard contains the following cards: + +- Offenses – List of offenses detected within QRadar from the file activity data as a potential + ransomware attack + + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +- Details of Ransomware Attack – Tabular format of all file activity events for the selected offense + which occurred over the specified time interval + + - Only visible after clicking Search on an offense + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +- Breakdown of File Types – Pie chart of the top eight file extensions of the affected files for the + selected offense + + - Only visible after clicking Search on an offense + +The offenses generated within QRadar are based upon the Netwrix: Ransomware Detected rule that +is packaged with this application. In order to adjust this rule to better suit an organization’s +needs, please refer to the IBM QRadar +[Rule management](https://www.ibm.com/support/knowledgecenter/SS42VS_7.2.6/com.ibm.qradar.doc/c_qradar_rul_mgt.html) +article on how to modify rules. diff --git a/docs/activitymonitor/9.0/siem/qradar/app/userinvestigation.md b/docs/activitymonitor/9.0/siem/qradar/app/userinvestigation.md new file mode 100644 index 0000000000..6e0f22f3bd --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/app/userinvestigation.md @@ -0,0 +1,36 @@ +--- +title: "User Investigation Dashboard" +description: "User Investigation Dashboard" +sidebar_position: 50 +--- + +# User Investigation Dashboard + +The User Investigation dashboard only appears when a search is conducted. This can be done by +clicking a hyperlink within the Username column of a table card. Alternatively, type the complete +user name in the Search box on the right side of the navigation bar. + +![User Investigation Dashboard for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/dashboard/userinvestigationdashboard.webp) + +The User Investigation dashboard contains the following cards: + +- Total Actions – Number of all file activity events associated with the user over the specified + time interval +- File Servers – Number of destination IP Addresses associated with the user over the specified time + interval +- Resources – Number of distinct files associated with the user over the specified time interval +- File Activity – Timeline of all events associated with the user over the specified time interval + - The graph values can be toggled on an off by clicking on individual elements in the legend. +- Details of File Activity – Tabular format of all file activity events associated with the user + which occurred over the specified time interval + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. +- Destination Host Offenses – QRadar offenses associated with the destination IP Addresses accessed + by the user during the specified time interval + - See the [Table Card Features ](/docs/activitymonitor/9.0/siem/qradar/app/app.md#table-card-features) topic for additional + information. + +The time interval is identified in the upper-right corner with the Start and End boxes. This is set +by default to the “past day,” or 24 hours. To search within a different interval, either manually +type the desired date and time or use the calendar buttons to set the desired date and time +interval. Then click Search to refresh the card data. diff --git a/docs/activitymonitor/9.0/siem/qradar/offenses.md b/docs/activitymonitor/9.0/siem/qradar/offenses.md new file mode 100644 index 0000000000..d121c01d6d --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/offenses.md @@ -0,0 +1,19 @@ +--- +title: "Offenses" +description: "Offenses" +sidebar_position: 30 +--- + +# Offenses + +The Activity Monitor App for QRadar feeds a couple of QRadar Offenses. + +![Netwrix Offenses in QRadar](/images/activitymonitor/9.0/siem/qradar/stealthbitsoffenses.webp) + +While the [Ransomware Dashboard](/docs/activitymonitor/9.0/siem/qradar/app/ransomware.md) reports on incidents of Ransomware attacks +monitored by Netwrix Threat Prevention, the following offenses may be generated by the Netwrix Activity Monitor App. + +| QRadar Offense | Definition | +| ---------------------------------------- | ---------------------------------------------------------------------------- | +| INTERCEPT: File System Attacks (By User) | Significant number of file changes made by an account in a short time period | +| Netwrix: Ransomware Detected | Threshold-based Ransomware Rule | diff --git a/docs/activitymonitor/9.0/siem/qradar/overview.md b/docs/activitymonitor/9.0/siem/qradar/overview.md new file mode 100644 index 0000000000..dad5896184 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/overview.md @@ -0,0 +1,84 @@ +--- +title: "Netwrix File Activity Monitor App for QRadar" +description: "Netwrix File Activity Monitor App for QRadar" +sidebar_position: 10 +--- + +# Netwrix File Activity Monitor App for QRadar + +Netwrix File Activity monitoring solutions enable organizations to successfully, efficiently, and +affordably monitor file access and permission changes across Windows and Network Attached Storage +(NAS) file systems in real-time. Using the preconfigured  Netwrix File Activity Monitor App for +QRadar, users can quickly understand all file activities as a whole, for specific resources or +users, as well as patterns of activity indicative of threats such as crypto ransomware or data +exfiltration attempts. With full control over the data, users can create custom searches, all while +enabling QRadar to correlate file system activity with any log source. + +This document describes how to integrate Netwrix products with the Netwrix File Activity Monitor App +for QRadar found in the IBM X-Force Exchange. Any Netwrix products can be configured to monitor file +system activity and send the monitored events to QRadar. After installing this app, ensure that +either the Activity Monitor, Threat Prevention, or Access Analyzer has been configured to send +events to QRadar. See the [Netwrix Technical Knowledge Center](https://helpcenter.netwrix.com/) on +the Netwrix website for additional information. + +## App Installation in QRadar + +Download the [Netwrix File Activity Monitor App for +QRadar](https://exchange.xforce.ibmcloud.com/hub/extension/STEALTHbits Technologies:STEALTHbits File Activity Monitor) from the [IBM X-Force App Exchange](https://exchange.xforce.ibmcloud.com/hub). +After downloading the Stealthbits File Activity Monitor App for QRadar, follow the steps to install +it within QRadar. + +**Step 1 –** Click on the Admin tab within QRadar. + +**Step 2 –** Under System Configuration, click Extensions Management. + +**Step 3 –** Click **Add** in the top-right corner of the window. Navigate to the location where you +downloaded the app, and select it. Check the Install Immediately checkbox, and then click Add. + +**Step 4 –** When the Validating Install window is finished processing, check the Overwrite option. +Then click **Install**. + +**Step 5 –** Close the Extensions Management window, and then select the File Activity Monitor tab +within QRadar. + +The File Activity Monitor tab will appear within QRadar. It is necessary for the QRadar SEC token to +be saved to the Settings interface of the **File Activity Monitor** App. See the +[Settings](/docs/activitymonitor/9.0/siem/qradar/settings.md) topic for additional information. + +## Initial Configuration of the QRadar App + +Follow the steps to configure QRadar to receive data from Netwrix products. + +**Step 1 –** Determine the IP Address of the QRadar Console, e.g. run the _ifconfig_ command. This +information is required for the following sections: + +- See the Syslog Tab section of the Netwrix Activity Monitor User Guide for information on + how to configure the Netwrix Activity Monitor to send data to QRadar. +- See the SIEM Tab section of the Netwrix Threat Prevention Admin Console User Guide for information on how + to configure Threat Prevention to send data to QRadar. + +**Step 2 –** Navigate to the **Admin** tab in the QRadar web interface and click Data Sources. + +**Step 3 –** Select Log Sources. + +**Step 4 –** View the Log Sources list. If the data source was not automatically created, click Add +and enter the following information: + +- Log Source Name – Enter a descriptive name to identify the data source +- Log Source Description – Enter a description of the data source +- Log Source Type – Netwrix Threat Prevention + - Use this source type for both the Netwrix Activity Monitor and Netwrix Threat Prevention. + +**Step 5 –** Test that the configuration is working correctly. Check the Log Activity page inside of +the web console for QRadar. There should be logs of events that are generated as soon as QRadar +starts receiving data. If there are no events, use a packet sniffer to ensure that packets are being +sent correctly between the hosts, and diagnose any possible network issues. + +- Protocol Configuration – Select Syslog +- Log Source Identifier – Enter the host name or IP Address of the host where the Netwrix + Activity Monitor agent OR Threat Prevention is installed +- Then click Save. Remember, prior to using the Netwrix File Activity Monitor App for QRadar, the + related Netwrix product must be configured to send data to QRadar. + +The  Netwrix File Activity Monitor App for QRadar can now display activity data from either the + Netwrix Activity Monitor or Netwrix Threat Prevention. diff --git a/docs/activitymonitor/9.0/siem/qradar/settings.md b/docs/activitymonitor/9.0/siem/qradar/settings.md new file mode 100644 index 0000000000..d6760cd22d --- /dev/null +++ b/docs/activitymonitor/9.0/siem/qradar/settings.md @@ -0,0 +1,15 @@ +--- +title: "Settings" +description: "Settings" +sidebar_position: 20 +--- + +# Settings + +Use the gear icon next to the **Search** box to open the **Settings** interface. It is necessary for +the QRadar SEC token to be saved to the **Settings** interface. + +![Settings for Netwrix Activity Monitor App for QRadar](/images/activitymonitor/9.0/siem/qradar/settings.webp) + +The **More information** link will open the IBM Knowledge Center with information on generating the +QRadar SEC token. Once the token is generated, copy and paste it here and click Save. diff --git a/docs/activitymonitor/9.0/siem/splunk/_category_.json b/docs/activitymonitor/9.0/siem/splunk/_category_.json new file mode 100644 index 0000000000..e9b549fb3f --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "File Activity Monitor App for Splunk", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/siem/splunk/app/_category_.json b/docs/activitymonitor/9.0/siem/splunk/app/_category_.json new file mode 100644 index 0000000000..dd71e85b85 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/app/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "File Activity Monitor App for Splunk", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "app" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/siem/splunk/app/app.md b/docs/activitymonitor/9.0/siem/splunk/app/app.md new file mode 100644 index 0000000000..f44cddf87b --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/app/app.md @@ -0,0 +1,18 @@ +--- +title: "File Activity Monitor App for Splunk" +description: "File Activity Monitor App for Splunk" +sidebar_position: 10 +--- + +# File Activity Monitor App for Splunk + +Netwrix File Activity Monitor App for Splunk contains several predefined dashboards: File +Activity (Overview), Ransomware, Permission Changes, and Deletions. + +![file_activity_monitor_app](/images/activitymonitor/9.0/siem/splunk/file_activity_monitor_app.webp) + +The date time search feature uses the default Splunk search features. + +The timeframe interval is identified in the upper-left corner of each dashboard. The drop-down menu +provides additional options. To search within a different interval, choose a new option from the +menu. Then click **Submit** to refresh the card data. diff --git a/docs/activitymonitor/9.0/siem/splunk/app/deletions.md b/docs/activitymonitor/9.0/siem/splunk/app/deletions.md new file mode 100644 index 0000000000..7a67f53482 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/app/deletions.md @@ -0,0 +1,20 @@ +--- +title: "Deletions Dashboard" +description: "Deletions Dashboard" +sidebar_position: 40 +--- + +# Deletions Dashboard + +View deletion information in the Deletions Dashboard for Splunk. + +![Deletions Dashboard for Netwrix Activity Monitor App for Splunk](/images/activitymonitor/9.0/siem/splunk/dashboard/deletionsdashboard.webp) + +The Deletions dashboard contains the following cards: + +- Activity – Timeline of all deletion events in the specified timeframe +- Top Users – Displays up-to the top five users related to deletion events which have been recorded + in the specified timeframe +- Latest Events – Tabular format of all deletion events recorded in the specified timeframe + +The specified timeframe is set by default to the Last 24 hours, or past day. diff --git a/docs/activitymonitor/9.0/siem/splunk/app/overview.md b/docs/activitymonitor/9.0/siem/splunk/app/overview.md new file mode 100644 index 0000000000..bafd3690dc --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/app/overview.md @@ -0,0 +1,25 @@ +--- +title: "Overview Dashobard" +description: "Overview Dashobard" +sidebar_position: 10 +--- + +# Overview Dashobard + +View general information on the Overview Dashboard for Splunk. + +![Overview Dashboard for Netwrix Activity Monitor App for Splunk](/images/activitymonitor/9.0/siem/splunk/dashboard/overviewdashboard.webp) + +The File System Activity Overview dashboard contains the following cards: + +- Active Users – Number of users involved with file system events in the specified timeframe +- Active Servers – Number of servers involved with file system events in the specified timeframe +- File Activity – Timeline of all file system events in the specified timeframe +- Top Users – Displays up-to the top five users addresses related to file system events which have + been recorded in the specified timeframe +- Top Servers – Displays up-to the top five client IP addresses/host names related to file system + events which have been recorded in the specified timeframe +- Latest Events – Tabular format of all file system change events which have been recorded in the + specified timeframe + +The specified timeframe is set by default to the Last 24 hours, or past day. diff --git a/docs/activitymonitor/9.0/siem/splunk/app/permissionchanges.md b/docs/activitymonitor/9.0/siem/splunk/app/permissionchanges.md new file mode 100644 index 0000000000..8a1e47e6ba --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/app/permissionchanges.md @@ -0,0 +1,20 @@ +--- +title: "Permission Changes Dashboard" +description: "Permission Changes Dashboard" +sidebar_position: 30 +--- + +# Permission Changes Dashboard + +View information on permissions changes on the through the Permission Changes Dashboard for Splunk. + +![Permission Changes Dashboard for Netwrix Activity Monitor App for Splunk](/images/activitymonitor/9.0/siem/splunk/dashboard/permissionchangesdashboard.webp) + +The Permission Changes dashboard contains the following cards: + +- Activity – Timeline of all permission change events in the specified timeframe +- Top Users – Displays up-to the top five users related to permission change events which have been + recorded in the specified timeframe +- Latest Events – Tabular format of all permission change events recorded in the specified timeframe + +The specified timeframe is set by default to the Last 24 hours, or past day. diff --git a/docs/activitymonitor/9.0/siem/splunk/app/ransomware.md b/docs/activitymonitor/9.0/siem/splunk/app/ransomware.md new file mode 100644 index 0000000000..062c50fecf --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/app/ransomware.md @@ -0,0 +1,21 @@ +--- +title: "Ransomware Dashboard" +description: "Ransomware Dashboard" +sidebar_position: 20 +--- + +# Ransomware Dashboard + +View information on ransomware using the Ransomware Dashboard for Splunk. + +![Ransomware Dashboard for Netwrix Activity Monitor App for Splunk](/images/activitymonitor/9.0/siem/splunk/dashboard/ransomwaredashboard.webp) + +The Ransomware dashboard contains the following cards: + +- Number of Potential Perpetrators – Number of users involved with events tied to outliers +- Number of Outliers – Number of outliers by count of file/folder update events +- Outliers by Count of File/Folder Updates – Graph of expected values for count of file/folder + update events (blue area) and calculated outliers (red dots) +- Outliers by Count of File/Folder Updates Details – Breakdown of outliers by users involved in each + outlier and percent of events by user +- Outlier Events – Tabular format of all file system change events related to outliers diff --git a/docs/activitymonitor/9.0/siem/splunk/overview.md b/docs/activitymonitor/9.0/siem/splunk/overview.md new file mode 100644 index 0000000000..6c1ac1a719 --- /dev/null +++ b/docs/activitymonitor/9.0/siem/splunk/overview.md @@ -0,0 +1,87 @@ +--- +title: "File Activity Monitor App for Splunk" +description: "File Activity Monitor App for Splunk" +sidebar_position: 20 +--- + +# File Activity Monitor App for Splunk + +Netwrix File Activity monitoring solutions enable organizations to successfully, efficiently, +and affordably monitor file access and permission changes across Windows and Network Attached +Storage (NAS) file systems in real-time. Using the preconfigured Netwrix File Activity Monitor +App for Splunk, users can quickly understand all file activities as a whole, for specific resources +or users, as well as patterns of activity indicative of threats such as crypto ransomware or data +exfiltration attempts. With full control over the data, users can create custom searches, all while +enabling Splunk to correlate file system activity with any log source. + +This document describes how to integrate Netwrix products with the Netwrix File Activity +Monitor App for Splunk found in Splunkbase. Any Netwrix product can be configured to monitor file +system activity and send the monitored events to Splunk. After installing this app, ensure that +either theActivity Monitor, Threat Prevention, or Access Analyzer has been configured to send events +to Splunk. See the product user guide on the +[Netwrix Technical Knowledge Center](https://helpcenter.netwrix.com/) for additional information. + +## App Installation in Splunk + +After downloading the Netwrix File Activity Monitor App for Splunk from [Splunkbase](https://splunkbase.splunk.com/), follow the +[guide](https://docs.splunk.com/Documentation/AddOns/released/Overview/Installingadd-ons) provided by +Splunk to install the app. + +:::note +In order to use the Ransomware dashboard within the app, install +[Splunk User Behavior Analytics](https://www.splunk.com/en_us/products/premium-solutions/user-behavior-analytics.html) +(any version) and the [Machine Learning Toolkit](https://splunkbase.splunk.com/app/2890/) app for +Splunk (version 2.0.0+). +::: + + +The Netwrix: File Activity Monitor tab will appear within the Splunk web interface. Once +installation of the Netwrix File Activity Monitor App for Splunk is complete, it must be +configured to receive data from either theActivity Monitor or Threat Prevention. + +## Initial Configuration of the Splunk App + +Follow the steps to configure Splunk to receive data from Netwrix products. + +**Step 1 –** Determine the IP Address of the Splunk Console, e.g. run the ifconfig command. This +information is required for the following sections: + +- See the Syslog Tab section in the + [Netwrix Activity Monitor Documentation](https://helpcenter.netwrix.com/category/activitymonitor) + for information on how to configure the Activity Monitor to send data to QRadar. +- See the SIEM Tab section in the + [Netwrix Threat Prevention Documentation](https://helpcenter.netwrix.com/category/threatprevention) + for information on how to configure Threat Prevention to send data to QRadar. + +**Step 2 –** Navigate to the Settings menu in the Splunk web interface and click Data Inputs. + +**Step 3 –** Select UDP. + +**Step 4 –** Click New and add a new data input with Port 514. If another Splunk UDP input is +already using 514, another value (515 or higher) can be used as long as it is not blocked by the +network. Remember to configure the port within the Netwrix product configuration to align with +this change. + +**Step 5 –** Click Next. + +**Step 6 –** Under Input Settings, enter the following information: + +- Source Type – Enter one of the following options: + - For data coming from the Netwrix Activity Monitor – NAM + - For data coming from Threat Prevention – ThreatPrevention +- App context – Select Search and Reporting +- Host – Select IP +- Index – Select Default + +**Step 7 –** Review and save the new settings. Remember, prior to using the Netwrix File +Activity Monitor App for Splunk, the related Netwrix products must be configured to send data to +Splunk. + +**Step 8 –** Test that the configuration is working correctly. Check the **Search and Reporting** +app inside of the web console for Splunk (search for **NAM or ThreatPrevention**). There should be +logs of events which are generated as soon as Splunk starts receiving data. If there are no events, +use a packet sniffer to ensure that packets are being sent correctly between the hosts, and diagnose +any possible network issues. + +The Netwrix File Activity Monitor App for Splunk can now display activity data from either the +Netwrix Activity Monitor or Netwrix Threat Prevention. diff --git a/docs/activitymonitor/9.0/troubleshooting/_category_.json b/docs/activitymonitor/9.0/troubleshooting/_category_.json new file mode 100644 index 0000000000..53642bd87a --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Troubleshooting and Maintenance", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/troubleshooting/antivirusexclusions.md b/docs/activitymonitor/9.0/troubleshooting/antivirusexclusions.md new file mode 100644 index 0000000000..1ea8abd565 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/antivirusexclusions.md @@ -0,0 +1,75 @@ +--- +title: "Antivirus Exclusions" +description: "Antivirus Exclusions" +sidebar_position: 30 +--- + +# Antivirus Exclusions + +Windows activity monitoring and performance of the Activity Agent may be negatively affected by +antivirus protections. Add the following components to antivirus exclusions in order to avoid +potential performance degradation. + +## Directories + +The following directories can be added to antivirus exclusions: + +- `` — Agent installation directory. Default path is + `%ProgramFiles%\Netwrix\Activity Monitor\Agent`. The agent stores binaries and install files in + this location. +- `` — Agent configuration directory. Default path is + `%ProgramData%\Netwrix\Activity Monitor\Agent`. The agent stores configuration, and debug log + files in this location. +- `\ActivityLogs` — Default location for collected activity files. If files are stored in + a separate location, specify the user-designated directory instead of the default location. +- `\Data` — Various temporary data files, which may be actively updated. + +## Binary Files + +The following binary files can be added to antivirus exclusions: + +- Common Exclusions + + - `\net472\FSACLoggingSvc.exe` — Logging service. Forwards events to files, syslog, AMQP. + - `\ConfigurationAgent.Grpc.Host.exe` — Netwrix Activity Monitor Agent service + + +- Active Directory Monitoring + + - `\MonitorService.exe` — Active Directory monitoring service + - `%ProgramFiles%\Netwrix\Netwrix Threat Prevention\SIWindowsAgent.exe` — Active Directory Module + service. + +- Dell Celerra/VNX, Isilon/PowerScale, PowerStore, and Unity Monitoring + + - `\net472\CelerraServerSvc.exe` — Dell Monitoring service + +- Hitachi Monitoring + + - `\net472\HitachiService.exe` — Hitachi HNAS monitoring service + +- Microsoft Entra ID, SharePoint Online, and Exchange Online Monitoring + + - `\MonitorService.exe` — Microsoft Entra ID monitoring service + +- NetApp Monitoring + + - `\net472\FPolicyServerSvc.exe` — NetApp Monitoring service + +- Nasuni, Panzura, Nutanix Files, Qumulo, CTERA, Cohesity SmartFiles Monitoring + + - `\MonitorService.exe` — NAS monitoring service + +- SharePoint Monitoring + + - `\net472\MonitorService.exe` — SharePoint 2016, 2019, Subscription monitoring service + - `\net40\MonitorService.exe` — SharePoint 2013 monitoring service + +- SQL Server Monitoring + + - `\net472\MonitorService.exe` — SQL Server monitoring service + +- Windows Monitoring + + - `%SystemRoot%\System32\drivers\SBTFSF.sys` — The File System filter driver + - `%ProgramFiles%\Stealthbits\StealthAUDIT\FSAC\SBTService.exe` — Windows File System monitoring service. diff --git a/docs/activitymonitor/9.0/troubleshooting/backuprestore/_category_.json b/docs/activitymonitor/9.0/troubleshooting/backuprestore/_category_.json new file mode 100644 index 0000000000..129e47789f --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/backuprestore/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Backup & Restoration", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentbackup.md b/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentbackup.md new file mode 100644 index 0000000000..a0deae0209 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentbackup.md @@ -0,0 +1,59 @@ +--- +title: "Agent Backup" +description: "Agent Backup" +sidebar_position: 10 +--- + +# Agent Backup + +Follow the steps to back up the configuration, passwords, Active Directory event data file, and +activity log files for Activity Monitor Agents deployed on file system servers, SharePoint servers, +and domain controllers. + +**Configuration** + +**Step 1 –** Back up the `SBTFileMon.ini` file. The default location is + +**C:\ProgramData\Netwrix\Activity Monitor\Agent\SBTFileMon.ini** + +The location of the `SBTFileMon.ini` is determined by the registry value: + +`HKLM\SYSTEM\CurrentControlSet\Services\SBTLogging\Parameters`, value `ConfigPath`. + +**Step 2 –** Back up passwords + +> Passwords are stored in the `SBTFileMon.ini` file in an encrypted form using DPAPI. They can only +> be decrypted on the same Windows server. To be able to restore the configuration of a different +> server, back up the passwords separately. This includes the following: + +- Credentials for Agent +- Credentials for Monitored Hosts/Services +- Credentials for Archive + +**Active Directory Event Data File** + +**Step 3 –** On a domain controller, back up the `SAMConfig.xml` file. The default location is: + +**C:\Program Files\Netwrix\Netwrix Threat Prevention\SIWindowsAgent** + +The location of the file is determined by the registry value +`HKLM\SOFTWARE\Netwrix\Netwrix Threat Prevention`, value `Installdir`. Append +`SIWindowsAgent` to the value of `Installdir`. + +**Activity Log Files** + +**Step 4 –** Back up the log files stored on the local drive and on the archival network share. The +default folder is + +**C:\ProgramData\Netwrix\Activity Monitor\Agent\ActivityLogs** + +:::note +Keep in mind that` C:\ProgramData` folder may be hidden. Navigate to it by typing +`%ALLUSERSPROFILE%` in the File Explorer. +::: + + +The location of the files depend on the configuration and whether the archiving is enabled. See the +[Archiving Tab](/docs/activitymonitor/9.0/admin/agents/properties/archiving.md) topic for additional information. + +All key components necessary for data recovery have now been backed up for the agents. diff --git a/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentrestore.md b/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentrestore.md new file mode 100644 index 0000000000..52f1a33797 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentrestore.md @@ -0,0 +1,37 @@ +--- +title: "Agent Restoration" +description: "Agent Restoration" +sidebar_position: 20 +--- + +# Agent Restoration + +Follow the steps to restore the configuration, Active Directory configuration file, and activity log +files for Activity Monitor Agents deployed on file system servers, SharePoint servers, and domain +controllers. + +:::warning +Restore the agent before restoring the console to ensure connectivity and monitoring +functionality +::: + + +**Step 1 –** Reinstall the Activity Monitor Agents. + +**Step 2 –** Replace the `SBFileMon.ini` file with the backed up configuration file. + +**Step 3 –** Replace the `SAMConfig.xml` file with the backed up Active Directory event data file. + +**Step 4 –** Disable all activity monitoring on the Monitored Hosts & Services and Monitored Domains page. + +**Step 5 –** Use the Console to update the passwords if the agent is restored on a different server. + +**Step 6 –** Use the Console to update the archive password, or the archive location if the location +is moved. + +**Step 7 –** Restore the log files with the backed up activity log files. + +**Step 8 –** Enable all activity monitoring. + +The configuration, Active Directory event data file, and activity log files are now restored on the +Activity Monitor Agents. diff --git a/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolebackup.md b/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolebackup.md new file mode 100644 index 0000000000..f0e06eeb35 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolebackup.md @@ -0,0 +1,25 @@ +--- +title: "Console Backup" +description: "Console Backup" +sidebar_position: 30 +--- + +# Console Backup + +Follow the steps to back up the list of agents managed on the Activity Monitor Console. + +**Step 1 –** Back up the configuration file: + +**%ALLUSERSPROFILE%\Netwrix\Activity Monitor\Console\Agents.ini** + +**Step 2 –** Back up the license file: + +**%ALLUSERSPROFILE%\Netwrix\Activity Monitor\Console\FileMonitor.lic** + +**Step 3 –** Back up passwords. + +Credentials for the agents are stored in the `Agents.ini` file in an encrypted form using PSAPI. +They can only be decrypted on the same Windows workstation. To be able to restore the configuration +on a different workstation, back up the passwords separately. + +All key components necessary for data recovery have now been backed up for the console. diff --git a/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolerestore.md b/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolerestore.md new file mode 100644 index 0000000000..3bdb18b487 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolerestore.md @@ -0,0 +1,19 @@ +--- +title: "Console Restoration" +description: "Console Restoration" +sidebar_position: 40 +--- + +# Console Restoration + +Follow the steps to restore the list of agents managed on the Activity Monitor Console. + +**Step 1 –** Restore `Agents.ini` file. + +**Step 2 –** Restore `FileMonitor.lic` file. + +**Step 3 –** Start the console. + +**Step 4 –** Update the passwords if the console is restored on a different workstation. + +The Activity Monitor Console can now connect to deployed agents. diff --git a/docs/activitymonitor/9.0/troubleshooting/backuprestore/overview.md b/docs/activitymonitor/9.0/troubleshooting/backuprestore/overview.md new file mode 100644 index 0000000000..05f8e8a7e8 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/backuprestore/overview.md @@ -0,0 +1,26 @@ +--- +title: "Backup & Restoration" +description: "Backup & Restoration" +sidebar_position: 50 +--- + +# Backup & Restoration + +The Netwrix Activity Monitor is comprised of the following components: + +- Activity Monitor Console - Controls configuration settings. See the + [Administration](/docs/activitymonitor/9.0/admin/overview.md) topic for additional information. +- Deployed Agents - Monitor targeted servers and domains. See the + [Agent Information](/docs/activitymonitor/9.0/install/agents/agents.md) topic for additional information. + +The configuration settings are stored on individual agents, and the console stores which agents have +been deployed. Agents also store activity log files of monitored environments, which can optionally +be stored on a network share. This document describes the process for backing up and restoring the +Activity Monitor Console and the activity agents. + +The sections in this document are: + +- [Agent Backup](/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentbackup.md) +- [Agent Restoration](/docs/activitymonitor/9.0/troubleshooting/backuprestore/agentrestore.md) +- [Console Backup](/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolebackup.md) +- [Console Restoration](/docs/activitymonitor/9.0/troubleshooting/backuprestore/consolerestore.md) diff --git a/docs/activitymonitor/9.0/troubleshooting/credentialpasswords.md b/docs/activitymonitor/9.0/troubleshooting/credentialpasswords.md new file mode 100644 index 0000000000..00d3422b22 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/credentialpasswords.md @@ -0,0 +1,84 @@ +--- +title: "Update Credential Passwords" +description: "Update Credential Passwords" +sidebar_position: 10 +--- + +# Update Credential Passwords + +Credential passwords occasionally need to be updated due to various reasons, such as security +policies that require passwords to be reset on a regular basis. The following types of credentials +may be impacted by password changes or security policies: + +- Agent and Domain Controller User Account +- Archive User Account +- Panzura MQ Protection +- Monitored Host User Account +- Active Directory Domain / DC User Account +- Agent Inactivity Alerts Email Credentials +- Monitored Host Inactivity Alerts Email Credentials + +## Agent and Domain Controller User Account + +The Active Directory Domain / DC User Account is used to run the actions performed by the agent. The +account can be updated in the agent properties under the **Connection** tab. + +:::note +If the AD monitoring account is changed, all accounts on the domain controllers will need +to be updated as well. +::: + + +![Agent User Account Credentials](/images/activitymonitor/9.0/troubleshooting/agentuseraccount.webp) + +See the [Connection Tab](/docs/activitymonitor/9.0/admin/agents/properties/connection.md) topic for additional information. + +## Archive User Account + +The Archive User Account is used to store log files from the agent and store them on a remote server +or share. The credentials can be updated in the agent properties under the **Archiving** tab. + +![Archive User Account Credentials](/images/activitymonitor/9.0/troubleshooting/archiveuseraccount.webp) + +See the [Archiving Tab](/docs/activitymonitor/9.0/admin/agents/properties/archiving.md) topic for additional information. + +## Panzura MQ Protection + +The Panzura MQ Protection Credentials are used to send activity to the Activity Monitor agent. The +credentials can be updated in the agent properties under the **Panzura** tab. + +![Panzura MQ Protection Account Credentials](/images/activitymonitor/9.0/troubleshooting/panzuramqprotectionaccount.webp) + +See the [Panzura Tab](/docs/activitymonitor/9.0/admin/agents/properties/panzura.md) topic for additional information. + +## Monitored Host User Credentials + +The Monitored Host User Credentials is used to connect to the monitored host device and send +activity to the agent. The credentials can be updated in monitored host properties. Select a host +under the **Monitored Host** tab. Then, click the **Edit** button to update the account credentials. + +![Monitored Host User Account](/images/activitymonitor/9.0/troubleshooting/monitoredhostuseraccount.webp) + +See the [Nutanix Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/nutanix.md) topic for additional +information. + +## Agent Inactivity Alerts Email Account + +The Agent Inactivity Alerts Email Account is used to automate email alerts for inactivity detected +by the agent. It can be updated in agent properties under **Inactivity Alerts** tab then Email +Alerts. This can also be changed in the monitored host properties. + +![agentinactivityalertsemailcredentials](/images/activitymonitor/9.0/troubleshooting/agentinactivityalertsemailcredentials.webp) + +See the [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/agents/properties/inactivityalerts.md) topic for additional +information. + +## Monitored Host Inactivity Alerts Email Account + +The Monitored Host Inactivity Alerts Email Account are used to automate email alerts for inactivity +detected by the monitored host. The credentials can be updated in the monitored **Host Properties**. + +![Monitored Host Inactivity Alerts Email Credentials Page](/images/activitymonitor/9.0/troubleshooting/monitoredhostinactivityalertsemailcredentials.webp) + +See the [Inactivity Alerts Tab](/docs/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalerts.md) topic for +additional information. diff --git a/docs/activitymonitor/9.0/troubleshooting/overview.md b/docs/activitymonitor/9.0/troubleshooting/overview.md new file mode 100644 index 0000000000..cf675f1bf8 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/overview.md @@ -0,0 +1,16 @@ +--- +title: "Troubleshooting and Maintenance" +description: "Troubleshooting and Maintenance" +sidebar_position: 50 +--- + +# Troubleshooting and Maintenance + +This section provides an overview of troubleshooting and maintenance steps and processes for +Activity Monitor. See the following topics for additional information: + +- [Update Credential Passwords](/docs/activitymonitor/9.0/troubleshooting/credentialpasswords.md) +- [Trace Logs](/docs/activitymonitor/9.0/troubleshooting/tracelogs.md) +- [Antivirus Exclusions](/docs/activitymonitor/9.0/troubleshooting/antivirusexclusions.md) +- [Performance Monitoring](/docs/activitymonitor/9.0/troubleshooting/performancemonitoring.md) +- [Backup & Restoration](/docs/activitymonitor/9.0/troubleshooting/backuprestore/overview.md) diff --git a/docs/activitymonitor/9.0/troubleshooting/performancemonitoring.md b/docs/activitymonitor/9.0/troubleshooting/performancemonitoring.md new file mode 100644 index 0000000000..1d10293ce7 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/performancemonitoring.md @@ -0,0 +1,346 @@ +--- +title: "Performance Monitoring" +description: "Performance Monitoring" +sidebar_position: 40 +--- + +# Performance Monitoring + +This topic provides a list of Activity Monitor performance counters and standard system-wide +performance counters (Memory and CPU usage, TCP disconnections, etc) that are recommended for +Activity Monitor performance monitoring. These performance counters can help diagnose performance +issues. + +## Performance Counters + +The following performance counters are provided by Activity Monitor. + +| Category | Recommended | Counter | Description | +| ------------------ | ----------- | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| NetApp | ✔ | Activity Monitor - NetApp\Events Received | Number of events received from NetApp | +| NetApp | ✔ | Activity Monitor - NetApp\Events Received/sec | Rate at which events are received from NetApp | +| NetApp | ✔ | Activity Monitor - NetApp\Events Reported | Number of events passed the filters and being reported to outputs | +| NetApp | ✔ | Activity Monitor - NetApp\Events Reported/sec | Rate at which events are reported to outputs | +| NetApp | ✔ | Activity Monitor - NetApp\Session Negotiated | Number of connections established with ONTAP cluster nodes | +| NetApp | ✔ | Activity Monitor - NetApp\Active Connections | Number of active connections with ONTAP cluster nodes | +| NetApp | | Activity Monitor - NetApp\Outage Files | Number of outage (resilience) files processed | +| NetApp | ✔ | Activity Monitor - NetApp\Overloaded | Number of times the agent was overloaded and had to limit the rate of events. This counter may increase from time to time when processing large batches of events. But if it keeps increasing, it is a sure sign that the agent is not coping with the load. Consider moving some SVMs to another agent or spreading the load from one SVM across multiple agents. | +| VNX, Isilon, Unity | ✔ | Activity Monitor - Dell\Events Received | Number of events received from CEE | +| VNX, Isilon, Unity | ✔ | Activity Monitor - Dell\Events Received/sec | Rate at which events are received from CEE | +| VNX, Isilon, Unity | ✔ | Activity Monitor - Dell\Events Reported | Number of events passed the filters and being reported to outputs | +| VNX, Isilon, Unity | ✔ | Activity Monitor - Dell\Events Reported/sec | Rate at which events are reported to outputs | +| VNX, Isilon, Unity | ✔ | Activity Monitor - Dell\Queue Size | Number of events received from CEE and waiting in queue to be processed | +| VNX, Isilon, Unity | ✔ | Activity Monitor - Dell\Receive Throttling | Delay, in milliseconds, introduced to manage the queue | +| Outputs | ✔ | Activity Monitor - Outputs\Events Reported | Total number of events reported | +| Outputs | ✔ | Activity Monitor - Outputs\Events Reported/sec | Rate at which events are reported | +| Outputs | | Activity Monitor - Outputs\Events Reported to Files | Total number of events reported to log files | +| Outputs | | Activity Monitor - Outputs\Events Reported to Syslog | Total number of events reported to syslog servers | +| Outputs | | Activity Monitor - Outputs\Events Reported to AMQP | Total number of events reported to AMQP servers (not used currently) | +| Outputs | ✔ | Activity Monitor - Outputs\Resolved SIDs | Number of attempts, both successful and failed, to resolve SIDs to names | +| Outputs | ✔ | Activity Monitor - Outputs\Resolved SIDs/sec | Rate at which SIDs are resolved to names | +| Outputs | ✔ | Activity Monitor - Outputs\Resolved SIDs Failures | Number of failed attempts to resolve SIDs to names | +| Outputs | ✔ | Activity Monitor - Outputs\Resolved SIDs Avg Time | The moving average length of time, in microseconds, per a SID to name translation | +| Outputs | ✔ | Activity Monitor - Outputs\Resolved SIDs Max Time | The moving maximum length of time, in microseconds, per a SID to name translation | +| Outputs | | Activity Monitor - Outputs\Translated UIDs | Number of attempts, both successful and failed, to translate UIDs to SIDs | +| Outputs | | Activity Monitor - Outputs\Translated UIDs/sec | Rate at which UIDs are translated to SIDs | +| Outputs | | Activity Monitor - Outputs\Translated UIDs Failures | Number of failed attempts to translate UIDs to SIDs | +| Outputs | | Activity Monitor - Outputs\Translated UIDs Avg Time | The moving average length of time, in microseconds, per a UID to SID translation | +| Outputs | | Activity Monitor - Outputs\Translated UIDs Max Time | The moving maximum length of time, in microseconds, per a UID to SID translation | +| Outputs | ✔ | Activity Monitor - Outputs\DNS Queries | Number of DNS queries, both successful and failed | +| Outputs | ✔ | Activity Monitor - Outputs\DNS Queries/sec | Rate at which DNS queries are executed | +| Outputs | ✔ | Activity Monitor - Outputs\DNS Queries Failures | Number of failed DNS queries | +| Outputs | ✔ | Activity Monitor - Outputs\DNS Queries Avg Time | The moving average length of time, in microseconds, per a DNS query | +| Outputs | ✔ | Activity Monitor - Outputs\DNS Queries Max Time | The moving maximum length of time, in microseconds, per a DNS query | + +:::note +DNS and AD queries typically contribute the most to the processing time. Since the +resolution occurs in real time, slow responses can affect throughput (A 100ms DNS response limits +the throughput to 10 events per second). Observing average and maximum values of DNS Queries Time, +Resolved SIDs Time, and Translated UIDs Time allows you to estimate the response time. +::: + + +## Recommended System Performance Counters + +In addition to the Activity Monitor performance counters, it is recommended to use the following +performance counters: + +| Counter | Notes | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| Processor(\_Total)\% Processor Time | The percentage of elapsed time that the processor spends to execute a non-Idle thread. | +| Memory\Available MBytes | The amount of physical memory, in Megabytes, immediately available for allocation to a process or for system use. | +| Paging File(\_Total)\% Usage | The percentage of the paging file that is currently in use. | +| TCPv4\Connections Reset | The rate of reset TCPv4 connections | +| TCPv4\Segments Received/sec | The quantity of segments received via TCPv4 per second. | +| TCPv4\Segments Retransmitted/Sec | Quantity of segments retransmitted via TCPv4 per second. | +| TCPv6\Segments Received/sec | The quantity of segments received via TCPv6 per second. | +| TCPv6\Segments Retransmitted/Sec | Quantity of segments retransmitted via TCPv6 per second. | +| Network Interface(\*)\Bytes Received/sec | From all network adapters: The rate at which bytes are received. | +| Network Interface(\*)\Bytes Sent/sec | From all network adapters: The rate at which bytes are sent. | +| Network Interface(\*)\Output Queue Length | From all network adapters: The length of the output packet queue (in packets). | +| Network Interface(\*)\Packets Received Discarded | From all network adapters: The number of inbound packets that were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher-layer protocol. | +| Network Interface(\*)\Packets Received Errors | From all network adapters: The number of inbound packets that contained errors. As a result, the errored packets were not delivered to a higher-layer protocol. | +| Process(ConfigurationAgent.Grpc.Host)\% Processor Time | For Agent: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(ConfigurationAgent.Grpc.Host)\Elapsed Time | For Agent: The duration from when the process was started until the time it terminated. | +| Process(ConfigurationAgent.Grpc.Host)\Handle Count | For Agent: The number of operating system handles the process has opened. | +| Process(ConfigurationAgent.Grpc.Host)\Thread Count | For Agent: The set of threads that are running in the associated process. | +| Process(ConfigurationAgent.Grpc.Host)\Private Bytes | For Agent: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(ConfigurationAgent.Grpc.Host)\Working Set | For Agent: The associated process's physical memory usage, in bytes. | +| Process(ConfigurationAgent)\% Processor Time | For Agent version 6.0 and earlier: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(ConfigurationAgent)\Elapsed Time | For Agent version 6.0 and earlier: The duration from when the process was started until the time it terminated. | +| Process(ConfigurationAgent)\Handle Count | For Agent version 6.0 and earlier: The number of operating system handles the process has opened. | +| Process(ConfigurationAgent)\Thread Count | For Agent version 6.0 and earlier: The set of threads that are running in the associated process. | +| Process(ConfigurationAgent)\Private Bytes | For Agent version 6.0 and earlier: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(ConfigurationAgent)\Working Set | For Agent version 6.0 and earlier: The associated process's physical memory usage, in bytes. | +| Process(SBTService)\% Processor Time | For Windows Monitoring: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(SBTService)\Elapsed Time | For Windows Monitoring: The duration from when the process was started until the time it terminated. | +| Process(SBTService)\Handle Count | For Windows Monitoring: The number of operating system handles the process has opened. | +| Process(SBTService)\Thread Count | For Windows Monitoring: The set of threads that are running in the associated process. | +| Process(SBTService)\Private Bytes | For Windows Monitoring: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(SBTService)\Working Set | For Windows Monitoring: The associated process's physical memory usage, in bytes. | +| Process(FPolicyServerSvc)\% Processor Time | For NetApp Monitoring: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(FPolicyServerSvc)\Elapsed Time | For NetApp Monitoring: The duration from when the process was started until the time it terminated. | +| Process(FPolicyServerSvc)\Handle Count | For NetApp Monitoring: The number of operating system handles the process has opened. | +| Process(FPolicyServerSvc)\Thread Count | For NetApp Monitoring: The set of threads that are running in the associated process. | +| Process(FPolicyServerSvc)\Private Bytes | For NetApp Monitoring: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(FPolicyServerSvc)\Working Set | For NetApp Monitoring: The associated process's physical memory usage, in bytes. | +| Process(HitachiService)\% Processor Time | For Hitachi Monitoring: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(HitachiService)\Elapsed Time | For Hitachi Monitoring: The duration from when the process was started until the time it terminated. | +| Process(HitachiService)\Handle Count | For Hitachi Monitoring: The number of operating system handles the process has opened. | +| Process(HitachiService)\Thread Count | For Hitachi Monitoring: The set of threads that are running in the associated process. | +| Process(HitachiService)\Private Bytes | For Hitachi Monitoring: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(HitachiService)\Working Set | For Hitachi Monitoring: The associated process's physical memory usage, in bytes. | +| Process(CelerraServerSvc)\% Processor Time | For Dell Monitoring: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(CelerraServerSvc)\Elapsed Time | For Dell Monitoring: The duration from when the process was started until the time it terminated. | +| Process(CelerraServerSvc)\Handle Count | For Dell Monitoring: The number of operating system handles the process has opened. | +| Process(CelerraServerSvc)\Thread Count | For Dell Monitoring: The set of threads that are running in the associated process. | +| Process(CelerraServerSvc)\Private Bytes | For Dell Monitoring: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(CelerraServerSvc)\Working Set | For Dell Monitoring: The associated process's physical memory usage, in bytes. | +| Process(FSACLoggingSvc)\% Processor Time | For Logging Service: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(FSACLoggingSvc)\Elapsed Time | For Logging Service: The duration from when the process was started until the time it terminated. | +| Process(FSACLoggingSvc)\Handle Count | For Logging Service: The number of operating system handles the process has opened. | +| Process(FSACLoggingSvc)\Thread Count | For Logging Service: The set of threads that are running in the associated process. | +| Process(FSACLoggingSvc)\Private Bytes | For Logging Service: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(FSACLoggingSvc)\Working Set | For Logging Service: The associated process's physical memory usage, in bytes. | +| Process(MonitorService)\% Processor Time | For Other, Different Device Monitoring: The percentage of elapsed time that all of process threads used the processor to execution instructions. | +| Process(MonitorService)\Elapsed Time | For Other, Different Device Monitoring: The duration from when the process was started until the time it terminated. | +| Process(MonitorService)\Handle Count | For Other, Different Device Monitoring: The number of operating system handles the process has opened. | +| Process(MonitorService)\Thread Count | For Other, Different Device Monitoring: The set of threads that are running in the associated process. | +| Process(MonitorService)\Private Bytes | For Other, Different Device Monitoring: The total amount of memory that a process has allocated, not including memory shared with other processes. | +| Process(MonitorService)\Working Set | For Other, Different Device Monitoring: The associated process's physical memory usage, in bytes. | + +## Register Performance Counters + +The Activity Monitor performance counters are not registered by default and must be registered +manually. + +Follow the steps to register the Activity Monitor performance counters on each SAM Agent server. + +**Step 1 –** Run `cmd.exe` as Administrator. + +**Step 2 –** Change current directory to the agent installation folder +(`C:\Program Files\Netwrix\Activity Monitor\Agent`). + +**cd "C:\Program Files\Netwrix\Activity Monitor\Agent"** + +**Step 3 –** Register the performance counters manifest file. + +**lodctr /M:PerfCounters.man** + +Expected output: Info: Successfully installed performance counters in +`C:\Program Files\Netwrix\Activity Monitor\Agent\PerfCounters.man` + +**Step 4 –** Restart the services: + +**sc stop SBFileMonAgentSvc** + +sc stop FPolicyServerSvc + +**sc stop CelerraServerSvc** + +sc stop SBTLoggingSvc + +**sc start SBFileMonAgentSvc** + +## Collect Performance Data + +The performance data can be observed or saved using any tool capable of collecting performance +counters. For example, Performance Monitor. + +:::note +The following script is only compatible with PowerShell 5.X and previous versions. Using +PowerShell 7.X requires Windows Performance Monitor to be configured to collect performance +counters. +::: + + +Below is a PowerShell script that collects the counters every second and stores them in +`perfcounters_SERVERNAME_TIMESTAMP.csv` files. The expected file size per day is about 50MB. + +Run the script on each agent server using the following command: + +**powershell -file AM.PerfCollect.ps1** + +To stop the script press **Ctrl+C**. + +Script (save it to AM.PerfCollect.ps1): + +```powershell +$sampleInterval = 1 + +**$maxSamples = 0** + +$outputFile = "perfcounters_$($env:COMPUTERNAME)_$(Get-Date -Format "yyyy_MM_dd_HH_mm_ss").csv" + +**$counters =** + +@( + +**"\Processor(_Total)\% Processor Time"** + +,"\Memory\Available MBytes" + +**,"\Paging File(_Total)\% Usage"** + +,"\TCPv4\Connections Reset" + +**,"\TCPv4\Segments Received/sec"** + +,"\TCPv4\Segments Retransmitted/Sec" + +**,"\TCPv6\Connections Reset"** + +,"\TCPv6\Segments Received/sec" + +**,"\TCPv6\Segments Retransmitted/Sec"** + +,"\Network Interface(*)\Bytes Received/sec" + +**,"\Network Interface(*)\Bytes Sent/sec"** + +,"\Network Interface(*)\Output Queue Length" + +**,"\Network Interface(*)\Packets Received Discarded"** + +,"\Network Interface(*)\Packets Received Errors" + +**,"\Activity Monitor - NetApp\Events Received"** + +,"\Activity Monitor - NetApp\Events Received/sec" + +**,"\Activity Monitor - NetApp\Events Reported"** + +,"\Activity Monitor - NetApp\Events Reported/sec" + +**,"\Activity Monitor - NetApp\Session Negotiated"** + +,"\Activity Monitor - NetApp\Active Connections" + +**,"\Activity Monitor - NetApp\Outage Files"** + +,"\Activity Monitor - Dell\Events Received" + +**,"\Activity Monitor - Dell\Events Received/sec"** + +,"\Activity Monitor - Dell\Events Reported" + +**,"\Activity Monitor - Dell\Events Reported/sec"** + +,"\Activity Monitor - Dell\Queue Size" + +**,"\Activity Monitor - Dell\Receive Throttling"** + +,"\Process(FPolicyServerSvc)\% Processor Time" + +**,"\Process(FPolicyServerSvc)\Elapsed Time"** + +,"\Process(FPolicyServerSvc)\Handle Count" + +**,"\Process(FPolicyServerSvc)\Thread Count"** + +,"\Process(FPolicyServerSvc)\Private Bytes" + +**,"\Process(FPolicyServerSvc)\Working Set"** + +,"\Process(FSACLoggingSvc)\% Processor Time" + +**,"\Process(FSACLoggingSvc)\Elapsed Time"** + +,"\Process(FSACLoggingSvc)\Handle Count" + +**,"\Process(FSACLoggingSvc)\Thread Count"** + +,"\Process(FSACLoggingSvc)\Private Bytes" + +**,"\Process(FSACLoggingSvc)\Working Set"** + +,"\Process(CelerraServerSvc)\% Processor Time" + +**,"\Process(CelerraServerSvc)\Elapsed Time"** + +,"\Process(CelerraServerSvc)\Handle Count" + +**,"\Process(CelerraServerSvc)\Thread Count"** + +,"\Process(CelerraServerSvc)\Private Bytes" + +**,"\Process(CelerraServerSvc)\Working Set"** + +) + +**$variables = @{** + +SampleInterval = $sampleInterval + +**Counter = $counters** + +} + +**if ($maxSamples -eq 0) {** + +$variables.Add("Continuous", 1)} + +**else {** + +$variables.Add("MaxSamples", "$maxSamples") + +**}** + +Write-Host "Collecting performance counters to $outputFile... Press Ctrl+C to stop." + +Get-Counter @variables | Export-Counter -FileFormat csv -Path $outputFile -Force +``` + +## Unregister Performance Counters + +When performance monitoring is not needed anymore, unregister the Activity Monitor performance +counters. + +Follow the steps to unregister the Activity Monitor performance counters on each SAM Agent server. + +**Step 1 –** Run `cmd.exe` as Administrator. + +**Step 2 –** Change current directory to the agent installation folder. + +**cd "C:\Program Files\Netwrix\Activity Monitor\Agent"** + +**Step 3 –** Unregister the performance counters manifest file. + +**unlodctr /M:PerfCounters.man** + +Expected output: Info: Successfully uninstalled the performance counters from the counter definition +XML file PerfCounters.man. + +**Step 4 –** Restart the services: + +**sc stop SBFileMonAgentSvc** + +sc stop FPolicyServerSvc + +**sc stop CelerraServerSvc** + +sc stop SBTLoggingSvc + +**sc start SBFileMonAgentSvc** + +Once the services have been restarted, the Activity Monitor performance counters are unregistered. diff --git a/docs/activitymonitor/9.0/troubleshooting/tracelogs.md b/docs/activitymonitor/9.0/troubleshooting/tracelogs.md new file mode 100644 index 0000000000..fe71fa1c23 --- /dev/null +++ b/docs/activitymonitor/9.0/troubleshooting/tracelogs.md @@ -0,0 +1,45 @@ +--- +title: "Trace Logs" +description: "Trace Logs" +sidebar_position: 20 +--- + +# Trace Logs + +While activity agents store activity logs on the servers where they are deployed, the Activity +Monitor creates Trace Logs that aid in troubleshooting issues. The Trace level option set in the +drop-down list in the lower right corner of the Activity Monitor Console determines the kind of +information kept in the activity agent and monitored hosts/services logs. + +![Activity Monitor with location of trace logs](/images/activitymonitor/9.0/troubleshooting/tracelogs.webp) + +The selected log level applies to all hosts added to the **Agents** list (if not specified in agent +properties). Select from the following trace log levels: + +- Trace – Records everything that happens, most verbose level of logging +- Debug – Records all debug messages, in addition to info messages +- Info – Records information on the steps that occur, in addition to warn messages, and is the + recommended setting +- Warning – Records all warnings that occur, in addition to error messages +- Error – Records all errors that occur, in addition to fatal messages +- Fatal – Records only when catastrophic system failures / crashes occur + +When the log level is changed in the Activity Monitor Console, the new log level is propagated and +applied immediately to all of the activity agents that do not have custom trace setting. + +:::note +Trace level can be adjusted in the Agent Properties for the selected agent. See the +[Archiving Tab](/docs/activitymonitor/9.0/admin/agents/properties/archiving.md) topic for additional information. +::: + + +![Collect Logs button](/images/activitymonitor/9.0/troubleshooting/collectlogsbutton.webp) + +The Activity Monitor Console has a function to copy Trace Logs from the activity agents to the +Console machine. Click the Collect Logs button to open the log collection dialog and select Start to +begin the log collection. + +![Copying the log files popup window](/images/activitymonitor/9.0/troubleshooting/collectlogswindow.webp) + +Specific agents or console can be selected. After log collection is successful the logs are +compressed into a zip file and file explorer opens with the zip file selected. diff --git a/docs/auditor/10.6/admin/healthstatus/troubleshooting.md b/docs/auditor/10.6/admin/healthstatus/troubleshooting.md index 642ed10609..6c99169be0 100644 --- a/docs/auditor/10.6/admin/healthstatus/troubleshooting.md +++ b/docs/auditor/10.6/admin/healthstatus/troubleshooting.md @@ -24,7 +24,7 @@ portal as described in the | I see a blank window instead of a report. | Contact your Auditor Global administrator to make sure that you are granted sufficient permissions on the Report Server. To view reports in a web browser - Open a web browser and type the Report Manager URL (found under Settings>**Audit Database**). In the page that opens, navigate to the report you want to generate and click the report name. You can modify the report filters and click View Report to apply them. | | I configured report subscription to be uploaded to a file server, but cannot find it / cannot access it. | Subscriptions can be uploaded either to a file share (e.g., _\\filestorage\reports_) or to a folder on the computer where Auditor Server is installed. To access these reports, you must be granted the Read permission. | | When trying to collect event data from Active Directory domain, an error message like this appears in Netwrix Health Log: _Monitoring Plan: `` The following error has occurred while processing '``': Error collecting the security log of the domain ``. Failed to process the domain controller `` due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it_. | This may happen due to Secondary Logon Service disabled state. To collect event data from the domain, this service must be up and running. Open its properties and start the service. | -| The 'Workstation' field in search, reports, and Activity Summary is reported as 'unknown' | For the full list of possible reasons, please refer to the following Netwrix Knowledge Base article: [Why is the "Workstation" field reported as "unknown"?](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9VdCAK.html) | +| The 'Workstation' field in search, reports, and Activity Summary is reported as 'unknown' | For the full list of possible reasons, please refer to the following Netwrix Knowledge Base article: [Why is the "Workstation" field reported as "unknown"?](/docs/kb/auditor/workstation-field-reported-as-unknown) | ## Creating a ticket with Customer portal diff --git a/docs/auditor/10.6/admin/monitoringplans/sharepoint/overview.md b/docs/auditor/10.6/admin/monitoringplans/sharepoint/overview.md index 13ad70b329..a8faa3dbb4 100644 --- a/docs/auditor/10.6/admin/monitoringplans/sharepoint/overview.md +++ b/docs/auditor/10.6/admin/monitoringplans/sharepoint/overview.md @@ -37,7 +37,7 @@ topic for additional information. | Problem | Description | KB article | | ------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| The "Timeout Expired" error appears during the agent's deployment. | The agent failed to be deployed due to one of the following reasons: - One or several servers are unreachable - The SPAdminV4 service is not started on any of the servers. - The servers within the farm are located in different time zones. - Your SharePoint farm exceeds the recommended capacity limits. Increase DeployTimeout value in _%ProgramData%\Netwrix\NetwrixAuditor for SharePoint\ Configuration\ ``\ Commonsettings.config_ and restart the agent service. | Refer to the [Timeout Expired Error on SharePoint Core Service Deployment](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9YfCAK.html) Knowledge Base article for the solution. | +| The "Timeout Expired" error appears during the agent's deployment. | The agent failed to be deployed due to one of the following reasons: - One or several servers are unreachable - The SPAdminV4 service is not started on any of the servers. - The servers within the farm are located in different time zones. - Your SharePoint farm exceeds the recommended capacity limits. Increase DeployTimeout value in _%ProgramData%\Netwrix\NetwrixAuditor for SharePoint\ Configuration\ ``\ Commonsettings.config_ and restart the agent service. | Refer to the [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment) Knowledge Base article for the solution. | ## SharePoint Farm diff --git a/docs/auditor/10.6/admin/settings/longtermarchive.md b/docs/auditor/10.6/admin/settings/longtermarchive.md index 8a59ffc445..f5841a8b24 100644 --- a/docs/auditor/10.6/admin/settings/longtermarchive.md +++ b/docs/auditor/10.6/admin/settings/longtermarchive.md @@ -17,7 +17,7 @@ Review the following for additional information: | Option | Description | | ------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Long-Term Archive settings | | -| Write audit data to | Specify the path to a local or shared folder where your audit data will be stored. By default, it is set to _"C:\ProgramData\Netwrix Auditor\Data"_. By default, the LocalSystem account is used to write data to the local-based Long-Term Archive and computer account is used for the file share-based storage. Subscriptions created in the Auditor client are uploaded to file servers under the Long-Term Archive service account as well. It is not recommended to store your Long-Term Archive on a system disk. If you want to move the Long-Term Archive to another location, refer to the following Netwrix Knowledge base article: [How to move Long-Term Archive to a new location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SSCA0.html). | +| Write audit data to | Specify the path to a local or shared folder where your audit data will be stored. By default, it is set to _"C:\ProgramData\Netwrix Auditor\Data"_. By default, the LocalSystem account is used to write data to the local-based Long-Term Archive and computer account is used for the file share-based storage. Subscriptions created in the Auditor client are uploaded to file servers under the Long-Term Archive service account as well. It is not recommended to store your Long-Term Archive on a system disk. If you want to move the Long-Term Archive to another location, refer to the following Netwrix Knowledge base article: [How to move Long-Term Archive to a new location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). | | Keep audit data for (in months) | Specify how long data will be stored. By default, it is set to 120 months. | | Use custom credentials (for the file share-based Long-Term Archive only) | Select the checkbox and provide user name and password for the Long-Term Archive service account. You can specify a custom account only for the Long-Term Archive stored on a file share. The custom Long-Term Archive service account can be granted the following rights and permissions: - Advanced permissions on the folder where the Long-term Archive is stored: - List folder / read data - Read attributes - Read extended attributes - Create files / write data - Create folders / append data - Write attributes - Write extended attributes - Delete subfolders and files - Read permissions - On the file shares where report subscriptions are saved: - Change share permission - Create files / write data folder permission Subscriptions created in the Auditor client  are uploaded to file servers under the Long-Term Archive service account as well. See the [Subscriptions](/docs/auditor/10.6/admin/subscriptions/overview.md) topic for additional information. | diff --git a/docs/auditor/10.6/configuration/activedirectory/overview.md b/docs/auditor/10.6/configuration/activedirectory/overview.md index 2174fc5459..c35f0086d6 100644 --- a/docs/auditor/10.6/configuration/activedirectory/overview.md +++ b/docs/auditor/10.6/configuration/activedirectory/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/activedirectory/securitylog.md b/docs/auditor/10.6/configuration/activedirectory/securitylog.md index a69fb9fe82..750e18361e 100644 --- a/docs/auditor/10.6/configuration/activedirectory/securitylog.md +++ b/docs/auditor/10.6/configuration/activedirectory/securitylog.md @@ -43,5 +43,5 @@ If "Overwrite" option is not enough to meet your data retention requirements, yo _auto-archiving_ option for Security event log to preserve historical event data in the archive files. With that option enabled, you may want to adjust the retention settings for log archives (backups). Related procedures are described in the -[Auto-archiving Windows Security log](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000Pcx6CAC.html) +[Auto-archiving Windows Security log](/docs/kb/auditor/auto-archiving-windows-security-log) Netwrix Knowledge Base article. diff --git a/docs/auditor/10.6/configuration/activedirectoryfederatedservices/overview.md b/docs/auditor/10.6/configuration/activedirectoryfederatedservices/overview.md index 703d1476f0..6b0d7b7eb6 100644 --- a/docs/auditor/10.6/configuration/activedirectoryfederatedservices/overview.md +++ b/docs/auditor/10.6/configuration/activedirectoryfederatedservices/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. Active Directory Federation Services (AD FS) server role can be assigned: diff --git a/docs/auditor/10.6/configuration/exchange/overview.md b/docs/auditor/10.6/configuration/exchange/overview.md index 6e0d59f397..15858834de 100644 --- a/docs/auditor/10.6/configuration/exchange/overview.md +++ b/docs/auditor/10.6/configuration/exchange/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/delldatastorage/overview.md b/docs/auditor/10.6/configuration/fileservers/delldatastorage/overview.md index 200816a6e8..2a55ca8f16 100644 --- a/docs/auditor/10.6/configuration/fileservers/delldatastorage/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/delldatastorage/overview.md @@ -17,7 +17,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/dellisilon/overview.md b/docs/auditor/10.6/configuration/fileservers/dellisilon/overview.md index a3cfe7af68..2331eb6df0 100644 --- a/docs/auditor/10.6/configuration/fileservers/dellisilon/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/dellisilon/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/netappcmode/overview.md b/docs/auditor/10.6/configuration/fileservers/netappcmode/overview.md index 95fa000695..55cf856083 100644 --- a/docs/auditor/10.6/configuration/fileservers/netappcmode/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/netappcmode/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/nutanix/overview.md b/docs/auditor/10.6/configuration/fileservers/nutanix/overview.md index 82c29bab9c..ee123e7bc9 100644 --- a/docs/auditor/10.6/configuration/fileservers/nutanix/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/nutanix/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/overview.md b/docs/auditor/10.6/configuration/fileservers/overview.md index 61796b83e4..79fddb54af 100644 --- a/docs/auditor/10.6/configuration/fileservers/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/overview.md @@ -12,7 +12,7 @@ information on these activities. **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Supported File Servers and Devices diff --git a/docs/auditor/10.6/configuration/fileservers/qumulo/overview.md b/docs/auditor/10.6/configuration/fileservers/qumulo/overview.md index b8bac1396a..eefbfd89f0 100644 --- a/docs/auditor/10.6/configuration/fileservers/qumulo/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/qumulo/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/synology/overview.md b/docs/auditor/10.6/configuration/fileservers/synology/overview.md index 0bf9f0abb7..4f899c276c 100644 --- a/docs/auditor/10.6/configuration/fileservers/synology/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/synology/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/fileservers/windows/overview.md b/docs/auditor/10.6/configuration/fileservers/windows/overview.md index 4ace4c286c..beadd78421 100644 --- a/docs/auditor/10.6/configuration/fileservers/windows/overview.md +++ b/docs/auditor/10.6/configuration/fileservers/windows/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Configuration Overview @@ -265,7 +265,7 @@ folder is placed within a share targeted by a DFS folder. For recommendations on configuring DFS replication, refer to the following Netwrix knowledge base article: -[Why did loss of performance occur when configuring audit settings for Windows File Servers?](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SyCAK.html). +[Why did loss of performance occur when configuring audit settings for Windows File Servers?](/docs/kb/auditor/auditing-distributed-file-systems-with-replication-in-netwrix-auditor). Remember that replication of namespace roots is not supported. ## File Servers and Antivirus diff --git a/docs/auditor/10.6/configuration/grouppolicy/overview.md b/docs/auditor/10.6/configuration/grouppolicy/overview.md index e1e1d0c575..b1a725ab34 100644 --- a/docs/auditor/10.6/configuration/grouppolicy/overview.md +++ b/docs/auditor/10.6/configuration/grouppolicy/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/logonactivity/overview.md b/docs/auditor/10.6/configuration/logonactivity/overview.md index 19b2efb8db..ec921eb324 100644 --- a/docs/auditor/10.6/configuration/logonactivity/overview.md +++ b/docs/auditor/10.6/configuration/logonactivity/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/logonactivity/securityeventlog.md b/docs/auditor/10.6/configuration/logonactivity/securityeventlog.md index ed563a651d..bc663ec0d9 100644 --- a/docs/auditor/10.6/configuration/logonactivity/securityeventlog.md +++ b/docs/auditor/10.6/configuration/logonactivity/securityeventlog.md @@ -33,4 +33,4 @@ needed**. **NOTE:** After configuring security event settings via Group Policy, you may notice that the log size on a specific computer is not set correctly. In this case, follow the resolution steps from the Netwrix Knowledge base article to fix the issue: -[Security log settings do not apply via GPO](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000HDk6CAG.html). +[Security log settings do not apply via GPO](/docs/kb/auditor/security-log-settings-do-not-apply-via-gpo). diff --git a/docs/auditor/10.6/configuration/microsoft365/exchangeonline/overview.md b/docs/auditor/10.6/configuration/microsoft365/exchangeonline/overview.md index 097577427f..c545456323 100644 --- a/docs/auditor/10.6/configuration/microsoft365/exchangeonline/overview.md +++ b/docs/auditor/10.6/configuration/microsoft365/exchangeonline/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/microsoft365/microsoftentraid/overview.md b/docs/auditor/10.6/configuration/microsoft365/microsoftentraid/overview.md index 7bcd58d2ba..74f6d2664d 100644 --- a/docs/auditor/10.6/configuration/microsoft365/microsoftentraid/overview.md +++ b/docs/auditor/10.6/configuration/microsoft365/microsoftentraid/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/microsoft365/sharepointonline/overview.md b/docs/auditor/10.6/configuration/microsoft365/sharepointonline/overview.md index 3e13c01598..a605dc0e59 100644 --- a/docs/auditor/10.6/configuration/microsoft365/sharepointonline/overview.md +++ b/docs/auditor/10.6/configuration/microsoft365/sharepointonline/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in the following way: diff --git a/docs/auditor/10.6/configuration/microsoft365/teams/overview.md b/docs/auditor/10.6/configuration/microsoft365/teams/overview.md index 1cee8d2ed8..86b8414741 100644 --- a/docs/auditor/10.6/configuration/microsoft365/teams/overview.md +++ b/docs/auditor/10.6/configuration/microsoft365/teams/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/networkdevices/ciscoasa.md b/docs/auditor/10.6/configuration/networkdevices/ciscoasa.md index de6d4260b5..c7995f7b56 100644 --- a/docs/auditor/10.6/configuration/networkdevices/ciscoasa.md +++ b/docs/auditor/10.6/configuration/networkdevices/ciscoasa.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/networkdevices/ciscoios.md b/docs/auditor/10.6/configuration/networkdevices/ciscoios.md index 3c5b6ae89d..1d19a7d8cd 100644 --- a/docs/auditor/10.6/configuration/networkdevices/ciscoios.md +++ b/docs/auditor/10.6/configuration/networkdevices/ciscoios.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/networkdevices/fortinetfortigate.md b/docs/auditor/10.6/configuration/networkdevices/fortinetfortigate.md index 20777f502e..5925de0e08 100644 --- a/docs/auditor/10.6/configuration/networkdevices/fortinetfortigate.md +++ b/docs/auditor/10.6/configuration/networkdevices/fortinetfortigate.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/networkdevices/juniper.md b/docs/auditor/10.6/configuration/networkdevices/juniper.md index 013591b54d..d766352fd1 100644 --- a/docs/auditor/10.6/configuration/networkdevices/juniper.md +++ b/docs/auditor/10.6/configuration/networkdevices/juniper.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/networkdevices/overview.md b/docs/auditor/10.6/configuration/networkdevices/overview.md index fd2f4b094d..f0ef409480 100644 --- a/docs/auditor/10.6/configuration/networkdevices/overview.md +++ b/docs/auditor/10.6/configuration/networkdevices/overview.md @@ -22,5 +22,5 @@ device: **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. diff --git a/docs/auditor/10.6/configuration/networkdevices/paloalto.md b/docs/auditor/10.6/configuration/networkdevices/paloalto.md index 7f59360dfd..7c8d0052d6 100644 --- a/docs/auditor/10.6/configuration/networkdevices/paloalto.md +++ b/docs/auditor/10.6/configuration/networkdevices/paloalto.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/networkdevices/sonicwall.md b/docs/auditor/10.6/configuration/networkdevices/sonicwall.md index 4f76f297e6..923de0e4bb 100644 --- a/docs/auditor/10.6/configuration/networkdevices/sonicwall.md +++ b/docs/auditor/10.6/configuration/networkdevices/sonicwall.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/oracle/overview.md b/docs/auditor/10.6/configuration/oracle/overview.md index d03f71d959..4c30703acb 100644 --- a/docs/auditor/10.6/configuration/oracle/overview.md +++ b/docs/auditor/10.6/configuration/oracle/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: @@ -48,7 +48,7 @@ different auditing types: **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Considerations for Oracle Database 11g diff --git a/docs/auditor/10.6/configuration/sharepoint/overview.md b/docs/auditor/10.6/configuration/sharepoint/overview.md index 2ddce449d7..f96777c0b5 100644 --- a/docs/auditor/10.6/configuration/sharepoint/overview.md +++ b/docs/auditor/10.6/configuration/sharepoint/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/configuration/sqlserver/configuringtracelogging.md b/docs/auditor/10.6/configuration/sqlserver/configuringtracelogging.md index 151d61d5eb..3d239d7a0c 100644 --- a/docs/auditor/10.6/configuration/sqlserver/configuringtracelogging.md +++ b/docs/auditor/10.6/configuration/sqlserver/configuringtracelogging.md @@ -14,7 +14,7 @@ and enable it if necessary. To read more, refer to **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. In some cases, however, you may need to disable trace logging on your SQL Server instance. For that, diff --git a/docs/auditor/10.6/configuration/sqlserver/overview.md b/docs/auditor/10.6/configuration/sqlserver/overview.md index 5e86bdb4d9..15da2f387b 100644 --- a/docs/auditor/10.6/configuration/sqlserver/overview.md +++ b/docs/auditor/10.6/configuration/sqlserver/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. The IT Infrastructure for monitoring is configured automatically. Your current audit settings will diff --git a/docs/auditor/10.6/configuration/useractivity/overview.md b/docs/auditor/10.6/configuration/useractivity/overview.md index 0a8b3d7e15..331f05fd5a 100644 --- a/docs/auditor/10.6/configuration/useractivity/overview.md +++ b/docs/auditor/10.6/configuration/useractivity/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can use group Managed Service Accounts (gMSA) as data collecting accounts. diff --git a/docs/auditor/10.6/configuration/vmware/overview.md b/docs/auditor/10.6/configuration/vmware/overview.md index 30cb79f98c..d7e1c60d25 100644 --- a/docs/auditor/10.6/configuration/vmware/overview.md +++ b/docs/auditor/10.6/configuration/vmware/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring automatically through a monitoring plan. No diff --git a/docs/auditor/10.6/configuration/windowsserver/overview.md b/docs/auditor/10.6/configuration/windowsserver/overview.md index d24e9e9302..b0cde07a81 100644 --- a/docs/auditor/10.6/configuration/windowsserver/overview.md +++ b/docs/auditor/10.6/configuration/windowsserver/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.6/install/upgrade.md b/docs/auditor/10.6/install/upgrade.md index 35678f0aed..413e3ca178 100644 --- a/docs/auditor/10.6/install/upgrade.md +++ b/docs/auditor/10.6/install/upgrade.md @@ -13,7 +13,7 @@ Seamless upgrade to Netwrix Auditor 10.6 is supported for versions 10.5 and 10.0 If you use an earlier version of Netwrix Auditor, then you need to upgrade sequentially right to version 10.5. Review the following Netwrix knowledge base article for more information: -[Upgrade Increments for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9eJCAS.html). +[Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor). ## Before Starting the Upgrade diff --git a/docs/auditor/10.6/requirements/longtermarchive.md b/docs/auditor/10.6/requirements/longtermarchive.md index 6c99192355..d5d9a8415f 100644 --- a/docs/auditor/10.6/requirements/longtermarchive.md +++ b/docs/auditor/10.6/requirements/longtermarchive.md @@ -37,7 +37,7 @@ viewing the Long-Term Archive widget of the Health Status dashboard, click Open **Step 5 –** To move data from the old repository to the new location, take the steps described in the following Netwrix knowledge base article: -[How to Move Long-Term Archive to a New Location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SSCA0.html). +[How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). Auditor client will start writing data to the new location right after you complete data moving procedure. diff --git a/docs/auditor/10.6/requirements/overview.md b/docs/auditor/10.6/requirements/overview.md index d796e47fa2..3f304db494 100644 --- a/docs/auditor/10.6/requirements/overview.md +++ b/docs/auditor/10.6/requirements/overview.md @@ -45,7 +45,7 @@ product architecture and components interactions are shown in the figure below. **NOTE:** When auditing Active Directory domains, Exchange servers, expired passwords, and inactive users, the data sent by the product can be encrypted using Signing and Sealing. See the following Netwrix knowledge base article for additional information on how to secure Netwrix Auditor: -[Best Practices for Securing Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SPCA0.html). +[Best Practices for Securing Netwrix Auditor](/docs/kb/auditor/best-practices-for-securing-netwrix-auditor). ### Workflow Stages diff --git a/docs/auditor/10.6/requirements/software.md b/docs/auditor/10.6/requirements/software.md index 7e89f0c58f..5dc517e9ac 100644 --- a/docs/auditor/10.6/requirements/software.md +++ b/docs/auditor/10.6/requirements/software.md @@ -60,7 +60,7 @@ Printing To print SSRS-based reports, SSRS Report Viewer and Auditor Client require ActiveX Control to be installed and enabled on the local machine. See the -[Impossible to Export a Report ](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000HDfkCAG.html) +[Impossible to Export a Report ](/docs/kb/auditor/impossible-to-export-a-report) Netwrix knowledge base article for additional information. You can, for example, open any SSRS-based report using your default web browser and click **Print**. diff --git a/docs/auditor/10.6/requirements/sqlserver.md b/docs/auditor/10.6/requirements/sqlserver.md index f1c53aeff3..e7e123a717 100644 --- a/docs/auditor/10.6/requirements/sqlserver.md +++ b/docs/auditor/10.6/requirements/sqlserver.md @@ -301,5 +301,5 @@ to **SQL Server Logins**, expand the **Security** > **Logins** node, right-click **Properties** from the pop-up menu, and edit its roles. If you need to migrate the Audit Database, see the -[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000Pbd8CAC.html) +[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance) knowledge base article. diff --git a/docs/auditor/10.6/requirements/workingfolder.md b/docs/auditor/10.6/requirements/workingfolder.md index d69c2c240a..bfeaf4cb7b 100644 --- a/docs/auditor/10.6/requirements/workingfolder.md +++ b/docs/auditor/10.6/requirements/workingfolder.md @@ -19,5 +19,5 @@ capacity, you can use the Working Folder widget of the Health Status dashboard. If you want to change the working folder default location, run the specially designed utility. See the -[How to Migrate Netwrix Auditor Working Folder to a New Location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000PcOLCA0.html) +[How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location) Knowledge Base article for additional information. diff --git a/docs/auditor/10.6/tools/eventlogmanager/eventlogmanager.md b/docs/auditor/10.6/tools/eventlogmanager/eventlogmanager.md index 49c417a69a..d475b6a27a 100644 --- a/docs/auditor/10.6/tools/eventlogmanager/eventlogmanager.md +++ b/docs/auditor/10.6/tools/eventlogmanager/eventlogmanager.md @@ -18,7 +18,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/admin/healthstatus/troubleshooting.md b/docs/auditor/10.7/admin/healthstatus/troubleshooting.md index 71902a7bb0..a908010662 100644 --- a/docs/auditor/10.7/admin/healthstatus/troubleshooting.md +++ b/docs/auditor/10.7/admin/healthstatus/troubleshooting.md @@ -23,7 +23,7 @@ portal as described in the Creating a ticket with Customer portal section. | I see a blank window instead of a report. | Contact your Auditor Global administrator to make sure that you are granted sufficient permissions on the Report Server. To view reports in a web browser - Open a web browser and type the Report Manager URL (found under Settings>**Audit Database**). In the page that opens, navigate to the report you want to generate and click the report name. You can modify the report filters and click View Report to apply them. | | I configured report subscription to be uploaded to a file server, but cannot find it / cannot access it. | Subscriptions can be uploaded either to a file share (e.g., _\\filestorage\reports_) or to a folder on the computer where Auditor Server is installed. To access these reports, you must be granted the Read permission. | | When trying to collect event data from Active Directory domain, an error message like this appears in Netwrix Health Log: _Monitoring Plan: `` The following error has occurred while processing '``': Error collecting the security log of the domain ``. Failed to process the domain controller `` due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it_. | This may happen due to Secondary Logon Service disabled state. To collect event data from the domain, this service must be up and running. Open its properties and start the service. | -| The 'Workstation' field in search, reports, and Activity Summary is reported as 'unknown' | For the full list of possible reasons, please refer to the following Netwrix Knowledge Base article: [Why is the "Workstation" field reported as "unknown"?](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9VdCAK.html) | +| The 'Workstation' field in search, reports, and Activity Summary is reported as 'unknown' | For the full list of possible reasons, please refer to the following Netwrix Knowledge Base article: [Why is the "Workstation" field reported as "unknown"?](/docs/kb/auditor/workstation-field-reported-as-unknown) | ## Creating a ticket with Customer portal diff --git a/docs/auditor/10.7/admin/monitoringplans/sharepoint/overview.md b/docs/auditor/10.7/admin/monitoringplans/sharepoint/overview.md index 4be2b8e957..639d740e11 100644 --- a/docs/auditor/10.7/admin/monitoringplans/sharepoint/overview.md +++ b/docs/auditor/10.7/admin/monitoringplans/sharepoint/overview.md @@ -37,7 +37,7 @@ information. | Problem | Description | KB article | | ------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| The "Timeout Expired" error appears during the agent's deployment. | The agent failed to be deployed due to one of the following reasons: - One or several servers are unreachable - The SPAdminV4 service is not started on any of the servers. - The servers within the farm are located in different time zones. - Your SharePoint farm exceeds the recommended capacity limits. Increase DeployTimeout value in _%ProgramData%\Netwrix\NetwrixAuditor for SharePoint\ Configuration\ ``\ Commonsettings.config_ and restart the agent service. | Refer to the [Timeout Expired Error on SharePoint Core Service Deployment](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9YfCAK.html) Knowledge Base article for the solution. | +| The "Timeout Expired" error appears during the agent's deployment. | The agent failed to be deployed due to one of the following reasons: - One or several servers are unreachable - The SPAdminV4 service is not started on any of the servers. - The servers within the farm are located in different time zones. - Your SharePoint farm exceeds the recommended capacity limits. Increase DeployTimeout value in _%ProgramData%\Netwrix\NetwrixAuditor for SharePoint\ Configuration\ ``\ Commonsettings.config_ and restart the agent service. | Refer to the [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment) Knowledge Base article for the solution. | ## SharePoint Farm diff --git a/docs/auditor/10.7/admin/settings/longtermarchive.md b/docs/auditor/10.7/admin/settings/longtermarchive.md index fb3195f5cf..16de2f1bb6 100644 --- a/docs/auditor/10.7/admin/settings/longtermarchive.md +++ b/docs/auditor/10.7/admin/settings/longtermarchive.md @@ -17,7 +17,7 @@ Review the following for additional information: | Option | Description | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Long-Term Archive settings | | -| Write audit data to | Specify the path to a local or shared folder where your audit data will be stored. By default, it is set to _"C:\ProgramData\Netwrix Auditor\Data"_. By default, the LocalSystem account is used to write data to the local-based Long-Term Archive and computer account is used for the file share-based storage. Subscriptions created in the Auditor client are uploaded to file servers under the Long-Term Archive service account as well. It is not recommended to store your Long-Term Archive on a system disk. If you want to move the Long-Term Archive to another location, refer to the following Netwrix Knowledge base article: [How to move Long-Term Archive to a new location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SSCA0.html). | +| Write audit data to | Specify the path to a local or shared folder where your audit data will be stored. By default, it is set to _"C:\ProgramData\Netwrix Auditor\Data"_. By default, the LocalSystem account is used to write data to the local-based Long-Term Archive and computer account is used for the file share-based storage. Subscriptions created in the Auditor client are uploaded to file servers under the Long-Term Archive service account as well. It is not recommended to store your Long-Term Archive on a system disk. If you want to move the Long-Term Archive to another location, refer to the following Netwrix Knowledge base article: [How to move Long-Term Archive to a new location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). | | Keep audit data for (in months) | Specify how long data will be stored. By default, it is set to 120 months. | | Use custom credentials (for the file share-based Long-Term Archive only) | Select the checkbox and provide user name and password for the Long-Term Archive service account. You can specify a custom account only for the Long-Term Archive stored on a file share. The custom Long-Term Archive service account can be granted the following rights and permissions: - Advanced permissions on the folder where the Long-term Archive is stored: - List folder / read data - Read attributes - Read extended attributes - Create files / write data - Create folders / append data - Write attributes - Write extended attributes - Delete subfolders and files - Read permissions - On the file shares where report subscriptions are saved: - Change share permission - Create files / write data folder permission Subscriptions created in the Auditor client  are uploaded to file servers under the Long-Term Archive service account as well. See the [Subscriptions](/docs/auditor/10.7/admin/subscriptions/overview.md) topic for additional information. | diff --git a/docs/auditor/10.7/configuration/activedirectory/overview.md b/docs/auditor/10.7/configuration/activedirectory/overview.md index 735bd648a9..585600a270 100644 --- a/docs/auditor/10.7/configuration/activedirectory/overview.md +++ b/docs/auditor/10.7/configuration/activedirectory/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/activedirectory/securitylog.md b/docs/auditor/10.7/configuration/activedirectory/securitylog.md index e3a2a07e74..c7e940490b 100644 --- a/docs/auditor/10.7/configuration/activedirectory/securitylog.md +++ b/docs/auditor/10.7/configuration/activedirectory/securitylog.md @@ -43,5 +43,5 @@ If "Overwrite" option is not enough to meet your data retention requirements, yo _auto-archiving_ option for Security event log to preserve historical event data in the archive files. With that option enabled, you may want to adjust the retention settings for log archives (backups). Related procedures are described in the -[Auto-archiving Windows Security log](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000Pcx6CAC.html) +[Auto-archiving Windows Security log](/docs/kb/auditor/auto-archiving-windows-security-log) Netwrix Knowledge Base article. diff --git a/docs/auditor/10.7/configuration/activedirectoryfederatedservices/overview.md b/docs/auditor/10.7/configuration/activedirectoryfederatedservices/overview.md index f24568d07f..5a6ecad03c 100644 --- a/docs/auditor/10.7/configuration/activedirectoryfederatedservices/overview.md +++ b/docs/auditor/10.7/configuration/activedirectoryfederatedservices/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. Active Directory Federation Services (AD FS) server role can be assigned: diff --git a/docs/auditor/10.7/configuration/exchange/overview.md b/docs/auditor/10.7/configuration/exchange/overview.md index 5954a3cf96..105bcc5834 100644 --- a/docs/auditor/10.7/configuration/exchange/overview.md +++ b/docs/auditor/10.7/configuration/exchange/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/delldatastorage/overview.md b/docs/auditor/10.7/configuration/fileservers/delldatastorage/overview.md index 73daa0fc45..abe2d7e301 100644 --- a/docs/auditor/10.7/configuration/fileservers/delldatastorage/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/delldatastorage/overview.md @@ -17,7 +17,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/dellisilon/overview.md b/docs/auditor/10.7/configuration/fileservers/dellisilon/overview.md index ed214a1d85..9079777e34 100644 --- a/docs/auditor/10.7/configuration/fileservers/dellisilon/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/dellisilon/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/netappcmode/overview.md b/docs/auditor/10.7/configuration/fileservers/netappcmode/overview.md index 881b6d9ebc..e1a4b6e9a5 100644 --- a/docs/auditor/10.7/configuration/fileservers/netappcmode/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/netappcmode/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/nutanix/overview.md b/docs/auditor/10.7/configuration/fileservers/nutanix/overview.md index bb21fcc81d..4312bcc7aa 100644 --- a/docs/auditor/10.7/configuration/fileservers/nutanix/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/nutanix/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/overview.md b/docs/auditor/10.7/configuration/fileservers/overview.md index bf10d71874..8ac5855190 100644 --- a/docs/auditor/10.7/configuration/fileservers/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/overview.md @@ -12,7 +12,7 @@ information on these activities. **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Supported File Servers and Devices diff --git a/docs/auditor/10.7/configuration/fileservers/qumulo/overview.md b/docs/auditor/10.7/configuration/fileservers/qumulo/overview.md index f1dd3365bd..4f5e38621f 100644 --- a/docs/auditor/10.7/configuration/fileservers/qumulo/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/qumulo/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/synology/overview.md b/docs/auditor/10.7/configuration/fileservers/synology/overview.md index a154aa9a22..a7fbc6c9d8 100644 --- a/docs/auditor/10.7/configuration/fileservers/synology/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/synology/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/fileservers/windows/overview.md b/docs/auditor/10.7/configuration/fileservers/windows/overview.md index 0cb31e5957..55f4b95978 100644 --- a/docs/auditor/10.7/configuration/fileservers/windows/overview.md +++ b/docs/auditor/10.7/configuration/fileservers/windows/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Configuration Overview @@ -236,7 +236,7 @@ folder is placed within a share targeted by a DFS folder. For recommendations on configuring DFS replication, refer to the following Netwrix knowledge base article: -[Why did loss of performance occur when configuring audit settings for Windows File Servers?](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SyCAK.html). +[Why did loss of performance occur when configuring audit settings for Windows File Servers?](/docs/kb/auditor/auditing-distributed-file-systems-with-replication-in-netwrix-auditor). Remember that replication of namespace roots is not supported. ## File Servers and Antivirus diff --git a/docs/auditor/10.7/configuration/grouppolicy/overview.md b/docs/auditor/10.7/configuration/grouppolicy/overview.md index e34c0f7836..c131f9bfa8 100644 --- a/docs/auditor/10.7/configuration/grouppolicy/overview.md +++ b/docs/auditor/10.7/configuration/grouppolicy/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/logonactivity/overview.md b/docs/auditor/10.7/configuration/logonactivity/overview.md index 3b09b1be4d..fb80c48e19 100644 --- a/docs/auditor/10.7/configuration/logonactivity/overview.md +++ b/docs/auditor/10.7/configuration/logonactivity/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/logonactivity/securityeventlog.md b/docs/auditor/10.7/configuration/logonactivity/securityeventlog.md index 37a52fb8ca..6b4e6dd3be 100644 --- a/docs/auditor/10.7/configuration/logonactivity/securityeventlog.md +++ b/docs/auditor/10.7/configuration/logonactivity/securityeventlog.md @@ -33,4 +33,4 @@ needed**. **NOTE:** After configuring security event settings via Group Policy, you may notice that the log size on a specific computer is not set correctly. In this case, follow the resolution steps from the Netwrix Knowledge base article to fix the issue: -[Security log settings do not apply via GPO](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000HDk6CAG.html). +[Security log settings do not apply via GPO](/docs/kb/auditor/security-log-settings-do-not-apply-via-gpo). diff --git a/docs/auditor/10.7/configuration/microsoft365/exchangeonline/overview.md b/docs/auditor/10.7/configuration/microsoft365/exchangeonline/overview.md index 42d89c2abf..bcb45093c2 100644 --- a/docs/auditor/10.7/configuration/microsoft365/exchangeonline/overview.md +++ b/docs/auditor/10.7/configuration/microsoft365/exchangeonline/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/microsoft365/microsoftentraid/overview.md b/docs/auditor/10.7/configuration/microsoft365/microsoftentraid/overview.md index 01f831b614..0561e7125f 100644 --- a/docs/auditor/10.7/configuration/microsoft365/microsoftentraid/overview.md +++ b/docs/auditor/10.7/configuration/microsoft365/microsoftentraid/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/microsoft365/sharepointonline/overview.md b/docs/auditor/10.7/configuration/microsoft365/sharepointonline/overview.md index 857d0de0fb..2329d29119 100644 --- a/docs/auditor/10.7/configuration/microsoft365/sharepointonline/overview.md +++ b/docs/auditor/10.7/configuration/microsoft365/sharepointonline/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in the following way: diff --git a/docs/auditor/10.7/configuration/microsoft365/teams/overview.md b/docs/auditor/10.7/configuration/microsoft365/teams/overview.md index 5ec82d3239..462fd00931 100644 --- a/docs/auditor/10.7/configuration/microsoft365/teams/overview.md +++ b/docs/auditor/10.7/configuration/microsoft365/teams/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/networkdevices/ciscoasa.md b/docs/auditor/10.7/configuration/networkdevices/ciscoasa.md index de6d4260b5..c7995f7b56 100644 --- a/docs/auditor/10.7/configuration/networkdevices/ciscoasa.md +++ b/docs/auditor/10.7/configuration/networkdevices/ciscoasa.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/networkdevices/ciscoios.md b/docs/auditor/10.7/configuration/networkdevices/ciscoios.md index 3c5b6ae89d..1d19a7d8cd 100644 --- a/docs/auditor/10.7/configuration/networkdevices/ciscoios.md +++ b/docs/auditor/10.7/configuration/networkdevices/ciscoios.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/networkdevices/fortinetfortigate.md b/docs/auditor/10.7/configuration/networkdevices/fortinetfortigate.md index 20777f502e..5925de0e08 100644 --- a/docs/auditor/10.7/configuration/networkdevices/fortinetfortigate.md +++ b/docs/auditor/10.7/configuration/networkdevices/fortinetfortigate.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/networkdevices/juniper.md b/docs/auditor/10.7/configuration/networkdevices/juniper.md index 5ce6e7a4f1..d341e8b49f 100644 --- a/docs/auditor/10.7/configuration/networkdevices/juniper.md +++ b/docs/auditor/10.7/configuration/networkdevices/juniper.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/networkdevices/overview.md b/docs/auditor/10.7/configuration/networkdevices/overview.md index 71b2f52e11..2b673837aa 100644 --- a/docs/auditor/10.7/configuration/networkdevices/overview.md +++ b/docs/auditor/10.7/configuration/networkdevices/overview.md @@ -22,5 +22,5 @@ device: **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. diff --git a/docs/auditor/10.7/configuration/networkdevices/paloalto.md b/docs/auditor/10.7/configuration/networkdevices/paloalto.md index 7f59360dfd..7c8d0052d6 100644 --- a/docs/auditor/10.7/configuration/networkdevices/paloalto.md +++ b/docs/auditor/10.7/configuration/networkdevices/paloalto.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/networkdevices/sonicwall.md b/docs/auditor/10.7/configuration/networkdevices/sonicwall.md index 4f76f297e6..923de0e4bb 100644 --- a/docs/auditor/10.7/configuration/networkdevices/sonicwall.md +++ b/docs/auditor/10.7/configuration/networkdevices/sonicwall.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/oracle/overview.md b/docs/auditor/10.7/configuration/oracle/overview.md index dc15001c94..a4ea1b964c 100644 --- a/docs/auditor/10.7/configuration/oracle/overview.md +++ b/docs/auditor/10.7/configuration/oracle/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: @@ -46,7 +46,7 @@ different auditing types: **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Considerations for Oracle Database 11g diff --git a/docs/auditor/10.7/configuration/sharepoint/overview.md b/docs/auditor/10.7/configuration/sharepoint/overview.md index 0faf768ce0..06c527dce1 100644 --- a/docs/auditor/10.7/configuration/sharepoint/overview.md +++ b/docs/auditor/10.7/configuration/sharepoint/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/configuration/sqlserver/configuringtracelogging.md b/docs/auditor/10.7/configuration/sqlserver/configuringtracelogging.md index 151d61d5eb..3d239d7a0c 100644 --- a/docs/auditor/10.7/configuration/sqlserver/configuringtracelogging.md +++ b/docs/auditor/10.7/configuration/sqlserver/configuringtracelogging.md @@ -14,7 +14,7 @@ and enable it if necessary. To read more, refer to **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. In some cases, however, you may need to disable trace logging on your SQL Server instance. For that, diff --git a/docs/auditor/10.7/configuration/sqlserver/overview.md b/docs/auditor/10.7/configuration/sqlserver/overview.md index 1c46bbdc2d..bb0ec27ec6 100644 --- a/docs/auditor/10.7/configuration/sqlserver/overview.md +++ b/docs/auditor/10.7/configuration/sqlserver/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. The IT Infrastructure for monitoring is configured automatically. Your current audit settings will diff --git a/docs/auditor/10.7/configuration/useractivity/overview.md b/docs/auditor/10.7/configuration/useractivity/overview.md index c4d8dea65f..a2b9ffc08b 100644 --- a/docs/auditor/10.7/configuration/useractivity/overview.md +++ b/docs/auditor/10.7/configuration/useractivity/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can use group Managed Service Accounts (gMSA) as data collecting accounts. diff --git a/docs/auditor/10.7/configuration/vmware/overview.md b/docs/auditor/10.7/configuration/vmware/overview.md index 30cb79f98c..d7e1c60d25 100644 --- a/docs/auditor/10.7/configuration/vmware/overview.md +++ b/docs/auditor/10.7/configuration/vmware/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring automatically through a monitoring plan. No diff --git a/docs/auditor/10.7/configuration/windowsserver/overview.md b/docs/auditor/10.7/configuration/windowsserver/overview.md index 9bba343dfc..dc829f0bea 100644 --- a/docs/auditor/10.7/configuration/windowsserver/overview.md +++ b/docs/auditor/10.7/configuration/windowsserver/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.7/install/upgrade.md b/docs/auditor/10.7/install/upgrade.md index dbbc178696..df91f986f6 100644 --- a/docs/auditor/10.7/install/upgrade.md +++ b/docs/auditor/10.7/install/upgrade.md @@ -13,7 +13,7 @@ Seamless upgrade to Netwrix Auditor 10.7 is supported for versions 10.6 and 10.5 If you use an earlier version of Netwrix Auditor, then you need to upgrade sequentially right to version 10.7. See the following Netwrix knowledge base article for more information: -[Upgrade Increments for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9eJCAS.html). +[Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor). ## Before Starting the Upgrade diff --git a/docs/auditor/10.7/requirements/longtermarchive.md b/docs/auditor/10.7/requirements/longtermarchive.md index 60b17dbe71..ca48c806da 100644 --- a/docs/auditor/10.7/requirements/longtermarchive.md +++ b/docs/auditor/10.7/requirements/longtermarchive.md @@ -37,7 +37,7 @@ viewing the Long-Term Archive widget of the Health Status dashboard, click Open **Step 5 –** To move data from the old repository to the new location, take the steps described in the following Netwrix knowledge base article: -[How to Move Long-Term Archive to a New Location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SSCA0.html). +[How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). Auditor client will start writing data to the new location right after you complete data moving procedure. diff --git a/docs/auditor/10.7/requirements/overview.md b/docs/auditor/10.7/requirements/overview.md index bec7dc29a5..e75eaa0513 100644 --- a/docs/auditor/10.7/requirements/overview.md +++ b/docs/auditor/10.7/requirements/overview.md @@ -45,7 +45,7 @@ product architecture and components interactions are shown in the figure below. **NOTE:** When auditing Active Directory domains, Exchange servers, expired passwords, and inactive users, the data sent by the product can be encrypted using Signing and Sealing. See the following Netwrix knowledge base article for additional information on how to secure Netwrix Auditor: -[Best Practices for Securing Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SPCA0.html). +[Best Practices for Securing Netwrix Auditor](/docs/kb/auditor/best-practices-for-securing-netwrix-auditor). ### Workflow Stages diff --git a/docs/auditor/10.7/requirements/software.md b/docs/auditor/10.7/requirements/software.md index ad811a7c81..2f75ab6f5f 100644 --- a/docs/auditor/10.7/requirements/software.md +++ b/docs/auditor/10.7/requirements/software.md @@ -59,7 +59,7 @@ Printing To print SSRS-based reports, SSRS Report Viewer and Auditor Client require ActiveX Control to be installed and enabled on the local machine. See the -[Impossible to Export a Report ](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000HDfkCAG.html) +[Impossible to Export a Report ](/docs/kb/auditor/impossible-to-export-a-report) Netwrix knowledge base article for additional information. You can, for example, open any SSRS-based report using your default web browser and click **Print**. diff --git a/docs/auditor/10.7/requirements/sqlserver.md b/docs/auditor/10.7/requirements/sqlserver.md index 1a615a4ca6..741c102a3f 100644 --- a/docs/auditor/10.7/requirements/sqlserver.md +++ b/docs/auditor/10.7/requirements/sqlserver.md @@ -292,5 +292,5 @@ added to **SQL Server Logins**, expand the **Security** > **Logins** node, right select **Properties** from the pop-up menu, and edit its roles. If you need to migrate the Audit Database, see the -[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000Pbd8CAC.html) +[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance) knowledge base article. diff --git a/docs/auditor/10.7/requirements/workingfolder.md b/docs/auditor/10.7/requirements/workingfolder.md index d69c2c240a..bfeaf4cb7b 100644 --- a/docs/auditor/10.7/requirements/workingfolder.md +++ b/docs/auditor/10.7/requirements/workingfolder.md @@ -19,5 +19,5 @@ capacity, you can use the Working Folder widget of the Health Status dashboard. If you want to change the working folder default location, run the specially designed utility. See the -[How to Migrate Netwrix Auditor Working Folder to a New Location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000PcOLCA0.html) +[How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location) Knowledge Base article for additional information. diff --git a/docs/auditor/10.7/tools/eventlogmanager/eventlogmanager.md b/docs/auditor/10.7/tools/eventlogmanager/eventlogmanager.md index a461d05031..3a82e218cd 100644 --- a/docs/auditor/10.7/tools/eventlogmanager/eventlogmanager.md +++ b/docs/auditor/10.7/tools/eventlogmanager/eventlogmanager.md @@ -18,7 +18,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/admin/healthstatus/troubleshooting.md b/docs/auditor/10.8/admin/healthstatus/troubleshooting.md index 71902a7bb0..a908010662 100644 --- a/docs/auditor/10.8/admin/healthstatus/troubleshooting.md +++ b/docs/auditor/10.8/admin/healthstatus/troubleshooting.md @@ -23,7 +23,7 @@ portal as described in the Creating a ticket with Customer portal section. | I see a blank window instead of a report. | Contact your Auditor Global administrator to make sure that you are granted sufficient permissions on the Report Server. To view reports in a web browser - Open a web browser and type the Report Manager URL (found under Settings>**Audit Database**). In the page that opens, navigate to the report you want to generate and click the report name. You can modify the report filters and click View Report to apply them. | | I configured report subscription to be uploaded to a file server, but cannot find it / cannot access it. | Subscriptions can be uploaded either to a file share (e.g., _\\filestorage\reports_) or to a folder on the computer where Auditor Server is installed. To access these reports, you must be granted the Read permission. | | When trying to collect event data from Active Directory domain, an error message like this appears in Netwrix Health Log: _Monitoring Plan: `` The following error has occurred while processing '``': Error collecting the security log of the domain ``. Failed to process the domain controller `` due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it_. | This may happen due to Secondary Logon Service disabled state. To collect event data from the domain, this service must be up and running. Open its properties and start the service. | -| The 'Workstation' field in search, reports, and Activity Summary is reported as 'unknown' | For the full list of possible reasons, please refer to the following Netwrix Knowledge Base article: [Why is the "Workstation" field reported as "unknown"?](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9VdCAK.html) | +| The 'Workstation' field in search, reports, and Activity Summary is reported as 'unknown' | For the full list of possible reasons, please refer to the following Netwrix Knowledge Base article: [Why is the "Workstation" field reported as "unknown"?](/docs/kb/auditor/workstation-field-reported-as-unknown) | ## Creating a ticket with Customer portal diff --git a/docs/auditor/10.8/admin/monitoringplans/sharepoint/overview.md b/docs/auditor/10.8/admin/monitoringplans/sharepoint/overview.md index 567ec9c5c9..0b14d2d270 100644 --- a/docs/auditor/10.8/admin/monitoringplans/sharepoint/overview.md +++ b/docs/auditor/10.8/admin/monitoringplans/sharepoint/overview.md @@ -37,7 +37,7 @@ information. | Problem | Description | KB article | | ------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| The "Timeout Expired" error appears during the agent's deployment. | The agent failed to be deployed due to one of the following reasons: - One or several servers are unreachable - The SPAdminV4 service is not started on any of the servers. - The servers within the farm are located in different time zones. - Your SharePoint farm exceeds the recommended capacity limits. Increase DeployTimeout value in _%ProgramData%\Netwrix\NetwrixAuditor for SharePoint\ Configuration\ ``\ Commonsettings.config_ and restart the agent service. | Refer to the [Timeout Expired Error on SharePoint Core Service Deployment](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9YfCAK.html) Knowledge Base article for the solution. | +| The "Timeout Expired" error appears during the agent's deployment. | The agent failed to be deployed due to one of the following reasons: - One or several servers are unreachable - The SPAdminV4 service is not started on any of the servers. - The servers within the farm are located in different time zones. - Your SharePoint farm exceeds the recommended capacity limits. Increase DeployTimeout value in _%ProgramData%\Netwrix\NetwrixAuditor for SharePoint\ Configuration\ ``\ Commonsettings.config_ and restart the agent service. | Refer to the [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment) Knowledge Base article for the solution. | ## SharePoint Farm diff --git a/docs/auditor/10.8/admin/settings/longtermarchive.md b/docs/auditor/10.8/admin/settings/longtermarchive.md index c98c9f891e..24e1b57722 100644 --- a/docs/auditor/10.8/admin/settings/longtermarchive.md +++ b/docs/auditor/10.8/admin/settings/longtermarchive.md @@ -17,7 +17,7 @@ Review the following for additional information: | Option | Description | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Long-Term Archive settings | | -| Write audit data to | Specify the path to a local or shared folder where your audit data will be stored. By default, it is set to _"C:\ProgramData\Netwrix Auditor\Data"_. By default, the LocalSystem account is used to write data to the local-based Long-Term Archive and computer account is used for the file share-based storage. Subscriptions created in the Auditor client are uploaded to file servers under the Long-Term Archive service account as well. It is not recommended to store your Long-Term Archive on a system disk. If you want to move the Long-Term Archive to another location, refer to the following Netwrix Knowledge base article: [How to move Long-Term Archive to a new location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SSCA0.html). | +| Write audit data to | Specify the path to a local or shared folder where your audit data will be stored. By default, it is set to _"C:\ProgramData\Netwrix Auditor\Data"_. By default, the LocalSystem account is used to write data to the local-based Long-Term Archive and computer account is used for the file share-based storage. Subscriptions created in the Auditor client are uploaded to file servers under the Long-Term Archive service account as well. It is not recommended to store your Long-Term Archive on a system disk. If you want to move the Long-Term Archive to another location, refer to the following Netwrix Knowledge base article: [How to move Long-Term Archive to a new location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). | | Keep audit data for (in months) | Specify how long data will be stored. By default, it is set to 120 months. | | Use custom credentials (for the file share-based Long-Term Archive only) | Select the checkbox and provide user name and password for the Long-Term Archive service account. You can specify a custom account only for the Long-Term Archive stored on a file share. The custom Long-Term Archive service account can be granted the following rights and permissions: - Advanced permissions on the folder where the Long-term Archive is stored: - List folder / read data - Read attributes - Read extended attributes - Create files / write data - Create folders / append data - Write attributes - Write extended attributes - Delete subfolders and files - Read permissions - On the file shares where report subscriptions are saved: - Change share permission - Create files / write data folder permission Subscriptions created in the Auditor client  are uploaded to file servers under the Long-Term Archive service account as well. See the [Subscriptions](/docs/auditor/10.8/admin/subscriptions/overview.md) topic for additional information. | diff --git a/docs/auditor/10.8/configuration/activedirectory/overview.md b/docs/auditor/10.8/configuration/activedirectory/overview.md index 35775ccf83..0e79d301e5 100644 --- a/docs/auditor/10.8/configuration/activedirectory/overview.md +++ b/docs/auditor/10.8/configuration/activedirectory/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/activedirectory/securitylog.md b/docs/auditor/10.8/configuration/activedirectory/securitylog.md index e3a2a07e74..c7e940490b 100644 --- a/docs/auditor/10.8/configuration/activedirectory/securitylog.md +++ b/docs/auditor/10.8/configuration/activedirectory/securitylog.md @@ -43,5 +43,5 @@ If "Overwrite" option is not enough to meet your data retention requirements, yo _auto-archiving_ option for Security event log to preserve historical event data in the archive files. With that option enabled, you may want to adjust the retention settings for log archives (backups). Related procedures are described in the -[Auto-archiving Windows Security log](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000Pcx6CAC.html) +[Auto-archiving Windows Security log](/docs/kb/auditor/auto-archiving-windows-security-log) Netwrix Knowledge Base article. diff --git a/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md b/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md index b4899b6690..0fc43c5a74 100644 --- a/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md +++ b/docs/auditor/10.8/configuration/activedirectoryfederatedservices/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. Active Directory Federation Services (AD FS) server role can be assigned: diff --git a/docs/auditor/10.8/configuration/exchange/overview.md b/docs/auditor/10.8/configuration/exchange/overview.md index 39dfdc0141..91ef1e9451 100644 --- a/docs/auditor/10.8/configuration/exchange/overview.md +++ b/docs/auditor/10.8/configuration/exchange/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/delldatastorage/overview.md b/docs/auditor/10.8/configuration/fileservers/delldatastorage/overview.md index e2b06b1e43..66189d15ad 100644 --- a/docs/auditor/10.8/configuration/fileservers/delldatastorage/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/delldatastorage/overview.md @@ -17,7 +17,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/dellisilon/overview.md b/docs/auditor/10.8/configuration/fileservers/dellisilon/overview.md index 7d69a6052f..0d2dcc48a5 100644 --- a/docs/auditor/10.8/configuration/fileservers/dellisilon/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/dellisilon/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/netappcmode/overview.md b/docs/auditor/10.8/configuration/fileservers/netappcmode/overview.md index 494c01ca92..144b683c70 100644 --- a/docs/auditor/10.8/configuration/fileservers/netappcmode/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/netappcmode/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/nutanix/overview.md b/docs/auditor/10.8/configuration/fileservers/nutanix/overview.md index c4d524bcf0..737256d662 100644 --- a/docs/auditor/10.8/configuration/fileservers/nutanix/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/nutanix/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/overview.md b/docs/auditor/10.8/configuration/fileservers/overview.md index 56662e131d..f815606ac8 100644 --- a/docs/auditor/10.8/configuration/fileservers/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/overview.md @@ -12,7 +12,7 @@ information on these activities. **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Supported File Servers and Devices diff --git a/docs/auditor/10.8/configuration/fileservers/qumulo/overview.md b/docs/auditor/10.8/configuration/fileservers/qumulo/overview.md index aaf42a838f..63541d9f0a 100644 --- a/docs/auditor/10.8/configuration/fileservers/qumulo/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/qumulo/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/synology/overview.md b/docs/auditor/10.8/configuration/fileservers/synology/overview.md index f14d1b1d8e..0e68df186d 100644 --- a/docs/auditor/10.8/configuration/fileservers/synology/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/synology/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/fileservers/windows/overview.md b/docs/auditor/10.8/configuration/fileservers/windows/overview.md index 214ff9300e..f5311abdd6 100644 --- a/docs/auditor/10.8/configuration/fileservers/windows/overview.md +++ b/docs/auditor/10.8/configuration/fileservers/windows/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Configuration Overview @@ -236,7 +236,7 @@ folder is placed within a share targeted by a DFS folder. For recommendations on configuring DFS replication, refer to the following Netwrix knowledge base article: -[Why did loss of performance occur when configuring audit settings for Windows File Servers?](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SyCAK.html). +[Why did loss of performance occur when configuring audit settings for Windows File Servers?](/docs/kb/auditor/auditing-distributed-file-systems-with-replication-in-netwrix-auditor). Remember that replication of namespace roots is not supported. ## File Servers and Antivirus diff --git a/docs/auditor/10.8/configuration/grouppolicy/overview.md b/docs/auditor/10.8/configuration/grouppolicy/overview.md index 5b0bd43f65..99daeeaf29 100644 --- a/docs/auditor/10.8/configuration/grouppolicy/overview.md +++ b/docs/auditor/10.8/configuration/grouppolicy/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/logonactivity/overview.md b/docs/auditor/10.8/configuration/logonactivity/overview.md index c9779bd55e..041f7527dc 100644 --- a/docs/auditor/10.8/configuration/logonactivity/overview.md +++ b/docs/auditor/10.8/configuration/logonactivity/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/logonactivity/securityeventlog.md b/docs/auditor/10.8/configuration/logonactivity/securityeventlog.md index 37a52fb8ca..6b4e6dd3be 100644 --- a/docs/auditor/10.8/configuration/logonactivity/securityeventlog.md +++ b/docs/auditor/10.8/configuration/logonactivity/securityeventlog.md @@ -33,4 +33,4 @@ needed**. **NOTE:** After configuring security event settings via Group Policy, you may notice that the log size on a specific computer is not set correctly. In this case, follow the resolution steps from the Netwrix Knowledge base article to fix the issue: -[Security log settings do not apply via GPO](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000HDk6CAG.html). +[Security log settings do not apply via GPO](/docs/kb/auditor/security-log-settings-do-not-apply-via-gpo). diff --git a/docs/auditor/10.8/configuration/microsoft365/exchangeonline/overview.md b/docs/auditor/10.8/configuration/microsoft365/exchangeonline/overview.md index 4dd69fe23f..4135fd8061 100644 --- a/docs/auditor/10.8/configuration/microsoft365/exchangeonline/overview.md +++ b/docs/auditor/10.8/configuration/microsoft365/exchangeonline/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/overview.md b/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/overview.md index c9b988489d..afd1bc6fd0 100644 --- a/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/overview.md +++ b/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/microsoft365/sharepointonline/overview.md b/docs/auditor/10.8/configuration/microsoft365/sharepointonline/overview.md index e1e642c37a..6c91b0a729 100644 --- a/docs/auditor/10.8/configuration/microsoft365/sharepointonline/overview.md +++ b/docs/auditor/10.8/configuration/microsoft365/sharepointonline/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in the following way: diff --git a/docs/auditor/10.8/configuration/microsoft365/teams/overview.md b/docs/auditor/10.8/configuration/microsoft365/teams/overview.md index b49e9b41d3..a20a86e180 100644 --- a/docs/auditor/10.8/configuration/microsoft365/teams/overview.md +++ b/docs/auditor/10.8/configuration/microsoft365/teams/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/networkdevices/ciscoasa.md b/docs/auditor/10.8/configuration/networkdevices/ciscoasa.md index de6d4260b5..c7995f7b56 100644 --- a/docs/auditor/10.8/configuration/networkdevices/ciscoasa.md +++ b/docs/auditor/10.8/configuration/networkdevices/ciscoasa.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/networkdevices/ciscoios.md b/docs/auditor/10.8/configuration/networkdevices/ciscoios.md index 3c5b6ae89d..1d19a7d8cd 100644 --- a/docs/auditor/10.8/configuration/networkdevices/ciscoios.md +++ b/docs/auditor/10.8/configuration/networkdevices/ciscoios.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/networkdevices/fortinetfortigate.md b/docs/auditor/10.8/configuration/networkdevices/fortinetfortigate.md index 20777f502e..5925de0e08 100644 --- a/docs/auditor/10.8/configuration/networkdevices/fortinetfortigate.md +++ b/docs/auditor/10.8/configuration/networkdevices/fortinetfortigate.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/networkdevices/juniper.md b/docs/auditor/10.8/configuration/networkdevices/juniper.md index cb31933f0e..21a80d1c45 100644 --- a/docs/auditor/10.8/configuration/networkdevices/juniper.md +++ b/docs/auditor/10.8/configuration/networkdevices/juniper.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/networkdevices/overview.md b/docs/auditor/10.8/configuration/networkdevices/overview.md index 12120c25e0..059e3e0a80 100644 --- a/docs/auditor/10.8/configuration/networkdevices/overview.md +++ b/docs/auditor/10.8/configuration/networkdevices/overview.md @@ -22,5 +22,5 @@ device: **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. diff --git a/docs/auditor/10.8/configuration/networkdevices/paloalto.md b/docs/auditor/10.8/configuration/networkdevices/paloalto.md index 7f59360dfd..7c8d0052d6 100644 --- a/docs/auditor/10.8/configuration/networkdevices/paloalto.md +++ b/docs/auditor/10.8/configuration/networkdevices/paloalto.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/networkdevices/sonicwall.md b/docs/auditor/10.8/configuration/networkdevices/sonicwall.md index 4f76f297e6..923de0e4bb 100644 --- a/docs/auditor/10.8/configuration/networkdevices/sonicwall.md +++ b/docs/auditor/10.8/configuration/networkdevices/sonicwall.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/oracle/overview.md b/docs/auditor/10.8/configuration/oracle/overview.md index f0218c2241..74726d9cab 100644 --- a/docs/auditor/10.8/configuration/oracle/overview.md +++ b/docs/auditor/10.8/configuration/oracle/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: @@ -46,7 +46,7 @@ different auditing types: **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. ## Considerations for Oracle Database 11g diff --git a/docs/auditor/10.8/configuration/sharepoint/overview.md b/docs/auditor/10.8/configuration/sharepoint/overview.md index 9b39dbdc8d..8f1c7e81e2 100644 --- a/docs/auditor/10.8/configuration/sharepoint/overview.md +++ b/docs/auditor/10.8/configuration/sharepoint/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/configuration/sqlserver/configuringtracelogging.md b/docs/auditor/10.8/configuration/sqlserver/configuringtracelogging.md index 151d61d5eb..3d239d7a0c 100644 --- a/docs/auditor/10.8/configuration/sqlserver/configuringtracelogging.md +++ b/docs/auditor/10.8/configuration/sqlserver/configuringtracelogging.md @@ -14,7 +14,7 @@ and enable it if necessary. To read more, refer to **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. In some cases, however, you may need to disable trace logging on your SQL Server instance. For that, diff --git a/docs/auditor/10.8/configuration/sqlserver/overview.md b/docs/auditor/10.8/configuration/sqlserver/overview.md index fbd8e09f17..4aed5cee9d 100644 --- a/docs/auditor/10.8/configuration/sqlserver/overview.md +++ b/docs/auditor/10.8/configuration/sqlserver/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. The IT Infrastructure for monitoring is configured automatically. Your current audit settings will diff --git a/docs/auditor/10.8/configuration/useractivity/overview.md b/docs/auditor/10.8/configuration/useractivity/overview.md index 5060a1fc23..4731d89c9f 100644 --- a/docs/auditor/10.8/configuration/useractivity/overview.md +++ b/docs/auditor/10.8/configuration/useractivity/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can use group Managed Service Accounts (gMSA) as data collecting accounts. diff --git a/docs/auditor/10.8/configuration/vmware/overview.md b/docs/auditor/10.8/configuration/vmware/overview.md index 30cb79f98c..d7e1c60d25 100644 --- a/docs/auditor/10.8/configuration/vmware/overview.md +++ b/docs/auditor/10.8/configuration/vmware/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring automatically through a monitoring plan. No diff --git a/docs/auditor/10.8/configuration/windowsserver/overview.md b/docs/auditor/10.8/configuration/windowsserver/overview.md index 0b524456af..f7406dd08d 100644 --- a/docs/auditor/10.8/configuration/windowsserver/overview.md +++ b/docs/auditor/10.8/configuration/windowsserver/overview.md @@ -14,7 +14,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/auditor/10.8/install/firstlaunch.md b/docs/auditor/10.8/install/firstlaunch.md index 8afc921584..93a40bc5d6 100644 --- a/docs/auditor/10.8/install/firstlaunch.md +++ b/docs/auditor/10.8/install/firstlaunch.md @@ -27,7 +27,7 @@ To start using Netwrix Auditor After logging into Netwrix Auditor, you will see the following window: -![welcome_screen_thumb_0_0](/images/auditor/10.7/install/welcome_screen_thumb_0_0.webp) +![welcome_screen_thumb_0_0](/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp) Take a closer look at the Home page. It contains everything you need to enable complete visibility in your environment. diff --git a/docs/auditor/10.8/install/overview.md b/docs/auditor/10.8/install/overview.md index 6d4c4a652f..660e15dd71 100644 --- a/docs/auditor/10.8/install/overview.md +++ b/docs/auditor/10.8/install/overview.md @@ -26,7 +26,7 @@ the internet. Follow these steps to install Netwrix Auditor -**Step 1 –** Download Netwrix Auditor 10.7 from +**Step 1 –** Download Netwrix Auditor 10.8 from [Netwrix website](https://www.netwrix.com/auditor.html). NOTE: Before installing Netwrix Auditor, make sure that the Windows Firewall service is started. If @@ -36,7 +36,7 @@ you must be a member of the local Administrators group to run the Netwrix Audito **Step 2 –** Unpack the installation package. The following window will be displayed on successful operation completion: -![installationscreen](/images/auditor/10.7/install/installationscreen.webp) +![installationscreen](/images/auditor/10.8/install/installationscreen.webp) **Step 3 –** Follow the instructions of the setup wizard. When prompted, accept the license agreement. @@ -67,7 +67,7 @@ After a successful installation, Auditor shortcut will be added to the **Start** the product will start. See the [First Launch](/docs/auditor/10.8/install/firstlaunch.md) topic for additional information on the product navigation. -![welcome_screen](/images/auditor/10.7/install/welcome_screen.webp) +![welcome_screen](/images/auditor/10.8/install/welcome_screen.webp) Netwrix looks beyond the traditional on-premises installation and provides Auditor for cloud and virtual environments. For example, you can deploy Auditor on a pre-configured Microsoft Azure diff --git a/docs/auditor/10.8/install/upgrade.md b/docs/auditor/10.8/install/upgrade.md index ff7fac854a..c30ca0a9cc 100644 --- a/docs/auditor/10.8/install/upgrade.md +++ b/docs/auditor/10.8/install/upgrade.md @@ -9,11 +9,11 @@ sidebar_position: 80 Netwrix recommends that you upgrade from the older versions of Netwrix Auditor to the latest version available to take advantage of the new features. -Seamless upgrade to Netwrix Auditor 10.7 is supported for versions 10.6 and 10.5. +Seamless upgrade to Netwrix Auditor 10.8 is supported for versions 10.7 and 10.6. If you use an earlier version of Netwrix Auditor, then you need to upgrade sequentially right to -version 10.7. See the following Netwrix knowledge base article for more information: -[Upgrade Increments for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9eJCAS.html). +version 10.8. See the following Netwrix knowledge base article for more information: +[Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor). ## Before Starting the Upgrade @@ -108,7 +108,7 @@ operation. The issues listed below apply to upgrade from 9.96 and 10. ## Upgrade Procedure -You can upgrade Netwrix Auditor to 10.7 by running the installation package. +You can upgrade Netwrix Auditor to 10.8 by running the installation package. Customers who are logged in to the Netwrix Customer Portal can download the latest version of their software products from the My Products page: diff --git a/docs/auditor/10.8/install/virtualappliance/configure.md b/docs/auditor/10.8/install/virtualappliance/configure.md index 52fd9b21c5..53deccdaf5 100644 --- a/docs/auditor/10.8/install/virtualappliance/configure.md +++ b/docs/auditor/10.8/install/virtualappliance/configure.md @@ -31,7 +31,7 @@ the license agreement and then press `Y` to accept it. In the example below, review how the shell script configures the new VM: -![appliance_script](/images/auditor/10.7/install/virtualappliance/appliance_script.webp) +![appliance_script](/images/auditor/10.8/install/virtualappliance/appliance_script.webp) **Step 6 –** When the script execution completes, you will be prompted to reboot the virtual machine for the changes to take effect. diff --git a/docs/auditor/10.8/requirements/longtermarchive.md b/docs/auditor/10.8/requirements/longtermarchive.md index eec8df26fa..eae2eeb36c 100644 --- a/docs/auditor/10.8/requirements/longtermarchive.md +++ b/docs/auditor/10.8/requirements/longtermarchive.md @@ -37,7 +37,7 @@ viewing the Long-Term Archive widget of the Health Status dashboard, click Open **Step 5 –** To move data from the old repository to the new location, take the steps described in the following Netwrix knowledge base article: -[How to Move Long-Term Archive to a New Location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SSCA0.html). +[How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). Auditor client will start writing data to the new location right after you complete data moving procedure. diff --git a/docs/auditor/10.8/requirements/overview.md b/docs/auditor/10.8/requirements/overview.md index 13e6514ac0..255fe6c757 100644 --- a/docs/auditor/10.8/requirements/overview.md +++ b/docs/auditor/10.8/requirements/overview.md @@ -45,7 +45,7 @@ product architecture and components interactions are shown in the figure below. **NOTE:** When auditing Active Directory domains, Exchange servers, expired passwords, and inactive users, the data sent by the product can be encrypted using [Signing and Sealing](https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/enable-ldap-signing-in-windows-server). See the following Netwrix knowledge base article for additional information on how to secure Netwrix Auditor: -[Best Practices for Securing Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9SPCA0.html). +[Best Practices for Securing Netwrix Auditor](/docs/kb/auditor/best-practices-for-securing-netwrix-auditor). ### Workflow Stages diff --git a/docs/auditor/10.8/requirements/software.md b/docs/auditor/10.8/requirements/software.md index 2a40271587..ef8f948f47 100644 --- a/docs/auditor/10.8/requirements/software.md +++ b/docs/auditor/10.8/requirements/software.md @@ -59,7 +59,7 @@ Printing To print SSRS-based reports, SSRS Report Viewer and Auditor Client require ActiveX Control to be installed and enabled on the local machine. See the -[Impossible to Export a Report ](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u000000HDfkCAG.html) +[Impossible to Export a Report ](/docs/kb/auditor/impossible-to-export-a-report) Netwrix knowledge base article for additional information. You can, for example, open any SSRS-based report using your default web browser and click **Print**. diff --git a/docs/auditor/10.8/requirements/sqlserver.md b/docs/auditor/10.8/requirements/sqlserver.md index 55600dbe17..0d732cacee 100644 --- a/docs/auditor/10.8/requirements/sqlserver.md +++ b/docs/auditor/10.8/requirements/sqlserver.md @@ -292,5 +292,5 @@ added to **SQL Server Logins**, expand the **Security** > **Logins** node, right select **Properties** from the pop-up menu, and edit its roles. If you need to migrate the Audit Database, see the -[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000Pbd8CAC.html) +[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance) knowledge base article. diff --git a/docs/auditor/10.8/requirements/workingfolder.md b/docs/auditor/10.8/requirements/workingfolder.md index d69c2c240a..bfeaf4cb7b 100644 --- a/docs/auditor/10.8/requirements/workingfolder.md +++ b/docs/auditor/10.8/requirements/workingfolder.md @@ -19,5 +19,5 @@ capacity, you can use the Working Folder widget of the Health Status dashboard. If you want to change the working folder default location, run the specially designed utility. See the -[How to Migrate Netwrix Auditor Working Folder to a New Location](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000PcOLCA0.html) +[How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location) Knowledge Base article for additional information. diff --git a/docs/auditor/10.8/tools/eventlogmanager/eventlogmanager.md b/docs/auditor/10.8/tools/eventlogmanager/eventlogmanager.md index d8007f56e8..e19376c364 100644 --- a/docs/auditor/10.8/tools/eventlogmanager/eventlogmanager.md +++ b/docs/auditor/10.8/tools/eventlogmanager/eventlogmanager.md @@ -18,7 +18,7 @@ integrity, otherwise your change reports may contain warnings, errors or incompl **CAUTION:** Folder associated with Netwrix Auditor must be excluded from antivirus scanning. See the -[Antivirus Exclusions for Netwrix Auditor](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HirCAE.html) +[Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) knowledge base article for additional information. You can configure your IT Infrastructure for monitoring in one of the following ways: diff --git a/docs/customer/training/learn-about/1secure.md b/docs/customer/training/learn-about/1secure.md index b77a48a4fc..3ca73f65ff 100644 --- a/docs/customer/training/learn-about/1secure.md +++ b/docs/customer/training/learn-about/1secure.md @@ -6,11 +6,11 @@ keywords: [training, course, 1secure] description: "Learn about Netwrix 1Secure through introductory courses" --- -import { N1SValue, N1SConcepts, N1SIntroGS, N1SIntroReport } from '@site/src/training/1secure'; +import { N1SValue, N1SConcepts, N1SIntroGS, N1SIntroReport, N1SIntroAlertRisk } from '@site/src/training/1secure'; import { N1S } from '@site/src/training/products'; -Estimated length: 1 hour +Estimated length: 1.5 hours In this learning path, you will be introduced to . It contains the following course: @@ -18,7 +18,7 @@ In this learning path, you will be introduced to . It contains the follow * 2600 – Components & Architecture * 3600.1 Introduction to – Getting Started * 3600.5 Introduction to – Reports - +* 3600.6 Introduction to – Alerts & Risk Assessment @@ -27,3 +27,5 @@ In this learning path, you will be introduced to . It contains the follow + + diff --git a/docs/customer/training/learn-about/index.md b/docs/customer/training/learn-about/index.md index fa318bf2d7..159adb582d 100644 --- a/docs/customer/training/learn-about/index.md +++ b/docs/customer/training/learn-about/index.md @@ -22,7 +22,6 @@ You can choose to self-enroll in "Learn About" learning paths available within t * [Learn About Netwrix Endpoint Protector Learning Path](./endpoint-protector.md) * [Learn About Netwrix Identity Manager Learning Path](./identity-manager.md) * [Learn About Netwrix Password Policy Enforcer Learning Path](./password-policy-enforcer.md) -* [Learn About Netwrix Password Reset Learning Path](./password-secure.md) * [Learn About Netwrix Password Secure Learning Path](./password-secure.md) * [Learn About Netwrix Platform Governance for NetSuite Learning Path](./platform-governance-for-netsuite.md) * [Learn About Netwrix Platform Governance for Salesforce Learning Path](./platform-governance-for-salesforce.md) diff --git a/docs/customer/training/learn-about/password-policy-enforcer.md b/docs/customer/training/learn-about/password-policy-enforcer.md index b96e4471d4..b253c53476 100644 --- a/docs/customer/training/learn-about/password-policy-enforcer.md +++ b/docs/customer/training/learn-about/password-policy-enforcer.md @@ -10,7 +10,7 @@ import { NPPEValue } from '@site/src/training/password-policy-enforcer'; import { NPPE } from '@site/src/training/products'; -Estimated length: 5 minutes +Estimated length: 2 minutes In this learning path, you will be introduced to . It contains the following courses: diff --git a/docs/customer/training/learn-about/platform-governance-for-salesforce.md b/docs/customer/training/learn-about/platform-governance-for-salesforce.md index 044f79a388..243d298eb3 100644 --- a/docs/customer/training/learn-about/platform-governance-for-salesforce.md +++ b/docs/customer/training/learn-about/platform-governance-for-salesforce.md @@ -10,7 +10,7 @@ import { NPGSValue } from '@site/src/training/platform-governance-for-salesforce import { NPGS } from '@site/src/training/products'; -Estimated length: 5 minutes +Estimated length: 2 minutes In this learning path, you will be introduced to . It contains the following courses: diff --git a/docs/customer/training/product/1secure.md b/docs/customer/training/product/1secure.md index 59b036afbe..b9041104cc 100644 --- a/docs/customer/training/product/1secure.md +++ b/docs/customer/training/product/1secure.md @@ -6,11 +6,11 @@ keywords: [training, course, 1secure] description: "Learn to use Netwrix 1Secure through courses" --- -import { N1SValue, N1SConcepts, N1SIntroGS, N1SIntroMO, N1SIntroConf, N1SIntroData, N1SIntroReport } from '@site/src/training/1secure'; +import { N1SValue, N1SConcepts, N1SIntroGS, N1SIntroMO, N1SIntroConf, N1SIntroData, N1SIntroReport, N1SIntroAlertRisk } from '@site/src/training/1secure'; import { N1S } from '@site/src/training/products'; -Estimated length: 2 hours with optional course +Estimated length: 2.5 hours with optional course In this learning path, you will learn how to use . It contains the following course: @@ -21,6 +21,7 @@ In this learning path, you will learn how to use . It contains the follow * 3600.3 Introduction to – Configuration * 3600.4 Introduction to – Data Sources * 3600.5 Introduction to – Reports +* 3600.6 Introduction to – Alerts & Risk Assessment @@ -35,3 +36,5 @@ In this learning path, you will learn how to use . It contains the follow + + diff --git a/docs/customer/training/product/password-reset.md b/docs/customer/training/product/password-reset.md index 5b0593ac18..71bf98bfed 100644 --- a/docs/customer/training/product/password-reset.md +++ b/docs/customer/training/product/password-reset.md @@ -10,7 +10,7 @@ import { NPRValue } from '@site/src/training/password-reset'; import { NPR } from '@site/src/training/products'; -Estimated length: 5 minutes +Estimated length: 2 minutes In this learning path, you will learn how to use . It contains the following courses: diff --git a/docs/dataclassification/5.7/systemconfigurationoverview/users/usermanagement.md b/docs/dataclassification/5.7/systemconfigurationoverview/users/usermanagement.md index 9a2c99075f..23a5a02a5c 100644 --- a/docs/dataclassification/5.7/systemconfigurationoverview/users/usermanagement.md +++ b/docs/dataclassification/5.7/systemconfigurationoverview/users/usermanagement.md @@ -70,9 +70,9 @@ see Advanced options can enable this by: - Ticking **Always Show Advanced Settings** - Clicking **Save** -See the following Knowledge Base topic to learn how to set up single sign-on for Netwrix Data +See the following Knowledge Base article to learn how to set up single sign-on for Netwrix Data Classification via Microsoft Entra ID authentication: -[https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9e8CAC.html](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA00g000000H9e8CAC.html) +[How to Set Up SSO via Microsoft Entra ID Authentication](/docs/kb/dataclassification/how-to-set-up-single-sign-on-via-microsoft-entra-id-authentication). ## Add or Remove Users diff --git a/docs/directorymanager/11.1/admincenter/datasource/manage.md b/docs/directorymanager/11.1/admincenter/datasource/manage.md index 535f7a5856..c1a92fd0e3 100644 --- a/docs/directorymanager/11.1/admincenter/datasource/manage.md +++ b/docs/directorymanager/11.1/admincenter/datasource/manage.md @@ -28,6 +28,10 @@ string in their names are displayed. You can update the details provided for a data source, such as its display name, the service account credentials to connect to it, and any other info you provided while creating it. +:::important Password Re-insertion Required +Due to security enhancements, when updating a data source, you must re-enter the **Service Account Password** even if you are not changing it. This is a required security measure to ensure password field sanitization across the product. +::: + Follow the steps to update the details for a data source. Step 1 – In Admin Center, click **Data Sources** in the left pane. diff --git a/docs/directorymanager/11.1/admincenter/schedule/grouplifecycle.md b/docs/directorymanager/11.1/admincenter/schedule/grouplifecycle.md index 078c395623..bfdc221f08 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/grouplifecycle.md +++ b/docs/directorymanager/11.1/admincenter/schedule/grouplifecycle.md @@ -34,7 +34,7 @@ Step 2 – On the Identity Stores page, click the ellipsis button for an identit Step 3 – Click **Schedules** under Settings in the left pane. -Step 4 – On the Schedules page, click **Add Schedule** and select **Group Life Cycle Job**. +Step 4 – On the Schedules page, click **Add Schedule** and select **Group Life Cycle Job**. The Create Schedule page is displayed. Step 5 – In the Schedule Name box, enter a name for the schedule. @@ -90,6 +90,10 @@ the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 12 – To set notifications for the schedule, click **Notifications**. 1. On the Notifications dialog box, select the **Send group life extension notification** check box @@ -102,7 +106,7 @@ Step 12 – To set notifications for the schedule, click **Notifications**. Step 13 – On the Create Schedule page, click **Create Schedule**. -Step 14 – On the Schedules page, click **Save**. +Step 14 – On the Schedules page, click **Save**. The schedule is displayed under Group Life Cycle. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/groupusageservice.md b/docs/directorymanager/11.1/admincenter/schedule/groupusageservice.md index db7a1ce895..8efbbfc705 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/groupusageservice.md +++ b/docs/directorymanager/11.1/admincenter/schedule/groupusageservice.md @@ -30,7 +30,7 @@ Step 2 – On the Identity Stores page, click the ellipsis button for an identit Step 3 – Click **Schedules** under Settings in the left pane. -Step 4 – On the Schedules page, click **Add Schedule** and select **Group Usage Service Job**. +Step 4 – On the Schedules page, click **Add Schedule** and select **Group Usage Service Job**. The Create Schedule page is displayed. Step 5 – In the **Schedule Name** box, enter a name for the schedule. @@ -66,13 +66,13 @@ Step 9 – You can specify containers as targets for the schedule. The schedule groups in those containers and sub-containers. - Select the **Include all containers** check box to run the schedule on all the containers in the - identity store. + identity store. Or - Click **Add Container** to add one or more containers as targets. The Add Container(s) dialog box shows the domain name and the OUs in the identity store. Select the check boxes for the required containers and click **Add**; the selected containers are displayed in the Target(s) area. To exclude a sub-container, clear the check box for it on the Add Container(s) dialog box. -- To remove a container in the Target(s) area, click **Remove** for it. +- To remove a container in the Target(s) area, click **Remove** for it. To remove all target objects, click **Remove All**. Step 10 – You can also specify one or more messaging servers. The job reads expansion logs from @@ -98,13 +98,13 @@ Step 12 – After specifying the settings for triggers, click **Add**. The trigg Triggers area. A schedule can have one or more triggers, allowing the schedule to be started in many ways. With -multiple triggers, the schedule will start when any of the triggers occur. +multiple triggers, the schedule will start when any of the triggers occur. To enable or disable a trigger - Click **Edit** for a trigger in the Triggers area and use the -toggle button at the top of the Update Trigger dialog box to enable or disable the trigger. +toggle button at the top of the Update Trigger dialog box to enable or disable the trigger. To remove a trigger - Click **Remove** for a trigger to remove it. Step 13 – Click **Add Authentication** in the Authentication area to specify an account for running -the schedule in the identity store. +the schedule in the identity store. The Authentication dialog box displays your accounts in the respective identity store that you have used for signing in. Select an account to authenticate with it or click **Login with a different user** to provide the credentials of another account to run the schedule in the identity store. @@ -114,6 +114,9 @@ Make sure this account falls under a high priority security role that has elevat in the identity store (for example, Administrator). ::: +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: :::note If you are creating this schedule in a Microsoft Entra ID identity store, you can only specify @@ -125,7 +128,7 @@ section of the [Schedules](/docs/directorymanager/11.1/admincenter/schedule/over Step 14 – On the Create Schedule page, click **Create Schedule**. -Step 15 – On the Schedules page, click **Save**. +Step 15 – On the Schedules page, click **Save**. The schedule is displayed under Group Usage Service. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/manage.md b/docs/directorymanager/11.1/admincenter/schedule/manage.md index 073993abed..c2fe5792aa 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/manage.md +++ b/docs/directorymanager/11.1/admincenter/schedule/manage.md @@ -21,7 +21,7 @@ Step 2 – On the Identity Stores page, click the ellipsis button for an identit Step 3 – Click **Schedules** under Settings in the left pane. Step 4 – On the Schedules page, click the plus sign next to a job name to view the schedules defined -for it. +for it. The following is displayed for a schedule: | Label | Description | @@ -90,7 +90,7 @@ Step 3 – Click **Schedules** under Settings in the left pane. Step 4 – On the Schedules page, click the plus sign for a job to view the schedules defined for it. -Step 5 – Use the Enable toggle button for a schedule to enable or disable it. +Step 5 – Use the Enable toggle button for a schedule to enable or disable it. A disabled schedule is not executed in the identity store. Step 6 – Click **Save**. @@ -124,6 +124,14 @@ Step 7 – Click **Update Schedule**. Step 8 – Click **Save** on the Schedules page. +:::important Password Re-insertion Required +Due to security enhancements, when editing any schedule settings, you must re-enter the account password in the Authentication section even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. The password must be re-entered when: +- Updating triggers +- Updating targets +- Updating notification settings +- Making any other changes to the schedule +::: + ## Update Targets for a Schedule Targets in a schedule are the objects processed by that schedule. @@ -142,7 +150,7 @@ Step 4 – On the Schedules page, click the plus sign for a job to view the sche Step 5 – Click the ellipsis button for a schedule and select **Edit**. Step 6 – On the Edit Schedule page, the Target(s) area displays the target objects for the -schedule. +schedule. Target types differ for different schedule types. For example, you can set containers as targets for a Group Lifecycle schedule; and jobs and job collections for a Synchronize schedule. Other schedules, such as a User Lifecycle schedule, may not require a target, as they execute certain @@ -172,11 +180,11 @@ Step 4 – On the Schedules page, click the plus sign for a job to view the sche Step 5 – Click the ellipsis button for a schedule and select **Edit**. Step 6 – On the Edit Schedule page, click the **Notifications** button to update notification -settings for the schedule. +settings for the schedule. Notification settings differ for different schedule types. For example, a Smart Group Update schedule has a different set of notification options from a Group Lifecycle schedule. Other schedules, such as the Directory Manager Entitlement and Workflow Acceleration schedules, do not -have notification settings. +have notification settings. To manage the notification settings for a schedule, refer to the instructions for the respective schedule. @@ -232,7 +240,7 @@ Step 3 – Click **Schedules** under Settings in the left pane. Step 4 – On the Schedules page, click the plus sign for a job to view the schedules defined for it. -Step 5 – Click the ellipsis button for a schedule and select **Delete**. +Step 5 – Click the ellipsis button for a schedule and select **Delete**. The Delete option is not available for system-defined schedules. Step 6 – On the Delete Schedule dialog box, click **Delete**. diff --git a/docs/directorymanager/11.1/admincenter/schedule/managedbylifecycle.md b/docs/directorymanager/11.1/admincenter/schedule/managedbylifecycle.md index 25ed3b8b31..d95379a653 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/managedbylifecycle.md +++ b/docs/directorymanager/11.1/admincenter/schedule/managedbylifecycle.md @@ -83,9 +83,13 @@ the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 12 – On the Create Schedule page, click **Create Schedule**. -Step 13 – On the Schedules page, click **Save**. +Step 13 – On the Schedules page, click **Save**. The schedule is displayed under Managed By Life Cycle. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/membershiplifecycle.md b/docs/directorymanager/11.1/admincenter/schedule/membershiplifecycle.md index 3448cb12f3..0c3142b4b7 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/membershiplifecycle.md +++ b/docs/directorymanager/11.1/admincenter/schedule/membershiplifecycle.md @@ -106,9 +106,13 @@ the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 12 – On the Create Schedule page, click **Create Schedule**. -Step 13 – On the Schedules page, click **Save**. +Step 13 – On the Schedules page, click **Save**. The schedule is displayed under **Membership Life Cycle**. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/orphangroupupdate.md b/docs/directorymanager/11.1/admincenter/schedule/orphangroupupdate.md index 0674709a65..08e7813cbf 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/orphangroupupdate.md +++ b/docs/directorymanager/11.1/admincenter/schedule/orphangroupupdate.md @@ -93,9 +93,13 @@ the schedule in the identity store. See step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 12 – On the Create Schedule page, click **Create Schedule**. -Step 13 – On the Schedules page, click **Save**. +Step 13 – On the Schedules page, click **Save**. The schedule is displayed under Orphan Group Update. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/reports.md b/docs/directorymanager/11.1/admincenter/schedule/reports.md index 2471fd2c24..ae4a90dcd4 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/reports.md +++ b/docs/directorymanager/11.1/admincenter/schedule/reports.md @@ -90,7 +90,7 @@ settings here, such as the container and filter settings. 4. Select the check box for a report and click **Add**. The selected reports are displayed in the Reports area on the Create Schedule page. When this Reports schedule runs, it auto generates all - added reports. + added reports. To remove a report , click **Remove** for it. Step 9 – Click **Add Triggers** in the Triggers area to specify a triggering criterion for the @@ -103,6 +103,10 @@ running the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 11 – To set up notifications for the schedule, click **Notifications**. 1. On the Notifications dialog box, enter the email address of recipient(s) to whom you want to send @@ -111,7 +115,7 @@ Step 11 – To set up notifications for the schedule, click **Notifications**. Step 12 – On the Create Schedule page, click **Create Schedule**. -Step 13 – On the Schedules page, click **Save**. +Step 13 – On the Schedules page, click **Save**. The schedule is displayed under **Reports**. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store)topic for details. diff --git a/docs/directorymanager/11.1/admincenter/schedule/smartgroupupdate.md b/docs/directorymanager/11.1/admincenter/schedule/smartgroupupdate.md index c522104436..08b1a67c78 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/smartgroupupdate.md +++ b/docs/directorymanager/11.1/admincenter/schedule/smartgroupupdate.md @@ -81,14 +81,14 @@ processes the added groups only (i.e., it does not process nested groups). - Select the **Include Sub-Containers** check box to include the sub-containers within the selected container to search for the group(s). - Enter a search string in the search box; group names starting with the string are displayed as - you type. Click **Add** for a group to select it. + you type. Click **Add** for a group to select it. You can also perform an advanced search to locate a group. Click **Advanced** in the search box and use the search fields to enter a search string. On clicking **Search**, groups matching the string are displayed. Select the group you want to add as target. - After selecting one or more groups, click **Add** the groups are displayed in the Target(s) area. -3. To remove a container or group in the Target(s) area, click **Remove** for it. +3. To remove a container or group in the Target(s) area, click **Remove** for it. To remove all target objects, click **Remove All**. Step 10 – Click **Add Triggers** in the Triggers area to specify a triggering criterion for the @@ -101,6 +101,10 @@ the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 12 – To enable notifications for the schedule, click **Notifications**. On the Notifications dialog box, specify an event for triggering notifications for the schedule and add recipients. @@ -118,7 +122,7 @@ dialog box, specify an event for triggering notifications for the schedule and a 3. Select the **Send Report to group owner(s)** check box to send a report to each unique group owner of the groups processed by the schedule. A Dynasty owner receives a notification for its - groups and direct child Dynasties. + groups and direct child Dynasties. Group owners include the primary owner, additional owner(s), and Exchange additional owner(s). :::note @@ -152,7 +156,7 @@ dialog box, specify an event for triggering notifications for the schedule and a Step 13 – On the Create Schedule page, click **Create Schedule**. -Step 14 – On the Schedules page, click **Save**. +Step 14 – On the Schedules page, click **Save**. The schedule is displayed under Smart Group Update. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for more info for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/synchronize.md b/docs/directorymanager/11.1/admincenter/schedule/synchronize.md index a12ad46b79..f5f112e1de 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/synchronize.md +++ b/docs/directorymanager/11.1/admincenter/schedule/synchronize.md @@ -58,8 +58,8 @@ Step 8 – Add a Synchronize job or a job collection or both to this schedule. collections from the list and click **Add**. The selected job(s) and job collection(s) are listed in the Target(s) area. They will be executed -when the schedule runs. -To remove a job or job collection in the Target(s)area, click **Remove** for it. +when the schedule runs. +To remove a job or job collection in the Target(s)area, click **Remove** for it. To remove all target objects, click **Remove All**. Step 9 – Click **Add Triggers** in the Triggers area to specify a triggering criterion for the @@ -72,9 +72,13 @@ the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 11 – On the Create Schedule page, click **Create Schedule**. -Step 12 – On the Schedules page, click **Save**. +Step 12 – On the Schedules page, click **Save**. The schedule is displayed under **Synchronize**. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/userlifecycle.md b/docs/directorymanager/11.1/admincenter/schedule/userlifecycle.md index 26e79b386f..f33d8a6069 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/userlifecycle.md +++ b/docs/directorymanager/11.1/admincenter/schedule/userlifecycle.md @@ -67,9 +67,13 @@ the schedule in the identity store. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 11 – On the Create Schedule page, click **Create Schedule**. -Step 12 – On the Schedules page, click **Save**. +Step 12 – On the Schedules page, click **Save**. The schedule is displayed under **User Life Cycle**. See the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store)topic for additional information. diff --git a/docs/directorymanager/11.1/admincenter/schedule/workflowacceleration.md b/docs/directorymanager/11.1/admincenter/schedule/workflowacceleration.md index ea5d404d79..10077a59a1 100644 --- a/docs/directorymanager/11.1/admincenter/schedule/workflowacceleration.md +++ b/docs/directorymanager/11.1/admincenter/schedule/workflowacceleration.md @@ -69,9 +69,13 @@ To change it, click **Add Authentication**. Follow step 12 in the [Create a Group Usage Service Schedule](groupusageservice.md#create-a-group-usage-service-schedule) topic for additional information. +:::important Password Re-insertion Required +Due to security enhancements, when editing a schedule, you must re-enter the account password in the Authentication section, even if you are not changing the authentication credentials. This is a required security measure to ensure password field sanitization across the product. +::: + Step 9 – Click **Update Schedule**. -Step 10 – On the Schedules page, click **Save**. +Step 10 – On the Schedules page, click **Save**. For general schedule info, see the [View the Schedules in an Identity Store ](manage.md#view-the-schedules-in-an-identity-store) topic for additional information. diff --git a/docs/directorymanager/11.1/credentialprovider/credentialprovider.md b/docs/directorymanager/11.1/credentialprovider/credentialprovider.md index 913c6e2127..32255a3887 100644 --- a/docs/directorymanager/11.1/credentialprovider/credentialprovider.md +++ b/docs/directorymanager/11.1/credentialprovider/credentialprovider.md @@ -6,24 +6,66 @@ sidebar_position: 70 # Credential Provider -Directory Manager Credential Provider is a web interface for unlocking user accounts and resetting -passwords. +Netwrix Directory Manager Credential Provider (version 3.1.0.0) is a Windows Credential Provider that integrates with Windows login screens to provide self-service password reset and account unlock functionality. You must install it on each client workstation to make the password reset and account unlock features available to all users. It provides links on the Windows logon screen, which route users to the web page(s) where they can unlock their accounts and reset their passwords. -## Files in the download package +## Product Information + +- **Version**: 3.1.0.0 (formerly Imanami PasswordCenter Credential Provider) +- **Build Platform**: x64 +- **Target OS**: Windows 10/11 (x64) +- **Browser Engine**: Chromium Embedded Framework (CEF) with latest security patches + +## Key Components in the Package The Credential Provider package consists of: -| File and Folder Names | Type of file | -| ------------------ | -------------- | -| NetwrixdirectorymanagerCredentialprovider.msi | Application | -| CPSettings.xml (contains settings for Credential Provider) | File | -| MST Guide | File folder | -| 838060235bcd28bf40ef7532c50ee032.cab | Cab file | -| a35cd6c9233b6ba3da66eecaa9190436.cab | Cab file | -| fe38b2fd0d440e3c6740b626f51a22fc.cab | Cab file | -| Orca-x86_en-us.msi | Orca installer | -| readme.txt | .txt file | +| Component | Description | +| ------------- | ------------- | +| PasswordCenterClientSetup64.msi | MSI installer package | +| Imanami.PasswordCenter.Credential64.dll | Core credential provider DLL | +| GroupIDBrowser.exe | Desktop browser component | +| WebBrowser.exe | CEF-based web rendering engine | +| CPSettings.xml | Configuration file for credential provider settings (optional) | +| Visual C++ 2022 Redistributable (x64) | Required runtime (included in installer) | +| image_yv5_icon.ico | Netwrix branding icon | +| logo.bmp | Enhanced logo bitmap | + +## Default Configuration + +The credential provider includes the following default settings: +- **Window Title**: "Netwrix Directory Manager" +- **CP Title**: "Netwrix Directory Manager" +- **Forgot Password Text**: "Forgot my password?" +- **Unlock Account Text**: "Unlock my account" +- **Logging**: Disabled by default +- **CEF Log Mode**: Disabled +- **Web View Engine**: CEF (Chromium Embedded Framework) + +## System Requirements + +- **Operating System**: Windows 10/11 (x64) +- **Platform Toolset**: Visual Studio 2022 (v143) +- **Runtime**: Visual C++ 2022 Redistributable (x64) - included in installer + +## Installation Notes + +1. The installer requires Windows x64 architecture +2. Visual C++ 2022 Redistributable (x64) is included in the package +3. A system reboot is scheduled after installation to complete credential provider registration +4. Custom CPSettings.xml can be placed in the installation directory for custom configuration + +## Configuration Options + +The credential provider supports extensive configuration through registry settings and XML configuration: +- Custom password reset URLs +- Custom unlock account URLs +- Proxy server configuration +- Credential provider filtering for specific scenarios +- Custom branding (titles, text, images) +- Logging and debugging options + +Registry settings path: `SOFTWARE\Imanami\GroupID\Version 10.0\PasswordCenterClient\Settings` diff --git a/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md b/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md index 47658f09c0..8a70babf21 100644 --- a/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md +++ b/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md @@ -1,10 +1,10 @@ --- -title: "Netwrix Directory Manager Credential Provider Installation and Configuration" -description: "Installation and Configuration Guide for Netwrix Directory Manager Credential Provider" +title: "Installation and Configuration" +description: "Installation and Configuration" sidebar_position: 1 --- -# Netwrix Directory Manager Credential Provider - Technical Documentation +# Installation and Configuration --- ## Table of Contents @@ -111,7 +111,7 @@ This method is suitable for single computers or small deployments where centrali #### Installation Steps 1. **Download the Installer** - - Obtain `PasswordCenterClientSetup64.msi` (also referred to as `NetwrixdirectorymanagerCredentialprovider.msi` in legacy documentation) from your Netwrix Product Library or link shared by your Account Manager + - Obtain `Netwrix Directory Manager Credential Provider` from your Netwrix Product Library or link shared by your Account Manager - Verify the file is digitally signed by Netwrix 2. **Run the Installer** @@ -146,7 +146,7 @@ C:\Program Files\Imanami\Password Center Client (x64)\ After reboot, the Windows logon screen will display with the credential provider active: -![Windows Logon Screen Example] +![Windows Logon Screen](/images/directorymanager/11.1/portal/user/manage/windows_screen.webp) The logon screen will show: - **Netwrix logo** (or custom logo if configured) @@ -255,7 +255,7 @@ If you need to customize the MSI installation (such as pre-configuring the SOURC **Prerequisites**: - Orca MSI editor tool (included in Windows SDK) -- MSI package (PasswordCenterClientSetup64.msi or NetwrixdirectorymanagerCredentialprovider.msi) +- MSI package (PasswordCenterClientSetup64.msi) **Steps to Create MST Transform File**: @@ -265,21 +265,29 @@ If you need to customize the MSI installation (such as pre-configuring the SOURC - Run `Orca-x86_en-us.msi` to install Orca - The Orca console will open after installation + ![Orca console](/images/directorymanager/11.1/portal/user/manage/orca_console.webp) + 2. **Open MSI in Orca**: - Launch Orca application - Click **File** → **Open** - Browse to the Credential Provider folder - - Select and open `NetwrixdirectorymanagerCredentialprovider.msi` (or `PasswordCenterClientSetup64.msi`) + - Select and open `PasswordCenterClientSetup64.msi` + + ![Credential Provider in Orca](/images/directorymanager/11.1/portal/user/manage/cp_loaded.webp) 3. **Create New Transform**: - From the menu, select **Transform** → **New Transform** - This creates a new transform that will store your customizations + ![New Transform option](/images/directorymanager/11.1/portal/user/manage/new_transform.webp) + 4. **Modify Properties**: - In the left pane, click **Property** - The main window displays a list of MSI properties - Locate the **SOURCEPATH** property in the property list + ![Property page](/images/directorymanager/11.1/portal/user/manage/property.webp) + 5. **Configure Source Path**: - Create a shared folder for configuration files: - Example: `\\fileserver\software\CredentialProvider\Config\` @@ -290,8 +298,13 @@ If you need to customize the MSI installation (such as pre-configuring the SOURC - Enter the UNC path to the shared folder: `\\fileserver\software\CredentialProvider\Config\` - Click **OK** + ![Property path](/images/directorymanager/11.1/portal/user/manage/property_path.webp) + 6. **Generate Transform File**: - From the menu, select **Transform** → **Generate Transform** + + ![Generate Transform option](/images/directorymanager/11.1/portal/user/manage/generate_transform.webp) + - Save the transform file with a descriptive name (e.g., `CustomConfig.mst`) - Save it to the same shared folder as the MSI package: ``` @@ -305,7 +318,7 @@ If you need to customize the MSI installation (such as pre-configuring the SOURC **Files Required in Network Share After This Step**: ``` \\fileserver\software\CredentialProvider\ -├── PasswordCenterClientSetup64.msi (or NetwrixdirectorymanagerCredentialprovider.msi) +├── PasswordCenterClientSetup64.msi ├── CustomConfig.mst (your generated transform file) └── Config\ └── CPSettings.xml (configuration file) @@ -323,12 +336,27 @@ If you need to customize the MSI installation (such as pre-configuring the SOURC - Run: `gpmc.msc` - Or: Start → Administrative Tools → Group Policy Management + ![Group Policy Management console](/images/directorymanager/11.1/portal/user/manage/gp_policy.webp) + + :::note + Group Policy Management console is available if the Group Policy Management feature has been installed. + ::: + 2. **Create New GPO**: - Navigate to your domain or appropriate Organizational Unit (OU) - Right-click → "Create a GPO in this domain, and Link it here" + + ![Create a GPO in this domain and link it here option](/images/directorymanager/11.1/portal/user/manage/new_gpo.webp) + - Name: "Deploy Netwrix Credential Provider" - Click "OK" +**Or** + + Right-click the Select **Default Domain Policy** and select **Edit**: + + ![Edit Default Domain Policy option](/images/directorymanager/11.1/portal/user/manage/edit_gpo.webp) + 3. **Link GPO to Target OUs** (if not already linked): - Right-click the GPO - Select "Link an Existing GPO" @@ -348,12 +376,20 @@ If you need to customize the MSI installation (such as pre-configuring the SOURC - Expand: `Software Settings` - Click: `Software installation` + ![New Package option](/images/directorymanager/11.1/portal/user/manage/software_installation.webp) + + :::note + This documentation describes steps for editing the default policy. + ::: + 3. **Add New Package**: - Right-click in the right pane → New → Package - Navigate to the network share: `\\fileserver\software\CredentialProvider\` - Select: `PasswordCenterClientSetup64.msi` - **Important**: Use UNC path, not mapped drive letter + ![Deploy Software](/images/directorymanager/11.1/portal/user/manage/deploy_cp.webp) + 4. **Choose Deployment Method**: - Dialog appears: "Deploy Software" - Select: **"Assigned"** (recommended) @@ -378,6 +414,9 @@ If you selected "Advanced" in step 3.4, configure additional options: If you created an MST transform file using Orca (see section 1A above), apply it here: - Click the **Modifications** tab + + ![Modifications tab](/images/directorymanager/11.1/portal/user/manage/modification_tab.webp) + - Click **Add** button - Browse to the network share where you saved the .mst file - Select your transform file (e.g., `CustomConfig.mst`) @@ -530,6 +569,8 @@ Once the GPO is configured and linked, client machines within the scope of the p - "Unlock Account" link - Custom title text under the logo + ![Windows Logon screen](/images/directorymanager/11.1/portal/user/manage/windows_screen.webp) + The credential provider is now active and ready for use on client workstations. #### Troubleshooting GPO Deployment @@ -2886,6 +2927,73 @@ msiexec /x {4C3F32FA-8AAE-41B7-806E-195782B986D5} /quiet /norestart msiexec /x "C:\Path\To\PasswordCenterClientSetup64.msi" /quiet /norestart ``` +**Method 4: Uninstall via Group Policy Object** + +For enterprise environments where the credential provider was deployed via GPO: + +1. **Open Group Policy Management**: + - Run: `gpmc.msc` + - Or: Start → Administrative Tools → Group Policy Management + +2. **Locate and Edit the GPO**: + - Right-click the GPO that contains the credential provider deployment (e.g., "Deploy Netwrix Credential Provider" or "Default Domain Policy") + - Select **Edit** + - The Group Policy Management Editor opens + +3. **Navigate to Software Installation**: + - Expand: `Computer Configuration` + - Expand: `Policies` + - Expand: `Software Settings` + - Click: `Software installation` + +4. **Remove the Package**: + - Right-click the Credential Provider package + - Point to **All Tasks** + - Click **Remove** + +5. **Select Removal Method**: + - In the "Remove Software" dialog box: + - Select: **"Immediately uninstall the software from users and computers"** + - Click **OK** + +6. **Close the Editor**: + - Click **Close** to close the Group Policy Object Editor + +7. **Client Workstation Removal Process**: + - When client workstations restart, the GPO (now without the Credential Provider) is applied + - This removes the installed Credential Provider from all client workstations + - **Important**: Once the software is removed, users must restart the workstation **again** to remove the links from the Windows logon screen + +**Force Immediate Removal on Specific Computers**: + +On client computers, administrators can force policy update: +```cmd +gpupdate /force /boot +``` + +**Verify Removal on Client Machines**: + +Check if credential provider has been uninstalled: +```powershell +Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -like "*Credential*"} +``` + +Or check registry: +```cmd +reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{c8765b62-7058-4d7f-9421-11a75d623206}" +``` + +If registry key doesn't exist, uninstallation was successful. + +**Monitoring Uninstallation Status**: + +Check GPO application results: +```cmd +gpresult /h gpreport.html +``` +Review the HTML report to verify the software removal policy was applied. + + --- ### Rollback Scenario 3: Emergency Removal (System Locked Out) @@ -3237,4 +3345,4 @@ Complete list of common Windows credential provider CLSIDs for filtering: **Document End** -*For the latest version of this documentation, visit: https://www.netwrix.com/groupid-credential-provider-docs* + diff --git a/docs/directorymanager/11.1/credentialprovider/installcp.md b/docs/directorymanager/11.1/credentialprovider/installcp.md deleted file mode 100644 index 2f0a2192ea..0000000000 --- a/docs/directorymanager/11.1/credentialprovider/installcp.md +++ /dev/null @@ -1,182 +0,0 @@ ---- -title: "Install Credential Provider" -description: "Install Credential Provider" -sidebar_position: 10 ---- - -# Install Credential Provider - -You can install Directory Manager Credential Provider in one of the following ways: - -- Install Credential Provider Manually -- Install Credential Provider via a Group Policy Object (GPO) - -### Install Credential Provider Manually - -Browse to the folder where you have copied the package: - -1. Click the _NetwrixdirectorymanagerCredentialprovider.msi_ file. The wizard opens and installs Credential - Provider. -2. After the installation, it asks you to restart your machine. -3. After the restart, the Windows logon screen appears as follows: - - ![Windows Logon screen](/images/directorymanager/11.1/portal/user/manage/windows_screen.webp) - - The **Forgot Password** and **Unlock Account** options are now available on the Windows logon - screen. They route you to the URLs provided for these options in the _CPSettings.xml_ file. You - can modify the URLs as well as the text of these options. - - Let’s have a look at the settings which are available in the _CPsettings.xml_ file: - - - `` - - Provide the text for the ForgotPasswordText key. This text will appear on the Windows logon - screen for the Forgot Password option. - - - `` - - Provide the text for the UnlockAccountText key. This text will appear on the Windows logon - screen for Unlock Account option. - - - `` - - Provide the URL to which you want to redirect the user to reset his/her forgotten password. - - - **For GroupID 10**: - `https://MachineName:port/portalname` - - **For GroupID 11**: `https://Machniename:port/portalname/Home/PasswordReset` - -4. `` - - Provide the URL to which you want to redirect the user to unlock his/her locked account. - - - **For GroupID 10:** `https://MachineName:port/Portalname` - - **For GroupID 11:** `https://Machinename:port/portalname/Home/UnlockAccount` - -5. `` - - Provide the text for the CPTitle key. This text will appear as title under the Netwrix logo on - the Windows logon screen. - -## Install Credential Provider via a Group Policy Object (GPO) - -Instead of installing Credential Provider manually on each individual client workstation, you can -distribute it for automatic installation using a GPO, for substantial time savings (especially with -larger networks). The GPO can be defined for an organizational unit or applied on the entire domain. -Credential Provider is installed automatically at the next Windows startup. - -Installing Credential Provider is a two-step process: - -1. Install Orca -2. Deploy Credential Provider via a GPO - -### Install Orca - -Before Credential Provider’s installation via GPO, Orca software is to be installed: - -1. Browse to the folder where you have copied the Credential Provider package. -2. Go to the MST Guide folder and run the _Orca-x86_en-us.msi_ application. The Orca console opens: - - ![Orca console](/images/directorymanager/11.1/portal/user/manage/orca_console.webp) - -3. In Orca, click **File** > **Open**. Browse to the Credential Provider folder and load the - _NetwrixdirectorymanagerCredentialprovider.msi_ in Orca. - - ![Credential Provider in Orca](/images/directorymanager/11.1/portal/user/manage/cp_loaded.webp) - -4. From the menu, select **Transform** > **New Transform**: - - ![New Transform option](/images/directorymanager/11.1/portal/user/manage/new_transform.webp) - -5. Click **Property** in the left pane, list of the properties are displayed in the **Property** - main window: - - ![Property page](/images/directorymanager/11.1/portal/user/manage/property.webp) - -6. On your machine, create a new folder and copy the following files to it: - - - CPsettings.xml - - NetwrixdirectorymanagerCredentialprovider.msi - -7. Share the folder with the Everyone group with Read permission. -8. Provide the path of this newly created folder in the **SOURCEPATH** box. - - ![Property path](/images/directorymanager/11.1/portal/user/manage/property_path.webp) - -9. From the menu, select **Transform** > **Generate Transform**: - - ![Generate Transform option](/images/directorymanager/11.1/portal/user/manage/generate_transform.webp) - -10. Type a filename for the generated .mst file and save it into the shared folder you just created. -11. Close **Orca**. - -### Deploy Credential Provider via a GPO - -Having Orca successfully installed, follow these steps to deploy Credential Provider via a GPO. - -1. Launch **Group Policy Management** console by typing _gpmc.msc_ in the **Run** box and clicking - **OK**. The Group Policy Management Editor opens. - - ![Group Policy Management console](/images/directorymanager/11.1/portal/user/manage/gp_policy.webp) - - :::note - Group Policy Management console is available if the Group Policy Management feature has - been installed. - ::: - - -2. Right-click the domain or organizational unit for the computers that you want the Credential - Provider installed on. Select **Create a GPO in this domain, and link it here...**: - - ![CCreate a GPO in this domain and link it here option](/images/directorymanager/11.1/portal/user/manage/new_gpo.webp) - -**Or** - - Right-click the Select **Default Domain Policy** and select **Edit**: - - ![Edit Default Domain Policy option](/images/directorymanager/11.1/portal/user/manage/edit_gpo.webp) - -3. In the **Group Policy Management Editor**, click **Computer Configuration** > **Policies** > - **Software Settings** > **Software installation** > **New** > **Package**. - - ![New Package option](/images/directorymanager/11.1/portal/user/manage/software_installation.webp) - - :::note - This documentation describes steps for editing the default policy. - ::: - - -4. Browse to the shared folder. The folder must have the following files in it: - - - CPSettings.xml - - Netwrixdirectorymanagercredentialprovider.msi - - .mst file - - Select the _Netwrixdirectorymanagercredentialprovider.msi_ and click **Ok**. - - ![Deploy Software ](/images/directorymanager/11.1/portal/user/manage/deploy_cp.webp) - -5. Select **Advanced** and click **Ok**. The following window opens: - - ![Modifications tab](/images/directorymanager/11.1/portal/user/manage/modification_tab.webp) - -6. Select the **Modifications** tab. Click **Add**. -7. Browse to the shared folder where you saved the generated .mst file. Select that file and click - **Ok**. -8. Close the Group Policy Management Editor. - -The Credential provider is deployed on your machine via the default domain policy. - -## Run the credential provider - -1. Restart the machine - or - Run Command Prompt as administrator and type the following command in the cmd window: - gpupdate /force - -## Run the credential provider on client machines - -The modified domain policy will be installed on the client machines, which are in the scope of the -Group Policy Object, upon their next restart. The Windows logon screen appear as follows: - -![Windows Logon screen](/images/directorymanager/11.1/portal/user/manage/windows_screen.webp) diff --git a/docs/directorymanager/11.1/credentialprovider/uninstallcp.md b/docs/directorymanager/11.1/credentialprovider/uninstallcp.md deleted file mode 100644 index c8b47c7de8..0000000000 --- a/docs/directorymanager/11.1/credentialprovider/uninstallcp.md +++ /dev/null @@ -1,36 +0,0 @@ ---- -title: "Uninstall Credential Provider" -description: "Uninstall Credential Provider" -sidebar_position: 20 ---- - -# Uninstall Credential Provider - -You can uninstall Credential Provider using one of the following: - -- Windows Control Panel – If you have installed Credential Provider manually, you can uninstall it - using Windows Control Panel. -- Group Policy Object – If you have installed the Credential Provider via Group Policy Object, - follow the steps to uninstall it. - - Step 1 – Open Group Policy Management by typing _gpmc.msc_ in the **Run** box and clicking - **OK**. - - Step 2 – Right-click the required GPO under the domain or organizational unit that contains the - GPO distributing Credential Provider and click **Edit**. The Group Policy Management Editor - opens. - - Step 3 – Click **Computer Configurations** > **Policies** > **Software Settings** > **Software - Installation**. - - Step 4 – Right-click the Credential Provider package, point to All Tasks and click **Remove**. - - Step 5 – In the Remove Software dialog box, select **Immediately uninstall the software from - users and computers** and click **OK**. - - Step 6 – Click **Close** to close the Group Policy Object Editor. - - Step 7 – When a client workstation restarts, the GPO, now without the Credential Provider - object, is applied on it. This removes the installed Credential Provider from all client - workstations. Once it is removed from the client workstation, the user must restart it again to - remove the links from the Windows logon screen. diff --git a/docs/directorymanager/11.1/portal/passwordmanagement.md b/docs/directorymanager/11.1/portal/passwordmanagement.md index fe47c388a4..0c7bb2fb92 100644 --- a/docs/directorymanager/11.1/portal/passwordmanagement.md +++ b/docs/directorymanager/11.1/portal/passwordmanagement.md @@ -35,7 +35,7 @@ both these functions. Using it: The client software to install on user workstations is called [ Credential Provider](/docs/directorymanager/11.1/credentialprovider/credentialprovider.md) and available for distribution using various IT enabled distribution methods such as group policy and Microsoft System Center - Configuration Manager (SCCM). See the [Install Credential Provider](/docs/directorymanager/11.1/credentialprovider/installcp.md) topic for + Configuration Manager (SCCM). See the [Install Credential Provider](/docs/directorymanager/11.1/credentialprovider/installconfigurecp.md) topic for additional information. The distributed client enables the **Forgot Password?** and **Unlock Account** links on the diff --git a/docs/directorymanager/11.1/portal/synchronize/manage/job.md b/docs/directorymanager/11.1/portal/synchronize/manage/job.md index c1f4a9d88b..5d4b1c10b4 100644 --- a/docs/directorymanager/11.1/portal/synchronize/manage/job.md +++ b/docs/directorymanager/11.1/portal/synchronize/manage/job.md @@ -86,6 +86,15 @@ Step 2 – On the Synchronize portal, click **All Jobs**. Step 3 – In the jobs list, click the **three vertical dots** icon on the job that you want to edit and click **Edit**. +:::important Password Field Re-configuration Required +Due to security enhancements, if your Synchronize job uses password field mapping or password transformations, you must re-configure the password field when editing the job. This includes: +- Re-selecting the password field in the field mapping section +- Re-applying any password transformations +- Re-entering password complexity settings if using auto-generated passwords + +This is a required security measure to ensure password field sanitization across the product. +::: + Step 4 – Go through the wizard pages to modify the job as required. Step 5 – Click **Finish** twice to close both wizards. diff --git a/docs/endpointpolicymanager/archive/_category_.json b/docs/endpointpolicymanager/archive/_category_.json index 8d04836a8a..bb13c59c65 100644 --- a/docs/endpointpolicymanager/archive/_category_.json +++ b/docs/endpointpolicymanager/archive/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/archive/acrobatxpro.md b/docs/endpointpolicymanager/archive/acrobatxpro.md index 7efe899ea3..669bcc211e 100644 --- a/docs/endpointpolicymanager/archive/acrobatxpro.md +++ b/docs/endpointpolicymanager/archive/acrobatxpro.md @@ -11,7 +11,7 @@ So to ensure Protected Mode is on and guarantee it stays on? Not to mention, how manage any of the other 1000+ Acrobat Pro X settings using Group Policy? Watch this video to find out. - + One problem with Acrobat X Pro's **Protected Mode** security feature is that it is not enabled by default, especially if you need this feature to be always on. Furthermore, efficiently managing @@ -114,7 +114,8 @@ the user changes job roles, we're going to totally put those settings back the w also remove the lockout. You can see how we do that in some of our other videos when we talk about our superpowers. -[https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/](https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/) +[https://policypak.com/resources/thank-you-whitepapers/](https://policypak.com/resources/thank-you-whitepapers/) for watching. If you like what you see here with Acrobat Reader, it's available for most applications. We've got a whole bunch of preconfigured Paks ready to use right now. Thanks so much. Take care. + diff --git a/docs/endpointpolicymanager/archive/admxfiles.md b/docs/endpointpolicymanager/archive/admxfiles.md index 2bd8eb0352..28919ccff3 100644 --- a/docs/endpointpolicymanager/archive/admxfiles.md +++ b/docs/endpointpolicymanager/archive/admxfiles.md @@ -11,7 +11,7 @@ Group Policy MVP Jeremy Moskowitz shows how ADM and ADMX files do not perform th them to. Jeremy demonstrates how a 3rd party tool like Netwrix Endpoint Policy Manager (formerly PolicyPak) can actually deliver settings, plus perform lockdown so your settings are ensured. - + ### Group Policy: ADM/X Files – why they cannot prevent user shenanigans video transcript @@ -150,6 +150,8 @@ idea here is that we've ensured that all four checkboxes are checked, or whateve settings are, and even while the app is running no shenanigans can actually occur. That is the key point of how PolicyPak works. With that in mind, if you're interested in learning more about this, you can come to one of the -webinars that we do at endpointpolicymanager.com. I hope to see you there. +webinars that we do at policypak.com. I hope to see you there. Thanks so very much. Take care. + + diff --git a/docs/endpointpolicymanager/archive/applock.md b/docs/endpointpolicymanager/archive/applock.md index 92b4d3b572..89b7b456e1 100644 --- a/docs/endpointpolicymanager/archive/applock.md +++ b/docs/endpointpolicymanager/archive/applock.md @@ -10,7 +10,7 @@ Prior to Netwrix Endpoint Policy Manager (formerly PolicyPak) 3.5, it was necess display previous AppLock (TM) elements. In this video you can see how to quickly and easily restore the element within the GPO. - + ### PolicyPak 3.5 Applock Update Behavior Change video transcript @@ -50,3 +50,5 @@ control in target application." We have removed that requirement. I hope that helps you out. We're here for you if you need us. Thanks so much. + + diff --git a/docs/endpointpolicymanager/archive/autoupdater.md b/docs/endpointpolicymanager/archive/autoupdater.md index 6f4f6d6bb2..a73384355a 100644 --- a/docs/endpointpolicymanager/archive/autoupdater.md +++ b/docs/endpointpolicymanager/archive/autoupdater.md @@ -88,3 +88,5 @@ This is an example of and update.config to upgrade using a precise file name: ``` + + diff --git a/docs/endpointpolicymanager/archive/cloud.md b/docs/endpointpolicymanager/archive/cloud.md index 2915c2a15c..41bfd06119 100644 --- a/docs/endpointpolicymanager/archive/cloud.md +++ b/docs/endpointpolicymanager/archive/cloud.md @@ -10,7 +10,7 @@ Microsoft MVP Jeremy Moskowitz and Shane from Admin Arsenal show how you can dep settings to domain joined or non-domain joined machines through the cloud with Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud. - + ### Deliver Group Policy to Domain Joined and non-Domain Joined machines thru the Cloud @@ -225,9 +225,10 @@ Jeremy:Yep. We live to serve. We love this feature. It's great for MSP's and gre and roaming people. Shane: That's fantastic. Hey, -[https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/](https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/) +[https://policypak.com/resources/thank-you-whitepapers/](https://policypak.com/resources/thank-you-whitepapers/) Jeremy. Jeremy:Thank you man. Appreciate it. Shane: Alright. Rock on everybody. Thanks. + diff --git a/docs/endpointpolicymanager/archive/designstudiofirefox.md b/docs/endpointpolicymanager/archive/designstudiofirefox.md index 84a460d35d..a9ae59ef1d 100644 --- a/docs/endpointpolicymanager/archive/designstudiofirefox.md +++ b/docs/endpointpolicymanager/archive/designstudiofirefox.md @@ -10,7 +10,7 @@ Firefox is easy to manage using Netwrix Endpoint Policy Manager (formerly Policy how-to using the Endpoint Policy Manager **DesignStudio** to implement about:config settings within your Paks. - + ### PolicyPak: Use the DesignStudio to manage FireFox's about:config settings video transcript @@ -114,3 +114,5 @@ I hope this has been helpful. If you have any questions, please post them to the talk to you soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/archive/designstudiojava.md b/docs/endpointpolicymanager/archive/designstudiojava.md index cae2087fdb..9af615ae6d 100644 --- a/docs/endpointpolicymanager/archive/designstudiojava.md +++ b/docs/endpointpolicymanager/archive/designstudiojava.md @@ -7,4 +7,6 @@ hide_title: true import DesignStudioJava from '/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/designstudiojava.md'; - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/archive/differentusers.md b/docs/endpointpolicymanager/archive/differentusers.md index bf7b9b0ce9..46a5e6ca0d 100644 --- a/docs/endpointpolicymanager/archive/differentusers.md +++ b/docs/endpointpolicymanager/archive/differentusers.md @@ -9,7 +9,7 @@ sidebar_position: 20 Microsoft MVP Jeremy Moskowitz and Shane from Admin Arsenal demonstrate how it is possible to manage different users in the same OU using Netwrix Endpoint Policy Manager (formerly PolicyPak). - + ### Manage Different Users In The Same OU (And Reduce Number of GPOs) With PolicyPak @@ -90,5 +90,7 @@ different users in the same OU using Netwrix Endpoint Policy Manager (formerly P things under different conditions, have one slightly bigger GPO that has the smarts built in to evaluate on the fly. - Love it. Fantastic. -- [https://www.endpointpolicymanager.com/purchasing/thanks.html](https://www.endpointpolicymanager.com/purchasing/thanks.html) man. +- [https://www.policypak.com/purchasing/thanks.html](https://www.policypak.com/purchasing/thanks.html) man. - We'll talk to you guys later. + + diff --git a/docs/endpointpolicymanager/archive/gotomeeting.md b/docs/endpointpolicymanager/archive/gotomeeting.md index 07981d25c3..95d0eb1380 100644 --- a/docs/endpointpolicymanager/archive/gotomeeting.md +++ b/docs/endpointpolicymanager/archive/gotomeeting.md @@ -12,13 +12,13 @@ so that they get the right experience, every time they launch it. Keep your GoTo configuration settings enforced with Endpoint Policy Manager. Check out this video to see how it is done. - + ### Manage Goto Meetings Hi. This is Jeremy Moskowitz, Microsoft MVP, Enterprise Mobility and Founder of PolicyPak Software. In this video, we're going to learn how to manage and -[ lockdown ](https://dev.endpointpolicymanager.com/lockdown-recordings-portal/)GoToMeeting using PolicyPak. +[ lockdown ](https://policypak.com/lockdown-recordings-portal/)GoToMeeting using PolicyPak. I've already got "GoToMeeting" installed on my target computer, and I'm just a regular user here. As you can see, I'm logged on as a guy called "EastSales User4." If we open up this application from @@ -81,7 +81,8 @@ doing. And we're done. That is how incredibly easy it is for you to use PolicyPak and to manage and lockdown GoToMeeting as well as tons of your other desktop applications. If you're looking for a trial of PolicyPak, just click on the -[https://dev.endpointpolicymanager.com/webinar/](https://dev.endpointpolicymanager.com/webinar/) button on the right. +[https://policypak.com/webinar/](https://policypak.com/webinar/) button on the right. -[https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/](https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/) +[https://policypak.com/resources/thank-you-whitepapers/](https://policypak.com/resources/thank-you-whitepapers/) so much for watching, and get in touch with us if you're looking to get started. Talk with you soon. + diff --git a/docs/endpointpolicymanager/archive/ie10.md b/docs/endpointpolicymanager/archive/ie10.md index 6a58a8906d..8fcbaef710 100644 --- a/docs/endpointpolicymanager/archive/ie10.md +++ b/docs/endpointpolicymanager/archive/ie10.md @@ -10,7 +10,7 @@ If you install Internet Explorer 10 on Windows 7 (or Windows 8) machine you lose manage Internet Explorer Maintenance. Also, IEM settings stop working. This video explains how you can solve this problem. - + ### Internet Explorer 10 and Internet Explorer Maintenance – the whole story Video Transcript @@ -86,7 +86,7 @@ using WSUS or whatever, and now promptly your users don't get those things. What do? This is where I created a whitepaper for you. Let me show you exactly how to find this whitepaper. -It's hanging out over here on the "PolicyPak" website ("www.endpointpolicymanager.com"). Over here under +It's hanging out over here on the "PolicyPak" website ("www.policypak.com"). Over here under "Windows Security Whitepapers," I have one here called "What most Internet Explorer Admins don't know about application management." @@ -110,3 +110,5 @@ Alright, thanks so much. I hope this has been informative and you learned a litt Internet Explorer 10. Take care. + + diff --git a/docs/endpointpolicymanager/archive/ie9.md b/docs/endpointpolicymanager/archive/ie9.md index 955c0c7c01..00883f822f 100644 --- a/docs/endpointpolicymanager/archive/ie9.md +++ b/docs/endpointpolicymanager/archive/ie9.md @@ -11,7 +11,7 @@ a challenge to network administrators. WithNetwrix Endpoint Policy Manager (form can leverage its pre-configured pak for Internet Explorer 9, which makes configuring Internet Explorer as simple as can be. Check out this video to see how it's done. - + ### Manage Internet Explorer 9 using Group Policy and PolicyPak Video Transcript @@ -141,3 +141,5 @@ the big old "Download" button or "Webinar" button on the right, and we look forw you soon.Remember, with PolicyPak, what you set is what they get. Thanks so much. Bye-bye. + + diff --git a/docs/endpointpolicymanager/archive/infranview.md b/docs/endpointpolicymanager/archive/infranview.md index 85a50b2986..3caa2dfe44 100644 --- a/docs/endpointpolicymanager/archive/infranview.md +++ b/docs/endpointpolicymanager/archive/infranview.md @@ -14,13 +14,13 @@ place. Endpoint Policy Manager sets and enforces expectations for your users' ap they get the same experience, every time they launch it. Keep your IrfanView configuration settings enforced and streamlined with Endpoint Policy Manager. Check out this video to see how it is done. - + ### Lockdown IrfanView with Group Policy video transcript Hi, this is Jeremy Moskowitz, Microsoft MVP, Enterprise Mobility and Founder of PolicyPak Software. In this video, we're going to learn how to manage and -[https://dev.endpointpolicymanager.com/lockdown-recordings-portal/](https://dev.endpointpolicymanager.com/lockdown-recordings-portal/) +[https://policypak.com/lockdown-recordings-portal/](https://policypak.com/lockdown-recordings-portal/) IrfanView using PolicyPak. I've already got IrfanView installed on my computer, and I'm just a regular user here. As you can @@ -40,7 +40,7 @@ We'll go ahead and right click over our "East Sales Users", "Create a GPO" and w it "Lockdown IrfanView." So this GPO is now associated with the "East Sales Users." I'll right click over it. I'll click "Edit…" I'll dive down under "User Configuration," "PolicyPak/Applications/New/Application." There it is, -[https://www.endpointpolicymanager.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html](https://www.endpointpolicymanager.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html)along +[https://www.policypak.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html](https://www.policypak.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html)along with other applications like "Java," "Flash" "Firefox," "Skype" and lots of other important desktop applications that your users utilize every day (and you want to make more secure.). @@ -76,7 +76,8 @@ And we are done. That is how incredibly easy it is for you to use PolicyPak to m Irfanview as well as tons of other desktop applications. If you're looking for a trial of PolicyPak, just click on the -[ https://dev.endpointpolicymanager.com/webinar/](https://dev.endpointpolicymanager.com/webinar/) button on the right. +[ https://policypak.com/webinar/](https://policypak.com/webinar/) button on the right. Thanks so much for watching, and get in touch with us if you're looking to get started. Talk to you soon. + diff --git a/docs/endpointpolicymanager/archive/itemleveltartgeting.md b/docs/endpointpolicymanager/archive/itemleveltartgeting.md index 9f19d6fcd1..8328a6ed46 100644 --- a/docs/endpointpolicymanager/archive/itemleveltartgeting.md +++ b/docs/endpointpolicymanager/archive/itemleveltartgeting.md @@ -7,10 +7,10 @@ sidebar_position: 280 # Group Policy Preferences: Item Level Targeting Learn how to use **Group Policy Preferences** -[https://www.endpointpolicymanager.com/pp-blog/item-level-targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting) +[https://www.policypak.com/pp-blog/item-level-targeting](https://www.policypak.com/pp-blog/item-level-targeting) from former Group Policy MVP Jeremy Moskowitz. - + ### Group Policy Preferences: Item Level Targeting Video Transcript @@ -24,7 +24,7 @@ the Group Policy Preferences. I want to talk about a very specific piece of it, which is that for every single item you create, like "Shortcuts," let's say I want to create this shortcut on the "Desktop" and make it a "URL" like -"www.endpointpolicymanager.com." I'll give it a little lock "Icon." If I were to just hit go right here, every +"www.policypak.com." I'll give it a little lock "Icon." If I were to just hit go right here, every West Sales User is going to get this particular setting because this entry is linked over to my "West Sales Users." All of my West Sales users are going to get this. @@ -49,10 +49,12 @@ item to appear when the "Computer Name" has "64." It has to have a match of "6" Those are my two items. Normally, both of these would appear on both of my desktops, but that's not what's going to happen here. If I run "gpupdate" on this computer and I go over here and run -"gpupdate" on that computer, let's go back to the first one. There's the "www.endpointpolicymanager.com" icon, +"gpupdate" on that computer, let's go back to the first one. There's the "www.policypak.com" icon, but we don't get the www.GPanswers.com icon because that didn't match. If I go over to this one, we -get the "www.GPanswers.com" icon but not the www.endpointpolicymanager.com icon. +get the "www.GPanswers.com" icon but not the www.policypak.com icon. That's Group Policy Preferences item-level targeting in a nutshell. Hope that helps you out. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/archive/java.md b/docs/endpointpolicymanager/archive/java.md index 8154cfe6fd..d75a6968eb 100644 --- a/docs/endpointpolicymanager/archive/java.md +++ b/docs/endpointpolicymanager/archive/java.md @@ -9,7 +9,7 @@ sidebar_position: 140 Here is an update for Java 7 u 45. Learn how Netwrix Endpoint Policy Manager (formerly PolicyPak) can manage major settings in Java very quickly. - + ### PolicyPak: Manage Java 7 u 45 using Group Policy Video Transcript @@ -162,3 +162,5 @@ work, why, what's going on – the first place to get started is the community f them, and the answers we provide there will help everybody. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/archive/massdeploy.md b/docs/endpointpolicymanager/archive/massdeploy.md index 1c19481158..d836da513c 100644 --- a/docs/endpointpolicymanager/archive/massdeploy.md +++ b/docs/endpointpolicymanager/archive/massdeploy.md @@ -10,7 +10,7 @@ You have tested out Netwrix Endpoint Policy Manager (formerly PolicyPak) on one working great. Now you are ready to roll the client side extension (CSE) out to a numberof machines at once. Watch this video to see how easy this to implement. - + ### PolicyPak: Mass Deploy the PolicyPak CSE using GPSI Transcript @@ -132,3 +132,5 @@ happen to be using Group Policy to do this, but you can use if you have your own software to deploy any MSI you want and it works just like this. That's it. I hope this was helpful. Have fun installing PolicyPak and getting more secure. Thanks so much. + + diff --git a/docs/endpointpolicymanager/archive/modenuke.md b/docs/endpointpolicymanager/archive/modenuke.md index 80b4d53065..8bae6f7a13 100644 --- a/docs/endpointpolicymanager/archive/modenuke.md +++ b/docs/endpointpolicymanager/archive/modenuke.md @@ -11,7 +11,7 @@ managing applications themselves, the GPPrefs Registry extension doesn't go far video, you will learn about GPPreferences' **Nuke** mode, as well as what happens when the computer goes offline, and you expect settings to be maintained. - + ### GPPrefs Registry: Nuke mode, and why users can avoid your GPprefs settings video transcript @@ -216,3 +216,5 @@ for one of our webinars. (Click on "Webinar/Download.") After the webinar is ove download the bits and try it out for yourself and make sure it's right for you. With that in mind, thanks so very much for watching, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/archive/office2013.md b/docs/endpointpolicymanager/archive/office2013.md index 4178a9c739..cf6b3b0d68 100644 --- a/docs/endpointpolicymanager/archive/office2013.md +++ b/docs/endpointpolicymanager/archive/office2013.md @@ -12,7 +12,7 @@ they get the same experience, every time they launch it, especially for an ubiqu such as this. Keep your Microsoft Office 2013 configuration settings delivered, enforced and automatically remediated with Endpoint Policy Manager. Check out this video to see how it's done. - + ### Lockdown Microsoft Office Suite 2013 Video Transcript @@ -43,7 +43,7 @@ Center Settings" such as "Macro Settings." If you open up Microsoft Word and review my "Trust Center Settings" you'll see some more tabs that are important to this application as well such as "Protected View" and -[https://dev.endpointpolicymanager.com/company/privacy/](https://dev.endpointpolicymanager.com/company/privacy/) Options." +[https://policypak.com/company/privacy/](https://policypak.com/company/privacy/) Options." Let's go over to our "Task Monitoring," and we'll see that it's "In Progress" here. Let's go over to my target machine here, and we'll take a look at the Mirage client and it's doing its thing. This is @@ -67,7 +67,7 @@ PolicyPak. I'll go ahead and switch over to my Management Station computer. We'll go ahead and right click over our "East Sales Users", "Create a GPO" and we're going to call it -[https://dev.endpointpolicymanager.com/lockdown-recordings-portal/](https://dev.endpointpolicymanager.com/lockdown-recordings-portal/) +[https://policypak.com/lockdown-recordings-portal/](https://policypak.com/lockdown-recordings-portal/) Office 2013." So this GPO is now associated with the "East Sales Users." you'll right click over it. You'll click "Edit…" you'll dive down under "User Configuration," "PolicyPak/Applications/New/Application." There it is, "PolicyPak for Microsoft Outlook 2013" along @@ -130,7 +130,8 @@ And we are done. That is how incredibly easy it is for you to use PolicyPak to m 2013 suite as well as tons of other desktop applications. If you're looking for a trial of PolicyPak, just click on the -[https://dev.endpointpolicymanager.com/webinar/](https://dev.endpointpolicymanager.com/webinar/) button on the right. +[https://policypak.com/webinar/](https://policypak.com/webinar/) button on the right. Thanks so much for watching, and get in touch with us if you're looking to get started. Talk to you soon. + diff --git a/docs/endpointpolicymanager/archive/operanext.md b/docs/endpointpolicymanager/archive/operanext.md index 77a737a279..8c11ef92ac 100644 --- a/docs/endpointpolicymanager/archive/operanext.md +++ b/docs/endpointpolicymanager/archive/operanext.md @@ -9,7 +9,7 @@ sidebar_position: 90 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage Opera using Group Policy, SCCM or your own systems management utility. - + ### PolicyPak: Manage Opera Next using Group Policy, SCCM or your own management utility @@ -18,7 +18,7 @@ In this video, we're going to see how PolicyPak can manage Opera Next. There are two tracks to Opera. There's the standard track and then there's the Next track, and PolicyPak has -[https://www.endpointpolicymanager.com/support-sharing/preconfigured-paks.html](https://www.endpointpolicymanager.com/support-sharing/preconfigured-paks.html) +[https://www.policypak.com/support-sharing/preconfigured-paks.html](https://www.policypak.com/support-sharing/preconfigured-paks.html) for both tracks. It's really easy to manage. Let me show you what it would look like. As you can see, I'm logged on as a standard user. This guy is called "eastsalesuser6," no admin @@ -64,8 +64,9 @@ shouldn't do. The very next time the application runs, PolicyPak automatically r settings to ensure the experience is the same every time. That's it. if you're ready to get started using PolicyPak, just click on the -[https://dev.endpointpolicymanager.com/webinar/](https://dev.endpointpolicymanager.com/webinar/) button on the right, and +[https://policypak.com/webinar/](https://policypak.com/webinar/) button on the right, and we'll look forward to seeing you at a webinar and give you the chance to try PolicyPak out in your own test lab. Thanks so much, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/archive/overview.md b/docs/endpointpolicymanager/archive/overview.md index 51f720ca5e..08e18d1e51 100644 --- a/docs/endpointpolicymanager/archive/overview.md +++ b/docs/endpointpolicymanager/archive/overview.md @@ -37,3 +37,5 @@ of archived Knowledge Base articles and video topics. - [Endpoint Policy Manager and Symantec Workspace Streaming and Virtualization](/docs/endpointpolicymanager/archive/symantecworkspace.md) - [The CSE auto-updater feature appears to not be working. What can I do?](/docs/endpointpolicymanager/archive/autoupdater.md) - [Group Policy Preferences: Item Level Targeting](/docs/endpointpolicymanager/archive/itemleveltartgeting.md) + + diff --git a/docs/endpointpolicymanager/archive/parcctesting.md b/docs/endpointpolicymanager/archive/parcctesting.md index 889a776f4a..e027933a4b 100644 --- a/docs/endpointpolicymanager/archive/parcctesting.md +++ b/docs/endpointpolicymanager/archive/parcctesting.md @@ -9,7 +9,7 @@ sidebar_position: 110 PARCC testing is very important. Make it go very smoothly for your students and teacherby implementing our preconfigured PARCC settings, as seen in this video. - + ### PolicyPak Configure PARCC Testing Configuration Stations using PolicyPak to prevent pop ups @@ -69,3 +69,5 @@ It will straightaway open the full-screen Java-enabled content website. Actually time to load up all the content from Java. Now you can see that it opened that website successfully. I hope it helps. Thank you. + + diff --git a/docs/endpointpolicymanager/archive/preferencesexporter.md b/docs/endpointpolicymanager/archive/preferencesexporter.md index 69762143dc..e2f3aa0ff7 100644 --- a/docs/endpointpolicymanager/archive/preferencesexporter.md +++ b/docs/endpointpolicymanager/archive/preferencesexporter.md @@ -9,7 +9,7 @@ sidebar_position: 170 Use Microsoft Group Policy Preferences without using Group Policy. You can use SCCM, Windows Intune, KACE, or your own systems management software, and get your machines GPPreferecnes items. - + ### PolicyPak Preferences with PolicyPak Exporter @@ -19,7 +19,7 @@ Group Policy mechanism to get them delivered by using PolicyPak Preferences – free utility, the PolicyPak Exporter. To get started, you want to have a couple of Group Policy Preference items. Here's one that puts a -shortcut called "www.endpointpolicymanager.com" on the desktop, another one that puts "www.GPanswers.com" on the +shortcut called "www.policypak.com" on the desktop, another one that puts "www.GPanswers.com" on the desktop. You're welcome to use "Item-level targeting." We have another video for that that says when a particular item will apply under what conditions. @@ -41,7 +41,7 @@ Files." I've got another folder here. Here we go: "GPPrefs Items." Here are the ones that we just did. You can just add them right in just like that. This utility, the PolicyPak Exporter, works for our -[https://dev.endpointpolicymanager.com/products/](https://dev.endpointpolicymanager.com/products/) – PolicyPak Preferences +[https://policypak.com/products/](https://policypak.com/products/) – PolicyPak Preferences that deals with Group Policy Preferences and also PolicyPak Application Manager that deals with things like Java, Flash, Firefox and so on. You can do things like "Never check for updates" and so on. @@ -94,5 +94,6 @@ or our own little targeting feature which lets you specify everyone on the "Comp That's it for this utility. I hope that helps you out. -[https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/](https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/) +[https://policypak.com/resources/thank-you-whitepapers/](https://policypak.com/resources/thank-you-whitepapers/) so much, and talk to you soon. + diff --git a/docs/endpointpolicymanager/archive/symantecworkspace.md b/docs/endpointpolicymanager/archive/symantecworkspace.md index 22ce4d23df..af962fceaf 100644 --- a/docs/endpointpolicymanager/archive/symantecworkspace.md +++ b/docs/endpointpolicymanager/archive/symantecworkspace.md @@ -16,7 +16,7 @@ is, unless you have Netwrix Endpoint Policy Manager (formerly PolicyPak). You will be managing your SWV applications settings dynamically using Group Policy, Altiris or SCCM — quickly and easily. - + ### Manage Symantec Workspace Streaming and Virtualization with Group Policy @@ -111,7 +111,7 @@ these settings afterward and also optionally lock it down. That's what PolicyPak If we go back to our Group Policy Object here, we can go to "New Application" and we'll pick "PolicyPak for Mozilla Firefox" here. We'll go ahead and double click it, and we'll set the "Home -Page" – notice again that our Pak looks pretty much exactly like the app – "www.endpointpolicymanager.com." +Page" – notice again that our Pak looks pretty much exactly like the app – "www.policypak.com." While we're here, for "Security" we will check all of these checkboxes and really ensure that those settings are going to be dynamically delivered. @@ -122,7 +122,7 @@ show you how to do that. Alright, now that that's done, I'll go ahead and close that out. Let's go ahead and run "Mozilla Firefox" and see if our settings were set dynamically using PolicyPak. We'll go to "Firefox/Options." There we go. The "Security" tab shows that all three settings were set, and the -"General" tab shows that "www.endpointpolicymanager.com" is the now "Home Page." +"General" tab shows that "www.policypak.com" is the now "Home Page." If they change this to "www.oops.com" and they do something they shouldn't do, click "OK" and click close, well the next time Firefox is run, whether or not they're online or offline, those settings @@ -140,3 +140,5 @@ Virtualization. If you're looking to get a trial or an eval copy of PolicyPak, c webinars and as soon as we see you there we'll hand over the bits. Thanks so much, and I'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/archive/tattooing.md b/docs/endpointpolicymanager/archive/tattooing.md index 2ae81f6fb6..651ff4e83a 100644 --- a/docs/endpointpolicymanager/archive/tattooing.md +++ b/docs/endpointpolicymanager/archive/tattooing.md @@ -10,7 +10,7 @@ Tattooing the registry means that settings are left behind when they no longe Learn where ADM and ADMX files may cause you problems, and how Netwrix Endpoint Policy Manager (formerly PolicyPak), a third-party solution, can help provide solutions. - + ### Group Policy: Understanding ADM-ADMX files Tattooing (and what to do about it) Video Transcript @@ -141,3 +141,5 @@ I hope this was helpful for you. PolicyPak has a free download after watching th hope we'll see you over there for that. Thanks so much. Take care. + + diff --git a/docs/endpointpolicymanager/archive/upgrading.md b/docs/endpointpolicymanager/archive/upgrading.md index 9b87c58824..e67d0d2e9b 100644 --- a/docs/endpointpolicymanager/archive/upgrading.md +++ b/docs/endpointpolicymanager/archive/upgrading.md @@ -10,7 +10,7 @@ Here is how to take any version of Netwrix Endpoint Policy Manager (formerly Pol update it on all your client computers at the same time. You can use the built-in Group Policy software distribution mechanism of Group Policy. - + ### PolicyPak: Upgrading the CSE using GPSI Transcript @@ -122,3 +122,5 @@ to 9005, that's OK too. The same principles apply if you want to use Group Polic Installation. Hope this has been helpful. Thanks so much, and we'll talk. + + diff --git a/docs/endpointpolicymanager/archive/vmware.md b/docs/endpointpolicymanager/archive/vmware.md index df51e465a2..553f2668d7 100644 --- a/docs/endpointpolicymanager/archive/vmware.md +++ b/docs/endpointpolicymanager/archive/vmware.md @@ -9,7 +9,7 @@ sidebar_position: 120 You can specify any particular VM’s hardware and options settings plus lock down the user interface. Here’s how to do it. - + ### VmWare Workstation hardware @@ -59,3 +59,5 @@ the “Options” tab, “Shared Folders” is now delivered and it is grayed ou I hope it helps. If you have any questions, you can put those questions on our support forum or you can open a support ticket here https://www.netwrix.com/sign_in.html?rf=tickets.html#/open-a-ticket. Thanks. + + diff --git a/docs/endpointpolicymanager/archive/vmwarefilesettings.md b/docs/endpointpolicymanager/archive/vmwarefilesettings.md index c7af1664a3..91ea1e1cbb 100644 --- a/docs/endpointpolicymanager/archive/vmwarefilesettings.md +++ b/docs/endpointpolicymanager/archive/vmwarefilesettings.md @@ -9,7 +9,7 @@ sidebar_position: 130 In this video learn how to use the PP DesignStudio to specify a specific VMware VMX file and then deliver settings and lock down the settings so users cannot work around them. - + ### Lockdown VMware workstation @@ -75,3 +75,5 @@ is also disabled. If you have any questions, please open a support ticket https://www.netwrix.com/sign_in.html?rf=tickets.html#/open-a-ticket + + diff --git a/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md b/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md index c759f430bc..5e301c7aba 100644 --- a/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md +++ b/docs/endpointpolicymanager/archive/vmwarehorizonmirage.md @@ -12,7 +12,7 @@ PolicyPak) with VMware Horizon Mirage, you will see instant results. When you im your desktops, Endpoint Policy Manager can manage that layer. Check out this video to see exactly how it is done: - + ### PolicyPak and VMware Horizon Mirage Video Transcript @@ -48,11 +48,11 @@ Desktops") we will "Manage Firefox via PolicyPak." Now again, the applications d because we haven't gotten them there using Mirage. On the computer side, under "PolicyPak/Applications/New/Application" we'll pick -[https://www.endpointpolicymanager.com/products/manage-mozilla-firefox-with-group-policy.html](https://www.endpointpolicymanager.com/products/manage-mozilla-firefox-with-group-policy.html) +[https://www.policypak.com/products/manage-mozilla-firefox-with-group-policy.html](https://www.policypak.com/products/manage-mozilla-firefox-with-group-policy.html) Now remember, PolicyPak isn't delivering the application. That's what Mirage is going to do. PolicyPak is going to deliver and enforce the application's settings. -If we pick "www.vmware.com" as the [https://dev.endpointpolicymanager.com/](https://dev.endpointpolicymanager.com/) we can +If we pick "www.vmware.com" as the [https://policypak.com/](https://policypak.com/) we can also right click and "Lockdown this setting using the system-wide config file" so now the users can't work around it. Under "Security," we'll make sure that these checkboxes are always checked and also "Lockdown this setting using the system-wide config file." I'll go ahead and lockdown two out @@ -102,3 +102,4 @@ together story with PolicyPak and VMWare Horizon Mirage. If you have any questions or want to get started with your trial of PolicyPak, we're here for you. Thanks so very much, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/archive/vmwaresupplements.md b/docs/endpointpolicymanager/archive/vmwaresupplements.md index 512ad56f68..b3ea16146b 100644 --- a/docs/endpointpolicymanager/archive/vmwaresupplements.md +++ b/docs/endpointpolicymanager/archive/vmwaresupplements.md @@ -11,7 +11,7 @@ now: how are you able to guarantee key application and operating system settings you prevent users from messing up their apps? How can you ensure users will not work around your important security and operating system settings? Watch this video to find out. - + ### PolicyPak supplements VMware View Video Transcript @@ -81,7 +81,7 @@ me, the administrator, to my management station. That's this guy right here. As I'm logging on here, what we're going to do right away – and you might have seen me do this in some of my other videos for PolicyPak–is we're going to take the "PreConfigured PolicyPaks," which -are downloadable when you trial endpointpolicymanager.com. You can see we've got a whole army of Paks that are +are downloadable when you trial policypak.com. You can see we've got a whole army of Paks that are available to you. For these examples, we're only going to pick two or three. We've got "Acrobat Reader X" that we want @@ -153,7 +153,7 @@ There we go, one down and two to go. Let's go ahead and let's do another one. Ba console here, we'll go to "PolicyPak/Applications/New/Application."We'll go ahead and pick "PolicyPak for Mozilla Firefox" here. We'll go ahead and click on "Mozilla Firefox" here. -Let's click on some important things, like maybe the "Home Page." We'll go to "www.endpointpolicymanager.com." I +Let's click on some important things, like maybe the "Home Page." We'll go to "www.policypak.com." I mean, there are a lot of settings here, a lot of security things for you to set for your company. I just want to prove a point that it works perfectly inside of VMware View. I'll go ahead and click "OK" here and show you what it looks like on the client. @@ -165,7 +165,7 @@ just take effect naturally. But we're just going ahead and accelerating the hand GPUpdate. You could log off and log back on, get a new VDI machine, anything like that. Let's go ahead and run "Mozilla Firefox" and see what happens. There we go, perfectly. It connected -to "www.endpointpolicymanager.com." I didn't even let it finish. Maybe I should, just to prove a point. There we +to "www.policypak.com." I didn't even let it finish. Maybe I should, just to prove a point. There we go, so we set it. If I wanted to, I want to also show you that if a user decides they want to go to the "Options" and change the "Home Page" to something else like "www.GPanswers.com" and they click "OK," let's see what happens the very next time Firefox is run. @@ -212,3 +212,5 @@ PolicyPak software. Click on the big old "Download" button on the right or make a call. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/archive/xenapp.md b/docs/endpointpolicymanager/archive/xenapp.md index b451af1ec6..48603380a4 100644 --- a/docs/endpointpolicymanager/archive/xenapp.md +++ b/docs/endpointpolicymanager/archive/xenapp.md @@ -12,7 +12,7 @@ demonstration, see how Netwrix Endpoint Policy Manager (formerly PolicyPak) enab environments to truly receive Group Policy settings for any Xenapp application, plus lock those applications down so users cannot work around your important IT and security settings. - + ### PolicyPak enhances XenApp with Group Policy video transcript @@ -73,7 +73,7 @@ application."We'll make it hard for them to work around our settings. Also while we're here, we'll go to "PolicyPak/Applications/New/Application"and we'll go to "PolicyPak for Mozilla Firefox."Like I said, what we want to do here is we want to for the "Home -Page" we'll do this "www.endpointpolicymanager.com." +Page" we'll do this "www.policypak.com." Then while we're here, we'll also go to "Security." Well, remember, that user unchecked those checkboxes. Let's make sure that those checkboxes, those important security things, are in fact @@ -127,3 +127,5 @@ I hope you had fun watching this demonstration of PolicyPak and XenApp. If you h we're happy to help. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/_category_.json b/docs/endpointpolicymanager/components/_category_.json index 1de6c0c8b1..2793e44931 100644 --- a/docs/endpointpolicymanager/components/_category_.json +++ b/docs/endpointpolicymanager/components/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/_category_.json index ef4813a2ed..d5c073ca46 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/_category_.json @@ -3,4 +3,4 @@ "position": 1, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/_category_.json index d92c78eb54..63873d39b4 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/_category_.json index 8e4e1c948b..3b59e86c62 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/_category_.json @@ -3,4 +3,4 @@ "position": 15, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/disableofficeelements.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/disableofficeelements.md index 99c4d9b264..3d6a9e9bc6 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/disableofficeelements.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/disableofficeelements.md @@ -50,3 +50,5 @@ Use Item Level Targeting filter to control the scope of this setting. **Step 4 –** Click **OK** to save the changes made. The command bar buttons and menu items are now disabled. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/settings.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/settings.md index 546505a5d0..1c318c0ea4 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/settings.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestips/settings.md @@ -29,3 +29,5 @@ The Administrative Templates for the Computer Configuration settings contains th - Desktop - Network - System + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/_category_.json index 9399cd47ca..56d455706d 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/missingcollections.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/missingcollections.md index f298a0fce2..0c658d20ef 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/missingcollections.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/missingcollections.md @@ -14,3 +14,5 @@ Policy Manager (formerly PolicyPak) on Windows 7. If your Admin Station is Windows 8 and later, ensure you have .Net Framework 4.0 or higher specifically installed on your management station. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/namespacealreadydefined.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/namespacealreadydefined.md index 7c5ea86a5b..327cfb60e6 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/namespacealreadydefined.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/namespacealreadydefined.md @@ -13,3 +13,5 @@ There are two articles you can read to fix the problem permanently: 1. [https://support.microsoft.com/en-us/help/3077013/-microsoft-policies-sensors-windowslocationprovider-is-already-defined](https://support.microsoft.com/en-us/help/3077013/-microsoft-policies-sensors-windowslocationprovider-is-already-defined) And 2. [https://jorgequestforknowledge.wordpress.com/2016/10/13/namespace-already-defined-as-the-target-namespace-for-another-file-in-the-policy-store/](https://jorgequestforknowledge.wordpress.com/2016/10/13/namespace-already-defined-as-the-target-namespace-for-another-file-in-the-policy-store/) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/policyduplicates.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/policyduplicates.md index 6f59ee26ef..5efb96289a 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/policyduplicates.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/policyduplicates.md @@ -21,3 +21,5 @@ article on that: [https://support.microsoft.com/en-us/help/3077013/-microsoft-policies-sensors-windowslocationprovider-is-already-defined](https://support.microsoft.com/en-us/help/3077013/-microsoft-policies-sensors-windowslocationprovider-is-already-defined) ![733_1_gfhjghj](/images/endpointpolicymanager/troubleshooting/error/admintemplates/733_1_gfhjghj.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/settingsreport.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/settingsreport.md index 18f5c8aed3..c7ef9ec62f 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/settingsreport.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/settingsreport.md @@ -20,3 +20,5 @@ Admin Console MSI 753 you need to open and save each collection and policy. After that, reporting is written as seen here. (An example of a Policy in a Collection.) ![494_2_image0041](/images/endpointpolicymanager/troubleshooting/administrativetemplates/494_2_image0041.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/versions.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/versions.md index d2267713ea..7a1f595973 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/versions.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/versions.md @@ -10,3 +10,5 @@ The least supported combination for Netwrix Endpoint Policy Manager (formerly Po Templates Manager MSI Console (MMC snap-in) 753 and CSE of 747. Whenever possible, please upgrade both the MMC and CSE to latest shipping version! + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/windowsprintspooler.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/windowsprintspooler.md index a266bd7627..5dd33ab122 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/windowsprintspooler.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/admintemplatestroubleshooting/windowsprintspooler.md @@ -35,3 +35,5 @@ More information can be found at the links below: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527) [https://support.microsoft.com/en-us/topic/kb5005010-restricting-installation-of-new-printer-drivers-after-applying-the-july-6-2021-updates-31b91c02-05bc-4ada-a7ea-183b129578a7](https://support.microsoft.com/en-us/topic/kb5005010-restricting-installation-of-new-printer-drivers-after-applying-the-july-6-2021-updates-31b91c02-05bc-4ada-a7ea-183b129578a7) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/_category_.json index b07da35aeb..4160018956 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/componentlicense.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/componentlicense.md index 54f5392a7c..0d479c5942 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/componentlicense.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/componentlicense.md @@ -32,3 +32,5 @@ license affecting only a small number of machines at a time. If you do encounter a problem, simply remove the PPPrefs license and any GP + PP + Preferences and the issues should go away. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/domainjoined.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/domainjoined.md index 681a08aadd..0fae77c2bb 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/domainjoined.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/domainjoined.md @@ -23,3 +23,5 @@ To that end, here is the documentation to un-license a single component, like En Manager Preferences: If you're an on-Prem cloud or MDM customer. [What if I want to unlicense specific components via ADMX or Endpoint Policy Manager Cloud?](/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentscloud.md) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/drivemappings.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/drivemappings.md index 7d5010fe7c..f2be876586 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/drivemappings.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/drivemappings.md @@ -64,3 +64,5 @@ as a guide. the policy, to verify that they get the drive mapping. ![106_9_img-9](/images/endpointpolicymanager/preferences/106_9_img-9.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/passwords.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/passwords.md index da3a1faf19..c79b211fcc 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/passwords.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/passwords.md @@ -75,3 +75,5 @@ Cloud. In domain-joined scenarios that component is automatically disabled until See [Why is Endpoint Policy Manager Preferences (original version) "forced disabled" by default?](/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/forceddisabled.md) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/printerdeploy.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/printerdeploy.md index 06bbb94557..ec90e39233 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/printerdeploy.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/printerdeploy.md @@ -29,3 +29,5 @@ and click on Common to expand the section and check the box next to Run in logge context (user policy option) before clicking **Ok** to save. ![191_3_pppref-faq4-img3](/images/endpointpolicymanager/preferences/191_3_pppref-faq4-img3.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/settings.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/settings.md index bf2f2e454c..08d279d4c8 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/settings.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/settings.md @@ -12,3 +12,5 @@ the Group Policy Preferences, with more than twenty configurable options. ![626_1_pppm-gpme-user_299x531](/images/endpointpolicymanager/preferences/626_1_pppm-gpme-user_299x531.webp) ![626_2_pppm-gpme-comp_297x472](/images/endpointpolicymanager/preferences/626_2_pppm-gpme-comp_297x472.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/startservice.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/startservice.md index bd76fae1d7..d16a0f14d8 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/startservice.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicypreferences/startservice.md @@ -30,3 +30,5 @@ click **OK**. **Step 7 –** Now apply the GPO to the Computer OU where the computers live and where you want this setting, and the next time `GPUPDATE` runs the service will be enabled. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/_category_.json index b533449c9d..872b3ea983 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/delivercertificates.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/delivercertificates.md index 3983fba45b..2d810a7c78 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/delivercertificates.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/delivercertificates.md @@ -33,3 +33,5 @@ MDM. Inside the exported XML you can see the certificate embedded like this and ready for use. ![663_2_q10-img-2](/images/endpointpolicymanager/cloud/security/580_2_q10-img-2.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/onpremisecloud.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/onpremisecloud.md index d34821c691..cd3e3102a8 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/onpremisecloud.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/onpremisecloud.md @@ -45,3 +45,5 @@ On-Premises Group Policy, the policies will continuously replace each other ever We recommend you choose only one method, and set Security Settings policies in either PPC or On-Premises Group Policy, not in both. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/securitysettings.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/securitysettings.md index b731b7e11a..659c110cdd 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/securitysettings.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/securitysettings.md @@ -27,3 +27,5 @@ with the cloud or MDM service, as seen here. ![617_4_ppsec-kb-01-img-04](/images/endpointpolicymanager/troubleshooting/gpoexport/617_4_ppsec-kb-01-img-04.webp) You'll be managing your Windows Security Settings through the cloud or MDM service in no time! + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/_category_.json index e5ba55b0cf..111cd519d5 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/securitysettings.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/securitysettings.md index d35b7602a5..433a0cd064 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/securitysettings.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/securitysettings.md @@ -38,3 +38,5 @@ Manager: - Wired Network (IEEE 802.3) Policies - Wireless Network (IEEE 802.11) Policies - Advanced Audit Policies + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/usercontext.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/usercontext.md index 4ed4fbf390..ca09850635 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/usercontext.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/gpoexportmanager/usercontext.md @@ -61,3 +61,5 @@ If you fail to change the context from System to User and attempt to map a print following in the Group Policy Preferences Trace logs, which show the Access Denied details. ![403_5_hfkb-1131-img-05_950x612](/images/endpointpolicymanager/gpoexport/403_5_hfkb-1131-img-05_950x612.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/knowledgebase.md index a95d171960..b5fb96ad3a 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/knowledgebase.md @@ -43,3 +43,5 @@ See the following Knowledge Base articles for GPO Export Merge, Admin Templates - [Can I use Endpoint Policy Manager Cloud to deliver certificates ?](/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/delivercertificates.md) - [Why Won't my Windows Security Settings Export using GPO Export Manager](/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/securitysettings.md) - [Why do I sometimes see Endpoint Policy Manager Cloud security settings and sometimes see on-prem GPO security settings?](/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/onpremisecloud.md) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/_category_.json index 20ca7992c8..0c5b98a0c0 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/comments.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/comments.md index e49f7b2458..3c10ec3c39 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/comments.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/comments.md @@ -11,3 +11,5 @@ must open and edit the setting and then add the comment. The comments can be see within the GPO. ![about_policypak_admin_templates_20](/images/endpointpolicymanager/adminstrativetemplates/about_endpointpolicymanager_admin_templates_20.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/existinggpos.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/existinggpos.md index cfa33a981f..c615555051 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/existinggpos.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/existinggpos.md @@ -35,3 +35,5 @@ seen below. Currently, the Endpoint Policy Manager **Group Policy Merge Tool** can only migrate GPOs containing ADM/ADMX (REG.POL) items. In the future, more formats will be available for other scenarios. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/export.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/export.md index 86477bab13..717fc5bc18 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/export.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/export.md @@ -20,3 +20,5 @@ Endpoint Policy Manager Exporter and Microsoft Endpoint Manager (SCCM and Intune topic for additional information. ::: + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/_category_.json index 4bfbb9aed7..5e4a4440cf 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/collection.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/collection.md index fb18aca754..67af84fb23 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/collection.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/collection.md @@ -41,3 +41,5 @@ Next, we'll ensure that only the East Sales Users get these policy settings whil Targeting. See the [Using Item-Level Targeting with Collections and Policies](/docs/endpointpolicymanager/components/admintemplatesmanager/manual/itemleveltargeting.md) topic for additional information on the next steps. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/computerside.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/computerside.md index 4a8124d551..dec3a18f94 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/computerside.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/computerside.md @@ -26,3 +26,5 @@ This feature allows you to avoid the complex process of Group Policy Loopback pr the sake of delivering one (or more) user-side settings to a series of computers. Alternatively, you may change the Scope Filter and elect to show User Policy only, Computer Policy only, or All Policy (both user and computer). + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/overview.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/overview.md index bc936986ad..40bcc9a70c 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/overview.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/overview.md @@ -11,3 +11,5 @@ node. The Endpoint Policy Manager Admin Templates Manager allows you to create a collection. ![about_policypak_admin_templates_2](/images/endpointpolicymanager/adminstrativetemplates/gettoknow/about_endpointpolicymanager_admin_templates_2.webp) + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/userside.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/userside.md index be93e3a278..254c05b366 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/userside.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/gettoknow/userside.md @@ -29,3 +29,5 @@ Similarities between the two windows include the same options (**Not Configured* **Disabled**) and sub-options, like the **Comment** field, the **Supported on** field (read-only), and the **Help** text box. The only difference is the Item-Level Targeting button, which is found on the bottom left. We will cover this in detail later. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/itemleveltargeting.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/itemleveltargeting.md index 9044ab01a4..de1186d66d 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/itemleveltargeting.md @@ -78,3 +78,5 @@ Click the **Item-Level Targeting** button within any policy setting to open that Item-Level Targeting editor. ::: + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/overview.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/overview.md index 1a0d3135a2..101b113c94 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/overview.md @@ -91,3 +91,5 @@ Endpoint Policy Manager Admin Templates Manager has the following components: Manager Admin Templates Manager and our other products XML files and wrap them into a portable MSI file for deployment using Microsoft Endpoint Manager (SCCM and Intune) or your own systems-management software. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/priority.md b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/priority.md index 71037434ef..309d98a481 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/manual/priority.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/manual/priority.md @@ -39,3 +39,5 @@ This is the same way Group Policy Preferences performs ordering as well. To change the priority of a particular AppSet, click on it and select ether **Raise Priority**, **Lower Priority**, **Maximum Priority**, or **Minimum Priority**. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/_category_.json index cb657b91c6..c96de79669 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/_category_.json index 744825ce5e..6d6789c96a 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/collections.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/collections.md index db6d6d1356..4973a97b9a 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/collections.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/collections.md @@ -10,7 +10,7 @@ consolidate them into something more manageable? Your dreams have come true--Net Manager (formerly PolicyPak)'s Admin Templates Manager allows you to do exactly that, with the power of Item Level Targeting. - + Hi, this is Whitney with Endpoint Policy Manager Software. Have you ever looked at your list of GPOs and been driven to despair by the sheer number of them? Don't you wish you could somehow consolidate @@ -91,3 +91,5 @@ same GPO. Again, with item level targeting, you can choose any of a number of di use OU in this video, and we saw it all working, and the best part is you can do all of this with every ADMX file you have. If this superpower blows you away too, then sign up for our webinar, and then we'll get you started on your free 30-day trial as soon as possible. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/switchedpolicies.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/switchedpolicies.md index 2b1c70b697..91b2b214b5 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/switchedpolicies.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmanager/switchedpolicies.md @@ -7,7 +7,7 @@ sidebar_position: 20 Deliver user side settings on the computer side, but get rid of Loopback! - + Hi, this is Whitney with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software. In this video, I'm going to show you how you can get out of the dirty, dirty business of using group policy @@ -62,3 +62,5 @@ There you have it, the ability to drive user side settings into the computer sid controlled way avoiding loopback altogether an keeping your sanity intact. If this super power blows you away, too, sign up for our webinar and we'll get you started on your 30-day free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/_category_.json index edebcbbf07..61427154f2 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/deployinternet.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/deployinternet.md index 1646782517..2e825ae2c0 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/deployinternet.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/deployinternet.md @@ -8,7 +8,7 @@ sidebar_position: 20 Want to perform real Group Policy settings over the Internet? Check out Netwrix Endpoint Policy Manager (formerly PolicyPak) cloud (and watch this video.) - + Hi, this is Whitney with Endpoint Policy Manager software Are you working with a situation where you've got roaming computers, people working from home, domain-joined or even nondomain-joined @@ -86,3 +86,5 @@ There you have it. we got real ADMX group policy over to your cloud-joined machi level targeting to deliver the right settings to the right machines at the right time If that's of interest to you, please get signed up for our webinar and we'll hand over the software and get you started on your free 30-day trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/reducegpos.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/reducegpos.md index 38a310d382..dea8838426 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/reducegpos.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/reducegpos.md @@ -10,7 +10,7 @@ PolicyPak)'s PP Merge Utility to take entire GPOs, or portions of GPOs and merge Templates Files format. Then, after that you've got LESS GPOs.. and also a quick way to export for use with PP Cloud or PP with MDM. - + ### Endpoint Policy Manager: Reduce GPOs (and/or export them for use with Endpoint Policy Manager Cloud or with MDM) @@ -138,3 +138,5 @@ Objects you have. A lot of people asked us for this, and this is the way that yo hope this helps you out and gets you started. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/_category_.json index d2c6acc00e..9500c4bccf 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/screensavers.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/screensavers.md index c69ea9c7cf..c294d4bd3a 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/screensavers.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatestips/screensavers.md @@ -9,7 +9,7 @@ Let me guess: You have MOST machines that you want to get standard screensaver s machines where you want to BYPASS getting the screensaver. This video will blow your mind. Only with Netwrix Endpoint Policy Manager (formerly PolicyPak) ! - + ### Endpoint Policy Manager: The Ultimate Guide to Managing Screensavers @@ -191,3 +191,5 @@ If you're just getting started with Endpoint Policy Manager and you want to try buzz and we will get you the bits and you can try it out yourself. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/_category_.json index b0521487df..3e50f23fd1 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/cloudlocaluser.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/cloudlocaluser.md index 95cac1d7f7..38f234d9dd 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/cloudlocaluser.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/cloudlocaluser.md @@ -8,7 +8,7 @@ sidebar_position: 20 Need to make a new Local User on your endpoints? It's easy with Netwrix Endpoint Policy Manager (formerly PolicyPak) cloud. - + ### PolicyPak Cloud Use PP Cloud to create a new local user on your endpoints @@ -51,3 +51,5 @@ versions of the GPMC, you can downgrade to an older version of the GPMC to do th Again, normally I wouldn't recommend you do this in Active Directory but because you're making a temp policy and uploaded it into PolicyPak Cloud, this is generally reasonably safe. Hope this helps you out and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/delivergpprefs.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/delivergpprefs.md index e2bf582bd0..ec4dabfb32 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/delivergpprefs.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/delivergpprefs.md @@ -9,7 +9,7 @@ Not every GPPrefs item can be used on the Computer side. In this demonstration l Printers, Drive Maps and Internet settings… and deploy them to an OU of computers… regardless of where the user resides. - + ### GPprefs without loopback @@ -20,7 +20,7 @@ only normally apply on the user side to any computer you want. This is kind of an advanced under-the-hood technique, but you're an advanced under-the-hood technique kind of guy, so I'm going to show you how this works. Basically, we're going to do some magic with Group Policy Preferences without -[https://www.endpointpolicymanager.com/pp-blog/group-policy-loopback](https://www.endpointpolicymanager.com/pp-blog/group-policy-loopback), +[https://www.policypak.com/pp-blog/group-policy-loopback](https://www.policypak.com/pp-blog/group-policy-loopback), but it does require that you're licensed for the PolicyPak On-Prem Suite or the PolicyPak Cloud Suite. @@ -82,3 +82,5 @@ of the three. Okay, thanks so very much, and I hope this helps you out. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/_category_.json index b017b7de8c..3e7a272d95 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/cloudimport.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/cloudimport.md index 2d702eb082..86fe26e031 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/cloudimport.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/cloudimport.md @@ -10,7 +10,7 @@ Policy Manager (formerly PolicyPak) Cloud. As a bonus, you can also continue to within Endpoint Policy Manager Cloud AFTER you've uploaded them. If you want to say goodbye to on-prem GPOs and use our Endpoint Policy Manager. - + In a previous video, we exported the three kinds of Group Policy Settings that you wanted to use for Endpoint Policy Manager Cloud, and we've got them here just hanging out in exported form. It's super @@ -63,3 +63,5 @@ Cloud and continue to keep them updated or edited in Endpoint Policy Manager Clo back to the Group Policy Editor for most things. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Cloud and Endpoint Policy Manager Exporter real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mdm.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mdm.md index 92941da6ca..bb152b8511 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mdm.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mdm.md @@ -9,7 +9,7 @@ After you use Netwrix Endpoint Policy Manager (formerly PolicyPak) Export Manage GPOs, you need to get them to be deployed with your MDM service like Intune or Workspace ONE. Here's how to do that. - + In a previous video, we took our existing Microsoft Group Policy settings and exported them, security settings, admin templates, and Group Policy preferences items, and we've got them as XMLs. @@ -59,3 +59,5 @@ video, wrap those guys up into a little MSI file, and then use your MDM service VMware Workspace ONE and get it deployed to your endpoints. It couldn't be any easier to take your existing group policy settings and export them for use with your MDM service. Thanks very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mergetool.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mergetool.md index 4576cfc5bb..11c17ae186 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mergetool.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/mergetool.md @@ -9,4 +9,6 @@ This shows how to take Netwrix Endpoint Policy Manager (formerly PolicyPak) Sett them out back into Microsoft settings for computers without the Endpoint Policy Manager CSE installed. - + + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/realgposettings.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/realgposettings.md index db992668dd..d9a0813c6d 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/realgposettings.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/realgposettings.md @@ -9,7 +9,7 @@ You've got GPOs, but you want to get them to work with Netwrix Endpoint Policy M PolicyPak) cloud or your own MDM service. Here's how to take real GPOs and get them working with whatever you already have. - + Hi, this is Jeremy Moskowitz, and in this demonstration, I'm going to show you how you can take your existing Group Policy settings with Microsoft and export them for use with Endpoint Policy Manager @@ -58,3 +58,5 @@ Endpoint Policy Manager Cloud or Endpoint Policy Manager MDM. In the next few vi to take these exported settings, wrap them up, and get them deployed using your tool of choice. Hope this video helps this out. Looking forward to having you watch one of the other videos on this page and continuing your journey. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/sccm.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/sccm.md index dd3601ea86..ab1712f965 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/sccm.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportingtocloud/sccm.md @@ -8,7 +8,7 @@ sidebar_position: 40 If you want to deploy real Microsoft GPO settings via SCCM this is how to do it. Export with Netwrix Endpoint Policy Manager (formerly PolicyPak) Export manager then wrap up and deploy using SCCM. - + In a previous video, you saw me export my real Microsoft group policy settings and export them to XMLs. Now we're going to wrap them up and use it with our SCCM service. How do we do that? Well, @@ -48,3 +48,5 @@ Manager land, export them with the exporter, drop them into XMLs, wrap them up a the know-how you already have with SCCM to get those deployed over using SCCM. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Exporter real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/_category_.json index 58c06c0976..5419e544c5 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateprinter.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateprinter.md index f930fcd7e9..395100ee7d 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateprinter.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateprinter.md @@ -11,4 +11,6 @@ them into fewer or even ONE GPO. In this demonstration, you'll see how to consol PREFERENCES items for FEWER GPOs, plus convert them into an MSI for later deployment for use with an MDM service like Intune. Magic provided ... only from Endpoint Policy Manager ! - + + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateregistry.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateregistry.md index 49802d0a71..24df7ead39 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateregistry.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/consolidateregistry.md @@ -7,4 +7,6 @@ sidebar_position: 30 Consolidate your existing GPPrefs Registry Items. - + + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/drivemaps.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/drivemaps.md index 45ece14e02..f3116ab126 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/drivemaps.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/drivemaps.md @@ -8,4 +8,6 @@ sidebar_position: 20 Got too many GPOs with Too Many Drive Maps? Use Netwrix Endpoint Policy Manager (formerly PolicyPak) to compress those settings, have less GPOs and faster logins. - + + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/shortcuts.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/shortcuts.md index d07be3677d..b3ab188839 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/shortcuts.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/gettingstarted/shortcuts.md @@ -5,4 +5,6 @@ sidebar_position: 40 --- # Endpoint Policy Manager Preferences: Shortcuts (Consolidate GPOs and also deploy them via PP Cloud and your MDM service) - + + + diff --git a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/videolearningcenter.md index 578719c10c..66003501be 100644 --- a/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/videolearningcenter.md @@ -41,3 +41,5 @@ See the following Video topics for GPO Export Merge, Admin Templates, and Prefe - [Deliver GPPrefs items without using loopback mode](/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/delivergpprefs.md) - [Endpoint Policy Manager Cloud: Use PP Cloud to create a new local user on your endpoints](/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/exportinggrouppolicy/cloudlocaluser.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/_category_.json index 42f1360d98..8945305644 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/_category_.json @@ -3,4 +3,4 @@ "position": 2, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/_category_.json index 20ca7992c8..0c5b98a0c0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/_category_.json index b864a4a990..1fd0685e73 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/advancednotes.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/advancednotes.md index 1616c9b740..f94d91de07 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/advancednotes.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/advancednotes.md @@ -37,3 +37,6 @@ ALL policies (User, Switched, and Computer) and create three logs: `ppUser_onLog `ppSwitched_onLogon.log`, and `ppComputer_onLogon.log`. This step helps us to ensure that we process XML data policies even if there are no GPO-based policies linked to a computer. It also ensures that Switched mode policies are processed after User mode policies and, hence, overrides them. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/client.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/client.md index 9a2e10995b..98350d7eed 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/client.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/client.md @@ -44,8 +44,11 @@ Table 2: Endpoint Policy Manager Application Settings Manager log files. | `ppUser_spoon.log` `ppSwtiched_spoon.log`````` ppComputer_spoon.log` | LocalAppData | Spoon .DLL Shim | Logs for Spoon.Net and Novell ZENworks Application Virtualization. | | `ppTemp.log` | Temp | Any | Emergency log created when all other locations are not accessible. (Log name could be ppTemp or any of the above.) | -You can see an example of the contents of the logs in Figure 101. +You can see an example of the contents of the logs In the figure shown. ![troubleshooting_policypak_5](/images/endpointpolicymanager/troubleshooting/applicationsettings/logs/troubleshooting_endpointpolicymanager_5.webp) -Figure 101. An example of the logs. +The figure shown. An example of the logs. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/clientissues.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/clientissues.md index f19268ad3e..2bc1eb8aa7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/clientissues.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/clientissues.md @@ -14,4 +14,7 @@ To get you working as quickly as possible, please send us the following items: - Screenshots or a video of the problem (if there's something to see). Use an application like ScreenShot Pilot (What must I send to Endpoint Policy Manager support in order to get the FASTEST support?) or Jing - ([https://www.endpointpolicymanager.com/video/working-with-others-and-using-the-central-store.html](https://www.endpointpolicymanager.com/video/working-with-others-and-using-the-central-store.html)). + ([https://www.policypak.com/video/working-with-others-and-using-the-central-store.html](https://www.policypak.com/video/working-with-others-and-using-the-central-store.html)). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/enhancedclientlogging.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/enhancedclientlogging.md index 6145af5cd4..d260842fb7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/enhancedclientlogging.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/enhancedclientlogging.md @@ -10,8 +10,11 @@ Technical support may ask you to turn on enhanced client logging if the normal l enough troubleshooting information. Only enable these logs when working with technical support. Go to `HKLM\SOFTWARE\Policies\PolicyPak\Config\CSE\` and create a` REG_DWORD` named `ExtendedLogs` -to a value of 1. An example can be seen in Figure 96. +to a value of 1. An example can be seen In the figure shown. ![troubleshooting_policypak_624x284](/images/endpointpolicymanager/troubleshooting/applicationsettings/support/troubleshooting_endpointpolicymanager_624x284.webp) -Figure 96. The creation and naming of `REG_DWORD`. +The figure shown. The creation and naming of `REG_DWORD`. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/extendedlogs.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/extendedlogs.md index 00f191a1d0..dcb1e4bd85 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/extendedlogs.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/extendedlogs.md @@ -8,12 +8,15 @@ sidebar_position: 50 Technical support may ask you to turn on extended AppLock™ logging if the locking mechanism isn't working as expected. Navigate to `HKLM\SOFTWARE\PolicyPak\Config\AppLock` and set `ExtendedLogs `to -a `REG_DWORD` value 1 of as seen in Figure 97. +a `REG_DWORD` value 1 of as seen In the figure shown. ![troubleshooting_policypak_1](/images/endpointpolicymanager/troubleshooting/applicationsettings/applock/troubleshooting_endpointpolicymanager_1.webp) -Figure 97. The AppLock key will not exist by default and must be created before the value is set +The figure shown. The AppLock key will not exist by default and must be created before the value is set within it. AppLock™ logs are stored in separate files for each app. For example, WinZip logs are now located in` %localappdata%\endpointpolicymanager\AppLock\WINZIP.EXE\ppAlClient.log` + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview.md index b720e33d6c..cff2f242bf 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview.md @@ -12,3 +12,6 @@ However, there are several areas that you may want to focus on if you encounter Since these are common problems with easy solutions, these steps should be performed before calling or emailing Endpoint Policy Manager technical support. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview_1.md index 593b825633..c8bc9c78a0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/overview_1.md @@ -12,3 +12,6 @@ captured the application's UI using Endpoint Policy Manager DesignStudio, did yo type of machine and then try to deploy it to another? For instance, did you capture WinZip while running on Windows 7 and then try to deploy it to a Windows 10 machine? This might work, but sometimes it might not. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/settings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/settings.md index 4e9f17149d..d7b25f4ea6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/settings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/settings.md @@ -12,8 +12,8 @@ this problem - Did you go through the Quickstart guide (see "Endpoint Policy Manager Application Settings Manager Quickstart with Preconfigured Paks") and work through the suggested example start to end? When - people sit down and patiently work through the installation steps in Book 2: Installation - Quickstart, and the Quickstart examples in this book, most will see what they were doing wrong. + people sit down and patiently work through the installation steps in the Installation + Quickstart, and the Quickstart examples in this documentation, most will see what they were doing wrong. - Did you install the Endpoint Policy Manager CSE on your client machines? - Did you create the Endpoint Policy Manager Application Settings Manager settings within the group policy object (GPO) on the correct side? Most of the time, you'll want to edit the User side of @@ -30,7 +30,7 @@ this problem Most pre-configured Paks ship with internal Item-Level Targeting, which means the Pak is designed to only affect a specific version of the application. You can bypass internal Item-Level Targeting in the Pak. Refer to the video at -[http://www.endpointpolicymanager.com/videos/bypassing-internal-item-level-targeting-filters.html](https://www.endpointpolicymanager.com/integration/endpointpolicymanager-group-policy-change-management-utilities.html) +[https://www.policypak.com/videos/bypassing-internal-item-level-targeting-filters.html](https://www.policypak.com/integration/endpointpolicymanager-group-policy-change-management-utilities.html) to see how to bypass internal Item-Level Targeting. - Did you use block inheritance to block the licensing GPO or block the GPO that is delivering the diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/tuningbypassing.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/tuningbypassing.md index 8c06b4674c..a8e8d029bf 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/tuningbypassing.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/tuningbypassing.md @@ -36,9 +36,12 @@ following values live in `HKLM\Software\PolicyPak\Config\CSE\ILT `and are REG_DW seconds). An example of using one of these entries—the `BypassAllILT `entry, which would turn off all ILT -processing—can be seen in Figure 102. Note that the ILT key will not exist by default and must be +processing—can be seen In the figure shown. Note that the ILT key will not exist by default and must be created before the value is set within it. ![troubleshooting_policypak_6](/images/endpointpolicymanager/troubleshooting/applicationsettings/itemleveltargeting/troubleshooting_endpointpolicymanager_6.webp) -Figure 102. An example of a `BypassAllILT `entry. +The figure shown. An example of a `BypassAllILT `entry. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/versionnumbers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/versionnumbers.md index 7aac07a9f1..41e9b4bd88 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/versionnumbers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/applicationsettings/versionnumbers.md @@ -23,21 +23,24 @@ Manager Creation Station. every system (or at least a test system where you want to perform troubleshooting). If those steps fail, and your problem reoccurs, please be prepared with the version information from -the following areas, shown in Figure 98, Figure 99, and Figure 100. +the following areas, shown In the figure shown, Figure 99, and The figure shown. ![troubleshooting_policypak_2](/images/endpointpolicymanager/troubleshooting/applicationsettings/troubleshooting_endpointpolicymanager_2.webp) -Figure 98. Endpoint Policy Manager DesignStudio: Help | About. +The figure shown. Endpoint Policy Manager DesignStudio: Help | About. ![troubleshooting_policypak_3](/images/endpointpolicymanager/troubleshooting/applicationsettings/troubleshooting_endpointpolicymanager_3.webp) -Figure 99. Pak compiled version. With any Pak, open in the Group Policy Editor, and click Endpoint +The figure shown. Pak compiled version. With any Pak, open in the Group Policy Editor, and click Endpoint Policy Manager and then About. The About dialog shows the version number used to compile your Pak. ![troubleshooting_policypak_4](/images/endpointpolicymanager/troubleshooting/applicationsettings/troubleshooting_endpointpolicymanager_4.webp) -Figure 100. On Windows 7, you can see the version number of the CSE in the "Uninstall or change a +The figure shown. On Windows 7, you can see the version number of the CSE in the "Uninstall or change a program" applet in Control Panel. Note that these screenshots do NOT necessarily represent the latest versions of Endpoint Policy Manager Application Settings Manager and are only shown here for the purposes of our example. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/_category_.json index 451106de98..a5b03ad386 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/central.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/central.md index 96ddf7d48f..8c7565a424 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/central.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/central.md @@ -32,26 +32,26 @@ time. The actions that a domain administrator needs to perform are: - On any domain controller (preferably the PDC emulator), use Explorer to locate the SYSVOL folder. On most domain controllers, the SYSVOL folder is located in `c:\windows\sysvol\sysvol`. (Note - there are actually two directories named SYSVOL, one within the other, as seen in Figure 68). + there are actually two directories named SYSVOL, one within the other, as seen In the figure shown). - The name of your domain will be inside the SYSVOL folder. In this example, the domain name is - corp.com. Inside the directory, there will be a folder named Policies, as seen in Figure 69. -- Inside the Policies folder, create a directory named PolicyPak, as also seen in Figure 69. + corp.com. Inside the directory, there will be a folder named Policies, as seen In the figure shown. +- Inside the Policies folder, create a directory named PolicyPak, as also seen In the figure shown. - Finally, copy (or move) your local Endpoint Policy Manager extension DLLs from your local administrator's machine's` c:\Program Files\PolicyPak\Extensions` to the newly created Endpoint Policy Manager folder at `c:\windows\SYSVOL\SYSVOL\policies\PolicyPak`. An example of this can be - seen in Figure 70. + seen In the figure shown. ![policypak_application_settings_3_5](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_5.webp) -Figure 68. The location of the SYSVOL folders. +The figure shown. The location of the SYSVOL folders. ![policypak_application_settings_3_6](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_6.webp) -Figure 69. The newly created folder called "Endpoint Policy Manager." +The figure shown. The newly created folder called "Endpoint Policy Manager." ![policypak_application_settings_3_7](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_7.webp) -Figure 70. The Endpoint Policy Manager extension DLLs being moved to the newly created Endpoint +The figure shown. The Endpoint Policy Manager extension DLLs being moved to the newly created Endpoint Policy Manager folder. When you place all Endpoint Policy Manager extension DLLs in the Central Storage, the Endpoint @@ -60,16 +60,16 @@ Central Storage is available, there is nothing else to configure. Simply edit the existing GPO with Endpoint Policy Manager Application Settings Manager directives or create a new GPO. You should immediately see your Endpoint Policy Manager extensions available in -the Endpoint Policy Manager | Applications flyout menu (as seen in Figure 71) and, when they're -utilized, you'll see the Extension Location change to Central Storage, as seen in Figure 72. +the Endpoint Policy Manager | Applications flyout menu (as seen In the figure shown) and, when they're +utilized, you'll see the Extension Location change to Central Storage, as seen In the figure shown. ![policypak_application_settings_3_8](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_8.webp) -Figure 71. Endpoint Policy Manager extensions available in the flyout menu. +The figure shown. Endpoint Policy Manager extensions available in the flyout menu. ![policypak_application_settings_3_9](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_9.webp) -Figure 72. The extension location has been changed to Central Storage. +The figure shown. The extension location has been changed to Central Storage. :::note You may need to close the Group Policy Editor and then reopen it to see Endpoint Policy @@ -90,3 +90,6 @@ whenever they run the GPMC. (You won't see the Endpoint Policy Manager node unti Policy Manager Admin Console.msi is installed alongside the GPMC.) ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/findfixgpos.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/findfixgpos.md index 5185226409..8b3eedf60d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/findfixgpos.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/findfixgpos.md @@ -7,22 +7,22 @@ sidebar_position: 60 # Finding and Fixing GPOs with Endpoint Policy Manager DLL Orphans If someone deletes the DLL for a GPO (either within the Central Storage or Local Store), when you're -editing the GPO you'll see the error shown in Figure 88. +editing the GPO you'll see the error shown In the figure shown. ![policypak_application_settings_3_26](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_26.webp) -Figure 88. If the DLL is deleted for a GPO, an error will be shown. +The figure shown. If the DLL is deleted for a GPO, an error will be shown. This means the AppSet settings are not editable until the DLL is replaced in either the Local Store or Central Storage. This is called a Endpoint Policy Manager DLL Orphan. To help you quickly find all instances where this occurs, the Endpoint Policy Manager GPOTouch utility can locate all Endpoint Policy Manager DLL Orphans and rectify the situation. You can see -the Endpoint Policy Manager GPOTouch utility in Figure 89. +the Endpoint Policy Manager GPOTouch utility In the figure shown. ![policypak_application_settings_3_27](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_27.webp) -Figure 89. The Endpoint Policy Manager GPOTouch utility can find and repair orphaned Paks within +The figure shown. The Endpoint Policy Manager GPOTouch utility can find and repair orphaned Paks within GPOs. You simply need to have the original Endpoint Policy Manager DLL for your project and the Endpoint @@ -35,3 +35,6 @@ Policy Manager DLL Orphans, please watch this video: [Understanding and fixing Endpoint Policy Manager DLL Orphans](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllorphans.md). ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/gpotouchutility.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/gpotouchutility.md index ac6cdf0603..5c200b27ca 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/gpotouchutility.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/gpotouchutility.md @@ -19,11 +19,11 @@ DesignStudio setup MSI. To start the Endpoint Policy Manager GPOTouch utility, find it in the Start Menu, as seen in -Figure 87. +The figure shown. ![policypak_application_settings_3_25](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_25.webp) -Figure 87. The Start Menu showing Endpoint Policy Manager GPOTouch. +The figure shown. The Start Menu showing Endpoint Policy Manager GPOTouch. Then follow the prompts to specify the source for the latest AppSets that you want to update: Central Storage, Share-Based Storage, Local Store, or All GPOs with the latest AppSets. @@ -33,3 +33,6 @@ To see an overview of the Endpoint Policy Manager GPOTouch utility, please watch tutorial video: [GPOTouch Utility](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/touchutility.md). ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/local.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/local.md index 985b2e2862..7de4600074 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/local.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/local.md @@ -13,12 +13,12 @@ directories. - `%ProgramFiles%\PolicyPak\Design Studio\Extensions` - `%appdata%\PolicyPak\Extensions` -In Figure 64, you can see the`%ProgramFiles%\PolicyPak\Extensions`directory and the compiled AppSets +In the figure shown, you can see the`%ProgramFiles%\PolicyPak\Extensions`directory and the compiled AppSets within it. ![policypak_application_settings_3_1](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_1.webp) -Figure 64. The files that are contained in the` %ProgramFiles%\PolicyPak\Extensions` directory. +The figure shown. The files that are contained in the` %ProgramFiles%\PolicyPak\Extensions` directory. Note that each compiled AppSet has a specific name: `PP-{name of file that you saved}.dll`. @@ -30,11 +30,11 @@ All compiled AppSets must have a name starting with "PP-". This is to prevent er placed into the Extensions directory and, consequently, the Endpoint Policy Manager MMC snap-in trying to load them, which could cause an error. -In Figure 65, you can see the extension DLL is being leveraged from Local Storage. +In the figure shown, you can see the extension DLL is being leveraged from Local Storage. ![policypak_application_settings_3_2](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_2.webp) -Figure 65. The Local Storage is being leveraged by the extension DLL. +The figure shown. The Local Storage is being leveraged by the extension DLL. Local Storage is fine if you only have one administrator in the domain. However, you should always make backup copies of your original pXML files (XML files) and your compiled extension DLLs. This is @@ -75,7 +75,7 @@ Group Policy Editor, he or she must install the included Endpoint Policy Manager Once he or she has done that, the administrator edits the existing GPO and Endpoint Policy Manager directive that contains WinZip directives and receives a message similar to what is shown in -Figure 66. +The figure shown. :::note If you use the Group Policy Editor and don't see the Endpoint Policy Manager node while @@ -86,7 +86,7 @@ the GPMC. ![policypak_application_settings_3_3](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_3.webp) -Figure 66. This message informs the adminstrator that they need to set up +The figure shown. This message informs the adminstrator that they need to set up `c:\Program Files\PolicyPak\Extensions` directory on this computer. When the administrator is on the Admin3 machine, the Endpoint Policy Manager MMC console simply @@ -98,15 +98,18 @@ needs to copy the extension DLL from the Admin1 computer's `c:\Program Files\Pol directory to the Admin3 computer's `c:\Program Files\PolicyPak\Extensions` directory. Additionally, since the DLL isn't on the local machine, there is no way for that administrator to -create a new GPO that contains Endpoint Policy Manager directives, as seen in Figure 67. If there +create a new GPO that contains Endpoint Policy Manager directives, as seen In the figure shown. If there are no Endpoint Policy Manager extension DLLs on the machine that is running the GPMC, then there is no way to define an AppSet item. ![policypak_application_settings_3_4](/images/endpointpolicymanager/applicationsettings/appsetfiles/storage/endpointpolicymanager_application_settings_3_4.webp) -Figure 67. The application is unavailable because there is no way for the administrator to create a +The figure shown. The application is unavailable because there is no way for the administrator to create a new GPO if the DLL isn't on the local machine. Ensuring that these DLLs are always available wherever an administrator might roam can be a real nuisance. With that in mind, Endpoint Policy Manager will honor Endpoint Policy Manager Central Storage and Endpoint Policy Manager Share-Based Storage, as explored in the next sections. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/overview.md index 9a207193de..819485493d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/overview.md @@ -26,6 +26,9 @@ existing Endpoint Policy Manager XMLs when necessary. :::note You can watch an introductory video overview of this section in the tutorial video we created, which can be found here: -[https://www.endpointpolicymanager.com/video/working-with-others-and-using-the-central-store.html](https://www.endpointpolicymanager.com/video/endpointpolicymanager-acl-lockdown-for-registry-based-applications.html). +[https://www.policypak.com/video/working-with-others-and-using-the-central-store.html](https://www.policypak.com/video/endpointpolicymanager-acl-lockdown-for-registry-based-applications.html). ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/sharebased.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/sharebased.md index dde8a7cd6a..4306fbb982 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/sharebased.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/sharebased.md @@ -9,7 +9,7 @@ sidebar_position: 30 :::note For an overview of Share-Based Storage for Endpoint Policy Manager extension DLLs, see this video: -[http://www.endpointpolicymanager.com/videos/endpointpolicymanager-using-shares-to-store-your-paks-share-based-storage.html](http://www.endpointpolicymanager.com/videos/bypassing-internal-item-level-targeting-filters.html). +[https://www.policypak.com/videos/endpointpolicymanager-using-shares-to-store-your-paks-share-based-storage.html](http://www.policypak.com/videos/bypassing-internal-item-level-targeting-filters.html). ::: @@ -66,3 +66,6 @@ to` HKEY_CURRENT_USER\Software\ PolicyPak\Config\MMC\CentralStores`. In the Registry editor you can mass-deliver Share-Based Storage locations to other Endpoint Policy Manager administrators quickly and automatically. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/versioncontrol.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/versioncontrol.md index ecf477a502..3568044fe7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/versioncontrol.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/appsetfiles/versioncontrol.md @@ -35,29 +35,29 @@ control mechanism in a test lab before rolling out an update into your productio An AppSet is defined by its project name. You can see the project name when you utilize an AppSet and also when you're working with the project within Endpoint Policy Manager DesignStudio by -selecting the Project Properties tab on the left (see Figure 78). +selecting the Project Properties tab on the left (See the figure here). ![policypak_application_settings_3_16](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_16.webp) -Figure 78. The project name on the Project Properties tab in Endpoint Policy Manager DesignStudio. +The figure shown. The project name on the Project Properties tab in Endpoint Policy Manager DesignStudio. Note that the project name is NOT the same name as the file name, which you used for the pXML (XML) file. The project name is internal to the project itself. In this example, our existing WinZip project file was opened and a new checkbox was added, v2, for -the sake of adding something new for this example (see Figure 79). Then the file was saved with a +the sake of adding something new for this example (See the figure here). Then the file was saved with a different name (`WinZipc.xml`). Finally, the project was compiled. The result is as follows: - The original output file is pp-WinZip 14 to 17.dll because the original pXML filename `was Winzip 14 to 17.xml`. - The new output file is`pp-WinZipc.dll`because the updated pXML filename is `WinZipc.xml`. -However, in both cases, the internal project name is WinZip, as seen in Figure 79, because it did +However, in both cases, the internal project name is WinZip, as seen In the figure shown, because it did not change between projects. ![policypak_application_settings_3_17](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_17.webp) -Figure 79. An example showing that, while the file names may change, the project name remains the +The figure shown. An example showing that, while the file names may change, the project name remains the same. ## Version Control When Leveraging Only the Local Storage @@ -73,25 +73,25 @@ Manager extensions and filenames. Endpoint Policy Manager | Applications node and select your application. In fact, even though multiple Endpoint Policy Manager extension DLLs exists for the same project, you'll only see one entry appears in the flyout menu. You can switch to different DLL at any time by right-clicking the -item and selecting "Reconnect Endpoint Policy Manager DLL," as shown in Figure 80. +item and selecting "Reconnect Endpoint Policy Manager DLL," as shown In the figure shown. ![policypak_application_settings_3_18](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_18.webp) -Figure 80. You can connect to any version at any time when working with GPOs. +The figure shown. You can connect to any version at any time when working with GPOs. -**Step 2 –** Now select the DLL you want as shown in Figure 81.  You'll be able to select which +**Step 2 –** Now select the DLL you want as shown In the figure shown.  You'll be able to select which local storage version you want based on compiled date and time. The file names are also shown as a convenience. ![policypak_application_settings_3_19](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_19.webp) -Figure 81. Pick the version you want, either according to DLL name or date. +The figure shown. Pick the version you want, either according to DLL name or date. -Now the item is updated with the newer DLL as shown in Figure 82. +Now the item is updated with the newer DLL as shown In the figure shown. ![policypak_application_settings_3_20](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_20.webp) -Figure 82. Note the new version is listed now. +The figure shown. Note the new version is listed now. ## Version Control When Leveraging the Central Storage @@ -116,11 +116,11 @@ Creating a new GPO. While creating a new GPO, you will still be able to right-cl Policy Manager | Applications node and select your application. In fact, even though multiple Endpoint Policy Manager extension DLLs exist for the same project, you'll only see one entry appear in the flyout menu. When you click the desired project, you'll be prompted for which version you -want to use, as seen in Figure 83. +want to use, as seen In the figure shown. ![policypak_application_settings_3_21](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_21.webp) -Figure 83. For projects with the same name, you'll be prompted to choose which version you want to +The figure shown. For projects with the same name, you'll be prompted to choose which version you want to use while creating a new GPO. Since there is a DLL in both the Local Store and the Central Storage, you can choose which one you @@ -130,12 +130,12 @@ Editing an existing GPO. If you decide to edit an existing version of a GPO with one DLL is already in the Central Storage—then there is no immediate change. That is, you can double-click the AppSet item, and it will be edited using the original DLL that was already placed in the Central Storage. However, you can also upgrade an existing AppSet item with a newer DLL. To -do this, right-click the item and select "Update Endpoint Policy Manager DLL," as seen in Figure 84. +do this, right-click the item and select "Update Endpoint Policy Manager DLL," as seen In the figure shown. If the newer DLL is selected, it will update the underlying GPO data. ![policypak_application_settings_3_22](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_22.webp) -Figure 84. Upgrading an existing Pak item with a newer DLL. +The figure shown. Upgrading an existing Pak item with a newer DLL. ## Manually Migrating to Newer AppSet DLLs in the Central Storage @@ -158,19 +158,19 @@ Central Storage and **Step 2 –** remove the older DLL from the Central Storage. -You can see this in Figure 85. +You can see this In the figure shown. ![policypak_application_settings_3_23](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_23.webp) -Figure 85. The process of removing old DLLs. +The figure shown. The process of removing old DLLs. When you complete this process, the next time you (or other administrators) create new GPOs, you'll be using the version contained in the Central Storage. If you (or other administrators) edit an -existing GPO, you will get the familiar notice shown in Figure 86. +existing GPO, you will get the familiar notice shown In the figure shown. ![policypak_application_settings_3_24](/images/endpointpolicymanager/applicationsettings/appsetfiles/endpointpolicymanager_application_settings_3_24.webp) -Figure 86. The notice received when editing an existing GPO. +The figure shown. The notice received when editing an existing GPO. Selecting "No" confirms that you want to upgrade the data inside the GPO using the only DLL available—the one you placed in Central Storage. @@ -186,3 +186,6 @@ cautions: no way to control it anymore. So the last known setting for that element will be left on the client machine even if "Revert this policy setting to the default value when it is no longer applied" was originally configured for that element. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/_category_.json index 7fbe6f13a3..9a99ddf5b0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/advanced.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/advanced.md index 3f7eed185a..aaab598d3b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/advanced.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/advanced.md @@ -15,38 +15,38 @@ values. Let's explore all these areas. ## Basic Settings By default, all elements show their basic view. You can see at a glance the most important items -that the Configuration Wizard has configured, as shown in Figure 142. +that the Configuration Wizard has configured, as shown In the figure shown. ![advanced_appset_design_and](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and.webp) -Figure 142. The basic properties of an element. +The figure shown. The basic properties of an element. The Configuration Wizard should auto-fill in all basic properties for most items. However, one item that might need attention is the label link. Remember, the label link is the item that describes elements that have no text, like text boxes, spinboxes, dropdowns, sliders, and radio button groups. To configure the label link for an item, click on "Label Link" in the properties of the item, select the "…" (not shown), and then select the text on the page that most closely represents what the text -box, spinbox, etc. is trying to configure. In Figure 143, the radio button group is being described +box, spinbox, etc. is trying to configure. In the figure shown, the radio button group is being described by the text "Associated image viewer." ![advanced_appset_design_and_1](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and_1.webp) -Figure 143. Example of an element's label link. +The figure shown. Example of an element's label link. ## Advanced Settings You can also click the "Advanced" button within Properties to see more detailed information about an -element, as shown in Figure 144.> +element, as shown In the figure shown.> ![advanced_appset_design_and_2](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and_2.webp) -Figure 144. The "Advanced" button in the Properties dialog. +The figure shown. The "Advanced" button in the Properties dialog. The Advanced menu contains sections labeled "Control data" and "Actions." The control data specifies items like dimensions, the display name ("Text"), the default state, the revert state, whether or not the item is disabled ("Enabled"), and whether or not the item's text will stretch within the boundaries of the element's handles ("AutoSize"). The Actions area shows what occurs when the -checkbox is checked. In Figure 145, you can see the following: +checkbox is checked. In the figure shown, you can see the following: - "First Action" performs a registry update. - "`Reg. key`" is set to `WinZip\Policies`. This field is always relative to the data root, so the @@ -62,33 +62,36 @@ checkbox is checked. In Figure 145, you can see the following: value inside "passwordreqlower" is deleted. It's possible to see (or set) second and third actions when an element changes. You can dictate -values within any of the supported datatypes, as shown in Figure 145. +values within any of the supported datatypes, as shown In the figure shown. ![advanced_appset_design_and_3](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and_3.webp) -Figure 145. Examples of second actions. +The figure shown. Examples of second actions. You might want to do this if you had to configure both a registry item and also an INI file when a checkbox is checked. This is a very rare occurrence, but it does happen. After selecting the data type (Registry, INI, XML, etc.) you are then prompted for the section and -property (or registry key and registry value), which in Figure 146 are shown as "[MainFrame]" and +property (or registry key and registry value), which In the figure shown are shown as "[MainFrame]" and "AdvertiseIndex." ![advanced_appset_design_and_4](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and_4.webp) -Figure 146. Selecting the section and property. +The figure shown. Selecting the section and property. Once the value is manually selected, you are able to place the value automatically within the On or -Off values (or both or neither), as shown in Figure 147. +Off values (or both or neither), as shown In the figure shown. ![advanced_appset_design_and_5](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and_5.webp) -Figure 147. Placing the value within the "On" or "Off" fields. +The figure shown. Placing the value within the "On" or "Off" fields. After placing the items, you can further specify the On and Off values within the action itself, as -shown in Figure 148. Checkboxes are only allowed three actions. +shown In the figure shown. Checkboxes are only allowed three actions. ![advanced_appset_design_and_6](/images/endpointpolicymanager/applicationsettings/designstudio/advanced_appset_design_and_6.webp) -Figure 148. Specifying "On" and "Off" values within the action. +The figure shown. Specifying "On" and "Off" values within the action. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/_category_.json index ba220ad19d..9184bb63a2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/controlpanel.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/controlpanel.md index 0688635412..544bf07683 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/controlpanel.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/controlpanel.md @@ -8,7 +8,7 @@ sidebar_position: 20 Control panel items are some of the items you might want to deploy settings to and lock down with Endpoint Policy Manager AppLock™. Control Panel items can be items such as the control panel for -mouse, as shown in Figure 203, or items like the Adobe Flash Player Settings Manager or Internet +mouse, as shown In the figure shown, or items like the Adobe Flash Player Settings Manager or Internet Explorer Settings. These applications are special for Endpoint Policy Manager Application Settings Manager, and as such, there is special procedure in order to lock them down. In short, do not use 64-bit machines to try to capture Control Panel applets. Figure 203 shows that Endpoint Policy @@ -16,16 +16,19 @@ Manager DesignStudio sees the process as rundll32.exe when it is running on a 64 ![special_applications_and_project_3](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_3.webp) -Figure 203. The Control Panel item when running DesignStudio on a 64-bit machine. +The figure shown. The Control Panel item when running DesignStudio on a 64-bit machine. When Endpoint Policy Manager DesignStudio is running on a 32-bit machine, can see that the Control -Panel applet's name is being called by a CPL extension (see Figure 204). +Panel applet's name is being called by a CPL extension (See the figure here). ![special_applications_and_project_4](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_4.webp) -Figure 204. The Control Panel item when running DesignStudio on a 32-bit machine. +The figure shown. The Control Panel item when running DesignStudio on a 32-bit machine. So, in short, if you would like to capture and edit Control Panel items, use Endpoint Policy Manager DesignStudio on a 32-bit machine, and not a 64-bit machine. Endpoint Policy Manager AppLock™ should work fine when deployed to both 32-bit and 64-bit machines of the same type (i.e., captured on Windows 7 and managed on Windows 7). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/hkeylocalmachine.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/hkeylocalmachine.md index 346dfea44c..7ee919ae17 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/hkeylocalmachine.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/hkeylocalmachine.md @@ -13,14 +13,14 @@ a service and has entries only in `HKEY_Local_Machine`. You set the project up a ![special_applications_and_project_13](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_13.webp) -Figure 213. Defining the data root as `HKEY_Local_Machine`. +The figure shown. Defining the data root as `HKEY_Local_Machine`. However, when you do, you'll be prompted with a message suggesting that this might or might not work -as shown in Figure 214. +as shown In the figure shown. ![special_applications_and_project_14](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_14.webp) -Figure 214. The warning when defining the data root as `HKEY_Local_Machine`. +The figure shown. The warning when defining the data root as `HKEY_Local_Machine`. If you are sure that the application's value is best suited for `HKEY_Local_Machine`, you can safely ignore this warning. @@ -34,3 +34,6 @@ You'll get the same message for applications that store most of their settings i Acrobat Reader is an example in which most settings are in `HKEY_Current_User\Software\Adobe\Acrobat Reader\10.0`, but the updater settings are stored within `HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Adobe ARM\1.0\ARM` in the iCheck setting. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/javabased.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/javabased.md index fb20c3064e..6ddce80f86 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/javabased.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/javabased.md @@ -14,45 +14,47 @@ This is done in two steps: **Step 2 –** Turning off the user account control in Windows 7 -The link for the installable Java Access Bridge can be hard to find. Email Endpoint Policy Manager -tech support at [support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com), and we can provide you with a +The link for the installable Java Access Bridge can be hard to find. Please [open a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) and we can provide you with a copy. Once installed, don't reboot yet, even though the Java Access Bridge installation process asks you to. The second step to capture the UIs of Java-based applications is to disable the user account control. To do this, select "Change User Account Control settings" from the Start Menu, as shown in -Figure 199. +The figure shown. ![special_applications_and_project](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project.webp) -Figure 199. Disabling the user account control settings. +The figure shown. Disabling the user account control settings. -Then, slide the slider all the way to the bottom, as shown in Figure 200. +Then, slide the slider all the way to the bottom, as shown In the figure shown. ![special_applications_and_project_1](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_1.webp) -Figure 200. Changing the slider to "Never notify." +The figure shown. Changing the slider to "Never notify." At this point, reboot your Endpoint Policy Manager DesignStudio machine. When you next run Endpoint Policy Manager Application Settings Manager, the Tools|Options|Java tab will change to what's shown -in Figure 201. This will indicate that the Java Access Bridge has been loaded successfully and +In the figure shown. This will indicate that the Java Access Bridge has been loaded successfully and remind you that UAC controls need to be off. ![using_the_grays_wizard_13](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_13.webp) -Figure 201.  The Java Access Bridge has been loaded successfully. +The figure shown.  The Java Access Bridge has been loaded successfully. At this point, you can try to capture your application's UI if it's Java-based, like OpenOffice and other similar applications. Note that some Java-based applications will only capture when assistive -technology is turned on. In Figure 202, OpenOffice dialogs can be captured when this checkbox is +technology is turned on. In the figure shown, OpenOffice dialogs can be captured when this checkbox is checked first. ![special_applications_and_project_2](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_2.webp) -Figure 202.; Turning on assistive technology. +The figure shown.; Turning on assistive technology. :::note Not every Java-based UI will capture perfectly. Let us know if there's a particular application you're having trouble with. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/mozillabased.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/mozillabased.md index 0fa01c170d..d5a90032e6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/mozillabased.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/mozillabased.md @@ -21,7 +21,7 @@ machine will store user `settings within \Profiles\edk2qe8w.default`. ![special_applications_and_project_5](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_5.webp) -Figure 205. The location where using settings will be stored. +The figure shown. The location where using settings will be stored. Every machine on your network will have a storage location, meaning Firefox (or Thunderbird, Seamonkey, or Evergreen profiles) is stored in a unique directory on each computer. You can see in @@ -30,7 +30,7 @@ settings. ![special_applications_and_project_6](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_6.webp) -Figure 206. The `prefs.js` file location. +The figure shown. The `prefs.js` file location. The good news is Endpoint Policy Manager DesignStudio and the Endpoint Policy Manager Application Settings Manager CSE can handle this problem. Endpoint Policy Manager Application Settings Manager @@ -49,21 +49,21 @@ the following three files: To control Mozilla-based applications using Endpoint Policy Manager Application Settings Manager and Endpoint Policy Manager DesignStudio, we only need to teach DesignStudio where the profiles.ini file lives. This file is not the file that contains our user settings. This is the file that points us to -where the user settings (`prefs.js`) are stored (see Figure 207). +where the user settings (`prefs.js`) are stored (See the figure here). ![special_applications_and_project_7](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_7.webp) -Figure 207. The `profiles.ini `file. +The figure shown. The `profiles.ini `file. In Endpoint Policy Manager DesignStudio, for all other file-based project types (INI, XML, .properties, .js-type, etc.), you can select the specific file you want to manage. But with Mozilla project type files, you must always point to the profiles.ini file of the Mozilla application. For -example, with Firefox, you will likely want to specify what's shown in Figure 208. This is because +example, with Firefox, you will likely want to specify what's shown In the figure shown. This is because the `profiles.ini` file for Firefox lives in `%appdata%\Mozilla\Firefox`. ![special_applications_and_project_8](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_8.webp) -Figure 208. Pointing to the profiles.ini file location. +The figure shown. Pointing to the profiles.ini file location. Note also that the "Application name (optional)" field is filled in as "Mozilla Firefox." The "Application name (optional)" field is different than the project name. "Project name" is the @@ -75,7 +75,7 @@ Endpoint Policy Manager Application Settings Manager looks in the MSI installed like `*{string}*`. Therefore, its best to make the "Application name (optional)" field text more generic. -So, in the example in Figure 209, it is specified as "Mozilla Firefox," which will be generic enough +So, in the example In the figure shown, it is specified as "Mozilla Firefox," which will be generic enough to cover all versions of Mozilla Firefox. A common mistake is to add a string in this field that is too specific. For instance, putting @@ -84,7 +84,7 @@ will apply only when a product matching \*Mozilla Firefox 23.0\* is found on the This same idea applies to Thunderbird, Chatzilla, and all other Firefox-type applications. For Thunderbird, the right data file location is `%appdata%\Thunderbird\profiles.ini`, as shown in -Figure 209. This is because the Thunderbird profiles.ini file lives in `%appdata%\Thunderbird`. +The figure shown. This is because the Thunderbird profiles.ini file lives in `%appdata%\Thunderbird`. (Note that Thunderbird does not contain a "Mozilla" subdirectory like Firefox). Note also that the "Application @@ -92,15 +92,15 @@ name (optional)" field should be generic enough for all version of Mozilla Thund ![special_applications_and_project_9](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_9.webp) -Figure 209. Filling in the "Application name" field for Mozilla Thunderbird. +The figure shown. Filling in the "Application name" field for Mozilla Thunderbird. -For Sunbird, the location is `%appdata%\Mozilla\Sunbird\profiles.ini`, as shown in Figure 210. This +For Sunbird, the location is `%appdata%\Mozilla\Sunbird\profiles.ini`, as shown In the figure shown. This is because the Sunbird profiles.ini file lives in `%appdata%\Mozilla\Sunbird` (similar to Firefox). The "Application name (optional)" field should be "Mozilla Sunbird" (not shown in this screenshot). ![special_applications_and_project_10](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_10.webp) -Figure 210. The location of the Sunbird `profiles.ini` file. +The figure shown. The location of the Sunbird `profiles.ini` file. :::note Evergreen is a popular system for managing libraries. This application has been verified @@ -120,19 +120,19 @@ modify an existing file), named `user.js`. The file `user.js` will contain your application's settings, and will not modify the existing `prefs.js`. For example, before a Mozilla-based AppSet is written to a machine, the application's folder will -usually only have a `prefs.js` file describing the user experience, as shown in Figure 211. +usually only have a `prefs.js` file describing the user experience, as shown In the figure shown. ![special_applications_and_project_11](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_11.webp) -Figure 211. The `prefs.js` file. +The figure shown. The `prefs.js` file. After the AppSet successfully applies, Endpoint Policy Manager Application Settings Manager will write a new file, `user.js`, instead of changing the `prefs.js` file directly. You can see the -new` user.js` file after the AppSet settings are deployed to Firefox on the machine in Figure 212. +new` user.js` file after the AppSet settings are deployed to Firefox on the machine In the figure shown. ![special_applications_and_project_12](/images/endpointpolicymanager/applicationsettings/designstudio/applicationsprojects/special_applications_and_project_12.webp) -Figure 212. The `user.js `file. +The figure shown. The `user.js `file. Note again that `prefs.js` is not touched during the delivery of the settings. The Mozilla-based applications will treat `user.js` as special file that has two very important characteristics: @@ -152,3 +152,6 @@ inside Firefox, those changes are thrown away for next time. For more information on `user.js` files you can check out the following web article: `http://kb.mozillazine.org/User.js_file` + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/overview.md index d2fa27d406..f9ab6574dd 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/overview.md @@ -9,3 +9,6 @@ sidebar_position: 150 Some Netwrix Endpoint Policy Manager (formerly PolicyPak) DesignStudio projects require special consideration. In this section, we will share with you some notes about particular types of applications you might want to make into AppSets. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/virtualized.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/virtualized.md index 834137f925..83e06947e7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/virtualized.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applicationsprojects/virtualized.md @@ -14,3 +14,6 @@ Virtualization (SWV). Creating application virtualization packages is beyond the scope of this document, but if you're already using an application virtualization solution, then Endpoint Policy Manager Application Settings Manager can manage those applications naturally using Group Policy. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applockguids.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applockguids.md index 4dc6690843..d88ae6ff38 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applockguids.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/applockguids.md @@ -9,37 +9,40 @@ sidebar_position: 80 Some applications embrace the idea of Netwrix Endpoint Policy Manager (formerly PolicyPak) AppLock™ tab hiding, but won't honor Endpoint Policy Manager AppLock™. For instance, Firefox has tabs, but doesn't honor Endpoint Policy Manager AppLock™ in practice. For this reason, in the GPO, this would -not be honored when affecting the client, as shown in Figure 149. +not be honored when affecting the client, as shown In the figure shown. ![removing_applock_guids](/images/endpointpolicymanager/applicationsettings/designstudio/removing_applock_guids.webp) -Figure 149. An example of an application that does not honor Endpoint Policy Manager AppLock™. +The figure shown. An example of an application that does not honor Endpoint Policy Manager AppLock™. Another application that does not honor Endpoint Policy Manager AppLock™ is Acrobat Reader, as -shown in Figure 150, since it doesn't have tabs at all. +shown In the figure shown, since it doesn't have tabs at all. ![removing_applock_guids_1](/images/endpointpolicymanager/applicationsettings/designstudio/removing_applock_guids_1.webp) -Figure 150. Example of an application without any tabs. +The figure shown. Example of an application without any tabs. -For this reason, trying to disable the tab in the GPO doesn't make much sense (see Figure 151). +For this reason, trying to disable the tab in the GPO doesn't make much sense (See the figure here). ![removing_applock_guids_2](/images/endpointpolicymanager/applicationsettings/designstudio/removing_applock_guids_2.webp) -Figure 151. Disabling tabs does not work for applications that do not have tabs. +The figure shown. Disabling tabs does not work for applications that do not have tabs. In these cases, you might want to remove the AppLock™ GUIDs from the project so that it is not possible to right-click on a tab in the Group Policy MMC. To do that, follow the steps presented in -Figure 152. +The figure shown. ![removing_applock_guids_3](/images/endpointpolicymanager/applicationsettings/designstudio/removing_applock_guids_3.webp) -Figure 152. Disabling AppLock™ GUIDs. +The figure shown. Disabling AppLock™ GUIDs. When you do this, each tab in the compiled project will no longer have the option to "Disable whole tab in target application" or "Force display of whole tab in target application," as shown in -Figure 153. +The figure shown. ![removing_applock_guids_4](/images/endpointpolicymanager/applicationsettings/designstudio/removing_applock_guids_4.webp) -Figure 153. AppLock™ GUIDs have been removed. +The figure shown. AppLock™ GUIDs have been removed. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/_category_.json index 9efc903653..db7dce2641 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/additionalconfiguration.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/additionalconfiguration.md index d124a9c7a0..b13713cde1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/additionalconfiguration.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/additionalconfiguration.md @@ -14,14 +14,14 @@ Configuration Wizard detects multiple values and what is meant by a labeled link :::tip Remember, the Configuration Wizard may find values that are new, changed, or deleted during any -given capture. In the example in Figure 121, the "Name" text box field was configured by the wizard. +given capture. In the example In the figure shown, the "Name" text box field was configured by the wizard. A value of "Test" was entered into the application. ::: ![configuring_elements_using_14](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_14.webp) -Figure 121. A change to the Name textbox field. +The figure shown. A change to the Name textbox field. Here, the wizard detected multiple changes. The key to the changes is as follows: @@ -47,7 +47,7 @@ Figure 122, we can see that checking on the setting was changing "passwordreqlow ![configuring_elements_using_15](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_15.webp) -Figure 122. Re-trying a specific item with the Configuration Wizard. +The figure shown. Re-trying a specific item with the Configuration Wizard. The Configuration Wizard will check the settings that are unknown and guess what the value should be, placing it into the appropriate checkbox. You have two choices here: @@ -58,17 +58,17 @@ be, placing it into the appropriate checkbox. You have two choices here: - Continue onward with the Configuration Wizard and it will ask you to re-try a specific state (in this case, unchecking a checkbox) to see how the application behaves. Once the value is definitely known, the red color is removed from the value. No checkmarks are present to re-discover any - specific values. An example is shown in Figure 123. + specific values. An example is shown In the figure shown. ![configuring_elements_using_16](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_16.webp) -Figure 123. Neither checkbox is selected after re-trying a specific state. +The figure shown. Neither checkbox is selected after re-trying a specific state. ## Linked Label Selection Some items in the Configuration Wizard will ask you about linked label selection (also known as label links). During the Configuration Wizard process, some elements, like text boxes, spinboxes, -sliders, and other elements need know what they are setting. In Figure 124, you can see an example +sliders, and other elements need know what they are setting. In the figure shown, you can see an example of setting a text box label link. The word that is most similar to the name of the element itself is its label. It might look like just some text on the form, but inside Endpoint Policy Manager DesignStudio, it has a type called "Label." In short, when asked to select the linked label, it's @@ -78,13 +78,16 @@ the word "Name" on the Linked Label Selection page. ![configuring_elements_using_17](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_17.webp) -Figure 124. Selecting the linked label for an element. +The figure shown. Selecting the linked label for an element. -In the second example in Figure 125, we're configuring a slider and need to choose the linked label. +In the second example In the figure shown, we're configuring a slider and need to choose the linked label. In this case, it could be argued that either "Speed:" or "Double-click speed" would make good linked label selections, because either one describes what the slider does. "Double-click speed" is likely a slightly better choice here for clarity. ![configuring_elements_using_18](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_18.webp) -Figure 125. Choosing a linked label. +The figure shown. Choosing a linked label. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/commonerrors.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/commonerrors.md index 806dff046c..b50238d33c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/commonerrors.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/commonerrors.md @@ -14,11 +14,11 @@ now. If you inadvertently checked two checkboxes when making changes, as shown in the top window of Figure 116, the Configuration Wizard detects both changes and asks you which one you intended to make. If you know which one you wanted to select, you can check the corresponding box in the wizard. -In the example below, we want to choose "passwordreqlower," as shown in Figure 116. +In the example below, we want to choose "passwordreqlower," as shown In the figure shown. ![configuring_elements_using_9](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_9.webp) -Figure 116. Selecting which of the two boxes was intended to be checked. +The figure shown. Selecting which of the two boxes was intended to be checked. You can also cancel the Configuration Wizard, and start over again if you see lots of unfamiliar settings and are unsure of which to choose. @@ -26,12 +26,12 @@ settings and are unsure of which to choose. ## Unexpected Changes Sometimes setting one element (checkbox, dropdown, etc.) will add a lot of unexpected values to the -application. For instance, clicking this one checkbox in Figure 117 below added what appears to be +application. For instance, clicking this one checkbox In the figure shown below added what appears to be five changes. ![configuring_elements_using_10](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_10.webp) -Figure 117. Unexpected changes after selecting an element. +The figure shown. Unexpected changes after selecting an element. Usually, this happens when the first item in an application is written. The application will make a bunch of assumptions and write those items as a baseline. When this happens, you can either choose @@ -39,12 +39,12 @@ the correct setting (based on the choices that are shown) or cancel the Configur start again. To start again, put the checkbox (or dropdown, etc.) back to the original location, click "Apply" or "OK" in the application to re-write the original setting, then restart the Configuration Wizard. Doing so will isolate the one change that the checkbox (dropdown, etc.) is -really changing. A successful attempt is shown in Figure 118. Instead of five changed values, there +really changing. A successful attempt is shown In the figure shown. Instead of five changed values, there is only one. ![configuring_elements_using_11](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_11.webp) -Figure 118. A successful attempt at making changes after the Configuration Wizard has been +The figure shown. A successful attempt at making changes after the Configuration Wizard has been restarted. This scenario is very common. So, if you see activity that doesn't make sense, close the @@ -54,22 +54,25 @@ one changed value. ## Multiple Values Controlling One Element Sometimes one element (checkbox, dropdown, etc.) will actually control multiple values at the same -time. In the example in Figure 119, "Default page layout" has four possible settings. When one of +time. In the example In the figure shown, "Default page layout" has four possible settings. When one of those settings, "Facing," is selected, the wizard detects two changes as shown. ![configuring_elements_using_12](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_12.webp) -Figure 119. Two changes being detected for one element. +The figure shown. Two changes being detected for one element. The wizard may suggest that both changed values are valid. In this case, "Showmode" and "HasFacing" are indeed being set by the change of this element, so ensuring both checkmarks are checked and -continuing onward makes sense. In Figure 120, we can see the results of changing these two items +continuing onward makes sense. In the figure shown, we can see the results of changing these two items simultaneously. If only one checkmark was checked in the previous step, the dropdown would not have been configured correctly. ![configuring_elements_using_13](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_13.webp) -Figure 120. Successfully changing two items simultaneously. +The figure shown. Successfully changing two items simultaneously. If the wizard detects that both values (ShowMode and HasFacing) are being changed each time, it will proceed onward recording all the changed values and not prompt for input. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/defaultdataroots.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/defaultdataroots.md index 4ef92f4e36..a64f4f26ca 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/defaultdataroots.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/defaultdataroots.md @@ -16,31 +16,31 @@ To be specific, the Configuration Wizard doesn't look for all changed files and entries. It's only looking where you tell it to look. At the start of every project, you are asked where the application's data is stored, and you set that as your default data root. We set up the data root in the previous section, "Setting Up Application Configuration Data." Recall that your -data root can be a registry key (as shown in Figure 108) or a specific file, like an INI or XML file +data root can be a registry key (as shown In the figure shown) or a specific file, like an INI or XML file (Figure 109). ![configuring_elements_using_1](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_1.webp) -Figure 108. Data root selection with registry key. +The figure shown. Data root selection with registry key. ![configuring_elements_using_2](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_2.webp) -Figure 109. Data root selection with an INI file. +The figure shown. Data root selection with an INI file. This can be done at the start of any new project or later on in a project by selecting the Project -Properties tab and changing the data root, as shown in Figure 110. +Properties tab and changing the data root, as shown In the figure shown. ![configuring_elements_using_3](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_3.webp) -Figure 110. Changing the data root. +The figure shown. Changing the data root. There is also another way to change the data root, which is inside the Configuration Wizard itself. While configuring items, if you realize that you need to make a change, it's easy to set a location -for the data root, as shown in Figure 111. +for the data root, as shown In the figure shown. ![configuring_elements_using_4](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_4.webp) -Figure 111. Changing the location of the data root. +The figure shown. Changing the location of the data root. :::note This adjusts all existing elements such that their paths are now relative to this new @@ -59,3 +59,6 @@ files. In most cases, simply select the top most entry within a file and the Con will look for all changes that happen within that file. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/_category_.json index f50bdefef4..0c3a6b9996 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/comboboxes.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/comboboxes.md index 5ed83c55e1..bcbef59b1d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/comboboxes.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/comboboxes.md @@ -7,17 +7,17 @@ sidebar_position: 40 # Combo Boxes Combo boxes inside applications allow for you to choose one item in a set of many items. In this -example, the combo box has four valid items, as shown in Figure 135. +example, the combo box has four valid items, as shown In the figure shown. ![configuring_elements_using_28_624x275](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_28_624x275.webp) -Figure 135. An example of a combo box. +The figure shown. An example of a combo box. -In the example in Figure 136, however, Endpoint Policy Manager DesignStudio brought in six entries. +In the example In the figure shown, however, Endpoint Policy Manager DesignStudio brought in six entries. ![configuring_elements_using_29](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_29.webp) -Figure 136. An incorrect number of entries has been brought in by DesignStudio. +The figure shown. An incorrect number of entries has been brought in by DesignStudio. :::note You can see the entries by double-clicking on a combo box. @@ -32,9 +32,12 @@ You can adjust for this in two ways: - Or, in the Configuration Wizard, wait until the items you want to remove are presented the select "Skip and remove this item." -You can see the "Skip and remove this item" selection in Figure 137. This will remove the incorrect +You can see the "Skip and remove this item" selection In the figure shown. This will remove the incorrect entry from the List Collection Editor for the combo box. ![configuring_elements_using_30](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_30.webp) -Figure 137. Removing the incorrect entry. +The figure shown. Removing the incorrect entry. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/filefolderbrowsers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/filefolderbrowsers.md index 446fadcd3a..42b1db92ab 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/filefolderbrowsers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/filefolderbrowsers.md @@ -14,12 +14,15 @@ Endpoint Policy Manager DesignStudio that this is the case. In the example below, a working folder item is shown. To configure the dialog as a folder browser, right-click the "…" and select "Change type to…." Then, select "Folder Browser," as shown in -Figure 138. +The figure shown. ![configuring_elements_using_31](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_31.webp) -Figure 138. Configuring a dialog as a folder browser. +The figure shown. Configuring a dialog as a folder browser. Then, right-click the "…" again and select "Configuration Wizard." The goal is to change the folder (or file) to anything different so that the Capture Wizard detects the change. You may choose the original folder (or file) as the default and revert settings. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/fontbrowsers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/fontbrowsers.md index fe2d173120..7f0c1345ae 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/fontbrowsers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/fontbrowsers.md @@ -6,30 +6,33 @@ sidebar_position: 60 # Font Browsers -Buttons can also be converted to font browsers, as shown in Figure 139. +Buttons can also be converted to font browsers, as shown In the figure shown. ![configuring_elements_using_32](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_32.webp) -Figure 139. Converting a dialog to a font browser. +The figure shown. Converting a dialog to a font browser. A font browser button requires at least one text box, or ideally two text boxes, to work. If no text boxes are available on the page, you are not allowed to configure the Font Browser button, as shown -in Figure 140. +In the figure shown. ![configuring_elements_using_33](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_33.webp) -Figure 140. Configuring a dialog to a font browser requires at least one text box. +The figure shown. Configuring a dialog to a font browser requires at least one text box. The first text box is used to fill in the actual font name automatically with the Font Browser button. The second text box may or may not be used to fill in the font's size. In the Firefox example below, the "Default font" text box will be used for the font name. However, it has its own separate dropdown control for the size. In this case, the Font Browser Configuration Wizard will ask -you which text box you want to use for the font name, as see in Figure 141. +you which text box you want to use for the font name, as see In the figure shown. ![configuring_elements_using_34](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_34.webp) -Figure 141. Selecting the font name. +The figure shown. Selecting the font name. If a second text box is available on the page, you are asked if you would like to use it for the font size. Otherwise, it is assumed that another element on the form will control font size, like it is here with the Size dropdown menu. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/overview.md index b546fc346b..3790f93ddb 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/overview.md @@ -29,3 +29,6 @@ Most elements have the following constructs: - Linked label (for items that cannot describe themselves) We'll explore some of these element types in the following sections. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/radiobuttons.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/radiobuttons.md index 14a0835cdc..6829329b1c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/radiobuttons.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/radiobuttons.md @@ -7,42 +7,45 @@ sidebar_position: 10 # Radio Buttons Radio buttons can only be configured in a group. If you use the Endpoint Policy Manager Capture -Wizard, radio buttons are always grouped together automatically, as shown in Figure 126. +Wizard, radio buttons are always grouped together automatically, as shown In the figure shown. ![configuring_elements_using_19](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_19.webp) -Figure 126. Radio buttons are configured in a group. +The figure shown. Radio buttons are configured in a group. -It's also possible to un-group radio buttons, as shown in Figure 127. +It's also possible to un-group radio buttons, as shown In the figure shown. ![configuring_elements_using_20](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_20.webp) -Figure 127. Ungrouping radio buttons. +The figure shown. Ungrouping radio buttons. You may need to un-group radio button items then manually re-group them. This can occur where the Capture Wizard doesn't accurately recognize sets of radio buttons within a frame. In the case shown -in the application (right-hand graphic in Figure 126), these two radio button groups shouldn't act +in the application (right-hand graphic In the figure shown), these two radio button groups shouldn't act as one group; they are really two separate groups. Right-click the group and select "Ungroup," as -shown in Figure 126. Then, you will be left with four separate radio buttons. +shown In the figure shown. Then, you will be left with four separate radio buttons. In this project, the first two need to be grouped, and the second two need to be grouped. To do this, press and hold the Ctrl key, then click on the first two radio button items to select them -both. Then right-click and select "Group," as shown in Figure 128. Repeat this proces for the second +both. Then right-click and select "Group," as shown In the figure shown. Repeat this proces for the second group. ![configuring_elements_using_21](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_21.webp) -Figure 128. Grouping radio buttons. +The figure shown. Grouping radio buttons. Then, once the buttons are grouped, you can run the Configuration Wizard over each group -independently, as shown in Figure 129. +independently, as shown In the figure shown. ![configuring_elements_using_22](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_22.webp) -Figure 129. Using the Configuration Wizard on each group of buttons. +The figure shown. Using the Configuration Wizard on each group of buttons. :::note If the wizard is unable to verify all the values, you may be asked to re-check a specific radio button item to definitively know if an item was changed or deleted. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/slidersspinboxes.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/slidersspinboxes.md index d58b91407d..c6874fdb9d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/slidersspinboxes.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/slidersspinboxes.md @@ -14,22 +14,22 @@ how they need to be configured. To configure a slider or spinbox, we need to kno - Maximum (right most or top most) value Usually, the left most value is a number that is less than the right most value. For instance, a -slider labeled "Volume," as shown in Figure 130, would have a lower value when slid to the left, and +slider labeled "Volume," as shown In the figure shown, would have a lower value when slid to the left, and a higher value when slid to the right. ![configuring_elements_using_23_624x182](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_23_624x182.webp) -Figure 130. A typical slider. +The figure shown. A typical slider. Although this is usually true, in the next example, the minimum (left most) value was 900 and the -maximum (right most) value was 200 (see Figure 131). DesignStudio discovers this during the wizard +maximum (right most) value was 200 (See the figure here). DesignStudio discovers this during the wizard process and suggests what is likely going on. In most cases, keeping the default will be the right thing to do, which will establish this as a reverse slider and correctly establish the minimum and maximum values. ![configuring_elements_using_24](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_24.webp) -Figure 131. Discovering a reverse slider with DesignStudio. +The figure shown. Discovering a reverse slider with DesignStudio. Note also that the Slider Configuration Wizard will capture the original value set in the slider when the wizard was run, and suggest that value as the default value and the revert value. The @@ -38,7 +38,7 @@ Slider Configuration Wizard might also detect a multiplier for some items. In th ![configuring_elements_using_25](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_25.webp) -Figure 132. Detecting a slider multiplier. +The figure shown. Detecting a slider multiplier. In these cases, the Slider Configuration Wizard will detect this and suggest a way to rectify what you see (0–100) versus what is set inside the application (0–254). If you select "Adjust range and @@ -49,13 +49,16 @@ application is maintained, but you might lose precision in the target applicatio Some applications have sliders that set a bunch of values all at once, or make major changes to the application or operating system behavior. These kinds of sliders are not supported for actions in Endpoint Policy Manager Application Settings Manager. Two examples of these kinds of unsupported -sliders are items like Internet Explorer's security slider, shown in Figure 133 (left side) and User -Account Control Settings, shown in Figure 133 (right side). +sliders are items like Internet Explorer's security slider, shown In the figure shown (left side) and User +Account Control Settings, shown In the figure shown (right side). ![configuring_elements_using_26](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_26.webp) -Figure 133. Examples of unsupported sliders. +The figure shown. Examples of unsupported sliders. Sliders like these can be hidden or disabled, but Endpoint Policy Manager DesignStudio should not be used to try to configure these kinds of sliders that set a multitude of settings based on conditions. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/textnumericboxes.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/textnumericboxes.md index db1f0dd55b..b049e9bad3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/textnumericboxes.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/elements/textnumericboxes.md @@ -9,8 +9,11 @@ sidebar_position: 30 Text boxes and numeric boxes act very similarly. The goal is to make any change at all that can be detected. You are then able to select the default and revert values and also the linked label. You can choose the default of what was originally captured in the text box, or select the value you -changed to. See Figure 134 for an example of a numeric box. +changed to. See the figure here for an example of a numeric box. ![configuring_elements_using_27](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/elements/configuring_elements_using_27.webp) -Figure 134. Numeric box example. +The figure shown. Numeric box example. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/knownvalues.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/knownvalues.md index 667b300cc1..7140288b41 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/knownvalues.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/knownvalues.md @@ -11,16 +11,19 @@ configuration item might have. After the Capture Wizard is complete, the UI migh is still unknown what happens when you actually click a checkbox, click a radio button, or slide a slider. Therefore, DesignStudio has to make some initial assumptions about what a checkbox or any other element does. You can see the basic properties of an element just by clicking on it, as shown -in Figure 112. The figure shows that the data key, data value, on value, and off value settings are +In the figure shown. The figure shows that the data key, data value, on value, and off value settings are not known. ![configuring_elements_using_5](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_5.webp) -Figure 112. The basic properties of an element. +The figure shown. The basic properties of an element. Once you've run the Configuration Wizard for that element, however, all the known values are -automatically put in place, as shown in Figure 113. +automatically put in place, as shown In the figure shown. ![configuring_elements_using_6](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_6.webp) -Figure 113. The Configuration Wizard inputs the known property values. +The figure shown. The Configuration Wizard inputs the known property values. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/overview.md index 0323f0b0d4..3c0d372f24 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/overview.md @@ -11,8 +11,11 @@ element. This section expands on what the Configuration Wizard is capable of and into how it works and what to look out for when creating your own AppSets. The Configuration Wizard is generally available to help you implement the details of what any element is doing. To start the Configuration Wizard, you can right-click over most elements and select "Configuration Wizard" or -click on the wand, as shown in Figure 107. +click on the wand, as shown In the figure shown. ![configuring_elements_using](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using.webp) -Figure 107. Starting the Configuration Wizard. +The figure shown. Starting the Configuration Wizard. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/usage.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/usage.md index 5722687766..8f7dc59e73 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/usage.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/configurationwizard/usage.md @@ -11,11 +11,11 @@ capture tool. When the Configuration Wizard runs, it takes a snapshot of all the root, asks you to make some changes, and then captures what you've done. Then it sets your element's settings. To perform these tasks, the Configuration Wizard may ask you some questions about the current state of the application first. For instance, it may asked if a checkbox is currently -checked or unchecked, as shown in Figure 114. +checked or unchecked, as shown In the figure shown. ![configuring_elements_using_7](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_7.webp) -Figure 114. Selecting whether a checkbox is checked or unchecked. +The figure shown. Selecting whether a checkbox is checked or unchecked. This is to make sure nothing has changed from when the Capture Wizard captured the application's UI settings. If you look at the actual application and the setting is checked, changed, or otherwise @@ -38,11 +38,11 @@ values are only stored in memory and only get changed to the registry or disk wh is fully closed. This means you might have to open and close the application dozens of times. If you click "Next" in the wizard but the wizard was unable to detect any changes, it will tell you -that no changes were detected, as shown in Figure 115. +that no changes were detected, as shown In the figure shown. ![configuring_elements_using_8](/images/endpointpolicymanager/applicationsettings/designstudio/configurationwizard/configuring_elements_using_8.webp) -Figure 115. The message to indicate no changes were detected. +The figure shown. The message to indicate no changes were detected. To resolve this, you can try doing the following: @@ -76,3 +76,6 @@ sign of a successful discovery. The wizard will usually ask you to confirm the f If the wizard discovers one change perfectly, you can easily go through the Configuration Wizard for the element. If the wizard detects multiple changes during configuration, you are prompted for what to do. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/deleteelements.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/deleteelements.md index 52adfdf745..1e602d4263 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/deleteelements.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/deleteelements.md @@ -16,4 +16,7 @@ delete it. ![deleting_stray_elements](/images/endpointpolicymanager/applicationsettings/designstudio/deleting_stray_elements.webp) -Figure 158. Deleting stray elements with the Hierarchy tab. +The figure shown. Deleting stray elements with the Hierarchy tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/_category_.json index 30bef0daa6..f7ce27af0c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/appdata.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/appdata.md index 0dbcedf6c6..5c13a6fa81 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/appdata.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/appdata.md @@ -28,15 +28,15 @@ the application's data file within `%appdata%`, even if you browse using the ful with `C:\`. Endpoint Policy Manager DesignStudio will automatically detect if you are within `%appdata%` or `%localappdata%` and substitute the -`%appdata%` or `%localappdata%` variables for you as needed, as shown in Figure 99 and Figure 100. +`%appdata%` or `%localappdata%` variables for you as needed, as shown In the figure shown and The figure shown. ![discovering_configuration_12](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_12.webp) -Figure 99. DesignStudio detecting the data location. +The figure shown. DesignStudio detecting the data location. ![discovering_configuration_13](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_13.webp) -Figure 100. DesignStudio detecting the data location. +The figure shown. DesignStudio detecting the data location. :::note You will not be able to compile your AppSet to a DLL as standard user unless you change @@ -49,11 +49,11 @@ Application Settings Manager .dlls on machines. Therefore, capture all the data from your application first as a standard user, then test your compiling as a standard user. You can see the preview of your AppSet by selecting "Show test -Endpoint Policy Manager when complete" within the Compilation tab, as shown in Figure 101 +Endpoint Policy Manager when complete" within the Compilation tab, as shown In the figure shown ![discovering_configuration_14](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_14.webp) -Figure 101. Choosing to preview the AppSet. +The figure shown. Choosing to preview the AppSet. Then, when ready, switch to an administrative user to move the compiled Endpoint Policy Manager DLL to @@ -62,3 +62,6 @@ to (or `c:\Program Files(x86)\PolicyPak\Extensions` on 64-bit machines) and use the Group Policy Editor to see your completed AppSet. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/overview.md index 894030a18f..04405a97dd 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/overview.md @@ -7,12 +7,12 @@ sidebar_position: 50 # Discovering Configuration Data Locations Usually, it's quite easy to discover where an application has stored its configuration data. Most -times, applications store their data in` HKEY_Current_User\Software`. In Figure 87, you can see the +times, applications store their data in` HKEY_Current_User\Software`. In the figure shown, you can see the data for many popular applications stored in the registry. ![discovering_configuration_624x429](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_624x429.webp) -Figure 87. Many applications store their data in the registry. +The figure shown. Many applications store their data in the registry. Note that although most applications store their information in `HKEY_Current_User\Software`, if you're trying to do something in Control Panel, those values would be stored in @@ -25,3 +25,6 @@ manually. You can look in the following three common key locations for user conf - `C:\program files\\` for 32-bit and 64-bit machines - `C:\program files(x86)\\` for 64-bit machines - `%localappdata%` + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/programfiles.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/programfiles.md index af7e952de8..04f7af7ff3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/programfiles.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/programfiles.md @@ -7,19 +7,19 @@ sidebar_position: 10 # Configuration Data in Program Files Using Windows Explorer, you can look for INI files (expressed as "Configuration settings" in the -file type in Explorer), XML files, and other file types. In Figure 88, you can see an INI file for +file type in Explorer), XML files, and other file types. In the figure shown, you can see an INI file for an application within Program Files (x86). ![discovering_configuration_1_624x213](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_1_624x213.webp) -Figure 88. Example of INI files. +The figure shown. Example of INI files. However, if you try to select this file using Netwrix Endpoint Policy Manager (formerly PolicyPak) -DesignStudio, you will be provided a warning message, as shown in Figure 89. +DesignStudio, you will be provided a warning message, as shown In the figure shown. ![discovering_configuration_2](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_2.webp) -Figure 89. Warning message when selecting an INI file. +The figure shown. Warning message when selecting an INI file. The warning indicates a problem not with where this application's data was found (right now), but actually where that data is likely to be stored (on the client machine). @@ -48,12 +48,15 @@ Applications running within Windows will do one of two things when run as standa store their files in what is known as the VirtualStore (`%localappdata%\VirtualStore`) When this application is run as a standard user, the configuration data is within -`%appdata%\roaming` as shown in Figure 90(in this case, `%appdata%\roaming\Qualcomm\Eudora`). That's +`%appdata%\roaming` as shown In the figure shown(in this case, `%appdata%\roaming\Qualcomm\Eudora`). That's because this application was smart enough to know to use `%appdata% as its data store when run as a standard user.` ![discovering_configuration_3](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_3.webp) -`Figure 90. Configuration data stored within %appdata%\roaming.` +`The figure shown. Configuration data stored within %appdata%\roaming.` Let's continue onward and examine another case of where user data might be stored. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/sysinternalsprocessmonitor.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/sysinternalsprocessmonitor.md index 3dce38dab2..858e563e18 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/sysinternalsprocessmonitor.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/sysinternalsprocessmonitor.md @@ -26,30 +26,30 @@ to perform its capture. Process monitor can be downloaded from Microsoft at: Let's explore some quick tips for running Process Monitor. First, make sure Process Monitor is capturing events by clicking on File|Capture Events (this should be on by default) and Edit|Auto -Scroll (which is not the default). You can see these configuration options in Figure 102 and -Figure 103. +Scroll (which is not the default). You can see these configuration options In the figure shown and +The figure shown. ![discovering_configuration_15_499x277](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_15_499x277.webp) -Figure 102. Selecting the option to capture events. +The figure shown. Selecting the option to capture events. ![discovering_configuration_16](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_16.webp) -Figure 103. Selecting the option for autoscrolling. +The figure shown. Selecting the option for autoscrolling. Next, you're going to create a filter automatically. To do this, use Process Monitor's Target Sight -icon and drag it directly onto the target application's main window as shown in Figure 104. +icon and drag it directly onto the target application's main window as shown In the figure shown. ![discovering_configuration_17](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_17.webp) -Figure 104. Dragging the Target Sight icon into the main window. +The figure shown. Dragging the Target Sight icon into the main window. -Next, have the first two filter types selected, Registry and File, as shown in Figure 105. Unselect +Next, have the first two filter types selected, Registry and File, as shown In the figure shown. Unselect the remaining three items (Network Activity, Process & Thread, and Profiling Events). ![discovering_configuration_18_624x105](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_18_624x105.webp) -Figure 105. Selecting the "Registry" and "File" types. +The figure shown. Selecting the "Registry" and "File" types. Next, make a change in your application and click "Apply" or "OK." Look for registry or disk activity that occurs when you click "OK." It takes a little practice but you should see some disk @@ -58,12 +58,12 @@ will keep settings in memory and only to write their data (to the registry or di application is closed. This can be a little bit frustrating, so if don't see the changes you expect, you can also try to close the application and see if it wrote any changes to the registry or disk. -In Figure 106 you can see the deployment.properties file was changed after checkbox was unselected +In the figure shown you can see the deployment.properties file was changed after checkbox was unselected and the change was applied. ![discovering_configuration_19](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_19.webp) -Figure 106. Applying changes. +The figure shown. Applying changes. Knowing this, you can use Endpoint Policy Manager DesignStudio to use this location (in this case, a file) as the data root and continue to build an AppSet for the application. @@ -78,8 +78,7 @@ dialog prompt when you re-run Process Monitor. If you discover a file that stores data for your application, but it isn't a currently supported -type (INI, XML, JS, .properties, etc.) then let us know by emailing -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) with details so we can include its support in +type (INI, XML, JS, .properties, etc.) then let us know by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) with details so we can include its support in a future release. For more information on using Process Monitor, be sure to watch this in-depth video (from the 35:30 mark) as well for more tips: @@ -87,3 +86,6 @@ video (from the 35:30 mark) as well for more tips: You can also purchase the book on Sysinternals tools (where Process Monitor is covered) by Mark Russinovich and Aaron Margosis by visiting this link: [http://www.amazon.com/Windows%C2%AE-Sysinternals-Administrators-Reference-Russinovich/dp/073565672X](http://www.amazon.com/Windows®-Sysinternals-Administrators-Reference-Russinovich/dp/073565672X). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/virtualstore.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/virtualstore.md index 2b58bc3bbb..001db3caee 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/virtualstore.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/discover/virtualstore.md @@ -9,14 +9,14 @@ sidebar_position: 20 Sometimes, programs don't know that they are not allowed to store data in the protected Windows locations. When a standard user runs the application and tries to change configuration data, the application's configurations are not written to these protected Windows locations. They are -redirected or virtualized instead. In Figure 91, we can see that when the application tried to write +redirected or virtualized instead. In the figure shown, we can see that when the application tried to write its data to `c:\Program Files`, it was actually redirected to `%LocalAppData%\VirtualStore\Program Files (x86)\Foxit Software\Foxit Reader`. ![discovering_configuration_4](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_4.webp) -Figure 91. Application data that has been redirected. +The figure shown. Application data that has been redirected. This is a safety mechanism that Windows uses to allow applications to think that they've written data to the desired location (`\Program Files`), when in actuality, the application's data was @@ -28,15 +28,15 @@ of this, even though we're finding the file in `%LocalAppData%\VirtualStore\Program Files (x86)\Foxit Software\Foxit Reader` (as shown in Figure 92), the data file could also be found on 32-bit machines in -`%LocalAppData%\VirtualStore\Program Files\Foxit Software\Foxit Reader` (as shown in Figure 93). +`%LocalAppData%\VirtualStore\Program Files\Foxit Software\Foxit Reader` (as shown In the figure shown). ![discovering_configuration_5](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_5.webp) -Figure 92. The location for 64-bit machines is `%LocalAppData%\VirtualStore\Program Files (x86).` +The figure shown. The location for 64-bit machines is `%LocalAppData%\VirtualStore\Program Files (x86).` ![discovering_configuration_6](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_6.webp) -Figure 93. The location for 32-bit machiens is `%LocalAppData%\VirtualStore\Program Files.` +The figure shown. The location for 32-bit machiens is `%LocalAppData%\VirtualStore\Program Files.` If you select a file within the VirtualStore directory, Endpoint Policy Manager DesignStudio recognizes this and provides two features to ensure proper delivery to clients. First, as shown in @@ -45,37 +45,37 @@ on client machines of the same type. ![discovering_configuration_7](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_7.webp) -Figure 94. Endpoint Policy Manager DesignStudio substituting the correct variable. +The figure shown. Endpoint Policy Manager DesignStudio substituting the correct variable. To account for the possibility that you might have both 32-bit and 64-bit machines as targets, Endpoint Policy Manager Application Settings Manager, by default, will always try to write to both locations on the target machine. That way, you're ensured that both 32-bit and 64-bit machines will get your directives. Note that this behavior is controllable within Endpoint Policy Manager -`DesignStudio in Tools|Options `in the VirtualStore tab, as shown in Figure 95. It is recommended +`DesignStudio in Tools|Options `in the VirtualStore tab, as shown In the figure shown. It is recommended that you keep this checkbox checked. ![discovering_configuration_8_624x322](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_8_624x322.webp) -Figure 95. The VirtualStore tab. +The figure shown. The VirtualStore tab. If you want to see both actions, you can click on the element's "Advanced" button, as shown in Figure 96, and see the two actions created. ![discovering_configuration_9_312x592](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_9_312x592.webp) -Figure 96. The element's "Advanced" button. +The figure shown. The element's "Advanced" button. If you were to hover the mouse over each "File" location, you would see that the actions are set against each possible file location automatically (`\Program Files(x86)` and `\Program Files`), one -for the first action and another for the second action, as shown in Figure 97 and Figure 98. +for the first action and another for the second action, as shown In the figure shown and The figure shown. ![discovering_configuration_10](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_10.webp) -Figure 97. The file location for the first action. +The figure shown. The file location for the first action. ![discovering_configuration_11_624x79](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/discover/discovering_configuration_11_624x79.webp) -Figure 98. The file location for the second action. +The figure shown. The file location for the second action. Therefore, there's really no downside in leaving the "Always create additional action when target files utilize Windows 7 "VirtualStore" directories (recommended)" turned on. It will mean that your @@ -91,3 +91,6 @@ resources: - [http://www.thewindowsclub.com/file-registry-virtualization-in-windows-7](http://www.thewindowsclub.com/file-registry-virtualization-in-windows-7). - Group Policy: Fundamentals, Security and the Managed Desktop by Jeremy Moskowitz Page 561–562. Available at [www.GPanswers.com/book](http://www.GPanswers.com/book). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/grayswizard.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/grayswizard.md index ecbf98354b..d1e572c8a8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/grayswizard.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/grayswizard.md @@ -9,25 +9,25 @@ sidebar_position: 140 Many applications have configuration options, which will gray out or reveal items depending on whether the checkboxes are checked or unchecked. For instance, in this application, when the checkbox "Use fixed resolution for snapshots" is checked, the spinbox "Resolution:" is available for -editing, as shown in Figure 185. +editing, as shown In the figure shown. ![using_the_grays_wizard](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard.webp) -Figure 185. When the checkbox "Use fixed resolution for snapshots" is checked, the spinbox +The figure shown. When the checkbox "Use fixed resolution for snapshots" is checked, the spinbox "Resolution:" is available for editing. -In Figure 186, when the checkbox is unchecked, the "Resolution:" element is uneditable. +In the figure shown, when the checkbox is unchecked, the "Resolution:" element is uneditable. ![using_the_grays_wizard_1_624x213](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_1_624x213.webp) -Figure 186. When the checkbox is unchecked, the "Resolution:" element is uneditable. +The figure shown. When the checkbox is unchecked, the "Resolution:" element is uneditable. You are able to perform the same function within your AppSet. To do this, right-click over the -checkbox and select "Grays Wizard," as shown in Figure 187. +checkbox and select "Grays Wizard," as shown In the figure shown. ![using_the_grays_wizard_2_499x293](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_2_499x293.webp) -Figure 187. Opening the Grays Wizard. +The figure shown. Opening the Grays Wizard. :::note The Grays Wizard is only available for checkboxes and radio buttons. Additionally, the @@ -38,92 +38,95 @@ Wizard is run. When you run the Grays Wizard, you do not need to use the "OK" or "Apply" buttons in your application. You are only learning what happens inside your application when you click a checkbox or -radio button and what is grayed out when those items are selected. In Figure 188, we can see that +radio button and what is grayed out when those items are selected. In the figure shown, we can see that when the checkbox is checked, the "Resolution:" spinbox can be edited. Therefore, on the first screen of the Grays Wizard, you would do nothing because when the checkmark is checked, "Resolution:" is editable. ![using_the_grays_wizard_3](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_3.webp) -Figure 188. Using the Grays Wizard. +The figure shown. Using the Grays Wizard. However, on the next page of the Grays Wizard, you are asked what happens when the checkbox is unchecked. We learned that the "Resolution:" item is grayed out. So, in this screen, click the -"Resolution:" item to make it grayed out, as shown in Figure 189. +"Resolution:" item to make it grayed out, as shown In the figure shown. ![using_the_grays_wizard_4](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_4.webp) -Figure 189. Graying out the element. +The figure shown. Graying out the element. -As shown in Figure 190, select the item or items that should be grayed out when the checkbox is +As shown In the figure shown, select the item or items that should be grayed out when the checkbox is unchecked. You'll see the Grays Wizard gray it out for demonstration purposes. ![using_the_grays_wizard_5](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_5.webp) -Figure 190. Selecting the item to gray out. +The figure shown. Selecting the item to gray out. Let's go through another, somewhat more complex example. In this application, a checkbox and radio button set control a series of items that will be grayed out when checked and unselected. For -instance, in Figure 191, we can see all the items are available when the "Replace Document Colors" +instance, In the figure shown, we can see all the items are available when the "Replace Document Colors" checkbox is checked and the "Custom Color:" radio button is checked. ![using_the_grays_wizard_6](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_6.webp) -Figure 191. All the items are available when the "Replace Document Colors" checkbox is checked and +The figure shown. All the items are available when the "Replace Document Colors" checkbox is checked and the "Custom Color:" radio button is checked. However, if we select the "Use Windows Colors Scheme" radio button, we can see that the "Custom -Colors" radio button is grayed out (see Figure 192). If we uncheck the "Replace Document Colors" +Colors" radio button is grayed out (See the figure here). If we uncheck the "Replace Document Colors" checkbox, then all areas ("Use Windows Colors Scheme," "Custom Color," and "Change only the color of -black / white content") are all grayed out, as shown in Figure 193. +black / white content") are all grayed out, as shown In the figure shown. ![using_the_grays_wizard_7](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_7.webp) -Figure 192. Selecting the "Use Windows Colors Scheme" radio button makes the "Custom Colors" radio +The figure shown. Selecting the "Use Windows Colors Scheme" radio button makes the "Custom Colors" radio button grayed out. ![using_the_grays_wizard_8](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_8.webp) -Figure 193. All areas are grayed out when the "Replace Document Colors" checkbox is unchecked. +The figure shown. All areas are grayed out when the "Replace Document Colors" checkbox is unchecked. To set up the correct behavior inside this application, you must first at least configure the "Replace Document Colors" checkbox with the Configuration Wizard. Then, select the whole "Document -Colors Options" frame. Right-click and select "Grays Wizard," as shown in Figure 194. +Colors Options" frame. Right-click and select "Grays Wizard," as shown In the figure shown. ![using_the_grays_wizard_9](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_9.webp) -Figure 194. Selecting the Grays Wizard. +The figure shown. Selecting the Grays Wizard. By selecting the whole frame, the Grays Wizard will ask you about each element in the frame. The first page requires you to express what happens when the "Replace Document Colors" is selected -(checked). In Figure 195, there are no changes, and everything is available. +(checked). In the figure shown, there are no changes, and everything is available. ![using_the_grays_wizard_10](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_10.webp) -Figure 195. The first page of the wizard does not require any changes. +The figure shown. The first page of the wizard does not require any changes. On the next page, you are asked what happens when the "Replace Document Colors" is unchecked. In that case, all items are grayed out. Select all items as grayed out if the Grays Wizard does not do -this already for you (see Figure 196). +this already for you (See the figure here). ![using_the_grays_wizard_11](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_11.webp) -Figure 196. Selecting all items to be grayed out. +The figure shown. Selecting all items to be grayed out. The next screen asks what happens when the "Use Windows Color Scheme" is selected. In this case, the "Custom Color" block is grayed out, but the "Change only the color of black / white content" is -available. Click on the elements in the Grays Wizard, and click "Next," as shown in Figure 197. +available. Click on the elements in the Grays Wizard, and click "Next," as shown In the figure shown. ![using_the_grays_wizard_12](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_12.webp) -Figure 197. Choosing which elements are grayed out and which are editable. +The figure shown. Choosing which elements are grayed out and which are editable. Next you will be asked about "Custom Color." Be sure to clear out any gray items that will operate -when "Custom color" is selected, as shown in Figure 198. +when "Custom color" is selected, as shown In the figure shown. ![using_the_grays_wizard_13](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_grays_wizard_13.webp) -Figure 198. Choosing which elements are grayed out and which are editable. +The figure shown. Choosing which elements are grayed out and which are editable. Finally, you are asked about the last element "Change only the color of black / white content." There is no change when this is checked or unchecked. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/_category_.json index af14854f42..8c88b46488 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/overview.md index a8b3b292d9..c08799b2b8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/overview.md @@ -10,3 +10,6 @@ In this section, you'll learn about: - Netwrix Endpoint Policy Manager (formerly PolicyPak) DesignStudio vocabulary - Tabs inside Endpoint Policy Manager DesignStudio + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/_category_.json index 31292b8406..7889de383e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/compilation.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/compilation.md index e39252bd13..1f4d584fb1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/compilation.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/compilation.md @@ -6,19 +6,19 @@ sidebar_position: 40 # Compilation -The Compilation tab enables you to set your project's DLL name, as shown in Figure 55. It also +The Compilation tab enables you to set your project's DLL name, as shown In the figure shown. It also enables you to save your current work and compile your AppSet to be used in Group Policy, as shown -in Figure 56. +In the figure shown. ![getting_around_7](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_7.webp) -Figure 55. Setting the DLL name. +The figure shown. Setting the DLL name. ![getting_around_8_624x155](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_8_624x155.webp) -Figure 56. Compiling the AppSet. +The figure shown. Compiling the AppSet. -In Figure 55, you can see that you can do the following: +In the figure shown, you can see that you can do the following: - Compile to standard location (default): This will compile to what is set in `Tools | Options`. Usually, this is the Endpoint Policy Manager local store or @@ -33,3 +33,6 @@ In Figure 55, you can see that you can do the following: You can also see a test preview of your AppSet after compiling. This can be useful if you want to tweak, test, and re-tweak your application without having to launch the Group Policy editor. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/errorlist.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/errorlist.md index 94ae66b016..1cfd32bb53 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/errorlist.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/errorlist.md @@ -6,22 +6,23 @@ sidebar_position: 50 # Error List -The Error List tab is only active after a compile error occurs (see Figure 57). Compile errors are -generally rare, and we request that you send any pXMLs which do not properly compile to -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) for analysis. +The Error List tab is only active after a compile error occurs (See the figure here). Compile errors are +generally rare, and we request that you send any pXMLs which do not properly compile by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) for analysis. ![getting_around_9_624x460](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_9_624x460.webp) -Figure 57. A Endpoint Policy Manager DesignStudio compile error. +The figure shown. A Endpoint Policy Manager DesignStudio compile error. -When errors do occur, the error list pops up and suggests some fixes, as shown in Figure 58. +When errors do occur, the error list pops up and suggests some fixes, as shown In the figure shown. Double-click the proposed fix (or right-click and select "Apply Default Fix") for any errors found, -as shown in Figure 58. +as shown In the figure shown. ![getting_around_10_624x671](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_10_624x671.webp) -Figure 58. Applying the default fix to errors. +The figure shown. Applying the default fix to errors. If the errors are not corrected, send Endpoint Policy Manager technical support your pXML file for -analysis and a fix. We want to help! The email address is -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com). +analysis and a fix. We want to help! Please [open a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/hierarchy.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/hierarchy.md index 67dcd668c5..bc536cc5f6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/hierarchy.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/hierarchy.md @@ -8,11 +8,14 @@ sidebar_position: 10 The Hierarchy tab is similar to the Tabs tab, except it shows every element in a granular fashion. When you click on an element in the Hierarchy tab, the corresponding element in the main page will -highlighted as well (see Figure 52). +highlighted as well (See the figure here). ![getting_around_3](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_3.webp) -Figure 52. The Hierarchy tab provides a granular view of each element. +The figure shown. The Hierarchy tab provides a granular view of each element. You can learn more about the Hierarchy tab in the section entitled "‎Advanced AppSet Design and Manual Editing." + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/overview.md index 41cf87fbff..fc44a8660e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/overview.md @@ -7,11 +7,11 @@ sidebar_position: 20 # Tabs Endpoint Policy Manager DesignStudio has six main tabs that help you perform tasks in your project. -You can see the tabs highlighted in Figure 50. +You can see the tabs highlighted In the figure shown. ![getting_around_1](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_1.webp) -Figure 50. The DesignStudio tabs. +The figure shown. The DesignStudio tabs. Those tabs are: @@ -30,8 +30,11 @@ The Tabs tab enables you to see the overall hierarchy of your project. You will listed in your project and any subdialogs you have within each tab. This is the quickest way to see the overall structure of your project and how all the major objects (tabs and subdialogs) relate to each other. When you click on a tab inside the Tabs area, the corresponding tab is automatically -displayed in the main pane for quick navigation (see Figure 51). +displayed in the main pane for quick navigation (See the figure here). ![getting_around_2](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_2.webp) -Figure 51. Using the Tabs tab for quick navigation. +The figure shown. Using the Tabs tab for quick navigation. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/properties.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/properties.md index f003b14591..1e212577a3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/properties.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/properties.md @@ -7,8 +7,11 @@ sidebar_position: 20 # Properties The Properties tab shows how the element is set. It is automatically displayed when you use the main -pane and select an element (see Figure 53). +pane and select an element (See the figure here). ![getting_around_4](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_4.webp) -Figure 53. Viewing the properties of an element in the Properties tab. +The figure shown. Viewing the properties of an element in the Properties tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/propertiesproject.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/propertiesproject.md index d5ca5bbd1b..a76475ce96 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/propertiesproject.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/tab/propertiesproject.md @@ -6,7 +6,7 @@ sidebar_position: 30 # Project Properties -The Project Properties tab shows overall project properties such as the following (see Figure 54): +The Project Properties tab shows overall project properties such as the following (See the figure here): - Project name - Target data type (Registry, INI, XML, etc.) @@ -15,7 +15,7 @@ The Project Properties tab shows overall project properties such as the followin ![getting_around_5](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_5.webp) -Figure 53. The Project Properties tab. +The figure shown. The Project Properties tab. Video: To understand predefined Item-Level Targeting (ILT) conditions, please see this video: [Predefined ILTs (Internal Filters)](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/itemleveltargeting.md). @@ -25,8 +25,11 @@ portable Windows 10 machine with IE version 11 present. ![getting_around_6](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/tab/getting_around_6.webp) -Figure 54. You can use Item-Level Targeting to narrow your target scope. +The figure shown. You can use Item-Level Targeting to narrow your target scope. Tip: Endpoint Policy Manager has some AppSets that have pre-defined filters and others that do not. For instance, all of the Internet Explorer AppSets and Java AppSets that Endpoint Policy Manager ships have pre-defined filters. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/vocabulary.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/vocabulary.md index 94b7293ede..07b4d3a747 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/vocabulary.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/navigation/vocabulary.md @@ -15,11 +15,14 @@ they can be contained within frames. Your goal with Endpoint Policy Manager DesignStudio is to bring in as much of the applications' user interface (UI) that you want to configure as possible. Then, you can use the DesignStudio to tweak -the design and configure each setting (see Figure 49. +the design and configure each setting (See the figure here. ![getting_around](/images/endpointpolicymanager/applicationsettings/designstudio/navigation/getting_around.webp) -Figure 49. Some of the main Endpoint Policy Manager DesignStudio components. +The figure shown. Some of the main Endpoint Policy Manager DesignStudio components. Now that we've discussed vocabulary, we'll examine each item in DesignStudio to understand how it's used to create AppSets. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/overview.md index 4acd499f06..8cb1f5c1dd 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/overview.md @@ -8,9 +8,7 @@ sidebar_position: 110 This document will help you to understand Netwrix Endpoint Policy Manager (formerly PolicyPak) DesignStudio. However, you should only use this document after you have read and worked through the -DesignStudio example in Book 3: - -Application Settings Manager. We assume in this manual that you have already read that document and +DesignStudio example in the Application Settings Manager documentation. We assume in this manual that you have already read that document and can create simple AppSets. This document is a reference guide for the rest of the DesignStudio utility and addresses some @@ -21,3 +19,6 @@ applicable to many scenarios while building AppSets. Video: You may also wish to watch our DesignStudio videos, which cover some higher level details of Endpoint Policy Manager: Application Manager > [DesignStudio How-To](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/_category_.json index 9035a027a3..b040be8c08 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/createappset.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/createappset.md index 92c4d80c7e..46251a2d8b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/createappset.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/createappset.md @@ -44,31 +44,31 @@ Endpoint Policy Manager DesignStudio. ![policypak_application_settings_5](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_5.webp) -Figure 6. The PuTTY interface. +The figure shown. The PuTTY interface. **Step 5 –** Click on the various setting categories to get a feel for the settings contained within PuTTY. Leave the PuTTY application open as you proceed to run the Endpoint Policy Manager DesignStudio tool. Run` PolicyPak DesignStudio` by clicking `Start|PolicyPak|PolicyPak Design Studio`. When you do, the Endpoint Policy Manager Design Studio -Wizard will run, as shown in Figure 7. Choose to start a new project using the Capture Wizard. Then +Wizard will run, as shown In the figure shown. Choose to start a new project using the Capture Wizard. Then click "Next." ![policypak_application_settings_6](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_6.webp) -Figure 7. The Endpoint Policy Manager Design Studio Wizard. +The figure shown. The Endpoint Policy Manager Design Studio Wizard. **Step 6 –** You will now see a list of all the processes that are running and might have a UI for -the Endpoint Policy Manager Capture Wizard to capture, as shown in Figure 8. In the top pane +the Endpoint Policy Manager Capture Wizard to capture, as shown In the figure shown. In the top pane (Processes), select "PuTTY Configuration [```putty.exe```]." You will then see "PuTTY Configuration" in the bottom pane (Windows). ![policypak_application_settings_7](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_7.webp) -Figure 8. Selecting "PuTTY Configuration" from the list of running processes. +The figure shown. Selecting "PuTTY Configuration" from the list of running processes. **Step 7 –** Once PuTTY is selected, click "Next." You'll then be prompted to name your project and define what type of project it is. Keep the project type to the default value of "Registry," as -shown in Figure 9. Endpoint Policy Manager Application Settings Manager can deliver settings to +shown In the figure shown. Endpoint Policy Manager Application Settings Manager can deliver settings to applications that store data inside the registry or in `.ini` files, `.js` files (Firefox-style files), Mozilla-specific config files (also `.js` files), `.xml` files, .preferences files (Java config file types), `.xcu` files (`OpenOffice/LibreOffice config files`), and `.rdp` files (remote @@ -77,7 +77,7 @@ stored. ![policypak_application_settings_8](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_8.webp) -Figure 9. Selecting "Registry" as the project type. +The figure shown. Selecting "Registry" as the project type. :::note Your version of DesignStudio might support more file types than this one since @@ -85,14 +85,14 @@ DesignStudio is always being updated. ::: -**Step 8 –** Next, you'll specify the data root for your project, as shown in Figure 10. The data +**Step 8 –** Next, you'll specify the data root for your project, as shown In the figure shown. The data root is the topmost location where your application, in this case PuTTY, stores the majority of its settings. Select "Simon Tatham," which is located in `HKEY_Current_USER\Software`. Then click "Finish." ![policypak_application_settings_9](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_9.webp) -Figure 10. Selecting "Simon Tatham" as the data root. +The figure shown. Selecting "Simon Tatham" as the data root. :::note Finding the data root for your project can take some amount of trial and error. Most @@ -103,7 +103,7 @@ store their data. **Step 9 –** At this point, the Endpoint Policy Manager Capture Wizard will bring the first tab of -settings into DesignStudio, as shown in Figure 11. While there are no tabs within the PuTTY +settings into DesignStudio, as shown In the figure shown. While there are no tabs within the PuTTY interface, the term tab refers to the current category of visible settings. Each time you capture a new category of settings, a new tab will be created. Note that Endpoint Policy Manager DesignStudio will usually bring in all the existing defaults for your application. For instance, Endpoint Policy @@ -113,41 +113,41 @@ everything now, we'll focus on what's most important during your project creatio ![policypak_application_settings_10](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_10.webp) -Figure 11. The first tab of captured settings. +The figure shown. The first tab of captured settings. **Step 10 –** In the next step, you'll add a new tab by clicking on the "Add a new tab" icon at the -upper left corner of the Tabs tab, as indicated by the arrow in Figure 12. When you do, you'll be +upper left corner of the Tabs tab, as indicated by the arrow In the figure shown. When you do, you'll be prompted for another tab in PuTTY. Select the next setting category, which in this case is Logging. Once the tab is selected in the application, return to the Endpoint Policy Manager DesignStudio tool. When you do, the tab will be captured automatically. Click "OK" to capture the active tab. ![policypak_application_settings_11](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_11.webp) -Figure 12. Capturing another tab of settings. +The figure shown. Capturing another tab of settings. **Step 11 –** Sometimes, as in the case of PuTTY, you will be asked to if you want to supply a new -name for the captured tab, as shown in Figure 13. Click "Yes," and give the tab the same name as its +name for the captured tab, as shown In the figure shown. Click "Yes," and give the tab the same name as its category. ![policypak_application_settings_12](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_12.webp) -Figure 13. Applying a new name for the captured tab. +The figure shown. Applying a new name for the captured tab. **Step 12 –** The new tab will be brought into the Endpoint Policy Manager Capture Wizard, as shown -in Figure 14. Note the tab hierarchy listed on the right side of the screen. +In the figure shown. Note the tab hierarchy listed on the right side of the screen. ![policypak_application_settings_13](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_13.webp) -Figure 14. The new Logging tab. +The figure shown. The new Logging tab. -**Step 13 –** For this Quickstart, we will also capture the Keyboard tab as shown in Figure 15. +**Step 13 –** For this Quickstart, we will also capture the Keyboard tab as shown In the figure shown. Follow the same procedure you did for the Logging tab. Also, note the arrow in the figure that is pointing to text that has been cut off. This is because the capture process doesn't always process cleanly. One option to fix this is to delete the tab and recapture it. ![policypak_application_settings_14](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_14.webp) -Figure 15. The Keyboard tab. +The figure shown. The Keyboard tab. **Step 14 –** If you click around the tab, you will notice that it is split into segmented blocks. Figure 16 shows a block of settings that are grouped together. As you can see, the block is covering @@ -155,7 +155,7 @@ up the text behind it. ![policypak_application_settings_15](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_15.webp) -Figure 16. Settings grouped together that are blocking the text behind them. +The figure shown. Settings grouped together that are blocking the text behind them. In this example, we have solved this problem by highlighting the block segment that contains the obstructed text and deleting it. Figure 17 shows the final result. You can add text and other types @@ -164,14 +164,14 @@ menu. ![policypak_application_settings_16](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_16.webp) -Figure 17. Using the DesignStudio menu. +The figure shown. Using the DesignStudio menu. **Step 15 –** You can capture tabs in any order and reorder them using the up and down arrows in -DesignStudio, as shown in Figure 18. +DesignStudio, as shown In the figure shown. ![policypak_application_settings_17](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_17.webp) -Figure 18. Reordering the tabs. +The figure shown. Reordering the tabs. :::note The Endpoint Policy Manager Capture Wizard isn't perfect. There are some UI elements that @@ -186,11 +186,11 @@ When complete, your capture should have tabs such as PuTTY Configuration, Loggin of each checkbox, dropdown, radio button, slider, or other element in your project. To get started, we'll work with the initial PuTTY Configuration tab settings. Let's begin with the most common PuTTY setting which is the "Host Name (or IP address)" field. Right-click and select "Configuration -Wizard…," as shown in Figure 19. +Wizard…," as shown In the figure shown. ![policypak_application_settings_18](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_18.webp) -Figure 19. Opening the Configuration Wizard. +The figure shown. Opening the Configuration Wizard. **Step 17 –** Each element may be independently configured. To help you understand how an element acts when it is configured, the system has created a wizard that helps guide you through the @@ -201,7 +201,7 @@ automatically chosen registry as the place you want your registry items stored. ![policypak_application_settings_19](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_19.webp) -Figure 20. Items will be stored in the Windows registry. +The figure shown. Items will be stored in the Windows registry. **Step 18 –** You can see that the wizard already knows the location that you previously selected for the storage of PuTTY's registry items (Simon Tatham). Often times, settings may congregate @@ -211,72 +211,72 @@ element. In this case, we have selected the PuTTY subkey. ![policypak_application_settings_20](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_20.webp) -Figure 21. Choosing the PuTTY subkey. +The figure shown. Choosing the PuTTY subkey. :::note If you made a mistake earlier and selected the wrong data root, you can change it in the Registry Key Selection window. Once there, select "Set this location as Default Data Root," as shown -in Figure 20. +In the figure shown. ::: **Step 19 –** Note that the current state of the Host Name (IP address) in PuTTY is blank. In Endpoint Policy Manager DesignStudio, ensure that the field is blank to begin with. This will help the DesignStudio know what the current state is before moving to the next step. The wizard will -prompt you to change the value at this point, as displayed in Figure 22. +prompt you to change the value at this point, as displayed In the figure shown. ![policypak_application_settings_21](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_21.webp) -Figure 22. Changing the Host Name setting. +The figure shown. Changing the Host Name setting. **Step 20 –** In order for the settings to be stored within the registry, you must first save your changes. Type in 192.168.50.101 as the IP address. Then, click the "Save" button and create a name -for the saved session. In Figure 23, we chose "Design Studio Capture" as the name. Now click "Save" +for the saved session. In the figure shown, we chose "Design Studio Capture" as the name. Now click "Save" again. ![policypak_application_settings_22](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_22.webp) -Figure 23. Saving your session changes to preserve them within the registry. +The figure shown. Saving your session changes to preserve them within the registry. -**Step 21 –** In Figure 24, you can see what DesignStudio has learned about the new value. Note that +**Step 21 –** In the figure shown, you can see what DesignStudio has learned about the new value. Note that in the capture, the port setting was also captured as it underwent a change as well. In this case, we want to work with the HostName setting. Click the radio button next to HostName to select it, and click "Next." ![policypak_application_settings_23](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_23.webp) -Figure 24. Selecting the HostName setting. +The figure shown. Selecting the HostName setting. **Step 22 –** You must then choose a default value for the HostName setting. We want the default -value to be blank so delete the embedded value and click "Next," as shown in Figure 25. The next +value to be blank so delete the embedded value and click "Next," as shown In the figure shown. The next screen will prompt you for a revert value and you will do the same thing on that screen as well. ![policypak_application_settings_24](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_24.webp) -Figure 25. Deleting the text in the HostName field. +The figure shown. Deleting the text in the HostName field. **Step 23 –** The last step is to choose the linked label for any GPMC reports you may run for the -PuTTY application, as shown in Figure 26. Then, click "Next." +PuTTY application, as shown In the figure shown. Then, click "Next." ![policypak_application_settings_25](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_25.webp) -Figure 26. Choosing the linked label. +The figure shown. Choosing the linked label. **Step 24 –** You have now completed your first setting capture using Endpoint Policy Manager DesignStudio. Figure 27 shows the congratulatory screen that you should see when you are finished. ![policypak_application_settings_26](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_26.webp) -Figure 27. The completion of the Configuration Wizard process. +The figure shown. The completion of the Configuration Wizard process. **Step 25 –** Now we'll move on to some other elements. We will illustrate the process for capturing a check element. For this example, we will capture the "Omit known password fields" setting. Note that this setting is checked by default. Right-click on the element, and select "Configuration -Wizard," as shown in Figure 28. +Wizard," as shown In the figure shown. ![policypak_application_settings_27](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_27.webp) -Figure 28. Capturing the "Omit known password fields" setting. +The figure shown. Capturing the "Omit known password fields" setting. **Step 26 –** We won't recap all of the steps in the wizard. However, Figure 29 shows the current checkbox state for the setting in the "Indicating the Current Checkbox State" step of the wizard. @@ -284,7 +284,7 @@ After selecting this, click "Next." ![policypak_application_settings_28](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_28.webp) -Figure 29. Verifying the checkbox state. +The figure shown. Verifying the checkbox state. **Step 27 –** Now the wizard will prompt you to return to PuTTY and uncheck the setting (see Figure 30). Remember that you have to save your session as you did previously in order to save the change @@ -292,19 +292,19 @@ you made. ![policypak_application_settings_29](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_29.webp) -Figure 30. Returning to PuTTY to uncheck the setting. +The figure shown. Returning to PuTTY to uncheck the setting. **Step 28 –** The process is now complete as DesignStudio has discovered the associated registry values for the checked and unchecked states. When the checkbox is checked the SSHLogOmitPasswords registry value is set to 1. When the checkbox is unchecked, the SSHLogOmitPasswords registry value -is set to 0, as shown in Figure 31. +is set to 0, as shown In the figure shown. ![policypak_application_settings_30](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_30.webp) -Figure 31. The SSHLogOmitPasswords registry values have been discovered. +The figure shown. The SSHLogOmitPasswords registry values have been discovered. :::note -If you don't see the result shown in Figure 30, but instead get an error, it's possible +If you don't see the result shown In the figure shown, but instead get an error, it's possible that you didn't select the right default data root, or you didn't click "OK" in WinZip. Either way, DesignStudio needs to be able to see where the changes occurred. Try changing the default data root, as specified earlier, or try clicking "OK" in WinZip again if you didn't earlier. @@ -317,39 +317,39 @@ the revert state before finishing. ![policypak_application_settings_31](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_31.webp) -Figure 32. Check or uncheck the value as desired for the default state. +The figure shown. Check or uncheck the value as desired for the default state. **Step 30 –** Next, we'll work with a radio button. We will capture the registry settings for a -radio button set called "Initial state of numeric keypad," as shown in Figure 33. +radio button set called "Initial state of numeric keypad," as shown In the figure shown. ![policypak_application_settings_32](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_32.webp) -Figure 33. Using the Configuration Wizard to capture radio button settings. +The figure shown. Using the Configuration Wizard to capture radio button settings. **Step 31 –** In the wizard, you will asked to confirm which radio button is currently selected, which is this case is "Normal." Click "Next" and you will be asked to select the application radio button within the PuTTY application. After selecting it, save the session, return to the Configuration Wizard, and click "Next." Here you will be asked to choose which captured data change -applies to the radio button. Choose the "ApplicationKeypad" registry setting, as shown in Figure 34. +applies to the radio button. Choose the "ApplicationKeypad" registry setting, as shown In the figure shown. ![policypak_application_settings_33](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_33.webp) -Figure 34. Choosing the ApplicationKeypad registry setting. +The figure shown. Choosing the ApplicationKeypad registry setting. **Step 32 –** Click "Next." You will now be asked to select the NetHack radio button, as shown in -Figure 35. Go to PuTTY, make the change, and save the session one more time. Then click "Next." +The figure shown. Go to PuTTY, make the change, and save the session one more time. Then click "Next." ![policypak_application_settings_34](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_34.webp) -Figure 35. Capturing the radio button called NetHack. +The figure shown. Capturing the radio button called NetHack. **Step 33 –** The process is complete now that the registry values have been captured, as shown in -Figure 36. You will then be asked to select the default and revert values. Once you've done that, +The figure shown. You will then be asked to select the default and revert values. Once you've done that, you are finished. ![policypak_application_settings_35](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_35.webp) -Figure 36. The completion of the process. +The figure shown. The completion of the process. :::note A red shading on a value indicates that the Endpoint Policy Manager DesignStudio @@ -361,77 +361,77 @@ state to help the capture process. **Step 34 –** There are no spinbox elements within the PuTTY interface so let's use WinZip to illustrate how the capturing process works for spinboxes since you may come across these from time to time. In this example, we will work with the "Minimum password length" under the Passwords tab, -as shown in Figure 37. To work with this element, right-click it, and then select "Configuration +as shown In the figure shown. To work with this element, right-click it, and then select "Configuration Wizard." ![policypak_application_settings_36](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_36.webp) -Figure 37. Using the Configuration Wizard with the "Minimum password length" setting. +The figure shown. Using the Configuration Wizard with the "Minimum password length" setting. -**Step 35 –** The wizard indicates that you are configuring a spinbox, as shown in Figure 38. Keep +**Step 35 –** The wizard indicates that you are configuring a spinbox, as shown In the figure shown. Keep the selection for the "Registry" option that the wizard chooses automatically, and click "Next" to continue. ![policypak_application_settings_37](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_37.webp) -Figure 38. Choosing the registry as the location to track changes. +The figure shown. Choosing the registry as the location to track changes. **Step 36 –** Next, you'll confirm the default data root, which should be configured to the "Niko -Mak Computing" entry, as shown in Figure 39. Click "Next" to continue. +Mak Computing" entry, as shown In the figure shown. Click "Next" to continue. ![policypak_application_settings_38](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_38.webp) -Figure 39. Confirming the data root. +The figure shown. Confirming the data root. **Step 37 –** You'll be prompted to set the minimum value for this spinbox. Change WinZip's "Minimum -password length" to 1, as shown in Figure 40, and click "OK" inside WinZip. Close WinZip's +password length" to 1, as shown In the figure shown, and click "OK" inside WinZip. Close WinZip's Configuration page, and then click "Next" to continue in the wizard. ![policypak_application_settings_39](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_39.webp) -Figure 40. Setting the "Minimum password length" option to 1. +The figure shown. Setting the "Minimum password length" option to 1. **Step 38 –** Next, open WinZip's Configuration page (Tools | Options), and follow the wizard's -prompts. That is, change "Minimum password length" to 2, as illustrated in Figure 41, and then click +prompts. That is, change "Minimum password length" to 2, as illustrated In the figure shown, and then click "OK" inside WinZip. After doing this, close WinZip's Configuration page, and then click "Next" in the wizard. ![policypak_application_settings_40](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_40.webp) -Figure 41. Setting the "Minimum password length" option to 2. +The figure shown. Setting the "Minimum password length" option to 2. **Step 39 –** Next, the wizard asks for the maximum value of the minimum password length. This might be 99 for most apps, but it could also be any other number. The maximum value for this spinbox is -99, so enter this value into WinZip, as shown in Figure 42. Then, click "OK" in WinZip. Close the +99, so enter this value into WinZip, as shown In the figure shown. Then, click "OK" in WinZip. Close the WinZip Configuration page, and click "Next" in the wizard. ![policypak_application_settings_41](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_41.webp) -Figure 42. Setting the "Minimum password length" option to the maximum value. +The figure shown. Setting the "Minimum password length" option to the maximum value. -**Step 40 –** The wizard will then show you what it learned, as shown in Figure 43. Make sure the +**Step 40 –** The wizard will then show you what it learned, as shown In the figure shown. Make sure the discovered values match the values you entered. If they don't, you can manually edit the cells to match. Once that's complete, click "Next" to continue. ![policypak_application_settings_42](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_42.webp) -Figure 43. Confirming the discovered values. +The figure shown. Confirming the discovered values. **Step 41 –** You are then asked to choose the default value. We already discovered it was 8 when we -captured the values originally, so set the value to 8, as shown in Figure 44. Then, click "Next" to +captured the values originally, so set the value to 8, as shown In the figure shown. Then, click "Next" to continue. ![policypak_application_settings_43](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_43.webp) -Figure 44. Choosing the default value. +The figure shown. Choosing the default value. -**Step 42 –** You are then asked to set the revert value, as shown in Figure 45. This is what will +**Step 42 –** You are then asked to set the revert value, as shown In the figure shown. This is what will be set when the policy no longer applies. You will usually want to keep the revert value the same as the default value, but you are welcome to change it. ![policypak_application_settings_44](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_44.webp) -Figure 45. Setting the revert value. +The figure shown. Setting the revert value. **Step 43 –** Next, you will need to set the linked label selection. This selection will help us when we do Group Policy reporting. To set this selection, choose the words on the page that most @@ -440,7 +440,7 @@ is set, click "Next" to continue. ![policypak_application_settings_45](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_45.webp) -Figure 46. Selecting the words on the page that most closely represent what is being configured. +The figure shown. Selecting the words on the page that most closely represent what is being configured. **Step 44 –** You are then presented with the Congratulations page, which states that you are finished (not shown). You are welcome to configure more settings using PuTTY, but the above steps @@ -448,20 +448,23 @@ should have given you an idea of how to use the DesignStudio Configuration Wizar continue onward with utilizing your AppSet. **Step 45 –** Now, you're ready to make your AppSet by compiling it. Click the Compilation tab on -the left pane of DesignStudio. Click "Save pXML and Compile," as shown in Figure 47. You are forced -to save your work before continuing. At this point, the AppSet is compiled (see Figure 48). Remember +the left pane of DesignStudio. Click "Save pXML and Compile," as shown In the figure shown. You are forced +to save your work before continuing. At this point, the AppSet is compiled (See the figure here). Remember that compiling only works when you have the Microsoft C++ Express Edition (2008 and later) compiler loaded on your Endpoint Policy Manager creation station. ![policypak_application_settings_46](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_46.webp) -Figure 47. The wizard prompts the user to save their work. +The figure shown. The wizard prompts the user to save their work. Tip: Use the "Show test Endpoint Policy Manager when complete" checkbox to see a preview of your AppSet. ![policypak_application_settings_47](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_47.webp) -Figure 48. The successful compilation of the project. +The figure shown. The successful compilation of the project. **Step 46 –** Click "OK" to exit, and then close Endpoint Policy Manager DesignStudio. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/creationstation.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/creationstation.md index aba13f294b..574244edfc 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/creationstation.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/creationstation.md @@ -19,11 +19,11 @@ creation station utilities on it before installing your package and producing an **Step 1 –** The `.NET` Framework can be introduced through `Add/Remove programs`, as shown in -Figure 1. +The figure shown. ![policypak_application_settings](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings.webp) -Figure 1. Installing the`.NET`Framework for Windows 10. +The figure shown. Installing the`.NET`Framework for Windows 10. **Step 2 –** Next, install Visual Studio Express Edition or later on your Endpoint Policy Manager creation station. Any edition later than 2008 will work; you only need one. @@ -37,18 +37,18 @@ creation station. Any edition later than 2008 will work; you only need one. ![policypak_application_settings_1](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_1.webp) -Figure 2. The installation options for Visual C++ 2008 Express Edition. +The figure shown. The installation options for Visual C++ 2008 Express Edition. ![policypak_application_settings_2](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_2.webp) -Figure 3. The installation options for 2019 Visual Studio Express Desktop Edition. +The figure shown. The installation options for 2019 Visual Studio Express Desktop Edition. **Step 3 –** For this demonstration, we have gone with the C++ 2008 Express Edition. You will see -whichever version you choose to install in your Start menu once installed, as shown in Figure 4. +whichever version you choose to install in your Start menu once installed, as shown In the figure shown. ![policypak_application_settings_3](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_3.webp) -Figure 4. Visual Studio will appear in your Start menu once installed. +The figure shown. Visual Studio will appear in your Start menu once installed. Follow the on-screen instructions to install the edition with the latest service packs and prerequisites onto your admin workstation. Note that this can take a long time. Also, if prompted, @@ -69,8 +69,11 @@ Application Settings Manager creation station, be sure that the GPMC is installe Policy Manager Admin `Console.msi` is also loaded. **Step 3 –** After installation is complete, your Start menu should have both the Microsoft Visual -C++ Express Edition node and Endpoint Policy Manager DesignStudio node (see Figure 5). +C++ Express Edition node and Endpoint Policy Manager DesignStudio node (See the figure here). ![policypak_application_settings_4](/images/endpointpolicymanager/applicationsettings/designstudio/quickstart/endpointpolicymanager_application_settings_4.webp) -Figure 5. Endpoint Policy Manager DesignStudio appears in the Start menu once installed. +The figure shown. Endpoint Policy Manager DesignStudio appears in the Start menu once installed. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/overview.md index 8fecc92662..c269965857 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/quickstart/overview.md @@ -36,3 +36,6 @@ to create GPOs. However, note that it is common to separate out these two roles, Manager makes it easy to do so. In this discussion, we'll assume you're using a Windows 10 machine with the RSAT tools and the GPMC enabled. This will now be your Group Policy management station and your Endpoint Policy Manager creation station. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/regimporteruitility.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/regimporteruitility.md index 5b257a80d4..61037a827f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/regimporteruitility.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/regimporteruitility.md @@ -19,18 +19,21 @@ the benefits of the Endpoint Policy Manager Application Settings Manager engine, anywhere and being able to revert when the setting no longer applies. The `.reg` importer utility is only available to use with checkboxes. When you select any checkbox, -a special icon will appear, as shown in Figure 162. +a special icon will appear, as shown In the figure shown. ![using_the_reg_importer_utility](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_reg_importer_utility.webp) -Figure 162. The .reg importer utility. +The figure shown. The .reg importer utility. Using the utility, you can import existing .reg files and specify which state (checked or unchecked) -matches which .reg file (see Figure 163). +matches which .reg file (See the figure here). ![using_the_reg_importer_utility_1](/images/endpointpolicymanager/applicationsettings/designstudio/using_the_reg_importer_utility_1.webp) -Figure 163. The .reg importer utility interface. +The figure shown. The .reg importer utility interface. For a full end-to-end example on this mini-utility, please watch the video here: [Use the DesignStudio to import existing registry keys](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/importregistry.md). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/registrykeys.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/registrykeys.md index ae39fbf97c..e0032ba4dc 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/registrykeys.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/registrykeys.md @@ -7,33 +7,33 @@ sidebar_position: 110 # Applying Settings within Multiple Registry Keys The Configuration Wizard will discover where settings are stored when you perform a before and after -capture. In the example in Figure 159, the "Mute Yahoo! Games" setting is discovered within the +capture. In the example In the figure shown, the "Mute Yahoo! Games" setting is discovered within the application's registry keys of the specific user (JeremyM) where the capture was performed. The discovered key is within `\Profiles\JeremyM\Games`. ![applying_settings_within_multiple](/images/endpointpolicymanager/applicationsettings/designstudio/applying_settings_within_multiple.webp) -Figure 159. Capturing a setting. +The figure shown. Capturing a setting. If you were to compile and deploy this setup to your users, it would work perfectly if everyone in the company used the "JeremyM" profile for this application. But since everyone uses a different username for this application, you need a way to teach DesignStudio to globally replace "JeremyM" -with whatever is found in `\Profiles\\Games`. In Figure 160, you can see the live +with whatever is found in `\Profiles\\Games`. In the figure shown, you can see the live registry with another user, JeremyM200, logged in using this application. This user's path for the new setting would be `\Profiles\JeremyM200\Games\`. The original path would be `\Profiles\JeremyM\Games`. ![applying_settings_within_multiple_1](/images/endpointpolicymanager/applicationsettings/designstudio/applying_settings_within_multiple_1.webp) -Figure 160. The user's path to the mute setting. +The figure shown. The user's path to the mute setting. To teach DesignStudio to globally replace "JeremyM" with whatever is inside "profiles," substitute -an asterisk for the username, as shown in Figure 161. This will perform a special global replace +an asterisk for the username, as shown In the figure shown. This will perform a special global replace operation on all subkeys within this application's "profiles" key. ![applying_settings_within_multiple_2](/images/endpointpolicymanager/applicationsettings/designstudio/applying_settings_within_multiple_2.webp) -Figure 161. Replacing the username with an asterisk. +The figure shown. Replacing the username with an asterisk. This means that any subkey within `Pager\Profiles `is automatically substituted correctly. Now, whoever uses this application will get the setting properly delivered because the substitution will @@ -44,3 +44,6 @@ You can use the Endpoint Policy Manager DesignStudio "Global Search and Replace" which we'll discuss in a later section. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/scrollablepanels.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/scrollablepanels.md index 349f4da6f0..35be31ef97 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/scrollablepanels.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/scrollablepanels.md @@ -8,29 +8,32 @@ sidebar_position: 90 While editing your AppSets, you might want to put elements in a scrollable panel, or Netwrix Endpoint Policy Manager (formerly PolicyPak) DesignStudio might capture a scrollable panel that you -want to edit. In Figure 154, you can a frame being added with the "Frame" button. +want to edit. In the figure shown, you can a frame being added with the "Frame" button. ![adding_space_to_scrollable](/images/endpointpolicymanager/applicationsettings/designstudio/adding_space_to_scrollable.webp) -Figure 154. Adding a frame button. +The figure shown. Adding a frame button. Frames can be changed to scrollable panels by selecting the "Advanced" button, and then changing the -type to "Scrollable Panel" as shown in Figure 155. +type to "Scrollable Panel" as shown In the figure shown. ![adding_space_to_scrollable_1](/images/endpointpolicymanager/applicationsettings/designstudio/adding_space_to_scrollable_1.webp) -Figure 155. Changing the frame to a scrollable panel. +The figure shown. Changing the frame to a scrollable panel. -When you do this, you'll see the frame convert to a scrollable panel, as shown in Figure 156. +When you do this, you'll see the frame convert to a scrollable panel, as shown In the figure shown. DesignStudio will enter in some suggested values for the height and width of the panel; however, you are able to modify them. For instance, if you want to make a tall panel, change the "Height" value for more vertical space. You can also change the "Width" value and get more horizontal space. You -can see an example of how to do this in Figure 157. +can see an example of how to do this In the figure shown. ![adding_space_to_scrollable_2](/images/endpointpolicymanager/applicationsettings/designstudio/adding_space_to_scrollable_2.webp) -Figure 156. A frame converted to a scrollable panel. +The figure shown. A frame converted to a scrollable panel. ![adding_space_to_scrollable_3](/images/endpointpolicymanager/applicationsettings/designstudio/adding_space_to_scrollable_3.webp) -Figure 157. Changing the dimensions of a scrollable panel. +The figure shown. Changing the dimensions of a scrollable panel. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/setup.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/setup.md index 2a670f3445..a9b042bcad 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/setup.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/setup.md @@ -6,19 +6,19 @@ sidebar_position: 40 # Setting Up Application Configuration Data -When you create a new project (see Book 3: Application Settings Manager), you'll find that in the -initial wizard windows, you can choose how the capture process occurs, as shown in Figure 85. +When you create a new project (see the Application Settings Manager documentation), you'll find that in the +initial wizard windows, you can choose how the capture process occurs, as shown In the figure shown. ![setting_up_application_configuration](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/setting_up_application_configuration.webp) -Figure 85. Choosing how to capture the application. +The figure shown. Choosing how to capture the application. Choose to start a new project using the Capture Wizard. Then, select your project type, as shown in -Figure 86. +The figure shown. ![setting_up_application_configuration_1](/images/endpointpolicymanager/applicationsettings/designstudio/configurationdata/setting_up_application_configuration_1.webp) -Figure 86. Selecting your project type. +The figure shown. Selecting your project type. The following project types are currently supported, and more project types may be available in the future. @@ -63,4 +63,7 @@ must already be present to be modified by Endpoint Policy Manager DesignStudio. Additionally, it is now recommended that if you wish to deliver and maintain `.rdp` files, you do so with Endpoint Policy Manager Remote Desktop Protocol Manager -([https://www.endpointpolicymanager.com/policies/remote-desktop-protocol-manager/](https://www.endpointpolicymanager.com/policies/remote-desktop-protocol-manager/)). +([https://www.policypak.com/policies/remote-desktop-protocol-manager/](https://www.policypak.com/policies/remote-desktop-protocol-manager/)). + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/_category_.json index 5f3f189794..f7e07604fd 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/batchcompile.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/batchcompile.md index ed782393d0..ed69e92221 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/batchcompile.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/batchcompile.md @@ -9,20 +9,23 @@ sidebar_position: 50 You may want to work on several AppSets before you begin the compiling process for each one.  You can go back and compile any DesignStudio project at any time, and you can use the Batch Compile tool to compile multiple AppSets at once.  To do this, go to `Tools > Batch Compile`, as shown in -Figure 180. +The figure shown. ![using_designstudio_tools_16_624x300](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_16_624x300.webp) -Figure 180. Using the Batch Compile tool. +The figure shown. Using the Batch Compile tool. -Then, select the XML files you want to compile. In Figure 181, we have selected Putty and WinZip. +Then, select the XML files you want to compile. In the figure shown, we have selected Putty and WinZip. ![using_designstudio_tools_17](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_17.webp) -Figure 181. Selecting the projects to compile. +The figure shown. Selecting the projects to compile. -It is recommended that you perform the compiling processes in the background as shown in Figure 182. +It is recommended that you perform the compiling processes in the background as shown In the figure shown. ![using_designstudio_tools_18](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_18.webp) -Figure 182. Selecting the option to perform the compile in the background. +The figure shown. Selecting the option to perform the compile in the background. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/globalsearchreplace.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/globalsearchreplace.md index adfb19a0f7..2df8eef79a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/globalsearchreplace.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/globalsearchreplace.md @@ -7,15 +7,18 @@ sidebar_position: 30 # Global Search and Replace Endpoint Policy Manager DesignStudio has a global search and replace function that can be accessed -from the Tools menu (or Ctrl+R), as shown in Figure 175. +from the Tools menu (or Ctrl+R), as shown In the figure shown. ![using_designstudio_tools_11](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_11.webp) -Figure 175. The global search and replace function. +The figure shown. The global search and replace function. -In the example in Figure 176, we're replacing the text "JeremyM" (not case sensitive) with \* for +In the example In the figure shown, we're replacing the text "JeremyM" (not case sensitive) with \* for actions. You can use this to replace words within text or actions. ![using_designstudio_tools_12_624x238](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_12_624x238.webp) -Figure 176. Replacing text with \* for actions. +The figure shown. Replacing text with \* for actions. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/_category_.json index 944dc582c2..d80fd6f3a8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/compilation.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/compilation.md index f5f8f4d7ef..a6e4de41f6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/compilation.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/compilation.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Compilation Tab The Compilation tab controls where your Endpoint Policy Manager source files (pXML) are saved and -where they are compiled. You can see the Compilation tab in Figure 166. The default path for saved +where they are compiled. You can see the Compilation tab In the figure shown. The default path for saved pXML files is`\Documents\PolicyPak Design Studio\Projects.` You can change this to any location you like. Additionally, the path for compiled DLLs is `C:\Program Files\PolicyPak\Extensions`. This is the location where the Endpoint Policy Manager Application Settings Manager Group Policy Editor will @@ -15,7 +15,7 @@ look for compiled extensions, so it's best to leave this as it is. ![using_designstudio_tools_2](/images/endpointpolicymanager/applicationsettings/designstudio/tools/options/using_designstudio_tools_2.webp) -Figure 166. The Compilation tab. +The figure shown. The Compilation tab. :::note that only administrators can compile AppSets directly to this location. If you are running @@ -31,3 +31,6 @@ Manager Application Settings Manager is actually compatible with two compilers: Microsoft Visual C++ 2008 compiler. Lastly, you can also see the Endpoint Policy Manager compiler location, which should always point toward the file named PXmlParser. This should not be changed unless specified by technical support. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/java.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/java.md index b5f20c6fdd..9b0cef604b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/java.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/java.md @@ -13,11 +13,14 @@ applications. In order to capture Java-based applications, you will need to do t **Step 2 –** Fully turn off user account control (during the user interface [UI] capture). -Without the Java Access Bridge installed, the Java tab will look like what's shown in Figure 169. +Without the Java Access Bridge installed, the Java tab will look like what's shown In the figure shown. ![using_designstudio_tools_5_624x224](/images/endpointpolicymanager/applicationsettings/designstudio/tools/options/using_designstudio_tools_5_624x224.webp) -Figure 169. The Java tab. +The figure shown. The Java tab. To learn more about how to use Endpoint Policy Manager DesignStudio to capture Java-based applications, check out the "Special Applications and Project Types" section of this document. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/misc.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/misc.md index 0c8c57bac0..8c722377c8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/misc.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/misc.md @@ -7,9 +7,12 @@ sidebar_position: 50 # Misc Tab By default Endpoint Policy Manager DesignStudio doesn't run more than one copy of itself at a time. -You can change this behavior in the Misc tab, as shown in Figure 170. This could be useful if you're +You can change this behavior in the Misc tab, as shown In the figure shown. This could be useful if you're copying and pasting between projects. ![using_designstudio_tools_6_624x175](/images/endpointpolicymanager/applicationsettings/designstudio/tools/options/using_designstudio_tools_6_624x175.webp) -Figure 170. The Misc tab. +The figure shown. The Misc tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/overview.md index 5ed7acdfb9..7ec1344b46 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/overview.md @@ -7,15 +7,18 @@ sidebar_position: 10 # Options Endpoint Policy Manager DesignStudio has a variety of options you can configure. You can access -these options using Tools|Options, as shown in Figure 165. There are six tabs within Options: +these options using Tools|Options, as shown In the figure shown. There are six tabs within Options: Compilation, UI Capture, AppV (older versions of DesignStudio only), VirtualStore, Java, and Misc. ![using_designstudio_tools_1_624x111](/images/endpointpolicymanager/applicationsettings/designstudio/tools/options/using_designstudio_tools_1_624x111.webp) -Figure 165. DesignStudio Options. +The figure shown. DesignStudio Options. :::note The AppV tab has not been used since build 605. Only older versions of DesignStudio require the AppV tab. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/uicapture.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/uicapture.md index 8860c5a9fa..b64bec9e51 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/uicapture.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/uicapture.md @@ -6,10 +6,13 @@ sidebar_position: 20 # UI Capture Tab -The UI Capture tab has one checkbox, which is on by default (see Figure 167). When checked, captured +The UI Capture tab has one checkbox, which is on by default (See the figure here). When checked, captured tabs will auto-size to the page and the other captured tabs. It is recommended to keep this checked because, when unchecked, the captured tabs might not realign to the other tabs and fit the page. ![using_designstudio_tools_3_624x198](/images/endpointpolicymanager/applicationsettings/designstudio/tools/options/using_designstudio_tools_3_624x198.webp) -Figure 167. The UI Capture tab. +The figure shown. The UI Capture tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/virtualstore.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/virtualstore.md index 4f3fcea0cd..8ce5e6c634 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/virtualstore.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/options/virtualstore.md @@ -6,10 +6,13 @@ sidebar_position: 30 # VirtualStore Tab -The VirtualStore tab has one setting, as shown in Figure 168. This setting is automatically checked +The VirtualStore tab has one setting, as shown In the figure shown. This setting is automatically checked on and is used when applications running as standard users try to write to locations that are not allowed. This setting was discussed in the section called "Configuration Data in VirtualStore." ![using_designstudio_tools_4_624x174](/images/endpointpolicymanager/applicationsettings/designstudio/tools/options/using_designstudio_tools_4_624x174.webp) -Figure 168. The VirtualStore tab. +The figure shown. The VirtualStore tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/overview.md index 31038c4bf0..a76e939080 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/overview.md @@ -18,8 +18,11 @@ PolicyPak) DesignStudio: - Preview an existing AppSet (`Tools|Pak Preview`) You can see the list of items from the Endpoint Policy Manager DesignStudio Tools menu in -Figure 164. +The figure shown. ![using_designstudio_tools](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools.webp) -Figure 164. DesignStudio Tools menu. +The figure shown. DesignStudio Tools menu. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pakpreview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pakpreview.md index 324e5fa7e7..8355b8d61e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pakpreview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pakpreview.md @@ -9,15 +9,18 @@ sidebar_position: 60 You can use Pak Preview to edit any compiled AppSet in Endpoint Policy Manager DesignStudio or capture additional tabs and configuration settings.  You can even do this for existing AppSets that you have downloaded from the Endpoint Policy Manager Portal.  To do so, go to` Tools > Pak Preview`, -as shown in Figure 183. +as shown In the figure shown. ![using_designstudio_tools_19_624x304](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_19_624x304.webp) -Figure 183. Using Pak Preview to edit AppSets. +The figure shown. Using Pak Preview to edit AppSets. Then, select the compiled DLL file you want to preview. Figure 184 shows a preview of Adobe Acrobat Pro settings. ![using_designstudio_tools_20](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_20.webp) -Figure 184. A preview of Adobe Acrobat Pro settings. +The figure shown. A preview of Adobe Acrobat Pro settings. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pxmlmergewizard.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pxmlmergewizard.md index 61fed107bb..d354aef981 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pxmlmergewizard.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/pxmlmergewizard.md @@ -6,7 +6,7 @@ sidebar_position: 40 # PXML Merge Wizard -As described in Book 3: Application Settings Manager and reiterated in this guide, you will get the +As described in the Application Settings Manager documentation and reiterated in this guide, you will get the best AppSet results when you capture and deploy on one type of machine. If you don't use the same type of machine, the settings will be delivered to the target machine, but the underlying Endpoint Policy Manager AppLock™ codes will be different. For instance, if you capture WinZip's UI on @@ -26,7 +26,7 @@ scenarios: - Updating your existing AppSet with any new elements from an updated application and bringing in any new Endpoint Policy Manager AppLock™ codes -You can use the PXML Merge Wizard in one of two ways (see Figure 177): +You can use the PXML Merge Wizard in one of two ways (See the figure here): - You can first run the Endpoint Policy Manager Capture Wizard on the new operating system (or updated application) and create a new pXML file and save it. You only need to re-capture the tabs. @@ -39,7 +39,7 @@ You can use the PXML Merge Wizard in one of two ways (see Figure 177): ![using_designstudio_tools_13](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_13.webp) -Figure 177. Using the PXML Merge Wizard. +The figure shown. Using the PXML Merge Wizard. You'll want to choose "Recapture and merge on the fly" if you choose to have the newer application running on this machine or if you choose to capture the application while running Endpoint Policy @@ -57,23 +57,26 @@ files, capture the same tabs you have in your original project. In this example, we're assuming that WinZip has two new elements, a slider and a label, as shown in -Figure 178. We have re-captured all the tabs and saved the file as "`WinZip-XP-Capture.xml`." +The figure shown. We have re-captured all the tabs and saved the file as "`WinZip-XP-Capture.xml`." ![using_designstudio_tools_14](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_14.webp) -Figure 178. Saving the XML file. +The figure shown. Saving the XML file. Once the file is saved and transported to your original machine, you can run the PXML Merge Wizard -and select "Merge with an existing pXML file," as shown in Figure 179. Then select the file to +and select "Merge with an existing pXML file," as shown In the figure shown. Then select the file to merge. The wizard will walk you through the process of matching up any existing items between the original project and the imported project. You'll be able to see which items have different -AppLock™ data, UI elements, or actions data. In Figure 179, you can see where the wizard asks which +AppLock™ data, UI elements, or actions data. In the figure shown, you can see where the wizard asks which of these items you'd like to import from the new project. ![using_designstudio_tools_15](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_15.webp) -Figure 179. Importing elements from the wizard. +The figure shown. Importing elements from the wizard. When this is complete, your AppSet will have all the merged elements you need. If there are any new UI elements (and they aren't already configured in the imported project file) use the Configuration Wizard or manually edit them so they can be controlled in your application. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/showelementslist.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/showelementslist.md index d13ea0c226..4e7c172659 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/showelementslist.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/tools/showelementslist.md @@ -17,11 +17,11 @@ able to quickly identify the following information about your project: To that end, Endpoint Policy Manager DesignStudio has a "Show Elements List" feature (also known as "List All Elements"), which is found by selecting `Tools|Show Element List`. You can also use the -keyboard shortcut Ctrl+F to go to this list, as shown in Figure 171. +keyboard shortcut Ctrl+F to go to this list, as shown In the figure shown. ![using_designstudio_tools_7_624x330](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_7_624x330.webp) -Figure 171. Selecting the "Show Elements List" feature. +The figure shown. Selecting the "Show Elements List" feature. The List All Elements box shows you which elements will work in Endpoint Policy Manager Application Settings Manager Community Edition and which ones will only work when fully licensed (or in Trial @@ -32,16 +32,16 @@ a specific Tab within your project. ![using_designstudio_tools_8](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_8.webp) -Figure 172. Searching by text in the "List All Elements" box. +The figure shown. Searching by text in the "List All Elements" box. You can also use the "List All Elements" dialog to help determine which elements are not yet configured inside the AppSet. To do this, sort on the Configured column, then look for items that -have "No" in that column, as shown in Figure 173. Double-click the item to zoom to the item, then +have "No" in that column, as shown In the figure shown. Double-click the item to zoom to the item, then right-click to run the Configuration Wizard to configure it. ![using_designstudio_tools_9](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_9.webp) -Figure 173. Determining which elements have not been configured. +The figure shown. Determining which elements have not been configured. :::note Items with N/A in the Configured column cannot be configured, like labels, frames, and @@ -57,7 +57,7 @@ the "List all Elements" items by ID number, this element can be quickly found. ![using_designstudio_tools_10](/images/endpointpolicymanager/applicationsettings/designstudio/tools/using_designstudio_tools_10.webp) -Figure 174. Sorting elements by ID number. +The figure shown. Sorting elements by ID number. :::note The color coding is only to express if the element will work in Community Edition or @@ -66,8 +66,11 @@ Licensed Mode and Trial Mode. :::note -Sometimes disabling the item can help you continue to compile the AppSet. You should send -any failed compiles to [support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) along with your pXML +Sometimes disabling the item can help you continue to compile the AppSet. You should [open a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) and send +any failed compiles along with your pXML file for inspection. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/_category_.json index 81e8a12d35..0fc0b33efa 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/capturewizard.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/capturewizard.md index bfcb6024f8..218f069e2d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/capturewizard.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/capturewizard.md @@ -11,7 +11,7 @@ The process for using the Capture Wizard to capture UI elements was already cove that information here. When you start a new project after running Endpoint Policy Manager DesignStudio, you are asked to -select the application and the correct window, as shown in Figure 59. Sometimes the process name is +select the application and the correct window, as shown In the figure shown. Sometimes the process name is not obvious. Be sure to capture the Options or Configuration window of an application, and not the main page, @@ -20,26 +20,29 @@ you will mostly be capturing options, properties, and configuration pages. ![crafting_the_user_interface](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface.webp) -Figure 59. Selecting the target application and window. +The figure shown. Selecting the target application and window. :::note See the section entitled "Special Applications and Project Types" for more information on -how to manage Control Panel items, like the mouse properties shown in Figure 58. +how to manage Control Panel items, like the mouse properties shown In the figure shown. ::: After the first tab of your application is captured, you'll be able to select more tabs using the -"Capture another tab" button, as shown in Figure 60. +"Capture another tab" button, as shown In the figure shown. ![crafting_the_user_interface_1](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_1.webp) -Figure 60. Capturing additional tabs. +The figure shown. Capturing additional tabs. -In most cases, your application's look and feel is exactly captured, as shown in Figure 61. +In most cases, your application's look and feel is exactly captured, as shown In the figure shown. ![crafting_the_user_interface_2](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_2.webp) -Figure 61. Capturing the look and feel of the application. +The figure shown. Capturing the look and feel of the application. Endpoint Policy Manager DesignStudio usually captures the existing states of the elements as well, such the status of a checkbox or radio button. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualadd.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualadd.md index 3e011e609c..41164c260b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualadd.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualadd.md @@ -9,11 +9,11 @@ sidebar_position: 30 Although you will likely use the captured UI elements as they are, you might choose to manually add more elements or replace the existing ones. To do this, select an element from the toolbar, and hover over it for a tooltip about what the element is. The element will be placed on the tab or -subdialog you are editing and will be shown with a thick green line, as shown in Figure 77. +subdialog you are editing and will be shown with a thick green line, as shown In the figure shown. ![crafting_the_user_interface_18_624x507](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_18_624x507.webp) -Figure 77. Adding elements from the toolbar. +The figure shown. Adding elements from the toolbar. Drag the element where you want to place it. Note that this does not configure the element (we will talk about how to configure the element later). @@ -25,3 +25,6 @@ out. Therefore, manually added elements are underlined, demonstrating that they using Endpoint Policy Manager AppLock™. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/_category_.json index 31f510ea1a..9846bc9231 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementmodifications.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementmodifications.md index e507765015..a371721db3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementmodifications.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementmodifications.md @@ -10,12 +10,15 @@ We've already seen how to move handles around so that all text in a dialog box i other elements also allow for quick, easy manipulation. You can move items around the page, increase the size of a tab, and more. You might also want to change captured graphics, for example. Selecting the graphic and selecting the "…" icon allows you to select a new bitmap. This action is shown in -Figure 75 and Figure 76. +Figure 75 and The figure shown. ![crafting_the_user_interface_16](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_16.webp) -Figure 75. Modifying captured graphics. +The figure shown. Modifying captured graphics. ![crafting_the_user_interface_17](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_17.webp) -Figure 76. New graphic. +The figure shown. New graphic. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementtransformations.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementtransformations.md index 8cea193d2b..1f02fb8eab 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementtransformations.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/elementtransformations.md @@ -7,32 +7,35 @@ sidebar_position: 30 # Element Transformations In this example, the application we want to manage is using a spinbox (also called an up/down box) -to set a value for a setting (see Figure 71). +to set a value for a setting (See the figure here). ![crafting_the_user_interface_12_624x317](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_12_624x317.webp) -Figure 71. A spinbox element. +The figure shown. A spinbox element. However, occasionally Endpoint Policy Manager's Capture Wizard doesn't read this kind of element -correctly and it must be manually changed (see Figure 72). +correctly and it must be manually changed (See the figure here). ![crafting_the_user_interface_13_624x403](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_13_624x403.webp) -Figure 72. Manually changing an element. +The figure shown. Manually changing an element. DesignStudio will present the most logical transformations for you. In this example, DesignStudio assumes you will likely want to transform the numeric edit box to a trackbar, up/down box, label, or text box. However, you are also permitted to transform the element to any other type, as shown in -Figure 73. This would be an unusual transformation so it's tucked under "Advanced." +The figure shown. This would be an unusual transformation so it's tucked under "Advanced." ![crafting_the_user_interface_14](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_14.webp) -Figure 73. Selecting the type of element to change to. +The figure shown. Selecting the type of element to change to. :::note If you discover a transformation you need, but DesignStudio does not provide it, please -email [support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com), describe the scenario you need, and +[open a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket), describe the scenario you need, and indicate the application that you are trying to create an AppSet for (plus a screenshot if possible). ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/hiddentext.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/hiddentext.md index 270805fb7d..865392a4a2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/hiddentext.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/hiddentext.md @@ -6,15 +6,18 @@ sidebar_position: 20 # Hidden Text -In Figure 69 the settings were captured, but the text was not fully shown. +In the figure shown the settings were captured, but the text was not fully shown. ![crafting_the_user_interface_10_624x265](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_10_624x265.webp) -Figure 69. The text in the capture is not fully shown. +The figure shown. The text in the capture is not fully shown. To solve this problem, move the handles on the element to reveal the rest of the text, as shown in -Figure 70. +The figure shown. ![crafting_the_user_interface_11_624x235](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_11_624x235.webp) -Figure 70. Moving the handles to reveal the text. +The figure shown. Moving the handles to reveal the text. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/nonstandard.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/nonstandard.md index eee86aeec5..47e939ce2f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/nonstandard.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/nonstandard.md @@ -7,12 +7,12 @@ sidebar_position: 10 # Non-Standard Captures Some applications have a non-standard interface. The interface can still be captured, but the -results may not be quite what you expect. In Figure 62, the left side of the screen shows the actual +results may not be quite what you expect. In the figure shown, the left side of the screen shows the actual application, Adobe Reader, and the right side of the screen shows the first captured tab. ![crafting_the_user_interface_3](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_3.webp) -Figure 62. Some applications may not be captured as expected. +The figure shown. Some applications may not be captured as expected. Adobe Reader, unlike most applications, does not use tabs for its interface. It uses a long, bar with categories in it, which gets captured along with the other elements on the page. Since this @@ -23,45 +23,48 @@ do this in a bit. To continue to capture more settings, click on the "Capture another tab" button. When you capture another tab, Endpoint Policy Manager DesignStudio realizes that this application doesn't really use tabs, so you are prompted to manually enter the name of each of this application's categories, as -shown in Figure 63 and Figure 64. +shown In the figure shown and The figure shown. ![crafting_the_user_interface_4_624x410](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_4_624x410.webp) -Figure 63. The prompt to manually enter the name of the categories. +The figure shown. The prompt to manually enter the name of the categories. ![crafting_the_user_interface_5_624x185](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_5_624x185.webp) -Figure 64. Manually adding the categories. +The figure shown. Manually adding the categories. -You can see in Figure 65 that Endpoint Policy Manager Capture Wizard also captures the categories +You can see In the figure shown that Endpoint Policy Manager Capture Wizard also captures the categories bar even though it is not an element we want on the page. ![crafting_the_user_interface_6](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_6.webp) -Figure 65. The captured categories bar. +The figure shown. The captured categories bar. You can delete the errant settings by right-clicking on them and selecting "Delete," or by highlighting them and pressing the Delete key on the keyboard. You can choose to delete all items within the frame, or promote the items in the frame directly to the tab. In this case, you'll likely want to delete all the elements in the frame. You can then reposition the other frames on the page and manually align them. You can also use the Hierarchy tab's "Realign controls to fit the page" -button to auto-place and center the items on the form, as shown in Figure 66. +button to auto-place and center the items on the form, as shown In the figure shown. ![crafting_the_user_interface_7](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_7.webp) -Figure 66. Centering the items on the form. +The figure shown. Centering the items on the form. -The result is shown in Figure 67. However, there is a problem with the name of the category. It +The result is shown In the figure shown. However, there is a problem with the name of the category. It should be called General instead of Preferences. ![crafting_the_user_interface_8](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_8.webp) -Figure 67. An incorrect tab name. +The figure shown. An incorrect tab name. To rename a tab (or any element), click on it (select the Properties tab) and then, in the Name box, type in the correct name. In this example, you would replace the name "Preferences" with "General," -as shown in Figure 68. +as shown In the figure shown. ![crafting_the_user_interface_9](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_9.webp) -Figure 68. Changing the tab name. +The figure shown. Changing the tab name. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/notmanaged.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/notmanaged.md index 9c29485cae..1b7c7bcb9b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/notmanaged.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/notmanaged.md @@ -7,20 +7,20 @@ sidebar_position: 40 # Items That Cannot Be Managed Endpoint Policy Manager Application Settings Manager can control a lot of items; however, there are -some UI elements that it cannot manage. In Figure 74, the "Reset All Warnings" button in this +some UI elements that it cannot manage. In the figure shown, the "Reset All Warnings" button in this application, which might reset settings within the application, isn't something that Endpoint Policy Manager Application Settings Manager can control. Inside Endpoint Policy Manager Application Settings Manager, it will take up space but will not do anything. With elements like this, you have three options: - Delete the element since it has no function. -- Right-click the element and uncheck "Enabled" (shown in Figure 74), which will make the item gray +- Right-click the element and uncheck "Enabled" (shown In the figure shown), which will make the item gray and unclickable when it is used within the Group Policy editor. - Leave the element as it is. ![crafting_the_user_interface_15_624x362](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/manualedits/crafting_the_user_interface_15_624x362.webp) -Figure 74. Dealing with elements that cannot be controlled with Application Settings Manager. +The figure shown. Dealing with elements that cannot be controlled with Application Settings Manager. Leaving it as it is usually the best idea since you can still control its AppLock™ properties using Group Policy. For this element, if you do nothing here in Endpoint Policy Manager DesignStudio, then @@ -28,3 +28,6 @@ later, in the Group Policy Editor, you can still right-click over this button an from a user. There will be no way to make it do precisely what you want (such as resetting all warnings), but you will still be able to lock or remove the button so the user cannot use it inside the application. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/overview.md index 3628d64070..1e663e26e3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/manualedits/overview.md @@ -10,3 +10,6 @@ The Endpoint Policy Manager Capture Wizard usually does a pretty good job of cap for most applications. However, sometimes it needs a little manual help to get the applications' elements to where they need to be. The sections below describe some circumstances that may require manual editing. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/overview.md index 3b2f769f02..d2d6e6b290 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/overview.md @@ -14,3 +14,6 @@ There are three ways you can craft the user interface (UI) of your target applic In the sections below, we'll explore all three options. We'll also discuss how to capture subdialogs and how to understand capture results that aren't what you expected. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/subdialogs.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/subdialogs.md index 6eb58000ce..7a5363563b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/subdialogs.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/subdialogs.md @@ -8,38 +8,41 @@ sidebar_position: 40 Some applications have subdialogs you can capture. For instance, in the Control Panel mouse applet, the ClickLock entry has a subdialog that's available to configure. That is, when you click its -"Settings" button, a "Settings for ClickLock" subdialog appears, as shown in Figure 78. +"Settings" button, a "Settings for ClickLock" subdialog appears, as shown In the figure shown. ![crafting_the_user_interface_19_624x694](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_19_624x694.webp) -Figure 78. The ClickLock subdialog box. +The figure shown. The ClickLock subdialog box. Now that you know this, you can capture this subdialog. To do this, in DesignStudio, double-click the button. You will be asked if you want to convert the button to a subdialog, as shown in -Figure 79. +The figure shown. ![crafting_the_user_interface_20_624x684](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_20_624x684.webp) -Figure 79. Capturing a subdiaglog button. +The figure shown. Capturing a subdiaglog button. -Click "Yes," and then click "OK," as shown in Figure 80. Next, open the subdialog you want to -capture, as shown in Figure 81. +Click "Yes," and then click "OK," as shown In the figure shown. Next, open the subdialog you want to +capture, as shown In the figure shown. ![crafting_the_user_interface_21_624x218](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_21_624x218.webp) -Figure 80. The prompt to capture a subdialog. +The figure shown. The prompt to capture a subdialog. ![crafting_the_user_interface_22](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_22.webp) -Figure 81. Selecting the subdialog button. +The figure shown. Selecting the subdialog button. Select the target window (the subdialog) to capture it. When the capture is complete, you'll see the -tab for the subdialog shown next to its parent tab, as shown in Figure 82. +tab for the subdialog shown next to its parent tab, as shown In the figure shown. ![crafting_the_user_interface_23](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_23.webp) -Figure 82. The new tab for the subdialog. +The figure shown. The new tab for the subdialog. You can click back and forth between the parent tab (Mouse Properties) and the subdialog (Settings for ClickLock). Also, if you close the tab by clicking the X next to the subdialog, double-clicking the button that represents the subdialog will open up that tab again. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/unexpectedresults.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/unexpectedresults.md index c3ea315cb9..119d9c5daa 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/unexpectedresults.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/designstudio/userinterface/unexpectedresults.md @@ -12,12 +12,12 @@ Capture Wizard performs a capture, but it may not look the way you expect. ## User Interfaces That Cannot Be Captured -Some applications cannot be captured. In the example in Figure 83, the UI elements in Skype are not +Some applications cannot be captured. In the example In the figure shown, the UI elements in Skype are not able to be captured in a useful way. ![crafting_the_user_interface_24](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_24.webp) -Figure 83. Some applications prevent their UI elements from being captured. +The figure shown. Some applications prevent their UI elements from being captured. In these cases, you have to create the elements by using the toolbar and manually adding them (as described earlier). Then you need to configure them (which we will describe later). @@ -25,11 +25,11 @@ described earlier). Then you need to configure them (which we will describe late ## Underlined Elements Occasionally, during a capture, you might see some captured items that are underlined in the capture -but not in the application itself, as shown in Figure 84. +but not in the application itself, as shown In the figure shown. ![crafting_the_user_interface_25](/images/endpointpolicymanager/applicationsettings/designstudio/userinterface/crafting_the_user_interface_25.webp) -Figure 84. Some elements appear underlined when captured. +The figure shown. Some elements appear underlined when captured. This means Endpoint Policy Manager DesignStudio was able to capture the element correctly, but was unable to acquire Endpoint Policy Manager AppLock™ data for the item. Therefore, these items cannot @@ -41,3 +41,6 @@ To set up a perfect AppSet, you will also need to read the section called "Using Wizard" for how to control how elements work inside the Group Policy Editor. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/_category_.json index d614cd15cd..5c62db3446 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetentry.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetentry.md index fd8d5bb81c..5a86db7391 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetentry.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetentry.md @@ -6,11 +6,6 @@ sidebar_position: 10 # Item-Level Targeting for an AppSet Entry -:::note -For a demonstration of Item-Level Targeting, please see this video: -[http://www.endpointpolicymanager.com/videos/sn6j7q1clmq.html](https://www.youtube.com/watch) -::: - After you've configured an AppSet to your preferred settings, and those settings are saved into the group policy object (GPO), you can perform Item-Level Targeting (also known as filtering) with that @@ -28,25 +23,25 @@ You can see an example of Item-Level Targeting in Figures 46 and 47. ![policypak_application_settings_2_1](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_1.webp) -Figure 46. Entering the Pak's Item Level Targeting dialog. +The figure shown. Entering the Pak's Item Level Targeting dialog. Administrators familiar with Group Policy Preferences' Item-Level Targeting will be at home in this interface, since it is functionally equivalent. You can apply one or more targeting items to an AppSet. You can also logically join together -targeting items, as shown in Figure 48. You may also add Targeting Collections, which equates to +targeting items, as shown In the figure shown. You may also add Targeting Collections, which equates to enclosing equations in parentheses, which groups together targeting items. In this way, you can create fairly complex determinations about which users and computers an AppSet will apply to. -Targeting Collections may be set to "And" or "Or" as well as "Is" or "Is Not," as seen in Figure 49. +Targeting Collections may be set to "And" or "Or" as well as "Is" or "Is Not," as seen In the figure shown. ![policypak_application_settings_2_2](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_2.webp) -Figure 48. In this example, the Pak would only apply to Windows 10 machines when (1) the machine is +The figure shown. In this example, the Pak would only apply to Windows 10 machines when (1) the machine is portable and (2) the user is in the FABRIKAM\Traveling Sales Users group. ![policypak_application_settings_2_3](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_3.webp) -Figure 49. In this example, the Pak would only apply to Windows 10 machines when either(1) the +The figure shown. In this example, the Pak would only apply to Windows 10 machines when either(1) the machine is portable and (2) the IP address between 192.168.5.1 - 192.168.7.254 OR (1) the machine resides in the Azure Site and (2) has an IP address between 172.16.7.11 - 172.16.9.254. @@ -76,8 +71,11 @@ AppSet settings. IP range. In this setup, you can specify different settings for various IP ranges in case you want to maintain different browser settings for the home office and each field office. -When Item-Level Targeting is used, it can be seen in the GPMC reports, as seen in Figure 50. +When Item-Level Targeting is used, it can be seen in the GPMC reports, as seen In the figure shown. ![policypak_application_settings_2_4](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_4.webp) -Figure 50. The Item-Level Targeting shows up in the GPMC reports when it is being used. +The figure shown. The Item-Level Targeting shows up in the GPMC reports when it is being used. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetinternal.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetinternal.md index 87b7e98f2c..5479aea99f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetinternal.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/appsetinternal.md @@ -9,7 +9,7 @@ sidebar_position: 20 :::note To see an overview of Internal ItemLevel Targeting, including how to bypass the filters, see this video: -[http://www.endpointpolicymanager.com/videos/bypassing-internal-item-level-targeting-filters.html](http://www.endpointpolicymanager.com/products/endpointpolicymanager-preconfigured-paks.html). +[https://youtu.be/nw6LAE5b-pE](https://youtu.be/nw6LAE5b-pE). ::: @@ -29,7 +29,7 @@ Figure 51 shows an example of how you might configure an internal filter. ![policypak_application_settings_2_5](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_5.webp) -Figure 51. Configuring an internal filter. +The figure shown. Configuring an internal filter. The purpose is to make sure that configuration items aren't delivered unless these predefined conditions match and are actually present on the target machine. @@ -40,13 +40,13 @@ Manager data is written unless it's actually needed. However, you might find the need to bypass sets of internal filters and apply the AppSet anyway, regardless of whether the application is present on the machine. To do this, you need to modify the AppSet entry's options and change the "Predefined Item-Level Targeting" switch, as seen in -Figure 52. +The figure shown. ![policypak_application_settings_2_6](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_6.webp) -Figure 52.  Changing the Predefined Item-Level Targeting switch. +The figure shown.  Changing the Predefined Item-Level Targeting switch. -There are three ways to configure this entry, which are presented in Table 1 (also see Figure 53 for +There are three ways to configure this entry, which are presented in Table 1 (also See the figure here for an example of one of the scenarios). Table 1: Internal Item-Level Targeting settings options. @@ -59,4 +59,7 @@ Table 1: Internal Item-Level Targeting settings options. ![policypak_application_settings_2_7](/images/endpointpolicymanager/applicationsettings/extras/itemleveltargeting/endpointpolicymanager_application_settings_2_7.webp) -Figure 53. One scenario for item-level targeting on installed applications only. +The figure shown. One scenario for item-level targeting on installed applications only. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/managedby.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/managedby.md index 5c7e0add26..00d0cb5a53 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/managedby.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/managedby.md @@ -11,30 +11,33 @@ and ACL Lockdown, IT administrators might want to signal to their users, in a su in charge of the application. You can accomplish this by selecting "Add ‘Managed by Endpoint Policy Manager' to Windows under -management," as seen in Figure 60. +management," as seen In the figure shown. ![policypak_application_settings_2_14](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_14.webp) -Figure 60. IT administrators can display to users that they are in control of the settings. +The figure shown. IT administrators can display to users that they are in control of the settings. When you do this, a window will pop up, giving you options for the setting. For most applications, -these windows will look similar to what is displayed in Figure 61 and Figure 62. +these windows will look similar to what is displayed In the figure shown and The figure shown. ![policypak_application_settings_2_15](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_15.webp) -Figure 61. An example of what you would see if you selected "Add ‘Managed by Endpoint Policy +The figure shown. An example of what you would see if you selected "Add ‘Managed by Endpoint Policy Manager' to Windows under management." ![policypak_application_settings_2_16_624x354](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_16_624x354.webp) -Figure 62. Another example of what you would see if you selected "Add ‘Managed by Endpoint Policy +The figure shown. Another example of what you would see if you selected "Add ‘Managed by Endpoint Policy Manager' to Windows under management." Note that not every application will display "Managed by Endpoint Policy Manager" in the window. Be sure to test with your specific application. Also, be aware that the GPMC reports will demonstrate -if you have this feature enabled, as seen in Figure 63. +if you have this feature enabled, as seen In the figure shown. ![policypak_application_settings_2_17](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_17.webp) -Figure 63. The GPMC report showing that "Add ‘Managed by Endpoint Policy Manager' to windows under +The figure shown. The GPMC report showing that "Add ‘Managed by Endpoint Policy Manager' to windows under management" was enabled. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/multipleappsetspriority.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/multipleappsetspriority.md index 8afe93ee21..c17c256fec 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/multipleappsetspriority.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/multipleappsetspriority.md @@ -8,13 +8,13 @@ sidebar_position: 30 -Level Targeting (described in the previous section). -In Figure 54, you can see the same AppSet (WinZip 14 and later) used three times within the same +In the figure shown, you can see the same AppSet (WinZip 14 and later) used three times within the same GPO. However, each AppSet item has Item-Level Targeting turned on and specific conditions associated with it. ![policypak_application_settings_2_8](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_8.webp) -Figure 54. WinZip 14 being used multiple times in the same GPO. +The figure shown. WinZip 14 being used multiple times in the same GPO. The recommended way to use Endpoint Policy Manager Application Settings Manager is as follows: @@ -24,12 +24,12 @@ The recommended way to use Endpoint Policy Manager Application Settings Manager However, you could occasionally have multiple AppSets overlap each other with certain settings you've engaged. As a result, you might want to ensure that the delivery of those settings occurs in -a particular order. As seen in Figure 55, Endpoint Policy Manager Application Settings Manager +a particular order. As seen In the figure shown, Endpoint Policy Manager Application Settings Manager enables you to specify which AppSet is delivered in which order. ![policypak_application_settings_2_9](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_9.webp) -Figure 55. The order in which the Paks (in this scenario) are delivered. +The figure shown. The order in which the Paks (in this scenario) are delivered. Paks within a GPO are processed in order from lowest to highest. @@ -40,11 +40,11 @@ This is the same way the Group Policy Preferences prioritizes items. To change the priority of a particular AppSet, simply right-click on it within the GPO and select either "Enable priority mode (press Enter to exit)" or "Set priority," which are both shown in -Figure 56. +The figure shown. ![policypak_application_settings_2_10](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_10.webp) -Figure 56. By clicking "Enable priority mode (press Enter to exit)," as shown here, you can change +The figure shown. By clicking "Enable priority mode (press Enter to exit)," as shown here, you can change the priority of a specific Pak. When you select "Enable priority mode (press Enter to exit)" you can then move the AppSet up and @@ -52,11 +52,14 @@ down using the arrow keys. When you are satisfied with the position, press Enter edit. You can also select "Set priority," which will enable you to specify a numeric value, as shown in -Figure 57. +The figure shown. ![policypak_application_settings_2_11](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_11.webp) -Figure 57. By clicking "Set priority," as shown here, you can change the priority of a specific Pak +The figure shown. By clicking "Set priority," as shown here, you can change the priority of a specific Pak by setting the numeric value. The AppSet you've selected will take that priority number, and the rest will be lowered in priority. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/overview.md index b8b3c99d89..7e885e08d7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/overview.md @@ -14,3 +14,6 @@ management capabilities. In this section, we'll discuss the following features: - Creating multiple AppSets and changing priority - Setting a comment or description about an AppSet's settings - Adding "Managed by Endpoint Policy Manager" to applications under management + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/settingdescription.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/settingdescription.md index 2e2223ef5e..ca2390ccd4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/settingdescription.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/extras/settingdescription.md @@ -6,14 +6,17 @@ sidebar_position: 40 # Setting a Description -You can add your own note or description to each AppSet, as shown in Figure 58. +You can add your own note or description to each AppSet, as shown In the figure shown. ![policypak_application_settings_2_12](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_12.webp) -Figure 58. Entering notes for each Pak. +The figure shown. Entering notes for each Pak. -Notes are displayed within the GPMC reports, as seen in Figure 59. +Notes are displayed within the GPMC reports, as seen In the figure shown. ![policypak_application_settings_2_13](/images/endpointpolicymanager/applicationsettings/extras/endpointpolicymanager_application_settings_2_13.webp) -Figure 59. Notes shown in the GPMC reports. +The figure shown. Notes shown in the GPMC reports. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/_category_.json index 6fd0fb7125..87c54a17a2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/_category_.json index 02b44f0d0c..236905d249 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/discoveringids.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/discoveringids.md index f91ace1b7c..b7fb548853 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/discoveringids.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/discoveringids.md @@ -7,11 +7,11 @@ sidebar_position: 40 # Discovering IDs for Firefox Add-Ons **Step 1 –** Finding add-on IDs requires a little bit of work. To discover them, you need to click -on "Add-ons" in Firefox on an example computer, as shown in Figure 18. +on "Add-ons" in Firefox on an example computer, as shown In the figure shown. ![add_ons](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons.webp) -Figure 18. The Add-ons tab in Firefox. +The figure shown. The Add-ons tab in Firefox. **Step 2 –** Then, click one of the four categories below: @@ -21,21 +21,21 @@ Figure 18. The Add-ons tab in Firefox. - Services **Step 3 –** Then, press F12 for developer tools. In the lowest row, paste the snippet of code -supplied below, as shown in Figure 19. +supplied below, as shown In the figure shown. ![add_ons_3](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_3.webp) -Figure 19. The Console tab. +The figure shown. The Console tab. :::note You may get a warning saying you cannot paste until you say it's okay. To permit pasting, -type allow pasting," as shown in Figure 20. +type allow pasting," as shown In the figure shown. ::: ![add_ons_4](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_4.webp) -Figure 20. Allowing pasting to occur. +The figure shown. Allowing pasting to occur. **Step 4 –** You can use this snippet to discover IDs for extensions, appearance, plugins, and services: @@ -48,26 +48,29 @@ console.log(addonElement.attributes["name"].value + " = " + addonElement.value); } ``` -**Step 5 –** Paste the snippet into the lowest place on the page, as shown in Figure 21. +**Step 5 –** Paste the snippet into the lowest place on the page, as shown In the figure shown. ![add_ons_5](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_5.webp) -Figure 21. Copying the snippet to the Console tab. +The figure shown. Copying the snippet to the Console tab. The result you will get (which is to the right of the equal sign within quotes) will be the name of -the GUID or friendly name, as shown in Figure 22 and Figure 23. +the GUID or friendly name, as shown In the figure shown and The figure shown. ![add_ons_6](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_6.webp) -Figure 22. Example 1 showing only GUIDs. +The figure shown. Example 1 showing only GUIDs. ![add_ons_7](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_7.webp) -Figure 23. Example 2 showing the friendly name and GUID. +The figure shown. Example 2 showing the friendly name and GUID. **Step 6 –** Then, inside the Endpoint Policy Manager MMC console, you will add the ID you want -(without quotes), as shown in Figure 24. +(without quotes), as shown In the figure shown. ![add_ons_8](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_8.webp) -Figure 24. Adding the ID within the Endpoint Policy Manager MMC console. +The figure shown. Adding the ID within the Endpoint Policy Manager MMC console. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisable.md index 571ee01078..9bdf3c0776 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisable.md @@ -7,9 +7,9 @@ sidebar_position: 10 # Using Endpoint Policy Manager to Enable or Disable Add-Ons Video: To see a video of Endpoint Policy Manager enabling or disabling Firefox's add-ons, go to -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-add-ons-using-group-policy.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-add-ons-using-group-policy.html) +[https://www.policypak.com/video/endpointpolicymanager-manage-firefox-add-ons-using-group-policy.html](http://www.policypak.com/video/endpointpolicymanager-manage-firefox-add-ons-using-group-policy.html) -Firefox has four categories of add-ons, as shown in Figure 16. +Firefox has four categories of add-ons, as shown In the figure shown. - Recommendations - Extensions @@ -18,7 +18,7 @@ Firefox has four categories of add-ons, as shown in Figure 16. ![add_ons_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_1.webp) -Figure 16. The Add-ons Manager. +The figure shown. The Add-ons Manager. Endpoint Policy Manager can enable or disable add-ons in these categories. In the next section we'll see how to force installation (or force removal) of add-ons. Endpoint Policy Manager has two methods @@ -29,8 +29,11 @@ to manage Firefox add-ons: - Option 2: Using wildcards to disable specific add-on types. You can see the "Add-Ons" tab, and the "Enable or Disable" section within the Firefox AppSet as seen -in Figure 17. +In the figure shown. ![add_ons_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_2.webp) -Figure 17. The Add-Ons tab within Endpoint Policy Manager Application Settings Manager. +The figure shown. The Add-Ons tab within Endpoint Policy Manager Application Settings Manager. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisableid.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisableid.md index 5a6581a3e9..e20cb2e8d7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisableid.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/enabledisableid.md @@ -14,3 +14,6 @@ readable@evernote.com, enable {47c11ff1-bbce-4481-83be-54e0c0adfda7}, disable In the next section, we will give you some tips on how to find the GUID or friendly name of your extensions. ``` + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/forceinstallation.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/forceinstallation.md index f3a8d6070a..d8c36cf274 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/forceinstallation.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/forceinstallation.md @@ -5,15 +5,15 @@ Endpoint Policy Manager also can install URL and file-based Firefox add-ons with Video: To see a video of Endpoint Policy Manager forcing installation of Firefox's Add-Ons, go to [Force Install Firefox Extensions (from URL or file).](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extensions.md). -Go to the Add-Ons tab within the Firefox AppSet, as shown in Figure 28. +Go to the Add-Ons tab within the Firefox AppSet, as shown In the figure shown. ![add_ons_12](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_12.webp) -Figure 28. The Add-Ons tab within Endpoint Policy Manager Application Settings Manager. +The figure shown. The Add-Ons tab within Endpoint Policy Manager Application Settings Manager. To get started with an add-on you want to force installation of, you need to know the add-on and its URL. Then you need to know what delivery method you would like to use: URL or file install. To use -URL-based installation, you need to get the URL by following these steps (see Figure 29): +URL-based installation, you need to get the URL by following these steps (See the figure here): **Step 1 –** Right-click and select "Copy Link Location" from the "Add to Firefox" button. @@ -25,7 +25,7 @@ URL-based installation, you need to get the URL by following these steps (see Fi ![add_ons_13](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_13.webp) -Figure 29. Copying the link location. +The figure shown. Copying the link location. **Step 5 –** Then, using Notepad or another editor, paste from Firefox "Copy Link Location" like this: @@ -42,17 +42,17 @@ syntax:` https://addons.mozilla.org/firefox/downloads/latest/ads-blocker/platfor install. For using the file-based installation method, you would select "Save Link As" after right-clicking -on the "Add to Firefox" botton, as shown in Figure 30. +on the "Add to Firefox" botton, as shown In the figure shown. ![add_ons_14](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_14.webp) -Figure 30. The file-based installation method. +The figure shown. The file-based installation method. -**Step 8 –** Then, you would save the file to a location to use later, as shown in Figure 31. +**Step 8 –** Then, you would save the file to a location to use later, as shown In the figure shown. ![add_ons_15](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_15.webp) -Figure 31. Choosing where to save the file. +The figure shown. Choosing where to save the file. **Step 9 –** Next, you also need to decide if you want to leave the user's existing add-ons in place (with MODE=MERGE) or wipe out what the user already has (with MODE=REPLACE). You will use whatever @@ -71,3 +71,6 @@ Note the following: that, there is a single slash per directory. - UNC paths include "File:", followed by five front slashes to denote the UNC path start. Following that, there is a single slash per directory. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/overview.md index c8f0439912..e2c702cbda 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/overview.md @@ -9,8 +9,11 @@ sidebar_position: 40 Netwrix Endpoint Policy Manager (formerly PolicyPak) can manipulate Firefox add-ons by enabling and disabling add-ons of all types. Endpoint Policy Manager can also force the installation of or force the removal of specific add-ons. To find Firefox's add-ons, select "Add-ons" within Firefox, as -shown in Figure 15. +shown In the figure shown. ![add_ons](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons.webp) -Figure 15. The Add-ons tab. +The figure shown. The Add-ons tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/tipstricks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/tipstricks.md index 56bb8044a3..e95c514419 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/tipstricks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/tipstricks.md @@ -24,11 +24,11 @@ The Add-ons section in the Firefox AppSet has the following extra special checkb user interface (UI) to make it harder for users to work around your settings. - Hide about:addons page UI: This completely blanks out the add-ons page. -You can see these checkboxes below in Figure 25. +You can see these checkboxes below In the figure shown. ![add_ons_9](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_9.webp) -Figure 25. Disabling and hiding add-ons. +The figure shown. Disabling and hiding add-ons. :::note If you select "Disable the installation of Firefox extensions" you must right-click the @@ -40,11 +40,11 @@ blocked from installing Firefox extensions manually. The result of selecting "Disable the installation of Firefox extensions" is that when users attempt -to install any extension, in any manner, they are blocked, as shown in Figure 26. +to install any extension, in any manner, they are blocked, as shown In the figure shown. ![add_ons_10](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_10.webp) -Figure 26. A disabled add-on. +The figure shown. A disabled add-on. The result of selecting the checkbox, "Hide Firefox UI for installing extensions," is shown in Figure 27 below. This makes it more difficult for user to use the Add-ons Manager and manipulate @@ -52,4 +52,7 @@ settings. ![add_ons_11](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/addons/add_ons_11.webp) -Figure 27. Before (above) and after (below) hiding the Firefox UI for installing extensions. +The figure shown. Before (above) and after (below) hiding the Firefox UI for installing extensions. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/wildcard.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/wildcard.md index 68dd716b2a..bf8b57715b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/wildcard.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/addons/wildcard.md @@ -32,3 +32,6 @@ If you use \*all\*, disable, you could see Firefox close after disabling all extensions; it could take a second launch to work. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/applicationhandlers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/applicationhandlers.md index 8f3c7e4f7d..8ae27eb74a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/applicationhandlers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/applicationhandlers.md @@ -8,12 +8,12 @@ sidebar_position: 70 Netwrix Endpoint Policy Manager (formerly PolicyPak) can manage which applications open outside of Firefox. The most common use cases are to open Adobe Reader instead of the internal Firefox PDF -viewer, or launch WinZip when a ZIP file is encountered. These can be seen in Figure 51. The node +viewer, or launch WinZip when a ZIP file is encountered. These can be seen In the figure shown. The node only works with client-side extension (CSE) build 1560 or later. ![managing_application_handlers](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/managing_application_handlers.webp) -Figure 51. Settings for opening applications outside of Firefox. +The figure shown. Settings for opening applications outside of Firefox. You can use keyword MODE=REPLACE or MODE=MERGE. MODE=REPLACE will wipe out whatever the user has already selected, and put in your entries. MODE=MERGE will take the entries listed here and add them @@ -33,11 +33,11 @@ MODE=REPLACE     ``` However, that doesn't happen because the UI doesn't change for the hard-coded items. Your list might -look different from what is shown in Figure 52. +look different from what is shown In the figure shown. ![managing_application_handlers_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/managing_application_handlers_1.webp) -Figure 52. Choosing how Firefox will handle downloaded files. +The figure shown. Choosing how Firefox will handle downloaded files. - Internal versus external programs @@ -46,11 +46,11 @@ Figure 52. Choosing how Firefox will handle downloaded files. with some special meaning for the Web (CSS, JS, etc.).  The actual decision is made based on so-called MIME type, and not on file extension. In the case of HTTP/HTTP surfing, Firefox usually uses the MIME type returned in the "content-type" response header, as shown in - Figure 53. + The figure shown. ![managing_application_handlers_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/managing_application_handlers_2.webp) -Figure 53. The MIME type is determined by the "content-type" response header. +The figure shown. The MIME type is determined by the "content-type" response header. If the MIME type is "`text/plain`," "`text/html`," "`text/css`," "`image/jpeg`," or any other special type, the file is opened internally. Even if the "content-type" header is not set in the web @@ -59,11 +59,11 @@ opens resources of special types internally. For this reason, even though it is handlers for JPG, HTML, HTM, TXT, etc., which will appear in the UI, Firefox will keep opening resources of such types internally. The general rule of thumb here is the following: when there is no handler for the given type and Firefox normally shows an "Open with" dialog box for this type, it -fires Application Handler for the same type when there is a handler, as shown in Figure 54. +fires Application Handler for the same type when there is a handler, as shown In the figure shown. ![managing_application_handlers_3](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/managing_application_handlers_3.webp) -Figure 54. The "Open with" dialog box. +The figure shown. The "Open with" dialog box. MIME type returns from web servers @@ -72,14 +72,17 @@ The actual behavior during Web surfing depends on the MIME type for the resource (application/x-zip-compressed), it might not work for resources returned with a non-standard MIME type. If the returned MIME type is a generic type for binary resources (application/octet stream), or some type with no special meaning for Firefox, Firefox fires Application Handler to open files -like this, as shown in Figure 55. +like this, as shown In the figure shown. ![managing_application_handlers_4](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/managing_application_handlers_4.webp) -Figure 55. The Firefox Application Handler. +The figure shown. The Firefox Application Handler. Otherwise, the file will be opened internally. The MIME type returned in response depends on "Web-Server" and resource settings, and it's up to the server to return the correct MIME type. The general rule of thumb here is similar to that in the second bullet point above. If Firefox shows an "Open with" dialog box when there is no handler for the resource, it fires Application Handler for the same resource if there is one. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/bookmarks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/bookmarks.md index bfb05c78e9..1c71356fbe 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/bookmarks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/bookmarks.md @@ -11,28 +11,28 @@ Firefox has two types of bookmarks: - bookmarks menu - bookmarks toolbar -In Figure 3, you can see the bookmarks in the menu system. +In the figure shown, you can see the bookmarks in the menu system. ![bookmarks](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/bookmarks.webp) -Figure 3. Bookmarks in the menu system. +The figure shown. Bookmarks in the menu system. -Bookmarks may also be stored in the toolbar by selecting "Bookmarks Toolbar," as seen in Figure 4. +Bookmarks may also be stored in the toolbar by selecting "Bookmarks Toolbar," as seen In the figure shown. When users do this, they can see bookmarks on the toolbar. ![bookmarks_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/bookmarks_1.webp) -Figure 4. Bookmarks in the toolbar. +The figure shown. Bookmarks in the toolbar. Netwrix Endpoint Policy Manager (formerly PolicyPak) can manage bookmarks within Firefox, as shown -in Figure 5. +In the figure shown. ![bookmarks_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/bookmarks_2.webp) -Figure 5. Endpoint Policy Manager managing permissions within Firefox. +The figure shown. Endpoint Policy Manager managing permissions within Firefox. Video: To see a video of Endpoint Policy Manager managing bookmarks, go to -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-bookmarks.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-bookmarks.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-firefox-bookmarks.html](https://www.policypak.com/video/endpointpolicymanager-manage-firefox-bookmarks.html). The format you need to specify is @@ -40,11 +40,11 @@ The format you need to specify is So, for example, -`Folder123\PolicyPak, http://endpointpolicymanager.com, toolbar, add ` +`Folder123\PolicyPak, https://policypak.com, toolbar, add ` -would add endpointpolicymanager.com to the folder named Folder123 inside the toolbar. +would add policypak.com to the folder named Folder123 inside the toolbar. -`Folder123\PolicyPak, http://endpointpolicymanager.com, menu, add ` +`Folder123\PolicyPak, https://policypak.com, menu, add ` would add Endpoint Policy Manager to a folder named Folder123 inside the menu system. @@ -59,3 +59,5 @@ Group Policy that conflicts, then the Group Policy setting will win. You must specify precisely the name and folder where items will be DELETED. ::: + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview.md index 28564e4214..9d88653df0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview.md @@ -9,9 +9,9 @@ sidebar_position: 90 This document will help you to understand how to use the AppSet named "Mozilla Firefox 23.0". This AppSet works for Firefox 23 and later but only works with Firefox ESR, and not the regular version. For more details on this see: -[https://www.endpointpolicymanager.com/pp-blog/policypak-will-soon-only-support-firefox-esr](https://www.endpointpolicymanager.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr) +[https://www.policypak.com/pp-blog/policypak-will-soon-only-support-firefox-esr](https://www.policypak.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr) -Only use this document after you have read and worked through Book 3: Application Settings Manager +Only use this document after you have read and worked through the Application Settings Manager documentation and have successfully tested "Winzip 14," or an example application. Some features are only available when you have a Netwrix Endpoint Policy Manager (formerly PolicyPak) client-side extension (CSE) which supports the feature. Inside the AppSet, we've noted when a feature requires a specific @@ -35,13 +35,16 @@ For information on how to migrate from any of these old Firefox AppSets to the F see the section title "Migrating to the Firefox 23 AppSet" in this document. This AppSet is no different than other AppSets, in that it can be placed into Local, Shared or -Central storage. (See Book 3: Application Settings Manager for details.) Once placed into the -storage location, it will be available as seen in Figure 1. +Central storage. (See the Application Settings Manager documentation for details.) Once placed into the +storage location, it will be available as seen In the figure shown. ![about_this_document_and_the](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/about_this_document_and_the.webp) -Figure 1. The Endpoint Policy Manager Mozilla Firefox Pak. +The figure shown. The Endpoint Policy Manager Mozilla Firefox Pak. The AppSet may be used on the User or Computer side just like all other AppSets. However, Firefox lockdown features are ONLY available on the COMPUTER side, and therefore we recommend using the Firefox AppSet on the Computer side. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview_1.md index c2c7c250a2..56f8387f2a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/overview_1.md @@ -12,14 +12,14 @@ need to learn how to convert a certificate, see the section "Exporting Certifica Binary-Encoded DER Format" below. Video: To see a video of Endpoint Policy Manager managing Firefox's add-ons, go to -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-certificates.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-certificates.html) +[https://www.policypak.com/video/endpointpolicymanager-manage-firefox-certificates.html](http://www.policypak.com/video/endpointpolicymanager-manage-firefox-certificates.html) You can see Firefox's certificates under` Options | Advanced | Certificates | View Certificates`, as -shown in Figure 42. +shown In the figure shown. ![certificates](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates.webp) -Figure 42. The Servers tab within the Certificate Manager. +The figure shown. The Servers tab within the Certificate Manager. To manage Firefox's certificates, you need to specify the location of the certificate to import (source) and the location where you want to deliver it (target). The source location can be local, @@ -27,7 +27,7 @@ on a file server, etc. ![certificates_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_1.webp) -Figure 43. Specifying the Firefox certificate location. +The figure shown. Specifying the Firefox certificate location. Target locations require a keyword to specify the location. The possible values are listed in Table 3. @@ -47,11 +47,11 @@ using the following: `\\DC\Share\Fabrikam-CA.cer, 1, ROOT, add`. If the optional specified, it defaults to 0, meaning that the client-side extension (CSE) will re-read the certificate file every time Firefox starts. Note that if the file is unavailable or the remote location is offline, the launch of Firefox is not slowed down. Additionally, you might want to -deliver certificates to all these stores, as shown in Figure 44. +deliver certificates to all these stores, as shown In the figure shown. ![certificates_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_2.webp) -Figure 44. Editing the trust settings. +The figure shown. Editing the trust settings. To do so, use the following syntax: `\\Server\Share\FF.cer,1,C;C;C,add`. Note that the certificate authority is omitted in this correct syntax. For more information on this advanced syntax, see the @@ -59,7 +59,7 @@ following :::note -[http://www.endpointpolicymanager.com/knowledge-base/preconfigured-paks/firefox-how-can-i-deliver-certificates-to-certificate-authority-store-and-select-websites-mail-users-and-software-makers.html](http://www.endpointpolicymanager.com/knowledge-base/preconfigured-paks/firefox-how-can-i-deliver-certificates-to-certificate-authority-store-and-select-websites-mail-users-and-software-makers.html). +[https://www.policypak.com/knowledge-base/preconfigured-paks/firefox-how-can-i-deliver-certificates-to-certificate-authority-store-and-select-websites-mail-users-and-software-makers.html](http://www.policypak.com/knowledge-base/preconfigured-paks/firefox-how-can-i-deliver-certificates-to-certificate-authority-store-and-select-websites-mail-users-and-software-makers.html). ::: @@ -74,43 +74,43 @@ removed. ![certificates_3](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_3.webp) -Figure 45. SHA Fingerprint location. +The figure shown. SHA Fingerprint location. ## Exporting Certificates to the Binary-Encoded DER Format Endpoint Policy Manager can only work with binary-encoded DER certificates. If you have a certificate of another type, you may import it first into Firefox. Then, you can immediately export -it as a DER file, as shown in Figure 46. +it as a DER file, as shown In the figure shown. ![certificates_4](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_4.webp) -Figure 46. Explorting a certificate as a DER. +The figure shown. Explorting a certificate as a DER. You can optionally perform the same type of export by looking at the file itself in the Details tab of Explorer, and then selecting the "Copy to File" button. Then, select "DER encoded binary X.509 -(CER)," as shown in Figure 47. +(CER)," as shown In the figure shown. ![certificates_5](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_5.webp) -Figure 47. Exporting via Explorer. +The figure shown. Exporting via Explorer. ## Troubleshooting Certificates If you are not seeing the results you expect, you can look in Endpoint Policy Manager's logs (see -Book 3: Application Settings Manager for more information) as well as Firefox's log. An example of +the Application Settings Manager documentation for more information) as well as Firefox's log. An example of Endpoint Policy Manager's log showing that certificates are correctly being added can be seen in -Figure 48. +The figure shown. ![certificates_6](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_6.webp) -Figure 48. The Endpoint Policy Manager log with certificate details. +The figure shown. The Endpoint Policy Manager log with certificate details. You can also use Firefox's log by clicking Ctrl+Shift+J on any page. In the log below (Figure 49), you can see certificates being added to the proper stores. ![certificates_7](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_7.webp) -Figure 49. The Firefox log with certificate details. +The figure shown. The Firefox log with certificate details. The most common reasons for certificates not showing up the store you want are the following: @@ -133,8 +133,11 @@ The most common reasons for certificates not showing up the store you want are t `\\DC\Share\Fabrikam-CA.cer, 2, CA`, add and not `\\DC\Share\Fabrikam-CA.cer, CA, 2, add`. In the logs, you would see this transposition error as -shown in Figure 50. +shown In the figure shown. ![certificates_8](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_8.webp) -Figure 50. Log showing a transposition error. +The figure shown. Log showing a transposition error. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/permissions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/permissions.md index a896110add..a018f816dc 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/permissions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/permissions.md @@ -12,48 +12,48 @@ Starting recently in Firefox, you can only see permissions and pop-ups by doing **Step 2 –** Click on the lock icon or another icon in that space. -**Step 3 –** Click the right arrow as shown in Figure 6. +**Step 3 –** Click the right arrow as shown In the figure shown. -**Step 4 –** Click on "More Information," as shown in Figure 7. +**Step 4 –** Click on "More Information," as shown In the figure shown. -**Step 5 –** After doing this, you will reach the Permissions tab, as shown in Figure 8. +**Step 5 –** After doing this, you will reach the Permissions tab, as shown In the figure shown. ![permissions_and_pop_ups](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups.webp) -Figure 6. To see permissions and pop-ups click, one must click on the lock icon and then on the +The figure shown. To see permissions and pop-ups click, one must click on the lock icon and then on the right arrow. ![permissions_and_pop_ups_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_1.webp) -Figure 7. The next step to see the permissions and pop-ups is to click on "More Information." +The figure shown. The next step to see the permissions and pop-ups is to click on "More Information." ![permissions_and_pop_ups_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_2.webp) -Figure 8. The Permissions tab. +The figure shown. The Permissions tab. You can see Firefox's pop-up exceptions using Options | Privacy & Security | Exceptions, as shown in -Figure 9 and Figure 10. +Figure 9 and The figure shown. ![permissions_and_pop_ups_3](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_3.webp) -Figure 9. Firefox's pop-up exceptions. +The figure shown. Firefox's pop-up exceptions. ![permissions_and_pop_ups_4](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_4.webp) -Figure 10. The pop-up exceptions page. +The figure shown. The pop-up exceptions page. Netwrix Endpoint Policy Manager (formerly PolicyPak) can manipulate most areas of permissions and pop-ups. Within the Firefox AppSet, you can use the Permissions tab to enter in the values you wish -for the sites that are allowed to have pop-ups and you can set permissions, as shown in Figure 11. +for the sites that are allowed to have pop-ups and you can set permissions, as shown In the figure shown. ![permissions_and_pop_ups_5](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_5.webp) -Figure 11. Using Endpoint Policy Manager to configure the Permissions tab. +The figure shown. Using Endpoint Policy Manager to configure the Permissions tab. To see a video of Endpoint Policy Manager managing permissions and pop-ups, to go -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-pop-ups-and-permissions-using-group-policy.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-pop-ups-and-permissions-using-group-policy.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-firefox-pop-ups-and-permissions-using-group-policy.html](http://www.policypak.com/video/endpointpolicymanager-manage-firefox-pop-ups-and-permissions-using-group-policy.html). -In Figure 11, you can see the key word after the website, like "image," "Geo," "cookie," and so on. +In the figure shown, you can see the key word after the website, like "image," "Geo," "cookie," and so on. Use Table 1 to find the key word for the area on the website you would like to manage. Table 1: PolicyPak keywords. @@ -79,33 +79,36 @@ website. To do this, you need the "short name" of the plugin. Video: To see a video of how to discover the short name of a plugin and ensure it always works for a particular website, go to -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-plug-ins-per-website.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-firefox-plug-ins-per-website.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-firefox-plug-ins-per-website.html](http://www.policypak.com/video/endpointpolicymanager-manage-firefox-plug-ins-per-website.html). For example, if you want to ensure that when end-users go to a specific Citrix website, the Citrix ICA plugin is always set to ALLOW for that site, you would need to know the Citrix plugin short name, which is "npican." Then, you would enter http://site.com, plugin:npican, allow. This is -illustrated in Figure 12. +illustrated In the figure shown. ![permissions_and_pop_ups_6](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_6.webp) -Figure 12. The plug in short name within the Permissions tab. +The figure shown. The plug in short name within the Permissions tab. This will ensure on the endpoint that Firefox will perform the ALLOW command on that plugin for that -website, as shown in Figure 13. +website, as shown In the figure shown. ![permissions_and_pop_ups_7](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_7.webp) -Figure 13. The plug in is allowed in Firefox. +The figure shown. The plug in is allowed in Firefox. To get plugin short names, you need to use a SQLLite browser, like http://sqlitebrowser.org/. Then, do the following: -**Step 1 –** Open the firefox permissions.sqllite database, as shown in Figure 14. +**Step 1 –** Open the firefox permissions.sqllite database, as shown In the figure shown. **Step 2 –** Select the table "moz_perms." -**Step 3 –** Locate the website and the type, as shown in Figure 14, to discover the short name. +**Step 3 –** Locate the website and the type, as shown In the figure shown, to discover the short name. ![permissions_and_pop_ups_8](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/permissions_and_pop_ups_8.webp) -Figure 14. Finding the plug in short name. +The figure shown. Finding the plug in short name. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/preferences.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/preferences.md index 471e8ea702..2b932ac489 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/preferences.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/preferences.md @@ -13,42 +13,42 @@ Video: To see a video of Endpoint Policy Manager disabling various Firefox user see [Disable the following about:config, about:addons, pages, Developer Menu, and any Preferences in one click](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/disable.md). -For instance, you can select "Hide about:config UI" in the About:Config tab, as shown in Figure 32. +For instance, you can select "Hide about:config UI" in the About:Config tab, as shown In the figure shown. ![hiding_preferences_pages_and](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and.webp) -Figure 32. Hiding the about:config page. +The figure shown. Hiding the about:config page. Endpoint Policy Manager can hide the about:addons page UI with a checkbox in the Add-Ons: -Extensions, Appearance, Plugins, and Service page, as shown in Figure 33. +Extensions, Appearance, Plugins, and Service page, as shown In the figure shown. ![hiding_preferences_pages_and_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_1.webp) -Figure 33. Hiding the about:addons page. +The figure shown. Hiding the about:addons page. -Endpoint Policy Manager can allow you to hide the Australis menu in FireFox (seen in Figure 34) by -clicking the "Hide Australis button" in the Extras tab, as shown in Figure 35. Endpoint Policy +Endpoint Policy Manager can allow you to hide the Australis menu in FireFox (seen In the figure shown) by +clicking the "Hide Australis button" in the Extras tab, as shown In the figure shown. Endpoint Policy Manager can also provide you with the ability to disable the web developer menu and many other -special pages, as shown in Figure 35. +special pages, as shown In the figure shown. ![hiding_preferences_pages_and_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_2.webp) -Figure 34. The Australis menu. +The figure shown. The Australis menu. ![hiding_preferences_pages_and_3](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_3.webp) -Figure 35. Disabling the web developer menu and other special pages. +The figure shown. Disabling the web developer menu and other special pages. Note that some of the options specifically require that the settings be right-clicked and locked in order to work. This means they must be deployed on the Computer side, because only Group Policy Objects (GPOs) based on the Computer side can be locked with the Firefox AppSet. Lastly, Endpoint Policy Manager has another huge array of special things that can be hidden within -the About:Preferences tab, as shown in Figure 36. +the About:Preferences tab, as shown In the figure shown. ![hiding_preferences_pages_and_4](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_4.webp) -Figure 36. Hiding preferences. +The figure shown. Hiding preferences. The items on the left only require one click to get the expected response in Firefox. The special box on the right can remove nearly every element in Firefox, but you need to know the special @@ -58,35 +58,35 @@ Video: To see a video of Endpoint Policy Manager removing elements in about:pref [Firefox Remove Specific Elements from about:preferences panel](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/removeelements.md). For instance, let's imagine you wanted to hide the element "Play DRM-controlled content" in the -Content section, as shown in Figure 37. In this example, we did a search for DRM rather than +Content section, as shown In the figure shown. In this example, we did a search for DRM rather than navigate to it through the menus. ![hiding_preferences_pages_and_5](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_5.webp) -Figure 37. Hiding DRM-controlled content. +The figure shown. Hiding DRM-controlled content. Start by opening the Firefox web developer tools (press Ctrl + Shift + I) or select Options | -Developer | Toggle Tools, as shown in Figure 38. +Developer | Toggle Tools, as shown In the figure shown. ![hiding_preferences_pages_and_6](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_6.webp) -Figure 38. Web developer menu. +The figure shown. Web developer menu. -Then, as shown in Figure 39, click the selector icon all the way on the left side, then click the +Then, as shown In the figure shown, click the selector icon all the way on the left side, then click the "Play DRM content" element. The element will light up with a red dotted box, and in the Inspector pane, you'll see the element ID. ![hiding_preferences_pages_and_7](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_7.webp) -Figure 39. Selecting the "Play DRM content" element. +The figure shown. Selecting the "Play DRM content" element. In this case, `checkbox id=" playDRMContent"`. Copy its value into the textbox in Firefox 23.0 -AppSet, as shown in Figure 40. You can also see another value, useMasterPassword, there as well to +AppSet, as shown In the figure shown. You can also see another value, useMasterPassword, there as well to show how multiple values are separated by commas. ![hiding_preferences_pages_and_8](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_8.webp) -Figure 40. Copying the value to the Firefox 23.0 textbox. +The figure shown. Copying the value to the Firefox 23.0 textbox. :::warning All values are comma separated instead of being one per line. @@ -97,6 +97,9 @@ The result once Group Policy applies and Firefox is restarted is that the elemen ![hiding_preferences_pages_and_9](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/hiding_preferences_pages_and_9.webp) -Figure 41. The DRM content setting is now hidden. +The figure shown. The DRM content setting is now hidden. Later, if the element ID is removed from the MMC, it will return back. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialfeatures.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialfeatures.md index 2e510afdde..577f43fb39 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialfeatures.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialfeatures.md @@ -11,30 +11,33 @@ to modify and manage the overall Firefox experience for the end users. ## Preventing Extra Tabs at Firefox Startup -When you run Firefox for the first time, you see extra tabs, as shown in Figure 56. +When you run Firefox for the first time, you see extra tabs, as shown In the figure shown. ![special_features_in_the_firefox](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/special_features_in_the_firefox.webp) -Figure 56. Extra tabs appear when starting Firefox for the first time. +The figure shown. Extra tabs appear when starting Firefox for the first time. Video: Watch this video to see how to eliminate extra tabs on the first launch of Firefox -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-remove-firefoxs-extra-tabs-at-first-launch.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-remove-firefoxs-extra-tabs-at-first-launch.html) +[https://www.policypak.com/video/endpointpolicymanager-remove-firefoxs-extra-tabs-at-first-launch.html](http://www.policypak.com/video/endpointpolicymanager-remove-firefoxs-extra-tabs-at-first-launch.html) -To disable the extra tabs, you can use the Options menu, as shown in Figure 57, and check the four +To disable the extra tabs, you can use the Options menu, as shown In the figure shown, and check the four options for disabling extra tabs in Windows 10. ![special_features_in_the_firefox_1](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/special_features_in_the_firefox_1.webp) -Figure 57. Disabling extra tabs in the Options menu. +The figure shown. Disabling extra tabs in the Options menu. ## Changing the Firefox Default Search Engine Changing the default search engine in Firefox is possible with CSE 1122 and later. It's located on -the Extras tab as shown in Figure 58. +the Extras tab as shown In the figure shown. Video: Watch this to see how to change the default search engine in Firefox -[http://www.endpointpolicymanager.com/video/firefox-changing-the-firefox-default-search-engine-in-one-click.html](http://www.endpointpolicymanager.com/video/firefox-changing-the-firefox-default-search-engine-in-one-click.html) +[https://www.policypak.com/video/firefox-changing-the-firefox-default-search-engine-in-one-click.html](http://www.policypak.com/video/firefox-changing-the-firefox-default-search-engine-in-one-click.html) ![special_features_in_the_firefox_2](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/special_features_in_the_firefox_2.webp) -Figure 58. Specifying the search engine of your choice with Endpoint Policy Manager. +The figure shown. Specifying the search engine of your choice with Endpoint Policy Manager. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialsections.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialsections.md index 13f9e75d54..794fd31d4a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialsections.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/specialsections.md @@ -11,12 +11,12 @@ values listed for how to use that section. Many also let you specify the first l `MODE=REPLACE` or `MODE=MERGE` -In Figure 2, you can see Permissions tab has the default example set with `MODE=REPLACE` and shows +In the figure shown, you can see Permissions tab has the default example set with `MODE=REPLACE` and shows some examples on how to use the special section. ![how_to_use_special_sections](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/how_to_use_special_sections.webp) -Figure 2. Site to Zone assignment special section. +The figure shown. Site to Zone assignment special section. :::note If you leave the MODE line off, the default is MERGE. @@ -36,3 +36,6 @@ additions make it to their environment. Note that with some sections (like Bookmarks), MERGE is the only option and is not changeable. In the next sections we'll explore each tab and highlight anything noteworthy with examples, tips, tricks, and exceptions. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/uninstall.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/uninstall.md index a8a049e9bf..05c00d43f7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/uninstall.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/firefox/uninstall.md @@ -17,3 +17,6 @@ Policy Object) isn't enough. The full CSE must be uninstalled to remove all of E Manager's Firefox functionality. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/_category_.json index cd9eecf0b5..97c301f5a7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/normalsections.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/normalsections.md index b8cd9faba3..124831db3a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/normalsections.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/normalsections.md @@ -7,14 +7,17 @@ sidebar_position: 10 # Normal Sections in the IE AppSet In the normal sections of the IE AppSet, you can click on items to select a setting. However, the IE -AppSet also has some special sections. You can see an example of a special section in Figure 2. +AppSet also has some special sections. You can see an example of a special section In the figure shown. ![normal_sections_in_the_ie](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/normal_sections_in_the_ie.webp) -Figure 2. Special and normal sections in the IE AppSet. +The figure shown. Special and normal sections in the IE AppSet. The normal sections act just like sections in all other Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Settings Manager AppSets. By clicking on a setting, it becomes underlined, and you can set special values like "Revert this policy setting to the default when this is no longer applied" or "Disable corresponding control in target application." The rest of this document will describe how to use the special sections in the IE AppSet. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/overview.md index 380664ae15..8a1c133b7a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/overview.md @@ -16,18 +16,18 @@ There are also some older IE AppSets, which should no longer be used. This AppSet has some special super powers that you won't find in other AppSets. These super powers require that the PolicyPak Application Settings Manager CSE version 707 or later be installed on the -client. Only use this document after you have already read and worked through Book 3: Application -Settings Manager and have successfully tested "Winzip 14" or an example application. The IE AppSet +client. Only use this document after you have already read and worked through the Application +Settings Manager documentation and have successfully tested "Winzip 14" or an example application. The IE AppSet is not any different, from a supportability perspective, from other AppSets. For more information about PolicyPak's support for AppSets, see the PolicyPak EULA. This AppSet is no different than other AppSets, in that it can be placed into Local, Shared, or -Central storage. (See Book 3: Application Settings Manager for details.) Once placed into the -storage location, it will be available under the Application Settings Manager, as shown in Figure 1. +Central storage. (See the Application Settings Manager documentation for details.) Once placed into the +storage location, it will be available under the Application Settings Manager, as shown In the figure shown. ![about_this_document_and_the](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/about_this_document_and_the.webp) -Figure 1. The IE AppSet. +The figure shown. The IE AppSet. The AppSet may be used on the User or Computer side just like all other AppSets. However, this AppSet is unique for several reasons: @@ -39,4 +39,4 @@ AppSet is unique for several reasons: PolicyPak DesignStudio (advanced). Video: To get started with the IE AppSet, use this video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-internet-explorer-getting-started.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-internet-explorer-getting-started.html) +[https://www.policypak.com/video/endpointpolicymanager-manage-internet-explorer-getting-started.html](http://www.policypak.com/video/endpointpolicymanager-manage-internet-explorer-getting-started.html) diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/specialsections.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/specialsections.md index cceb6ff4d7..a36eed2274 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/specialsections.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/specialsections.md @@ -13,12 +13,12 @@ use that section. Many also let you specify the first line as: MODE=REPLACE or MODE=MERGE ``` -In Figure 3, you can see the Site to Zone Assignment in the Security tab has the default example set +In the figure shown, you can see the Site to Zone Assignment in the Security tab has the default example set with MODE=REPLACE. The figure also shows some examples on how to use the special section. ![how_to_use_special_sections](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/how_to_use_special_sections.webp) -Figure 3. Using the Site to Zone Assignment special section. +The figure shown. Using the Site to Zone Assignment special section. :::note If you leave the MODE line off, the default is MERGE. @@ -36,3 +36,6 @@ Here's what each mode does: In the next sections, we'll explore each tab and highlight anything noteworthy with examples, tips and tricks, and exceptions. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/_category_.json index 17ac93e0f9..84a9db509b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/advanced.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/advanced.md index 8670d7abb7..6191b4cb0f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/advanced.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/advanced.md @@ -7,14 +7,17 @@ sidebar_position: 80 # Advanced Tab The Advanced tab has a lot of settings, and varies from version to version of IE. You can see the -Advanced tab in IE 11 in Figure 27. +Advanced tab in IE 11 In the figure shown. ![ie_appset_tab_by_tab_23](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_23.webp) -Figure 27. The IE Advanced tab. +The figure shown. The IE Advanced tab. -Almost all of these settings are configurable in the IE AppSet, as shown in Figure 28. +Almost all of these settings are configurable in the IE AppSet, as shown In the figure shown. ![ie_appset_tab_by_tab_24](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_24.webp) -Figure 28. Configuring IE settings in the Advanced tab. +The figure shown. Configuring IE settings in the Advanced tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/compatibilityview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/compatibilityview.md index bc5d109ad9..e2a2828e43 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/compatibilityview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/compatibilityview.md @@ -7,11 +7,11 @@ sidebar_position: 100 # Compatibility View Tab Internet Explorer's Compatibility View tab lets you specify which websites go into a Compatibility -View mode. This tab is shown in Figure 34. +View mode. This tab is shown In the figure shown. ![ie_appset_tab_by_tab_30](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_30.webp) -Figure 34. IE Compatibility View settings. +The figure shown. IE Compatibility View settings. While at one time it was only possible to manage Compatibility View settings using Endpoint Policy Manager Browser Router, you can now manage these settings using the Compatibility View tab in the @@ -19,4 +19,7 @@ Endpoint Policy Manager Application Settings Manager IE AppSet. ![ie_appset_tab_by_tab_31](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_31.webp) -Figure 35. Managing Compatibility View settings. +The figure shown. Managing Compatibility View settings. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/connections.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/connections.md index 82d19578d9..e3b033efd9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/connections.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/connections.md @@ -8,20 +8,23 @@ sidebar_position: 50 Video: For a quick overview of how to manage the Connections tab using Endpoint Policy Manager Application Settings Manager see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-connections-tab.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-connections-tab.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-ie-connections-tab.html](http://www.policypak.com/video/endpointpolicymanager-manage-ie-connections-tab.html). The "LAN settings" button on Internet Explorer's Connections tab is configurable, as shown in -Figure 18. +The figure shown. ![ie_appset_tab_by_tab_14](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_14.webp) -Figure 18. IE LAN settings. +The figure shown. IE LAN settings. -The same dialog can be managed using the IE AppSet, as shown in Figure 19. +The same dialog can be managed using the IE AppSet, as shown In the figure shown. ![ie_appset_tab_by_tab_15](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_15.webp) -Figure 19. Configuring the local LAN settings for IE. +The figure shown. Configuring the local LAN settings for IE. Note the way the address needs to be specified using Endpoint Policy Manager, which is Address:Port in the Address box. The Port box is not used. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/content.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/content.md index f2137babcf..a5ac9628e4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/content.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/content.md @@ -8,37 +8,40 @@ sidebar_position: 40 Video: For a quick overview of how to manage the Content tab using Endpoint Policy Manager Application Settings Manager see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-content-tab.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-content-tab.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-ie-content-tab.html](http://www.policypak.com/video/endpointpolicymanager-manage-ie-content-tab.html). The Content tab lets you specify various restrictions. The IE AppSet now has content advisor -settings, as shown in Figure 14. +settings, as shown In the figure shown. ![ie_appset_tab_by_tab_10](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_10.webp) -Figure 14. Configuring IE content advisor settings. +The figure shown. Configuring IE content advisor settings. The Content tab has a section for "Content Advisor," which can specify the web pages that are allowed or blocked. In order to use this, you must select "Turn on Content Advisor for IE 8 and 9" (if your target is IE 8 or 9). Then you must set a password and specify the websites. The first line can be `MODE=REPLACE` or `MODE=MERGE`. If the mode is not specified, the behavior is MERGE. Next, you can specify a website with a comma then the word "allow," "block," or "remove," as shown in -Figure 15. +The figure shown. ![ie_appset_tab_by_tab_11](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_11.webp) -Figure 15. The content advisor settings. +The figure shown. The content advisor settings. -This Endpoint Policy Manager dialog corresponds to the following IE 8 dialog as shown in Figure 16. +This Endpoint Policy Manager dialog corresponds to the following IE 8 dialog as shown In the figure shown. Note IE 10 and 11 don't have this dialog, but the settings can be delivered anyway. ![ie_appset_tab_by_tab_12](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_12.webp) -Figure 16. The IE 8 dialog box. +The figure shown. The IE 8 dialog box. A certificates section is seen here, but in the AppSet, it's been moved to a tab called "Extras" and will be described later. You can, however, disable or hide the certificates buttons using Endpoint -Policy Manager, as shown in Figure 17. +Policy Manager, as shown In the figure shown. ![ie_appset_tab_by_tab_13](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_13.webp) -Figure 17. Disabling the Certificates button. +The figure shown. Disabling the Certificates button. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/enterprisemode.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/enterprisemode.md index e05e71b981..f134287033 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/enterprisemode.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/enterprisemode.md @@ -8,7 +8,7 @@ sidebar_position: 110 Video: For a quick overview of how to manage IE Enterprise Mode using Endpoint Policy Manager Browser Router see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-browser-router-enterprise-and-document-modes.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-browser-router-enterprise-and-document-modes.html) +[https://www.policypak.com/video/endpointpolicymanager-browser-router-enterprise-and-document-modes.html](http://www.policypak.com/video/endpointpolicymanager-browser-router-enterprise-and-document-modes.html) Enterprise Mode (also known as Enterprise Compatibility Mode for IE 11) is a different method for IE 11 to specify which websites go into an enhanced compatibility rendering engine. The following are @@ -31,13 +31,16 @@ need for the following: In short, Endpoint Policy Manager IE AppSet makes this process easy. You use the Endpoint Policy Manager Browser Router component and not the Endpoint Policy Manager Application Settings Manager -component, as shown in Figure 36. +component, as shown In the figure shown. ![ie_appset_tab_by_tab_32](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_32.webp) -Figure 36. Setting up a dynamic list in Enterprise Mode using Endpoint Policy Manager Browser +The figure shown. Setting up a dynamic list in Enterprise Mode using Endpoint Policy Manager Browser Router. Note that, as described in Microsoft's documentation ([http://msdn.microsoft.com/en-us/library/dn640699.aspx](http://msdn.microsoft.com/en-us/library/dn640699.aspx)), Enterprise Mode takes 65 seconds or a restart of IE the first time to see it take effect. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/extras.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/extras.md index dde0231d54..d39a155b59 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/extras.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/extras.md @@ -8,7 +8,7 @@ sidebar_position: 90 Video: For a quick overview of how to manage certificates in IE using Endpoint Policy Manager Application Settings Manager see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-certificates.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-certificates.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-ie-certificates.html](http://www.policypak.com/video/endpointpolicymanager-manage-ie-certificates.html). The Extras tab in the IE AppSet enables you to do the following: @@ -24,11 +24,11 @@ the Binary-Encoded DER Format." ::: -Examples of IE certificates are shown in Figure 29. +Examples of IE certificates are shown In the figure shown. ![ie_appset_tab_by_tab_25](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_25.webp) -Figure 29. IE Certificates. +The figure shown. IE Certificates. IE has the following locations to specify certificates: @@ -40,7 +40,7 @@ IE has the following locations to specify certificates: - Untrusted publishers You can use the IE AppSet to add or remove certificates from those locations using the following -format, as shown in Figure 30: +format, as shown In the figure shown: ``` File Location, Certificate Store, add @@ -50,7 +50,7 @@ Thumbprint, Certificate Store, remove ![ie_appset_tab_by_tab_26](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_26.webp) -Figure 30. Adding or removing IE certificates. +The figure shown. Adding or removing IE certificates. ## Adding Certificates using the IE AppSet @@ -97,11 +97,11 @@ removed by users. To remove certificates using the IE AppSet, you must know the thumbprint for the certificate you want to remove. You can find the thumbprint within IE by viewing the details for a certificate and -selecting the thumbprint, as shown in Figure 31. Then, you can copy and paste it into the AppSet. +selecting the thumbprint, as shown In the figure shown. Then, you can copy and paste it into the AppSet. ![ie_appset_tab_by_tab_27](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_27.webp) -Figure 31. Details and thumbprints of certificates in IE. +The figure shown. Details and thumbprints of certificates in IE. The format of the text to remove the certificate should include the thumbprint with spaces, a comma, the certificate store word from the table above, and the word remove: @@ -121,16 +121,19 @@ da 8f 1a 48 0b 43 93 01 fe 07 40 dc 9d d5 bb 78 9e 00 81 01, Machine\CA, remove Endpoint Policy Manager can only work with binary-formatted/DER certificates. If you have a certificate of another type, you may import it first into Internet Explorer. Then you can -immediately export it as a DER file, as shown in Figure 32. +immediately export it as a DER file, as shown In the figure shown. ![ie_appset_tab_by_tab_28](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_28.webp) -Figure 32. Exporting a certificate as a DER file. +The figure shown. Exporting a certificate as a DER file. You can optionally perform the same type of export by finding the file itself in Explorer, navigating to the Details tab, and then clicking on the "Copy to File..." button and selecting -"`DER encoded binary X.509 (CER)`," as shown in Figure 33. +"`DER encoded binary X.509 (CER)`," as shown In the figure shown. ![ie_appset_tab_by_tab_29](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/certificate/certificates_5.webp) -Figure 33. Exporting a certificate using the "Copy to File..." button. +The figure shown. Exporting a certificate using the "Copy to File..." button. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/favoriteslinks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/favoriteslinks.md index 3618c7dfd0..9c526d4ce8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/favoriteslinks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/favoriteslinks.md @@ -8,7 +8,7 @@ sidebar_position: 70 Video: For a quick overview of how to manage Favorites in IE using Endpoint Policy Manager Application Settings Manager, see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-managing-favorites-in-ie.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-managing-favorites-in-ie.html). +[https://www.policypak.com/video/endpointpolicymanager-managing-favorites-in-ie.html](http://www.policypak.com/video/endpointpolicymanager-managing-favorites-in-ie.html). There are three sections within the Endpoint Policy Manager Favorites and Links tab: @@ -22,11 +22,11 @@ entry no longer applies, but it will leave the entries the user has put in place ## Favorites: Links -Internet Explorer can save favorites for users as shown in Figure 22. +Internet Explorer can save favorites for users as shown In the figure shown. ![ie_appset_tab_by_tab_18](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_18.webp) -Figure 22. IE Favorites. +The figure shown. IE Favorites. The Favorites (Links) section within the AppSet enables you to do the following: @@ -36,7 +36,7 @@ The Favorites (Links) section within the AppSet enables you to do the following: - Add items to the Favorites bar All favorites are merged with what the user already has. To use this section, specify a favorite in -the following formats (see Figure 23). +the following formats (See the figure here). - To add the page [www.webpage.com](http://www.webpage.com) to the root of the favorites folder: @@ -54,26 +54,26 @@ Displayname, http://www.webpage.com, add ![ie_appset_tab_by_tab_19](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_19.webp) -Figure 23. Configuring IE Favorites. +The figure shown. Configuring IE Favorites. ## Favorites: Feeds and Web Slices -You can manage and deliver IE Feeds. A screenshot of the Feeds tab from IE is shown in Figure 24. +You can manage and deliver IE Feeds. A screenshot of the Feeds tab from IE is shown In the figure shown. ![ie_appset_tab_by_tab_20](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_20.webp) -Figure 24. IE Feeds. +The figure shown. IE Feeds. -Using the IE AppSet, you can add or remove a feed using the format shown in Figure 25. To do this, +Using the IE AppSet, you can add or remove a feed using the format shown In the figure shown. To do this, specify a friendlyname, the URL of the XML feed, and an optional icon file. Then specify to add or remove. ![ie_appset_tab_by_tab_21](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_21.webp) -Figure 25. Configuring IE Feeds with Endpoint Policy Manager. +The figure shown. Configuring IE Feeds with Endpoint Policy Manager. To add items to the Favorites bar, use the following format to add lines to the Favorites (Web -Slices) section, as seen in Figure 26. The results are shown on the right side of the figure. +Slices) section, as seen In the figure shown. The results are shown on the right side of the figure. `ONDELETE=REMOVE` @@ -81,4 +81,7 @@ Slices) section, as seen in Figure 26. The results are shown on the right side o ![ie_appset_tab_by_tab_22](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_22.webp) -Figure 26. Adding items to the Favorites bar. +The figure shown. Adding items to the Favorites bar. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/general.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/general.md index ed88c75075..a5e617e31c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/general.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/general.md @@ -8,19 +8,22 @@ sidebar_position: 10 Video: For a quick overview of how to manage the General tab using Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Settings Manager, see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-general-tab.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-general-tab.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-ie-general-tab.html](http://www.policypak.com/video/endpointpolicymanager-manage-ie-general-tab.html). -The General tab for IE can be seen in Figure 4. +The General tab for IE can be seen In the figure shown. ![ie_appset_tab_by_tab](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab.webp) -Figure 4. IE General tab settings. +The figure shown. IE General tab settings. One of the first special sections in the IE AppSet can set the Secondary Start Pages section, as -shown in Figure 5. This lets you configure specific secondary start pages when Internet Explorer +shown In the figure shown. This lets you configure specific secondary start pages when Internet Explorer opens up. This section is always set to REPLACE. Entries here always overwrite what the user already has in place. ![ie_appset_tab_by_tab_1](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_1.webp) -Figure 5. IE AppSet Secondary Start Pages special section. +The figure shown. IE AppSet Secondary Start Pages special section. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/overview.md index 33e8dd21ca..5a88788d6c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/overview.md @@ -7,3 +7,6 @@ sidebar_position: 30 # IE AppSet Tabs In this section, we will look at each IE tab and the tab in the IE AppSet that controls it. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/privacy.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/privacy.md index 1911127b5e..863e07ed6e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/privacy.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/privacy.md @@ -8,21 +8,21 @@ sidebar_position: 30 Video: For a quick overview of how to manage the Privacy tab using Endpoint Policy Manager Application Settings Manager, see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-privacy-tab.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-privacy-tab.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-ie-privacy-tab.html](http://www.policypak.com/video/endpointpolicymanager-manage-ie-privacy-tab.html). -The Privacy tab, shown in Figure 10, lets you specify how cookies should be handled and which +The Privacy tab, shown In the figure shown, lets you specify how cookies should be handled and which websites are allowed and blocked. ![ie_appset_tab_by_tab_6](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_6.webp) -Figure 10. Cookie settings in the Privacy tab. +The figure shown. Cookie settings in the Privacy tab. -In the IE AppSet, the dropdown menu in Figure 11 can be used to set how cookies are handled for the +In the IE AppSet, the dropdown menu In the figure shown can be used to set how cookies are handled for the Internet zone. It is important to read the note below the entry you select. ![ie_appset_tab_by_tab_7](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_7.webp) -Figure 11. Configuring cookie settings in the Privacy tab. +The figure shown. Configuring cookie settings in the Privacy tab. Additionally, the Per Site Privacy special section can also be set here. On the first line, you can specify `MODE=REPLACE` or `MODE=MERGE`. If you don't specify, the default is` MODE=MERGE`. Next, @@ -33,19 +33,22 @@ specify a web page followed by a comma and one of the following the words: This will place the site into the "Per Site Privacy Actions" list and will specify "Block" or "Allow." You can also choose to turn on the Pop-Up Blocker within the IE Privacy tab, as shown -in >Figure 12. +in >The figure shown. ![ie_appset_tab_by_tab_8](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_8.webp) -Figure 12. Pop-up Blocker settings can be found in the Privacy tab. +The figure shown. Pop-up Blocker settings can be found in the Privacy tab. -The corresponding dialog can be seen in the IE AppSet in Figure 13. +The corresponding dialog can be seen in the IE AppSet In the figure shown. ![ie_appset_tab_by_tab_9](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_9.webp) -Figure 13. Configuring the Pop-up Blocker settings in the Privacy tab. +The figure shown. Configuring the Pop-up Blocker settings in the Privacy tab. To use this, you need to check the box for "Turn on Pop-up Blocker," then click the "Settings" button. Next, specify a web page followed by a comma and the word "allow" or the word "remove" on -the exceptions list, as shown in Figure 12. This will add or remove the sites from Internet +the exceptions list, as shown In the figure shown. This will add or remove the sites from Internet Explorer's Pop-Up Blocker settings dialog. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/programs.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/programs.md index 0b98bde7dd..fcec461b09 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/programs.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/programs.md @@ -12,20 +12,20 @@ Application Settings Manager, see the following video: The Internet Explorer Programs tab is where you can specify to enable or disable plugins, toolbars, extensions, accelerators, and search providers. An example of add-ons that you can manage in -Internet Explorer 11 under Programs|Manage add-ons is shown in Figure 20. +Internet Explorer 11 under Programs|Manage add-ons is shown In the figure shown. ![ie_appset_tab_by_tab_16](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_16.webp) -Figure 20. Managing add-ons in Internet Explorer. +The figure shown. Managing add-ons in Internet Explorer. -The corresponding Endpoint Policy Manager dialog is shown in Figure 21. +The corresponding Endpoint Policy Manager dialog is shown In the figure shown. ![ie_appset_tab_by_tab_17](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_17.webp) -Figure 21. Managing IE add-ons in Endpoint Policy Manager. +The figure shown. Managing IE add-ons in Endpoint Policy Manager. To manage toolbars and extensions, you need the Class ID (GUID) of the extension, as shown in -Figure 20. Click "Copy" to copy the whole text. Then cut and paste the corresponding Class ID, +The figure shown. Click "Copy" to copy the whole text. Then cut and paste the corresponding Class ID, insert a comma, and specify "enable" or "disable," as shown in the lines of text below. `{04c37f46-d9df-473c-943c-efa8d69854b9}`, disable @@ -43,3 +43,6 @@ These items are more configurable using the Endpoint Policy Manager DesignStudio need to add more entries. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/security.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/security.md index e64e7f745f..f566e4e05a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/security.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/internetexplorer/tab/security.md @@ -8,14 +8,14 @@ sidebar_position: 20 Video: For a quick overview of how to manage the Security tab using Endpoint Policy Manager Application Settings Manager, see the following video: -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-security.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-manage-ie-security.html). +[https://www.policypak.com/video/endpointpolicymanager-manage-ie-security.html](http://www.policypak.com/video/endpointpolicymanager-manage-ie-security.html). The Security tab lets you set levels for all four zone types. The dialog within IE can be seen in -Figure 6. +The figure shown. ![ie_appset_tab_by_tab_2](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_2.webp) -Figure 6. Custom security settings for all four zone types. +The figure shown. Custom security settings for all four zone types. Using the Endpoint Policy Manager IE AppSet, click on "Set Level" for the corresponding zone and select your level (or select "Custom"). Do not set any custom settings when you select a standard @@ -23,19 +23,19 @@ option from the drop-down menu, such as Medium, Medium High, etc. ![ie_appset_tab_by_tab_3](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_3.webp) -Figure 7. Custom settings for the local intranet zone. +The figure shown. Custom settings for the local intranet zone. -Internet Explorer has a rich way of adding site to zone assignments, as shown in Figure 8. +Internet Explorer has a rich way of adding site to zone assignments, as shown In the figure shown. ![ie_appset_tab_by_tab_4](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_4.webp) -Figure 8. Adding site to zone assignments in Internet Explorer. +The figure shown. Adding site to zone assignments in Internet Explorer. -The IE AppSet Security tab Site to Zone Assignment is shown in Figure 9. +The IE AppSet Security tab Site to Zone Assignment is shown In the figure shown. ![ie_appset_tab_by_tab_5](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/tab/ie_appset_tab_by_tab_5.webp) -Figure 9. Setting site to zone assignments in the IE Pak. +The figure shown. Setting site to zone assignments in the IE Pak. On the first line, you can specify `MODE=REPLACE` or `MODE=MERGE`. If you don't specify, the default is `MODE=MERGE`. All other lines should take the form of`http://`or` https://` followed by a comma @@ -49,3 +49,6 @@ and one of the following words: This will deliver the web page into the corresponding zone or remove the web page from any zone if "remove" is specified. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/_category_.json index e0b671749e..312b617a8b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/acllockdown.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/acllockdown.md index e114d978d9..f01178de0c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/acllockdown.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/acllockdown.md @@ -12,11 +12,11 @@ For a demonstration of the ACL Lockdown™ Mode feature, please see this video: ::: -ACL Lockdown mode can be seen when you right-click a setting within an AppSet (see Figure 34). +ACL Lockdown mode can be seen when you right-click a setting within an AppSet (See the figure here). ![policypak_application_settings_1_13](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_13.webp) -Figure 34. Selecting the ACL Lockdown setting. +The figure shown. Selecting the ACL Lockdown setting. This is a very powerful Endpoint Policy Manager Application Settings Manager feature; it increases your application's security. When it is selected, two things occur: @@ -41,34 +41,37 @@ elements within the ApSet share the same file or Registry container. For instance, in WinZip, if you right-click "Minimum password length" and select "Perform ACL Lockdown," Endpoint Policy Manager will automatically select it for all other items in the AppSet -that share the same location in the Registry (see Figure 35). If you right-click any of the +that share the same location in the Registry (See the figure here). If you right-click any of the checkboxes in the Passwords tab, you can see that "Perform ACL Lockdown" will be already checked, because all the elements on this page are within the same portion of the Registry. ![policypak_application_settings_1_14](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_14.webp) -Figure 35. With "Perform ACL Lockdown" selected, all password options are automatically checked. +The figure shown. With "Perform ACL Lockdown" selected, all password options are automatically checked. However, clicking on another tab—such as Cameras—and right-clicking a setting will show that -"Perform ACL Lockdown" is not set (see Figure 36). +"Perform ACL Lockdown" is not set (See the figure here). ![policypak_application_settings_1_15](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_15.webp) -Figure 36. If other tabs are selected, "Perform ACL Lockdown" will not be set. +The figure shown. If other tabs are selected, "Perform ACL Lockdown" will not be set. This is because the items within the Cameras tab are located in a different place in the Registry than the items in the Passwords tab. To reiterate, if an application's data is stored in a file, then usually ALL items within the AppSet -will be locked when "Perform ACL Lockdown" is selected. In the example shown in Figure 37, "Perform +will be locked when "Perform ACL Lockdown" is selected. In the example shown In the figure shown, "Perform ACL Lockdown" is selected for one Firefox setting. ![policypak_application_settings_1_16](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_16.webp) -Figure 37. "Perform ACL Lockdown" is selected for one Firefox setting. +The figure shown. "Perform ACL Lockdown" is selected for one Firefox setting. However, because all the settings within Firefox are stored in the same file, they will be uneditable by the end user. When the GPO no longer applies, the ACL Lockdown settings that were originally on the Registry or on the files are returned to the state they were in before Endpoint Policy Manager took ownership. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/applock.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/applock.md index b376932ffd..d0bbd84a90 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/applock.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/applock.md @@ -47,7 +47,10 @@ If you right-click on any tab, you'll find two more settings. Figures 28, 30, and 32 illustrate the selection process for the various settings that can be enforced. Figures 29, 31, and 33 show the results of the settings on the target machines. -| ![policypak_application_settings_1_7](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_7.webp) Figure 28. Endpoint Policy Manager Application Settings Manager Applock™ hide mode. | ![policypak_application_settings_1_8](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_8.webp) Figure 29. The corresponding control in the target application has been hidden. | +| ![policypak_application_settings_1_7](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_7.webp) The figure shown. Endpoint Policy Manager Application Settings Manager Applock™ hide mode. | ![policypak_application_settings_1_8](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_8.webp) The figure shown. The corresponding control in the target application has been hidden. | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| ![policypak_application_settings_1_9](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_9.webp) Figure 30. Endpoint Policy Manager Application Settings Manager Applock™ disable mode. | ![policypak_application_settings_1_10](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_10.webp) Figure 31. The corresponding control in the target application has been grayed out. | -| ![policypak_application_settings_1_11](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_11.webp) Figure 32. In the Group Policy Editor, right-click below the tab you wish to disable, as seen here. | ![policypak_application_settings_1_12](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_12.webp) Figure 33. The target tab, Cameras, has been grayed out. Users cannot click it to see or modify any elements within this tab. | +| ![policypak_application_settings_1_9](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_9.webp) The figure shown. Endpoint Policy Manager Application Settings Manager Applock™ disable mode. | ![policypak_application_settings_1_10](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_10.webp) The figure shown. The corresponding control in the target application has been grayed out. | +| ![policypak_application_settings_1_11](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_11.webp) The figure shown. In the Group Policy Editor, right-click below the tab you wish to disable, as seen here. | ![policypak_application_settings_1_12](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_12.webp) The figure shown. The target tab, Cameras, has been grayed out. Users cannot click it to see or modify any elements within this tab. | + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/deliversettingsvalues.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/deliversettingsvalues.md index a515732dd4..43ad02f7f4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/deliversettingsvalues.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/deliversettingsvalues.md @@ -11,19 +11,19 @@ In the previous section, we placed a check inside the "at least one symbol chara the checkmark. Endpoint Policy Manager will deliver settings once you click the setting. If you see a thin -underline underneath the element, you know it's set to deliver the value, as shown in Figure 24. In +underline underneath the element, you know it's set to deliver the value, as shown In the figure shown. In the following examples, you can see how to enforce a checkbox's setting. ![policypak_application_settings_1_3](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_3.webp) -Figure 24. Underline indicating that action will be taken on these settings. +The figure shown. Underline indicating that action will be taken on these settings. -When you alter your settings to what is shown in Figure 25, the result will be NO enforcement +When you alter your settings to what is shown In the figure shown, the result will be NO enforcement action. Note that there is no underline underneath the element. ![policypak_application_settings_1_4](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_4.webp) -Figure 25. The result of these settings will be that no reinforcement action will occur. +The figure shown. The result of these settings will be that no reinforcement action will occur. Only elements that have configuration data are available to configure client machines. When you select items with configuration data, they are underlined. If an item does NOT have an underline, it @@ -34,11 +34,11 @@ Endpoint Policy Manager Application Settings Manager will deliver an uncheck set (that is, it will clear the checkbox). Again, the selected item is underlined. If the box is already checked in the client's application, Endpoint Policy Manager Application -Settings Manager will forcefully uncheck (clear) the checkbox, as shown in Figure 26. +Settings Manager will forcefully uncheck (clear) the checkbox, as shown In the figure shown. ![policypak_application_settings_1_5](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_5.webp) -Figure 26. Action will be taken to uncheck the box. +The figure shown. Action will be taken to uncheck the box. :::tip Remember, if an item is underlined, Endpoint Policy Manager Application Settings Manager will @@ -46,3 +46,6 @@ deliver the setting that is specified. Endpoint Policy Manager Application Setti deliver an element's settings if its actions have been set using Endpoint Policy Manager DesignStudio. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/enforcement.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/enforcement.md index 0359c29bcb..de8b572516 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/enforcement.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/enforcement.md @@ -47,3 +47,6 @@ enforcement options are set, the value is not applied to the client. When the un the value will not be set. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/mouseshortcuts.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/mouseshortcuts.md index 95e766aae0..2db35f7f80 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/mouseshortcuts.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/mouseshortcuts.md @@ -9,11 +9,11 @@ sidebar_position: 60 The Endpoint Policy Manager Application Settings Manager user interface has several shortcuts to help you quickly configure each tab. To discover the mouse shortcuts, right-click the whitespace (i.e., not on any specific element like a checkbox or dropdown menu). You should see the flyout -menu, shown in Figure 38. +menu, shown In the figure shown. ![policypak_application_settings_1_17](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_17.webp) -Figure 38. Application Settings Manager flyout menu. +The figure shown. Application Settings Manager flyout menu. This menu reveals several shortcuts. @@ -53,8 +53,11 @@ This menu reveals several shortcuts. features (like Hide or Disable). Note that if there are no values in any of the elements on a tab, the first two sets of shortcuts -will not be available, as seen in Figure 39. +will not be available, as seen In the figure shown. ![policypak_application_settings_1_18](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_18.webp) -Figure 39. The visible options when there are no values in any of the elements on a tab. +The figure shown. The visible options when there are no values in any of the elements on a tab. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/overview.md index a8bb73cd7d..8eeb7e1c4f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/overview.md @@ -13,24 +13,24 @@ which elements to configure, enforce, and even disable or hide. :::note To see an overview of the Enforcement modes, watch this quick tutorial video: -[https://www.endpointpolicymanager.com/video/endpointpolicymanager-the-superpowers.html](http://tinyurl.com/screenshotpilot). +[https://www.policypak.com/video/endpointpolicymanager-the-superpowers.html](http://tinyurl.com/screenshotpilot). ::: :::note To see an overview of ACL Lockdown™ mode, watch this tutorial: -[https://www.endpointpolicymanager.com/video/endpointpolicymanager-acl-lockdown-for-registry-based-applications.html](https://support.microsoft.com/en-us/kb/3087759). +[https://www.policypak.com/video/endpointpolicymanager-acl-lockdown-for-registry-based-applications.html](https://support.microsoft.com/en-us/kb/3087759). ::: -In Figure 22, you can see which modes are available when right-clicking a Endpoint Policy Manager +In the figure shown, you can see which modes are available when right-clicking a Endpoint Policy Manager Application Settings Manager attribute with settings data inside. ![policypak_application_settings_1_1](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_1.webp) -Figure 22. The modes available in Endpoint Policy Manager Application Settings Manager. +The figure shown. The modes available in Endpoint Policy Manager Application Settings Manager. -Let's examine the areas of control for an element, as seen in Figure 23. You can see we've +Let's examine the areas of control for an element, as seen In the figure shown. You can see we've highlighted the following modes: - Enforcement modes @@ -40,7 +40,7 @@ highlighted the following modes: ![policypak_application_settings_1_2](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_2.webp) -Figure 23. The areas of control for an element. +The figure shown. The areas of control for an element. :::note There is a special AppLock mode that you can apply to the entire tab to disable it. We'll @@ -49,3 +49,6 @@ discuss this in the "AppLock Modes" section. We first need to discuss how to set and deliver settings and values. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/reversion.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/reversion.md index 11d610126e..c6de0a306a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/reversion.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/reversion.md @@ -21,8 +21,11 @@ The default is to have the "at least one symbol character (!,@,#,$,%,^,&,\*…)" which means that the value will be retained on the client—even though the GPO falls out of scope. Note that when the reversion mode is set, the text in the Endpoint Policy Manager Application -Settings Manager user interface changes to italics as a visual signal, as seen in Figure 27. +Settings Manager user interface changes to italics as a visual signal, as seen In the figure shown. ![policypak_application_settings_1_6](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_6.webp) -Figure 27. Text in italics show that the reversion mode is in effect. +The figure shown. Text in italics show that the reversion mode is in effect. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/settingsdeliveryreinforcementoptions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/settingsdeliveryreinforcementoptions.md index 0b1dce3362..bc67b6018e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/settingsdeliveryreinforcementoptions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/settingsdeliveryreinforcementoptions.md @@ -12,12 +12,12 @@ and ensure that any changed settings are reapplied and up to date (if changed by Additionally, users can manually run the built-in Windows command `gpupdate.exe` to kick off a background refresh and get updated settings. But what happens if the client is offline? -As seen in Figure 41, a client machine can detect that there is no network connectivity. With no +As seen In the figure shown, a client machine can detect that there is no network connectivity. With no network connectivity, Microsoft's built-in `gpupdate.exe `will fail when it is run. ![policypak_application_settings_1_20](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_20.webp) -Figure 41. The error message that is received when `gpupdate.exe` is run while the client machine is +The figure shown. The error message that is received when `gpupdate.exe` is run while the client machine is offline. Because the network is disconnected, no updates can come from the server. @@ -49,12 +49,12 @@ Manager Application Settings Manager will reenforce application settings. ## Manual Reapplication of Settings with PPupdate Whether the computer is online or offline, PolicyPak Application Settings Manager can manually -reapply settings using` ppupdate.exe`. In Figure 42, you can see `ppupdate.exe` being run to +reapply settings using` ppupdate.exe`. In the figure shown, you can see `ppupdate.exe` being run to reinforce any changed settings. ![policypak_application_settings_1_21](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_21.webp) -Figure 42. `Ppupdate.exe` being run. +The figure shown. `Ppupdate.exe` being run. This command will work when the computer is online or offline, if the settings that are locally cached on the machine are reapplied, or if you use a non-Group Policy method (where XML data files @@ -78,12 +78,12 @@ If you do not want a particular AppSet's settings to apply automatically when th relaunched, it can be disabled when you set up the directives inside the GPMC. Inside the AppSet definition, find the Options button and deselect "Always re-apply settings when -application runs." As you can see in Figure 43, all applications are checked by default. You can +application runs." As you can see In the figure shown, all applications are checked by default. You can uncheck the checkbox to stop the reapplication. ![policypak_application_settings_1_22](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_22.webp) -Figure 43. Select or unselect the "Always re-apply settings when application runs" setting in the +The figure shown. Select or unselect the "Always re-apply settings when application runs" setting in the Options inside the Pak definition. Remember that the applications' settings will still reapply during periodic Group Policy background @@ -93,13 +93,13 @@ The reapplication is provided by a kernel-mode driver, which is actively looking that Endpoint Policy Manager Application Settings Manager is managing. If you wish to fully disable the kernel-mode driver (and, hence, the automatic reapplication of settings), you need to manually configure a Registry setting on the client at `HKLM\Software\PolicyPak\Config\Driver`, and then set -Enabled (REG_DWORD) to 0. This is demonstrated in Figure 44. +Enabled (REG_DWORD) to 0. This is demonstrated In the figure shown. Note that you also should either reboot the machine to disable or re-enable the driver. ![policypak_application_settings_1_23](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_23.webp) -Figure 44. Use the following Registry location to fully disable the Endpoint Policy Manager driver, +The figure shown. Use the following Registry location to fully disable the Endpoint Policy Manager driver, which performs reapplication of settings for applications. :::note @@ -137,10 +137,13 @@ settings even when the enforcement timer is set. ![policypak_application_settings_1_24](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_24.webp) -Figure 45. Enabling the "Do not re-apply settings with Reinforcement Timer" setting. +The figure shown. Enabling the "Do not re-apply settings with Reinforcement Timer" setting. :::note Log files for the "Automatic reapplication of settings using the timer" can be found in` %appdata%\local\PolicyPak` in a file called ppUser_onSchedule.log. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/switched.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/switched.md index 08978bec9f..eb5d766ce1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/switched.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/modes/switched.md @@ -29,13 +29,13 @@ Settings Manager for WinZip, which will affect all users who log onto the machin Switched policies are created on the Computer side, and they affect all users who use the effected machines. -In Figure 40, you can see a GPO that affects Computer accounts. You use the AppSet in the same way +In the figure shown, you can see a GPO that affects Computer accounts. You use the AppSet in the same way as you would on the User side; however, you configure it for the Computer side. The User-side policy settings will automatically affect every user who logs onto the targeted computer. ![policypak_application_settings_1_19](/images/endpointpolicymanager/applicationsettings/modes/endpointpolicymanager_application_settings_1_19.webp) -Figure 40. A GPO that affects Computer accounts. +The figure shown. A GPO that affects Computer accounts. :::tip Remember, that in order for Switched policies to apply, the GPO must be linked to an @@ -67,3 +67,6 @@ processing, loopback is enabled for every GPO, which often means a lot more poli placed on the machine than are desired. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview.md index 2124de0290..aec6e9d80b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview.md @@ -8,7 +8,7 @@ sidebar_position: 10 Quick Start with Preconfigured AppSets -Before reading this section, please ensure you have read Book 2: Installation and Quick Start, which +Before reading this section, please ensure you have read the [Installation and Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you learn to do the following: - Install the Admin MSI on your GPMC machine @@ -34,5 +34,5 @@ Some of our most popular AppSets are for use with: - Microsoft products You can find the latest versions of our AppSets on our website at -[http://www.endpointpolicymanager.com/products/endpointpolicymanager-preconfigured-paks.html](http://www.endpointpolicymanager.com/videos/sn6j7q1clmq.html). +[https://www.policypak.com/products/endpointpolicymanager-preconfigured-paks.html](http://www.policypak.com/videos/sn6j7q1clmq.html). Most AppSets have corresponding videos with examples showing you how to use the AppSets. diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview_1.md index bc9c7d6bc1..2fb519e76f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview_1.md @@ -44,14 +44,14 @@ Endpoint Policy Manager extension DLL from it. These files are usually quite sma stored. The Endpoint Policy Manager Application Settings Manager data inside a GPO is backed up and restored -with normal GPMC backup procedures, as seen in Figure 90. +with normal GPMC backup procedures, as seen In the figure shown. ![backup_restore_and_xml_export](/images/endpointpolicymanager/troubleshooting/applicationsettings/backup/backup_restore_and_xml_export.webp) -Figure 90. Backing up data with normal GPMC backup procedures. +The figure shown. Backing up data with normal GPMC backup procedures. If a GPO is ever deleted, its data can be quickly restored using the GPMC's "Manage Backups" option, -also seen in Figure 89. +also seen In the figure shown. When restoring, the Endpoint Policy Manager Application Settings Manager data and all the modes (Enforcement, Reversion, and Endpoint Policy Manager AppLock™) are restored. @@ -72,11 +72,11 @@ configure a group of settings within an AppSet and share those exact settings wi administrator for later implementation. The idea of exporting is simple: use your AppSet, set your settings, click on the Options button, -and then select "Export" to export the data, as seen in Figure 91. +and then select "Export" to export the data, as seen In the figure shown. ![backup_restore_and_xml_export_1](/images/endpointpolicymanager/troubleshooting/applicationsettings/backup/backup_restore_and_xml_export_1.webp) -Figure 91. The exact settings you specified inside a Pak within a GPO can be exported and, later, +The figure shown. The exact settings you specified inside a Pak within a GPO can be exported and, later, imported by selecting one of these options. You will be prompted for a location to save your data. Be sure to give a name that makes sense for @@ -99,3 +99,6 @@ instance, with use of Microsoft Endpoint Configuration Manager, Endpoint Policy Endpoint Policy Manager Cloud. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/_category_.json index 778501cd96..4bcb4433cb 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/acllockdown.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/acllockdown.md index fc78808b97..e6b966b141 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/acllockdown.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/acllockdown.md @@ -15,7 +15,7 @@ In addition, Endpoint Policy Manager Application Settings Manager can perform AC :::note To see Endpoint Policy Manager Application Settings Manager ACL Lockdown™ in action, watch this video: -[https://www.endpointpolicymanager.com/video/endpointpolicymanager-acl-lockdown-for-registry-based-applications.html](http://www.endpointpolicymanager.com/videos/bypassing-internal-item-level-targeting-filters.html). +[https://youtu.be/bSuxXH10vSAl](https://youtu.be/bSuxXH10vSA). ::: @@ -26,11 +26,11 @@ the effected pieces of the application. **Step 1 –** To see ACL Lockdown in action, let's go back into the GPO and turn it on. To do this, right-click "at least one lower case character (a-z)" and select "Perform ACL Lockdown," as seen in -Figure 14. +The figure shown. ![policypak_application_settings_13](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_13.webp) -Figure 14. Selecting the "Perform ACL Lockdown" setting. +The figure shown. Selecting the "Perform ACL Lockdown" setting. **Step 2 –** When you perform ACL Lockdown on one setting, the same portion of the Registry (or file system) might contain more than one setting. For instance, all the items in the Passwords tab are @@ -47,11 +47,11 @@ On the client machine **Step 3 –** ACL Lockdown is now working while the application is running. Now, go back to WinZip's Options, select the Passwords tab, and uncheck the two checkboxes that are available, as shown in -Figure 15. Then click OK. +The figure shown. Then click OK. ![policypak_application_settings_14](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_14.webp) -Figure 15. The Passwords tab in WinZip Options. +The figure shown. The Passwords tab in WinZip Options. **Step 4 –** After that's done, immediately go back to Options and select the Passwords tab again. Figure 16 shows that the user's desired changes did not take effect because Endpoint Policy Manager @@ -59,8 +59,11 @@ Application Settings Manager has used ACL Lockdown™ to perform the lockout of ![policypak_application_settings_15](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_15.webp) -Figure 16. Using ACL Lockdown, the user's changes have not taken effect because the settings have +The figure shown. Using ACL Lockdown, the user's changes have not taken effect because the settings have been locked. For more information on ACL Lockdown™, see section, "ACL Lockdown™ Mode," in the next major section in the manual. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/automaticreapplicationchanges.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/automaticreapplicationchanges.md index 656a8ae48a..8e0358a2f5 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/automaticreapplicationchanges.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/automaticreapplicationchanges.md @@ -20,3 +20,6 @@ application changes when the application is run. This is set automatically for a under Endpoint Policy Manager Application Settings Manager by default, but can be changed. For more information on Endpoint Policy Manager Application Settings Manager's automatic reapplication of settings, see section, "Settings Delivery and Reinforcement Options" in the next major section. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/leverageexisting.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/leverageexisting.md index 3245db2dcf..d91f579323 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/leverageexisting.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/leverageexisting.md @@ -26,11 +26,11 @@ manage Group Policy with the GPMC. **Step 2 –** To get started immediately, all you need to do is copy the` pp-WinZip 14 to 17.dll` file to the `C:\Program` Files `(x86)\PolicyPak\Extensions` folder (on 64-bit machines) or `C:\Program Files\PolicyPak\Extensions (on 32-bit machines)`. You can see how this is done in -Figure 1. +The figure shown. ![policypak_application_settings](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings.webp) -Figure 1. Copying the `DLL` file to the C: drive. +The figure shown. Copying the `DLL` file to the C: drive. :::note If you don't see the `PolicyPak\Extensions` folder, you may not have installed the @@ -38,3 +38,6 @@ Endpoint Policy Manager Admin Console.MSI (32-bit or 64-bit). This must be done you manage Group Policy, and you must have the GPMC installed. ::: + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/revertappset.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/revertappset.md index 93aa69d9e4..0e816561cc 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/revertappset.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/revertappset.md @@ -10,11 +10,11 @@ Let's simulate what would happen if the user changes job roles or the GPO is no **Step 1 –** Find the account you're using within the OU. Use Active Directory Users and Computers to move the account to another OU. Find the account, right-click on it, and select "Move," as seen -in Figure 17. +In the figure shown. ![policypak_application_settings_16](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_16.webp) -Figure 17. Moving user accounts to a different OU. +The figure shown. Moving user accounts to a different OU. **Step 2 –** Move the user account to an OU that will not be affected by the GPO. Then, as the user on the target computer, log off and then log back in. Since the GPO no longer affects the location @@ -28,11 +28,11 @@ be as follows: - Users can manage all settings now that Endpoint Policy Manager Application Settings Manager ACL Lockdown™ has been removed. -Results are shown in Figure 18. +Results are shown In the figure shown. ![policypak_application_settings_17](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_17.webp) -Figure 18. The settings have been reverted to their original values. +The figure shown. The settings have been reverted to their original values. Congratulations! This completes your initial Quickstart of Endpoint Policy Manager Application Settings Manager with Endpoint Policy Manager DesignStudio. Continue onward to learn about @@ -41,3 +41,6 @@ additional Endpoint Policy Manager Application Settings Manager features. Jump to the section, "Endpoint Policy Manager Application Settings Manager: DesignStudio Quickstart," in Appendix B: Endpoint Policy Manager Application Manager DesignStudio Guide if you'd like to take the Quickstart tour of how to create your own AppSets for your own applications. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/specialnotes.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/specialnotes.md index 324669215c..782e82dd62 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/specialnotes.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/specialnotes.md @@ -19,13 +19,13 @@ To see a video of Firefox UI lockout in action, watch the following video(s): :::note To see a video of Thunderbird UI lockout in action, watch the following video(s): -[http://www.endpointpolicymanager.com/products/manage-thunderbird-with-group-policy.html](https://www.endpointpolicymanager.com/video/endpointpolicymanager-the-superpowers.html). +[https://www.policypak.com/products/manage-thunderbird-with-group-policy.html](https://www.policypak.com/video/endpointpolicymanager-the-superpowers.html). ::: :::note To see a video of Java UI lockout in action, watch the following video(s): -[http://www.endpointpolicymanager.com/products/manage-java-jre-with-group-policy.html](http://www.Techsmith.com). +[https://www.policypak.com/products/manage-java-jre-with-group-policy.html](http://www.Techsmith.com). ::: @@ -38,11 +38,11 @@ Figure 19 displays an example of how to create and link a GPO to computers. ![policypak_application_settings_18](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_18.webp) -Figure 19. Creating and linking a GPO. +The figure shown. Creating and linking a GPO. This example is set up as though you've put your target computers in the East Sales Desktops folder. -Then when you edit the GPO, edit it on the Computer side, as seen in Figure 20. At that point, you +Then when you edit the GPO, edit it on the Computer side, as seen In the figure shown. At that point, you can modify settings for Firefox, Thunderbird, and Java, including "Lockdown this setting using the system-wide config file," as seen in the top of the figure with Firefox and the bottom of the figure with Java. @@ -51,17 +51,17 @@ with Java. ![policypak_application_settings_20](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_20.webp) -Figure 20. System-wide lockdown using config files is only available on the Computer side, as seen +The figure shown. System-wide lockdown using config files is only available on the Computer side, as seen in the examples of Firefox (top) and Java (bottom). It is important to note that the option "Lockdown this setting using the system-wide config file" does not appear on the User side. If you try to edit these three AppSets on the User side, you will not see an option to perform UI lockdown. An example of editing one of these AppSets (the Firefox -AppSet) on the User side (and therefore, not seeing the system-wide lockdown) is shown in Figure 21. +AppSet) on the User side (and therefore, not seeing the system-wide lockdown) is shown In the figure shown. ![policypak_application_settings_19](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_19.webp) -Figure 21. The lockdown via system-wide config file is not present on the User side. +The figure shown. The lockdown via system-wide config file is not present on the User side. Moreover, we have created a supplementary manual specifically for Firefox and another for Internet Explorer because they act a little differently. In the Endpoint Policy Manager Portal, in the @@ -74,3 +74,6 @@ Explorer. The reference documents are: These documents will explain how to manage certificates, prevent add-ons, manage bookmarks, and so on. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testapplication.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testapplication.md index f50d2f3642..21e671ad43 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testapplication.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testapplication.md @@ -10,18 +10,18 @@ Now that your preconfigured, compiled AppSet is copied to your management machin use it in the Group Policy Editor. **Step 1 –** The next step is to create and link a group policy object (GPO) for your organizational -unit (OU), like East Sales Users, as seen in Figure 2. +unit (OU), like East Sales Users, as seen In the figure shown. ![policypak_application_settings_1](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_1.webp) -**Step 2 –** Edit the GPO, and then add in the AppSet for WinZip, as seen in Figure 3. To do this, +**Step 2 –** Edit the GPO, and then add in the AppSet for WinZip, as seen In the figure shown. To do this, scroll down to User Configuration | Endpoint Policy Manager | Application Settings Manager. Then right-click on "Application Settings Manager" and select "New Application," and then choose the Endpoint Policy Manager for WinZip. ![policypak_application_settings_2](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_2.webp) -Figure 3. How to add the Pak for WinZip. +The figure shown. How to add the Pak for WinZip. :::note You can either right-click the word "Application" or right-click inside the white space in @@ -34,12 +34,12 @@ your compiled AppSet inside the Group Policy Editor. Notice how it looks exactly WinZip interface. **Step 4 –** Now, we're going to change settings inside the AppSet on the Passwords tab, which you -can see in Figure 4. The goal is to change some of WinZip's settings within the GPO, then see +can see In the figure shown. The goal is to change some of WinZip's settings within the GPO, then see results within the endpoint. ![policypak_application_settings_3](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_3.webp) -Figure 4. Location of the Passwords tab. +The figure shown. Location of the Passwords tab. **Step 5 –** For these first tests, click on the Passwords tab, and then perform the following changes: @@ -50,18 +50,18 @@ changes: numeric character, and one symbol character). Each element will be checked and also get an underline, meaning it will be delivered to the client. -**Step 6 –** You can see the suggested test settings in Figure 5. +**Step 6 –** You can see the suggested test settings In the figure shown. ![policypak_application_settings_4](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_4.webp) -Figure 5. Suggested test settings. +The figure shown. Suggested test settings. **Step 7 –** When you right-click on any setting within Endpoint Policy Manager Application Settings -Manager, you'll be given the options shown in Figure 6. +Manager, you'll be given the options shown In the figure shown. ![policypak_application_settings_5](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_5.webp) -Figure 6. Settings options. +The figure shown. Settings options. :::note These modes and options are all explained in detail in the section, "Endpoint Policy @@ -79,55 +79,58 @@ Manager Application Settings Manager Modes." policy setting to "[the default value]" when it no longer applies" and "Disable corresponding control in target application." -"Minimum password length" should now be configured, as shown in Figure 7. +"Minimum password length" should now be configured, as shown In the figure shown. ![policypak_application_settings_6](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_6.webp) -Figure 7. The settings for "Minimum password length": the item is set to 11 and three options are +The figure shown. The settings for "Minimum password length": the item is set to 11 and three options are selected. **Step 9 –** Next, hover over "at least one lower case character (a-z)" and right-click. Notice that "Always reapply this setting" is already checked because you clicked on the item to set the checkbox. Leave this setting as is. While you have the menu open, also select "Revert this policy setting to "[the default value]" when it is no longer applied." You can see your final configuration -in Figure 8. +In the figure shown. ![policypak_application_settings_7](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_7.webp) -Figure 8. Configuration of "at least one lower case character (a-z)" settings. +The figure shown. Configuration of "at least one lower case character (a-z)" settings. **Step 10 –** At this point, right-click "at least one upper case character (A-Z)," leaving the setting as is. Make no additional changes to "at least one upper case character (A-Z)." You can see -the desired configuration in Figure 9. +the desired configuration In the figure shown. ![policypak_application_settings_8](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_8.webp) -Figure 9. Configuration of "at least one upper case character (A-Z)" settings. +The figure shown. Configuration of "at least one upper case character (A-Z)" settings. **Step 11 –** Next, right-click "at least one numeric character (0-9)." This will also show that "Always reapply this setting" is already checked. It also can be left as is. In addition, select "Hide corresponding control in target application." You can see the desired configuration in -Figure 10. +The figure shown. ![policypak_application_settings_9](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_9.webp) -Figure 10. Configuration of "at least one numeric character (0-9)" settings. +The figure shown. Configuration of "at least one numeric character (0-9)" settings. **Step 12 –** Once you have completed the above steps, right-click the fourth checkbox, "at least one symbol character (!,@,#,$,%,^,&,\*...)." Leave "Always reapply this setting" checked. Since you selected "Always reapply this setting," you must also select "Disable corresponding control in -target application." You can see the desired configuration in Figure 11. +target application." You can see the desired configuration In the figure shown. ![policypak_application_settings_10](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_10.webp) -Figure 11. Configuration for "at least one symbol character (!,@,#,$,%,^,&,\*...)" settings. +The figure shown. Configuration for "at least one symbol character (!,@,#,$,%,^,&,\*...)" settings. **Step 13 –** Finally, click on the Cameras tab. Then right-click and select "Disable whole tab in target application." This is located right below the Cameras tab (but not directly on the Cameras -tab), as seen in Figure 12. +tab), as seen In the figure shown. ![policypak_application_settings_11](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_11.webp) -Figure 12. Finding and selecting "Disable whole tab in target application" in the Cameras tab. +The figure shown. Finding and selecting "Disable whole tab in target application" in the Cameras tab. **Step 14 –** Once that is completed, click OK to save the configuration into Group Policy. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testclient.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testclient.md index c38f52df9c..a7440a2833 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testclient.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/quickstartwithprecon/testclient.md @@ -30,11 +30,14 @@ perform. - It grayed out (disabled) the "at least one symbol character" checkbox. - It locked out the Cameras tab. -You can see the results in Figure 13. +You can see the results In the figure shown. ![policypak_application_settings_12](/images/endpointpolicymanager/applicationsettings/preconfigured/quickstart/endpointpolicymanager_application_settings_12.webp) -Figure 13. The results of the Application Settings Manager setting changes. +The figure shown. The results of the Application Settings Manager setting changes. Note that the settings are all delivered as expected, and the options you specified have been locked down. Close WinZip for now. Rejoice in your newfound power! + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/_category_.json index a89b9d2e4a..1bdc5babae 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/deliveredreverted.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/deliveredreverted.md index f1e74ae82c..84fbe4de65 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/deliveredreverted.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/deliveredreverted.md @@ -82,3 +82,6 @@ The application phase proceeds in the following order: ## Skipping Phase Any GPOs that are unchanged and any Paks within GPOs that are unchanged are simply skipped. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/overview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/overview.md index 658906675b..3ee54ce1e8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/overview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/overview.md @@ -9,3 +9,6 @@ sidebar_position: 70 In this section, we're going to understand how Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Settings Manager reports data and also how to troubleshoot Endpoint Policy Manager Application Settings Manager. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/precedence.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/precedence.md index 6c07543112..eb02477635 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/precedence.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/precedence.md @@ -33,3 +33,6 @@ following order of predence: For example, if you delivered a setting using Endpoint Policy Manager Cloud for Java and undelivered that same setting using an XML data file, then use Group Policy to redeliver that same setting; that way, Group Policy always takes precedence. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/reporting.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/reporting.md index f3f018aaf6..6edb86ff70 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/reporting.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/underhood/reporting.md @@ -17,44 +17,47 @@ Dell/Quest/Scriptlogic GPOadmin, and Quest ActiveAdministrator. :::note Video: For an overview of Endpoint Policy Manager and Change Management utilities like GPA, AGPM, etc, see -[https://www.endpointpolicymanager.com/integration/endpointpolicymanager-group-policy-change-management-utilities.html](http://www.endpointpolicymanager.com/videos/endpointpolicymanager-using-shares-to-store-your-paks-share-based-storage.html). +[https://www.policypak.com/integration/endpointpolicymanager-group-policy-change-management-utilities.html](https://www.policypak.com/videos/endpointpolicymanager-using-shares-to-store-your-paks-share-based-storage.html). ::: Whenever you add a new AppSet to a GPO and create settings, those settings appear in the GPMC -reports. In Figure 92, you can see the report generated when one AppSet is listed inside the GPO. +reports. In the figure shown, you can see the report generated when one AppSet is listed inside the GPO. ![reporting_and_what_s_happening](/images/endpointpolicymanager/troubleshooting/applicationsettings/underhood/reporting_and_what_s_happening.webp) -Figure 92. The GPMC reports showing the new Pak that was added to a GPO. +The figure shown. The GPMC reports showing the new Pak that was added to a GPO. -In Figure 93, you can see what is reported inside the GPMC when three AppSets have settings within a +In the figure shown, you can see what is reported inside the GPMC when three AppSets have settings within a GPO. ![reporting_and_what_s_happening_1](/images/endpointpolicymanager/troubleshooting/applicationsettings/underhood/reporting_and_what_s_happening_1.webp) -Figure 93. Three Paks reported within the GPMC. +The figure shown. Three Paks reported within the GPMC. Each AppSet's report has two sections: an overall settings section and the representation of the data within each of the AppSet's tabs. You can see an example of overall settings for the AppSet in -Figure 94. This section also shows the description field (if used) version of Endpoint Policy +The figure shown. This section also shows the description field (if used) version of Endpoint Policy Manager DesignStudio that compiled the AppSet and any special flags on the AppSet, including whether Item-Level Targeting is enabled or not. ![reporting_and_what_s_happening_2](/images/endpointpolicymanager/troubleshooting/applicationsettings/underhood/reporting_and_what_s_happening_2.webp) -Figure 94. The settings in a Pak's report. +The figure shown. The settings in a Pak's report. -As you can see in Figure 95, the settings themselves are reported, as well as any special cases for +As you can see In the figure shown, the settings themselves are reported, as well as any special cases for the data settings. For instance, you can see that the value of "Minimum password length" is set to 11, the Enforcement mode is set to "Always reapply," and the AppLock™ state is set to "Grayed" ![reporting_and_what_s_happening_3](/images/endpointpolicymanager/troubleshooting/applicationsettings/underhood/reporting_and_what_s_happening_3.webp) -Figure 95. Examples of special settings displayed in the settings details. +The figure shown. Examples of special settings displayed in the settings details. However, note that only items with settings that are being delivered appear in the reports, not every single value that is under AppLock. For instance, in the previous example, you might have only two values set such as "at least one lower case character" and "at least one numeric character" and then have performed "ACL Lockdown" over "at least one lower case character." In the reports, you would not see any other settings, because none of the other settings have any changed values. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/variables.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/variables.md index 4a997107f8..dc096e916a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/variables.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/variables.md @@ -37,3 +37,6 @@ the downloads will be redirected to another volume or even to a network share. Therefore the direct environment variable names such as `%{374DE290-123F-4565-9164-39C4925E467B}%`,` %Desktop%, and %Favorites%` are safer to use because they expand to the actual path that client-side extension (CSE) gets from the Registry. + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/_category_.json index 976ee0414f..03b0c1a0b6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/_category_.json index 74c4f3c6b7..ca67166b86 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/dllstorage.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/dllstorage.md index 5b11126602..433bc46a18 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/dllstorage.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/centralstoresharing/dllstorage.md @@ -10,3 +10,5 @@ Although storing the Netwrix Endpoint Policy Manager (formerly PolicyPak) DLL ex central location allows multiple administrators the ability to utilize them, you can also store the DLL extensions locally as well.In that instance, the GPO editor will list both the central and local location and allow you the opportunity to select which one you wish to use. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/_category_.json index e007ac6bf7..ecdb62b32f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/creation.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/creation.md index 302e6bbbd7..06d24c9572 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/creation.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/creation.md @@ -78,3 +78,5 @@ for Windows Desktop" option. within the Start Menu, as seen here in this example station. ![387_4_image004](/images/endpointpolicymanager/troubleshooting/applicationsettings/appset/387_4_image004.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/designstudioadditional.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/designstudioadditional.md index 17747ca73d..2416bf8f01 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/designstudioadditional.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/designstudio/designstudioadditional.md @@ -9,3 +9,5 @@ sidebar_position: 10 You will need to install the free Visual C++ 2008 SP1, 2010 or 2012, 2015 or 2017 Express Edition as well as any applications you wish to manage with Netwrix Endpoint Policy Manager (formerly PolicyPak) Design Studio. This is a free download from Microsoft. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/_category_.json index 9803f86263..d056b88a87 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/centralstore.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/centralstore.md index 89aa426d75..166bd32053 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/centralstore.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/centralstore.md @@ -13,3 +13,5 @@ files that currently reside in your local storage and paste them into that folde Here is the how-to video: [Working with Others and using the Central Store](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/centralstorework.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/checkmarks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/checkmarks.md index fb0031127e..b949553606 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/checkmarks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/checkmarks.md @@ -12,3 +12,5 @@ Manager will deliver the configured value of that setting. For instance, if you that by default is unchecked, the setting will then become underlined, stating that Endpoint Policy Manager will now enforce that checked value. Simply uncheck the checkbox and the setting remains underlined, showing that the unchecked value will not be delivered. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudio.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudio.md index 48a85b2072..cd52a20a9f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudio.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudio.md @@ -9,3 +9,5 @@ sidebar_position: 220 When naming a newly compiled Netwrix Endpoint Policy Manager (formerly PolicyPak), the name must begin with the letters pp. Endpoint Policy Manager will automatically put this in for you. If you rename it later (stripping pp- from the name) the pak will not be shown in the MMC. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudiowindows7.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudiowindows7.md index 28d112a06c..7b5ca05e49 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudiowindows7.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/designstudiowindows7.md @@ -12,3 +12,5 @@ XP and Vista machine as well and create the designated Endpoint Policy Manager s create the paks on one machine type and then re-capture the AppLock codes on the second machine type. See the section "How to Merge Endpoint Policy Manager s using the pXML Merge Wizard" in the Endpoint Policy Manager Design Studio guide. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/downgrade.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/downgrade.md index 91055f03de..263df90acb 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/downgrade.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/downgrade.md @@ -11,3 +11,5 @@ version to another, they can be downgraded from one version to another as well. however, is that any deleted items within the Pak will also be "dropped" from within the Group Policy data. So, please upgrade and download your paks with caution. See the section "Version Control of Endpoint Policy Manager Extension DLLs" in the PolicyPakQuickStart guide. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/expires.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/expires.md index f88709e72b..5b0c857220 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/expires.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/expires.md @@ -11,3 +11,5 @@ By default, values for the application settings will remain as configured within By selecting "Revert this policy setting to the default value when it is no longer applied" the default values contained with the original Netwrix Endpoint Policy Manager (formerly PolicyPak) s are then applied. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/feature.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/feature.md index de55760665..f32815fcc9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/feature.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/feature.md @@ -11,3 +11,5 @@ interface. You must select "Force display of whole tab in application" to restore the elements within the UI on the client. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/files.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/files.md index e2e53ccc5d..8e39360c39 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/files.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/files.md @@ -10,3 +10,5 @@ Yes, we recommend you back up the pXML as well as the Netwrix Endpoint Policy Ma PolicyPak) Extension DLL files. It is especially imperative that you back up the pXML files as your DLL files can be compiled once again from the pXML files using Design Studio but you cannot re-create the "source" pXML files cannot be generated from compiled DLL files. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/fontsetting.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/fontsetting.md index a87a010ef3..6e40118ae8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/fontsetting.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/fontsetting.md @@ -9,3 +9,5 @@ sidebar_position: 210 Although the vast majority of application settings can be delivered in our preconfigured Netwrix Endpoint Policy Manager (formerly PolicyPak)s, there are some exceptions. You can try configuring the setting yourself using the Endpoint Policy Manager design studio. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpo.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpo.md index 8d834123fb..872a3b90b7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpo.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpo.md @@ -10,5 +10,7 @@ First, try running the LT as Domain Administrator. 99.9% of the problems with th that the person creating the licensing GPO doesn't have rights to do so. So, try that first. If that fails, this -[https://kb.endpointpolicymanager.com/kb/article/828-policypak-troubleshooting-license-gpo-creation/](https://kb.endpointpolicymanager.com/kb/article/828-policypak-troubleshooting-license-gpo-creation/) +[https://docs.netwrix.com/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/licensinggpo](https://docs.netwrix.com/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/licensinggpo) demonstrates how you can definitely get it to work. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpooutofscope.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpooutofscope.md index 72d50af974..8df9d414dc 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpooutofscope.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpooutofscope.md @@ -25,3 +25,5 @@ However, the following Endpoint Policy Manager protections will stop working: PPupdate - Endpoint Policy Manager will no longer re-apply any settings when the application is re-launched, in the background or when the computer is offline. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos.md index 2e91d27cff..361fbe2a9a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos.md @@ -11,3 +11,5 @@ same way as all other Group Policy Objects. Simply highlight the desired GPO its Management, right click and select Back Up. You can also highlight the Group Policy Objects container node of all of your GPOs, right click and select Back Up All which will back up all of your GPOs in one swipe. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos_1.md index 7594b3b177..bb7a1b7320 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpos_1.md @@ -11,3 +11,5 @@ fast. Simply go to the PolicyPak Management screen in the GPO edit console. Open Policy Manager and look for the Endpoint Policy Manager button in the bottom left-hand corner. Click the button and choose Export and select the export destination.You do the same process except select Import when you want to import the GPO. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/language.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/language.md index c6844f62ba..b8d3840f09 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/language.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/language.md @@ -37,3 +37,5 @@ Endpoint Policy Manager (the company) will not be able to do this for you; but y welcome to use the Endpoint Policy Manager DesignStudio for this purpose. ::: + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/latestupdates.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/latestupdates.md index 15d6658520..8061215552 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/latestupdates.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/latestupdates.md @@ -8,3 +8,5 @@ sidebar_position: 130 All Netwrix Endpoint Policy Manager (formerly PolicyPak) customers are sent timely email update alerts to keep them informed. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/limitations.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/limitations.md index cecd498a12..e3618f16ed 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/limitations.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/limitations.md @@ -22,3 +22,5 @@ almost 10-15 Paks entries to reach 5MB. On Windows 8 and later, the max size is 100MB per Group Policy Object, meaning you can have a lot more entries if you wanted within one Group Policy Object without issue (provided your target machines are Windows 8 and later). + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/lyncclient.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/lyncclient.md index 06ea9421f5..1462e2d216 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/lyncclient.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/lyncclient.md @@ -10,3 +10,5 @@ When a selection is underlined in the GPO, it means that the selected value of t delivered to the users affected by the GPO. If the setting is not underlined, then it means that the setting cannot be delivered using the Netwrix Endpoint Policy Manager (formerly PolicyPak). You can however, hide or disable these settings if you wish. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/modifydll.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/modifydll.md index d62bdcd525..21578b2825 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/modifydll.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/modifydll.md @@ -15,3 +15,5 @@ element such as a checkbox that your PolicyPak based GPO has configured. In that case, because the checkbox no longer exists, the settings regarding the checkbox will no longer exist, but all other data remains. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onegpo.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onegpo.md index 3449c2fabd..7a224f498b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onegpo.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onegpo.md @@ -20,3 +20,5 @@ Here is an example: Then you would do the same for another GPO, say, for Firefox, and another GPO for Internet Explorer settings, and so on. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onetime.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onetime.md index e6db28a59a..65c96b4ea9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onetime.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/onetime.md @@ -12,3 +12,5 @@ PolicyPak) application settings you configure: - Always reapply this setting (this is the default) - Apply once and do not reapply in the background. Only reapply with GP update /force - Apply once and do not re-apply. Ignore GPupdate /force (similar to Group Policy Preferences) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/permissions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/permissions.md index 8bc389df52..1a99d906ef 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/permissions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/permissions.md @@ -8,3 +8,5 @@ sidebar_position: 190 The central store is located within the SYSVOL folder of any domain controller. A user must be a Domain Administrator in order to copy PolicyPakPaks to the SYSVOL folder. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/printers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/printers.md index 914558f478..7a9c98ba2c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/printers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/printers.md @@ -10,3 +10,5 @@ Because Microsoft's Group Policy Preferences already does a good job of pushing printers to your network, Netwrix Endpoint Policy Manager (formerly PolicyPak) does not duplicate this functionality. Endpoint Policy Manager will manage specific settings inside your printer drivers such as a "Tools | Options" page or component that stores settings. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/rolesresponsibilities.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/rolesresponsibilities.md index 5cceefa332..641f089bd9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/rolesresponsibilities.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/rolesresponsibilities.md @@ -25,3 +25,5 @@ based upon operating system type, the role it plays, and which Endpoint Policy M needs to be installed (if any). ![190_1_2014-09-22_0927](/images/endpointpolicymanager/applicationsettings/190_1_2014-09-22_0927.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/side.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/side.md index 1278914d3e..6608443c42 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/side.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/side.md @@ -18,3 +18,5 @@ Note that SOME Paks have "extra superpowers" which are only available on the COM three special Paks are: Firefox, Java and Thunderbird. We explain this in the Netwrix Endpoint Policy Manager (formerly PolicyPak) On-Prem Manual. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/updatedcommands.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/updatedcommands.md index 23ce9780b6..c81cbbc748 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/updatedcommands.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/updatedcommands.md @@ -12,3 +12,5 @@ settings that are contained within a GPO. In addition, a computer must be online in order to execute the `gpupdate` command while `ppupdate` will execute if the client computer is online or offline. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/upgrade.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/upgrade.md index a64cd29a46..70f7afdf9f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/upgrade.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/upgrade.md @@ -16,3 +16,5 @@ Endpoint Policy Manager has three parts: So, there's nothing to "move" or do if you decommission a DC or upgrade a server. If you were using the Endpoint Policy Manager Central Store, that simply replicates when the next DC comes online. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/windowsremoteassistance.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/windowsremoteassistance.md index 3457254c12..ea5d418930 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/windowsremoteassistance.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/windowsremoteassistance.md @@ -87,3 +87,5 @@ Reference Article - [How to use Scripts Manager to workaround the "PPAppLockdr64.dll is either not designed to run on Windows or it contains an error" message when running Microsoft Remote Assistance (MSRA.exe) and the Endpoint Policy Manager CSE is installed on Windows 10 1903](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftremoteassistance.md) - [Deploy any script via the Cloud to domain joined and non-domain joined machines](/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/cloud.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/knowledgebase.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/knowledgebase.md index b5435d4f95..65c0fdc46b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/knowledgebase.md @@ -136,3 +136,5 @@ See the following Knowledge Base articles for Application Manager. - [What happens to Application Settings Manager settings when the Endpoint Policy Manager license expires / if my company chooses not to renew?](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/generalconfiguration/gpooutofscope.md) - [Why does Microsoft 365 Defender report suspicious encoded content in Endpoint Policy Manager Application Settings Manager values?](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftdefender.md) - [Why do I see "Extra Registry Settings" in Endpoint Policy Manager Application Settings Manager items in the GPMC?](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/gpmc.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/11enterprisemode.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/11enterprisemode.md index 26b51edcd2..bfa4c07b5e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/11enterprisemode.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/11enterprisemode.md @@ -35,3 +35,5 @@ Unless the enable key exists, you won't see Enterprise Mode on the menu or on th tab's "browser profile" section. ![162_3_image007](/images/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/162_3_image007.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/_category_.json index 7038db794f..f3ffe2ce6f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons.md index ebffbbbf92..1ff2768b5f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons.md @@ -9,3 +9,5 @@ sidebar_position: 160 Yes. Here is a videos to demonstrate that. [Manage Firefox Add-ons using Group Policy](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/addons.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons_1.md index 72f19b12a1..caeb6f2af0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/addons_1.md @@ -9,3 +9,5 @@ sidebar_position: 320 Yes. Here is a videos to demonstrate that. [Manage IE Programs Tab](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/programstab.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/allowremember.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/allowremember.md index cfccd83b7e..dcaedd7650 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/allowremember.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/allowremember.md @@ -56,3 +56,5 @@ Now that you know that, you can use Endpoint Policy Manager Application Settings Firefox Pak to set this permission to Allow or Block. ![132_5_ff-kb-img-05](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/132_5_ff-kb-img-05.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/applicationshandlerfunction.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/applicationshandlerfunction.md index ba7c2ca1eb..adb0148ae4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/applicationshandlerfunction.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/applicationshandlerfunction.md @@ -77,3 +77,5 @@ server to return "correct" MIME type. The general rule of thumb here is similar to rule in #2. If Firefox shows "Open with dialog" when there is no handler for resource, it fires Application Handler for the same resource if there is one. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/authority.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/authority.md index 7e0605010c..3f845b1e79 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/authority.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/authority.md @@ -73,3 +73,5 @@ C;; – Root CA for websites only ;;c – CA for software makers only P;; – a trusted certificate for websites + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bookmarkpopups.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bookmarkpopups.md index 5c29c70ffd..82975d25ae 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bookmarkpopups.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bookmarkpopups.md @@ -27,3 +27,5 @@ in there, and have them appear, even at first use. Which is why you can see seeing mixed results: Some settings appear a-ok first time, others not until Firefox is run two times. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bydefault.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bydefault.md index 865fef258f..9f89885a7e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bydefault.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bydefault.md @@ -12,3 +12,5 @@ From 603 onwards we have made this fact more obvious by showing the "Item-Level MMC. ![368_1_pp-predefined-targeting](/images/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/368_1_pp-predefined-targeting.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bypassinternal.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bypassinternal.md index e4c8c441cb..217f96ef1e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bypassinternal.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/bypassinternal.md @@ -7,7 +7,7 @@ sidebar_position: 10 # Admin Console (Item Level Targeting): Why would I want to bypass Internal (pre-defined) Item Level Targeting? Starting in build 603, you have the ability to bypass -Internal [Item Level Targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting). +Internal [Item Level Targeting](https://www.policypak.com/pp-blog/item-level-targeting). You might want to do this for several reasons: @@ -31,3 +31,5 @@ You might want to do this for several reasons: For a video expressing how to bypass Internal ILT, see: [Bypassing Internal Item Level Targeting Filters](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates.md index 6c7e79047f..4c35161830 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates.md @@ -13,3 +13,5 @@ setting Chrome at the same time. Here's the how-to video in using the IE + Certs features (again, which should also set Chrome too): [Manage IE Certificates](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/certificates.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_1.md index f3cbb0f073..2401b5ba22 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_1.md @@ -11,7 +11,7 @@ There are various areas you should troubleshoot FIRST with FF and Certificates. Shortest possible answer to 99% of problems with FF + Certificates: 1. Are you using FF ESR? You must use FF ESR… - [Read THIS](https://www.endpointpolicymanager.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr). + [Read THIS](https://www.policypak.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr). 2. Do you have the LATEST CSE on the endpoint? STOP: Make sure. 3. Also; couldn't hurt to upgrade your MMC console to latest version. 4. Are you using the LATEST Firefox pak? STOP: Make sure. @@ -95,3 +95,5 @@ well which are helpful for troubleshooting. We can try to see if YOUR CERT works in OUR environment. We can also send you OUR TEST CERT and see if it works in YOURs. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_2.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_2.md index f8a2af5c27..44a4fd6f1e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_2.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_2.md @@ -7,3 +7,5 @@ sidebar_position: 170 # Firefox: Can I deliver, manage and/or revoke certificates directly to Firefox? Yes. Here is a videos to demonstrate that. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_3.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_3.md index a5531767e5..f9fb6d4675 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_3.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/certificates_3.md @@ -9,3 +9,5 @@ sidebar_position: 330 Yes, Here is a videos to demonstrate that. [Manage IE Certificates](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/certificates.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/customsettings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/customsettings.md index 20a94a31ca..5f6f71ff49 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/customsettings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/customsettings.md @@ -14,3 +14,5 @@ Sites" dropdown (for instance) set to nothing. This formula will deliver the specific custom settings you choose. ![313_1_2015-03-16_1607](/images/endpointpolicymanager/applicationsettings/preconfigured/internetexplorer/313_1_2015-03-16_1607.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/darktheme.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/darktheme.md index 81ea8cc0c7..97f349c141 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/darktheme.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/darktheme.md @@ -38,3 +38,5 @@ To fix this on all your client machines please use Firefox About:Config PAKs an as instructed. Here is just a reference screenshot: ![222_3_2017-10-11_1531](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/222_3_2017-10-11_1531.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/entrysettings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/entrysettings.md index 192e0118bc..deb25d2455 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/entrysettings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/entrysettings.md @@ -18,3 +18,5 @@ specific. See this video to bypass the ILT: [Bypassing Internal Item Level Targeting Filters](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/esr.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/esr.md index d271bd6af0..661b25389d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/esr.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/esr.md @@ -8,5 +8,7 @@ sidebar_position: 220 Yes, Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Manager and Endpoint Policy Manager Browser Router are only compatible with Firefox ESR.  Firefox RR is not compatible. -[See this blog article](https://www.endpointpolicymanager.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr) +[See this blog article](https://www.policypak.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr) for more details. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/extratabs.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/extratabs.md index 05ce8e3f14..6565155e11 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/extratabs.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/extratabs.md @@ -11,3 +11,5 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) is delivering "blank" when this setting" is present upon items. So right-click and uncheck each unwanted page as seen here. ![282_1_faq-images7](/images/endpointpolicymanager/applicationsettings/preconfigured/chrome/282_1_faq-images7.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/frontmotion.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/frontmotion.md index 38f658d55b..5fcdfc5fde 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/frontmotion.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/frontmotion.md @@ -8,3 +8,5 @@ sidebar_position: 200 Yes, Netwrix Endpoint Policy Manager (formerly PolicyPak) is compatible with the Frontmotion packaged MSI version of Firefox. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/home.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/home.md index 817300296f..02ac83f02e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/home.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/home.md @@ -19,3 +19,5 @@ And the other way will specify what happens at launch. You need to set BOTH "Ope set of pages" and specify at least one "Set Pages" URL for this to work. ![211_1_image0012](/images/endpointpolicymanager/applicationsettings/preconfigured/chrome/211_1_image0012.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/homebuttonurl.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/homebuttonurl.md index d2b2e1aa57..e75782c5fc 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/homebuttonurl.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/homebuttonurl.md @@ -16,3 +16,5 @@ For Home Button URL to work, check and uncheck Use New Tab Page as homepage sett below screenshot: ![68_1_faq-pre-configured-pak-8](/images/endpointpolicymanager/troubleshooting/applicationsettings/chrome/68_1_faq-pre-configured-pak-8.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/httpsites.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/httpsites.md index 7682d472cb..6b921b8c1b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/httpsites.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/httpsites.md @@ -16,3 +16,5 @@ server verification https" are both UNDERLINED and UN-Checked. This will deliver "un-check" to these settings, allowing for HTTP zones. ![240_1_image002](/images/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/240_1_image002.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/internalpredefined.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/internalpredefined.md index ca234b59f0..e1820a6ca4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/internalpredefined.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/internalpredefined.md @@ -7,7 +7,7 @@ sidebar_position: 470 # Other: What is "Internal (pre-Defined)" Item Level Targeting? Many (not all) of our Paks have Internal -[Item Level Targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting) (aka pre-defined +[Item Level Targeting](https://www.policypak.com/pp-blog/item-level-targeting) (aka pre-defined filters.) The goal is to only apply settings from a Pak WHEN the actual application is really on the machine. @@ -37,3 +37,5 @@ Column shows N/A, the Pak doesn't. You can see two entries without Internal ILT, does in this example: ![257_2_pp-predefined-targeting](/images/endpointpolicymanager/applicationsettings/preconfigured/itemleveltargeting/368_1_pp-predefined-targeting.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue.md index d74c25386d..1769194a17 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue.md @@ -42,3 +42,5 @@ for free. Our company is based around a community model where we all help each other.  You will find that the Endpoint Policy Manager user community is a true asset. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue_1.md index d6e222a3bb..0525022424 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue_1.md @@ -21,3 +21,5 @@ setting by disabling the internal item-level targeting. To see a demonstration video about Internal Filters and bypassing them, please see this [Bypassing Internal Item Level Targeting Filters](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/itemsunavailable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/itemsunavailable.md index def9710b69..980d89f17e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/itemsunavailable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/itemsunavailable.md @@ -9,3 +9,5 @@ sidebar_position: 490 Features that are grayed out in any AppSet means that the setting isn't available to be delivered via Netwrix Endpoint Policy Manager (formerly PolicyPak). For some applications, everything works, for others, not everything is manageable. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/javathunderbird.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/javathunderbird.md index d2d4bab1ac..63666a03bb 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/javathunderbird.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/javathunderbird.md @@ -12,7 +12,7 @@ However, that UI lockout is implemented differently and, as such, comes with a c Tip: To see a video of FireFox UI lockout in action, see the following video: -[https://www.endpointpolicymanager.com/products/manage-firefox-with-group-policy.html](https://www.endpointpolicymanager.com/products/manage-firefox-with-group-policy.html) +[https://www.policypak.com/products/manage-firefox-with-group-policy.html](https://www.policypak.com/products/manage-firefox-with-group-policy.html) Tip: To see a video of Thunderbird UI lockout in action, see the following video: @@ -48,3 +48,5 @@ seeing the System-Wide lockdown) is shown in this figure. ![148_3_ff3](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/148_3_ff3.webp) Note that the lockdown via System-Wide config file is not present on the user side. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfail.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfail.md index c494dbd797..70f269c81b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfail.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfail.md @@ -19,3 +19,5 @@ Example 1: Example 2: ![299_2_image005](/images/endpointpolicymanager/troubleshooting/applicationsettings/internetexplorer/299_2_image005.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfailstig.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfailstig.md index 6df8c38e21..66d463cbe1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfailstig.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/launchfailstig.md @@ -17,3 +17,5 @@ Under the hood, the keys that are edited are in ``` HKEY_Current_UserSoftwareMicrosoftInternet ExplorerMain ``` + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/localfileaccess.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/localfileaccess.md index 9cd9ef9b5a..eecd0ff3d9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/localfileaccess.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/localfileaccess.md @@ -20,3 +20,5 @@ file:///c:/ Result: ![38_2_image002](/images/endpointpolicymanager/applicationsettings/preconfigured/chrome/38_2_image002.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/mode.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/mode.md index e4f4024046..cb231dd5df 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/mode.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/mode.md @@ -12,3 +12,5 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak)'s job is to populate those dynamically instead of having to make your own lists. [https://techcommunity.microsoft.com/t5/windows-blog-archive/ie11-enterprise-mode-and-compatibility-view-are-additive-not/ba-p/228730](https://techcommunity.microsoft.com/t5/windows-blog-archive/ie11-enterprise-mode-and-compatibility-view-are-additive-not/ba-p/228730) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/nonstandardlocation.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/nonstandardlocation.md index f1a95153b6..6b4378ecb3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/nonstandardlocation.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/nonstandardlocation.md @@ -25,3 +25,5 @@ Therefore the most common cases and scenarios are: to perform UI lockdown. - If they run a portable version of Firefox which has no install AND stores nothing in the users' profile, you typically cannot deliver settings or perform UI lockdown. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/ntlmpassthru.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/ntlmpassthru.md index bfe8bfefd0..967fc0f009 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/ntlmpassthru.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/ntlmpassthru.md @@ -40,3 +40,5 @@ Then, if you do, then use Endpoint Policy Manager Application Manager to actuall you want to all your machines that you wish to get these values. ![82_1_image001](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/82_1_image001.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/policies.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/policies.md index c1dce2adbb..30def0f00d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/policies.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/policies.md @@ -14,3 +14,5 @@ delivered to Chrome. We are working on a workaround in the future, but at this time, there is no workaround unless the machine is domain joined. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/preventupdates.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/preventupdates.md index d13cf95437..806b6c1d61 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/preventupdates.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/preventupdates.md @@ -19,3 +19,5 @@ Then the result is that Firefox FORBIDS both automatic updated AND manual update here: ![264_2_2222222222222](/images/endpointpolicymanager/applicationsettings/preconfigured/firefox/264_2_2222222222222.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/proxysettings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/proxysettings.md index ecb06afad2..5b4fc88aa6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/proxysettings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/proxysettings.md @@ -14,3 +14,5 @@ Explorer. See this video for more details, which will also set the Chrome Pak: [Manage IE Connections tab](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/connectionstab.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/revertoptions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/revertoptions.md index 6d31f69a24..c50c26d139 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/revertoptions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/revertoptions.md @@ -8,7 +8,7 @@ sidebar_position: 130 Here's a video on how to do that -[Download this video](https://www.endpointpolicymanager.com/automation/download.php?vid=2rhdHskV4tU&pid=how-can-i-use-policypak-to-revert-firefoxs-options-back-to-the-old-style) +[Download this video](https://www.policypak.com/automation/download.php?vid=2rhdHskV4tU&pid=how-can-i-use-policypak-to-revert-firefoxs-options-back-to-the-old-style) ### Firefox 28 and Endpoint Policy Manager — Deliver and lockdown settings, and also switch back to old UI for Options @@ -48,3 +48,5 @@ is not editable. I hope it helps. Thank you. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/runapplication.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/runapplication.md index d6c38db4e6..5f2f786138 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/runapplication.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/runapplication.md @@ -28,3 +28,5 @@ Java 8 Pak technique: ![2_4_16a-8](/images/endpointpolicymanager/applicationsettings/preconfigured/java/2_4_16a-8.webp) ![2_5_16b-8](/images/endpointpolicymanager/applicationsettings/preconfigured/java/2_5_16b-8.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securityenterpriseroots.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securityenterpriseroots.md index 3c1f93a10a..b67ce35f48 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securityenterpriseroots.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securityenterpriseroots.md @@ -38,3 +38,5 @@ It is the last entry in the S: category Note that if you're looking for general advice in how to get started with Windows certificates and browsers support, you can [find that here](https://www.techrepublic.com/article/how-to-add-a-trusted-certificate-authority-certificate-to-chrome-and-firefox/). + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securitypopup.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securitypopup.md index 58422695b0..3bef75bd0e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securitypopup.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/securitypopup.md @@ -25,3 +25,5 @@ Java 8 AppSet technique: More information from Oracle on the underlying issue can be found at this web page:  [http://java.com/en/download/help/error_mixedcode.xml](http://java.com/en/download/help/error_mixedcode.xml) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/side.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/side.md index e379850dd9..dae07118d3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/side.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/side.md @@ -25,3 +25,5 @@ So, our general recommendation (if you're looking for one) is: For more information on this, see the following FAQ item. [Firefox (and Java and Thunderbird): Why can't I seem to find (or perform) UI lockdown for Firefox, Java or Thunderbird ?](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/javathunderbird.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/sitelistexceptions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/sitelistexceptions.md index daddb7e3c9..f66ab940e1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/sitelistexceptions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/sitelistexceptions.md @@ -20,3 +20,5 @@ For manual testing on one machine, delete that file, then run GPupdate to refres See if Java Site exceptions starts to work. ![46_1_tip-if-java-site-lists-stop-working](/images/endpointpolicymanager/troubleshooting/applicationsettings/java/46_1_tip-if-java-site-lists-stop-working.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/stopsenddatamessage.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/stopsenddatamessage.md index 584e84318f..6a06c66ab9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/stopsenddatamessage.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/stopsenddatamessage.md @@ -14,3 +14,5 @@ below. To do this, use the Endpoint Policy Manager Application Manager pak About:Config A-I Pak. Use the setting datareporting.policy.dataSubmissionPolicyBypassNotification and set to TRUE. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/supportpolicy.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/supportpolicy.md index 83d78d1f44..3b1caf9ce3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/supportpolicy.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/supportpolicy.md @@ -28,3 +28,5 @@ we provide "best effort" support on those if a problem is found. (See the FAQ question "[HowTo: What do I do if I find a problem with a preconfigured AppSet?](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/issue.md)" for more information.) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/tasktray.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/tasktray.md index 65754572b6..00bedb7008 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/tasktray.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/tasktray.md @@ -23,3 +23,5 @@ Java 7 Pak technique: Java 8 Pak technique: ![225_3_18-8](/images/endpointpolicymanager/applicationsettings/preconfigured/java/225_3_18-8.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/transition.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/transition.md index 7c7463f36a..e2c75c9c31 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/transition.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/transition.md @@ -338,3 +338,5 @@ correct for any non-imported settings. In this document you learned how to target the FF23 AppSet to your older CSEs and the FF115 AppSet to your newer CSEs. You also learned how to export the FF23 settings and migrate them over to the FF115 AppSet. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/unavailable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/unavailable.md index baf6380976..ace80c815f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/unavailable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/unavailable.md @@ -28,3 +28,5 @@ So, if you see something which is a "must-have" for you, just ask, and we can tr to see if it's possible to achieve. Please post in the SUPPORT FORUMS for this kind of request. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/updates.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/updates.md index f6ac522d8d..7b71830a9d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/updates.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/updates.md @@ -21,3 +21,5 @@ In those cases, they are done upon customer request and are a "best effort" basi Remember though: Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Manager comes with the PolicyPak DesignStudio, which means you are always able to create and/or update the AppSets without waiting for us if you so choose. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/useraccountcontrol.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/useraccountcontrol.md index af3b945d5c..d40314953b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/useraccountcontrol.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/useraccountcontrol.md @@ -22,3 +22,5 @@ Java 7 Pak technique: Java 8 Pak technique: ![105_3_17-8](/images/endpointpolicymanager/applicationsettings/preconfigured/java/105_3_17-8.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/version.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/version.md index 3b6924f87d..b64f540c16 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/version.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/version.md @@ -15,3 +15,5 @@ Note that Firefox versions not listed on this table are not yet tested and may o The reason you need to upgrade the CSE to support the various levels of Firefox is because the Firefox methods for accepting certificates changed, and therefore we changed with them to support the changes. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versioninsecure.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versioninsecure.md index d08c180cca..18ce5fadd4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versioninsecure.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versioninsecure.md @@ -22,3 +22,5 @@ Java 7 Pak technique: Java 8 Pak technique: ![137_3_15-8](/images/endpointpolicymanager/applicationsettings/preconfigured/java/2_5_16b-8.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionoutofdate.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionoutofdate.md index 125c09c0c6..2dda65c92f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionoutofdate.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionoutofdate.md @@ -21,3 +21,5 @@ Java 7 Pak technique: Java 8 Pak technique: ![45_3_14-8](/images/endpointpolicymanager/applicationsettings/preconfigured/java/45_3_14-8.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versions.md index 40fff7f868..1a1fded22a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versions.md @@ -46,3 +46,5 @@ This same idea extends, say to Firefox which gets updated quite often in the VER usually, no new checkboxes or features appear in the Firefox Options. In this way, newer versions of Firefox will "just work" when using our latest Firefox AppSet. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionsupport.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionsupport.md index 34119dd584..d55ee7bfcb 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionsupport.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/preconfiguredappsets/versionsupport.md @@ -30,3 +30,5 @@ you to manage and lockdown applications for your users. You get the Design Studio that allows you to update and create AppSets yourself.  You also get access to our powerful user-based community, providing you a knowledge base and peer group to turn to ask questions and request advice, and of course, you have access to our committed support staff. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/_category_.json index f89ae4f92b..4b78cdc4f9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/applicationissue.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/applicationissue.md index ef05aba4d1..1fd78fec2a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/applicationissue.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/applicationissue.md @@ -43,3 +43,5 @@ sidebar_position: 80 be locked down. - Tip: Check the readme file for the Pak. We do a reasonable job explaining when lockdown isn't expected to function in most Pak readme's. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/appset.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/appset.md index adfc63e091..d62165cd83 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/appset.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/appset.md @@ -24,3 +24,5 @@ Here is what to do: - Exporting to be used with Endpoint Policy Manager Cloud. ![358_2_image0022](/images/endpointpolicymanager/troubleshooting/applicationsettings/export/358_2_image0022.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/basicsteps.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/basicsteps.md index 2195dada04..5b4dfaf760 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/basicsteps.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/basicsteps.md @@ -103,7 +103,7 @@ manager… **Step 1 –** From an affected machine, AS ADMIN run pplogs.exe from an ADMIN command prompt. -**Step 2 –** Simply send the .ZIP file it creates to support[at ]endpointpolicymanager.com and explain the issue +**Step 2 –** Simply send the .ZIP file it creates to support[at ]policypak.com and explain the issue as specifically as you can. **Step 3 –** GOOD descriptions would include @@ -131,3 +131,5 @@ a certificate and it's not working."Under ALL circumstances you should expect we update at least one machine to the latest CSE if your logs show a not-latest CSE.We'll try to get you an answer right away. Call 800-883-8002 if you think we haven't gotten your request for help. We want to help you! + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/code0xc000428.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/code0xc000428.md index 2c5898d0e8..f8c63e3498 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/code0xc000428.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/code0xc000428.md @@ -76,3 +76,5 @@ Optional: FoFor Workaround 2 you can use Endpoint Policy ManagerScripts Manager settings to multiple computers/users via PowerShell, for steps please see the KB below: [How to use Scripts Manager to workaround the "PPAppLockdr64.dll is either not designed to run on Windows or it contains an error" message when running Microsoft Remote Assistance (MSRA.exe) and the Endpoint Policy Manager CSE is installed on Windows 10 1903](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftremoteassistance.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/disable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/disable.md index b8a0735ded..410e16e0e8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/disable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/disable.md @@ -95,3 +95,5 @@ You might need to close the GPMC and re-open it to have the GPMC refresh the ADM files and reflect a change. Then re-run the GPO setting report to verify your change. ::: + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/forcepoint.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/forcepoint.md index 6498d238ea..2140234321 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/forcepoint.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/forcepoint.md @@ -39,3 +39,5 @@ This method causes a universal block to Reapply of application settings. You can the first method doesn't operate as expected. [How do I turn off "Reapply on Launch" for all applications if asked by tech support?](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunchdisable.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/gpmc.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/gpmc.md index 449d5037c3..574bcd3134 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/gpmc.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/gpmc.md @@ -23,3 +23,5 @@ This is expected Endpoint Policy Manager Application Settings Manager behavior a changeable. ![943_2_image002_950x758](/images/endpointpolicymanager/troubleshooting/applicationsettings/943_2_image002_950x758.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/localmissing.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/localmissing.md index 89f0b9a20a..ece1665245 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/localmissing.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/localmissing.md @@ -43,3 +43,5 @@ CENTRAL STORE or SHARED STORE method. This issue is fixed for any upgrade FROM 785 onwards, but it's not possible to fix "retroactively" as you upgrade to 785. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftdefender.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftdefender.md index cf836d8e83..c7cd390b65 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftdefender.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftdefender.md @@ -30,3 +30,5 @@ for XML reporting purposes. Its classification as a high severity issue can be i More information about T1001:Data Obfuscation is at this link: [https://attack.mitre.org/techniques/T1001/](https://attack.mitre.org/techniques/T1001/) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftremoteassistance.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftremoteassistance.md index 6c85d14133..2ef2177ab4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftremoteassistance.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/microsoftremoteassistance.md @@ -73,3 +73,5 @@ settings **Step 7 –** Lastly, click "Apply" to save your changes ![280_6_image-20191015113622-2](/images/endpointpolicymanager/troubleshooting/applicationsettings/280_6_image-20191015113622-2.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/mmc.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/mmc.md index b7c2835f6d..0004538a82 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/mmc.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/mmc.md @@ -47,3 +47,5 @@ user and confirm that the ASM node remained operational in both GPEDIT and GPMC. The ASM node should look similar to screen shot below. ![1322_2_d34f038d53ae47ca403950284e354cdd](/images/endpointpolicymanager/troubleshooting/applicationsettings/1322_2_d34f038d53ae47ca403950284e354cdd.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/other.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/other.md index e38397d2ce..7caf90bfb6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/other.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/other.md @@ -52,3 +52,5 @@ matter.) **Step 4 –** Then Import the XML settings This will create a new AppSet Entry and all the "guts" should be aligned correctly. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunch.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunch.md index d273026fdb..8597eda34c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunch.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunch.md @@ -15,3 +15,5 @@ After Netwrix Endpoint Policy Manager (formerly PolicyPak) CSE build 901, this p required. ![518_1_image0011](/images/endpointpolicymanager/troubleshooting/applicationsettings/518_1_image0011.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunchdisable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunchdisable.md index 8e7a2aa91a..6b4bef4966 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunchdisable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reapplylaunchdisable.md @@ -17,3 +17,5 @@ When this is set, this will stop applications from attempting to apply settings increase compatibility with some antivirus and security software. ![290_1_img-1_950x551](/images/endpointpolicymanager/troubleshooting/applicationsettings/290_1_img-1_950x551.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/redirectedfolder.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/redirectedfolder.md index f041c03866..d4ee09a0d3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/redirectedfolder.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/redirectedfolder.md @@ -16,3 +16,5 @@ This is indicative of Folder Redirection in use. Try to change the Pak properties so it runs as USER as seen here: ![484_1_2015-02-20_1513](/images/endpointpolicymanager/troubleshooting/applicationsettings/484_1_2015-02-20_1513.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/removeclientsideextension.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/removeclientsideextension.md index a471c38c1c..bd9ec694d0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/removeclientsideextension.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/removeclientsideextension.md @@ -38,3 +38,5 @@ Note in all cases, after the CSE is removed the following will occur: PPupdate - Endpoint Policy Manager will no longer re-apply any settings when the application is re-launched, in the background or when the computer is offline. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/replication.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/replication.md index 58e4b414aa..4705fd3ef4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/replication.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/replication.md @@ -118,3 +118,5 @@ You may also refer to these other articles as well. [http://technet.microsoft.com/en-us/library/cc816596(v=ws.10).aspx]() [http://support.microsoft.com/kb/2218556](http://support.microsoft.com/kb/2218556) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reports.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reports.md index 394e34a6a0..6c5823c9cd 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reports.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/reports.md @@ -14,3 +14,5 @@ engine. So ILT always evaluates in the reporting as if it's ALWAYS true. This is also how Group Policy Preferences works as well, and hence, we follow the same model. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/settings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/settings.md index c02947f108..e9de00a32c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/settings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/settings.md @@ -26,3 +26,5 @@ If you need to troubleshoot switched mode, all switched mode log files will appe - `ppSwitched_onSchedule.log`: For when directives are re-delivered using the Endpoint Policy Manager timer mechanism (which is off by default. See the section Automatic Re-Application of settings with the Reinforcement Timer for details on how to use the timer.) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/someapplications.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/someapplications.md index 83d8dd44ab..4b8e833537 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/someapplications.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/someapplications.md @@ -88,3 +88,5 @@ This same option with the Java Paks. The UI lockout mechanism is completely different for these applications versus Win32 applications and as such is treated differently. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/storage.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/storage.md index 95121bc44a..d5f7523ec3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/storage.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/storage.md @@ -16,3 +16,5 @@ Here's a video on how to do that (using Netwrix Endpoint Policy Manager (formerl Application Manager) [Using Shares to Store Your Paks (Share-Based Storage)](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/shares.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/symantecendpointprotection.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/symantecendpointprotection.md index 90918ab44b..931835178f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/symantecendpointprotection.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/troubleshooting/symantecendpointprotection.md @@ -22,3 +22,5 @@ This is by design in Endpoint Policy Manager and cannot be changed at this time. ``` Category: Symantec Product Tamper ProtectionDate & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction,Terminal Session23/08/2018 8:59:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:59:17 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:58:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:58:22 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:57:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:57:27 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:56:29 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:56:29 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,15840,Access Process Data,Unauthorized access blocked,123/08/2018 8:56:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:56:28 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13WSCStub.exe,14260,Access Process Data,Unauthorized access blocked,23/08/2018 8:53:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:53:21 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,792,Access Process Data,Unauthorized access blocked,123/08/2018 8:53:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:53:21 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,792,Access Process Data,Unauthorized access blocked,23/08/2018 8:52:39 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:52:39 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,15868,Access Process Data,Unauthorized access blocked,123/08/2018 8:52:39 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:52:39 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,15868,Access Process Data,Unauthorized access blocked,23/08/2018 8:52:36 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:52:36 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,11008,Access Process Data,Unauthorized access blocked,123/08/2018 8:52:36 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:52:36 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13MCUI32.exe,11008,Access Process Data,Unauthorized access blocked,23/08/2018 8:52:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:52:21 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:51:41 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:51:41 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:51:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:51:23 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:51:03 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:51:03 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:49:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:49:18 AM,C:PROGRAM FILESPOLICYPAKAPPLICATION MANAGERCLIENT18.3.1649PPWATCHERSVC64.EXE,7264,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6328,Access Process Data,Unauthorized access blocked,123/08/2018 8:49:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:49:17 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13coNatHst.exe,14492,Access Process Data,Unauthorized access blocked,23/08/2018 8:49:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:49:07 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,9028,Access Process Data,Unauthorized access blocked,23/08/2018 8:37:09 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:37:09 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,10336,Access Process Data,Unauthorized access blocked,23/08/2018 8:19:02 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:19:02 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,15272,Access Process Data,Unauthorized access blocked,23/08/2018 8:06:48 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 8:06:48 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,11352,Access Process Data,Unauthorized access blocked,23/08/2018 7:49:00 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 7:49:00 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,15412,Access Process Data,Unauthorized access blocked,23/08/2018 7:42:00 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 7:42:00 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9492,Access Process Data,Unauthorized access blocked,23/08/2018 7:36:48 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 7:36:48 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,16796,Access Process Data,Unauthorized access blocked,23/08/2018 7:18:56 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 7:18:56 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,7092,Access Process Data,Unauthorized access blocked,23/08/2018 7:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 7:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,904,Access Process Data,Unauthorized access blocked,23/08/2018 6:48:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 6:48:53 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,14956,Access Process Data,Unauthorized access blocked,23/08/2018 6:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 6:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,10588,Access Process Data,Unauthorized access blocked,23/08/2018 6:18:49 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 6:18:49 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,7048,Access Process Data,Unauthorized access blocked,23/08/2018 6:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 6:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,14880,Access Process Data,Unauthorized access blocked,23/08/2018 5:52:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 5:52:25 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,4324,Access Process Data,Unauthorized access blocked,23/08/2018 5:50:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 5:50:05 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,15892,Access Process Data,Unauthorized access blocked,23/08/2018 5:48:46 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 5:48:46 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,4084,Access Process Data,Unauthorized access blocked,23/08/2018 5:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 5:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,15492,Access Process Data,Unauthorized access blocked,23/08/2018 5:18:42 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 5:18:42 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,7532,Access Process Data,Unauthorized access blocked,23/08/2018 5:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 5:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,13768,Access Process Data,Unauthorized access blocked,23/08/2018 4:48:39 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 4:48:39 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,12744,Access Process Data,Unauthorized access blocked,23/08/2018 4:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 4:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,7140,Access Process Data,Unauthorized access blocked,23/08/2018 4:18:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 4:18:35 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,11836,Access Process Data,Unauthorized access blocked,23/08/2018 4:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 4:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,16556,Access Process Data,Unauthorized access blocked,23/08/2018 3:48:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 3:48:33 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,14100,Access Process Data,Unauthorized access blocked,23/08/2018 3:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 3:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,10164,Access Process Data,Unauthorized access blocked,23/08/2018 3:18:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 3:18:28 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,10184,Access Process Data,Unauthorized access blocked,23/08/2018 3:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 3:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9628,Access Process Data,Unauthorized access blocked,23/08/2018 2:48:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 2:48:26 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,72,Access Process Data,Unauthorized access blocked,23/08/2018 2:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 2:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9688,Access Process Data,Unauthorized access blocked,23/08/2018 2:18:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 2:18:21 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,11380,Access Process Data,Unauthorized access blocked,23/08/2018 2:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 2:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9376,Access Process Data,Unauthorized access blocked,23/08/2018 1:50:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 1:50:05 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,12208,Access Process Data,Unauthorized access blocked,23/08/2018 1:48:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 1:48:19 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,11852,Access Process Data,Unauthorized access blocked,23/08/2018 1:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 1:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,7980,Access Process Data,Unauthorized access blocked,23/08/2018 1:18:14 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 1:18:14 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,16896,Access Process Data,Unauthorized access blocked,23/08/2018 1:06:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 1:06:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,15912,Access Process Data,Unauthorized access blocked,23/08/2018 12:48:10 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 12:48:10 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,2860,Access Process Data,Unauthorized access blocked,23/08/2018 12:36:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 12:36:47 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,12196,Access Process Data,Unauthorized access blocked,23/08/2018 12:18:08 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 12:18:08 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,7236,Access Process Data,Unauthorized access blocked,23/08/2018 12:06:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,23/08/2018 12:06:07 AM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9672,Access Process Data,Unauthorized access blocked,22/08/2018 11:48:03 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 11:48:03 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,10952,Access Process Data,Unauthorized access blocked,22/08/2018 11:35:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 11:35:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,14280,Access Process Data,Unauthorized access blocked,22/08/2018 11:18:01 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 11:18:01 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,14904,Access Process Data,Unauthorized access blocked,22/08/2018 11:05:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 11:05:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,7436,Access Process Data,Unauthorized access blocked,22/08/2018 10:47:57 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 10:47:57 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,6852,Access Process Data,Unauthorized access blocked,22/08/2018 10:35:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 10:35:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,2244,Access Process Data,Unauthorized access blocked,22/08/2018 10:17:52 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 10:17:52 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,14660,Access Process Data,Unauthorized access blocked,22/08/2018 10:05:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 10:05:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,16528,Access Process Data,Unauthorized access blocked,22/08/2018 9:50:05 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 9:50:05 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9084,Access Process Data,Unauthorized access blocked,22/08/2018 9:48:43 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 9:48:43 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,4324,Access Process Data,Unauthorized access blocked,22/08/2018 9:47:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 9:47:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,17392,Access Process Data,Unauthorized access blocked,22/08/2018 9:35:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 9:35:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,8448,Access Process Data,Unauthorized access blocked,22/08/2018 9:17:45 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 9:17:45 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,8544,Access Process Data,Unauthorized access blocked,22/08/2018 9:05:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 9:05:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,17152,Access Process Data,Unauthorized access blocked,22/08/2018 8:47:42 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 8:47:42 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,15880,Access Process Data,Unauthorized access blocked,22/08/2018 8:35:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 8:35:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,9168,Access Process Data,Unauthorized access blocked,22/08/2018 8:17:40 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 8:17:40 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,14400,Access Process Data,Unauthorized access blocked,22/08/2018 8:05:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 8:05:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,15832,Access Process Data,Unauthorized access blocked,22/08/2018 7:47:38 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 7:47:38 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,15592,Access Process Data,Unauthorized access blocked,22/08/2018 7:35:47 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 7:35:47 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13symerr.exe,12948,Access Process Data,Unauthorized access blocked,22/08/2018 7:17:35 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,22/08/2018 7:17:35 PM,C:PROGRAM FILESendpointpolicymanagerCOREPPEXTENSIONSERVICE.EXE,4424,C:Program FilesSymantec.cloudEndpointProtectionAgentEngine22.14.2.13NortonSecurity.exe,3892,Access Process Data,Unauthorized access blocked, ``` + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/_category_.json index 7ad54c8bae..2064d70b16 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/applicationvirtualization.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/applicationvirtualization.md index f802d23cf6..c859383558 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/applicationvirtualization.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/applicationvirtualization.md @@ -12,3 +12,5 @@ Endpoint Policy Manager (formerly PolicyPak). To see videos on these solutions watch go to Application Manager > [Video Learning Center](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md). + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/appvsequences.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/appvsequences.md index 0972aec960..41d9323e3e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/appvsequences.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/appvsequences.md @@ -9,3 +9,5 @@ sidebar_position: 10 No. Netwrix Endpoint Policy Manager (formerly PolicyPak) treats App-V sequences like other installed applications. This means if you have real installed applications and also App-V applications the transition is very smooth. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/exception.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/exception.md index b7219d9f7c..17bea56e48 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/exception.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/exception.md @@ -29,3 +29,5 @@ What this does is exclude the PolicyPak CSE files from interacting with the Thin Remember, This prevents PolicyPak from managing that application, but, works around any Exception Errors on launch. ::: + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/thinapp.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/thinapp.md index e9236ab803..a8208cd80b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/thinapp.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/thinapp.md @@ -38,3 +38,5 @@ name so it's clear what it's doing. Then recompile. package's Java will automatically be configured at this point with the settings you dictate. ![147_4_image0061](/images/endpointpolicymanager/applicationsettings/147_4_image0061.webp) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp.md index 754d0e834a..acabc6924a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp.md @@ -12,3 +12,5 @@ server, you only need to: - Ensure the XenAPP server is licensed like any other computer, and - Apply the GPO settings to the user, or - Apply the GPO setting to the server itself. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp_1.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp_1.md index fd744ab581..ba25906628 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp_1.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/virtualizedapplications/xenapp_1.md @@ -10,3 +10,5 @@ Yes, besides delivering application settings to real installed applications, the Policy Manager (formerly PolicyPak) Application Settings Manager PAK, will also deliver them to applications that either reside on a XenAPP server or are being streamed (virtualized) from a XenAPP server + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/_category_.json index 12b644b19b..a611105f99 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/_category_.json index 2348ef42e0..65764f5941 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/centralstorework.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/centralstorework.md index a3c8fb4fe0..4da0ebccc0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/centralstorework.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/centralstorework.md @@ -9,7 +9,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) enables you to work with ot quickly. Just put the Paks into the central store, and everyone has a copy. Watch this video to see how it's done! - + ### PolicyPak: Working with Others and using the Central Store video transcript @@ -116,3 +116,5 @@ also get the PolicyPaks into the Central Store. Again that Central Store locatio there. It's easy as pie. Well, that's it for this video. Thanks so much, and we'll see you on the next one. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllorphans.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllorphans.md index 6b2e1f1ba7..c138f60e71 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllorphans.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllorphans.md @@ -9,7 +9,7 @@ If a DLL that supports a GPO is removed, you need a way to discover and quickly Endpoint Policy Manager (formerly PolicyPak) GPOTouch utility has a function called Find & Repair Orphaned Paks within GPOs. Here's how it works. - + ### PolicyPak: Understanding and fixing PolicyPak DLL Orphans video transcript @@ -70,3 +70,5 @@ I hope this helps understand the condition of orphans. If you ever need some hel you. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllreconnect.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllreconnect.md index ef475508d5..25d5cb9b74 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllreconnect.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/dllreconnect.md @@ -8,7 +8,7 @@ sidebar_position: 60 This is an advancedNetwrix Endpoint Policy Manager (formerly PolicyPak) topic showing how to reconnect a DLL if the inner name was changed, and someone deleted the existing DLL. - + ### PolicyPak: Reconnecting DLLs video transcript @@ -64,3 +64,5 @@ sure to connect to the right one, and you'll be in the club. That's how you can if you have "DLL not found" under your extension storage. I hope that was helpful for you, and I'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/manualupdate.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/manualupdate.md index ac33863e19..9f3f654b79 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/manualupdate.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/manualupdate.md @@ -5,7 +5,7 @@ sidebar_position: 10 --- # How to manually update Paks - + Hi, this is Whitney with PolicyPak Software and in this video, we are going to talk about the idea of how to manually update your packs. If you are ever having trouble with a pack and you email us @@ -43,3 +43,5 @@ Then you can make any changes, do whatever you need to do, and then tell it OK. that the extension location now just says Central Storage instead of with that newer end parentheses right there. That is it. That is all you have to do to manually update a pack if you ever have need to. I hope that helps you out. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/shares.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/shares.md index ccca0d06bc..43518cb064 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/shares.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/shares.md @@ -9,7 +9,7 @@ Starting in build 601 of the Netwrix Endpoint Policy Manager (formerly PolicyPak you've got the ability to store Pak files on shares — as well as the traditional Local and Central stores. This video shows you how it works. - + ### PolicyPak: Using Shares to Store Your Paks Video Transcript @@ -79,3 +79,5 @@ you have questions about the idea where you need to "Re-scan for Available Appli please post your question to the support forums and we'll be happy to help you out. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/touchutility.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/touchutility.md index 89b98d88b9..3a99e92f17 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/touchutility.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/touchutility.md @@ -9,7 +9,7 @@ Updating your Pak DLLs and GPOs to a newer version manually can be a pain in the this utility to automatically update your GPOs with Netwrix Endpoint Policy Manager (formerly PolicyPak) data to the latest versions. It installs alongside DesignStudio. - + ### PolicyPak: GPOTouch Utility video transcript @@ -96,3 +96,5 @@ I hope that helps. I know it helps me out a lot when I help customers, and I hop out too. Thanks so very much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/trustedappsets.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/trustedappsets.md index 06c7074a89..ca0a457269 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/trustedappsets.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/trustedappsets.md @@ -19,4 +19,6 @@ Before heading down this path please watch the backup / restore videos: - [Endpoint Policy Manager Application Settings Manager: Backup, Restore, Export, Import](/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backup.md) - [Endpoint Policy Manager: Backup and Restore Options to Recover from nearly any problem](/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backupoptions.md) - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/uptodate.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/uptodate.md index f403f987ca..b779948cf6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/uptodate.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/uptodate.md @@ -8,7 +8,7 @@ sidebar_position: 40 Upgrading from a previous version of Netwrix Endpoint Policy Manager (formerly PolicyPak) is easy. Here are the basic steps involved. - + ### PolicyPak: Upgrading from a previous version of PolicyPak video transcript @@ -106,3 +106,5 @@ that makes sense. If you do have any questions, we're here for you. Happy PolicyPaking! Take care. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/_category_.json index eedad9b47d..9f22391c95 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/_category_.json @@ -3,4 +3,4 @@ "position": 130, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/bookmarks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/bookmarks.md index 1b1fd674c3..dec524efa3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/bookmarks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/bookmarks.md @@ -17,10 +17,12 @@ can deliver Chrome bookmarks. ``` [ { "name": "GP Answers", "url": "gpanswer.com" }, { "name": "PolicyPak", "url":  - "endpointpolicymanager.com" }, { "name": "Chrome links", "children": [ { "name": "Chromium",  + "policypak.com" }, { "name": "Chrome links", "children": [ { "name": "Chromium",  "url": "chromium.org" }, { "name": "List of Policies", "url":  "http://www.chromium.org/administrators/policy-list-3" } ] } ] ``` More Information: Available on this link: [https://www.chromium.org/administrators/complex-policies-on-windows](https://www.chromium.org/administrators/complex-policies-on-windows) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/clearbrowsing.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/clearbrowsing.md index 5d9aae49b4..72a008b8db 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/clearbrowsing.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/clearbrowsing.md @@ -9,10 +9,10 @@ Of course you want to have nice clean browsing history, download history, cookie plug in data, along with Cached images and files, Password and Autofill form data. Use Netwrix Endpoint Policy Manager (formerly PolicyPak) to manage these items in Chrome. - + Download this video: -[https://www.endpointpolicymanager.com/automation/download.php?vid=VviwZSFFrQ4&pid=policypak-google-chrome-clear-browsing-history-cookies-password-images-and-more](https://www.endpointpolicymanager.com/automation/download.php?vid=VviwZSFFrQ4&pid=policypak-google-chrome-clear-browsing-history-cookies-password-images-and-more) +[https://www.policypak.com/automation/download.php?vid=VviwZSFFrQ4&pid=policypak-google-chrome-clear-browsing-history-cookies-password-images-and-more](https://www.policypak.com/automation/download.php?vid=VviwZSFFrQ4&pid=policypak-google-chrome-clear-browsing-history-cookies-password-images-and-more) ### Endpoint Policy Manager: Google Chrome: Clear Browsing History, Cookies, Password, Images and more @@ -86,3 +86,5 @@ That's the general gist. That's a way for you to clear out all that stuff – th and browser history and other cached items – that you would want to manage using Chrome. I hope that helps you out, and we'll talk to you soon. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/gettingstarted.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/gettingstarted.md index 2b40d1d8b5..9ac98e7966 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/gettingstarted.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/chrome/gettingstarted.md @@ -8,7 +8,7 @@ sidebar_position: 10 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage Google Chrome using Group Policy, SCCM or your own management utility - + ### Manage Google Chrome using Group Policy video transcript @@ -87,3 +87,5 @@ That's it. If you have any questions, feel free to post them on our support foru around the clock. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/_category_.json index 96e9670575..605becdd5e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo.md index 0d41da7cd7..b150dde511 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo.md @@ -8,7 +8,7 @@ sidebar_position: 30 If you need to manage applications, the desktop, Java, the Start Menu and more.. you have to see this action packed Netwrix Endpoint Policy Manager (formerly PolicyPak) + Citrix demo. - + ### Endpoint Policy Manager on Citrix: You Gotta Try This @@ -191,12 +191,12 @@ over here. Let's say you're having a good time. You're over here at "citrix.com. going great at "citrix.com" here, but you know that the PolicyPak website doesn't work perfectly unless it's in Internet Explorer. -You can start another tab. Don't blink. Here's the magic: "www.endpointpolicymanager.com." Watch this. We're +You can start another tab. Don't blink. Here's the magic: "www.policypak.com." Watch this. We're going to close the tab and open up the right browser for the right website. Did you see that go? This is coming from Citrix. This is not local to the desktop. This is happening all on the Citrix server. I can show you that again if you want to here in Chrome land. Don't blink. I'm here on the Citrix -server. I go to "www.endpointpolicymanager.com," and we route you over to Internet Explorer. If you're in +server. I go to "www.policypak.com," and we route you over to Internet Explorer. If you're in Firefox as well, I've actually set up a couple of routes. In fact, let me show you what routes I have set up so you can see how easy this is to do. "PP @@ -204,7 +204,7 @@ Browser Router Demo," he's already ready to go. Let me click "Edit" on this guy. saying when I'm on this wrong website, route me to the right browser. If I go to "PolicyPak/Browser Router" here, these policies are set up. I have whenever I go to -"www.endpointpolicymanager.com," head on over to "Internet Explorer." Whenever I go to "mozilla," make me use +"www.policypak.com," head on over to "Internet Explorer." Whenever I go to "mozilla," make me use "Firefox." Whenever I go over to "google," I want to use "Google Chrome." Whenever I go to "facebook," "Block" it. @@ -230,7 +230,7 @@ run perfectly as needed can be done not only on the desktop but also on Citrix. You can see this is being prompted from a Citrix box for UAC prompts, but that is not the best way to do this. The best way to do this is to create a PolicyPak Least Provilege Manager rule -([https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)), +([https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)), which I've already got set up here. Let me go ahead and select "Link Enabled." Then I'll go ahead and click "Edit" just to show you what it looks like here. @@ -288,7 +288,7 @@ PolicyPak is kicking in inside the desktop session and if all goes well here we and click on "Google Chrome." All the stuff I showed you earlier of course also works inside. If you're in the browser and you -need to go to the right browser, like I said you want to "endpointpolicymanager.com" here, what are we going to +need to go to the right browser, like I said you want to "policypak.com" here, what are we going to do? Browser Router kicks in here and so on. It all is one unified system. No brain power involved. You already know how to use it because you @@ -303,3 +303,5 @@ winner, I will reach out to you and send you a copy of my book. I think that's it. I'm 20 seconds under time. With that in mind, I'm going to hand it back over to my pal, Eric. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo2.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo2.md index 48b20aec66..5773cbe7d6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo2.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/demo2.md @@ -5,10 +5,10 @@ sidebar_position: 40 --- # CUGC Connect Endpoint Policy Manager + Citrix Demo You Gotta Try This! -For more helpful content, visit [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) or join the Citrix +For more helpful content, visit [www.policypak.com](https://www.policypak.com/) or join the Citrix User Group Community at [https://www.mycugc.org/](https://www.mycugc.org/) - + ### CUGC Connect: Endpoint Policy Manager plus Citrix Demo – You Gotta Try This @@ -130,7 +130,7 @@ did it the other day, it's like 1.3 million. That's a hard problem to solve. You have four browsers now: Internet Explorer, Firefox, Chrome and Edge. How do you open up the right browser for the right website and also the right Java for the right website and block naughty websites -([https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites)) +([https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites)) and maybe turn Java off except for certain websites? What we can do is any browser routing and also mapping particular versions of Java to a particular website. I know you have this problem, and we will be demonstrating this today. You're going to love it. @@ -183,7 +183,7 @@ Group Policy Edition, that's sort of your on-prem way. Then if you are using the can also get it deployed that way too. Least Privilege Manager -([https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)) +([https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)) gets you out of the local admin rights business. Browser Router maps specific websites to specific browsers. Java Rules Manager will guarantee a particular version of Java to a particular website. File Associations Manager is where you can map specific extensions or protocols like PDF or MAILTO: @@ -362,7 +362,7 @@ Jeremy: Okay, sure. FSLogix and us have a great partnership. We have a good bet In fact, what I can do just to prove out the point real fast is let me show you on the website where you can learn more about how those two things go great together. -If you go to "endpointpolicymanager.com," you can go to "INTEGRATION." Under "INTEGRATION" there's "PolicyPak & +If you go to "policypak.com," you can go to "INTEGRATION." Under "INTEGRATION" there's "PolicyPak & FSLogix." You can see all of our better together stories. We have about six of them. FSLogix is great about the actual file system. Their claim to fame is hiding applications and also doing a great job with maintaining user state as a guy roams from machine to machine. We don't do that. We @@ -493,7 +493,7 @@ have this user here. He's in Firefox land and he's at "citrix.com." He decides h website that doesn't render well in Firefox. Let's pretend that PolicyPak doesn't render very well in Firefox land. Watch this, Webster. I think -you're going to flip over it when I do this. Here I am. I'm going to type in "www.endpointpolicymanager.com," +you're going to flip over it when I do this. Here I am. I'm going to type in "www.policypak.com," but we know that it doesn't render perfectly in Firefox. Watch the birdy. We're going to click on the tab. We close the wrong browser; we open up the right @@ -893,7 +893,7 @@ way for you to get in touch with us. Webster: Yeah, we also have people saying, yes, we need to stop that receiver pop-up. Jeremy: Fair enough. Let me go ahead and actually open up Internet Explorer here. Well, actually, -Browser Router is going to kick in so if I go to "endpointpolicymanager.com," it's going to open up in Internet +Browser Router is going to kick in so if I go to "policypak.com," it's going to open up in Internet Explorer. If you want to get started on a trial, I want you to get started on a trial too. There are a couple of ways you can do it. The best way, click on "Contact Us." Don't wait until, @@ -951,3 +951,5 @@ Jeremy: Thanks again for everything, both of you. You guys get a big hug from m Stephanie: Awesome. All right, everybody, have a great afternoon, and we'll see you all later. Bye. Webster: All right, thank you. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/integration.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/integration.md index c21de99dfb..945df8516b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/integration.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/integration.md @@ -9,4 +9,6 @@ Do you have Citrix Virtual Apps, Citrix Virtual Desktops, or Citrix Endpoint Man you're going to LOVE how Netwrix Endpoint Policy Manager (formerly PolicyPak) helps you. Watch this two minute overview video to see how to make the most of your Citrix investment! - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/rds.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/rds.md index 2b67a1f9a0..632eb226a8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/rds.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/rds.md @@ -10,7 +10,7 @@ Desktop Services such as RemoteApp to give you perfect control over your applica See how to use them together in this video: - + ### Endpoint Policy Manager and Microsoft RDS and RemoteApp – Better Together to Manage Applications' settings video transcript @@ -81,7 +81,7 @@ side and thus I will affect everybody. This is another PolicyPak superpower. We' settings, so therefore everybody who is on the computer is going to get these user side settings. I'm going to pick "PolicyPak for Mozilla Firefox" for this example here. Let me go ahead and set the -"Home Page" to "www.endpointpolicymanager.com," and I'll make sure that is locked down ("Lockdown this setting +"Home Page" to "www.policypak.com," and I'll make sure that is locked down ("Lockdown this setting using the system-wide config file") so users can't work around it. I'll also go to "Security" and make sure these important security settings are always checked and always locked down. I'm going to "Lockdown this setting using the system-wide config file." @@ -137,3 +137,5 @@ also support, you're welcome to get started any time. Just go ahead and fill out see if it's right for you. Thanks so much, and I'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/sealapproval.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/sealapproval.md index 33e46527f2..6452d564b9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/sealapproval.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/sealapproval.md @@ -8,4 +8,6 @@ sidebar_position: 10 If you are unsure if Endpoint Policy Manager + Citrix are a good combo.. then just take it from Carl Webster, Citrix CTP Fellow. - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xenapp.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xenapp.md index 3a9db1babc..b7289c70cb 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xenapp.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xenapp.md @@ -16,7 +16,7 @@ Watch this video to see how you can use Group Policy and Netwrix Endpoint Policy PolicyPak) to ensure that users' XenApp application settings. Settings will be automatically deployed and fully locked down with the IT and business settings they need to have: - + XenApp is awesome. It enables "Application Anywhere" access. But that "Application Anywhere" access can come back to bite you if you're not doing all you can to manage those applications. @@ -102,7 +102,7 @@ application."We'll make it hard for them to work around our settings. Also while we're here, we'll go to "PolicyPak/Applications/New/Application"and we'll go to "PolicyPak for Mozilla Firefox."Like I said, what we want to do here is we want to for the "Home -Page" we'll do this "www.endpointpolicymanager.com." +Page" we'll do this "www.policypak.com." Then while we're here, we'll also go to "Security." Well, remember, that user unchecked those checkboxes. Let's make sure that those checkboxes, those important security things, are in fact @@ -156,3 +156,5 @@ I hope you had fun watching this demonstration of PolicyPak and XenApp. If you h we're happy to help. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xendesktop.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xendesktop.md index 8c5171c227..0cb0c785b9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xendesktop.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/citrix/xendesktop.md @@ -20,7 +20,7 @@ So watch this video to see how Netwrix Endpoint Policy Manager (formerly PolicyP users' desktops and applications are locked down and help add more value to your XenDesktop investment. - + You might know that some licensed Citrix customers get to take advantage of some Citrix addons: @@ -180,7 +180,7 @@ target application" in Cameras. I've gone ahead and done that. Now for Firefox, we're just going to right click, "New/Application" and we'll pick "PolicyPak for Mozilla Firefox" as well. We'll go ahead and also pick the local storage one. We're just going to go -ahead and set up the "Home Page." We'll just do "www.endpointpolicymanager.com." We'll go ahead and just set +ahead and set up the "Home Page." We'll just do "www.policypak.com." We'll go ahead and just set that up. We can set "Security" options the way we want to. We can guarantee various security options if that's important to us. We'll go ahead and click "OK." That's it. @@ -200,7 +200,7 @@ Policy refresh, and when Group Policy refreshes so does endpointpolicymanager.Yo Policy update has completed successfully" and "Computer Policy update has completed successfully." Now we're ready to test out our apps. In no particular order, let's go over to "Mozilla Firefox" -first. We'll go to "Options" and "General." There we go. We got "www.endpointpolicymanager.com" as the "Home +first. We'll go to "Options" and "General." There we go. We got "www.policypak.com" as the "Home Page," just as we told it to do. That's good news. If we were to look at "Security," it would guarantee those settings. That's one application that we just did inside of XenDesktop. @@ -229,3 +229,5 @@ I hope this explains how PolicyPak works with XenDesktop. If you have any questi help. This is, again, Jeremy Moskowitz, former Group Policy MVP and Founder of PolicyPak Software. I'll talk to you soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/_category_.json index e96548a30e..ffa3451948 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/addelements.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/addelements.md index e8199aeba3..0ec73f5226 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/addelements.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/addelements.md @@ -8,7 +8,7 @@ sidebar_position: 30 Quicky and easily add additional bells and whistles to your project. In this quick demo Jeremy shows you how to add a radio button element that he captures from a different part of the UI. - + ### Endpoint Policy Manager: Using DesignStudio to add elements from an alternate UI video transcript @@ -52,3 +52,5 @@ That's it. I hope that gives you instruction for how to add simple UI elements, aren't on the regular UI. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/designstudiojava.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/designstudiojava.md index 93cc488976..96462555a2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/designstudiojava.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/designstudiojava.md @@ -9,7 +9,7 @@ sidebar_position: 60 In this video, you will see how to take our existing Java Paks, which only work on Windows 7 and later, and make them work on WIndows XP. - + ### PolicyPak: Using PolicyPak DesignStudio to modify the Java Paks for XP Video Transcript @@ -63,5 +63,6 @@ Edit ILT Conditions" to also specify XP. That's all there is to it. If you have any questions, do post in the forums about how to do this. This is a "how do I" question. -[https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/](https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/) +[https://policypak.com/resources/thank-you-whitepapers/](https://policypak.com/resources/thank-you-whitepapers/) so much, and talk to you soon. + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firefox_plugins.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firefox_plugins.md index a0178ca859..7cdf8de7c2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firefox_plugins.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firefox_plugins.md @@ -9,7 +9,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) can manage your Firefox plu you off with an example Pak. This video shows you how to take this example Pak and make settings for whatever plugins you want. - + ### Manage Firefox Plugins using Endpoint Policy Manager and the Endpoint Policy Manager DesignStudio Video Transcript @@ -172,3 +172,5 @@ you have, we're obviously not making a Pak for every plug-in on the planet. That the Design Studio. Thanks so very much, and we'll talk to you soon. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firstpak.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firstpak.md index f12acf1d7a..ca4a743cbf 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firstpak.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/firstpak.md @@ -9,7 +9,7 @@ Creating packs for your own applications is fun and easy. Watch this how-to vide you can create your own Paks for the software you use within your company. Goodbye ADM and ADMX files, hello Netwrix Endpoint Policy Manager (formerly PolicyPak)! - + ### Endpoint Policy Manager: Creating Your First Pak using Endpoint Policy Manager Design Studio video transcript @@ -219,3 +219,5 @@ manage that PolicyPak. We've talked about that in other videos. So with that in mind, I hope you've enjoyed "How to Create Your First PolicyPak." Thanks so much. I'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/foxitprinter.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/foxitprinter.md index 5a21e62917..f49158516e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/foxitprinter.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/foxitprinter.md @@ -8,7 +8,7 @@ sidebar_position: 50 In this tutorial we show how to capture FoxIT Printer's settings. Check out the video to see how its done. - + ### PP Design Studio – FoxIT Printer Settings Tutorial Video Transcript @@ -104,3 +104,5 @@ That's the scoop right there. That is how I created this Pak. If you have any qu your "how do I" questions to the forums. Looking forward to helping you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/importregistry.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/importregistry.md index 95ee0a1ad4..603a53432a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/importregistry.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/importregistry.md @@ -9,7 +9,7 @@ If you've already got collections of registry keys you want to deliver, Endpoint ensure that they are always delivered and consistently reinforced. In this tip, use the PP DesignStudio to import your registry keys for both ON and OFF values. - + ### Endpoint Policy Manager: Use the DesignStudio to import existing registry keys @@ -56,3 +56,5 @@ your target machines. That is a new feature in the Design Studio called Registry any questions, we're here for you. Thanks so very much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/itemleveltargeting.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/itemleveltargeting.md index f2f8f2e081..b6fc9fe66b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/designstudio/itemleveltargeting.md @@ -9,10 +9,10 @@ Using build 545 and later, you can use "Internal Filters" to specify when your P specific machines. For instance, you might only want an applications settings to hit the machine \*WHEN\* the application is actually on the machine. This video is for Pak designers only. For normal "Item Level Targeting" -([https://www.endpointpolicymanager.com/pp-blog/item-level-targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting))filters, +([https://www.policypak.com/pp-blog/item-level-targeting](https://www.policypak.com/pp-blog/item-level-targeting))filters, see our Video on that function (for day to day Endpoint Policy Manager administration.) - + ### Endpoint Policy Manager: Predefined ILTs (Internal Filters) Video Transcript @@ -111,3 +111,5 @@ If you have any questions about item-level targeting filters, or predefined item filters, I'm looking forward to seeing your question in the PolicyPak forums. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/_category_.json index aab8067670..b049d17738 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/acllockdown.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/acllockdown.md index 7299522970..7b0e5cbc82 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/acllockdown.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/acllockdown.md @@ -12,7 +12,7 @@ This literally prevents users (or other applications) from modifying your settin "Steady State" to your application where users are simply not permitted to work around your settings (online or offline, running or not running.) - + ### Endpoint Policy Manager: ACL Lockdown for Registry Based Applications video transcript @@ -90,3 +90,5 @@ That's it. If you have any questions about how the PolicyPak ACL Lockdown works, show you more. Just give us a buzz. Thanks so much, and I'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/applicationlaunch.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/applicationlaunch.md index da570c6ee2..2fe5fb5b8e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/applicationlaunch.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/applicationlaunch.md @@ -8,4 +8,6 @@ sidebar_position: 40 Netwrix Endpoint Policy Manager (formerly PolicyPak) supports automatic re-delivery of settings, simply by re-launching the application. This is configurable per Pak and demonstrated in this video. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargeting.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargeting.md index 90878d2918..c49ca9ef7b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargeting.md @@ -5,7 +5,7 @@ sidebar_position: 10 --- # Using Item Level Targeting - + Hi, this is Whitney with PolicyPak Software. In this video, we are going to talk about the idea of using item-level targeting with the application settings manager. What that is is a way for you to @@ -85,3 +85,5 @@ All three of these are checked, and this one is hidden. That is item-level targeting as used with the Application Settings Manager. Hope this helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md index 8ab9746964..d5c5a46bb5 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/itemleveltargetingbypass.md @@ -9,4 +9,6 @@ Use this technique to bypass any Internal Item Level Targeting filters which are pre-configured AppSets. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/proxysettings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/proxysettings.md index 771a16dac4..a33d2d86e1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/proxysettings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/proxysettings.md @@ -10,7 +10,7 @@ Starting in build 545, you can flip / flop specific settings even when offline. this video how we change Firefox's Proxy settings — even when there is no DC. You're going to love this tip ! - + ### PolicyPak: Manage different proxy settings, even when offline video transcript @@ -95,3 +95,5 @@ have any questions on how to do this, please feel free to post your questions in forum. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/superpowers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/superpowers.md index c40cefecb8..b71c51ebbe 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/superpowers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/superpowers.md @@ -9,4 +9,6 @@ Enforcement, reversion, applock, offline and switched modes OH MY! Come learn ab that Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Application Settings Manager has to offer. - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/variables.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/variables.md index 53cb5a870a..2cc6a182ba 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/variables.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/featurestechsupport/variables.md @@ -8,7 +8,7 @@ sidebar_position: 60 You might want to deliver settings based upon Windows' environment variables. There are several types of Env variables, and in this demo, we show you how to find them and some use cases. - + ### PolicyPak: Using Environment Variables in Paks Video Transcript @@ -43,7 +43,7 @@ folder" for this user is "`C:Userseastsalesuser2Desktop`." There are a lot of other options here, but let me give you a quick technique to go to the advanced level here. On every target machine, all these environment variables are declared inside a special location in the registry. I'm going to show you that location. Actually, I'm going to -"[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)." +"[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)." This is an advanced technique, so I'm going to run this as administrator here. I'll type "regedit." I'm looking under @@ -91,3 +91,5 @@ That's it for environment variables. If you have questions on that, we're here f post your questions in the forum, and we'll see you there. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/_category_.json index f1063d4d15..9bdbcd2e18 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/_category_.json @@ -3,4 +3,4 @@ "position": 140, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/addons.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/addons.md index c3d7404984..5072bdec3e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/addons.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/addons.md @@ -10,7 +10,7 @@ Endpoint Policy Manager (formerly PolicyPak) can manage (enable or disable) ALL Watch this video to finally get a handle on how to manage your Firefox Add-ons using Group Policy or your own systems management utility. - + ### Endpoint Policy Manager: Manage Firefox Add-ons using Group Policy @@ -150,3 +150,5 @@ portal as a customer or as someone who is trialing out. Thank you very much for watching. I look forward to getting you started real soon. Thanks so much. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/adobe.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/adobe.md index 98e631ea25..832a1a9e4b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/adobe.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/adobe.md @@ -8,7 +8,7 @@ sidebar_position: 110 Firefox always opens PDF files in it's own internal viewer. Most customers want to change this to an external PDF reader. See how to do it in this video (and also for any other extension type!) - + ### Endpoint Policy Manager: Change Firefox application handler (like PDF) to Adobe Reader @@ -93,3 +93,5 @@ That's it. That takes us to the end of the video. This is a huge leap forward. W requests for this, and we did it because you asked for it. I hope this helps you out. Looking forward to getting you started with PolicyPak soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarks.md index 2c4c3c54c2..61a5e4e4af 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarks.md @@ -8,7 +8,7 @@ sidebar_position: 50 With Netwrix Endpoint Policy Manager (formerly PolicyPak) you can add or remove bookmarks to the menus or the toolbar. Watch this video to see exactly how to do it. - + ### Endpoint Policy Manager: Manage Firefox Bookmarks @@ -64,3 +64,5 @@ It's just that simple. If you want to manipulate Firefox settings, such as the b is the way for you to do that. Thanks very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarksmodify.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarksmodify.md index 84db84273c..c0174cca5e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarksmodify.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/bookmarksmodify.md @@ -7,4 +7,6 @@ sidebar_position: 130 Create/delete a bookmarks folder in Firefox. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/certificates.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/certificates.md index df3c374d85..f97b1691d6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/certificates.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/certificates.md @@ -9,7 +9,7 @@ Need to add or remove a certificate dynamically within Firefox? Netwrix Endpoint (formerly PolicyPak) makes it drop dead easy. Just point to the file and specify the store. Watch this video to see how it's done. - + ### Endpoint Policy Manager: Manage Firefox Certificates @@ -86,7 +86,7 @@ SHA-1 fingerprint ", remove" and that will blast it out. That's it. Let's go ahead and take a look. Let's go ahead and close this guy out. We'll run "gpupdate" here. We'll wait for this to finish. Close this out here. Go ahead and go to "Mozilla Firefox." Back to -"Options/View Certificates." It was right above the "\*.endpointpolicymanager.com" one, and now it's gone. So +"Options/View Certificates." It was right above the "\*.policypak.com" one, and now it's gone. So that certificate that was here is now gone. The last thing I want to just talk about ever so briefly is a little troubleshooting step in case @@ -104,3 +104,5 @@ right away, you know how to get in touch with us. Just simply click on "Contact you want to do, and we'll get you started in a trial. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/defaultsearch.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/defaultsearch.md index a849d97a48..3217369ad1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/defaultsearch.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/defaultsearch.md @@ -8,7 +8,7 @@ sidebar_position: 20 Everyone wants to know how to set the Firefox Search Engine from Yahoo to Google or something else using Group Policy. PolicyPak is the way to do it. Check out this video. - + ### Endpoint Policy Manager: Set the Firefox Default Search Engine using Group Policy @@ -48,3 +48,5 @@ delivered. I hope this helps you out. I'm looking forward to getting you started with a PolicyPak trial real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/disable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/disable.md index c4af6ec5e8..a718a1d1f8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/disable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/disable.md @@ -8,7 +8,7 @@ sidebar_position: 70 Need to remove about:config, about:addons, and the Australis button? How about entire menu items inside Fireofx Preferences? Check out this video. It couldn't be easier. - + ### Endpoint Policy Manager: Remove many common UI elements in Firefox with one click @@ -82,3 +82,5 @@ Pak, then attend one of our webinars or get in touch and we'll look forward to s inside. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extensions.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extensions.md index 1a26fc8744..413a8cd095 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extensions.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extensions.md @@ -9,7 +9,7 @@ Your users have a ton of (evil?) extensions in Firefox. How did they get there? you have some you want them to have, but don't know how to get rid of the junk they put there. Check out this video to see how to add or remove Firefox extensions using URLs, Flies, or over HTTPS. - + ### Endpoint Policy Manager: Force Installing Extensions using Group Policy @@ -135,3 +135,5 @@ add-ons and extensions and enable them or disable them. This is everything you probably ever need to do with regards to Firefox "Add-Ons: Extensions, Appearance, Plugins and Services." I hope this helps you out. I'm looking forward to getting you started real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extratabs.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extratabs.md index bd827142c3..83605c5f50 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extratabs.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/extratabs.md @@ -9,7 +9,7 @@ When Firefox runs the first time, it shows extra tabs. But using Netwrix Endpoin (formerly PolicyPak) you can remove these extra tabs on both Windows 7 and Windows 10. This video shows you how. - + ### Endpoint Policy Manager: Remove Firefox's Extra Tabs at First Launch @@ -37,7 +37,7 @@ So for all of our sales people, we could do it on the computer or the user side. Firefox's annoying two extra tabs. Right-click, hit "edit" here. And I'll do this on the computer side. We'll go to computer side PolicyPak, application settings manager here, right-click "new application" and we'll do Firefox 23, which is really 23 and later. And right here on the "general" -tab, let's go ahead and set the homepage to endpointpolicymanager.com and we'll right-click it and lock it down +tab, let's go ahead and set the homepage to policypak.com and we'll right-click it and lock it down so users can't work around it. And then here are how to stop the launch tabs. So we'll just click all these guys. And you can @@ -57,3 +57,5 @@ homepage, of course. And if on Windows 10 he were to go to "options" here, he is So that's it. It's easy as pie to use PolicyPak to remove the first run experience on Firefox and make it the way you intended. Hope this helps you out and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/gettingstarted.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/gettingstarted.md index fe62da17ee..f19a7a39c2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/gettingstarted.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/gettingstarted.md @@ -11,7 +11,7 @@ which will repackage, modify and "re-sell" Firefox —- each and every time an u also true they provide some ADM support with this modified software. But there's a better way —- a much better way. See how we do it using this video. - + ### Manage Firefox with Group Policy Video Transcript @@ -42,7 +42,7 @@ get one Pak. You actually get all the Paks, including this one, Firefox. We'll go ahead and click there, and let's go ahead and manage Firefox. The first thing to notice, it looks a lot like Firefox so no learning curve required. If you want to set the "Home Page," go to -"www.endpointpolicymanager.com," that's great. But while we're here, let's go the extra mile. Let's lock this +"www.policypak.com," that's great. But while we're here, let's go the extra mile. Let's lock this down by right clicking and performing the lockdown setting right there: "Lockdown this setting using the system-wide config file." @@ -119,8 +119,10 @@ settings to ensure that these things are configured the way you want to. PolicyPak is a true settings management system. We don't just manage Firefox. We can manage tons of your important key applications. If you're looking for a trial for PolicyPak, it's super easy to do. -Just go ahead, go over to endpointpolicymanager.com, click on the "Webinar" download button that's on the right +Just go ahead, go over to policypak.com, click on the "Webinar" download button that's on the right side. After we see you in a webinar, we'll hand over the bits and you can try this all out for yourself. Thanks so much for watching, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/miscsettings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/miscsettings.md index 852f462448..30368d764e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/miscsettings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/miscsettings.md @@ -16,7 +16,7 @@ be configured. Here are the misc settings, and the time index where they can be - Prevent Firefox Sync: 7:17. - Prevent Misc Buttons and Controls: 9:36. - + ### Endpoint Policy Manager: Manage Firefox Misc Settings and Buttons Using Endpoint Policy Manager @@ -63,7 +63,7 @@ private browsing. In this video, we're going to use PolicyPak to "Always clear saved passwords" between sessions. By way of example, if you're on any given website that has a garden-variety logon, for instance if I -log on as "jeremym@endpointpolicymanager.com" to this website, Firefox would cheerfully ask if you want to +log on as "jeremym@policypak.com" to this website, Firefox would cheerfully ask if you want to "Remember Password," which is not good. If you were to "Remember Password" here and then you were to even "Logout," close out the browser, @@ -198,3 +198,5 @@ Thanks. Take care. If you're looking to get started, just reach out and give us a buzz. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/popups.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/popups.md index 566d4ad355..5b5da40ae6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/popups.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/popups.md @@ -9,7 +9,7 @@ Want to see how to dictate which websites can allow or block pop-ups? How about Camera or Microphone? Only Netwrix Endpoint Policy Manager (formerly PolicyPak) enables you to set these using Group Policy or the Cloud. - + ### Endpoint Policy Manager: Manage Firefox Pop-Ups and Permissions using Group Policy @@ -35,8 +35,8 @@ You can either use "MODE=REPLACE" or "MODE=MERGE." MODE=MERGE says, "We don't ca settings. If they do, we'll go ahead and leave them there. But if they have anything at all, MODE=REPLACE says, "Smash down," replacing whatever they have with whatever we put right here. -Let's go ahead and say on endpointpolicymanager.com we want popup, allow. You can see how the template works. -You just go through, give it a name, comma, "popup," comma, "allow" ("endpointpolicymanager.com, popup, allow"). +Let's go ahead and say on policypak.com we want popup, allow. You can see how the template works. +You just go through, give it a name, comma, "popup," comma, "allow" ("policypak.com, popup, allow"). There are these other permissions as well. I'll just use Facebook as the example here. You can see we've got "camera," "microphone," "install," "pointerLock" and "desktop-notification." These @@ -58,9 +58,9 @@ would see that these would occur as well. Now that that's done, let me close this out. We'll go ahead and run "Mozilla Firefox" here. Let's head right over to "Options," back to "Content." For "Block pop-up windows," you can see -"endpointpolicymanager.com" is set to "Allow." +"policypak.com" is set to "Allow." -If we look and go to "about:permissions" here, you can see that "endpointpolicymanager.com" is dictated, the +If we look and go to "about:permissions" here, you can see that "policypak.com" is dictated, the permission for "Open Pop-up Windows" is "Allow." Here, "www.facebook.com" is set to "Block" "Use the Camera" and "Use the Microphone." @@ -73,3 +73,5 @@ For more information about this, check out the Read Me file inside the Firefox P you more information about that. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/removeelements.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/removeelements.md index 1bea25f9f4..6e92c4897b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/removeelements.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/firefox/removeelements.md @@ -8,7 +8,7 @@ sidebar_position: 80 More power than ever before; now you can individually remove specific UI elements from Firefox in the about:preferences panel. Fine tune exactly what users can see and do (and not see and not do.) - + ### Endpoint Policy Manager: Firefox Remove Specific Elements from about:preferences panel @@ -58,3 +58,5 @@ using PolicyPak. Okay, that's it for now. I hope this helps you out. If you're looking to get started with a trial, give us a buzz or start coming to our webinar. See you then. Thanks. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/_category_.json index a4fd673330..3cf5678aae 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstorecreate.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstorecreate.md index 34321ef402..4c143de531 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstorecreate.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstorecreate.md @@ -11,4 +11,6 @@ that constitute the ability to create stuff in Group Policy, and PP central stor need to manage applications in the Application Settings Manager. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstoreupdate.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstoreupdate.md index ad303bedd9..7d7c0b7a72 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstoreupdate.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/centralstoreupdate.md @@ -9,7 +9,7 @@ Once you've created your Netwrix Endpoint Policy Manager (formerly PolicyPak) Ce populated it, eventually you'll need to update your Paks. This video shows two different ways to update your Paks and your GPOs. - + ### Endpoint Policy Manager: Updating Endpoint Policy Manager Central Store video transcript @@ -86,3 +86,5 @@ as well using that GPO Touch Tool. So either way you want to go about it, manual it's fine. That's how you update your PolicyPak central store. I hope that helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/quickrundown.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/quickrundown.md index 73a154adc8..51430fa8b1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/quickrundown.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/gettingstarted/quickrundown.md @@ -7,7 +7,7 @@ sidebar_position: 30 Learn how to get started with Application Settings Manager quickly and easily with this video. - + ### PPGP Quick Rundown: Application Manager Video Transcript @@ -30,7 +30,7 @@ Software" and "Google Chrome" and "Mozilla Firefox." Where the heck did all of t is with the random amount of applications I see here? Well, it came from the central store, and it's actually not random at all. -What I did before this video is, I went to the endpointpolicymanager.com customer portal, and I went to the +What I did before this video is, I went to the policypak.com customer portal, and I went to the Downloads tab and downloaded our Paks. Those Paks are right here, and they're all in folders. Let me just pick one here. Inside most of the folders, you're going to see three files here. One is a "Readme" file. It's exactly what you think it is. Just any information that we have that you may @@ -114,7 +114,7 @@ the computer side if we do that. So we're going to come over here to the "Applic Manager" over here on the computer side. We are going to right click and select "New Application," and we'll go with "PolicyPak for Mozilla Firefox" first. -Let's get into here. I want to deliver a "Home Page" here. I'll go with "https://www.endpointpolicymanager.com." +Let's get into here. I want to deliver a "Home Page" here. I'll go with "https://www.policypak.com." Why not? What I want to do is "Show my home page." There we go. This is where I "Lockdown this setting using the system-wide config file" which means that the user is going to have no way to change this at any point. It's, like I said, kind of ripping the knob off of it. @@ -142,7 +142,7 @@ we come over here and try to get into the "Cameras" tab where I could before, no So we disabled that just like we thought we were going to. Now let's see what we did with "Mozilla Firefox." All right, opening up. There we go. We have -delivered that "https://www.endpointpolicymanager.com" homepage. When I come over here, there we go. The +delivered that "https://www.policypak.com" homepage. When I come over here, there we go. The incognito mode or new private browsing is no longer there. If I try to go to "Options" and I want to try to change the "Home Page," I can't do anything. I can't change it because we've locked that down with that system-wide config file. So like I said, no more private browsing, no more changing of @@ -161,3 +161,5 @@ creating that central store if it wasn't already there. We talked about how to w Firefox, and Java in particular. But the rest of those 500 applications in general. So we hope that helps you out and talk to you soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/_category_.json index 6faa97c4d7..914967fd60 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/_category_.json @@ -3,4 +3,4 @@ "position": 120, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/certificates.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/certificates.md index f5091337a5..9a6fa77baa 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/certificates.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/certificates.md @@ -7,7 +7,7 @@ sidebar_position: 20 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE Certificates - + ### Endpoint Policy Manager: Manage IE Certificates @@ -53,3 +53,5 @@ I hope that gives you a quick demonstration of how you could add and remove cert PolicyPak for Internet Explorer. Thanks so much for watching. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/connectionstab.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/connectionstab.md index 5e2b9f57cc..109fa7a134 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/connectionstab.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/connectionstab.md @@ -7,7 +7,7 @@ sidebar_position: 30 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE Connections tab - + ### Endpoint Policy Manager: Manage IE Connections tab @@ -61,3 +61,5 @@ That's it for this little video. Go ahead and continue on to the next one and se more stuff. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/contenttab.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/contenttab.md index 2b8e9ead49..87c31fdf2b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/contenttab.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/contenttab.md @@ -7,7 +7,7 @@ sidebar_position: 40 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE Content tab - + ### Endpoint Policy Manager: Manage IE Content tab @@ -56,3 +56,5 @@ If you have any questions about this, be sure to post your questions to the foru and we'll get you going from there. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/favorites.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/favorites.md index a846120a22..479f4efc66 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/favorites.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/favorites.md @@ -7,7 +7,7 @@ sidebar_position: 100 Netwrix Endpoint Policy Manager (formerly PolicyPak): Managing Favorites in IE - + ### Endpoint Policy Manager: Managing Favorites in IE @@ -28,7 +28,7 @@ as it is. You can also set up new favorites. By way of example, you can just put one right on the root. I'll call this "Hello1, http://Microsoft.com." That will put a favorite right on the root. You can also make a folder and put a favorite in the folder. I'll call this "PolPakFolder/PolicyPakWebSite, -https://www.endpointpolicymanager.com/, add." That's going to deliver PolicyPak into a folder called PolPak +https://www.policypak.com/, add." That's going to deliver PolicyPak into a folder called PolPak Folder. You can also, if you want to, specify the icon. There's an "optional-icon" that you can specify. @@ -88,3 +88,5 @@ ones that you declare, and it will only remove on delete the ones that you put t they put there. I hope that helps you out. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/generaltab.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/generaltab.md index e42d804526..8b5da19c77 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/generaltab.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/generaltab.md @@ -7,7 +7,7 @@ sidebar_position: 50 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE General tab - + ### Endpoint Policy Manager: Manage IE General tab @@ -22,7 +22,7 @@ You can see here if we want to do primary and secondary start pages – by way o "www.primary.com" – you can see that when we do something it underlines. Underline means go. You could do the same thing here. If you want to make those your "Secondary Start Pages" or you want -to replace this with "https://www.endpointpolicymanager.com/," that's great. You can do that as well, and you +to replace this with "https://www.policypak.com/," that's great. You can do that as well, and you can see there that we're going to deliver those settings. You can also, when the policy no longer applies, you can "Revert this policy setting to (empty string) when it is no longer applied." @@ -55,3 +55,5 @@ universal and should work for all operating systems and all versions of Internet Continue on with the next set of videos to learn more. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/gettingstarted.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/gettingstarted.md index 7ff64dc32a..7d95df4d2d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/gettingstarted.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/gettingstarted.md @@ -7,7 +7,7 @@ sidebar_position: 10 Netwrix Endpoint Policy Manager (formerly PolicyPak): Getting Started Managing Internet Explorer - + ### Endpoint Policy Manager: Getting Started Managing Internet Explorer @@ -52,3 +52,5 @@ That's it for now. That's the getting started video. I hope that helps you out, and watch the next video. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/privacytab.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/privacytab.md index 15a56d0934..00f1f66e18 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/privacytab.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/privacytab.md @@ -7,7 +7,7 @@ sidebar_position: 60 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE Privacy tab - + ### Endpoint Policy Manager: Manage IE Privacy tab @@ -77,3 +77,5 @@ wanted to. The "Settings" button is also disabled. That is how you manage the "Privacy" tab using PolicyPak Application Manager. Thanks so much, and continue on to the next video. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/programstab.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/programstab.md index d52f524f5b..2ec690fdfe 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/programstab.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/programstab.md @@ -7,7 +7,7 @@ sidebar_position: 70 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE Programs Tab - + ### Endpoint Policy Manager: Manage IE Programs Tab @@ -84,3 +84,5 @@ started here. Or if you are already started and you have a question, you can pos ask support. Thanks so much, and continue on to watching the next video. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/securitytab.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/securitytab.md index dacbeaaa95..11a58336f8 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/securitytab.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/securitytab.md @@ -7,7 +7,7 @@ sidebar_position: 80 Netwrix Endpoint Policy Manager (formerly PolicyPak): Manage IE Security - + ### Endpoint Policy Manager: Manage IE Security @@ -58,7 +58,7 @@ intranet” has got “https://website.fabrikam.com” and so on. You can also flip this into what’s called Merge Mode. If you look at this, you can go back here and select “MODE=MERGE.” Merge Mode says no matter what the user already has – and we’ve now established -some things – go ahead and put in “https://www.endpointpolicymanager.com/.intranet.” +some things – go ahead and put in “https://www.policypak.com/.intranet.” We’re now saying no matter what the user already has, just leave it in place and now just merge what we’re about to deliver. It will not delete first. It will simply merge this set, whatever this set @@ -67,10 +67,12 @@ is, and put it where we want to. In this case, it’s just “intranet.” Let’s go ahead and take a look and see if that does what it’s supposed to do. We’ll run “gpupdate” here. Because we had already put some stuff in there, it should stay behind. Now we’re simply saying to merge what we’ve done in “Local intranet.” Here we go. You can see that it added -“https://www.endpointpolicymanager.com/” but left behind what the user has already established. +“https://www.policypak.com/” but left behind what the user has already established. That is how that works. If you have any other questions, then please post them to the forums or open a support ticket https://www.netwrix.com/sign_in.html?rf=tickets.html#/open-a-ticket. Please continue on and watch more of those videos. Thanks. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/settings.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/settings.md index 38c0a7260b..c045c186a1 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/settings.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/internetexplorer/settings.md @@ -11,4 +11,6 @@ Internet Explorer Maintenance (IEM) has been deprecated, this is your answer. If it, we bring a true "one stop shop" to managing ALL areas and settings of Internet Explorer (All Versions). - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/_category_.json index cec6bc3736..9c00ff3b4a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/_category_.json @@ -3,4 +3,4 @@ "position": 150, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/disable.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/disable.md index 85ba7eb53b..9675866f14 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/disable.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/disable.md @@ -8,7 +8,7 @@ sidebar_position: 10 The Department of Homeland security strongly recommends that you disable Java temporarily. Exactly how will you do that ? Watch this video to find out. - + ### Endpoint Policy Manager: Turn off Java immediately on all machines video transcript @@ -90,6 +90,8 @@ months. Thank you very much for watching. If you're looking to get a demo of PolicyPak, come on over and we'll show you what it's all about. Click on the Webinar/Download button on the right in the -endpointpolicymanager.com website. +policypak.com website. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/jre.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/jre.md index 5af764f10a..ab7658ae67 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/jre.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/jre.md @@ -13,7 +13,7 @@ of users? Bam! Done. Need to set security options for one group of users different than another group (users vs. developers)? That's Cake! Check out this video to see how it's done. - + ### Manage Java JRE with Group Policy Video Transcript @@ -95,3 +95,5 @@ more information on PolicyPak and also a free trial, go ahead and click on the " button on the right, and we'll get you started as soon as we see you there. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/lockdown.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/lockdown.md index ca7e427b4a..4d3c93a613 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/lockdown.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/lockdown.md @@ -9,7 +9,7 @@ How can you populate Java's Site List Exceptions using Group Policy and also loc cannot make changes? Watch this video. Netwrix Endpoint Policy Manager (formerly PolicyPak) works with ALL versions of Java right out of the box. - + ### Endpoint Policy Manager: Manage and Lock down Java Site List Exceptions @@ -51,7 +51,7 @@ system-wide config file" so now users can't work around it. We'll also manage the "Exception Site List." It's really easy to do. You can either merge whatever is there, so you can set this to "MODE=MERGE," that's an option, or "MODE=REPLACE." I'm going to demo "MODE=REPLACE," which is going to say, "I don't care what users have. We're just going to erase -it and put down what we think is important." I'm going to dictate "https://www.endpointpolicymanager.com/," +it and put down what we think is important." I'm going to dictate "https://www.policypak.com/," "https://www.GPanswers.com" and I'm making up this website "http://www.java.com/7." For my Java 8 people, let's go ahead and make things a little bit different. We'll go to the @@ -118,3 +118,5 @@ actually perform the work. Your "Exception Site List" is the only thing that's a That's it. That's how, in a nutshell, to manage the Exception Site List and also updates with Java and PolicyPak. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/securityslider.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/securityslider.md index dc18baefba..c2ca1b7885 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/securityslider.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/java/securityslider.md @@ -8,7 +8,7 @@ sidebar_position: 40 A quick update to our Java pak gives you the ability to manage and manipulate the slider on the security tab and lock it down. See how! - + ### How to Manage the security slider in Java 7 video transcript @@ -104,3 +104,5 @@ help remediate and deliver and enforce settings just like you saw it here in the Panel" applet. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/_category_.json index 5e8cbc6ab8..43598ba69d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/_category_.json @@ -3,4 +3,4 @@ "position": 80, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/microsoftintune.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/microsoftintune.md index 534d3f9d7f..94263bf2d6 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/microsoftintune.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/microsoftintune.md @@ -27,7 +27,7 @@ constantly nag the users. Watch this video (exclusively for Microsoft Intune administrators) to see exactly how to manage your applications Endpoint Policy Manager and Intune: - + If you're a Microsoft Intune customer, you might have 5, 10 or 20 customers that you manage. Here's the best part: Create your Endpoint Policy Manager directives once, and what you do for one customer @@ -48,7 +48,7 @@ When you're ready to manage your applications and settings using Microsoft Intun Manager is here for you. Click on the following link -[https://www.endpointpolicymanager.com/webinar/evaluate.html](https://www.endpointpolicymanager.com/webinar/evaluate.html) +[https://www.policypak.com/webinar/evaluate.html](https://www.policypak.com/webinar/evaluate.html) to get the software and try it out for yourself. ### Perform Desktop Lockdown using Microsoft Intune Video Transcript @@ -184,3 +184,5 @@ the PolicyPak Design Studio – it's super easy to do. Just go ahead and click o "Webinar/Download" button on the right, and we'll hand over the bits and that's it. Alright, very good. Thanks so much for watching, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeploy.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeploy.md index d2d61c55f5..93b36730b3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeploy.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeploy.md @@ -9,7 +9,7 @@ Microsoft MVP Jeremy Moskowitz and Shane from Admin Arsenal show how to easily d PDQ Deploy and manage it with Netwrix Endpoint Policy Manager (formerly PolicyPak) for your entire organization. - + ### Deploy and Manage WinZip with PDQ Deploy and Endpoint Policy Manager @@ -115,3 +115,5 @@ Shane: I love it. I love your stuff. Jeremy: Onto the next video. Shane: Yes sir. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeployfirefox.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeployfirefox.md index 5e5e3878fa..efe8cc17f3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeployfirefox.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/pdqdeployfirefox.md @@ -8,7 +8,7 @@ sidebar_position: 50 Microsoft MVP Jeremy Moskowitz and Shane from Admin Arsenal deploy Firefox with PDQ Deploy and manage the heck out of it with Netwrix Endpoint Policy Manager (formerly PolicyPak). - + ### Deploy and Manage Firefox with PDQ Deploy and Endpoint Policy Manager @@ -118,7 +118,7 @@ Jeremy: So, we go to computer side, PolicyPak. We'll go to applications settings do a lot in Firefox. A lot of times people come to us because they want to manage the certificates in Firefox. They want to manage the bookmarks in Firefox. But we'll just go right for things that we can just touch really quick. But we can do just about do nearly everything. So, if we go to the -homepage here. We'll go to endpointpolicymanager.com and we'll right click on this thing and we will lock down +homepage here. We'll go to policypak.com and we'll right click on this thing and we will lock down this setting using the system wide config file. We'll go also over to security and we'll check all these three checkboxes because we said if the user has the ability to work around these settings you're in the doghouse. @@ -147,3 +147,5 @@ about everything in Firefox so deploy with those guys, manage it with us guys. Shane: Rock on. Hey everybody. We'll see you at the next video. Jeremy: Next video. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/sccmsoftwarecenter.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/sccmsoftwarecenter.md index 2208f72cbf..74719b4cf4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/sccmsoftwarecenter.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/sccmsoftwarecenter.md @@ -5,7 +5,7 @@ sidebar_position: 20 --- # Perform Desktop Lockdown using Microsoft SCCM and Endpoint Policy Manager - + Hi, this is Whitney with PolicyPak Software, and in this video. I am talking specifically to SCCM folks. If you're an SCCM shop, then you've got a great way to deliver your application, but that @@ -44,7 +44,7 @@ to check that we only want to deliver TLS 1.2 as an option. I'll tell that OK. Now I'm going to do this again, and I'll go find Chrome, and once we open up Chrome, then I can come over here, and let's see. I can choose to Open a specific set of pages here, or in this case -actually just one. We'll put it to endpointpolicymanager.com. Alright. We're going to come over here to the +actually just one. We'll put it to policypak.com. Alright. We're going to come over here to the Extras, and Extras, you have to scroll down just a little bit to find the setting about the incognito mode, so there we go. We're going to go ahead and disable that, and when I come over here to Advanced, I can choose no, do not offer to save passwords. Thank you very much. I'm going to tell @@ -66,10 +66,12 @@ system-wide config file, and when I come over here to Advanced, I can scroll dow are only using TLS1.2, and we are restricting TLS 1.1 and 1.0. We did that, and when I come over here to Chrome, you're going to notice there our homepage is -endpointpolicymanager.com just like we asked it to. No incognito mode option anymore, and when I come down to +policypak.com just like we asked it to. No incognito mode option anymore, and when I come down to Settings and I go to that Autofill area – Autofill, Passwords, there we go. You see that this setting is being enforced by your administrator, and it's grayed out. I cannot click that at all, at all. That is how you can go about managing the application settings using PolicyPak, but getting rid of Group Policy and using SCCM instead. If this is of interest to you, get in touch with us. We'll have you watch a webinar. We'll give you the bits, and you can get started on your trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/specops.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/specops.md index 10ef3f3091..bc2cc345a5 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/specops.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/methods/specops.md @@ -23,7 +23,7 @@ and as a bonus… Here's the video: - + When users work around that application's settings, that's a support call for you, and an immediate cost to fix it, and downtime for the user (on every device they own.) @@ -38,7 +38,7 @@ Endpoint Policy Manager was designed by Microsoft MVP Jeremy Moskowitz – who " desktop management and lives and breathes enterprise software deployments and desktop lockdown. If you'd like to trial Endpoint Policy Manager, we're here for you. Call 800-883-8002 or click on -download button ([https://dev.endpointpolicymanager.com/webinar/](https://dev.endpointpolicymanager.com/webinar/)). +download button ([https://policypak.com/webinar/](https://policypak.com/webinar/)). ### Endpoint Policy Manager and Specops Deploy Video Transcript @@ -157,6 +157,7 @@ software. Said another way, if it's important enough to deploy, it's important e hope this gives you a quick feel for how both Specops Deploy and PolicyPak can work better together. If you're looking to get started, just click on the download button -([https://dev.endpointpolicymanager.com/webinar/](https://dev.endpointpolicymanager.com/webinar/)). +([https://policypak.com/webinar/](https://policypak.com/webinar/)). Thanks so very much. + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/_category_.json index 957db5b6b0..a9596b4c5d 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/_category_.json @@ -3,4 +3,4 @@ "position": 160, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/acrobat.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/acrobat.md index 4c91071235..fb7ca37959 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/acrobat.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/acrobat.md @@ -8,7 +8,7 @@ sidebar_position: 30 Acrobat Reader is on every desktop in your company. Too bad it has 800+ settings for you to deal with. Let's say you only needed to deal with some key settings to make your company more secure. - + Ask yourself, how would you manage things like: @@ -193,3 +193,5 @@ our superpowers. Thanks for watching. If you like what you see here with Acrobat Reader, it's available for most applications. We've got a whole bunch of preconfigured Paks ready to use right now. Thanks so much. Take care. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/flashplayer.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/flashplayer.md index e25dbe4355..b3ebdfd9a9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/flashplayer.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/flashplayer.md @@ -8,7 +8,7 @@ sidebar_position: 40 Got Super cookies? I bet you do – and, no, it's not your Aunt Edna's latest diet craze. It's your latest security threat. And it lives on your corporate Windows machines. - + The problem is: @@ -159,3 +159,5 @@ That's it with regards to using Group Policy, PolicyPak and Flash Player setting enjoyed this video, and happy locking things down. Take care. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/irfanview.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/irfanview.md index 731b4036f4..5add12667b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/irfanview.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/irfanview.md @@ -15,13 +15,13 @@ time they launch it. Oh, and Endpoint Policy Manager also supports IrfanView too many other applications. Keep your IrfanView configuration settings enforced and streamlined with Endpoint Policy Manager. Check out this video to see how it's done. - + ### Lockdown IrfanView with Group Policy video transcript Hi, this is Jeremy Moskowitz, Microsoft MVP, Enterprise Mobility and Founder of PolicyPak Software.  In this video, we're going to learn how to manage -and [https://www.endpointpolicymanager.com/lockdown](https://www.endpointpolicymanager.com/lockdown) IrfanView using +and [https://www.policypak.com/lockdown](https://www.policypak.com/lockdown) IrfanView using PolicyPak. I've already got IrfanView installed on my computer, and I'm just a regular user here.  As you can @@ -41,7 +41,7 @@ We'll go ahead and right click over our "East Sales Users", "Create a GPO" and w it "Lockdown IrfanView."  So this GPO is now associated with the "East Sales Users." I'll right click over it.  I'll click "Edit…" I'll dive down under "User Configuration," "PolicyPak/Applications/New/Application." There it is, -"[https://www.endpointpolicymanager.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html](https://www.endpointpolicymanager.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html)" +"[https://www.policypak.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html](https://www.policypak.com/products/manage-irfanview-with-group-policy-endpointpolicymanager.html)" along with other applications like "Java," "Flash" "Firefox," "Skype" and lots of other important desktop applications that your users utilize every day (and you want to make more secure.). @@ -77,7 +77,9 @@ And we are done.  That is how incredibly easy it is for you to use PolicyPak to Irfanview as well as tons of other desktop applications. If you're looking for a trial of PolicyPak, just click on the -"[Webinar](https://www.endpointpolicymanager.com/webinar/evaluate.html) / Download" button on the right. +"[Webinar](https://www.policypak.com/webinar/evaluate.html) / Download" button on the right. Thanks so much for watching, and get in touch with us if you're looking to get started. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/office.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/office.md index a5f7344a62..9f7d7bf974 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/office.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/office.md @@ -19,7 +19,7 @@ launch it, especially for ubiquitous application such as this. Keep your Microsoft Office 2013 and 2016 configuration settings delivered, enforced and automatically remediated with Endpoint Policy Manager. Check out this video to see how it's done: - + Let's start with Excel 2013 or 2016. Our PolicyPak software snaps-in to the Group Policy Editor and gives you the same user interface as Microsoft Excel 2013 and 2016 itself. A spreadsheet is all @@ -181,3 +181,5 @@ right. Thanks so much for watching, and get in touch with us if you're looking to get started. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/passwordsecure.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/passwordsecure.md index 399d8e9dfa..270badd601 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/passwordsecure.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/passwordsecure.md @@ -5,4 +5,6 @@ sidebar_position: 10 --- # Netwrix Endpoint Policy Manager can manage Netwrix Password Secure - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/skype.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/skype.md index 77f4381088..00609c6c4f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/skype.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/skype.md @@ -22,7 +22,7 @@ This video shows Lync 2010, but we also have a pre-configured Paks for Lync 2013 for Business 2015/2016. ::: - + There's simply no way to manage the Lync client using Group Policy any other way. We're more than a mere ADM template. PolicyPak is a true management system, which can lock down the Lync client and @@ -148,3 +148,5 @@ Professional, the preconfigured PolicyPak for Lync client. Thanks so much for wa touch with us if you're looking to get started. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/teams.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/teams.md index aba9c005fb..49e52ba035 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/teams.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/teams.md @@ -9,7 +9,7 @@ Want to manage the settings WITHIN Microsoft Teams? Like Auto-start application, On close keep the application running, Register Teams as chat app, and other various settings? Then use Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Settings Manager .... like this! - + Hi, this is Jeremy Moskowitz and in this video, we're going to learn how to use PolicyPak Application Settings Manager to dictate some key settings for Microsoft Teams. This is the default @@ -54,3 +54,5 @@ set are set and all the things are not set are unset. There you go. With that in mind, I hope PolicyPak helps you out with your Teams journey and looking forward to helping you get started real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/thunderbird.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/thunderbird.md index 24464c8370..8d4e514b4f 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/thunderbird.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/thunderbird.md @@ -13,7 +13,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak), you've got no enterprise-w settings and lock down Thunderbird. Watch this video to get a handle on the problem and where Endpoint Policy Manager can ease the pain. - + ### Manage Thunderbird using Group Policy and PolicyPak Video Transcript @@ -93,3 +93,5 @@ If you want more information on PolicyPak or to give it a shot yourself, you can coming to one of our weekly webinars. That's it for now. Hope to see you soon. Thanks so very much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/_category_.json index b4fa2df0fb..ff89d9d90c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/certificatesevil.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/certificatesevil.md index e8313736d9..dcef6f3d8e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/certificatesevil.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/certificatesevil.md @@ -8,7 +8,7 @@ sidebar_position: 20 You might want to deliver settings based upon Windows' environment variables. There are several types of Env variables, and in this demo, we show you how to find them and some use cases. - + ### Wipe Privdog (and other evil certificates) off your network using Group Policy and Endpoint Policy Manager. @@ -47,3 +47,5 @@ Now you can see that certificate is no longer on the target machine. I hope it helps. Thank you. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromebookmarks.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromebookmarks.md index 3fa2193331..cfc2cffdf0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromebookmarks.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromebookmarks.md @@ -8,7 +8,7 @@ sidebar_position: 90 Watch this video to learn how to use Netwrix Endpoint Policy Manager (formerly PolicyPak) Application managers Google Chrome Pak to deliver pre-configured bookmarks to your endpoints. - + ### PolicyPak: Deliver pre-configured Bookmarks in Chrome @@ -39,3 +39,5 @@ it again. If we go into the three dots icon, you'll see that under "Bookmarks" w "Managed bookmarks" this time with all our required URLs. Okay, I hope it helps. Thank you. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevert.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevert.md index eacbffb406..3f65216834 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevert.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevert.md @@ -8,7 +8,7 @@ sidebar_position: 50 Reverting settings using theNetwrix Endpoint Policy Manager (formerly PolicyPak) Chrome Pak is a little special. Here's the video how-to. - + ### PolicyPak: Chrome Revert Tips (Pre-CSE 1260) @@ -92,3 +92,5 @@ That's the state of affairs right now. We know that it needs some improvement, b it and it's on our roadmap. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevertfix.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevertfix.md index 0794b93104..c1d49554c9 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevertfix.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/chromerevertfix.md @@ -9,7 +9,7 @@ If you have trouble reverting your Chrome settings using Netwrix Endpoint Policy PolicyPak) Application Manager, in build 1260 or later, there's an easy fix. This video shows you how. - + ### PolicyPak: Fix Chrome Revert with PP CSE 1260 or later @@ -114,3 +114,5 @@ delete the settings at every run. I hope that helps you out and now you can use Chrome with even more confidence. Thanks so much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxabout.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxabout.md index e7383a3cca..45e250b747 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxabout.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxabout.md @@ -8,7 +8,7 @@ sidebar_position: 80 If you need advice on how to convert Netwrix Endpoint Policy Manager (formerly PolicyPak) 2AppSet version to the 4AppSet (or more) version, here's the advice. - + ### PPAM – Convert from 2 to 4 Paks for Firefox About-Config Paks @@ -104,3 +104,5 @@ achieved the goal and that's what's getting delivered. That's about it. That's how to convert from the two Paks to multiple Paks of the about-config settings in Firefox. Hope this helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxplugins.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxplugins.md index 762e0a446d..679a6cdbe0 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxplugins.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/firefoxplugins.md @@ -8,7 +8,7 @@ sidebar_position: 40 If you have plugins that you always want to allow, for a specific website, this is the how-to video for you. - + ### PolicyPak: Manage Firefox Plug-ins Per Website @@ -49,3 +49,5 @@ comma, allow. And that will do it. And then every time users go to that webpage, guaranteed to hit allow. Hope that helps you out. And thanks again. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/ieproxyserver.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/ieproxyserver.md index e9a75d83fc..cfbca9eefd 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/ieproxyserver.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/ieproxyserver.md @@ -7,7 +7,7 @@ sidebar_position: 10 IE Proxy server with Advanced settings - + ### PolicyPak: Managing IE Proxy server with Advanced settings @@ -80,3 +80,5 @@ same time. That is not allowed and will cause headaches. I hope this helps you o more questions, you can post them to the "How Do I" sections in the forums. Thanks. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/invincea.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/invincea.md index 67b7cbb46c..04be9bad5c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/invincea.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/invincea.md @@ -8,7 +8,7 @@ sidebar_position: 30 Invincea is great for Sandboxing the IE, FF, and Chrome browsers. But you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) to manage all the in-browser settings. Here's a demonstration. - + ### PolicyPak and Invincea Integration Demo @@ -44,7 +44,7 @@ So, right-click here, click edit, and then the first thing we'll do is we'll do and Chrome, so we'll go to user side PolicyPak here, we'll click on Application Settings Manager, right-click New Application and we'll pick Internet Explorer 8 and later for windows 7 and later. So, there's nothing special you need to do in PolicyPak in order to get Invincea stuff to work. You -just go ahead and make this endpointpolicymanager.com and while we're here we will right-click and we will lock +just go ahead and make this policypak.com and while we're here we will right-click and we will lock it down, so we'll disable the corresponding control in the target application, thus making it not possible for you to just change it in the UI. We can also, if we want to – I'm not going to demonstrate this. You can perform ACL lockdown, which will ensure that if the user goes to the @@ -58,7 +58,7 @@ the purpose of this demonstration. I'm just sort of proving a point here that we settings into the Invincea browser and the regular browser and I'll demonstrate both of those. Okay? So, that's Internet Explorer and while I'm here I'll also do Chrome here. So, I'll take Chrome and I've got to pick the right one. There we go. I'll double-click that guy here and let's go ahead and -set the specific Homepage. We'll also set this to endpointpolicymanager.com and we'll go over to Advanced and I +set the specific Homepage. We'll also set this to policypak.com and we'll go over to Advanced and I like this one. I want you NOT check offer to save passwords I enter on the web because if the bad guys get into the @@ -67,14 +67,14 @@ attack vector. Even though the browser is protected it's still an attack vector into the end-user's machine. So, we uncheck offer to save passwords as I enter them on the web. Okay, and then lastly we will go, over on the computer side, we'll go to PolicyPak Application Settings Manager and we'll manage Firefox New Application. Then we'll go to Firefox 23 and Later Pak -and once again we will also drive in the Homepage of endpointpolicymanager.com, right-click, we'll go ahead and +and once again we will also drive in the Homepage of policypak.com, right-click, we'll go ahead and lockdown the setting using the system wide config file. Firefox has a slightly different way of doing things. We'll go ahead and go to Security and we want to check all three of these checkboxes here and lock them all down. Okay, so we're making sure that, again, even though the browser itself is protected from the bad guys breaking through, we still have to protect the attack vectors inside the browser itself. So, -[https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites) +[https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites) and don't remember password for sites. You know, these are the kinds of things you want to make sure that you still do no matter what your browser situation looks like. Oh, and also, I forgot. While I'm here also I will right-click New Application and select PolicyPak for Acrobat Reader X, okay. @@ -132,3 +132,5 @@ Invincea, we will fully support our configurations together. All you need to do version of PolicyPak and keep on going and that's it. Hope that explains our PolicyPak and Invincea integration. I hope you enjoy it, get to use it, and looking forward to having you try it out and let us know how it works. Thanks so much. Take care. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/oraclejava.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/oraclejava.md index 55132726f1..58a947a9af 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/oraclejava.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/oraclejava.md @@ -11,7 +11,7 @@ are introducing a UNIVERSAL AppSet for Java which works for all versions of Java incremental versions. Here is the guidance you need to transition from lots of AppSets down to one universal AppSet. If you have questions about this feature, PLEASE use the FORUMS. - + ### PolicyPak: Transitioning to the Universal Oracle Java Pak(7 thru 9) @@ -132,3 +132,5 @@ Pak and getting over to the universal Pak for Oracle Java 7 to 9. I hope this helps you out. If you have any questions, please use the forums for this particular function. Thanks so very much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/paksbig.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/paksbig.md index 6d82a8072d..beea163e2a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/paksbig.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/tipsandtricks/paksbig.md @@ -7,7 +7,7 @@ sidebar_position: 100 Here's a workaround for the lack of a SEARCH feature in PP Application Manager. - + Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can work around a little annoyance in PolicyPak which is how to find items in PolicyPak Application Manager. @@ -57,3 +57,5 @@ Well, anyway, this is just to help you out to let you know how to find things ev search capability in Application Settings Manager. Hope this video helps you out. Thanks very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/_category_.json index 5ae4feb2a8..55c316dfb5 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 110, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/chrome.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/chrome.md index e294fc029f..3a5c35f9b3 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/chrome.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/troubleshooting/chrome.md @@ -10,4 +10,6 @@ If Chrome crashes you may get a message about "Chrome incompatible apps." Don't Endpoint Policy Manager (formerly PolicyPak) isnt the bad guy; but if you dont want to see these messages again, this is the workaround. - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/_category_.json index 37e24a5b65..0b24289d34 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/_category_.json @@ -3,4 +3,4 @@ "position": 90, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/dedicated.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/dedicated.md index fabc77a678..4e77cf1637 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/dedicated.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/dedicated.md @@ -18,7 +18,7 @@ That's where Netwrix Endpoint Policy Manager (formerly PolicyPak) comes in. In this demonstration see Endpoint Policy Manager working inside your dedicated VDI sessions ensuring that your application settings are set dynamically and always ensured. - + ### Endpoint Policy Manager and VMware Horizon View – Dedicated VDI @@ -140,3 +140,5 @@ dedicated VDI machines. If you have any questions about this, we're happy to hel to getting you into a trial soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/integration.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/integration.md index c0d3a053e0..6754473546 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/integration.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/integration.md @@ -28,9 +28,9 @@ Add more value to your Microsoft VDI investment. Tip: After you watch the video, please download our free whitepaper "What Most IT admins don't know about -VDI": [https://www.endpointpolicymanager.com/integration/solutions/why-vdi-admin-need-endpointpolicymanager.html](https://www.endpointpolicymanager.com/integration/solutions/why-vdi-admin-need-endpointpolicymanager.html) +VDI": [https://www.policypak.com/integration/solutions/why-vdi-admin-need-endpointpolicymanager.html](https://www.policypak.com/integration/solutions/why-vdi-admin-need-endpointpolicymanager.html) - + You might be wondering about how Windows Server 2012's personal "User Profile" fits in with Endpoint Policy Manager Application Manager. @@ -229,7 +229,7 @@ that anybody who logs on to those machines regardless of who they are is going t settings. That's very powerful. I'm going to use "Mozilla Firefox" in this example. Let me set the "Home Page" to -"www.endpointpolicymanager.com." I'll lock it down with "Revert the policy setting to the default value when it +"www.policypak.com." I'll lock it down with "Revert the policy setting to the default value when it is no longer applied," a superpower from PolicyPak. I'll go to "Security." You saw me work around these settings. I want to make sure users can't work around these settings, so I'm going to "lock down this setting using the system-wide config file." I'm going to lock down each of these settings @@ -276,3 +276,5 @@ That's it for PolicyPak and Microsoft VDI. If you have any questions or you want a trial, we're here for you. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/localmode.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/localmode.md index f6b7abc16a..b638fd52a2 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/localmode.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/localmode.md @@ -14,7 +14,7 @@ user is 100% offline using Vmware Horizon View Local Mode. Watch this video to check it out. - + ### Endpoint Policy Manager and VMware Horizon View – Dedicated VDI @@ -154,3 +154,5 @@ I hope this has been a helpful video for you. Go ahead and check out the other v missing tools series. Thanks so much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinapp.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinapp.md index 574ff26c50..d11ddf83af 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinapp.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinapp.md @@ -18,7 +18,7 @@ and security settings and ensures they cannot be worked around. To see a video of ThinApp assigned packages via VMware Horizon View and Endpoint Policy Manager managing them, watch this video. - + ### Endpoint Policy Manager and VMware Horizon View with ThinApp Assigned Packages @@ -88,7 +88,7 @@ have via ThinApp. In that way, you might want to ensure that some particular sec look-and-feel settings are always the same for both versions. I'm going to do this on the computer side. On "PolicyPak/Applications/New/Application," I'll select -"PolicyPak for Mozilla Firefox." Then for the "Home Page" I'll change this to "www.endpointpolicymanager.com." +"PolicyPak for Mozilla Firefox." Then for the "Home Page" I'll change this to "www.policypak.com." While I'm here, I will also "Lockdown this setting using the system-wide config file." This is going to guarantee that users can't work around this setting. @@ -134,7 +134,7 @@ If I take a look at the one that's distributed through ThinApp and VMWare View that's version "21.0" The key point is, let's take a look back at version 6 again. If I go to the "Options" here, right -there you can see that the "Home Page" is being set by "www.endpointpolicymanager.com" and it's locked down so +there you can see that the "Home Page" is being set by "www.policypak.com" and it's locked down so users can't work around it. If we go to "Security," those settings again are being delivered. You saw me configure this @@ -200,3 +200,5 @@ That's about it. If you have any other questions about this, I hope you watch so videos in this series. Get in touch if you're looking to get started with a trial. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinappworkspace.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinappworkspace.md index f7344d137c..aac78e09f7 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinappworkspace.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/thinappworkspace.md @@ -18,7 +18,7 @@ based upon the user's circumstances, and ensures those settings on the computer. Video: To see a video of VMware Horizon Workspace ThinApp applications' settings managed by Endpoint Policy Manager, watch this video. - + ### Endpoint Policy Manager and VMware Horizon Workspace Applications and ThinApp Entitled Packages @@ -86,7 +86,7 @@ we'll select "Manages Firefox (Real and ThinApp)." We're just utilizing the Grou we created the last time. If we just take a look at the "Settings" report here, we'll see that we've got settings on the -"General Tab." We're delivering "www.endpointpolicymanager.com," and we're also delivering some important +"General Tab." We're delivering "www.policypak.com," and we're also delivering some important "Security" settings. We can see that if we right click, click "Edit…" and take a look at the computer side "PolicyPak/Applications/New/Application" and just dive in there and see our changes. @@ -123,3 +123,5 @@ OK. That's it. Thanks so much for watching. If you're looking to get started wit here for you. Thank you so much for watching, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/vmware.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/vmware.md index e1c9954725..43f6840c2a 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/vmware.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/vdi/vmware.md @@ -20,7 +20,7 @@ locks down the user's access. Watch this video to see how Endpoint Policy Manager can lock down your applications inside of VMware View (and keep your headaches and helpdesk calls to a minimum). - + ### Endpoint Policy Manager and VMware Horizon View Linked Clones with Persona Management @@ -197,3 +197,5 @@ Thanks so very much. If you're looking to get started, we hope to hear from you out. Thanks so much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md index d2257cd2ca..8c4c8c82a4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md @@ -158,3 +158,5 @@ See the following Video topics for Application Manager. - [Endpoint Policy Manager for Microsoft Office 2013 and 2016](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/office.md) - [Endpoint Policy Manager for Microsoft Skype for Business (formerly Lync)](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/skype.md) - [Endpoint Policy Manager for Thunderbird](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/otherapplications/thunderbird.md) + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/_category_.json index 4aa6d74166..db7d51cb8c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/_category_.json @@ -3,4 +3,4 @@ "position": 100, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/appv.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/appv.md index 8cfb474a58..7675b0b90e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/appv.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/appv.md @@ -13,7 +13,7 @@ App-V has NO Group Policy support inside of sequences. So, if you needed to twea file, edit the registry, or otherwise configure your App-V packages, you've got a real problem. See this detailed blog entry -([https://www.endpointpolicymanager.com/integration/blog-entry-link.html](https://www.endpointpolicymanager.com/integration/blog-entry-link.html)) +([https://www.policypak.com/integration/blog-entry-link.html](https://www.policypak.com/integration/blog-entry-link.html)) and example. Good news for you: We've got that problem totally handled. @@ -21,7 +21,7 @@ Good news for you: We've got that problem totally handled. Watch this video (exclusively for App-V administrators) to see exactly how to manage App-V sequences using Group Policy using Netwrix Endpoint Policy Manager (formerly PolicyPak): - + You're smart. You picked App-V to make application deployment easier. @@ -51,9 +51,9 @@ When you're ready to manage your App-V packages using Group Policy, Endpoint Pol for you. Click on Download -([https://www.endpointpolicymanager.com/integration/about-us/contact-us.html](https://www.endpointpolicymanager.com/integration/about-us/contact-us.html)) +([https://www.policypak.com/integration/about-us/contact-us.html](https://www.policypak.com/integration/about-us/contact-us.html)) or Webiar -([https://www.endpointpolicymanager.com/integration/webinar](https://www.endpointpolicymanager.com/integration/webinar)) to +([https://www.policypak.com/integration/webinar](https://www.policypak.com/integration/webinar)) to get the software and try it out for yourself. ### Manage App-V applications dynamically with Group Policy video transcript @@ -112,7 +112,7 @@ right click and click "Edit" here, we'll do this on the computer side. We'll go "PolicyPak/Applications/New/Application," and we'll pick "PolicyPak for Mozilla Firefox 23.0." We'll go ahead and use that. -While we're here, let's go ahead and do the "Home Page" and make this "www.endpointpolicymanager.com." We'll +While we're here, let's go ahead and do the "Home Page" and make this "www.policypak.com." We'll also do some superpowers as well like "Lockdown this setting using the system-wide config file" so users can't work around it. We'll go to "Security" and we'll check all three of these checkboxes. We'll also lock down two of them as well, just to be on the safe side. @@ -155,3 +155,5 @@ If you have any other questions, we're happy to help. We look forward to helping you started with PolicyPak real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/spoonnovell.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/spoonnovell.md index b18d73dddd..097f34a8fe 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/spoonnovell.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/spoonnovell.md @@ -28,7 +28,7 @@ Application Virtualization customers.) What you'll see is how to dynamically manage and lock down your virtualized applications using Group Policy and Netwrix Endpoint Policy Manager (formerly PolicyPak): - + So, neither Spoon.Net nor Novell ZENworks Application Virtualization can redeploy, adjust, lockdown or guarantee application or operating system settings. @@ -55,7 +55,7 @@ When you're ready to manage your Spoon or Novell ZENworks Application Virtualiza Endpoint Policy Manager is here for you. Click on Webinar -([https://www.endpointpolicymanager.com/integration/webinar](https://www.endpointpolicymanager.com/integration/webinar)) to +([https://www.policypak.com/integration/webinar](https://www.policypak.com/integration/webinar)) to get the software and try it out for yourself. ### Endpoint Policy Manager extends Group Policy to Spoon / Novell ZENworks App Virtualization video transcript @@ -112,7 +112,7 @@ If we go to "Updater," let's go ahead and "Do not download or install updates au again, we'll "Disable corresponding control in target application." While I'm also here, let me go to "PolicyPak for Mozilla Firefox" and let's take a look at this. -Let's go ahead and set our Firefox settings to "www.endpointpolicymanager.com" and also ensure that our +Let's go ahead and set our Firefox settings to "www.policypak.com" and also ensure that our "Security" settings are always set. Once we've done that, let's go back over to the target machine. Let's run "gpupdate,"or we could @@ -133,7 +133,7 @@ setting and also grayed it out. If we go to "Updater," we've delivered "Do not d updates automatically"and also grayed it out. Let's head over to "Firefox with Spoon (PolicyPak)." If we go to "Options," you can see the -"Security" settings are all set and our "www.endpointpolicymanager.com" is delivered as the "Home Page."If we +"Security" settings are all set and our "www.policypak.com" is delivered as the "Home Page."If we make this "www.abc.com" or something we shouldn't do and close this out and rerun the application, as soon as we rerun the application our settings are redelivered and re-guaranteed. @@ -179,3 +179,5 @@ If you are ready to get started and you want to test this all out yourself, we a the PPSpoonShim DLL to any customer or prospect who asks. Thanks so much, and we'll look forward to talking to you soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/symantec.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/symantec.md index f467ecb4c5..86d577e855 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/symantec.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/symantec.md @@ -23,7 +23,7 @@ Watch this video (exclusively for SWS and SWV administrators) to see exactly how applications using Netwrix Endpoint Policy Manager (formerly PolicyPak) (via Group Policy, Altiris, or SCCM): - + You're smart. You picked SWS and SWV to make application deployment easier. @@ -146,7 +146,7 @@ these settings afterward and also optionally lock it down. That's what PolicyPak If we go back to our Group Policy Object here, we can go to "New Application" and we'll pick "PolicyPak for Mozilla Firefox" here. We'll go ahead and double click it, and we'll set the "Home -Page" – notice again that our Pak looks pretty much exactly like the app – "www.endpointpolicymanager.com." +Page" – notice again that our Pak looks pretty much exactly like the app – "www.policypak.com." While we're here, for "Security" we will check all of these checkboxes and really ensure that those settings are going to be dynamically delivered. @@ -157,7 +157,7 @@ show you how to do that. Alright, now that that's done, I'll go ahead and close that out. Let's go ahead and run "Mozilla Firefox" and see if our settings were set dynamically using PolicyPak. We'll go to "Firefox/Options." There we go. The "Security" tab shows that all three settings were set, and the -"General" tab shows that "www.endpointpolicymanager.com" is the now "Home Page." +"General" tab shows that "www.policypak.com" is the now "Home Page." If they change this to "www.oops.com" and they do something they shouldn't do, click "OK" and click close, well the next time Firefox is run, whether or not they're online or offline, those settings @@ -175,3 +175,5 @@ Virtualization. If you're looking to get a trial or an eval copy of PolicyPak, c webinars and as soon as we see you there we'll hand over the bits. Thanks so much, and I'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/thinapp.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/thinapp.md index aa4b3f667e..f3170f6c7b 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/thinapp.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/thinapp.md @@ -18,7 +18,7 @@ But you still have some big problems: Watch this video (exclusively for VMware ThinApp administrators) to see exactly how to manage ThinApp packages using Group Policy and Netwrix Endpoint Policy Manager (formerly PolicyPak): - + So, if you needed to tweak a configuration file, edit the package's registry, or otherwise configure your ThinApp package, you've got a real problem. @@ -52,7 +52,7 @@ When you're ready to manage your ThinApp packages using Group Policy, Endpoint P here for you. Click on Webinar -([https://www.endpointpolicymanager.com/video/support-sharing/webinar-2.html](https://www.endpointpolicymanager.com/video/support-sharing/webinar-2.html)) +([https://www.policypak.com/video/support-sharing/webinar-2.html](https://www.policypak.com/video/support-sharing/webinar-2.html)) to get the software and try it out for yourself. ### Manage ThinApp Packages on Physical or VDI machines Video Transcript @@ -158,7 +158,7 @@ on the computer side. I'll click "Edit" here, and I'll dive down under the compu "PolicyPak/Applications/New/Application." I'm going to pick on "PolicyPak for Mozilla Firefox 23.0." Now this version of Firefox says it's 23, but it will work for pretty much every version you have. -If I click over here, let me go ahead and deliver a "Home Page." I'll go to "www.endpointpolicymanager.com." I +If I click over here, let me go ahead and deliver a "Home Page." I'll go to "www.policypak.com." I also want to right click and "Lockdown this setting using the system-wide config file." This is going to ensure these settings can't be worked around. @@ -181,7 +181,7 @@ background either using Group Policy or a tool like SCCM or LANDesk or whatever tool you have. I just happen to be using Group Policy in this case. Let's start off with the real application. We'll go to "Mozilla Firefox" here.  We'll go to  -"Firefox/Options" and you can see we've driven the "www.endpointpolicymanager.com" "Home Page" in there. The +"Firefox/Options" and you can see we've driven the "www.policypak.com" "Home Page" in there. The "Security" checkboxes are delivered and checked on. If we go to "about:config" here and we look for those three settings that I manipulated – there they are – these three settings were in the Pak configuration, and I've delivered those in. @@ -224,3 +224,5 @@ recommend that folks attend a webinar, and then we'll hand over the bits. Then y and see if it's right for you. Thanks so much for watching, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/uev.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/uev.md index b3bac3252e..0d5e8f486e 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/uev.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/uev.md @@ -13,7 +13,7 @@ story. Here's the video to show how Endpoint Policy Manager and Microsoft UE-V (or, really, any User Environment Manager (UEM) tool) can work together seamlessly. - + Okay. Let's review: @@ -41,7 +41,7 @@ applications settings using Group Policy, Endpoint Policy Manager is here for you. Click on Webiar/Downdload -([https://www.endpointpolicymanager.com/integration/webinar](https://www.endpointpolicymanager.com/integration/webinar)) on +([https://www.policypak.com/integration/webinar](https://www.policypak.com/integration/webinar)) on the right to try it out for yourself. ### Endpoint Policy Manager enhances Microsoft User Experience Virtualization Video Transcript @@ -129,3 +129,5 @@ for delivery and enforcement and UE-V for users' preferences to roam around with any questions about how these two tools make an awesome better together story, we're here for you, just reach out. We'd love to get you the bits of PolicyPak and you can try it yourself and see how wonderful the better together story really is. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/xenapp.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/xenapp.md index 25cf427195..cfe2ab47fe 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/xenapp.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/virtualization/xenapp.md @@ -12,7 +12,7 @@ lock users down so they can't work around your settings. See how Endpoint Policy Citrix XenApp streaming environments by providing true Group Policy support to any Citrix XenApp streamed application PLUS lock users down so they cannot work around your settings. - + ### Endpoint Policy Manager enhances Xenapp Streaming with Group Policy video transcript @@ -130,7 +130,7 @@ application. It lives on this machine. If we were to now target Firefox, we're g Click "Edit…" here and once again under "PolicyPak/Applications/New/Application" and we'll go to "PolicyPak for Mozilla Firefox." Now remember, Firefox doesn't keep its stuff in the registry. There's no easy-peasy way to say wherever a user roams make sure they get the exact same settings, -until now. We're going to deploy "www.endpointpolicymanager.com" as the "Home Page." We'll also go to "Security" +until now. We're going to deploy "www.policypak.com" as the "Home Page." We'll also go to "Security" settings and dictate that, because the user turned off these "Security" settings, we're going to turn them right back on. It's just that easy. We'll go back to our target machine. We'll run "gpupdate" and now after GPUpdate succeeds, the very next time we run Firefox from the XenApp @@ -138,10 +138,10 @@ streaming server, we're going to ensure that our settings will dynamically be pl If you have a new security concern, you have something that's updated, something you need to make sure is pushed out to all of your users or computers, you can do it instantly using the Group Policy infrastructure you already have. Let's go ahead and run "Firefox8 Streaming" again. There it is, -"www.endpointpolicymanager.com." There's the home page. We'll go to "Options" and go to "Security." It's checked +"www.policypak.com." There's the home page. We'll go to "Options" and go to "Security." It's checked just the way we expect. If they were to uncheck these settings or change the "Home Page" to "www.google.com" something like that, the very next time Group Policy is updated and then Firefox is -run you will see that we will get it back to "www.endpointpolicymanager.com" and all of the "Home Page" settings +run you will see that we will get it back to "www.policypak.com" and all of the "Home Page" settings are there and the "Security" settings are there. You might be wondering, how hard is this to set up? Does it take a lot of infrastructure, a lot of moving parts to make this happen? The answer is no. It's very, very simple. It is true that PolicyPak does require that on all of your client machines @@ -171,7 +171,9 @@ OpenOffice, Thunderbird, WinZip, Lync – none of those use the proper policies wanted to manage any of those guys – Flash, Chrome, Java, Firefox, Thunderbird, Lync, any of those things – using Group Policy to set settings and lock things out, PolicyPak is your answer. Thank you so much for watching. If you would like to get the trial bits, all you've got to do is come to -www.endpointpolicymanager.com. Go ahead and click here under "Webinar/Download." Sign up for one of our one-hour +www.policypak.com. Go ahead and click here under "Webinar/Download." Sign up for one of our one-hour demonstrations, and then afterward we'll send you the bits and you can try it out yourself. Looking forward to having you as part of the PolicyPak team. Thanks so much, because remember, with PolicyPak what you set it what they get. Thanks so much. Bye bye. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/_category_.json b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/_category_.json index 0f85b2c195..0fbabc8d74 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/_category_.json +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/cloud.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/cloud.md index 419a7361ce..d7f3701c59 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/cloud.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/cloud.md @@ -9,4 +9,6 @@ Here is a quick demonstration of Netwrix Endpoint Policy Manager (formerly Polic manager, managing Firefox, Java, and Chrome settings using Endpoint Policy Manager Application Manager and our Endpoint Policy Manager Cloud Edition. - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/grouppolicy.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/grouppolicy.md index 7b48763b0f..754d8a4a4c 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/grouppolicy.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/grouppolicy.md @@ -9,4 +9,6 @@ Here is a very quick demonstration of Netwrix Endpoint Policy Manager (formerly application manager, managing Java settings using Group Policy and the Endpoint Policy Manager Cloud. - + + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/managers.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/managers.md index 5f6f18bb7b..925f974e99 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/managers.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/managers.md @@ -9,7 +9,7 @@ Why Netwrix Endpoint Policy Manager (formerly PolicyPak)? Easy. No Endpoint Poli Endpoint Management. No Desktop Security. No Data Leak Protection. No configuration of VDI machines. Watch this video see this easy to implement solution. - + ### PolicyPak Overview Video for Managers video transcript @@ -54,3 +54,5 @@ Getting started couldn't be easier. Just click the Download button on the right. see PolicyPak in action, be sure to watch our how-to videos found in the support section of our website. PolicyPak, what you set is what they get. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/mdm.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/mdm.md index 8415fd0ac3..54040267ee 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/mdm.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/mdm.md @@ -8,7 +8,7 @@ sidebar_position: 40 Learn how you can use Application Manager in your MDM environment to manage a myriad of settings for commonly used applications such as Acrobat Reader and Firefox. - + Hi, this is Whitney with PolicyPak Software. In a previous video, we looked at how to create policies that will allow us to manage applications, even if they aren't ADMX enabled by using the @@ -99,3 +99,5 @@ So there you have it. This is how you can manage application settings on your no machines by using the application setting manager with PolicyPak MDM edition. If this is interesting to you, sign up for a webinar and we will get you started on a 30-day free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/onpremise.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/onpremise.md index d8fd49178a..44380526f4 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/onpremise.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/onpremise.md @@ -9,7 +9,7 @@ See how quickly you can get Netwrix Endpoint Policy Manager (formerly PolicyPak) Active Directory. This video mirrors the Endpoint Policy Manager On-Prem Quickstart Guide for Endpoint Policy Manager application manager to help you get up and running. - + ### PolicyPak On-Prem QuickStart for PolicyPak Application Manager @@ -163,6 +163,8 @@ For instance, if you're looking inside the Group Policy Object Editor, you're go well. With that in mind, I'll sign off. I hope this is very helpful. If you need help, we have the forums -and also support at endpointpolicymanager.com. +and also support at policypak.com. Thanks so very much, and welcome to PolicyPak. + + diff --git a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/pak.md b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/pak.md index 6a67e3c908..cda5e36f62 100644 --- a/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/pak.md +++ b/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/whatdoesitdo/pak.md @@ -8,4 +8,6 @@ sidebar_position: 20 Lockdown UI for hundreds of applications and secure your settings with PolicyPak's Application Settings Manager! - + + + diff --git a/docs/endpointpolicymanager/components/browserrouter/_category_.json b/docs/endpointpolicymanager/components/browserrouter/_category_.json index fc3145e1ff..0ea8b748ff 100644 --- a/docs/endpointpolicymanager/components/browserrouter/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/_category_.json b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/_category_.json index f890ea6095..bd3755797e 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/_category_.json @@ -8,3 +8,4 @@ "id": "knowledgebase" } } + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/_category_.json b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/_category_.json index ee3640f7af..76ffd74d1c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/chromemanual.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/chromemanual.md index 916219164a..ed79aaf611 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/chromemanual.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/chromemanual.md @@ -30,11 +30,11 @@ Note down the Extension ID. You'll need this step every time we release updates ![535_1_image-20191222210303-1](/images/endpointpolicymanager/browserrouter/install/535_1_image-20191222210303-1.webp) -**Step 3 –** ote the PPBR Chrome Extension's Version Number. +**Step 3 –** Note the PPBR Chrome Extension's Version Number. -**Step 4 –** Launch this URL, [https://www.crxextractor.com/](https://www.crxextractor.com/) +**Step 4 –** Find a CRX Extractor tool. There are a variety of them online. Steps follow are generic and may be different based upon the CRX tool you have chosen. -**Step 5 –** Insert the updated PPBR Chrome Extension URL that you appended in step 1.2. +**Step 5 –** Insert the updated PPBR Chrome Extension URL that you appended in step 2. ![535_3_image-20191222210303-2_457x162](/images/endpointpolicymanager/browserrouter/install/535_3_image-20191222210303-2_457x162.webp) diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/defaultbrowser.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/defaultbrowser.md index 01b61dd5b6..67e1d382d1 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/defaultbrowser.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/defaultbrowser.md @@ -111,3 +111,5 @@ you will see that Edge has become the default browser. ![141_7_image](/images/endpointpolicymanager/troubleshooting/browserrouter/install/141_7_image.webp) ![141_8_image](/images/endpointpolicymanager/troubleshooting/browserrouter/install/141_8_image.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/iepromptdll.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/iepromptdll.md index 83beab46ee..71bcd430bb 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/iepromptdll.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/iepromptdll.md @@ -26,3 +26,5 @@ Even if users select DON'T ENABLE, theEndpoint Policy Manager CSE will fix it at The workaround and recommendation is to install theEndpoint Policy Manager CSE when no users are logged on at all, and hence, IE wouldn't be open to cause this situation. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/preventiequestions.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/preventiequestions.md index 8186dd1bd0..8c48d28b23 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/preventiequestions.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/preventiequestions.md @@ -12,3 +12,5 @@ then install the PP CSE. ``` Do {$ieCheck = Get-Process iexplore -ErrorAction SilentlyContinueIf ($ieCheck -eq $null) {msiexec /i ‘PolicyPak Client-Side Extension x64.msi' /q#Write-Host ‘Installing'Start-Sleep -s 600Exit}else {#Write-Host ‘IE Open'Start-Sleep -s 600}} while ($ieCheck -ne $null) ``` + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/twologons.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/twologons.md index 20f80eee67..f4b345436f 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/twologons.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/twologons.md @@ -18,3 +18,5 @@ Then on the next Group Policy refresh (second logon or one logon plus a manual o GPupdate), Endpoint Policy Manager Browser Router should be "saved" and ready for use. All Endpoint Policy Manager Browser Router policies should work at that point. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/windowsopenprompt.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/windowsopenprompt.md index 6f118faab1..f280500954 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/windowsopenprompt.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/windowsopenprompt.md @@ -22,3 +22,5 @@ So, the Endpoint Policy Manager CSE itself doesn't require a reboot to start wor However, for Endpoint Policy Manager Browser Router to solidify itself as the default browser (to then perform the routing) you must logoff and log on to pick up this new setting. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/knowledgebase.md index b2236bbef9..6258e06018 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/knowledgebase.md @@ -33,3 +33,5 @@ Learn advanced techniques and best practices from real-world implementations. Ou --- *For immediate support needs, see our [Contact Support](/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/contactsupport.md) section.* + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/advancedblockingmessage.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/advancedblockingmessage.md index 2c4c952177..1c709bea4c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/advancedblockingmessage.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/advancedblockingmessage.md @@ -43,3 +43,5 @@ Collection: %COLLECTION_NAME% ({%COLLECTION_ID%}). GPO: %GPO_NAME% % ({%GPO_ID%}).  Please contact your administrator to get more information. ``` + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/browsermode.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/browsermode.md index 65a6ae5ba0..06f0ab5c14 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/browsermode.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/browsermode.md @@ -47,3 +47,5 @@ see this kb article for more information: [Endpoint Policy Manager Browser Router: Internet Explorer in Edge mode](/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieedgemode.md) ::: + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/commandlinearguments.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/commandlinearguments.md index e76dd8ee43..b2bba53fce 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/commandlinearguments.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/commandlinearguments.md @@ -42,3 +42,5 @@ anymore and it is replaced with Command line arguments don't work when the source and target browsers are the same. ::: + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/defined.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/defined.md index a6ea46cbb9..9b2a717a8a 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/defined.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/defined.md @@ -60,3 +60,5 @@ example, from within Firefox or via the OS selector. as the default. **Step 4 –** The user will believe that their default browser is actually what has been set here. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/edgelegacybrowser.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/edgelegacybrowser.md index f348c6a1f4..2ba2903c50 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/edgelegacybrowser.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/edgelegacybrowser.md @@ -26,3 +26,5 @@ the other extensions. It can be managed by clicking on **Extensions** >**…** >, **Manage extension**. ![907_3_image-20220403003715-3](/images/endpointpolicymanager/browserrouter/907_3_image-20220403003715-3.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/forcebrowser.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/forcebrowser.md index 24a57d4646..d8b82f30b2 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/forcebrowser.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/forcebrowser.md @@ -34,3 +34,5 @@ the home page configured above. In this example,when Firefox or Internet Explorer is started, Browser Router will immediately close that browser and open Chrome. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/removeagent.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/removeagent.md index 5eb1d7096e..b2040ebdce 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/removeagent.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/removeagent.md @@ -92,3 +92,5 @@ under **Settings** > **Default Apps** > **Default Apps** > **Web Browser**, open **Step 6 –** Now check under **Settings** > **Default Apps** > **Web Browser** and the option to select the PPBR Agent should no longer be present. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/securityzone.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/securityzone.md index f2e5b170f2..416340a6d7 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/securityzone.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/securityzone.md @@ -17,3 +17,5 @@ is set to BLOCK. blocking policy is last in the list, so all whitelisted items will process before the blockitem. ![170_2_image002](/images/endpointpolicymanager/browserrouter/editpolicytemplate/170_2_image002.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/shortcuticons.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/shortcuticons.md index 97bd65bc5e..57bd52af76 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/shortcuticons.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/shortcuticons.md @@ -65,3 +65,5 @@ can be seen here. You want to do this on the computer side, which will change th user and computer browsers. ![835_9_hfkb-1127-img-09_950x455](/images/endpointpolicymanager/browserrouter/835_9_hfkb-1127-img-09_950x455.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/suppresspopup.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/suppresspopup.md index dd075e3be4..a0479cec55 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/suppresspopup.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/suppresspopup.md @@ -11,3 +11,5 @@ When you use the Chrome Pak or Chrome ADMX settings you can use this setting. - Navigate to Policy Path: Computer `Configuration\Administrative Templates\Google\Google Chrome\` - Policy Name: Continue running background apps when Google Chrome is closed - Policy State: Disabled + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/useselectablebrowser.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/useselectablebrowser.md index cf5b2180be..0364590913 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/useselectablebrowser.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/tipsandtricks/useselectablebrowser.md @@ -126,10 +126,12 @@ convenience the required User side Group Policy Preference XMLS are attached bel ::: -HTTP: [https://www.endpointpolicymanager.com/pp-files/2020-12-29_no-default-or-default-edge- -then-set-to-chrome-http.xml](https://www.endpointpolicymanager.com/pp-files/2020-12-29_no-default-or-default-edge- +HTTP: [https://www.policypak.com/pp-files/2020-12-29_no-default-or-default-edge- +then-set-to-chrome-http.xml](https://www.policypak.com/pp-files/2020-12-29_no-default-or-default-edge- then-set-to-chrome-http.xml) -HTTPS: [https://www.endpointpolicymanager.com/pp-files/2020-12-29_no-default-or-default-edge- -then-set-to-chrome-https.xml](https://www.endpointpolicymanager.com/pp-files/2020-12-29_no-default-or-default-edge- +HTTPS: [https://www.policypak.com/pp-files/2020-12-29_no-default-or-default-edge- +then-set-to-chrome-https.xml](https://www.policypak.com/pp-files/2020-12-29_no-default-or-default-edge- then-set-to-chrome-https.xml) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/_category_.json index 2a7c1d7f13..269232431c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/adobelinks.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/adobelinks.md index c0b46fbb27..a1015377c5 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/adobelinks.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/adobelinks.md @@ -43,3 +43,5 @@ For a list of additional Endpoint Policy Manager items that may need to be exclu KB below: [How must I configure my Anti-virus or system-level software to work with Endpoint Policy Manager CSE?](/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/antivirus.md) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/automaticallydisabled.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/automaticallydisabled.md index de2c024890..d31bf4a603 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/automaticallydisabled.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/automaticallydisabled.md @@ -38,3 +38,5 @@ the Computer side. And here is "Configure extension installation allow list" on the User side. ![759_9_img-05](/images/endpointpolicymanager/troubleshooting/error/browserrouter/759_9_img-05.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/betweenbrowsers.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/betweenbrowsers.md index 205e619759..8757b8805c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/betweenbrowsers.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/betweenbrowsers.md @@ -12,7 +12,7 @@ doesn't, then this is the guide for you. :::note Firefox version must be Firefox ESR and not Firefox RR (rapid release). For more details, -[https://www.endpointpolicymanager.com/pp-blog/policypak-will-soon-only-support-firefox-esr](https://www.endpointpolicymanager.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr). +[https://www.policypak.com/pp-blog/policypak-will-soon-only-support-firefox-esr](https://www.policypak.com/pp-blog/endpointpolicymanager-will-soon-only-support-firefox-esr). ::: @@ -117,3 +117,5 @@ webstore): [https://chrome.google.com/webstore/category/extensions?hl=en-US](ht **Step 7 –** Related.. If you see ONLY Chrome, and not any FORCED extensions, [Endpoint Policy Manager Browser Router removes other Chrome ‘force installed' extensions. How can I work around this?](/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/forceinstall.md) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextension.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextension.md index 2af2f92ada..598113dee4 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextension.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextension.md @@ -70,3 +70,5 @@ These two files can sit side by side without issue if you need to use an OLDER C UPGRADE to latest CSE later. ![774_7_img-05_950x675](/images/endpointpolicymanager/troubleshooting/browserrouter/clientsideextension/774_7_img-05_950x675.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextensionid.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextensionid.md index 1a31dd3914..5245eec76c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextensionid.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextensionid.md @@ -53,3 +53,5 @@ Chromium by visiting edge://extensions from within Edge Chromium. | 6.14.2017 | 17.6.1371.1049 | 0.0.3.8 | jdadlnndcplobhfcdfcfobnecakhmkhd | No | | 4.27.2017 | 17.3.1281.984 | 0.0.3.8 | jdadlnndcplobhfcdfcfobnecakhmkhd | No | | 2.22.2017 | 17.2.1260.930 | 0.0.3.8 | jdadlnndcplobhfcdfcfobnecakhmkhd | No | + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromerouting.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromerouting.md index 89bd6ca271..b21a0d03a9 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromerouting.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromerouting.md @@ -65,7 +65,7 @@ Q: How should I update to the latest extension? A: Our general guidance is, and has always been… please try to stick closely to us in our release schedule as possible. We know this is not always possible, but have generalized guidance here of how you should update the CSE and exactly what "supported" means. -[https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/) +[https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/) Q: I cannot update to the latest extension, but I am using builds CSE 18.7.1779.937 - 19.12.2283.849. What is this workaround of which you speak? @@ -84,3 +84,5 @@ A: We have figured out how to have ONE Chrome Extension for all versions going f Chrome Extension … with the easy to remember name "fmbfiodledfjldlhiemaadmgppoeklbn" … is going to be the "going forward one" that we can just always use. If you upgrade to the latest CSE then stick reasonably close to our release schedule and guidance we think you won't likely have a problem. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/citrixproblems.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/citrixproblems.md index 28574e1002..2ed6459b17 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/citrixproblems.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/citrixproblems.md @@ -24,3 +24,5 @@ screenshot. Chrome is keeping itself alive, even though it should not. This will fix the problem. ![253_1_image0015](/images/endpointpolicymanager/troubleshooting/browserrouter/chrome/253_1_image0015.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/contactsupport.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/contactsupport.md index 71a334595e..78df6839f1 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/contactsupport.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/contactsupport.md @@ -47,3 +47,5 @@ get logs from multiple machines showing the issue so we can do some deeper inves :::tip Remember, We need AT LEAST two machines of logs to check in this case. ::: + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/criticalwebsiteincompatibility.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/criticalwebsiteincompatibility.md index 942e4bee86..ddf5215f67 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/criticalwebsiteincompatibility.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/criticalwebsiteincompatibility.md @@ -44,3 +44,5 @@ Router.) **Step 7 –** Is the web app something we could have access to, and reproduce the experience on our end? If yes, that would get you a test / repro / fix about 100x faster. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/default.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/default.md index 6ac7c5a826..4d7a2967fd 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/default.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/default.md @@ -140,3 +140,5 @@ Do not use both Workaround 1 and 2 at the same time. ![1326_4_3a4d59894f3cd6623b958202447b1136](/images/endpointpolicymanager/troubleshooting/browserrouter/1326_4_3a4d59894f3cd6623b958202447b1136.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dllcompatible.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dllcompatible.md index 8b486bba39..47e645fd0c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dllcompatible.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dllcompatible.md @@ -21,3 +21,5 @@ Then, restart IE (a reboot is not required). Note also that if the top checkbox is checked, the error does not occur, but Endpoint Policy Manager Browser Router still will not run. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dnscall.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dnscall.md index f8391cfbd8..ef98654b81 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dnscall.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/dnscall.md @@ -28,3 +28,5 @@ The cause of the problem is a Netwrix Endpoint Policy Manager (formerly PolicyPa ## Resolution: Correct the ILT condition or remove the filter that is in place for that computer. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/extensioninactive.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/extensioninactive.md index f63b492142..cbf49229cd 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/extensioninactive.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/extensioninactive.md @@ -30,3 +30,5 @@ This should snap it back in place the next time Chrome re-launches. As a last resort, if the above does not work you can rename the `%LocalAppData%\Google\Chrome\User Data\Default `folder to reset Chrome and then close and relaunch Chrome. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/firefox.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/firefox.md index 67be01bfe2..e873318591 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/firefox.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/firefox.md @@ -29,3 +29,5 @@ screenshot: ![492_3_image003](/images/endpointpolicymanager/troubleshooting/browserrouter/492_3_image003.webp) You should be all set for now with Endpoint Policy Manager Browser Router. Let us know if otherwise. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/forceinstall.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/forceinstall.md index 6423251cf8..099ae9bcd9 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/forceinstall.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/forceinstall.md @@ -69,3 +69,5 @@ Again, the example extension ID above is just an example. Please use the correct CSE. [What is the Chrome Extension ID for all the published versions of Endpoint Policy Manager Browser Router Client Side Extension?](/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/chromeextensionid.md) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromedgetootherbrowsers.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromedgetootherbrowsers.md index 10dca17d92..f33e26ceb8 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromedgetootherbrowsers.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromedgetootherbrowsers.md @@ -13,3 +13,5 @@ sidebar_position: 90 before it kicks in. 4. Regardless .. Netwrix Endpoint Policy Manager (formerly PolicyPak) Edge to Other browser support is only expected to work / fully supported on Windows 10 1703 and later. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromietootherbrowsers.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromietootherbrowsers.md index 009aa7e65a..bea2f7e5f4 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromietootherbrowsers.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/fromietootherbrowsers.md @@ -87,3 +87,5 @@ Only then will the GPO's GPresult report demonstrate that the required item is E seen here. ![415_7_faq-asdf-03](/images/endpointpolicymanager/troubleshooting/browserrouter/internetexplorer/415_7_faq-asdf-03.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/keeporiginaltab.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/keeporiginaltab.md index d2b1a9abae..65b0871f85 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/keeporiginaltab.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/keeporiginaltab.md @@ -32,3 +32,5 @@ UN-check the Experimental flag checkbox. Then you issues should be resolved. ![589_3_img-02_950x665](/images/endpointpolicymanager/troubleshooting/browserrouter/editpolicytemplate/589_3_img-02_950x665.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/launch.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/launch.md index a817ee2d2c..8f7fd5397c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/launch.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/launch.md @@ -100,3 +100,5 @@ Google Chrome: ![870_5_image-20220217002324-5](/images/endpointpolicymanager/troubleshooting/browserrouter/chrome/870_5_image-20220217002324-5.webp) Use this Endpoint Policy Manager Scripts Manager policy to mass deploy for any future issues. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/office365.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/office365.md index 92a9be381c..c3334fa747 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/office365.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/office365.md @@ -58,3 +58,5 @@ Now set the value to "System default browser" instead of "Microsoft Edge" in the ### AFTER: ![966_7_image-20230922212443-6](/images/endpointpolicymanager/troubleshooting/browserrouter/966_7_image-20230922212443-6.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/pattern.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/pattern.md index 7843e19ec0..bdea58c40c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/pattern.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/pattern.md @@ -21,3 +21,5 @@ We suggest you pick EITHER `"*abc* -> Chrome"` (example) or `"*ghi* -> Chrome But AVOID following pattern: `"*def* -> Chrome" `which is in the MIDDLE of the redirect and not expected to work. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/quick.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/quick.md index d8b30700f0..b2702adca4 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/quick.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/quick.md @@ -16,7 +16,7 @@ typically inside a GPO. To understand how / where your license keys might live, please check this video: -[https://kb.endpointpolicymanager.com/kb/article/458-policypak-licensing-onpremise-licensing-methods-compared](https://kb.endpointpolicymanager.com/kb/article/458-policypak-licensing-onpremise-licensing-methods-compared) +[https://docs.netwrix.com/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/licensingmethods](https://docs.netwrix.com/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/licensingmethods) Also, before continuing, reboot the endpoint with the Endpoint Policy Manager CSE / Endpoint Policy Manager Browser Router installed upon it. @@ -126,3 +126,5 @@ If your email system strips ZIP files, rename it to `.ZIPP` or `.TXT` or whateve want. ::: + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/removed.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/removed.md index b762d75e4e..54bcd43f8c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/removed.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/removed.md @@ -28,3 +28,5 @@ So if you are using Browser Router, we strongly recommend upgrading your CSEs to But if you cannot / don't want to, know that you will get unexpected routing behavior. If you're using something BEFORE that, we cannot guarantee success when IE is finally removed on April 15, 2022 + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/revertlegacy.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/revertlegacy.md index 7d20cdc694..a217833698 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/revertlegacy.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/revertlegacy.md @@ -46,3 +46,5 @@ An example of the user required to manually specify Endpoint Policy Manager Brow seen here. ![764_3_image-20201027210423-2](/images/endpointpolicymanager/troubleshooting/browserrouter/764_3_image-20201027210423-2.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/routing.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/routing.md index a463066ad7..16a577d1bb 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/routing.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/routing.md @@ -50,7 +50,7 @@ What should you do now? Our general guidance is, and has always been… please try to stick closely to us in our release schedule as possible. We know this is not always possible, but have generalized guidance here of how you should update the CSE and exactly what "supported" means. -[https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/) +[https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/) Will we have this problem in the future? @@ -62,3 +62,5 @@ we're going to try. If you stick closely to our release schedule and guidance we likely have a problem. If you still have questions about this concern email support. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/stop.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/stop.md index ec2e647661..767e61c17e 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/stop.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/stop.md @@ -37,3 +37,5 @@ Then, Endpoint Policy Manager Browser Router will be 100% in charge of your URLs redirection. ![456_1_image001_950x573](/images/endpointpolicymanager/troubleshooting/browserrouter/edge/456_1_image001_950x573.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/tabissue.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/tabissue.md index 064a36d9ad..12702ead99 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/tabissue.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/tabissue.md @@ -40,3 +40,5 @@ Or visit Edge:compat in Edge and click the Force update button, the screen shoul to below. ![1323_2_faaa54cf16d85c909ec4de3a83505ac9](/images/endpointpolicymanager/troubleshooting/browserrouter/internetexplorer/1323_2_faaa54cf16d85c909ec4de3a83505ac9.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/versions.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/versions.md index 7a36054c41..04432bce63 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/versions.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/versions.md @@ -27,3 +27,5 @@ Manager Browser Router will write v2 site lists: - IE11 + Win10 Version 1511: 11.0.10586.\* - IE 11 + Win 7: Version 11.0.9600.18347 or later - IE + Win 8.1: Version 11.0.9600.18123 or later + + diff --git a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/wildcardrule.md b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/wildcardrule.md index f35ed46c4b..566436150f 100644 --- a/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/wildcardrule.md +++ b/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/wildcardrule.md @@ -47,3 +47,5 @@ There is no "www" in the URL rule below. OR ![712_3_image-20201230005141-3](/images/endpointpolicymanager/troubleshooting/browserrouter/712_3_image-20201230005141-3.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/_category_.json b/docs/endpointpolicymanager/components/browserrouter/manual/_category_.json index 1c4c158a37..491e75991a 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/manual/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/_category_.json b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/_category_.json index f3e7bac34b..d37bacd0d6 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/block.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/block.md index e5207dc3ab..65bb1672e3 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/block.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/block.md @@ -29,3 +29,5 @@ If you leave the **Block Text** field empty, default text is automatically provi ![about_policypak_browser_router_18](/images/endpointpolicymanager/browserrouter/policy/about_endpointpolicymanager_browser_router_18.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/commandlinearguments.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/commandlinearguments.md index d6ee141c56..f1baa07337 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/commandlinearguments.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/commandlinearguments.md @@ -35,3 +35,5 @@ application you want to launch (as in, MSTSC) and the command line arguments to `c:\temp\file1.rdp /v:server1 8080`). ![about_policypak_browser_router_22](/images/endpointpolicymanager/browserrouter/about_endpointpolicymanager_browser_router_22.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/custom.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/custom.md index 16bf0083fd..cb42a30278 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/custom.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/custom.md @@ -32,3 +32,5 @@ This technique works for most virtualized browsers such as Microsoft App-V, VMwa Note that once a virtualized browser is opened, Endpoint Policy Manager Browser Router cannot route away from those browsers and then back to real browsers. This is because Endpoint Policy Manager Browser Router's helper extensions are not installed in the virtualized browser. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/exportcollections.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/exportcollections.md index 88888bf549..fcc6572e9a 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/exportcollections.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/exportcollections.md @@ -29,3 +29,5 @@ one single policy. In other words, a collection is automatically created at the you export a single policy. ::: + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/itemleveltargeting.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/itemleveltargeting.md index bcea0b38e3..af3a5862ec 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/itemleveltargeting.md @@ -68,3 +68,5 @@ off **No**. This feature allows you toadd very granular filters. First, filter with Item-Level Targeting in a collection, and then filter on any specific rule if any Item-Level Targeting is applied there. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/ports.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/ports.md index 421bd389d0..b1b50814bf 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/ports.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/ports.md @@ -31,3 +31,5 @@ which versions of Internet Explorer 11 use v1 vs v2, see [When does Endpoint Policy Manager Browser Router write v1 or v2 Enterprise Mode site lists?](/docs/endpointpolicymanager/components/browserrouter/knowledgebase/troubleshooting/versions.md). ::: + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/processorderprecedence.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/processorderprecedence.md index 0254815b1b..f9c4c22772 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/processorderprecedence.md @@ -39,7 +39,7 @@ you can specify a baseline setting for various computers and then have particula policies when specific users log on. If policies are on the same side, a more-specific URL pattern takes precedence over a less-specific -URL pattern. For example, mail.endpointpolicymanager.com takes precedence over \*.endpointpolicymanager.com. +URL pattern. For example, mail.policypak.com takes precedence over \*.policypak.com. If patterns are equally specific, a pattern in a more specific policy always takes precedence over a pattern in a less-specific policy. For example, a pattern in a GPO linked to an OU wins over a @@ -91,3 +91,5 @@ characters. So an example of priority order would be as follows: - (x)(.\*)(x)(.\*)(x).com - (blue)(.\*) - (.\*) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/rules.md b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/rules.md index 441b91ab32..835cd9769e 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/configuration/rules.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/configuration/rules.md @@ -19,8 +19,8 @@ to match against Host. | Pattern Rule | Example | Matches | | -------------------------- | ----------------------------------- | ---------------------------------------------------------------------- | -| Specific URL String | www.endpointpolicymanager.com | [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) | -| Wildcard String | www.pol\*.com | endpointpolicymanager.com, politicos.com, pollution.org | +| Specific URL String | www.policypak.com | [www.policypak.com](https://www.policypak.com/) | +| Wildcard String | www.pol\*.com | policypak.com, politicos.com, pollution.org | | RegEx (Regular Expression) | (.\*)(pol)(.\*).com | SpolE.com, ESpol24.com, pol.com, etc. | | Windows IE Zone Pattern | Trusted sites, intranet sites, etc. | All trusted sites, intranet sites, etc. | @@ -71,10 +71,10 @@ Description: Matches any port and path on a URL with a matching host name that c Matching examples: -- http://www.endpointpolicymanager.com -- https://www.endpointpolicymanager.com -- http://www.endpointpolicymanager.com:1234/ -- http://www.endpointpolicymanager.com:5678/any_other_path +- https://www.policypak.com +- https://www.policypak.com +- https://www.policypak.com:1234/ +- https://www.policypak.com:5678/any_other_path Example 2:  Criteria matching all hosts and a wildcard path @@ -103,3 +103,5 @@ Matching examples: - https://www.aa.com:8080/res/app/load.aspx - http://www.aa.com:8080/lib/resapp.aspx - http://www.aa.com:8080/ffapp/main.aspx + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/_category_.json b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/_category_.json index 5b8236d012..276ca9aa64 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/navigation.md b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/navigation.md index 00bb0b8bc0..35855a7e57 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/navigation.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/navigation.md @@ -54,7 +54,7 @@ the next example, we will route www.GPanswers.com to Firefox. Click OK to save the entry. -Create another policy to route \*.endpointpolicymanager.com to Edge. +Create another policy to route \*.policypak.com to Edge. ![about_policypak_browser_router_6](/images/endpointpolicymanager/browserrouter/about_endpointpolicymanager_browser_router_6.webp) @@ -88,7 +88,7 @@ On the endpoint, log on as a user who gets the GPO (or run GPupdate if the user on). Make sure that Internet Explorer, Firefox, and Chrome are all installed. You will be ready to go if you followed along with the Endpoint Policy Manager Browser Router Quickstart, created a new Wordpad document, and typed in each URL (www.microsoft.com, www.gpanswers.com, -[www.endpointpolicymanager.com](https://technet.microsoft.com/en-us/library/dn321432.aspx)). Next, type in a URL +[www.policypak.com](https://technet.microsoft.com/en-us/library/dn321432.aspx)). Next, type in a URL that is unrelated to anything, such as www.abc.com. Based on the rules, the correct browser is opened for each URL. @@ -96,3 +96,5 @@ opened for each URL. Notice that since there was no rule for www.abc.com, the overriding Default Browser rule took effect and launched Internet Explorer. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_1.md b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_1.md index ec323a3e63..536b65d933 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_1.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_1.md @@ -39,3 +39,5 @@ Users can then change the default browser to their own liking, even though their the web browser is managed by their organization. ![about_policypak_browser_router_13](/images/endpointpolicymanager/browserrouter/defaultbrowser/about_endpointpolicymanager_browser_router_13.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_2.md b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_2.md index d71d525d3d..d917151a04 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_2.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/gettingtoknow/overview_2.md @@ -28,6 +28,7 @@ Log files for Endpoint Policy Manager Browser Router are found in the two follow - `%appdata%\local\PolicyPak\PolicyPak Browser Router` - `%Programdata%\PolicyPak\PolicyPak Browser Router` -Logs are automatically wrapped up and can be sent to -[support@endpointpolicymanager.com](https://docs.microsoft.com/en-us/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode) +Logs are automatically wrapped up and can be sent to support by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) with the PPLOGS.EXE command on any endpoint where the CSE is installed. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/_category_.json b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/_category_.json index 841f55aebe..6277ecd4e9 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/convertxmls.md b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/convertxmls.md index 926f0f399a..75d5f7c33c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/convertxmls.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/convertxmls.md @@ -41,3 +41,5 @@ The imported rules now appear. You can review any of the rules to confirm or change their settings. ![about_policypak_browser_router_35](/images/endpointpolicymanager/browserrouter/internetexplorer/about_endpointpolicymanager_browser_router_35.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/edgemod.md b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/edgemod.md index 3be54d87b2..63b204dc4c 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/edgemod.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/edgemod.md @@ -26,17 +26,17 @@ however, it might work in versions 1909, 1903, and 1809. Create a rule for -[www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/video/endpointpolicymanager-browser-router-and-ports.html) and +[www.policypak.com](https://www.policypak.com/video/endpointpolicymanager-browser-router-and-ports.html) and assign it to IE. This time select **Open as IE in Edge tab** . ![about_policypak_browser_router_29](/images/endpointpolicymanager/browserrouter/internetexplorer/about_endpointpolicymanager_browser_router_29.webp) -When the user logs on and tries to access [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) they should +When the user logs on and tries to access [www.policypak.com](https://www.policypak.com/) they should see it open as an IE tab in Edge. We say should because the rule will not work right away. There is a detail called the 65 second rule, which you can read more about here -[https://docs.microsoft.com/en-us/microsoft-edge/deploy/emie-to-improve-compatibility](http://www.endpointpolicymanager.com/video/endpointpolicymanager-troubleshooting-with-admx-files.html). +[https://docs.microsoft.com/en-us/microsoft-edge/deploy/emie-to-improve-compatibility](https://www.policypak.com/video/endpointpolicymanager-troubleshooting-with-admx-files.html). From the first time a user accesses -[www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/knowledge-base/browser-router-troubleshooting/how-to-quickly-troubleshoot-endpointpolicymanager-browser-router.html), +[www.policypak.com](https://www.policypak.com/knowledge-base/browser-router-troubleshooting/how-to-quickly-troubleshoot-endpointpolicymanager-browser-router.html), a period of 65 seconds or so has to transpire until the rule comes fully into effect. Here you can see that the Endpoint Policy Manager website now appears in IE mode within the Edge browser itself: @@ -105,3 +105,5 @@ All Enterprise from Edge to IE policy will take all websites that are already de Enterprise site list and route them to Internet Explorer. In other words, once this policy is applied, if a user opens any website within Edge that you've set to Enterprise Mode, it is automatically routed to Internet Explorer 11. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/overview.md b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/overview.md index 255fd218f3..938e1106e2 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/overview.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/overview.md @@ -20,7 +20,7 @@ certain websites for a more compatible view. :::note To get an overview of Endpoint Policy Manager Browser Router and Internet Explorer 11's Enterprise and Document Modes, please see -[http://www.endpointpolicymanager.com/video/endpointpolicymanager-browser-router-enterprise-and-document-modes.html](http://www.endpointpolicymanager.com/video/endpointpolicymanager-browser-router-block-web-sites-from-opening-in-all-browsers.html). +[https://www.policypak.com/video/endpointpolicymanager-browser-router-enterprise-and-document-modes.html](http://www.policypak.com/video/endpointpolicymanager-browser-router-block-web-sites-from-opening-in-all-browsers.html). ::: @@ -29,7 +29,7 @@ To learn more about Internet Explorer 11 Enterprise and Document Modes, see the Microsoft websites: Enterprise Mode is at: [Internet Explorer to Endpoint Policy Manager Browser Router Site lists](/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/iesitelists.md) and Document Modes is at: -[https://technet.microsoft.com/en-us/library/dn321432.aspx](http://www.endpointpolicymanager.com/video/endpointpolicymanager-using-pp-browser-router-on-citrix-or-rds-servers-with-published-browser-applications.html). +[https://technet.microsoft.com/en-us/library/dn321432.aspx](https://www.policypak.com/video/endpointpolicymanager-using-pp-browser-router-on-citrix-or-rds-servers-with-published-browser-applications.html). ::: @@ -86,3 +86,5 @@ for **Developer Tools**, and then click the Emulation tab. In this way, you can easily create routes for all webpages that need special rendering modes using Endpoint Policy Manager Browser Router. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/specialtypes.md b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/specialtypes.md index 3960cbdb00..b720aa0453 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/specialtypes.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/internetexplorer/specialtypes.md @@ -30,3 +30,5 @@ automatically be routed to Internet Explorer 11. Enterprise site list and routes those to Internet Explorer. In other words, once this policy is applied, if a user opens any website within Edge that you've set to Enterprise Mode, it will automatically be routed to Internet Explorer 11. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/overview.md b/docs/endpointpolicymanager/components/browserrouter/manual/overview.md index ef67dfcd6f..58713444f0 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/overview.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/overview.md @@ -31,3 +31,5 @@ Browser Router solves the common problem of ensuring the right browser opens for 2. Learn about Configuration to set up routing rules 3. Check Internet Explorer settings if using IE routing 4. Review Understanding Default Browser Policies for advanced scenarios + + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/_category_.json b/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/_category_.json index 376f4076f1..86cabb5caa 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/osweb.md b/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/osweb.md index ac340a003a..8355700510 100644 --- a/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/osweb.md +++ b/docs/endpointpolicymanager/components/browserrouter/manual/understandingdefaultbrowser/osweb.md @@ -20,3 +20,5 @@ There are two options available: The end result looks like this. Note that the default browser is also displayed. ![about_policypak_browser_router_46](/images/endpointpolicymanager/browserrouter/about_endpointpolicymanager_browser_router_46.webp) + + diff --git a/docs/endpointpolicymanager/components/browserrouter/overview.md b/docs/endpointpolicymanager/components/browserrouter/overview.md index 9e781530c0..ad11b646ff 100644 --- a/docs/endpointpolicymanager/components/browserrouter/overview.md +++ b/docs/endpointpolicymanager/components/browserrouter/overview.md @@ -27,3 +27,5 @@ Browser Router is a powerful component of Endpoint Policy Manager (PolicyPak) th - Installation Guide - Troubleshooting Guide - Getting Started Videos + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/_category_.json index 08b2b0a69c..48b4bb9e46 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/_category_.json @@ -8,3 +8,4 @@ "id": "videolearningcenter" } } + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/_category_.json b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/_category_.json index 8142be3e32..321e0d8dce 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/citrix.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/citrix.md index e97bfb70bf..d3576689a7 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/citrix.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/citrix.md @@ -8,7 +8,7 @@ sidebar_position: 10 In this video, learn the best practice for using PPBR and Citrix / RDS servers. Route from browser to browser very quickly using this technique. - + ### PolicyPak: Using PP Browser Router on Citrix or RDS servers with published browser applications @@ -78,3 +78,5 @@ we never got prompted not once about who should be the default browser when usin Citrix sever. I hope this video helps you out and you're ready to get started with Browser Router. Thanks. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/custombrowsers.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/custombrowsers.md index c40b919c64..a9c5889cf8 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/custombrowsers.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/citrixvirtualapps/custombrowsers.md @@ -8,13 +8,13 @@ sidebar_position: 20 If you have App-V, ThinApp, or Citrix or RDS published applications, use this trick to route from a real built-in browser to your virtual / published browser. - + ### Endpoint Policy Manager \_ Browser Router with Custom Browsers Hi. In this video I'm going to show you how you can use custom browser router routes to ensure that the right browser opens for the right time. So, the scenario might be a user might be using the -built-in version of; say; Internet Explorer and they go to a website like endpointpolicymanager.com. You always +built-in version of; say; Internet Explorer and they go to a website like policypak.com. You always want this to fire off, not here in the built-in browser but either in an Appv4 or 5 browsers or a thin app browser or a Citrix browser. For instance, this browser is hanging out over there on the Citrix server, so it's connecting to my Citrix server over here. It's real easy to do this. We'll @@ -67,9 +67,11 @@ That's correct and if I go to vmware, that's going to launch, _boom_, the thin a Firefox right there. So, if you've got Appv4, Appv5, Thin App or Citrix, using browser router you can specifically say that when they go to the website using the built-in browsers on their machine, you will automatically launch the custom browser. Okay? That being said, we do know that if you were -in the custom browser right here and you try to go back to, for instance, endpointpolicymanager.com, this is +in the custom browser right here and you try to go back to, for instance, policypak.com, this is where the routes end. We do not route from the custom browsers like thin app or Appv back outward to your original browser. So, for custom browsers like this, it is a one-way street. For custom routes for browsers that are actually installed on the machine, it will route between browsers just fine as you have seen in the previous videos. If you have any questions, we are here for you and we hope you get started with it soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/_category_.json index edb57b5129..9b170c37fa 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/blockwebsites.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/blockwebsites.md index 1928829098..1b12c08687 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/blockwebsites.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/blockwebsites.md @@ -7,4 +7,6 @@ sidebar_position: 30 Users being naughty? Use PP Browser Router to stop that nonsense. - + + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgespecial.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgespecial.md index d35cc94191..6f9aae5cba 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgespecial.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgespecial.md @@ -8,7 +8,7 @@ sidebar_position: 40 After you create your Enterprise Mode site lists, you can decide how to handle Edge browser. Do you want websites to render in Edge or IE? This video shows you how to adjust for your conditions. - + ### Endpoint Policy Manager and Edge ‘Special' policies @@ -62,3 +62,5 @@ conditions. If you have any questions, we're here for you. I hope you can take advantage of this right away. Thanks. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgesupport.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgesupport.md index 638ca2e823..666acf5e4a 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgesupport.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/edgesupport.md @@ -9,7 +9,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) now supports routing FROM E browsers (Firefox, IE, and Chrome.) Its easy, and here's the only small thing you need to know to make it work perfectly ! - + ### PolicyPak: Browser Router now with support for MS Edge @@ -26,7 +26,7 @@ to "Google Chrome." I'm then going to create a "New Policy" that says "FF to FF," "Wildcard" "\*mozilla\*" and we'll go to "Firefox" here. If I were to go "Add" a "New Policy" that says "GPanswers.com to EDGE," we can then go to "Url" "GPanswers.com" and go to "Edge." Then if I wanted to create one for Endpoint -Policy Manager to Internet Explorer, "New Policy," "PP to IE" and go to "endpointpolicymanager.com" and go to +Policy Manager to Internet Explorer, "New Policy," "PP to IE" and go to "policypak.com" and go to "Internet Explorer." Okay, great, so now we've set that all up just the way we want, and now we're ready to test it out. @@ -59,7 +59,7 @@ browser. Then we said if we're in Chrome and we go to "www.gpanswers.com," we wa Edge. So here comes Edge, and now we're in Edge. Now here's where finally the new support comes in. If you're in Edge, up until recently there was no -way to go from Edge to another browser. If you wanted to go back to "www.endpointpolicymanager.com," which we +way to go from Edge to another browser. If you wanted to go back to "www.policypak.com," which we said open up only in Internet Explorer, or www.mozilla.org open up in Firefox, when you click on Edge the very first time you run Edge it will not actually do what you ask it to do. @@ -74,7 +74,7 @@ charm. That's it. That's all you need to do. So let's do it all again because no closed Edge, and now this user is locked and loaded and we support it. Let's start again. We'll go from "Google Chrome" to Edge. So we'll go from Chrome and we'll say -"www.gpanswers.com." Here we are in Edge now. We can go to "www.endpointpolicymanager.com." Watch Edge. We will +"www.gpanswers.com." Here we are in Edge now. We can go to "www.policypak.com." Watch Edge. We will close Edge and open up Internet Explorer. If we're in Edge and we want to do some great stuff in Edge here which is fine and have this tab and @@ -89,3 +89,5 @@ you need to do in your routes. It's just as simple as that. We've got you covere I hope this helps you out. Looking forward to getting you started real soon with Endpoint Policy Manager Browser Router. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ie.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ie.md index 314d931c17..4dc709fe31 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ie.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ie.md @@ -8,7 +8,7 @@ sidebar_position: 70 Use Netwrix Endpoint Policy Manager (formerly PolicyPak) to dynamically set Enterprise and Document modes, as well as force an Internet Explorer tab to open--inside Edge! - + Hi, this is Whitney with Endpoint Policy Manager Software. In other videos, we talked about setting default browsers, routing the right website to the right browser, and making sure that the naughty @@ -60,3 +60,5 @@ right down here. However, there is your Internet Explorer mode tab. There you ha easy it is to set up an Internet Explorer Enterprise or document mode easily and quickly as well as forcing an Internet Explorer tab open inside of Edge. If this is of interest to you, sign up for our webinar, and we'll get you started on a free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ports.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ports.md index a22707888b..9f088ff880 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ports.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/ports.md @@ -7,7 +7,7 @@ sidebar_position: 50 Need to route specific websites to specific browsers based upon ports? Check out this demo. - + ### PolicyPak: Browser Router and Ports @@ -61,3 +61,5 @@ an exact match. With that in mind, if you have any questions about how to use Endpoint Policy Manager Browser Router, we look forward to answering them and hope you get to take advantage of this real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/rightbrowser.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/rightbrowser.md index 47989d4ede..3dea6cd608 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/rightbrowser.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/rightbrowser.md @@ -10,7 +10,7 @@ using the WRONG website most of the time. With PP Browser Router, you create pol where specific websites are launched only into the specific browsers. It couldn't be easier. Check it out. - + Hi, this is Whitney with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software. In this video, I'm going to show you a gaggle of problems that you can fix using Endpoint Policy Manager's @@ -61,3 +61,5 @@ Facebook.com. This website is blocked by company policy. Please contact Support have it. We have set a default browser. We routed particular websites to particular browsers and we even made sure to block Facebook. If this is of interest to you, sign up for our webinar and we'll get you started on your free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/userselecteddefault.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/userselecteddefault.md index 2d104f873a..313cd741c5 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/userselecteddefault.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/gettingstarted/userselecteddefault.md @@ -9,7 +9,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) Browser Router now lets you back to your end-users. They can specify their browser of choice, and Endpoint Policy Manager will let them utilize it. Here's how to set up the feature. - + ### PolicyPak: Set up a default browser using PolicyPak Application Manager @@ -41,9 +41,11 @@ said Firefox is the default browser, and we get Firefox as the default browser. If we were to, however, go to something that does have a route like "www.google.com" that has a route to Chrome, let's see what happens there. That should open the Chrome browser. In fact, it -does. We have another route to "www.endpointpolicymanager.com," and that should go to Internet Explorer because +does. We have another route to "www.policypak.com," and that should go to Internet Explorer because we have a route to that. If you use User Selectable, that says anything we don't have a route for and the user has made a choice to decide what their default browser is, then honor that. That's a good new feature for Endpoint Policy Manager customers. I hope you like it. We'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/_category_.json b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/_category_.json index bf3482899d..e671dd1396 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/cloud.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/cloud.md index 8162a493ac..f1ad5169fd 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/cloud.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/cloud.md @@ -9,7 +9,7 @@ Deliver your routes to traveling and non-domain joined machines to Use Netwrix E Manager (formerly PolicyPak) Cloud to manage your browsers and make routes to your domain joined and non-domain joined machines. - + Hi, this is Jeremy Moskowitz. In this video we're going to use Endpoint Policy Manager Cloud's in-cloud editors to create browser router routes so that you can get to the right browser, to the @@ -59,7 +59,7 @@ a tall order. What are we going to do? Let's go ahead and go to New Policy here, New Browser Router Policy. We'll call this Endpoint Policy Manager Example Site. If you want to use Internet Explorer Special Mode, -you have to give it an exact URL. I'm going to go ahead and give it https://www.endpointpolicymanager.com. It +you have to give it an exact URL. I'm going to go ahead and give it https://www.policypak.com. It should work without the https before it, and it should also work without the www before it. That's all the same there. @@ -166,3 +166,5 @@ editor. That way you can take your on-prem directive, if you have them, bring th Policy Manager Cloud, and continue to edit them here in Endpoint Policy Manager Cloud land. I hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Browser Router and Endpoint Policy Manager Cloud real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/mdm.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/mdm.md index a88a0a6e68..f34ffbf3e3 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/mdm.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/methods/mdm.md @@ -10,7 +10,7 @@ using the WRONG website most of the time. With PP Browser Router, you create pol where specific websites are launched only into the specific browsers, then deploy those policies using the MDM service of your choice. It couldn't be easier. Check it out! - + Hi, this is Whitney with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software. In a previous video, we learned how to use the Browser Router component to create policies to route the @@ -77,3 +77,5 @@ There you have it. We set a default browser. We routed particular websites to pa We even made sure to block Facebook. Then after wrapping that all up in an MSI, we delivered the settings to our MDM enrolled non-domain joined machine. If this is of interest to you, sign up for our webinar, and we'll get you started on your free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/browsericon.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/browsericon.md index 8e02766a95..2282d31de1 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/browsericon.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/browsericon.md @@ -8,5 +8,7 @@ sidebar_position: 90 A little update to PP Browser Router, showing how to set the generic icon to your actual default browser icon. - + + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chrome.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chrome.md index 4781465893..0589b8dbed 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chrome.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chrome.md @@ -8,7 +8,7 @@ sidebar_position: 50 Using PP Browser router, you can do a magic trick. Have ALL traffic go thru Chrome, except a handful of websites (called Exceptions.) Here's how to do it. - + ### PPBR: Route all sites to Chrome, with some exceptions @@ -28,7 +28,7 @@ there. All right, this is actually pretty easy to understand. You see there's your "HTTP" and "HTTPS" traffic in "Google Chrome." You see we have made a few exceptions for some "Internet Explorer" -options: "msn," "go.microsoft," "about:Tabs" and "endpointpolicymanager.com." Those are all available to use in +options: "msn," "go.microsoft," "about:Tabs" and "policypak.com." Those are all available to use in "Internet Explorer," which is to say it won't shut down and go into Chrome. It will stay in Explorer. The same with "Firefox" here. We're going to allow "www.gpanswers.com" to open in "Firefox" and to stay open in "Firefox." @@ -82,3 +82,5 @@ then sign up for a webinar. Then when it's done, we'll hand over the bits and yo your way to a free trial. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chromenondomainjoined.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chromenondomainjoined.md index 90fe743b13..ae2a558aaa 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chromenondomainjoined.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/chromenondomainjoined.md @@ -8,7 +8,7 @@ sidebar_position: 20 If you are using PP Cloud and PP Browser router, this is the video to see how to enable Chrome to "Other" browser routing. (Chrome to FF, Chrome to IE, Chrome to Edge, etc.) - + ### PolicyPak: Browser Router now supports Chrome on Non-Domain Joined machines @@ -44,7 +44,7 @@ If you don't want to do that, you can also go to "chrome://extensions" and then bottom you can click "Enable." That's a second choice. Now you can see that the Browser Router Chrome extension is ready to go. -If we were to now be in "Google Chrome" and we were to say I want to go to "www.endpointpolicymanager.com," what +If we were to now be in "Google Chrome" and we were to say I want to go to "www.policypak.com," what it's going to do is close Chrome and open up the browser of your choice, which in my case is Firefox. I don't know if it has ever been run before so it might ask for first run stuff. Yeah, there we go, first run stuff. @@ -56,3 +56,5 @@ on for the user. I hope that gets you at least to the one-yard line and you can to get to the goal. All right, I hope that helps you out. Take care. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/defaultwindows10.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/defaultwindows10.md index af73fbc261..6634ddce4a 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/defaultwindows10.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/defaultwindows10.md @@ -8,7 +8,7 @@ sidebar_position: 10 You want to set the users' Default Browser. Great ! But how can you deliver the setting... one time... then let the user drift from that configuration? Easy ! - + Hi, this is Jeremy Moskowitz. In this video, I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) Browser Router to set a default browser policy and let it drift @@ -79,3 +79,5 @@ and drift, so you can deploy this one time after you've rolled out Windows 10, g that they want and then let them make the choice afterward. Then finally, Once or when forced will snap it back to the thing you say when gpupdate/force is run. Hope this helps you out. Looking forward to getting started real soon with Endpoint Policy Manager. Thanks. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/edge.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/edge.md index 6c5efab748..988087e20d 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/edge.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/edge.md @@ -8,7 +8,7 @@ sidebar_position: 60 Using PP Browser router, you can do a magic trick. Have ALL traffic go thru Edge, except a handful of websites (called Exceptions.) Here's how to do it. - + ### PPBR: Route all sites to Edge (with some exceptions) @@ -74,3 +74,5 @@ That's how that works. If this is interesting to you, if you want to try out End Manager, just sign up for a webinar and when it's done we will get you all set up with the bits and you can get started on a trial of your very own. Thanks. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/firefox.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/firefox.md index b509a68351..c86a86f0b2 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/firefox.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/firefox.md @@ -8,7 +8,7 @@ sidebar_position: 40 If you want to force Firefox to be the default browser for EVERYTHING, except some sites, then we have a special XML file and video to help you out. - + ### PolicyPak Browser Router: Use Firefox as default for ALL pages, except some pages @@ -100,3 +100,5 @@ scenario. Thanks so much for watching. If you're looking to get started with Endpoint Policy Manager, just go ahead and join us for a webinar and you can get started right away. Thanks. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieedgemode.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieedgemode.md index 9f23e9bb99..cd1f265bce 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieedgemode.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieedgemode.md @@ -11,7 +11,7 @@ which versions of Windows / Internet Explorer will permit this function, and whi learn about the "65 second rule". Definitely "walk before you run" with IE in Edge mode and PPBR by watching this video. - + Hi, this is Jeremy Moskowitz. In this video, we're going to talk about how to do Internet Explorer in Edge mode using Endpoint Policy Manager Browser Router. There's a lot of details in this video. @@ -40,7 +40,7 @@ screen for a couple more seconds, and let's move on. Now what we're going to do is let's go ahead and set our routes. Here's Browser Router here. You've always been able to right click Add and new policy here, and if you want it to do something like -Endpoint Policy Manager to IE, that's fine. You can go to www.endpointpolicymanager.com to Internet Explorer, +Endpoint Policy Manager to IE, that's fine. You can go to www.policypak.com to Internet Explorer, and here is where you get to set if you want to open it up in standalone IE or open it up in IE Edge tab, so let's go ahead and do that here. What I'm going to also do – I think I've got another conflicting one. I want to get rid of that one so it doesn't actually conflict. Let me go ahead and @@ -51,11 +51,11 @@ so let's go ahead and let's give this a second or two to catch up. Now that that see that our original routes work, so if we go to Google, that's going to go over to Chrome, which I've already got set up. That's all good to go. Here we go. Chrome, happy as a clam. If I were to click on mozilla.org, I've set that to go to Firefox. That should be good to go. Let's go ahead and -see that. Go ahead and launch. There we go, mozilla.org over to Firefox. Now we said endpointpolicymanager.com +see that. Go ahead and launch. There we go, mozilla.org over to Firefox. Now we said policypak.com goes to Internet Explorer in the Edge tab, right? Whoops, let's go ahead and – we don't care about any of that stuff. -Now let's go ahead and click on endpointpolicymanager.com, and remember, I said it's guaranteed working in the +Now let's go ahead and click on policypak.com, and remember, I said it's guaranteed working in the 2004 edition. Lo and behold, it's not working right away. What is going on? Why doesn't it work right away? It doesn't work right away because this is something that's built into Edge and Internet Explorer, which is the enterprise mode site list, which takes two minutes. Let me go ahead and get @@ -74,9 +74,9 @@ have all the ducks in a row and it's all working fine. It still won't work unles Explorer and then wait 65 seconds. The second time shouldn't be a big deal. Let's go ahead and close all these browsers out. We don't need them anymore. Now let's go and click -on endpointpolicymanager.com. If it doesn't work, you should close – try to close Edge here and then try it +on policypak.com. If it doesn't work, you should close – try to close Edge here and then try it again here. If you go back to Edge – again, should take 65 seconds or so and there we go. If we go -to endpointpolicymanager.com, we can see Edge is – we're now in Edge, but we're in Internet Explorer mode in +to policypak.com, we can see Edge is – we're now in Edge, but we're in Internet Explorer mode in Edge, and what's happening underneath the hood, which I think is pretty interesting – if we go to Task Manager here and we take a look at Edge, Edge is really running the real Internet Explorer. That's the magic of how they do that. @@ -106,3 +106,5 @@ showbiz. I hope this give you enough to go on. If you do have any questions, we're here for you. Try to post them to the forums first, but if you need any one-on-one help, we're happy to help you in the support channel. Thank you very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieforce.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieforce.md index 21e7fff79a..6f3a09e828 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieforce.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/ieforce.md @@ -10,7 +10,7 @@ except a handful of websites (called Exceptions.) Here's how to do it. Two tips: the XML, just ask support. And, if you want to route all traffic thru, say, Firefox or Chrome… that's possible, but that's a DIFFERENT video. - + ### PolicyPak Browser Router: Force all websites to IE(but have some exceptions) @@ -38,7 +38,7 @@ automatically switch and that's the number one thing it's going to do. But if you want to make an exception for certain websites like you're timecard app or some other weird thing, that's fine. Like in this example, I have Endpoint Policy Manager going to Chrome -("www.endpointpolicymanager.com in CH") and Bing going to Firefox ("www.bing.com in FF"). +("www.policypak.com in CH") and Bing going to Firefox ("www.bing.com in FF"). Then we have this unusual one. This is a two-step thing you need to do here. This last item here basically says when you open Chrome, at least open the new browser tab ("CH new tab in CH") or else @@ -86,7 +86,7 @@ work in Internet Explorer just the way we wanted to. But we did say we wanted to make two exceptions to the list. The first exception we have is let's say you decide you want to go over to Endpoint Policy Manager. It's just an exception that we set. -If we go to "www.endpointpolicymanager.com," what do we get? That opens up in Chrome. We'll just wait for that +If we go to "www.policypak.com," what do we get? That opens up in Chrome. We'll just wait for that finish here for a second. If you're over here in Internet Explorer and you go to "www.bing.com," we're going to say that's going to open up in Firefox land. @@ -101,3 +101,5 @@ Internet Explorer, which is probably not what you want. That's it. I hope this helps you out and you're ready to get started with Endpoint Policy Manager. Take care. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/iesitelists.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/iesitelists.md index c11e67535c..89c3cf5bc3 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/iesitelists.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/tipsandtricks/iesitelists.md @@ -8,7 +8,7 @@ sidebar_position: 70 Use the in-the-box converter utility to take your existing IE Enterprise Site list files and immediately use them with Browser Router. - + ### Endpoint Policy Manager:  Internet Explorer to Endpoint Policy Manager Browser Router Site lists @@ -51,3 +51,5 @@ using Browser Router right away, you don't have to hand convert it over. We'll d you. There you go. Hope that helps you out. Thank you very much. Looking forward to getting you started. + + diff --git a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/videolearningcenter.md index df52f13a1c..a26776a78f 100644 --- a/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/videolearningcenter.md @@ -31,3 +31,5 @@ Specialized guidance for using Browser Router in Citrix Virtual Apps environment --- *All videos include step-by-step guidance and real-world examples to help you implement Browser Router successfully.* + + diff --git a/docs/endpointpolicymanager/components/devicemanager/_category_.json b/docs/endpointpolicymanager/components/devicemanager/_category_.json index 6d98cadaec..eb3b91d95a 100644 --- a/docs/endpointpolicymanager/components/devicemanager/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/_category_.json b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/_category_.json index f890ea6095..bd3755797e 100644 --- a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/_category_.json @@ -8,3 +8,4 @@ "id": "knowledgebase" } } + diff --git a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/installation/_category_.json b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/installation/_category_.json index ee3640f7af..76ffd74d1c 100644 --- a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/installation/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/installation/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/knowledgebase.md index 71a10d3047..5f060ad1f0 100644 --- a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/knowledgebase.md @@ -28,3 +28,5 @@ Device Manager provides enterprise-grade device control capabilities. This techn --- *Consult the troubleshooting section for common issues and solutions.* + + diff --git a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/_category_.json index 2a7c1d7f13..269232431c 100644 --- a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/troubleshooting.md b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/troubleshooting.md index 6c964e957d..e8267a513e 100644 --- a/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/troubleshooting.md +++ b/docs/endpointpolicymanager/components/devicemanager/knowledgebase/troubleshooting/troubleshooting.md @@ -18,3 +18,5 @@ Each log occurs when different policy triggering events occur. Special log is ppComputer_Operational.log which explains what's happening in real-time on the machine. ![logging1](/images/endpointpolicymanager/device/devicemanager/logging1.webp) + + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/_category_.json b/docs/endpointpolicymanager/components/devicemanager/manual/_category_.json index 1c4c158a37..491e75991a 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/manual/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/configuration/_category_.json b/docs/endpointpolicymanager/components/devicemanager/manual/configuration/_category_.json index 231704b45b..e5db75a598 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/configuration/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/manual/configuration/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/configuration/helpertool.md b/docs/endpointpolicymanager/components/devicemanager/manual/configuration/helpertool.md index cbec0e6f72..d99370a5eb 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/configuration/helpertool.md +++ b/docs/endpointpolicymanager/components/devicemanager/manual/configuration/helpertool.md @@ -50,3 +50,5 @@ Then, you may use this list using the previously described wizard pages such as Serial Number and Allow Device by BitLocker Key, as shown in the example screen below. ![helper5](/images/endpointpolicymanager/device/devicemanager/helper5.webp) + + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/configuration/rules.md b/docs/endpointpolicymanager/components/devicemanager/manual/configuration/rules.md index 52d87e10d3..5f1fb4019e 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/configuration/rules.md +++ b/docs/endpointpolicymanager/components/devicemanager/manual/configuration/rules.md @@ -190,3 +190,5 @@ it as the basis to start a rule. ![event1](/images/endpointpolicymanager/device/devicemanager/event1.webp) # ![event2](/images/endpointpolicymanager/device/devicemanager/event2.webp) + + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/_category_.json b/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/_category_.json index 9d2fe6d006..b8c4d29a68 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/devicemanagerpolicies.md b/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/devicemanagerpolicies.md index af50816887..83299f9052 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/devicemanagerpolicies.md +++ b/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/devicemanagerpolicies.md @@ -158,3 +158,5 @@ is similar to the questions when adding a USB device earlier. The typical route is Allow Users to use specific phones or other WPDs. ![wpd3](/images/endpointpolicymanager/device/devicemanager/wpd3.webp) + + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/globaldevicemanager.md b/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/globaldevicemanager.md index 55e41faec2..c50fddfd99 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/globaldevicemanager.md +++ b/docs/endpointpolicymanager/components/devicemanager/manual/gettingtoknow/globaldevicemanager.md @@ -54,3 +54,5 @@ system responds. Selecting More information shows Device Info which may be used in the next steps to allow a device type. It is recommended to copy these details to Notepad to keep them handy for use during the read-through of the manual. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/manual/overview.md b/docs/endpointpolicymanager/components/devicemanager/manual/overview.md index ba45f8a0a2..8620a5dd62 100644 --- a/docs/endpointpolicymanager/components/devicemanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/devicemanager/manual/overview.md @@ -27,3 +27,5 @@ Device Manager addresses the security challenge of controlling hardware device a 1. Review Getting to Know Device Manager for fundamental concepts 2. Configure policies using Configuration guides + + diff --git a/docs/endpointpolicymanager/components/devicemanager/overview.md b/docs/endpointpolicymanager/components/devicemanager/overview.md index a1cebf1f55..a7a5885976 100644 --- a/docs/endpointpolicymanager/components/devicemanager/overview.md +++ b/docs/endpointpolicymanager/components/devicemanager/overview.md @@ -26,3 +26,5 @@ Device Manager is a component of Endpoint Policy Manager (PolicyPak) that provid - Device Policies Configuration - Getting Started Videos - Troubleshooting Guide + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/_category_.json index 08b2b0a69c..48b4bb9e46 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/_category_.json @@ -8,3 +8,4 @@ "id": "videolearningcenter" } } + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/_category_.json index edb57b5129..9b170c37fa 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/bitlockerdrives.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/bitlockerdrives.md index 7a2daea157..8f85362029 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/bitlockerdrives.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/bitlockerdrives.md @@ -8,4 +8,6 @@ sidebar_position: 50 Got USB sticks and want to ensure they only work with Bitlocker'd devices? See this video to see how to do it. - + + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmapprovalautorules.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmapprovalautorules.md index 2afa51a71e..7db21f2509 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmapprovalautorules.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmapprovalautorules.md @@ -9,4 +9,6 @@ sidebar_position: 80 Want to allow or deny specific USB devices whenever a user inserts one? And would you like to automatically create rules based upon these requests? Learn both techniques here. - + + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmhelpertool.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmhelpertool.md index 96f8612b74..be9336d5da 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmhelpertool.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/dmhelpertool.md @@ -9,4 +9,6 @@ sidebar_position: 70 This demo shows you how to enumerate the USB and other devices on the machine to enable quick Device Manager rules. - + + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/enduser.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/enduser.md index 614c340981..e58a4b8fc2 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/enduser.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/enduser.md @@ -9,4 +9,6 @@ sidebar_position: 60 Got users out in the field and want them to be able to report their requests for un-blocking their USBs and other devices? See how to set that up in this video. - + + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/serialnumber.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/serialnumber.md index 0206c55cc4..d6118b89c4 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/serialnumber.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/serialnumber.md @@ -9,7 +9,7 @@ Use Netwrix Endpoint Policy Manager (formerly PolicyPak) Device Manager to speci users can use which serial numbers of USB sticks and DVD devices. This way, you issue the device, and you know EXACTLY who has USB Read/ Read/Write or Full access. - + In a previous video, you saw me limit which USB sticks are allowed by USB vendor type. The problem, however, even though it works great when you give the correct USB sticks to your end users, is that @@ -55,3 +55,5 @@ whatever they want, you can hammer – put the hammer down based upon a device t put the screws it by dictating it by serial number. You can decide which is the most important way for you to get the job accomplished, and hope this tool helps you out. Thank you very much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdrive.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdrive.md index 1f144382ac..43acf5f9b5 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdrive.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdrive.md @@ -8,7 +8,7 @@ sidebar_position: 10 With Netwrix Endpoint Policy Manager (formerly PolicyPak) Device Manager, it takes one policy to immediately put the smackdown on USB sticks and CD-ROMs. Yep, it's that easy. - + Hi, this is Jeremy Moskowitz, founder and CTO of Endpoint Policy Manager Software. Hey, look, I just found this USB stick in the parking lot. Let me go ahead and double click on it and see what's @@ -55,3 +55,5 @@ how you can open up one user for specific USB sticks by serial, and then I'll al other magic tricks with exporting to MDM and our cloud service. Go ahead and watch the rest of the videos. Looking forward to getting you started with Endpoint Policy Manager Device Manager real soon. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowuser.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowuser.md index ce00be7ffb..45584cadb4 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowuser.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowuser.md @@ -8,7 +8,7 @@ sidebar_position: 20 If you trust one person, like a doctor or consultant, etc. then you can grant the one person (or group) READ, READ/WRITE, FULL access to all device. - + In a previous video, you saw me put the smackdown on CD-ROMs and USB sticks. This blanket is going to hit every user on this computer, but what if you had one user that you trusted, like a doctor or @@ -66,3 +66,5 @@ If you think that is too much access, go ahead and check out the next video wher you how you can allow one user to have specific access to a specific USB stick by serial number. That's even more cranking it down. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowvendor.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowvendor.md index 27eec4f50f..1efbaf86d9 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowvendor.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/gettingstarted/usbdriveallowvendor.md @@ -9,7 +9,7 @@ If you have a specific USB device vendor you trust, and those devices are always Netwrix Endpoint Policy Manager (formerly PolicyPak) Device Manager to restrict device use to THOSE vendor IDs only! - + In our first video, we put the smackdown on all evil CD-ROMs and USB sticks. Then we opened it up for one trusted user to either just read or maybe full access if we really trust them. The thing, @@ -54,3 +54,5 @@ that maybe you don't want to do, like read from the device or to run stuff that be running. If that is super important to you, and I can see where it would be, you can dictate that particular USB sticks are allowed and controlled because of serial number. Go ahead and take a look at that video. That's the next one on the list. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/_category_.json b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/_category_.json index bf3482899d..e671dd1396 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/_category_.json +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/cloud.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/cloud.md index a4d24b3e08..c779c251d3 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/cloud.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/cloud.md @@ -8,7 +8,7 @@ sidebar_position: 10 Got Endpoint Policy Manager Cloud... and naughty users with USB sticks? See how to take your policies and get them working with Endpoint Policy Manager Cloud ! - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can use Endpoint Policy Manager Device Manager and Endpoint Policy Manager Cloud together. First things first, you're @@ -72,3 +72,5 @@ We've allowed that, but naughty USB sticks are blocked, and there you go. If you want to become a better security admin with Endpoint Policy Manager, hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Cloud and Endpoint Policy Manager Device Manager real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/mdm.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/mdm.md index ca4dcb9a49..6a49655b49 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/mdm.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/methods/mdm.md @@ -9,7 +9,7 @@ Got Intune or another MDM service, and users plugging in USB sticks... walking o data, or worse, introducing malware? Specify exactly WHO can use WHAT USB sticks ... so you don't have to fight fires everywhere around data and ransomware. - + Hi, this is Jeremy Moskowitz. In this video, I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) Device Manager to enable and restrict USB sticks using your MDM @@ -128,3 +128,5 @@ not something that you can do inside of Intune or other MDM services. This is an only available to you with Endpoint Policy Manager. There you go. I hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager and your MDM service real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/videolearningcenter.md index 7131a8ba06..39237c11c2 100644 --- a/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/videolearningcenter.md @@ -23,3 +23,5 @@ Learn how to deploy and manage Device Manager policies using various enterprise --- *All videos provide practical examples and step-by-step guidance for real-world implementations.* + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/_category_.json index b8243d3f7f..03fa60547f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/knowledgebase.md deleted file mode 100644 index 4167ef27d4..0000000000 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/knowledgebase.md +++ /dev/null @@ -1,94 +0,0 @@ ---- -title: "Knowledge Base" -description: "Knowledge Base" -sidebar_position: 10 ---- - -# Knowledge Base - -See the following Knowledge Base articles for Least Privilege Manager. - -## Licensing - -- [What is the difference between Endpoint Privilege Manager Standard and Complete licenses?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/license.md) - -## Tips (How does PPLPM work?) - -- [Which account does an elevated process run within?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/accountelevatedprocess.md) -- [Does Endpoint Privilege Manager block Macro attacks?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/macroattacks.md) -- [How secure is it just to use the digital signature? Can someone spoof a digital signature?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/digitalsignature.md) -- [Is Endpoint Privilege Manager compatible alongside an existing installation of Microsoft Applocker?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/applocker.md) -- [How can I change the behavior of "Run as Admin" with Endpoint Privilege Manager and how has it changed from previous versions?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/runasadmin.md) - -## Tips (Specific Workaround for Apps and Scenarios) - -- [How to create an LPM Policy for (SynTPEnh.exe) Synaptics Pointing Device Driver](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/synapticspointingdevicedriver.md) -- [Install Windows Fonts for users or Elevate end-users to install fonts themselves](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installfonts.md) -- [How do I elevate MMC snap ins without granting administrative rights?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mmcsnapin.md) -- [How do I use Least Privilege Manager to Elevate .reg files to allow import by standard users](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/registry.md) -- [How-to elevate Windows Defender Firewall in Endpoint Privilege Manager?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/windowsdefender.md) -- [How do I elevate installers that are classified as Installers but not Applications? Like Ninite, 7z, or Self-Extract?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installers.md) -- [Allowing access/edit rights to specific files for standard users](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/editrights.md) -- [How to Elevate applications with a .application extension using Least Privilege Manager](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/applicationextension.md) -- [How do I elevate .MSP files such as Adobe Acrobat updates?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mspfiles.md) -- [FTK Imager crashes with 'Server Busy' dialog box when "Image Mounting" while running elevated](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/serverbusy.md) - -## Tips (Files, Folders and Dialogs) - -- [How can I make all files in a folder, or all files in all recursive folders Elevated, Blocked, or Allow & Log?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/allfiles.md) - -## Tips and SecureRun (TM) - -- [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md) -- [How do I setup SecureRun when there are so many variables and still ensure my rules work no matter what version of the software I have I installed?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/setup.md) -- [When Endpoint Policy Manager SecureRun(TM) is turned on, PowerShell won't run. How can I re-enable this?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/enablepowershell.md) -- [What is the supported list of BLOCKED script types for Endpoint Policy Manager SecureRun™ ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/blockedscripttypes.md) -- [How to run WebEx Meeting as regular user when SecureRun is enabled](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/webex.md) -- [How to install and run MYKI Password Manager as regular user when SecureRun is enabled](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/mykipasswordmanager.md) -- [How do I allow a Chrome extension blocked by SecureRun to be installed?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/chromeextension.md) -- [Least Privilege Manager and SecureRun Implementation Best Practices](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/bestpractices.md) -- [How does the option "Show Admin Approval dialog for untrusted application" in Admin Approval work?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/adminapprovalwork.md) - -## Tips for Admin Approval, Self Elevate, Apply on Demand, SecureCopy and UI Branding - -- [Can I use Endpoint Privilege Manager to LOWER / remove admin rights from Administrators from an application or process, like Internet Explorer?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/reduceadminrights.md) -- [I elevated an application, but drag and drop between the elevated and other non-elevated applications isn't working anymore. What can I try?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/dragdrop.md) -- [How do I use the Filter section in Endpoint Privilege Manager ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/scope.md) -- [How do I install an Active X control if it is not digitally signed?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/activexcontrol.md) -- [How to Defend against malicious PowerShell attacks (DLLs)?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/maliciousattacks.md) -- [How can I integrate Endpoint Privilege Manager and Servicenow (or any other help desk) via email?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/servicenow.md) -- [Least Privilege Manager - How to create a Self-Elevation policy for local groups of Standalone computers](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/selfelevation.md) -- [How does the "Show Pop-Up" message checkbox work along side "Force user re-authenticate" and "Justification text required" checkboxes?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/optionsshowpopupmessage.md) -- [How does custom menu item text work after builds 23.8 and later?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/custommenuitemtext.md) - -## Tips (Old, use only if asked) - -- [Endpoint Privilege Manager: How do I elevate single line commands (second batch file method)?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/singlelinecommands.md) -- [How to elevate Print driver installation using Endpoint Privilege Manager? (alternate method)](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/printerdriverinstall.md) - -## Troubleshooting - -- [What log can help me determine why an application (MSI, etc.) was ALLOWED, ELEVATED or BLOCKED?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/determinewhy.md) -- [Why doesn't Endpoint Privilege Manager work Windows 7 + SHA256 signed.JS and .VBS files ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/supportedenvironments.md) -- [I want all the files in a folder to be ALLOWED when SecureRun is used. What is the correct syntax?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/correctsyntax.md) -- [If multiple Endpoint Privilege Manager rules would apply, which rule takes precedence?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleprecedence.md) -- [How are DRIVE MAPS and UNC paths supported in Endpoint Privilege Manager?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/drivemaps.md) -- [Why does Endpoint Policy Manager SecureRun block "inline commands" and what can I do to overcome or revert the behavior ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/inlinecommands.md) -- [How are wildcards supported when used with Path and Command-line arguments in Least Privilege Manager?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/wildcards.md) -- [How do I overcome OneDrive block prompts when SecureRun is on?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/onedrive.md) -- [Why is my File Info Deny rule for SQL MGMT Studio version 14.x and lower not working?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ssms.md) -- [Why is my File Info Deny rule for WinSCP Setup 17.x and lower not working?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/winscp.md) -- [How-to Fix EXPLORER.EXE crash when right-clicking document files, pdf, docx, xlsx, etc.?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/explorercrash.md) -- [Error message The element 'emailSettings' in namespace "…AdminApproval" has incomplete content encountered when editing Admin Approval policy](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/emailsettings.md) -- [How-to troubleshoot LPM rules for Kaseya Agent Service?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/kaseyaagentservice.md) - -## Eventing - -- [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md) -- [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md) - -## Netwrix Privilege Secure for Access Management Integration - -- [How to Resolve Could not establish trust relationship for the SSL or TLS Secure Channel error message](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/establishtrust.md) -- [How does the Netwrix Privilege Secure MMC UI relate to the Endpoint Policy Manager MMC UI?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/mmc.md) -- [How can I create Endpoint Policy ManagerLeast Privilege Manager policies with Netwrix Privilege Secure (even when the Endpoint Policy Manager Client Side Extension is unlicensed?)](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/createpolicies.md) diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/_category_.json index 872eac79bd..46adf8edb4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/_category_.json @@ -1,6 +1,6 @@ { "label": "Manual", - "position": 1, + "position": 2, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/_category_.json index 6c60b1be3d..340b9c0879 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/applicationlaunch.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/applicationlaunch.md index eff8d31ebc..1086d6af2a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/applicationlaunch.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/applicationlaunch.md @@ -33,3 +33,6 @@ to perform approval requests. The following options are honored in the Mac (and Windows) client: ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/using_macos_admin_approval_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/installclient.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/installclient.md index c15db1f8b4..ae562a5bb6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/installclient.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/installclient.md @@ -47,3 +47,6 @@ Mac policies are then created in the in-cloud editors against the All | MacOS gr Groups’ macOS group like what’s seen here. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/how_to_install_the_endpointpolicymanager_7.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/_category_.json index 883c8954b2..a1d4deab6a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/cloudlog.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/cloudlog.md index 9a1910ad4a..e61691775f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/cloudlog.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/cloudlog.md @@ -14,3 +14,6 @@ working, endpointpolicymanagerd.log will give tell not only what processes were what processes weren’t – and may should have been. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/troubleshooting/mac/understanding_cloud_log.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/logs.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/logs.md index 1e6e4ef691..73bd20bafc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/logs.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/logs.md @@ -11,3 +11,6 @@ Support, zip up these three logs. As the customer, you can find useful informati endpointpolicymanagerd.log and cloud.log (details later in this document). ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/mac/1329_1_6e10551394ec326177434ffc228df475.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/overview.md index c5b1a0640b..d49b212fdc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/overview.md @@ -8,3 +8,6 @@ sidebar_position: 40 Troubleshooting usually involves trying to understand why a rule isn’t applying. In this section we will understand the log files and how to use them. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/reports.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/reports.md index 287ed83c1a..d6d59d8489 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/reports.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/mac/reports.md @@ -26,3 +26,6 @@ For offline analysis, the report can be exported to either Excel or, if very lar can be done before or after filtering. ![A screenshot of a loginDescription automatically generated](/images/endpointpolicymanager/leastprivilege/mac/1329_13_50b225886bba8747a9460411f4662cc9.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/overview.md index 9a6e990307..1326df53d7 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/overview.md @@ -28,3 +28,6 @@ Supported versions of the MacOS client are: Mac OS 13 Ventura Mac OS 14 Sonoma + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/_category_.json index 41609cfee8..40f935fbd4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/conditions.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/conditions.md index a357976086..222be5c232 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/conditions.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/conditions.md @@ -53,3 +53,6 @@ Teacher2, etc.) to perform the work. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/scenarios/conditions_6.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/launchcontrol.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/launchcontrol.md index fc313e14d9..0b6913348b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/launchcontrol.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/launchcontrol.md @@ -45,3 +45,6 @@ Other actions besides Deny Execution are Allow Execution, with some options: Examples of the dialog boxes may be seen here: ![Screens screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/scenarios/application_launch_approval_5.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macfinder.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macfinder.md index 549707e976..c156bbfebc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macfinder.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macfinder.md @@ -74,3 +74,6 @@ The three action types on a rule are: See the [Endpoint Policy Manager MacOS: Mac Finder Policies](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/finder.md) video for examples of Action types with Finder policies + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macprivhelper.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macprivhelper.md index 60204b606f..a06bbfbbe4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macprivhelper.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/macprivhelper.md @@ -73,3 +73,6 @@ The three action types on a rule are: [Endpoint Policy Manager for Mac and Admin Approval](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/adminapproval.md) for additional information on this topic. - Credentials — User must re-enter credentials for the task to be performed + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/mountunmount.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/mountunmount.md index 22f5231ef3..cba3476aea 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/mountunmount.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/mountunmount.md @@ -52,3 +52,6 @@ The result of trying to attach a new device by USB can be seen here, as Endpoint blocked it. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/scenarios/mount_unmount_for_usb_and_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/overview.md index 8321bc828c..ee2c55546b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/overview.md @@ -17,3 +17,6 @@ Endpoint Policy Manager for Mac supports a variety of scenarios: - Privilege Elevation — Elevate applications which have helper applications ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/scenarios/supported_scenarios_and_policy.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/packageinstallation.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/packageinstallation.md index 2ef487c38e..f44fb865de 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/packageinstallation.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/packageinstallation.md @@ -17,3 +17,6 @@ When a standard user attempts to install a .PKG file they are not allowed to do Skype for Business prompts the user for admin credentials before installing. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/scenarios/package_installation_policy.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/sudo.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/sudo.md index 1e73f2e126..6957fd425c 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/sudo.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/sudo.md @@ -42,3 +42,6 @@ After the policy is synced, the result on the client can be seen here, where the runs without password requirement. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/mac/scenarios/sudo_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/systemsettings.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/systemsettings.md index 1ee00a8716..ff1e406cb8 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/systemsettings.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/macos/scenarios/systemsettings.md @@ -33,3 +33,6 @@ Wi-Fi System Settings. Without Endpoint Policy Manager policy, the system asks for administrator confirmation to change system settings for the standard user. With Endpoint Policy Manager you are able to provide the ability to change settings without administrator involvement. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/_category_.json index edc0dbde3f..1ba4960be9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/_category_.json index 7323accf42..35c47d62a0 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/additionaldetails.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/additionaldetails.md index 23d0618be0..88b04361c2 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/additionaldetails.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/additionaldetails.md @@ -9,4 +9,7 @@ sidebar_position: 40 Want to always force your additional details into the Email method? With this feature, what you put into Admin Approval - Additional Details can be sent up to you alongside the request code. - + + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/avoidpopups.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/avoidpopups.md index 49b3c2be7d..be20c47259 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/avoidpopups.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/avoidpopups.md @@ -67,3 +67,6 @@ canceled dialogs, like the one shown here. There is more information on using Event Viewer with Endpoint Policy Manager at the end of this guide, with specific event IDs to search for. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/_category_.json index a703798fcc..45ac3b5893 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "gettingstarted" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/gettingstarted.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/gettingstarted.md index de75793c88..73b06d6e9b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/gettingstarted.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/gettingstarted.md @@ -68,3 +68,6 @@ not a PolicyPak Admin Approval prompt. These instances include: Chrome installer shows a UAC prompt to see if a user can or wants to install Chrome for all users. To help work around this issue, we provide the **Enforce Admin Approval for all installers** option, which is explained later. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkey.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkey.md index f6eb4448b3..42206505a1 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkey.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkey.md @@ -55,3 +55,6 @@ Click on the **Misc** tab, which enables you to configure the two policies shown This setting should be set to **Enforce Admin Approval for all installers**. Click **OK** to save the Admin Approval policy, which will appear on the Computer side of Endpoint Policy Manager Least Privilege Manager within the GPO. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkeysecure.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkeysecure.md index 83def6a7d8..dfbf151c47 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkeysecure.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/gettingstarted/secretkeysecure.md @@ -52,3 +52,6 @@ You can verify the computer got the GPO key by opening an Admin command prompt, shown here. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/adminapproval/securing_the_secret_key_when_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/overview.md index 453dfebfe8..2ce279865b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/overview.md @@ -9,3 +9,6 @@ sidebar_position: 40 Endpoint Policy Manager Admin Approval is a method that allows users to continue working if they are offline or don’t have any predefined rules for bypassing a UAC prompt. In this way, users can request to bypass UAC prompts from admins, allowing them to keep working. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/test.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/test.md index 8ebd4ab5b6..609b179df4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/test.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/test.md @@ -82,3 +82,6 @@ You can also see and launch the Admin Approval Tool from within a GPO, provided key inside the GPO, as seen here. ![A computer screen shot of a computer screen Description automatically generated](/images/endpointpolicymanager/leastprivilege/adminapproval/testing_admin_approval_4.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/useemail.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/useemail.md index 17c667bdb3..618cb4b7a5 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/useemail.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/adminapproval/useemail.md @@ -49,3 +49,6 @@ You can then check the item using VirusTotal (optional) and get the response cod board and/or send an email back to the user. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/adminapproval/using_email_for_admin_approval_3.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/_category_.json index 6b1c959747..6e064b4659 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/ondemand.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/ondemand.md index d9af708947..dcf4dc378d 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/ondemand.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/ondemand.md @@ -50,3 +50,6 @@ information on Global Settings Policy. When the user does this, the application launches, bypassing the UAC prompt. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/overview.md index 9e559587b9..aedab8efc1 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/overview.md @@ -9,3 +9,6 @@ sidebar_position: 30 Not all of your users need to have the same privileges. You may want to give advanced users, such as developers or first level support personnel, the ability to perform elevation whenever they need it. In this section we will explore Apply on Demand rules, and also Self-Elevation rules. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/selfelevation.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/selfelevation.md index 5a8e24c956..c2b0d8e279 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/selfelevation.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/apply/selfelevation.md @@ -83,3 +83,6 @@ associated with Endpoint Policy Manager Self Elevation. Note that the username a included in the log information. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/rules/apply/self_elevation_rules_8.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/automatic.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/automatic.md index dc06cb09de..5739459688 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/automatic.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/automatic.md @@ -90,3 +90,6 @@ Rules are now exported. The result after looking at the GPO is shown here, with your rules ready to go. ![policypak_automatic_rules_10](/images/endpointpolicymanager/leastprivilege/tool/rulesgenerator/endpointpolicymanager_automatic_rules_10.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/brandcustomize.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/brandcustomize.md index e2318a4d93..385b59dd15 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/brandcustomize.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/brandcustomize.md @@ -40,3 +40,6 @@ Hereis an example of changing the Admin Approval Client Branding using Global Se A result of changing the Admin Approval Dialog with the changed settings looks like this. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/branding_and_customization_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/_category_.json index d54c75684b..8e74268023 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/audit.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/audit.md index 2e7a3284d2..eaeacdfaf8 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/audit.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/audit.md @@ -43,3 +43,6 @@ change these as you need to for your situation. The result is a policy which performs the action (Elevate or Allow and Log). ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/events/createpolicy/creating_policy_from_audit_4.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/_category_.json index ebbe835ccf..be7e4ed1c6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/localadmins.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/localadmins.md index cb439aaa38..4b88469085 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/localadmins.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/localadmins.md @@ -20,3 +20,6 @@ as shown here. With the auditing information, you can make a Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager Elevate rule to overcome this when the user is transitioning from being a local admin to being a standard user. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/overview.md index da0180ff9e..056797e52a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/overview.md @@ -56,3 +56,6 @@ Enabling these settings will write special events to the event logs. all unsigned” option would block unsigned applications. We'll discuss each of these auditing events in the next sections. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusers.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusers.md index 55cebffb72..b7a6fb191f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusers.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusers.md @@ -23,3 +23,6 @@ items are (a) COM elevation, used by network adapters, date & time, etc. (b) Win (c) apps that use ShellExecute or RunAs, such as ProcMon or TreeSizeFree. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusersuntrusted.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusersuntrusted.md index d260c50fc4..55ecb24158 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusersuntrusted.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/auditingsettings/standardusersuntrusted.md @@ -36,3 +36,6 @@ Final thoughts: - This event will not occur when the file is owned by another administrator, or applications are used over the network and not on the local drive. - These events are not generated when SecureRun™ is not activated. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/client.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/client.md index 3248b5df44..ba3dfb4b89 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/client.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/client.md @@ -11,3 +11,6 @@ is Event 100, which describes when a User or Computer picks up new Endpoint Poli Privilege Manager policies. An example of this kind of event can be seen here. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/events/client_events.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/overview.md index 53f130ed91..c5be58ad75 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/events/overview.md @@ -34,11 +34,11 @@ forwarding to capture and forward events from multiple machines. In this way you multiple users are doing and look through the events for interesting ideas to convert into rules. - See the - [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md) + [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md) topic to learn more about event forwarding. - You can also use Netwrix Auditor to capture events from endpoints to bring them to a centralized source for investigation. See the - [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md) + [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/reports.md) topic for additional information. - You can use Azure Log Analytics to store Endpoint Policy Manager Least Privilege Manager events. See the diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview.md index a26109010c..862c0783f8 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview.md @@ -125,3 +125,6 @@ Least Privilege Manager. This manual is designed to give you the basic concepts and operational scenarios you may encounter, but once you get those down, you are free to use whatever delivery method is best for your organization. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview_1.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview_1.md index 6d007da098..0ecb064404 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview_1.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overview_1.md @@ -107,3 +107,6 @@ Admin Approval Dialog (2018/07/14, 15:56:10.279, PID: 1360, TID: 2920) If requested by support, logs are automatically wrapped up and can be sent to Netwrix Support with the PPLOGS.EXE command on any endpoint where the client-side extension is installed. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/_category_.json index 220827a91e..7ea098513d 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overviewmisc" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/acltraverse.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/acltraverse.md index f61f51155e..0d7ce98546 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/acltraverse.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/acltraverse.md @@ -55,3 +55,6 @@ See the video for a demo of ACL Traverse and Registry. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/_category_.json index e4af4197a0..18b88c3fea 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/childprocesses.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/childprocesses.md index 2592c12f10..2f7d97b324 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/childprocesses.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/childprocesses.md @@ -36,3 +36,6 @@ mechanisms to prevent application to child processes in all circumstances. application is not signed by the same signed vendor who originated the process. - Don't apply to unrelated executables. Don't pass the elevation status if the application is not in the same directory structure (including recursively). + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/commandline.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/commandline.md index 4150df5827..da92c8e680 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/commandline.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/commandline.md @@ -74,3 +74,6 @@ generated](/images/endpointpolicymanager/leastprivilege/bestpractices/rules/crea Since the arguments are being specified, a user cannot add their own .REG files; they can only add those specified by the admin (e.g., on a server where they could only read and not modify it). + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/dontelevate.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/dontelevate.md index 391f558ff4..6bcba866ca 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/dontelevate.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/dontelevate.md @@ -39,3 +39,6 @@ right click inside the Open/Save dialog and gain elevated privilege to launch ot If, however, you need the Open/Save dialog to be elevated, you can uncheck the option, and the Open/Save dialog will be elevated as well. This is sometimes required if applications require access to files or directories that the standard user doesn't have access to. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/examplesavoid.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/examplesavoid.md index 54af87003e..bc2aa4c5bc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/examplesavoid.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/examplesavoid.md @@ -75,3 +75,6 @@ takes a little more work to make the exact rules you need for the least amount o for users to do their jobs. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/executablecombo.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/executablecombo.md index 48c006b0d6..8a18f388c4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/executablecombo.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/executablecombo.md @@ -80,3 +80,6 @@ complete, the MMC list will demonstrate the multiple conditions in the **Conditi Description automatically generated](/images/endpointpolicymanager/leastprivilege/bestpractices/rules/creating_and_using_executable_5.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/fileinfo.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/fileinfo.md index ea15249519..fd2f061caf 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/fileinfo.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/fileinfo.md @@ -70,3 +70,6 @@ for matching MSI product codes. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/bestpractices/deeper_dive_on_file_info_7.webp) This makes the **Product Info Condition** a powerful tool, when used alone or with a Combo rule. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/overview.md index 77b8ce221e..646eed7f0e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/bestpractices/overview.md @@ -22,3 +22,6 @@ When possible use the Best Practice Signature Condition alongside and File Info rule. This is because both of these items have digital signatures. With that in mind, let’s go over some “What not to dos” before we continue on with Best Practices. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/export.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/export.md index 4a30ed6ca3..eee5425958 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/export.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/export.md @@ -28,3 +28,6 @@ videos, Exported collections or policies maintain any Item-Level Targeting set within them. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/itemleveltargeting.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/itemleveltargeting.md index ae52bbdd7e..771d7858d9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/itemleveltargeting.md @@ -81,3 +81,6 @@ Level Targeting, as seen below. When Item-Level Targeting is on, the policy won’t apply unless the conditions are true. If Item-Level Targeting is applied to a collection, then none of the items in the collection will apply unless the Item-Level Targeting on the collection evaluates to true. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/overviewmisc.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/overviewmisc.md index 7de3b746bb..674d819299 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/overviewmisc.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/overviewmisc.md @@ -16,3 +16,6 @@ In this section you will learn the following basics: - Understanding processing order and precedence - Exporting Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager items for Endpoint Policy Manager Cloud, Microsoft Endpoint Manager (SCCM and Intune), or MDM + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/parentprocessfilter.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/parentprocessfilter.md index e03eb2d884..650c4dbd45 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/parentprocessfilter.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/parentprocessfilter.md @@ -18,3 +18,6 @@ application is actually performing the action (in this case with **Signature** a being checked first before the child application is launched elevated.) ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/understanding_parent_process.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/processorderprecedence.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/processorderprecedence.md index 02eb354259..d79876e130 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/processorderprecedence.md @@ -31,3 +31,6 @@ be used when specific users log on. If SecureRun™ is enabled and performs work processes), then user-created processes aren’t created unless expressly allowed with the Allow and log rule. At this point, each rule is applied one by one to perform elevation (or Block or Allow and log). + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/reauthentication.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/reauthentication.md index a699112da0..d90fd165dc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/reauthentication.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/reauthentication.md @@ -82,3 +82,6 @@ The User must re-authenticate, then when a pop-up is shown, theuser must type in **OK** is allowed an application proceeds. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/understanding_re_authentication_8.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/_category_.json index 07512b4cbc..67787b0b43 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockadmins.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockadmins.md index 07df08a9ad..1d2cde357c 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockadmins.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockadmins.md @@ -45,3 +45,6 @@ Again, rule 2, the rule that does the ELEVATE or ALLOW, is just a standard rule, the user or computer side. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/scopefilters/scenario_3_running_or_elevating_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockapp.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockapp.md index 77e556b99c..4b00b45cc7 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockapp.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockapp.md @@ -26,3 +26,6 @@ You can shore up this attack vector by making the explicit deny rule on the Comp When you do, PowerShell is blocked for Standard and System. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/scopefilters/scenario_2_specific_rule_to_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockpowershell.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockpowershell.md index e3c24f6990..b98fd20487 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockpowershell.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/blockpowershell.md @@ -22,3 +22,6 @@ set the scope to User and System processes, but use the scope Filter to SYSTEM. Result: ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/scopefilters/scenario_2b_block_powershell_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/elevateserviceaccount.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/elevateserviceaccount.md index c4b92f570c..9a2b371339 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/elevateserviceaccount.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/elevateserviceaccount.md @@ -39,3 +39,6 @@ Tip: It's also possible to use Scope Filter = SERVICES to make the rule apply to run from the specified .exe, regardless of the user. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/scopefilters/scenario_4_elevating_a_service.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/enhancedsecurerun.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/enhancedsecurerun.md index 977155c14e..ea12462f3a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/enhancedsecurerun.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/enhancedsecurerun.md @@ -43,3 +43,6 @@ This would strengthen security if malware ended up using an elevated process to its work as LOCAL SYSTEM and tries to run an un-trusted file. Therefore, when the application (.EXE) or script, etc. was attempted to fire off, the attack will fail because the user isn’t on the SecureRun trusted list. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/overview.md index 8c57dfa6d1..7ac01fa24a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/scopefilters/overview.md @@ -28,3 +28,6 @@ User side. In this topic, we will explore various use cases when you might use the Policy Scope option (which again, will only be un-gray / valid on the Computer side.) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/securecopy.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/securecopy.md index 5a3de8161c..267cea07ca 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/securecopy.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/securecopy.md @@ -41,3 +41,6 @@ The result is that users can now use the Copy with Endpoint Policy Manager Secur copy items from your store to their locations and then perform automatic elevation on those items. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/understanding_securecopy_5.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/wildcards.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/wildcards.md index e256632677..67141d937f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/wildcards.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/overviewmisc/wildcards.md @@ -36,3 +36,6 @@ You want to try to be as restrictive as possible when using Wildcards; the more open up, the less secure you will be. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preconfiguredxmls.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preconfiguredxmls.md index eedaf50609..a067972dbc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preconfiguredxmls.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preconfiguredxmls.md @@ -42,3 +42,6 @@ installation. These examples may or may not work, depending on specific circumstances so be sure to test before rolling out. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preferences.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preferences.md index 65ae6146e9..acf9df9780 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preferences.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/preferences.md @@ -45,3 +45,6 @@ user account should be members. This is achieved by clicking the **Add** button Once the policy is deployed, you will have removed all non-privileged users from the local admins group of all targeted desktops. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/_category_.json index cddb558b92..9acdc55553 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/client.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/client.md index e426a66985..c78168e373 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/client.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/client.md @@ -54,3 +54,6 @@ In the next section we will see how to create Netwrix Endpoint Policy Manager (f Netwrix Privilege Secure policies which will not need an endpoint license to work out of the box. Again, the idea is that you are already paying for an Netwrix Privilege Secure license, and because Netwrix Privilege Secure is involved in the policy, those policies work on the endpoint for free. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/gui.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/gui.md index 74a41cd394..2e52c63008 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/gui.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/gui.md @@ -62,3 +62,6 @@ MSI, you maintain your console with upgrades only via the Endpoint Policy Manage and don’t attempt a re-install of Netwrix Privilege Secure Console MSI. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/overview.md index e9689de3fe..3862bff268 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/overview.md @@ -40,3 +40,6 @@ All Netwrix Privilege Secure + Endpoint Policy Manager documentation from Netwri Privilege Secure can be found in [Netwrix Privilege Secure for Endpoints Documentation](https://helpcenter.netwrix.com/category/privilegesecure_endpoints). ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/_category_.json index 66105d5c4d..210d7c894c 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "policymatch" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/policymatch.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/policymatch.md index 50631a9eb7..3be9848fe3 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/policymatch.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/policymatch.md @@ -10,3 +10,6 @@ Credential Based Policy Match takes a matching process and uses Netwrix Privileg another user’s behalf. In this example we will launch `NotepadP.exe` as `EastSalesUser1`, but Netwrix Privilege Secure will broker the connection and actually launch the process as `EastSalesAdmin9` from Active Directory. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/releaseresults.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/releaseresults.md index fe35240c7e..9be5dea110 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/releaseresults.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/releaseresults.md @@ -21,3 +21,6 @@ brokering the operation and the Netwrix Endpoint Policy Manager (formerly Policy Manager client is changing the context to that user. ![credential_release_results_2](/images/endpointpolicymanager/integration/privilegesecure/credentialbased/credential_release_results_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/setuppolicy.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/setuppolicy.md index 558a6e7d61..37c2ac96ad 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/setuppolicy.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/policymatch/setuppolicy.md @@ -32,3 +32,6 @@ Back on the Netwrix Privilege Secure server, you need to make sure there is a ma Based** policy. ![setting_up_the_policypak_policy_2](/images/endpointpolicymanager/integration/privilegesecure/credentialbased/setting_up_the_endpointpolicymanager_policy_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/_category_.json index f8f94b9641..327b95366a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "policymatch_1" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/closingbrokeredprocesses.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/closingbrokeredprocesses.md index e5e5b573de..d4bdf31a29 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/closingbrokeredprocesses.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/closingbrokeredprocesses.md @@ -12,3 +12,6 @@ When the activity / process is terminated, you get the following message. Additionally, if the **Enable Video Recording (Netwrix Privilege Secure**) option was checked, a video session recording is sent to the server for processing. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/policymatch_1.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/policymatch_1.md index 2ba5910de3..75d3ba6ae3 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/policymatch_1.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/policymatch_1.md @@ -41,3 +41,6 @@ You’ll run the command as `EastSalesUser1`, and give your Active Directory cre The result is that a new Domain Admin account is created for this one session and deleted after use. ![resource_based_policy_match_4](/images/endpointpolicymanager/integration/privilegesecure/resourcebased/resource_based_policy_match_4.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/storedvideos.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/storedvideos.md index cd4f211c24..c4763999b7 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/storedvideos.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/resourcebased/storedvideos.md @@ -13,3 +13,6 @@ Back at the Netwrix Privilege Secure server, your videos are found in the **Dash **Historical videos** section. ![watching_stored_videos](/images/endpointpolicymanager/integration/privilegesecure/resourcebased/watching_stored_videos.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/together.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/together.md index 696e85a161..0f2947f993 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/together.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/privilegesecure/together.md @@ -48,3 +48,6 @@ check the checkbox and configure the setting for **Resource Based Policy** or ** Policy**. ![getting_started_netwrix_privilege_1](/images/endpointpolicymanager/integration/privilegesecure/gettingstarted/getting_started_netwrix_privilege_1.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/_category_.json index 66d7182f6c..51ce96ff30 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/activexitems.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/activexitems.md index 51bc1923c3..662455526e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/activexitems.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/activexitems.md @@ -26,3 +26,6 @@ You can use ActiveX rules and specify the CAB file you want to permit. Then, clicking on **Validate & Add** will attempt to determine if the CAB is signed and add that requirement to the rule. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/com_cslidclass.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/com_cslidclass.md index f73cdf697c..178d37993b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/com_cslidclass.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/com_cslidclass.md @@ -41,3 +41,6 @@ function will not work as expected. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/elevate/elevating_com_cslid_class_3.webp) After the policy applies, the COM item will have its UAC prompt overcome. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/controlpanelapplets.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/controlpanelapplets.md index 1e4533735d..33fa33cad9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/controlpanelapplets.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/controlpanelapplets.md @@ -30,3 +30,6 @@ At this point, GPupdate can be run and tested on the endpoint. You should bypass be prompted for Device Manager and the Disk Defragmenter, as shown here. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/elevate/elevating_control_panel_applets_4.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/customizedtoken.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/customizedtoken.md index f3f336d387..3e8c9b44d4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/customizedtoken.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/customizedtoken.md @@ -21,5 +21,8 @@ The common use cases for needing to manage a customized token are: [Reduce or specify Service Account Rights](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/serviceaccountrights.md) video demonstration. - Drag-and-drop issues between applications. For ore information, see the - [I elevated an application, but drag and drop between the elevated and other non-elevated applications isn't working anymore. What can I try?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/dragdrop.md) + [I elevated an application, but drag and drop between the elevated and other non-elevated applications isn't working anymore. What can I try?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/dragdrop.md) topic. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/_category_.json index bd1ff481b5..f2aa587601 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/dlls.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/dlls.md index c539b9e1e9..a458fbf23b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/dlls.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/dlls.md @@ -21,7 +21,10 @@ Then you can **Deny execution** of the DLL when it is encountered. :::note Some additional details and examples can be found in the -[How to Defend against malicious PowerShell attacks (DLLs)?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/maliciousattacks.md) +[How to Defend against malicious PowerShell attacks (DLLs)?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/maliciousattacks.md) topic. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/overview.md index eb739d7e56..2acdc1660f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/overview.md @@ -9,3 +9,6 @@ sidebar_position: 80 You might have a scenario where you want to block specific EXE files, UWP applications, scripts, JAR files, or MSIs from launching. Sometimes this is called "Application Control" or "Blacklisting." In this section you will learn how to perform this operation for Standard and UWP applications. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/standard.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/standard.md index d624dca28a..ff32a29885 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/standard.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/standard.md @@ -39,3 +39,6 @@ corporate policies. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/deny/denying_standard_applications_3.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/windowsuniversal.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/windowsuniversal.md index e29df3f024..cec442e39e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/windowsuniversal.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/deny/windowsuniversal.md @@ -62,3 +62,6 @@ UWP applications are denied, but then applications with "Calc" or "Store" in the the publisher are allowed to run as shown below. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/deny/denying_uwp_applications_6.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/executables.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/executables.md index 1619fc429b..d834f5133e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/executables.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/executables.md @@ -126,3 +126,6 @@ On your endpoint, log on as the user who will obtain the GPO (e.g., EastSalesUse GPupdate. Once the GPO applies, Process Monitor will run without a UAC prompt, as demonstrated here. ![elevating_executables_9](/images/endpointpolicymanager/leastprivilege/elevate/elevating_executables_9.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/javajarfiles.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/javajarfiles.md index d2b7069437..8c88dcdd28 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/javajarfiles.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/javajarfiles.md @@ -22,3 +22,6 @@ To start making rules for Java JAR files right-click in the window and select ** (JAR) Policy**. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/elevate/elevating_java_jar_files.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/msiinstallerfiles.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/msiinstallerfiles.md index 8ed783bdc7..f0e5157782 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/msiinstallerfiles.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/msiinstallerfiles.md @@ -49,3 +49,6 @@ again. This time the UAC prompt is removed from the Install icon, and the MSI ap install as expected. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/elevate/elevating_msi_installer_files.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/overview.md index a91b97886c..cef1cb4ce6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/overview.md @@ -12,7 +12,7 @@ Endpoint Policy ManagerLeast Privilege Manager is located within the Netwrix Pri :::note You will only see all components of Endpoint Policy Manager if you download the Endpoint -Policy Manager Admin Console from Portal.endpointpolicymanager.com, but not if you are using only the Netwrix +Policy Manager Admin Console from Portal.policypak.com, but not if you are using only the Netwrix Privilege Secure console. ::: @@ -119,3 +119,6 @@ Manager. When you download these applications, it is ideal to store them in two places. The first copy should be sitting on your endpoint. The second copy should be sitting on your Group Policy management station, as these will also be required to help create the rules for these examples. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/scripts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/scripts.md index bd077cad12..d5bf060741 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/scripts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/rules/scripts.md @@ -37,3 +37,6 @@ The script types that are supported for elevation and for blocking are: These script types can also be blocked automatically and universally by using the Endpoint Policy Manager Least Privilege Manager SecureRun™ feature, as described in later topics. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/_category_.json index 29b418ee79..2fad28b4da 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/avoiduac.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/avoiduac.md index 5ac499d292..001f80063b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/avoiduac.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/avoiduac.md @@ -30,3 +30,6 @@ For more information on Combo rules, see ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/securerun/creating_rules_to_avoid_uac_1.webp) After the rules are created, you should not see pop-ups from installers with rules in place. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/inlinecommands.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/inlinecommands.md index 012a5d9865..bdd734bb33 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/inlinecommands.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/inlinecommands.md @@ -23,5 +23,8 @@ article. SecureRun will automatically try to block such attempts. For more information on how to deal wit this issue, please see -[Why does Endpoint Policy Manager SecureRun block "inline commands" and what can I do to overcome or revert the behavior ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/inlinecommands.md) +[Why does Endpoint Policy Manager SecureRun block "inline commands" and what can I do to overcome or revert the behavior ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/inlinecommands.md) for guidance and details. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/overview.md index c08ebbe63d..a60a412a3f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/securerun/overview.md @@ -134,3 +134,6 @@ on this topic, please see the video demonstration. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/_category_.json index e53d334708..edc0aaa50e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "uacprompts" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/admx.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/admx.md index e1acc2328f..c6ecf07473 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/admx.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/admx.md @@ -65,3 +65,6 @@ The result of these settings can be seen here, where only a limited number of pr for removal. ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/tool/helper/using_the_endpointpolicymanager_least_2.webp) + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/elevate.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/elevate.md index 179bedf582..a80796aece 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/elevate.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/elevate.md @@ -36,3 +36,6 @@ the[Getting the helper tools as desktop shortcuts](/docs/endpointpolicymanager/c video. ::: + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/uacprompts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/uacprompts.md index 7afcc41a26..0b53745265 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/uacprompts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/manual/windows/uacprompts/uacprompts.md @@ -45,3 +45,6 @@ that they no longer need, they will also be prevented by a UAC prompt, seen here ![A screenshot of a computer Description automatically generated](/images/endpointpolicymanager/leastprivilege/tool/helper/overcoming_common_uac_prompts_1.webp) After setting up Endpoint Policy Manager’s Helper Tools, you can overcome all three of these issues. + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/overview.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/overview.md index f85662aad5..5da9b44040 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/overview.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/overview.md @@ -18,3 +18,6 @@ Complete documentation for using Endpoint Privilege Manager: ### 🔧 Tech Notes Implementation guides and technical documentation: - **Implementation QuickStart Guide** - Step-by-step setup procedures + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/_category_.json index 24bc43ccdd..523b305766 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/_category_.json @@ -1,6 +1,6 @@ { "label": "Tech Notes", - "position": 2, + "position": 1, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/_category_.json similarity index 93% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/_category_.json index 63ef7864e4..09ffb21009 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Eventing", - "position": 100, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Eventing", + "position": 100, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/reports.md similarity index 100% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/reports.md diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/subprocesses.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/subprocesses.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/subprocesses.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/subprocesses.md index 0f4a48793e..ef95600e82 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/subprocesses.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/subprocesses.md @@ -20,3 +20,5 @@ If you are not seeing this be sure to upgrade to latest CSE. Remember, internal commands like: DIR or SET won't be logged; the command must be an external command. ::: + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md index 3b83542390..513370ded0 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md @@ -137,3 +137,5 @@ under the Forwarded Events log. ![381_28_image-20191023214431-15](/images/endpointpolicymanager/leastprivilege/381_28_image-20191023214431-15.webp) ![381_30_image-20191023214431-16_950x303](/images/endpointpolicymanager/leastprivilege/381_30_image-20191023214431-16_950x303.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/implementationguide.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/implementationguide.md index 8cedde891d..0cab7bc64e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/implementationguide.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/implementationguide.md @@ -38,10 +38,10 @@ The Endpoint Policy Manager Portal is where you download Endpoint Policy Manager for when using Endpoint Policy Manager with On-Prem or MDM. You’ll even use the Endpoint Policy Manager Portal a little for Endpoint Policy Manager Cloud because you’ll need those downloads to make your perfect Endpoint Policy Manager Cloud test lab (explained later.) That URL is -Portal.endpointpolicymanager.com. +Portal.policypak.com. :::note -Endpoint Policy Manager Cloud has its own URL, which is Cloud.endpointpolicymanager.com, and is +Endpoint Policy Manager Cloud has its own URL, which is Cloud.policypak.com, and is considered the Endpoint Policy Manager Cloud Service. Please see the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md) for an overview of what is in the download, how to download, unpack, and get organized and quick licensed. @@ -233,7 +233,7 @@ Endpoint Policy Manager Cloud. If you are already a Netwrix Auditor Customer, you can forward interesting Endpoint Policy Manager Least Privilege Manager events from endpoint computers to Netwrix Auditor so you can take action. This is recommended if you already own Netwrix Auditor For more information on this, please see: -[How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md). +[How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/reports.md). An example of the kind of data you get back can be seen here. @@ -242,7 +242,7 @@ An example of the kind of data you get back can be seen here. You may also use the in-box Windows Event System to forward interesting Endpoint Policy Manager Least Privilege Manager events from endpoint computers to a central source. The steps to do this are found here: -[How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md) +[How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md) You may also use Azure Log Analytics if you wish to store interesting Endpoint Policy Manager Least Privilege Manager events from endpoints in Azure. For more information on this issue, please see: @@ -362,7 +362,7 @@ actions, please see [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md) For general tips on how to use SecureRun™ please see -[How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md) +[How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md) ## Final Thoughts @@ -383,9 +383,9 @@ Estimated Milestone Details and Target Dates | Milestone | Details & Tasks | | | ----------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| M1 Pre-Requisites |
  • Verify you actually want to use Endpoint Policy Manager + Group Policy method and not some other method or some kind of hybrid approach: See [PolicyPak Solution Methods: Group Policy, MDM, UEM Tools, and PolicyPak Cloud compared](https://helpcenter.netwrix.com/bundle/endpointpolicymanager/page/Content/endpointpolicymanager/Video/GettingStarted/SolutionMethods.html).
  • Identify 3 friendly developers for this project.
  • Identify the remaining devices for POC, but focus on first three.
  • Download Endpoint Policy Manager from portal.endpointpolicymanager.com and get organized. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md) .
  • Get the Endpoint Policy Manager Quickstart Guide. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md) .
  • Get familiar with Endpoint Policy Manager + Group Policy Basics . See [Endpoint Policy Manager Explained: In about two minutes](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/explained.md)
  • On three developer machines perform the quick-licensing method via rename method. See [What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) or run licensing tool. After receiving your trial keys from sales, install your trial or full licenses for your on-prem Active Directory. See [How to install UNIVERSAL licenses for NEW Customers (via GPO, SCCM or MDM)](/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md)
  • Install the Endpoint Policy Manager CSE on the three developer stations.
  • Move 3 developers into Active Directory OU named “Endpoint Policy Manager Test Devs” .
  • Verify Endpoint Policy Manager Least Privilege Manager is working with the “Device Manager” test. See [Kill Local Admin Rights (Run applications with Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md)
  • Create a Group Policy Object which turns on PPLPM Global Auditing. See [Use Discovery to know what rules to make as you transition from Local Admin rights](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md) .
  • Identify KNOWN applications for Development stations which require Admin rights.
| Day 1
  • 3
| +| M1 Pre-Requisites |
  • Verify you actually want to use Endpoint Policy Manager + Group Policy method and not some other method or some kind of hybrid approach: See [PolicyPak Solution Methods: Group Policy, MDM, UEM Tools, and PolicyPak Cloud compared](https://helpcenter.netwrix.com/bundle/endpointpolicymanager/page/Content/endpointpolicymanager/Video/GettingStarted/SolutionMethods.html).
  • Identify 3 friendly developers for this project.
  • Identify the remaining devices for POC, but focus on first three.
  • Download Endpoint Policy Manager from portal.policypak.com and get organized. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md) .
  • Get the Endpoint Policy Manager Quickstart Guide. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md) .
  • Get familiar with Endpoint Policy Manager + Group Policy Basics . See [Endpoint Policy Manager Explained: In about two minutes](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/explained.md)
  • On three developer machines perform the quick-licensing method via rename method. See [What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) or run licensing tool. After receiving your trial keys from sales, install your trial or full licenses for your on-prem Active Directory. See [How to install UNIVERSAL licenses for NEW Customers (via GPO, SCCM or MDM)](/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md)
  • Install the Endpoint Policy Manager CSE on the three developer stations.
  • Move 3 developers into Active Directory OU named “Endpoint Policy Manager Test Devs” .
  • Verify Endpoint Policy Manager Least Privilege Manager is working with the “Device Manager” test. See [Kill Local Admin Rights (Run applications with Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md)
  • Create a Group Policy Object which turns on PPLPM Global Auditing. See [Use Discovery to know what rules to make as you transition from Local Admin rights](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md) .
  • Identify KNOWN applications for Development stations which require Admin rights.
| Day 1
  • 3
| | M2 Install PolicyPak CSE, common scenarios and known applications |
  • Install Endpoint Policy Manager CSE on the remaining 27 endpoints; ensure success (NO POLICIES, just the Endpoint Policy Manager moving parts)
  • (Optional) Set up Common Scenarios:
  • Printers, Remove Programs and IP Address changes. See [Overcome Network Card, Printer, and Remove Programs UAC prompts](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md)
  • Second Method for Network Cards: [COM Support](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md)
  • Create rules for KNOWN applications which require ADMIN Rights.
  • [Best Practices for Elevating User-Based Installs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md)
  • [Security and Child Processes](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md)
  • [Increase security by reducing rights on Open/Save dialogs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md)
  • [Endpoint Privilege Manager and Wildcards](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md)
  • Use Endpoint Policy Manager Preconfigured rules when you can. See [Installing applications-and-Preconfigured-Rules](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md)
| Day 4 -6 | -| M3 Set up Event Forwarding |
  • Pick one (or choose another method, like Splunk, etc.) .
  • Event Forwarding with Netwrix Auditor. See [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md)
  • Event Forwarding with Windows Eventing. See [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md)
  • Event Forwarding with Azure Log Analytics. See [Windows 10 (and Server) Event Logs to Azure Log Analytics Walkthru](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md)
| Day 7 -9 | +| M3 Set up Event Forwarding |
  • Pick one (or choose another method, like Splunk, etc.) .
  • Event Forwarding with Netwrix Auditor. See [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/reports.md)
  • Event Forwarding with Windows Eventing. See [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md)
  • Event Forwarding with Azure Log Analytics. See [Windows 10 (and Server) Event Logs to Azure Log Analytics Walkthru](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md)
| Day 7 -9 | | M4 Begin Test |
  • Remove local admin rights for 3 developer endpoints. One suggested method / demo is here (there are other ways to perform this task): [Use Group Policy to remove local admin rights (then Endpoint Policy Manager to enable Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md)
  • Start to Generate Rules from Auditing Events. See [Auto-Create Policy from Global Audit event](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md).
  • Set up Admin Approval (Secret / policy). See [Auto-Create Policy from Global Audit event](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md) and [Admin Approval demo](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md)
  • Set up Endpoint Policy Manager Least Privilege Manager “Approvers” workflow (Identify APPROVER(s), get the AA tool up and going).
  • Optionally: Set up Endpoint Policy Manager Least Privilege Manager UI branding. See [Branding the UI and Dialogs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md)
  • Deploy Admin Approval to existing systems.
  • Optional: Deploy Endpoint Policy Manager Least Privilege Manager Branding to existing systems.
  • Look at incoming EVENTS to determine the issues to make more rules.
| Day 10 | | M5 Review Events |
  • Turn on Self Elevate for existing 3 developers.
  • Create documentation for Developers on how to interact with Endpoint Policy Manager Self Elevate method. ([Self Elevate Mode](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md)).
  • Review EVENTS to determine the issues to create rules.
| Day 11 | | M6 Addition |
  • Add 7 more developer PCs to existing 3 and remove local admin rights using existing rules. (Don’t use Self elevate on new 7 endpoint, just the first three.)
| Day 12 | @@ -400,7 +400,7 @@ Estimated Milestone Details and Target Dates | M15 Addition | Add +5 endpoints Endpoint Policy Manager Active Directory OU and remove their local admin rights. | Day 21 | | M16 Review Events | Look at EVENTS to determine the issues to make more rules. | Day 22 | | M17 Remaining | Add Remaining endpoints to Endpoint Policy Manager Active Directory OU and remove their local admin rights. | Day 23 | -| M18 SecureRun (Optional) | • Turn on Global Auditing for Untrusted and Unsigned applications. • Try turning on SecureRun for three developers.
  • [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md)
  • [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md)
| Day 24 | +| M18 SecureRun (Optional) | • Turn on Global Auditing for Untrusted and Unsigned applications. • Try turning on SecureRun for three developers.
  • [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md)
  • [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md)
| Day 24 | | M19 SecureRun Rollout (Optional) | Add +5 endpoints per day and triage incoming SecureRun blocks with “Allow and Log” rules. Repeat each day with +5 endpoints. | Day 25+ | @@ -410,7 +410,7 @@ Estimated Milestone Details and Target Dates | Milestone | Details & Tasks | | | ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -| M1 Pre-Requisites |
  • Verify you actually want to use Endpoint Policy Manager + Cloud method and not some other method or some kind of hybrid approach. See [Endpoint Policy ManagerSolution Methods: Group Policy, MDM, UEM Tools, and Endpoint Policy Manager Cloud compared.](/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md)
  • Identify 3 friendly developers for this project.
  • Identify the remaining devices for POC, but focus on first three.
  • Get familiar with Endpoint Policy Manager Cloud Basics. See [Endpoint Policy Manager Cloud: Two minute introduction](/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/introduction.md)
  • Download Endpoint Policy Manager bits from portal.endpointpolicymanager.com and Cloud MSI from cloud.endpointpolicymanager.com and get organized [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md).
  • Get the Endpoint Policy Manager Quickstart Guide. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md)
  • Set up on prem test lab, even though we’re using Endpoint Policy Manager Cloud (Best Practice). See [Endpoint Policy Manager Cloud: What you need to get Started](/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/start.md).
  • Install Endpoint Policy Manager Cloud Client which automatically installs the Endpoint Policy Manager CSE on 3 devices.
  • Identify the remaining devices for POC, but focus on first three.
  • Move 3 Endpoint Policy Manager cloud joined devices to Endpoint Policy Manager Cloud Company “GROUP1”.
  • Verify Endpoint Policy Manager Least Privilege Manager is working with the “Device Manager” test. See [Kill Local Admin Rights (Run applications with Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md)
  • Turn on PPLPM Global Auditing for Cloud. See [Endpoint Policy Manager Cloud + PPLPM + Events: Collect Events in the Cloud](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/cloudevents.md)
  • Test to make sure PPC Events are seen in Endpoint Policy Manager Cloud.
  • Identify KNOWN applications for Development stations which require Admin rights.
| Day 1-3 | +| M1 Pre-Requisites |
  • Verify you actually want to use Endpoint Policy Manager + Cloud method and not some other method or some kind of hybrid approach. See [Endpoint Policy ManagerSolution Methods: Group Policy, MDM, UEM Tools, and Endpoint Policy Manager Cloud compared.](/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md)
  • Identify 3 friendly developers for this project.
  • Identify the remaining devices for POC, but focus on first three.
  • Get familiar with Endpoint Policy Manager Cloud Basics. See [Endpoint Policy Manager Cloud: Two minute introduction](/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/introduction.md)
  • Download Endpoint Policy Manager bits from portal.policypak.com and Cloud MSI from cloud.policypak.com and get organized [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md).
  • Get the Endpoint Policy Manager Quickstart Guide. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md)
  • Set up on prem test lab, even though we’re using Endpoint Policy Manager Cloud (Best Practice). See [Endpoint Policy Manager Cloud: What you need to get Started](/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/start.md).
  • Install Endpoint Policy Manager Cloud Client which automatically installs the Endpoint Policy Manager CSE on 3 devices.
  • Identify the remaining devices for POC, but focus on first three.
  • Move 3 Endpoint Policy Manager cloud joined devices to Endpoint Policy Manager Cloud Company “GROUP1”.
  • Verify Endpoint Policy Manager Least Privilege Manager is working with the “Device Manager” test. See [Kill Local Admin Rights (Run applications with Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md)
  • Turn on PPLPM Global Auditing for Cloud. See [Endpoint Policy Manager Cloud + PPLPM + Events: Collect Events in the Cloud](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/cloudevents.md)
  • Test to make sure PPC Events are seen in Endpoint Policy Manager Cloud.
  • Identify KNOWN applications for Development stations which require Admin rights.
| Day 1-3 | | M2 Install PPC |
  • Install Endpoint Policy Manager CSE on the remaining 27 endpoints; ensure success. (NO POLICIES, just the Endpoint Policy Manager moving parts.).
  • (Optional) Set up Common Scenarios for Printers, Remove Programs and IP Address changes.
  • [Overcome Network Card, Printer, and Remove Programs UAC prompts](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md)
  • [COM Support](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md)
  • Create rules for KNOWN applications which require ADMIN Rights.
  • [Best Practices for Elevating User-Based Installs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md)
  • [Security and Child Processes](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md)
  • [Increase security by reducing rights on Open/Save dialogs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md)
  • [Endpoint Privilege Manager and Wildcards](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md)
  • Use Endpoint Policy Manager Preconfigured rules when you can. See [Installing applications-and-Preconfigured-Rules](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md)
| Day 4-6 | | M3 Begin Test |
  • Remove local admin rights for 3 developer endpoints. One suggested method / demo is here (there are other ways to perform this task): [Use Group Policy to remove local admin rights (then Endpoint Policy Manager to enable Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md)
  • Start to Generate Rules from Auditing Events [Auto-Create Policy from Global Audit event](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md)
  • Set up Admin Approval (Secret / policy): [Auto-Create Policy from Global Audit event](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md) and [Admin Approval demo](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md)
  • Set up Endpoint Policy Manager Least Privilege Manager “Approvers” workflow (Identify APPROVER(s), get the AA tool up and going.)
  • Optionally: Set up Endpoint Policy Manager Least Privilege Manager UI branding: [Branding the UI and Dialogs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md)
  • Deploy Admin Approval to existing systems.
  • Optional: Deploy Endpoint Policy Manager Least Privilege Manager Branding to existing systems.
  • Look at incoming EVENTS in Endpoint Policy Manager Cloud to determine the issues to make more rules.
| Day 7-8 | | M4 Review Events |
  • Turn on Self Elevate for existing 3 developers.
  • Create documentation for Developers on how to interact with Endpoint Policy Manager Self Elevate method. See [Self Elevate Mode](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md)
  • Review EVENTS to determine the issues to create rules.
| Day 9 | @@ -426,7 +426,7 @@ Estimated Milestone Details and Target Dates | M14 Addition | Add +5 endpoints to Endpoint Policy Manager Cloud and remove their local admin rights. | Day 19 | | M15 Review Events | Look at EVENTS to determine the issues to make more rules. | Day 20 | | M16 Remaining | Add Remaining endpoints to Endpoint Policy Manager Cloud and remove their local admin rights. | Day 21 | -| M17 SecureRun Setup |
  • Turn on Global Auditing for Untrusted and Unsigned applications.
  • Try turning on SecureRun for three developers.
  • [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md)
  • [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md)
| Day 22 | +| M17 SecureRun Setup |
  • Turn on Global Auditing for Untrusted and Unsigned applications.
  • Try turning on SecureRun for three developers.
  • [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md)
  • [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md)
| Day 22 | | M18+ SecureRun Rollout | Add +5 endpoints per day and triage incoming SecureRun blocks with “Allow and Log” rules. Repeat each day with +5 endpoints. | Day 23+ | @@ -436,9 +436,9 @@ Estimated Milestone Details and Target Dates | Milestones | Details & Tasks | | | ------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -| M1 Pre-Requisites |
  • Verify you actually want to use Endpoint Policy Manager + Cloud method and not some other method or some kind of hybrid approach. See [Endpoint Policy ManagerSolution Methods: Group Policy, MDM, UEM Tools, and Endpoint Policy Manager Cloud compared.](/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md)
  • Identify 3 friendly developers for this project.
  • Identify the remaining devices for POC, but focus on first three.
  • Download Endpoint Policy Manager bits from portal.endpointpolicymanager.com and Cloud MSI from cloud.endpointpolicymanager.com and get organized. See the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md).
  • Get the Endpoint Policy Manager Quickstart Guide. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md)
  • On ONE machine (any machine) perform the MDM “Walk before you run” test. See [Endpoint Policy Manager and MDM walk before you run](/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/testsample.md)
  • On three developer machines perform the quick-licensing method via rename (see[What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) or run licensing tool and after receiving your trial keys from sales, install your trial or full licenses for your MDM licenses. See [How to install UNIVERSAL licenses for NEW Customers (via GPO, SCCM or MDM)](/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md)
  • Install the Endpoint Policy Manager CSE on the three developer stations.
  • Move 3 developers into an Azure/MDM group named “Endpoint Policy Manager Test Devs”.
  • Target deploy the Endpoint Policy Manager CSE to the group.
  • Get to understand Endpoint Policy Manager Least Privilege Manager + MDM Service (Exporting policies, then wrapping up XMLs into MSIs). See [Using Least Privilege Manager with your MDM service](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/mdm.md)
  • Verify Endpoint Policy Manager Least Privilege Manager is working wit the “Device Manager” test. See [Kill Local Admin Rights (Run applications with Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md)
  • Create a policy which turns on PPLPM Global Auditing, export as XML and wrap up as MSI for deployment via MDM. See [Use Discovery to know what rules to make as you transition from Local Admin rights](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md)
  • Identify KNOWN applications for Development stations which require Admin rights.
| Day 1-3 | +| M1 Pre-Requisites |
  • Verify you actually want to use Endpoint Policy Manager + Cloud method and not some other method or some kind of hybrid approach. See [Endpoint Policy ManagerSolution Methods: Group Policy, MDM, UEM Tools, and Endpoint Policy Manager Cloud compared.](/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md)
  • Identify 3 friendly developers for this project.
  • Identify the remaining devices for POC, but focus on first three.
  • Download Endpoint Policy Manager bits from portal.policypak.com and Cloud MSI from cloud.policypak.com and get organized. See the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md).
  • Get the Endpoint Policy Manager Quickstart Guide. See [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md)
  • On ONE machine (any machine) perform the MDM “Walk before you run” test. See [Endpoint Policy Manager and MDM walk before you run](/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/testsample.md)
  • On three developer machines perform the quick-licensing method via rename (see[What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) or run licensing tool and after receiving your trial keys from sales, install your trial or full licenses for your MDM licenses. See [How to install UNIVERSAL licenses for NEW Customers (via GPO, SCCM or MDM)](/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md)
  • Install the Endpoint Policy Manager CSE on the three developer stations.
  • Move 3 developers into an Azure/MDM group named “Endpoint Policy Manager Test Devs”.
  • Target deploy the Endpoint Policy Manager CSE to the group.
  • Get to understand Endpoint Policy Manager Least Privilege Manager + MDM Service (Exporting policies, then wrapping up XMLs into MSIs). See [Using Least Privilege Manager with your MDM service](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/mdm.md)
  • Verify Endpoint Policy Manager Least Privilege Manager is working wit the “Device Manager” test. See [Kill Local Admin Rights (Run applications with Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md)
  • Create a policy which turns on PPLPM Global Auditing, export as XML and wrap up as MSI for deployment via MDM. See [Use Discovery to know what rules to make as you transition from Local Admin rights](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md)
  • Identify KNOWN applications for Development stations which require Admin rights.
| Day 1-3 | | M2 Install Endpoint Policy Manager CSE, common scenarios and known applications |
  • Install Endpoint Policy Manager CSE on the remaining 27 endpoints; ensure success. (NO POLICIES, just the PolicyPak moving parts).
  • (Optional) Set up Common Scenarios for Printers, Remove Programs and IP Address changes. See [Overcome Network Card, Printer, and Remove Programs UAC prompts](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md) and [COM Support](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md)
  • Create rules for KNOWN applications which require ADMIN Rights.
  • [Best Practices for Elevating User-Based Installs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md)
  • [Security and Child Processes](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md)
  • [Increase security by reducing rights on Open/Save dialogs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md)
  • [Endpoint Privilege Manager and Wildcards](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md)
  • Use Endpoint Policy Manager Preconfigured rules when you can. See [Installing applications-and-Preconfigured-Rules](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md)
| Day 4-6 | -| M3 Set up Event Forwarding |
  • Pick one (or choose another method, like Splunk, etc.)
  • Event Forwarding with Netwrix Auditor. See [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/reports.md)
  • Event Forwarding with Windows Eventing. See [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md)
  • Event Forwarding with Azure Log Analytics (likely best scenario for MDM environments). See [Windows 10 (and Server) Event Logs to Azure Log Analytics Walkthru](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md)
| Day 7-9 | +| M3 Set up Event Forwarding |
  • Pick one (or choose another method, like Splunk, etc.)
  • Event Forwarding with Netwrix Auditor. See [How to use Netwrix Auditor to Report on Endpoint Policy Manager events](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/reports.md)
  • Event Forwarding with Windows Eventing. See [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md)
  • Event Forwarding with Azure Log Analytics (likely best scenario for MDM environments). See [Windows 10 (and Server) Event Logs to Azure Log Analytics Walkthru](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md)
| Day 7-9 | | M4 Begin Test |
  • Remove local admin rights for 3 developer endpoints. One suggested method / demo is here (there are other ways to perform this task): [Use Group Policy to remove local admin rights (then Endpoint Policy Manager to enable Least Privilege)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md)
  • Start to Generate Rules from Auditing Events. See [Auto-Create Policy from Global Audit event](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md).
  • Set up Admin Approval (Secret / policy). See [Auto-Create Policy from Global Audit event](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md) and [Admin Approval demo](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md)
  • Optionally: Set up Endpoint Policy Manager Least Privilege Manager UI branding. See [Branding the UI and Dialogs](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md)
  • Deploy Admin Approval to existing systems.
  • Optional: Deploy Endpoint Policy Manager Least Privilege Manager Branding to existing systems.
  • Look at incoming EVENTS to determine the issues to make more rules.
| Day 10 | | M5 Review Events |
  • Turn on Self Elevate for existing 3 developers.
  • Create documentation for Developers on how to interact with Endpoint Policy Manager Self Elevate method. See [Self Elevate Mode](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md)
  • Review EVENTS to determine the issues to create rules.
| Day 11 | | M6 Addition | Add 7 more developer PCs to existing 3 and remove local admin rights using existing rules. (Don’t use Self elevate on new 7 endpoint, just the first three.) | Day 12 | @@ -453,5 +453,5 @@ Estimated Milestone Details and Target Dates | M15 Addition | Add +5 endpoints to Endpoint Policy Manager group and remove their local admin rights. | Day 21 | | M16 Review Events | Look at EVENTS to determine the issues to make more rules. | Day 22 | | M17 Remaining | Add Remaining endpoints to Endpoint Policy Manager group and remove their local admin rights. | Day 23 | -| M18 SecureRun Setup |
  • Turn on Global Auditing for Untrusted and Unsigned applications.
  • Try turning on SecureRun for three developers.
  • [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md)
  • [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md)
| Day 24 | +| M18 SecureRun Setup |
  • Turn on Global Auditing for Untrusted and Unsigned applications.
  • Try turning on SecureRun for three developers.
  • [Using Least Privilege Manager's SecureRun Feature](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md)
  • [How can I allow "Inline commands" blocked by SecureRun when a random path or filename is created each time?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md)
| Day 24 | | M19 SecureRun Rollout | Add +5 endpoints per day and triage incoming SecureRun blocks with “Allow and Log” rules. Repeat each day with +5 endpoints. | Day 25+ | diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/licensing/_category_.json similarity index 93% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/licensing/_category_.json index 13d08bae5f..750c5135b0 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/licensing/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Licensing", - "position": 10, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Licensing", + "position": 10, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/license.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/licensing/license.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/license.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/licensing/license.md index 40550652ba..4b6b4fc2b9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/licensing/license.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/licensing/license.md @@ -39,3 +39,5 @@ You can look in your license file and see which license you are granted. You can also see the license type within the MMC console if you have this type of license installed. ![839_5_img-03](/images/endpointpolicymanager/leastprivilege/839_5_img-03.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/macintegration/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/macintegration/_category_.json similarity index 93% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/macintegration/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/macintegration/_category_.json index 5d1c642ee9..0cf9d2118e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/macintegration/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/macintegration/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Mac Integration", - "position": 80, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Mac Integration", + "position": 80, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/macintegration/logs.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/macintegration/logs.md similarity index 100% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/macintegration/logs.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/macintegration/logs.md diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/_category_.json similarity index 95% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/_category_.json index e3ac45d5cb..cc7243f6a2 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Netwrix Privilege Secure For Access Management Integration", - "position": 110, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Netwrix Privilege Secure For Access Management Integration", + "position": 110, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/createpolicies.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/createpolicies.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/createpolicies.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/createpolicies.md index 4558d60a72..f721eb6e19 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/createpolicies.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/createpolicies.md @@ -48,3 +48,5 @@ when the Endpoint Policy Manager CSE is licensed for Endpoint Policy Manager Lea Manager. ![965_5_image-20230627091218-9_950x211](/images/endpointpolicymanager/integration/965_5_image-20230627091218-9_950x211.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/establishtrust.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/establishtrust.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/establishtrust.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/establishtrust.md index 89673a45da..1510fa7f13 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/establishtrust.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/establishtrust.md @@ -62,3 +62,5 @@ In all cases the endpoint is instructed to Bypass SSL Certification Verification the results on any particular endpoint like this. ![898_5_image-20231204145244-1](/images/endpointpolicymanager/troubleshooting/error/leastprivilege/898_5_image-20231204145244-1.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/mmc.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/mmc.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/mmc.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/mmc.md index f2d958406f..e9eef40e60 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/netwrixprivilegesecure/mmc.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/netwrixprivilegesecure/mmc.md @@ -44,3 +44,5 @@ then you maintain your console with upgrades only via the Endpoint Policy Manage and don't attempt a re-install of Privilege Secure Console MSI. ::: + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/_category_.json similarity index 95% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/_category_.json index 5750619566..d3a625f513 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Tips (Specific Workaround For Apps And Scenarios)", - "position": 30, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Tips (Specific Workaround For Apps And Scenarios)", + "position": 30, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/applicationextension.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/applicationextension.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/applicationextension.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/applicationextension.md index 9e47f5ac29..a7346618c2 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/applicationextension.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/applicationextension.md @@ -93,3 +93,5 @@ The command-line arguments cannot be empty. application being Elevated. ![451_19_image-20200210223130-10_950x266](/images/endpointpolicymanager/leastprivilege/elevate/451_19_image-20200210223130-10_950x266.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/block.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/block.md similarity index 71% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/block.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/block.md index 6c10ac0ea3..5a771b7258 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/block.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/block.md @@ -57,31 +57,31 @@ PowerShell V2 Workaround ``` - +                -         -           -             +         +           +                           CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US              -             +                           Microsoft® Windows® Operating System               10.0.14393.206               *powersh*               10.0.14393.206              -             +                           -v* 2*               false                         -           +                       false            -           -             +           +                           false                         @@ -90,27 +90,27 @@ PowerShell V2 Workaround                  -         -           -             +         +           +                           CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US              -             +                           Microsoft® Windows® Operating System               10.0.14393.206               *powersh*               10.0.14393.206              -             +                           * -v* 2*               false                         -           +                       false            -           -             +           +                           false                         @@ -120,3 +120,5 @@ PowerShell V2 Workaround    ``` + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/editrights.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/editrights.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/editrights.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/editrights.md index 6dffa44fbc..73f91e8c55 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/editrights.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/editrights.md @@ -31,3 +31,5 @@ Keep in mind you are elevating the Application (Notepad in this case), not the f itself. ::: + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installers.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/installers.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installers.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/installers.md index d880f1f25f..2f1c973442 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installers.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/installers.md @@ -41,3 +41,5 @@ shown in the screenshot: Use additional keywords to detect Application Installers ![723_3_image-20201103180355-2](/images/endpointpolicymanager/leastprivilege/elevate/723_3_image-20201103180355-2.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installfonts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/installfonts.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installfonts.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/installfonts.md index 94337c1e46..4901d4f5ac 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/installfonts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/installfonts.md @@ -272,3 +272,5 @@ $fontsFolderPath = Get-SpecialFolder($CSIDL_FONTS)    Process-Arguments ![467_11_img-7](/images/endpointpolicymanager/leastprivilege/elevate/467_11_img-7.webp) 8. Run `GPUPDATE /FORCE` on the client machine. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mmcsnapin.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mmcsnapin.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mmcsnapin.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mmcsnapin.md index fb973491b9..8741b47731 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mmcsnapin.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mmcsnapin.md @@ -93,3 +93,5 @@ However, at no time would the shortest expression, of only "`services.msc`" work must appear before the command line. ![203_19_image006_950x612](/images/endpointpolicymanager/leastprivilege/elevate/203_19_image006_950x612.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mspfiles.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mspfiles.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mspfiles.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mspfiles.md index bdc6f1d572..3bba78102f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mspfiles.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mspfiles.md @@ -55,3 +55,5 @@ Use **Strict equality** check mode. For other Adobe packages (or any other software vendors) you must adjust the path to your .MSP file within your **Arguments** field. MSIEXEC.EXE should be elevated at all times while you are elevating .MSP file installation. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/nonadminuser.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/nonadminuser.md similarity index 77% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/nonadminuser.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/nonadminuser.md index 5e3dbd4ac2..e22ba84116 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/nonadminuser.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/nonadminuser.md @@ -67,25 +67,25 @@ XML Policy ``` - +                -         -           -             +         +           +                           %SYSTEMROOT%\System32\sc.exe              -             +                           * RemoteRegistry*               false                         -           +                       true            -           -             +           +                                                              @@ -98,3 +98,5 @@ XML Policy    ``` + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/registry.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/registry.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/registry.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/registry.md index f6b332b3c3..a4df7dec83 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/registry.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/registry.md @@ -122,3 +122,5 @@ algorithm to setting of . ![621_29_image-20200510100625-15](/images/endpointpolicymanager/leastprivilege/elevate/621_13_image-20200510100625-7.webp) **Step 10 –** Rename and set Item Level Targeting if required and click **Finish**. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/serverbusy.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/serverbusy.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/serverbusy.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/serverbusy.md index 4e96c79a95..3a8364718e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/serverbusy.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/serverbusy.md @@ -41,3 +41,5 @@ to **Medium-plus**. This will allow the application to run as desired, but not g end-user to change system files. ![998_4_image-20240201214648-4](/images/endpointpolicymanager/troubleshooting/error/leastprivilege/998_4_image-20240201214648-4.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/synapticspointingdevicedriver.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/synapticspointingdevicedriver.md similarity index 91% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/synapticspointingdevicedriver.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/synapticspointingdevicedriver.md index e8946853f8..fec4a35f74 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/synapticspointingdevicedriver.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/synapticspointingdevicedriver.md @@ -23,10 +23,12 @@ through SecureRun. :::note This policy (SYNAPTICS-Allow-AND-log.xml ) is provided in the -[https://portal.endpointpolicymanager.com/downloads/guidance](https://portal.endpointpolicymanager.com/downloads/guidance) +[https://portal.policypak.com/downloads/guidance](https://portal.policypak.com/downloads/guidance) download, and can be found in the extracted contents under the PolicyPak Least Privilege Manager XMLs folder. ::: ![703_3_image-20210206004430-3](/images/endpointpolicymanager/leastprivilege/703_3_image-20210206004430-3.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/uipathassistant.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/uipathassistant.md similarity index 64% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/uipathassistant.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/uipathassistant.md index 63a7a4b460..5567ccd3ad 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/uipathassistant.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/uipathassistant.md @@ -52,25 +52,25 @@ Allowed with Path Rule 1 ``` - +                -         -           -             +         +           +                           C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe              -             +                           *"$assemblies=(\"System\");$source=\"*               false                         -           +                       true            -           -             +           +                                        @@ -85,25 +85,25 @@ Allowed with Path Rule 2 ``` - +                -         -           -             +         +           +                           C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe              -             +                           "$FileContent = Get-Content -Encoding unicode %Temp%\shortcuts-params.txt; Invoke-Expression $FileContent"               false                         -           +                       true            -           -             +           +                                        @@ -111,3 +111,5 @@ Allowed with Path Rule 2    ``` + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/windowsdefender.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/windowsdefender.md similarity index 97% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/windowsdefender.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/windowsdefender.md index 4c416c1ba3..3642bf0adb 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/windowsdefender.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/windowsdefender.md @@ -10,7 +10,7 @@ sidebar_position: 50 For detailed steps on how to elevate the Windows Defender Firewall snap-in, replacing Services.msc with WF.msc, see -[How do I elevate MMC snap ins without granting administrative rights?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsappsscenarios/mmcsnapin.md) +[How do I elevate MMC snap ins without granting administrative rights?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsappsscenarios/mmcsnapin.md) ## Option 2: diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsfilesfolders/_category_.json similarity index 94% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsfilesfolders/_category_.json index c62d21dc98..72b9d9b367 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsfilesfolders/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Tips (Files Folders And Dialogs)", - "position": 40, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Tips (Files Folders And Dialogs)", + "position": 40, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/allfiles.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsfilesfolders/allfiles.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/allfiles.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsfilesfolders/allfiles.md index e5e0a777f1..17caeaff86 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsfilesfolders/allfiles.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsfilesfolders/allfiles.md @@ -33,3 +33,5 @@ The difference between these two types is that - The **Folder** path condition only applies to all files in the specified folder. - The Folder (recursive) path condition applies to all Descendant files. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/_category_.json similarity index 96% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/_category_.json index 9e1992f399..c329b7028f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Tips For Admin Approval Self Elevate Apply On Demand SecureCopy And UI Branding", - "position": 60, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Tips For Admin Approval Self Elevate Apply On Demand SecureCopy And UI Branding", + "position": 60, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/activexcontrol.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/activexcontrol.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/activexcontrol.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/activexcontrol.md index d85b92f0bb..332d5ac1bb 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/activexcontrol.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/activexcontrol.md @@ -70,3 +70,5 @@ RESULT of performing Option 1, Option 2 or Option 3 above.) ![859_7_image009_950x363](/images/endpointpolicymanager/leastprivilege/policyeditor/859_7_image009_950x363.webp) ![859_8_image010_950x541](/images/endpointpolicymanager/leastprivilege/policyeditor/859_8_image010_950x541.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/custommenuitemtext.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/custommenuitemtext.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/custommenuitemtext.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/custommenuitemtext.md index 0352358d3f..75b3478954 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/custommenuitemtext.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/custommenuitemtext.md @@ -16,3 +16,5 @@ happens when a rule matches and the expected result. | Not used / Disabled | No rules match | Show custom menu item text configured for explicit rules (grayed out). | | Enabled | Explicit Rule Matches | Show custom menu item text configured for explicit rules. | | Enabled | No rules Match | Show custom text configured for Admin Approval (or default "Run with PolicyPak" text). | + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/dragdrop.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/dragdrop.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/dragdrop.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/dragdrop.md index 715f7dc9f6..223e620c44 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/dragdrop.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/dragdrop.md @@ -27,3 +27,5 @@ to Medium or Low, stopping at the first one which works. ![402_1_q3-img-1](/images/endpointpolicymanager/leastprivilege/elevate/402_1_q3-img-1.webp) ![402_2_q3-img-2](/images/endpointpolicymanager/leastprivilege/elevate/402_2_q3-img-2.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/maliciousattacks.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/maliciousattacks.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/maliciousattacks.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/maliciousattacks.md index 890cfb9f16..b0d258c43b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/maliciousattacks.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/maliciousattacks.md @@ -57,3 +57,5 @@ Windows: Netwrix Endpoint Policy Manager (formerly PolicyPak) message: ![765_5_image-20211223014445-5](/images/endpointpolicymanager/leastprivilege/powershell/765_5_image-20211223014445-5.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/optionsshowpopupmessage.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/optionsshowpopupmessage.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/optionsshowpopupmessage.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/optionsshowpopupmessage.md index cd3ac29f32..79fe55c73b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/optionsshowpopupmessage.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/optionsshowpopupmessage.md @@ -57,3 +57,5 @@ The User must re-authenticate. When the pop-up is shown, the user must type in s **OK** is allowed and the application proceeds. ![942_9_image-20230602145013-9](/images/endpointpolicymanager/leastprivilege/policyeditor/942_9_image-20230602145013-9.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/reduceadminrights.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/reduceadminrights.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/reduceadminrights.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/reduceadminrights.md index 5b44ccada4..afb6291585 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/reduceadminrights.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/reduceadminrights.md @@ -36,3 +36,5 @@ As a result, even when IE is launched / told to Run as Admin, it will not , and Standard. ![464_6_img-006](/images/endpointpolicymanager/leastprivilege/464_6_img-006.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/scope.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/scope.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/scope.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/scope.md index 0cd0eb2707..85feb236ed 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/scope.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/scope.md @@ -185,3 +185,5 @@ that run from the specified `.exe `regardless of the user. video: [Reduce or specify Service Account Rights](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/serviceaccountrights.md) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/selfelevation.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/selfelevation.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/selfelevation.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/selfelevation.md index 79a0c0acde..02a5e0d04a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/selfelevation.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/selfelevation.md @@ -37,3 +37,5 @@ types you selected in the policy, you should see the **Run Self Elevated with Po available. ![959_6_image-20230522075042-6](/images/endpointpolicymanager/leastprivilege/policyeditor/959_6_image-20230522075042-6.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/servicenow.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/servicenow.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/servicenow.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/servicenow.md index 565abe755b..c3bfdd9a6b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/servicenow.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/servicenow.md @@ -33,3 +33,5 @@ Setting this up is as easy as specifying a URL for them to click upon in the Cus in the Admin Approval policy. ![915_4_image005_950x582](/images/endpointpolicymanager/integration/915_4_image005_950x582.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/_category_.json similarity index 94% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/_category_.json index 8cbbb17631..f32472cb33 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Tips (Old Use Only If Asked)", - "position": 70, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Tips (Old Use Only If Asked)", + "position": 70, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/printerdriverinstall.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/printerdriverinstall.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/printerdriverinstall.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/printerdriverinstall.md index 0ee19b59f0..1b93a95c0b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/printerdriverinstall.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/printerdriverinstall.md @@ -30,3 +30,5 @@ elevate a specific DLL. Just like shown in below screenshot. Rule to elevate` rundll32.exe` by PATH and COMMAND LINE (when `rundll32.exe `runs a `DLL`, the `DLL `path is specified on the command line) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/singlelinecommands.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/singlelinecommands.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/singlelinecommands.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/singlelinecommands.md index b8f4d05166..e3ac5e1182 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsold/singlelinecommands.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsold/singlelinecommands.md @@ -19,3 +19,5 @@ An example of elevating the SCCM computer setup can be seen below: ![479_2_pplpm-faq2-image002](/images/endpointpolicymanager/leastprivilege/elevate/479_2_pplpm-faq2-image002.webp) ![479_3_pplpm-faq2-image003](/images/endpointpolicymanager/leastprivilege/elevate/479_3_pplpm-faq2-image003.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/_category_.json similarity index 94% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/_category_.json index f8e81677a8..3df7642fb9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Tips (How Does PPLPM Work)", - "position": 20, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Tips (How Does PPLPM Work)", + "position": 20, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/accountelevatedprocess.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/accountelevatedprocess.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/accountelevatedprocess.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/accountelevatedprocess.md index 29da220f2a..6ccc3d482f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/accountelevatedprocess.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/accountelevatedprocess.md @@ -18,3 +18,5 @@ with EastSalesUser1 when a Endpoint Policy Manager Least Privilege Manager rule affect EastSalesUser1. ![649_1_img-1_950x524](/images/endpointpolicymanager/leastprivilege/649_1_img-1_950x524.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/applocker.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/applocker.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/applocker.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/applocker.md index 9b3bee7764..9b7ab0f3d5 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/applocker.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/applocker.md @@ -60,3 +60,5 @@ that you also get all the added benefits of SecureRun. This is not a recommended it should work. Please consider retiring Applocker and using Endpoint Policy Manager SecureRun. For more in formation on why this is the recommended practice, see [AppLocker Pros, Cons, and Alternatives](https://blog.netwrix.com/2021/12/02/applocker-pros-cons-and-alternatives/). + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/digitalsignature.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/digitalsignature.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/digitalsignature.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/digitalsignature.md index 1aa6669a7c..02eb4801a5 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/digitalsignature.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/digitalsignature.md @@ -30,3 +30,5 @@ but dated for another timeframe. Finally, please check this Microsoft Doc on how most application vendors associate digital signatures with their installers or EXE files: [Digital Signatures and Windows Installer](https://learn.microsoft.com/en-us/windows/win32/msi/digital-signatures-and-windows-installer). + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/macroattacks.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/macroattacks.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/macroattacks.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/macroattacks.md index 19593a5e44..b480c19dea 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/macroattacks.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/macroattacks.md @@ -17,3 +17,5 @@ But besides that, or if you had noprotection in place, when Netwrix Endpoint Pol supported Endpoint Policy Manager Least Privilege Manager types including scripts, EXEs, MSIs, JARs and more, since the downloadable payload would be owned by the User and not Administrator, Trusted Installer, or anyone one the SecureRun list. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/runasadmin.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/runasadmin.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/runasadmin.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/runasadmin.md index 1f93b3951c..7e7ee082e6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/runasadmin.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/runasadmin.md @@ -113,3 +113,5 @@ Here’s an example when this option is selected: Now users can perform the same Run as administrator type of operation, but they will need to use the Endpoint Policy Manager-supplied Run as administrator with Netwrix PolicyPak. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/_category_.json similarity index 94% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/_category_.json index 5a80a3a135..0bdee3c362 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Tips And SecureRun (TM)", - "position": 50, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Tips And SecureRun (TM)", + "position": 50, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/adminapprovalwork.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/adminapprovalwork.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/adminapprovalwork.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/adminapprovalwork.md index 860d0c0b53..8543307390 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/adminapprovalwork.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/adminapprovalwork.md @@ -25,3 +25,5 @@ SCENARIO 2: If SecureRun is enabled: trusted principal or not. ![977_1_image-20230824223216-1_950x550](/images/endpointpolicymanager/leastprivilege/securerun/977_1_image-20230824223216-1_950x550.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md index fb4e9e24f7..4a44e62487 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/allowinlinecommands.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/allowinlinecommands.md @@ -89,3 +89,5 @@ elevated Privileges** (if needed) For security and compatibility reasons, only elevate if necessary to do so. ::: + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/bestpractices.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/bestpractices.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/bestpractices.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/bestpractices.md index 171068037e..3444d571fc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/bestpractices.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/bestpractices.md @@ -61,3 +61,5 @@ each time this is invoked, it is logged in the event log along with the option o user's justification for running the process For more information, see [Self Elevate Mode](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/blockedscripttypes.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/blockedscripttypes.md similarity index 89% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/blockedscripttypes.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/blockedscripttypes.md index 1d97ca5187..88ae1499a4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/blockedscripttypes.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/blockedscripttypes.md @@ -20,6 +20,6 @@ The official list is as follows and might increase without notice. :::note For .PS1, in order to enable Powershell at all, you need to make an express (ALLOW rule for powershell.exe). That rule can be found in -[When Endpoint Policy Manager SecureRun(TM) is turned on, PowerShell won't run. How can I re-enable this?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/enablepowershell.md) +[When Endpoint Policy Manager SecureRun(TM) is turned on, PowerShell won't run. How can I re-enable this?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/enablepowershell.md) ::: diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/chromeextension.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/chromeextension.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/chromeextension.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/chromeextension.md index e1d3b2eda6..8acacbefa7 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/chromeextension.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/chromeextension.md @@ -58,3 +58,5 @@ case**; under Arguments, we are going to take the first part of the installation **Step 6 –** Rename, set ILT if required and click **Finish**. ![700_7_image-20211111230736-7](/images/endpointpolicymanager/leastprivilege/securerun/700_7_image-20211111230736-7.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/enablepowershell.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/enablepowershell.md similarity index 75% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/enablepowershell.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/enablepowershell.md index f59914fc3b..f0a8f08695 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/enablepowershell.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/enablepowershell.md @@ -7,5 +7,7 @@ sidebar_position: 30 # When Endpoint Policy Manager SecureRun(TM) is turned on, PowerShell won't run. How can I re-enable this? You need to use EXE Policy with rule Allow and log for -Powershell.[ Go to https://www.endpointpolicymanager.com/pp-files/allow-powershell.php](https://www.endpointpolicymanager.com/pp-files/allow-powershell.php) +Powershell.[ Go to https://www.policypak.com/pp-files/allow-powershell.php](https://www.policypak.com/pp-files/allow-powershell.php) and import it to enable PowerShell to run with SecureRun enabled. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/mykipasswordmanager.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/mykipasswordmanager.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/mykipasswordmanager.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/mykipasswordmanager.md index 3d588bbb19..79b0c6d953 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/mykipasswordmanager.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/mykipasswordmanager.md @@ -179,3 +179,5 @@ Your screen should look identical to the one below. **Step 18 –** In the Settings window select**User and System processes**  and click **Finish**. ![844_27_image-20210705210753-27](/images/endpointpolicymanager/leastprivilege/securerun/844_27_image-20210705210753-27.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/setup.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/setup.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/setup.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/setup.md index e760837c0d..90e0f7cad5 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/setup.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/setup.md @@ -53,3 +53,5 @@ entered (though if the app changes names often you might omit using the Path). The more rule types you use the more secure it becomes, but keeping it usable is always the goal. Generally only use Hash by itself because its pretty secure, and then some combination of the others as noted above. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/webex.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/webex.md similarity index 97% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/webex.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/webex.md index d96123a9bb..860fa66857 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/webex.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/webex.md @@ -33,7 +33,7 @@ under` %LocalAppData%\WebEx\WebEx\Meetings` WebEx under `%LocalAppData%\WebEx` Alternatively, download the Guidance XMLs from -[https://portal.endpointpolicymanager.com/downloads/guidance,](https://portal.endpointpolicymanager.com/downloads/guidance) +[https://portal.policypak.com/downloads/guidance,](https://portal.policypak.com/downloads/guidance) then browse to the `…\Production-Guidance\PolicyPak Least Privilege Manager XMLs` folder after extracting the contents of the downloaded zip, and import the `WebEx Elevated by Signature and File Info.xml` for use in your environment. @@ -109,3 +109,5 @@ LocalMachine$certificateStore.Open('ReadWrite')$certificateStore.Add($pathInterm Certification Authorities folder ![575_11_05_549x169](/images/endpointpolicymanager/leastprivilege/securerun/575_11_05_549x169.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/_category_.json similarity index 93% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/_category_.json rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/_category_.json index 1947d1beae..99f1609c37 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/_category_.json @@ -1,6 +1,6 @@ -{ - "label": "Troubleshooting", - "position": 90, - "collapsed": true, - "collapsible": true -} \ No newline at end of file +{ + "label": "Troubleshooting", + "position": 90, + "collapsed": true, + "collapsible": true +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/correctsyntax.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/correctsyntax.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/correctsyntax.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/correctsyntax.md index aaace8e345..d058a48580 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/correctsyntax.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/correctsyntax.md @@ -23,3 +23,5 @@ Or %localappdata%\Slack\\\* + File type ![628_3_image-20210311160348-2](/images/endpointpolicymanager/troubleshooting/leastprivilege/securerun/628_3_image-20210311160348-2.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/determinewhy.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/determinewhy.md similarity index 87% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/determinewhy.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/determinewhy.md index 3d4d169374..f6bb5a6450 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/determinewhy.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/determinewhy.md @@ -7,7 +7,7 @@ sidebar_position: 20 # What log can help me determine why an application (MSI, etc.) was ALLOWED, ELEVATED or BLOCKED? The log file you want to look in is` %LOCALAPPDATA%\PolicyPak\PolicyPak` -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) and is called `ppUser_Operational.log.` ![544_1_dfdhdghjkhjkl](/images/endpointpolicymanager/troubleshooting/log/leastprivilege/544_1_dfdhdghjkhjkl.webp) @@ -28,3 +28,5 @@ Below, the top entry shows an application being denied (because SecureRun is ena entry shows an application being allowed by using an EXE policy. ![544_3_third](/images/endpointpolicymanager/troubleshooting/log/leastprivilege/544_3_third.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/drivemaps.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/drivemaps.md similarity index 97% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/drivemaps.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/drivemaps.md index f59b6a2162..13b6e98913 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/drivemaps.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/drivemaps.md @@ -87,7 +87,7 @@ And also for all Non-EXE rules as of version 2340 and higher: - You do not need to make any explicit "Drive map" rules. So, don't elevate "S:" in Endpoint Policy Manager - [https://www.endpointpolicymanager.com/products/least-privilege-manager.html](https://www.endpointpolicymanager.com/products/least-privilege-manager.html). + [https://www.policypak.com/products/least-privilege-manager.html](https://www.policypak.com/products/least-privilege-manager.html). That is incorrect syntax. - Instead, you would make a UNC path rule for what S: is really pointing to. - So, for instance, if you want to elevate all files in S: (which is mapping to @@ -127,3 +127,5 @@ Troubleshooting Non-EXE rules: ![502_5_image-20200121124504-4](/images/endpointpolicymanager/troubleshooting/leastprivilege/502_5_image-20200121124504-4.webp) ![502_7_image-20200121124504-5](/images/endpointpolicymanager/troubleshooting/leastprivilege/502_7_image-20200121124504-5.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/emailsettings.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/emailsettings.md similarity index 92% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/emailsettings.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/emailsettings.md index 5a32e8b235..9cf2ba588a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/emailsettings.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/emailsettings.md @@ -10,9 +10,9 @@ sidebar_position: 140 When editing the Admin Approval policy you receive the error message below. -The element ‘emailSettings'in namespace ‘http://www.endpointpolicymanager.com/2017/LPM/AdminApproval' has +The element ‘emailSettings'in namespace ‘https://www.policypak.com/2017/LPM/AdminApproval' has incomplete content. List of possible elements expected: ‘sendTo' in namespace -‘http://www.endpointpolicymanager.com/2017/LPM/AdminApproval'. +‘https://www.policypak.com/2017/LPM/AdminApproval'. ![994_1_image-20230926224931-1](/images/endpointpolicymanager/troubleshooting/error/leastprivilege/994_1_image-20230926224931-1.webp) @@ -75,3 +75,5 @@ if needed. ![994_3_image-20230926224931-3](/images/endpointpolicymanager/troubleshooting/error/leastprivilege/994_3_image-20230926224931-3.webp) After one of these actions all will be good. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/explorercrash.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/explorercrash.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/explorercrash.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/explorercrash.md index 58073f5248..6d628b56cb 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/explorercrash.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/explorercrash.md @@ -78,3 +78,5 @@ Windows Registry Editor Version 5.00 ``` [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C8DD2F11-B78C-4430-B1A3-C699497449E5}] ``` + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/inlinecommands.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/inlinecommands.md similarity index 98% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/inlinecommands.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/inlinecommands.md index 53feefb6df..8387e3164b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/inlinecommands.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/inlinecommands.md @@ -12,7 +12,7 @@ run various commands and NOT just executables (e.g. .exe files). Netwrix Endpoint Policy Manager (formerly PolicyPak) SecureRun automatically blocks unknown and un-trusted scripts. You can read about these automatically blocked script types here: -[What is the supported list of BLOCKED script types for Endpoint Policy Manager SecureRun™ ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipssecurerun/blockedscripttypes.md) +[What is the supported list of BLOCKED script types for Endpoint Policy Manager SecureRun™ ?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipssecurerun/blockedscripttypes.md) But it's possible to pass the commands on the command line diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/kaseyaagentservice.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/kaseyaagentservice.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/kaseyaagentservice.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/kaseyaagentservice.md index 8f63d2e174..0779e53e4b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/kaseyaagentservice.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/kaseyaagentservice.md @@ -85,3 +85,5 @@ Restart-Service $svcKaseya $svcKaseya = (Get-Service -DisplayName "Kaseya Agent" | Select -Property Name).Name & cmd /c sc config $svcKaseya depend= / ``` + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/onedrive.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/onedrive.md similarity index 97% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/onedrive.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/onedrive.md index 6acf567a09..17d9aa022b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/onedrive.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/onedrive.md @@ -83,4 +83,4 @@ We've combined known command-line args in that XML guidance, as shown in below s But if you're receiving a different command-line prompt then check the following KB for more help: -[How are wildcards supported when used with Path and Command-line arguments in Least Privilege Manager?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/wildcards.md) +[How are wildcards supported when used with Path and Command-line arguments in Least Privilege Manager?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/wildcards.md) diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/restorecontextmenu.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/restorecontextmenu.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/restorecontextmenu.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/restorecontextmenu.md index 68c33a3c08..3059d76cfe 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/restorecontextmenu.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/restorecontextmenu.md @@ -62,3 +62,5 @@ $Value        = '0' New-ItemProperty -Path $RegistryPath -Name $Name -Value $Value -PropertyType DWORD -Force gpupdate ``` + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleprecedence.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ruleprecedence.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleprecedence.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ruleprecedence.md index 3619be0de5..00b1f8a736 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleprecedence.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ruleprecedence.md @@ -15,3 +15,5 @@ When a process is created, PPLPM evaluates the result in the following order: 5. SecureRun on user side Once a rule is found, we stop the search and do what the rule says. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleproductinfo.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ruleproductinfo.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleproductinfo.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ruleproductinfo.md index 8ba34750d9..6fa40bbf80 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ruleproductinfo.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ruleproductinfo.md @@ -31,3 +31,5 @@ In Windows Explorer, if you check the NTFS permissions of the folder, it should the screen shot below: ![1321_3_5273a796cdc192f102e32fc389f6bbfc](/images/endpointpolicymanager/troubleshooting/leastprivilege/1321_3_5273a796cdc192f102e32fc389f6bbfc.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/sage50.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/sage50.md similarity index 96% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/sage50.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/sage50.md index 62b6e8d2ec..2c773af13b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/sage50.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/sage50.md @@ -22,7 +22,7 @@ The customer's own remediation was to elevate the Print spooler also needs to be However, this is likely more than required, and instead, we would advise to merely attempt to change the integrity level of the spooler using these directions: -[I elevated an application, but drag and drop between the elevated and other non-elevated applications isn't working anymore. What can I try?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/dragdrop.md) +[I elevated an application, but drag and drop between the elevated and other non-elevated applications isn't working anymore. What can I try?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/dragdrop.md) Both avenues to adjust the spooler service are "use at your own risk." diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ssms.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ssms.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ssms.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ssms.md index d4a816e9a0..0f7ea3daef 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/ssms.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/ssms.md @@ -29,3 +29,5 @@ Microsoft SQL Server Management Studio. To work around this issue, you can replace the PRODUCT name with a wildcard. ![845_2_image-20210419165857-2](/images/endpointpolicymanager/troubleshooting/leastprivilege/fileinfodeny/845_2_image-20210419165857-2.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/supportedenvironments.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/supportedenvironments.md similarity index 81% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/supportedenvironments.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/supportedenvironments.md index 35d62b2898..029a7cab84 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/supportedenvironments.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/supportedenvironments.md @@ -10,7 +10,7 @@ Windows 7 doesn't have the internal "plumbing" to see SHA256 signed.JS and .VBS Here's an example of what you might see when just looking at a signed .JS file inside Windows 7. Because of this, Endpoint Policy Manager -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) cannot use a SIGNATURE rule type when using .JS and .VBS files along with Windows 7. Two other notes: @@ -19,3 +19,5 @@ Two other notes: - SHA1 signed .JS and .VBS files should work in Windows 7. ![696_1_ghjklyhuouioui3333333](/images/endpointpolicymanager/troubleshooting/leastprivilege/696_1_ghjklyhuouioui3333333.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/wildcards.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/wildcards.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/wildcards.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/wildcards.md index b74216994b..ccac9be891 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/wildcards.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/wildcards.md @@ -28,3 +28,5 @@ with a 2: Syntax to substitute the name of any folder after Microsoft and the file name starts with a 2: ![667_4_image-20210316101118-3_940x391](/images/endpointpolicymanager/troubleshooting/leastprivilege/667_4_image-20210316101118-3_940x391.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/winscp.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/winscp.md similarity index 99% rename from docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/winscp.md rename to docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/winscp.md index 5ccb31469e..31bf95479a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/troubleshooting/winscp.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/troubleshooting/winscp.md @@ -32,3 +32,5 @@ To work around these issues, you can replace the FILE Info name with a wildcard, to the PRODUCT name "WinSCP" to account for the trailing spaces. ![884_3_image-20210816211638-3](/images/endpointpolicymanager/troubleshooting/leastprivilege/fileinfodeny/884_3_image-20210816211638-3.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/_category_.json index cb657b91c6..c96de79669 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/_category_.json index a9c8c958ee..ff69a244df 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/deleteicons.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/deleteicons.md index f2af57a873..ec129ea557 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/deleteicons.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/deleteicons.md @@ -7,4 +7,6 @@ sidebar_position: 10 Got pesky icons on desktop and want to let users self-delete them? Here's how to do it ! - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/modifyhosts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/modifyhosts.md index b9f16d43f0..f447a660fc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/modifyhosts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/modifyhosts.md @@ -8,4 +8,6 @@ sidebar_position: 20 Want to grant a particular application to be able to read, write or delete files, like editing the hosts file even when the user normally wouldn't have rights? Here's how ! - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/ntfspermissions.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/ntfspermissions.md index e85ebfb3e2..03bf031b40 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/ntfspermissions.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/ntfspermissions.md @@ -8,4 +8,6 @@ sidebar_position: 30 What if you dont know what applications your users are actually using? Use this tip to enlighten any application to overcome File ACLs. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/registry.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/registry.md index 62da0219ac..b7a3bf641d 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/registry.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/acltraverse/registry.md @@ -9,4 +9,6 @@ Got applications which won't work unless they have full admin rights? Or if they user, they might modify one portion of the registry which the standard user wouldn't normally have access? Netwrix Endpoint Policy Manager (formerly PolicyPak) ACL Traverse to the rescue. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/_category_.json index e76356bf6e..b8c691c509 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/applyondemand.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/applyondemand.md index 81cf91b262..46f53e67b6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/applyondemand.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/applyondemand.md @@ -8,7 +8,7 @@ sidebar_position: 120 If you have applications which SHOULD run most of the time with STANDARD RIGHTS, but SOMETIMES with elevated / admin rights, this is the technique to use. - + Hi, this is Jeremy Moskowitz. In this video, I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) to apply certain rules on demand. @@ -69,3 +69,5 @@ video. This video is about Apply On Demand. That other video is about Self Eleva Hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/autorulesfromadmin.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/autorulesfromadmin.md index 18628b4dd8..e86d7af1f4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/autorulesfromadmin.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/autorulesfromadmin.md @@ -9,4 +9,6 @@ sidebar_position: 40 After setting up Admin Approval you might want to convert those requests into automatic rules. Learn how to take inbound requests and immediately convert them into rules. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md index 7aebcd437e..18f0ed6ed1 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/branding.md @@ -8,4 +8,6 @@ sidebar_position: 140 Want to make the UI that end-users see more customized with your logo, colors, and messages? Then Netwrix Endpoint Policy Manager (formerly PolicyPak)'s branding feature to the rescue. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md index 951211bd29..b012be61b9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/demo.md @@ -8,4 +8,6 @@ sidebar_position: 10 Want to help your users when there is no rule in place, and maybe no Internet? It’s easy. Use Admin Approval to help users install applications. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/email.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/email.md index ef991499a0..5aebf8635f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/email.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/email.md @@ -10,4 +10,6 @@ introduced a method to enable your users to open the Admin Approval messages wit Check out this video for more details. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/enforce.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/enforce.md index b58a7e03a2..4186072acc 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/enforce.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/enforce.md @@ -8,7 +8,7 @@ sidebar_position: 50 Want to trap and require users to request permission when installing anything? Then use this setting; plus how to work around the byproduct of this setting. - + ### PPLPM Admin Approval: "Enforce Admin Approval for all installers" enabled @@ -79,7 +79,7 @@ going to do this is either use the Event Viewer or the PolicyPak logs. I'm going to use the PolicyPak logs to do it. In "AppData," "Local," "PolicyPak," if we go to "PolicyPak -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)" +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)" here, what you're looking for is the file "ppUser_operational.log." You're going to see what thing triggered that prompt. @@ -139,3 +139,5 @@ naturally because now we're going to start trapping for them. Hope this video helps you out, and looking forward to getting started real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/justificationandauthentication.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/justificationandauthentication.md index 0112887157..cf4f55204b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/justificationandauthentication.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/justificationandauthentication.md @@ -13,6 +13,8 @@ the number of times executed to remember. See this video for additional information. - + ![Remember Justification and Authentication](/images/endpointpolicymanager/video/leastprivilege/selfelevatemode/rememberjustificationandauthentication.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/longcodes.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/longcodes.md index 73383d5af8..04d0630292 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/longcodes.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/longcodes.md @@ -9,7 +9,7 @@ Want more details about what processes users are attempting to launch? Then use Policy Manager (formerly PolicyPak)'s Email / Long codes function. Users send emails. Admins approve. UAC prompts are overcome. Poof. Easy. - + Hi, this is Jeremy Moskowitz and in this video, I'm going to show you how you can use email to authorize items using Endpoint Policy Manager Least Privilege Manager. In a previous video, I set up @@ -58,3 +58,5 @@ In this way the email version gives you more information and a workflow that you anytime. In this way, nobody has to be at the help desk at present in order for this to achieve. You can do it in asynchronous time. Hope this feature helps you out and looking forward to getting you started real soon with Endpoint Policy Manager. Thanks. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/overrideselfelevate.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/overrideselfelevate.md index 9f7ec84a5c..7481bdb2f2 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/overrideselfelevate.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/overrideselfelevate.md @@ -10,4 +10,6 @@ Do you have a specific rule you want to override against a blanket Self Elevate is that explicit rules will win, but if you need to fall-back and let Self Elevate win, we've added this feature for you. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/reauthenticate.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/reauthenticate.md index 4d1094b11f..95db5f3cb4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/reauthenticate.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/reauthenticate.md @@ -9,4 +9,6 @@ Want increased security when end-users utilize Self Elevate method? When enabled dialog will re-enforce them to use the same credentials they used when logging onto the box: AD, PIN, FINGERPRINT, FACE, whatever. Then after this, they are able to re-authenticate. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/securecopy.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/securecopy.md index 14079941e2..2067423287 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/securecopy.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/securecopy.md @@ -13,7 +13,7 @@ locations on the local computer. The net result is that applications which need writable locations to perform their installs or runs may do so in an elevated state; where they would not able to run within the UNC share. - + Hi, this is Jeremy Moskowitz. In this video, I'm going to talk to you about Endpoint Policy Manager's Secure Copy and Least Privilege Manager. @@ -95,3 +95,5 @@ rescue. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevate.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevate.md index 6260839f3b..ef443c17f4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevate.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevate.md @@ -9,4 +9,6 @@ sidebar_position: 110 If you'd prefer the double-click behavior to be Self Elevate instead of UAC prompts or Admin Approval here's how to adjust and decide which behavior you want. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevatedemo.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevatedemo.md index 8e0a9268e6..2109efc4c8 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevatedemo.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/selfelevatedemo.md @@ -10,4 +10,6 @@ if you want to take away local admin rights, but still give users the ability to if they have an emergency. This technique isn't generally recommended due to a potential lowering of your security posture, but it can be very useful for the right circumstances. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/setup.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/setup.md index 397499b26d..9cad389f2e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/setup.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/adminapproval/setup.md @@ -7,4 +7,6 @@ sidebar_position: 20 Learn how to set up Admin Approval mode. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/_category_.json index 1fdad8d1a9..c2b6dc52f0 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/applicationcontrol.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/applicationcontrol.md index 7144d8a76f..37362e5a5b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/applicationcontrol.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/applicationcontrol.md @@ -6,12 +6,12 @@ sidebar_position: 60 # Endpoint Policy Manager Application Control with PP Least Privilege Manager You want Secure Application Control and to block malware and exploits. Endpoint Policy Manager -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) does this in a few clicks. You're in charge to specify what executables, scripts, Java, MSIs and other types of files will run, or not. Block PowerShell and Command Prompt (CMD), and a whole lot more. - + ### Endpoint Policy Manager Application Control with PP Least Privilege Manager @@ -289,3 +289,5 @@ that's about it. If you have any questions, we're here to help. Thanks for watch long video, but I hope you get to the goal and that gets you want you need. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/autorulesgeneratortool.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/autorulesgeneratortool.md index 1942c6ddb9..75f7e6f851 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/autorulesgeneratortool.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/autorulesgeneratortool.md @@ -9,13 +9,13 @@ Once PPLPM and SecureRun are on, users are blocked from running unwanted stuff. create some rules automatically to ALLOW or ELEVATE applications and installations? Check out this free tool from Netwrix Endpoint Policy Manager (formerly PolicyPak) ! - + ### PPLPM: Auto Rules Generator Utility Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can automatically and quickly generate rules -for[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +for[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) using our Automatic Rule Generator utility.You're going to find this utility in your download here in the "PolicyPak Extras" folder. I'm going to go into that in just a minute, but here it is: "PolicyPak LPM Auto Rule Generator Tool." @@ -215,3 +215,5 @@ Remember, this is a free tool available as part of the download. When you get th included inside the download in the "PolicyPak Extras" folder. There you go. I hope this helps you out. Looking forward to seeing you on board real soon. Bye. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md index ab1a087632..1380924fa1 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/comsupport.md @@ -9,4 +9,6 @@ Do you have UAC prompts with "well known" or "custom" COM / CSLIDs you need to o video you'll see how to overcome COM based UAC prompts by finding the GUID and using GPOs or PolicyPak Cloud or an MDM service to overcome these prompts. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md index 52039f0689..7450e7d301 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/feature.md @@ -13,7 +13,7 @@ using Netwrix Endpoint Policy Manager (formerly PolicyPak) SecureRun. With Secur letting applications run if they were “properly installed” or otherwise sanctioned by you. Check out this video, and block all unknown Malware and zero-day threats. - + ### PolicyPak MDM: Using Least Privilege Managers SecureRun Feature @@ -107,3 +107,5 @@ that’s how you’re going to smack that right down but then maybe allow someth know to be good. Thanks for watching, and we’ll see you in the next video. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md index b9f9ec5b6f..7f56a5ea6d 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/installapplications.md @@ -8,9 +8,9 @@ sidebar_position: 40 Need Standard Users to install their own applications? We've got some preconfigured knowledge for that, and it's a simple drag and drop to get started. Let users install iTunes or any software you like.. using PP -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html). +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html). - + ### PPLPM: Installing applications-and-Preconfigured-Rules Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager to let users that are standard users install their own applications. By way of example, here's "iTunes." They may need to install iTunes. That's too bad for them because there's the UAC prompt and they get rejected. @@ -46,3 +46,5 @@ looking forward to getting you started with a trial of Endpoint Policy Manager L Manager. Thanks. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md index 002c452cf8..c6f8138f42 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/localadminrights.md @@ -12,4 +12,6 @@ your endpoint security for Windows machines. PPLPM: Run applications without local admin rights - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md index 41081ba85d..eaf18d30be 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/removelocaladmin.md @@ -10,7 +10,7 @@ then remove the source using in-box GPpreferences. Then use Netwrix Endpoint Pol (formerly PolicyPak) to elevate your now-standard-users to keep doing the (admin like) things they always have. - + ### Endpoint Policy Manager: Use Group Policy to remove local admin rights – then Endpoint Policy Manager to enable Least Privilege @@ -20,7 +20,7 @@ Manager to get out of the local admin rights business. The question I get from time to time is, "I really want to do Least Privilege and I get the general gist of what the Endpoint Policy Manager -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) product does, but how do I actually get to the Promised Land of no local admin rights? How do I do that?" @@ -167,3 +167,5 @@ everywhere. So that's it. I hope that helps you out and that gets you to the goal with Endpoint Policy Manager Least Privilege Manager. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/uacpromptsactivex.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/uacpromptsactivex.md index 4c2cf84bdb..829c7c436e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/uacpromptsactivex.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/uacpromptsactivex.md @@ -10,4 +10,6 @@ you still have Active X controls. So Manage that situation with Netwrix Endpoint (formerly PolicyPak). See how easy it is to get those ActiveX controls installed with rules ... with Endpoint Policy Manager ! - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/userfilter.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/userfilter.md index 81dc2e43dd..d0c3823498 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/userfilter.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/basicsandgettingstarted/userfilter.md @@ -8,14 +8,14 @@ sidebar_position: 30 You might want to link policies to a gaggle of computers, but then dole out elevations by USER or by USER GROUP. See how in this video. (PP CSE 1434 and later). - + ### PolicyPak Least Privilege Manager: Link to Computer, Filter by User Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can use Endpoint Policy Manager -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) to dictate who can do what on a desktop in terms of privilege. In this example, what I want to show you is that I'm a standard user, "eastsalesuser1." If you're @@ -64,3 +64,5 @@ filter based on user or user group membership. So that can give you a lot of ama I hope this helps you out. If you're looking to get started with Endpoint Policy Manager Least Privilege Manager, get in touch and we'll get you signed up. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/_category_.json index f077ebe18b..94d947f7f0 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/appblock.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/appblock.md index 6a87c3f852..7f59e26492 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/appblock.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/appblock.md @@ -9,7 +9,7 @@ If you're in charge of your domain, you can block local and other domain admins applications you want to be elevated via Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Priv manager. See the video for details. - + Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can enable your users to double click on items to install them in their context but elevated but prevent other admins like @@ -108,3 +108,5 @@ way they want. Hope this video helps you out. Looking forward to helping you get started real soon. Thank you very much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevateuwp.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevateuwp.md index 7f89412dbd..a16f6d7a45 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevateuwp.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevateuwp.md @@ -8,4 +8,6 @@ sidebar_position: 20 PPLPM can elevate UWP applications. See the best practices in this video before you get started. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md index a121c1d9a1..618d853608 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/elevatinguserbasedinstalls.md @@ -8,7 +8,7 @@ sidebar_position: 10 Don't provide TOO MANY rights with PP Least Priv manager. This video goes over some best practices on what to do and what NOT to do with PPLPM and user-self installs with MSIs and EXEs. - + ### PPLPM: Best Practices for Elevating User-Based Installs @@ -79,7 +79,7 @@ it updated themselves. Does that make sense? As long as it's iTunesSetup signed So "itunes setup installed by apple," now we're getting somewhere. This is the least rule possible in order to make it -happen, [Least Privilege Manager](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html). +happen, [Least Privilege Manager](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html). Okay, we'll go ahead and close that out and then we'll go ahead and try "iTunes" and see if it all matched up and all worked. Ten seconds ago, we got a UAC prompt. No more UAC prompt. It continues onward. @@ -206,3 +206,5 @@ elevated, not just the installers for the actual applications themselves. I hope this clears up some things and helps you get started doing best practice with Least Privilege Manager. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/msi.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/msi.md index 5e9a6ae420..7876f5e68a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/msi.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/msi.md @@ -9,4 +9,6 @@ sidebar_position: 30 With Endpoint Policy Manager and UWP rules you can elevate an MSI that comes from the Windows Store. See how in this video. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md index cf6fa3fda4..06780e0baa 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/opensavedialogs.md @@ -10,4 +10,6 @@ handled. You can turn them on and off and open up some extra locations if needed want to control the File/Open or File/Save dialog as something specific to tighten and ensure child processes cannot be launched from there. (Required MMC and CSE and build 3000 or later.) - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/powershellblock.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/powershellblock.md index 3d2a01fe3f..273e1ce978 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/powershellblock.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/powershellblock.md @@ -9,7 +9,7 @@ Powershell on desktops? Terrible idea. Except when you need it. Check out this v kill PowerShell (generally) but open it up to allow specific. PS1 scripts to run as you need them to. With Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager, it's easy ! - + Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can put the full smackdown on PowerShell and also open up PowerShell for very specific scenarios. @@ -77,3 +77,5 @@ If you're looking to get started with PolicyPak, we want to help you to help you soon. So give us a buzz or fill out a form, and we'll be in touch and we'll get you started. Thank you very much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md index 72a91a3199..8cf3ef4e77 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/securitychildprocesses.md @@ -5,7 +5,7 @@ sidebar_position: 40 --- # Security and Child Processes - + ### Transcript:Security and Child Processes @@ -179,3 +179,5 @@ apply to child processes, at least you have these extra thumbscrews to turn such can't jump out and run additional processes that you do not want elevated. All right, hope this helps you out. Thank you very much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/selfelevatemode.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/selfelevatemode.md index 38b5214faf..f1be5426de 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/selfelevatemode.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/selfelevatemode.md @@ -10,7 +10,7 @@ if you want to take away local admin rights, but still give users the ability to if they have an emergency. This technique isn't generally recommended due to a potential lowering of your security posture, but it can be very useful for the right circumstances. - + Hi, this is Jeremy Moskowitz, and in this video we're going to talk about how to use PolicyPak Least Privilege Manager Self-Elevate Mode. Now before I get too far into it, I want to advise against @@ -139,3 +139,5 @@ figure out what you can then make rules for and then eventually turn off self-el So I hope this gets you to where you need to go and looking forward to seeing you in PolicyPak land real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/serviceaccountrights.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/serviceaccountrights.md index 28ac09b3a7..838a304d6f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/serviceaccountrights.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/serviceaccountrights.md @@ -8,7 +8,7 @@ sidebar_position: 70 Most services run under Local System which is WAY too much privileges. Instead, use PPLPM to specify exactly the right permissions for your services, including the token and access your service needs. - + Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can manipulate a service account to have reduced privileges for exactly the right things you need instead of having maybe @@ -123,3 +123,5 @@ have to run with local service account access if that's what you want to on your Hope this helps you out. Looking forward to helping you get started real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/usersystemexecutables.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/usersystemexecutables.md index fe9c421e60..2218490a13 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/usersystemexecutables.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/usersystemexecutables.md @@ -8,7 +8,7 @@ sidebar_position: 90 Want to really put the smackdown on malware? Use SecureRun on both the User AND System side. See this video for details. - + Hi. This is Jeremy Moskowitz. in this video, I'm going to show you how you can use the PolicyPak Least Privilege Manager to dictate how to shore up a security hole on the computer side using @@ -87,3 +87,5 @@ Hopefully, this helps you out, and then you can continue on to the next video to more items around the User and System Processes scope policy. Thank you very much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md index 8e0fc4f364..39f9ce58fa 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/wildcards.md @@ -9,4 +9,6 @@ If you want to use ELEVATE or ALLOW AND LOG rules but the underlying certificate here's a technique that will help you out. CAREFULLY follow the directions to get this work as expected. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/_category_.json index c6d3da5762..fdefac02f9 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/_category_.json @@ -3,4 +3,4 @@ "position": 90, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/denyselfelevate.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/denyselfelevate.md index a6a1a8a5d4..76faefc411 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/denyselfelevate.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/denyselfelevate.md @@ -9,4 +9,6 @@ sidebar_position: 40 Want to allow Self Elevate but deny specific vendors' software, like Oracle Java so developers can't install them? See how in this video! - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/microsoftrecommendations.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/microsoftrecommendations.md index eb3cf51787..6bbf181a05 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/microsoftrecommendations.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/microsoftrecommendations.md @@ -12,4 +12,6 @@ implement and follow these rules! You will see where you can get the XML for your infrastructure, and how it can be implemented via Endpoint Policy Manager Least Privilege Manager. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/printeruacprompts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/printeruacprompts.md index 3b87519753..c7098eb770 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/printeruacprompts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/printeruacprompts.md @@ -8,7 +8,7 @@ sidebar_position: 20 PrintNightmare UAC prompts got you down? Here's your get-out-of-jail-free card. Only when you're a Netwrix Endpoint Policy Manager (formerly PolicyPak) Customer. - + Hi, this is Jeremy Moskowitz. In this video I'm going to show you how you can overcome the print nightmare nightmare. Here's an example of a computer that's trying to connect to a standard user @@ -45,3 +45,5 @@ the item installed, and that's it. You're ready to go. Print nightmare overcome. This should work for most drivers in most cases. You're off to the races. Hope this video helps you out. Looking forward to getting you started overcoming print nightmare with Endpoint Policy Manager Least Privilege Manager real soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/winget.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/winget.md index f7a96c3097..a5080e0aa4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/winget.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/businesssolutions/winget.md @@ -8,7 +8,7 @@ sidebar_position: 10 Learn how you can use Application Manager in your MDM environment to manage a myriad of settings for commonly used applications such as Firefox and Java! - + Hi, this is Jeremy Moskowitz. In this video, I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) with winget. Winget is also known as the Windows Package Manager @@ -142,3 +142,5 @@ Hopefully, in this video you got three great ideas on how to use Endpoint Policy use the Scripts manager, the Least Privilege Manager with a particular rule or the blanket rules if you want to go bananas and let users install anything with winget and overcome UAC prompts. Hope this helps you out. Thank you very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/_category_.json index 12da7eb8ef..3cd1d616d3 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/_category_.json @@ -3,4 +3,4 @@ "position": 80, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/cloudevents.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/cloudevents.md index 2fdcc7e0c0..203acd090d 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/cloudevents.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/cloudevents.md @@ -5,4 +5,6 @@ sidebar_position: 30 --- # Endpoint Policy Manager Cloud + PPLPM + Events: Collect Events in the Cloud - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md index 1c50aab50a..3f4195d2f0 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/discovery.md @@ -10,7 +10,7 @@ out what users are doing with those admin rights, so you can transition from Loc User. Use this same technique to transition to SecureRun, so users cannot run applications that were not installed by IT staff. - + ### Transcript: Use Discovery to know what rules to make as you transition from Local Admin rights @@ -162,3 +162,5 @@ IDs and route them through to automatically create rules. Okay, I hope this helps you out. Thank you very much and looking to help you get started with PolicyPak Least Privilege Manager real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/events.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/events.md index 6a064d18a1..5301a16557 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/events.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/events.md @@ -7,7 +7,7 @@ sidebar_position: 10 Learn about the Eventing System in PolicyPak Least Privilege Manger. - + ### Transcript:  Least Privilege Manager: Events @@ -90,3 +90,5 @@ something like Splunk to paw through them and get pretty charts and graphs and s this is a very quick tour to help you get on your way. Hope this gets you on the right path. Thank you very much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md index 56981f8ad9..95f9d707a1 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/globalauditevent.md @@ -9,7 +9,7 @@ In this video learn how to make a workflow between EVENTS in the endpoint event management station. Just make the event occur, then copy and paste, and Netwrix Endpoint Policy Manager (formerly PolicyPak) does the rest. - + Hi, this is Jeremy Moskowitz. In this video I'm going to show you how you can use Global Audit Policy to turn on auditable events and then take those auditable events and feed it back into Least @@ -135,3 +135,5 @@ you've got those events all lined up in your event viewer like I just showed you this data, right click, copy the text to the event, and smash it right in. Bang, you've got your workflow all set up. I hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Least Privilege Manager real soon. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/preventevents.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/preventevents.md index 821da3a02c..fa9675fd98 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/preventevents.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/preventevents.md @@ -14,6 +14,8 @@ before turning on SecureRun to know what to expect before SecureRun is used. See this video for additional information. - + ![Prevent Events](/images/endpointpolicymanager/video/leastprivilege/preventevents.webp) + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/windowseventforwarding.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/windowseventforwarding.md index 33caef9f8f..67fbbd2729 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/windowseventforwarding.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/windowseventforwarding.md @@ -9,13 +9,13 @@ In this video, you'll learn the steps you need to do in order to set up event fo and by using your existing infrastructure, you can collect interesting events which come out of Netwrix Endpoint Policy Manager (formerly PolicyPak). - + ### Endpoint Policy Manager: Using Windows Event Forward to search for interesting events Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can do event forwarding for any kind of application, including Endpoint Policy Manager -[Least Privilege Manager](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html). +[Least Privilege Manager](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html). This can help you decide what things you need to make rules for. By way of example, let's say you have a user who double clicks on something that requires a UAC @@ -195,4 +195,4 @@ throwing UAC prompts and help you create rules to bypass them, you can do that r Thank you very much for watching, and talk to you soon. Related -article: [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md) +article: [How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md) diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/_category_.json index ccaf18cc15..69f9d3176f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/helperdesktopshortcut.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/helperdesktopshortcut.md index 347ceb3fb9..3e621d9950 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/helperdesktopshortcut.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/helperdesktopshortcut.md @@ -8,7 +8,7 @@ sidebar_position: 30 Here's how to get all the PPLPM "Helper tools" affixed to the desktop using GPPrefs. (Also works for PP Cloud and MDM when you export the settings.) - + ### Getting the helper tools as desktop shortcuts @@ -94,3 +94,5 @@ thing at the right time. I hope this helps you out. Looking forward to getting y PolicyPak Least Privilege Manager real soon. Thanks. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/ntprintdialog.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/ntprintdialog.md index 4bcba3700f..dadb347b87 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/ntprintdialog.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/ntprintdialog.md @@ -5,4 +5,6 @@ sidebar_position: 40 --- # Endpoint Privilege Manager: Install Printers via Native NTPRINT Dialog - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/toolssetup.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/toolssetup.md index 0f11a3e765..1582d8d2da 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/toolssetup.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/toolssetup.md @@ -8,7 +8,7 @@ sidebar_position: 20 Learn how to set up the PP Least Privilege Manager Helper tools, so users can overcome UAC prompts for Printers, Network Adapters and uninstall software. - + Hi, this is Jeremy, and in this video, I'm going to show you how you can set up the tools, the Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager tools using @@ -80,3 +80,5 @@ that's done, let's rerun the programs, and there we go. We just have these items right click and Uninstall something, we're allowed to do it because we're permitting those items. With that in mind, hope this – hope getting the tools set up helps you out. Looking forward to getting you started real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md index a2fb3ca605..0d4460b31f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/uacprompts.md @@ -9,7 +9,7 @@ Very often, users need to be able to manage their own network cards, printers wi remove software which is installed on the machine. With Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Priv Manager, you can do all three, super duper easy. Check it out here. - + ### Overcome Network Card, Printer, and Remove Programs UAC prompts @@ -99,3 +99,5 @@ Hope this helps you out and you're ready to get started with Endpoint Policy Man Manager real soon. Thanks so much for watching. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/wingui.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/wingui.md index 7db9a15c82..f9e263bd6b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/wingui.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/helperstoolsandtips/wingui.md @@ -5,4 +5,6 @@ sidebar_position: 50 --- # Endpoint Privilege Manager: Edit IP SETTINGS EDIT VIA WIN GUI - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/_category_.json index cc9ea8bf5d..df4cb07123 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/denymessages.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/denymessages.md index 4a2dcebf70..e9fc93f9ad 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/denymessages.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/denymessages.md @@ -8,7 +8,7 @@ sidebar_position: 50 If you're blocking a desktop or UWP application, you can now choose to display a standard blocked message, a custom message, or just block the application silently with no message at all! - + Hi, this is Whitney with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software. In this video we are going to talk about the ability to create custom messages when you choose to deny a @@ -48,3 +48,5 @@ That is usually a good idea if you are having someone run a program that may try where it might throw a block message even though the user didn't click on anything. You may have something run silently so that people don't get hit with messages they didn't click on, so that's that. I hope this video helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/installfonts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/installfonts.md index f70d13ac52..900874f879 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/installfonts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/installfonts.md @@ -8,7 +8,7 @@ sidebar_position: 20 How do enable users to install their own fonts? With Netwrix Endpoint Policy Manager (formerly PolicyPak) of course! Check out this video to see how its done. - + ### PolicyPak: Enable end-users to install their own fonts. @@ -45,3 +45,5 @@ able to install the font here as well. Okay, I hope it helps. Thank you. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/itemleveltargeting.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/itemleveltargeting.md index 08511f411a..9deba253e5 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/itemleveltargeting.md @@ -9,7 +9,7 @@ Maybe you don't want a Least Privilege rule to apply everywhere the GPO is linke the power of Item Level Targeting and filter who gets it based upon computer, group membership, IP address and more. - + ### PPLPM: Use Item Level Targeting to hone in when rules apply @@ -54,3 +54,5 @@ condition occurs. You can see that we do a little color change to orange wheneve targeting is on. I hope this helps you get started with item-level targeting. It's super powerful, so use it wisely. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventedge.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventedge.md index 99a01450a7..4a456d0b23 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventedge.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventedge.md @@ -8,7 +8,7 @@ sidebar_position: 60 Don't remove EDGE from your image. Instead, just block Edge from running. Using Netwrix Endpoint Policy Manager (formerly PolicyPak). See this video for how to. - + ### Endpoint Policy Manager Least Priv Manager- Prevent Edge from Launching @@ -24,7 +24,7 @@ bad way. I'm going to show you instead how you can, when you click on Edge, prevent Edge from launching at all. We're going to do that using Endpoint Policy Manager -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html). +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html). The trick is just knowing the name of "Microsoft Edge" and where it is and how it is launched. I've already got that name of the application here. Now this middle section may change from time to @@ -65,3 +65,5 @@ automagically blocked and that gets you to your goal. Hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventunsigned.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventunsigned.md index e1984a716e..812c258f71 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventunsigned.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventunsigned.md @@ -8,7 +8,7 @@ sidebar_position: 90 Unsigned apps? Bah. If they're not signed, make sure they don't run. Use one checkbox and PolicyPak SecureRun makes it happen. - + Hi, this is Jeremy Moskowitz, and in this video, we're going to talk about an increased security feature to PolicyPak SecureRun. In other videos, you saw me turn on PolicyPak SecureRun, which will @@ -46,3 +46,5 @@ that run through anyway, but this version is also going to just be blocked. Okay you've got your bases covered. Nice new feature helping make your world even more secure than it was before that. Hope this helps you out. Looking forward to getting you started with PolicyPak real soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventusercommands.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventusercommands.md index 67614f8426..d952f6508b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventusercommands.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/preventusercommands.md @@ -8,13 +8,13 @@ sidebar_position: 70 Customer requested demo to show how to block users from running Chrome or Firefox with specific command line options. - + ### Endpoint Policy Manager: Prevent Users Running some commands with command lines Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak) -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) to prevent users from doing naughty things like running Firefox or Chrome with specific flags that might work around your security. @@ -71,3 +71,5 @@ not intend them to. I hope this video helps you out. If you're looking to get started, the best first step is to join us for the webinar and after that we'll hand over the bits and you can try it yourself. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/scripts.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/scripts.md index b3147d8da3..6da5df1a28 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/scripts.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/scripts.md @@ -9,13 +9,13 @@ If you want to prevent WannaCry and other malware, it's pretty easy. Just preven all scripts using Netwrix Endpoint Policy Manager (formerly PolicyPak). But then how do you PERMIT other scripts and also ELEVATE yet other scripts? In this video you'll find out in no time. - + ### PolicyPak: Elevate scripts and Java JAR files Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can manage the heck out of your scripts, PowerShell and Java using PolicyPak and -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html). +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html). Here's the example. Let's pretend you are the IT administrator here and you've deployed a couple of scripts that you want, but these scripts are a little special. When you double click them as a @@ -160,3 +160,5 @@ Just sign up for the webinar and once the webinar is over, we'll hand over the b it out yourself. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/securitycomborules.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/securitycomborules.md index 0688e24227..e428987751 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/securitycomborules.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/securitycomborules.md @@ -6,11 +6,11 @@ sidebar_position: 40 # More security with Combo Rules Netwrix Endpoint Policy Manager (formerly PolicyPak) -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) enables you to select multiple criteria for the action type. Watch this video to learn how it's done. - + ### PPLPM: More security with Combo Rules @@ -58,3 +58,5 @@ be that, together as a combo rule that gives you the magic you need. That will g security in a very wide variety of situations. I hope this helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/stopransomware.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/stopransomware.md index 85ce990792..cb8b142695 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/stopransomware.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/stopransomware.md @@ -13,4 +13,6 @@ using Netwrix Endpoint Policy Manager (formerly PolicyPak) SecureRun. With Secur letting applications run if they were "properly installed" or otherwise sanctioned by you. Check out this video, and block all unknown Malware and zero day threats. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/windowsuniversalapplications.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/windowsuniversalapplications.md index 9bce042754..9d6c65d20e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/windowsuniversalapplications.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/howtoandtechsupport/windowsuniversalapplications.md @@ -12,7 +12,7 @@ machines? This video shows you how to do it, AND let users still download SOME i as you see fit. You won't need the Microsoft Store for Business… when you're using this method to manage your Windows Universal applications. - + Hi, this is Whitney with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software. Are you tired of your users taking advantage of built-in UWP apps on Windows 10? Do you want to make sure @@ -90,3 +90,5 @@ whole publisher, and that's it. You're ready to rock. There you have it. That's how you can manage and allow or block specific UWP applications easily and efficiently using the Least Privilege Manager. If that's of interest to you, sign up for a one-hour webinar and we'll hand over the bits and get you started on your 30-day free trial. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/_category_.json index 49fae9fd12..419ba4e88e 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/_category_.json @@ -3,4 +3,4 @@ "position": 110, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/adminapproval.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/adminapproval.md index 1cbd8c0429..c7c8d26703 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/adminapproval.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/adminapproval.md @@ -9,4 +9,6 @@ Use these instructions to take your shared secret and get it to your Mac using N Policy Manager (formerly PolicyPak) Cloud. Then use the Windows Admin Approval tool to approve applications when users must call for approval. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationlaunch.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationlaunch.md index 4ea46e665a..346dd6ffa6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationlaunch.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationlaunch.md @@ -9,4 +9,6 @@ Want to control (Allow/Deny) which users can launch which applications? Here's h Netwrix Endpoint Policy Manager (formerly PolicyPak) LPM and Mac Client (alongside Endpoint Policy Manager Cloud.) - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationpackage.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationpackage.md index b749b329b3..b6e1ae4283 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationpackage.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/applicationpackage.md @@ -10,4 +10,6 @@ Got Macs and need to do Least Privilege Functions upon them? Then use Netwrix En Manager (formerly PolicyPak) for Mac which hooks into Endpoint Policy Manager Cloud and remove local admin rights for Macs! - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/cloudinstall.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/cloudinstall.md index ded402e511..484f0beea8 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/cloudinstall.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/cloudinstall.md @@ -8,4 +8,6 @@ sidebar_position: 10 Got Macs and want to get PolicyPak installed quickly? Here's your guide! - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/collectdiagnostics.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/collectdiagnostics.md index 41dbac3bee..9c4ca6f7ca 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/collectdiagnostics.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/collectdiagnostics.md @@ -9,4 +9,6 @@ sidebar_position: 140 Automatically locate all relevant Endpoint Policy Manager for Mac logs and get them Zipped up and ready for investigation by the Endpoint Policy Manager team. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/eventscollector.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/eventscollector.md index c7a828dcfc..cd48d0e003 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/eventscollector.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/eventscollector.md @@ -8,4 +8,6 @@ sidebar_position: 80 Want to send your Mac client details up to Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud for storage and processing? Here is how you do it. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/finder.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/finder.md index 46ee6345bc..5f7f6c5a4f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/finder.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/finder.md @@ -10,4 +10,6 @@ Need to deliver Applications to the /Applications folder, or specific files to s folders? This Netwrix Endpoint Policy Manager (formerly PolicyPak) for MacOS enables you to overcome system and admin requirement rights by specifying which users can add files to what folders. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/macjointoken.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/macjointoken.md index bf5cf7cc97..40b576ca38 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/macjointoken.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/macjointoken.md @@ -9,4 +9,6 @@ sidebar_position: 20 Create a Jointoken in Endpoint Policy Manager, then use the Mac client to automatically place the endpoint in one or more groups. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmounpart2.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmounpart2.md index 2a207cd03e..488f9d9df3 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmounpart2.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmounpart2.md @@ -9,4 +9,6 @@ sidebar_position: 110 This is Part II where you can learn some advanced parameters which you can mix and match to dial in the exact experience you want with Mac mounting, unmounting and elevation. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmountpart1.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmountpart1.md index 9d2af69edf..20f0e8c54b 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmountpart1.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/mountunmountpart1.md @@ -10,4 +10,6 @@ Take a quick tour of Netwrix Endpoint Policy Manager (formerly PolicyPak) Least for Mac showing Mount/Unmount with Allow, Block, and Elevate for USB and DMG. Then proceed to part II video for even more options. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/policycandidates.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/policycandidates.md index 3595951359..7ad114bd5c 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/policycandidates.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/policycandidates.md @@ -16,4 +16,6 @@ It allows Mac admins to: - Search for applications on a Mac hard drive - Use Endpoint Policy Manager Log to make XMLs - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/privilege.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/privilege.md index 3b48a429ec..2a31d9611f 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/privilege.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/privilege.md @@ -9,4 +9,6 @@ sidebar_position: 130 Got applications which launch that need admin rights to install their MacOS helper apps? Here's how to overcome that problem! - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/sudosupport.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/sudosupport.md index ea7a4fd57f..329e2390c1 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/sudosupport.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/sudosupport.md @@ -8,4 +8,6 @@ sidebar_position: 50 Want to automatically have commands which operate SUDO in Macland? Here's a quick video to demonstrate ELEVATE (most common), DENY and also ALLOW rules. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/systemsettings.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/systemsettings.md index dd452fb119..4866ed3ae3 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/systemsettings.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/systemsettings.md @@ -9,4 +9,6 @@ sidebar_position: 40 If you have MacOS and want to overcome the System Settings prompts which require administrative rights; watch this video to see how its done. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/wildcards.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/wildcards.md index 6031f418c6..31488fd9ff 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/wildcards.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/wildcards.md @@ -8,4 +8,6 @@ sidebar_position: 60 Here's another method on how to use Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Mac client with Endpoint Policy Manager Cloud and imeplement SUDO rules with Wildcard examples. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/_category_.json index 911af3206e..4283b8cf5a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/cloudrules.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/cloudrules.md index 9dbae62fbb..d3b3ac2b9a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/cloudrules.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/cloudrules.md @@ -10,7 +10,7 @@ rights? Is this 1998? No, and with Endpoint Policy Manager Cloud and Endpoint Po Privelege manager you can remove local admin rights, but ensure that Standard Users can do key tasks to keep doing their jobs and get into the places you need them to in the operating system. - + Hi, this is Whitney with Endpoint Policy Manager Software. Have you seen the latest and greatest Least Privilege Manager features and you're wondering how that works with our Endpoint Policy @@ -68,3 +68,5 @@ started this video, Reflect would throw a UAC prompt, and now by using Least Pri the Endpoint Policy Manager Cloud, we have managed to elevate this application on a non-domain joined machine. If that is of interest to you, sign up for our webinar, and once you're done, we will hand over the bits and get you started on your 30-day free trial. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/mdm.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/mdm.md index 258bb7ffaf..cfd208f24c 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/mdm.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/mdm.md @@ -8,7 +8,7 @@ sidebar_position: 20 Use your own MDM solution to deploy rules which enable Standard Users to do things that only admins can! - + Hi, this is Whitney with Netwrix Software. Have you seen all of the great Least Privilege Manager features and wondered how that works with our MDM edition? We've got you covered. You can create @@ -74,3 +74,5 @@ using Least Privilege Manager with your own MDM service we managed to elevate th non domain-joined MDM enrolled machine. If this is as awesome to you as it is to me, sign up for our webinar, and we'll hand over the bits and get you started on a 30-day free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeploy.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeploy.md index d46498a528..849d486965 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeploy.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeploy.md @@ -13,7 +13,7 @@ Manager. With the Endpoint Policy Manager Least Privilege Manager, the applicati PDQ can then run with admin rights. See this video to learn how to elevate applications, the operating system, and also let users occasionally install their own specialty software when needed. - + ### Deploying Apps that Require Admin Rights Using PolicyPak and PDQ Deploy @@ -199,3 +199,5 @@ Brigg: So this is wonderful stuff. Jeremy: Thanks so very much. Brigg: Thank you. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeployblockmalware.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeployblockmalware.md index 8f033c8c9c..a094d9b000 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeployblockmalware.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/methods/pdqdeployblockmalware.md @@ -12,7 +12,7 @@ Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager to ensure u any ol' application they happen to grab from the Internet. Prevent the attacks in advance, instead of cleaning up a white hot mess. - + ### Blocking Malware with PolicyPak and PDQ Deploy @@ -147,3 +147,5 @@ would expect. Jordan: All right, well, thank you for tuning in. For Jeremy, I'm Jordan from PDQ.com. Jeremy: Thanks so very much. + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/_category_.json b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/_category_.json index 277c5036dc..4b5bac5db4 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/_category_.json +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/_category_.json @@ -3,4 +3,4 @@ "position": 100, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/license.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/license.md index 807abf81d3..6019f2ab50 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/license.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/license.md @@ -10,4 +10,6 @@ Want to experiment with the remainder of Endpoint Policy Manager features but do trial license for a lot of machines? Learn how licensing works "for free" with NPS and Endpoint Policy Manager here. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecure.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecure.md index 3507d3bd4d..88b336034a 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecure.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecure.md @@ -10,4 +10,6 @@ snap-in to install, how to upgrade if desired, how to install the Engine, and th you'll need to turn the client side piece on to make it "go." Other videos will show other kinds of policies but this is the place to get started FIRST. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecureclient.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecureclient.md index a45516c86e..1eb5791423 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecureclient.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/privilegesecureclient.md @@ -10,4 +10,6 @@ programs or act as domain administrator, you can do it quickly and easily when y Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager and Netwrix Privilege Secure for Access Management. See this video for immediate demos and the base hit setup. - + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/selfelevatemode.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/selfelevatemode.md index 3fa50ca3a7..a00f76a742 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/selfelevatemode.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/netwrixprivilegesecure/selfelevatemode.md @@ -9,4 +9,6 @@ sidebar_position: 30 With Endpoint Policy Manager you can use the power of the Self Elevate Feature in conjunction with the proxy and brokering of the Netwrix Privilege Secure Server. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/videolearningcenter.md index 3ec8b1eb0b..f349f3e1f6 100644 --- a/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/videolearningcenter.md @@ -119,3 +119,5 @@ See the following Video topics for more information on Least Privilege Manager. - [Endpoint Policy Manager MacOS: Mac Finder Policies](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/finder.md) - [Endpoint Policy Manager LPM for MacOS: Privilege Policies (for Helper Apps)](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/privilege.md) - [Collect Diagnostics](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/macintegration/collectdiagnostics.md) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/_category_.json b/docs/endpointpolicymanager/components/featuremanager/_category_.json index d743384097..8cc2c118e3 100644 --- a/docs/endpointpolicymanager/components/featuremanager/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/_category_.json @@ -3,4 +3,4 @@ "position": 6, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/_category_.json b/docs/endpointpolicymanager/components/featuremanager/manual/_category_.json index cd6b8d995f..980db1e24a 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/_category_.json b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/_category_.json index bb6fb59505..763b14eb90 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/collections.md b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/collections.md index 6c468c6f1d..60a3a287e5 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/collections.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/collections.md @@ -22,3 +22,5 @@ The only item you might want to change regularly is the **Reboot Mode**. For now You can see your collection added. ![quickstart_adding_and_removing_2](/images/endpointpolicymanager/feature/addremove/quickstart_adding_and_removing_2.webp) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/overview.md b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/overview.md index 3088ace099..e9dbe2a091 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/overview.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/overview.md @@ -9,7 +9,7 @@ sidebar_position: 20 :::note For some video overviews of Netwrix Endpoint Policy Manager (formerly PolicyPak) Feature Manager for Windows, see -[https://www.endpointpolicymanager.com/products/feature-manager-for-windows.html](https://www.endpointpolicymanager.com/products/feature-manager-for-windows.html). +[https://www.policypak.com/products/feature-manager-for-windows.html](https://www.policypak.com/products/feature-manager-for-windows.html). ::: @@ -42,3 +42,5 @@ Even if you're using Endpoint Policy Manager Cloud or MDM edition, you still nee create the policies within a GPO first. ::: + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/policies.md b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/policies.md index 95a73f2666..4999a3f16a 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/policies.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/policies.md @@ -102,3 +102,5 @@ Click **Next** through the remainder of the wizard, accepting the defaults. At this point you should have seven policies. ![quickstart_adding_and_removing_15](/images/endpointpolicymanager/feature/addremove/quickstart_adding_and_removing_15.webp) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/test.md b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/test.md index 9d5159bf22..aa5ec1f9d6 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/addremove/test.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/addremove/test.md @@ -24,3 +24,5 @@ result. ![quickstart_adding_and_removing_18](/images/endpointpolicymanager/feature/addremove/quickstart_adding_and_removing_18.webp) ![quickstart_adding_and_removing_19](/images/endpointpolicymanager/feature/addremove/quickstart_adding_and_removing_19.webp) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/_category_.json b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/_category_.json index 9ab1f3babb..d1555f2791 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/createcollection.md b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/createcollection.md index ed00d0db5c..4d9e416c71 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/createcollection.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/createcollection.md @@ -12,3 +12,5 @@ the screen shown below. This process is the same as creating a collection manual options are available. ![advanced_manipulations_of_6](/images/endpointpolicymanager/feature/advanced/advanced_manipulations_of_6.webp) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/deletepolicies.md b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/deletepolicies.md index f8aff4a014..90f70d3216 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/deletepolicies.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/deletepolicies.md @@ -16,3 +16,5 @@ feature, upon deletion, will not uninstall a feature. And a policy set to uninst deleted, will not reinstall a feature. ::: + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editcollection.md b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editcollection.md index 8e2c110eb6..1422017a44 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editcollection.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editcollection.md @@ -45,3 +45,5 @@ allows you to change three settings. - **Prevent** - Actively blocks reboots and does not prompt user. - **Allow** - Automatically reboots a machine, if required. - **Asks User** - Prompts the user if Windows determines a reboot is needed. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editpolicy.md b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editpolicy.md index ae0fdb4fa9..afa7a65e5f 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editpolicy.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/editpolicy.md @@ -19,3 +19,5 @@ In the bottom left corner, you can see the Item-Level Targeting button. This is next section in more detail. ![advanced_manipulations_of_2](/images/endpointpolicymanager/feature/advanced/advanced_manipulations_of_2.webp) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/mixedrule.md b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/mixedrule.md index 543ab9130c..72ba7a33e3 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/mixedrule.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/mixedrule.md @@ -15,3 +15,5 @@ features. We recommend first getting the hang of **Install Rule** and **Uninstall Rule**. Once you get a better understand of the UI, you can start using the **Mixed Rule**. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/overview.md b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/overview.md index 3e797454ae..e67dc9ddc9 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/advanced/overview.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/advanced/overview.md @@ -10,3 +10,5 @@ In this section we cover a few advanced topics. First, we explore some areas whe manipulate policies without the wizard. For instance, we'll start out by showing you how you can delete policies, edit policies, and edit collections without the wizard. Then, we will also explore the idea of **Mixed Rule** along with how to create collections within the wizard. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/feature/_category_.json b/docs/endpointpolicymanager/components/featuremanager/manual/feature/_category_.json index 81c84e7790..68664e39a2 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/feature/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/manual/feature/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/feature/events.md b/docs/endpointpolicymanager/components/featuremanager/manual/feature/events.md index 90b7141ce1..af29214ab8 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/feature/events.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/feature/events.md @@ -57,3 +57,5 @@ Windows Optional Feature Category - Event 752: Removing optional feature was completed. - Event 753: Optional feature progress is - \*. - Event 754: Removing optional feature failed. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/feature/logs.md b/docs/endpointpolicymanager/components/featuremanager/manual/feature/logs.md index 2be2f5253c..0d68448540 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/feature/logs.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/feature/logs.md @@ -63,6 +63,7 @@ you can open up the PPComputerOperational.log (see Figure 46) located at Figure 46. Log files showing when a policy installs and uninstalls items. -If needed, logs are automatically wrapped up and can be sent to -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) using the `PPLOGS.EXE` command on any endpoint +If needed, logs are automatically wrapped up and can be sent to support by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) using the `PPLOGS.EXE` command on any endpoint where the client-side extension (CSE) is installed. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/feature/overview.md b/docs/endpointpolicymanager/components/featuremanager/manual/feature/overview.md index 15d480b158..2ea21e6929 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/feature/overview.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/feature/overview.md @@ -7,3 +7,5 @@ sidebar_position: 60 # Troubleshooting In this section, we will talk about a few tips and troubleshooting methods. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/gettoknow.md b/docs/endpointpolicymanager/components/featuremanager/manual/gettoknow.md index e95d751735..03a9a49ce2 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/gettoknow.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/gettoknow.md @@ -25,3 +25,5 @@ The functions of collections and policies are as follows: Both collections and policies may have Item-Level Targeting, which is explained later, but you can target policies based upon the criteria that you specify. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/_category_.json b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/_category_.json index ac0f99bc29..ade406a00d 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/exportcollections.md b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/exportcollections.md index ecf6307883..36c1b32097 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/exportcollections.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/exportcollections.md @@ -17,7 +17,7 @@ select Export to XML. This will enable you to save an XML file for later use. :::note For a video demonstrating the use of Endpoint Policy Manager Feature Manager for Windows with Endpoint Policy Manager MDM see -[https://www.endpointpolicymanager.com/video/endpointpolicymanager-feature-manager-for-windows-mdm.html](https://www.endpointpolicymanager.com/video/endpointpolicymanager-feature-manager-for-windows-mdm.html). +[https://www.policypak.com/video/endpointpolicymanager-feature-manager-for-windows-mdm.html](https://www.policypak.com/video/endpointpolicymanager-feature-manager-for-windows-mdm.html). ::: @@ -29,7 +29,7 @@ also do this for an entire collection (not shown). :::note For a video showing how to export policies and use Endpoint Policy Manager Exporter, watch -[https://www.endpointpolicymanager.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html](https://www.endpointpolicymanager.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html). +[https://www.policypak.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html](https://www.policypak.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html). ::: @@ -43,3 +43,5 @@ function when the machine is domain-joined. For more information on how to use exported policies with Endpoint Policy Manager Cloud or Endpoint Policy Manager MDM see [Using Endpoint Policy Manager with MDM and UEM Tools](/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md). + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/overview.md b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/overview.md index 120eb899a7..bef6cc9fcc 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/overview.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/overview.md @@ -63,3 +63,5 @@ changed to orange, which shows that it now has Item-Level Targeting. When Item-Level Targeting is on, the policy won't apply unless the conditions are **True**. If Item-Level Targeting is on a collection, then none of the items in the collection will apply unless the Item-Level Targeting on the collection evaluates to **True**. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/processorderprecedence.md b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/processorderprecedence.md index e58e143833..4c2c85a856 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/itemleveltargeting/processorderprecedence.md @@ -39,3 +39,5 @@ overlap of policies. Here is how the precedence works: - Policies delivered through Endpoint Policy Manager files have the next highest precedence. - Policies delivered through Endpoint Policy Manager Group Policy directives have the highest precedence. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/overview.md b/docs/endpointpolicymanager/components/featuremanager/manual/overview.md index 99d5a7d00c..8e3db7ca5a 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/overview.md @@ -33,7 +33,7 @@ on Windows 10 or Windows Server (2016 and later): :::note Watch this video for an overview of Endpoint Policy Manager Feature Manager for Windows: -[https://www.endpointpolicymanager.com/video/endpointpolicymanager-feature-manager-for-windows.html](https://www.endpointpolicymanager.com/video/endpointpolicymanager-feature-manager-for-windows.html) +[https://www.policypak.com/video/endpointpolicymanager-feature-manager-for-windows.html](https://www.policypak.com/video/endpointpolicymanager-feature-manager-for-windows.html) ::: @@ -129,3 +129,5 @@ policy method you already employ. - For those using Endpoint Policy Manager Cloud and Endpoint Policy Manager MDM: Because your machines might be roaming, you can use Endpoint Policy Manager to deliver a new policy to install or uninstall a required feature. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/manual/windowsservers.md b/docs/endpointpolicymanager/components/featuremanager/manual/windowsservers.md index cf8a1020c7..8f56c82fa9 100644 --- a/docs/endpointpolicymanager/components/featuremanager/manual/windowsservers.md +++ b/docs/endpointpolicymanager/components/featuremanager/manual/windowsservers.md @@ -29,3 +29,5 @@ console. ![using_feature_manager_for_3](/images/endpointpolicymanager/feature/using_feature_manager_for_3.webp) ![using_feature_manager_for_4](/images/endpointpolicymanager/feature/using_feature_manager_for_4.webp) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/technotes/_category_.json b/docs/endpointpolicymanager/components/featuremanager/technotes/_category_.json index d50e383b71..77c2c1e4ae 100644 --- a/docs/endpointpolicymanager/components/featuremanager/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/technotes/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/technotes/knowledgebase.md b/docs/endpointpolicymanager/components/featuremanager/technotes/knowledgebase.md index 5355dec885..97fe03793a 100644 --- a/docs/endpointpolicymanager/components/featuremanager/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/components/featuremanager/technotes/knowledgebase.md @@ -11,3 +11,5 @@ See the following Knowledge Base articles for Feature Manager for Windows. ## Troubleshooting - [Endpoint Policy Feature Manager for Windows doesn't appear to be working and we're getting error code 0x800f0954. What can I try?](/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/code0x800f0954.md) + + diff --git a/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/_category_.json index 5a4bd8ada0..11c90f2c7f 100644 --- a/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/code0x800f0954.md b/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/code0x800f0954.md index 6a89e47891..864f3952ec 100644 --- a/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/code0x800f0954.md +++ b/docs/endpointpolicymanager/components/featuremanager/technotes/troubleshooting/code0x800f0954.md @@ -74,3 +74,5 @@ Stop: Did this work? Stop: Did this work? This is a small scale test just to see if it succeeds or fails here. ::: + + diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/_category_.json b/docs/endpointpolicymanager/components/featuremanager/videos/_category_.json index 77675c0c90..c3aa6c973f 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/_category_.json b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/_category_.json index 1e25e31abb..551de27705 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/_category_.json +++ b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/cloud.md b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/cloud.md index efefdfa0d0..6aa636f9e5 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/cloud.md +++ b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/cloud.md @@ -8,4 +8,6 @@ sidebar_position: 30 Come here to learn how to deploy Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Feature Manager for Windows using our Cloud service! - + + + diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/mdm.md b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/mdm.md index dac9eaca72..7ba3716b40 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/mdm.md +++ b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/mdm.md @@ -8,4 +8,6 @@ sidebar_position: 40 If you're using Netwrix Endpoint Policy Manager (formerly PolicyPak) Software's Feature Manager for Windows and want to deploy your policies using your own MDM service, here's how to do it! - + + + diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windows.md b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windows.md index d99ac4dd6c..fa18a14383 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windows.md +++ b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windows.md @@ -9,4 +9,6 @@ Add or Remove Windows Features and Optional Features, like SMB 1.0, XPS Viewer, anything else. Use Group Policy, Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud or MDM to do it. - + + + diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windowsservers.md b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windowsservers.md index c15d502737..b0789005b7 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windowsservers.md +++ b/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windowsservers.md @@ -8,7 +8,7 @@ sidebar_position: 20 Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Feature Manager for Windows works just as well for servers as it does for endpoints. Watch this video to see it in action! - + ### Feature Manager for Windows Servers @@ -90,3 +90,5 @@ endpoints. Hope that helps you out. If this is interesting to you, give us a buz bits over to you and give you a free trial right away. Thanks. + + diff --git a/docs/endpointpolicymanager/components/featuremanager/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/featuremanager/videos/videolearningcenter.md index 385a23b532..65fc6a1128 100644 --- a/docs/endpointpolicymanager/components/featuremanager/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/featuremanager/videos/videolearningcenter.md @@ -14,3 +14,5 @@ See the following Video topics for Scripts and Feature Manager for Windows. - [Feature Manager For Windows Servers](/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/windowsservers.md) - [Feature Manager for Windows + Endpoint Policy Manager Cloud](/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/cloud.md) - [Feature Manager for Windows + MDM](/docs/endpointpolicymanager/components/featuremanager/videos/allvideos/mdm.md) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/_category_.json index 1f2f14c145..82e3a72aec 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/_category_.json index f890ea6095..bd3755797e 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/_category_.json @@ -8,3 +8,4 @@ "id": "knowledgebase" } } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/installation/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/installation/_category_.json index ee3640f7af..76ffd74d1c 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/installation/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/installation/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/knowledgebase.md index ca674b8869..fb75b3993b 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/knowledgebase.md @@ -28,3 +28,5 @@ File Associations Manager provides enterprise-level control over file type assoc --- *For additional support, consult the troubleshooting section or contact technical support.* + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/cortana.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/cortana.md index 4779da3917..96b6e4b6f9 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/cortana.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/cortana.md @@ -7,8 +7,8 @@ sidebar_position: 10 # How can I make Cortana and other web searches to use system default browser instead of Microsoft Edge? Microsoft created a protocol that masks the URLs so that they can be opened in Microsoft Edge in -Windows 10. So instead of https://www.endpointpolicymanager.com, Windows 10 would prepend microsoft-edge: to the -URL i.e. microsoft-edge:https://www.endpointpolicymanager.com. +Windows 10. So instead of https://www.policypak.com, Windows 10 would prepend microsoft-edge: to the +URL i.e. microsoft-edge:https://www.policypak.com. So no browser but Microsoft Edge supports this protocol, and these URLs are opened in Edge automatically and not the default system browser you set through Netwrix Endpoint Policy Manager @@ -29,3 +29,5 @@ The path for EdgeDeflector. That has to be same on client computers. Apply the policy on the client computers and reboot. ::: + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/specificbrowser.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/specificbrowser.md index 7092c56b77..6627c07749 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/specificbrowser.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/specificbrowser.md @@ -17,3 +17,5 @@ open it in some third party program) it will be opened with IE. But note that if you type a URL into, say, the Firefox or Chrome address bar (or follow some hyperlink) to navigate to `file://server/site.htm`, it will stay in the same browser and not magically open in IE. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/windowsphotoviewer.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/windowsphotoviewer.md index f9912f92e8..7e23210f5f 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/windowsphotoviewer.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/tipsandtricks/windowsphotoviewer.md @@ -42,3 +42,5 @@ Command Line: `"%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_ ![715_1_image-20210421203400-1_950x594](/images/endpointpolicymanager/troubleshooting/fileassociations/715_1_image-20210421203400-1_950x594.jpeg) ![715_2_image-20210421203400-2](/images/endpointpolicymanager/troubleshooting/fileassociations/715_2_image-20210421203400-2.jpeg) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/_category_.json index 2a7c1d7f13..269232431c 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultassociationsconfiguration.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultassociationsconfiguration.md index 1ffa143222..096936d81d 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultassociationsconfiguration.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultassociationsconfiguration.md @@ -29,3 +29,5 @@ Associations file for it to work reliably. Summary: Use only Endpoint Policy Manager … when using Endpoint Policy Manager Browser Router and also Endpoint Policy Manager File Associations Manager and don't try to use a Group Policy or MDM File Associations alongside it. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultbrowser.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultbrowser.md index fd199320cc..1726ce918f 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultbrowser.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/defaultbrowser.md @@ -11,3 +11,5 @@ may be tempting to map http or https to a particular browser as a way of enforci browser. That will work until Browser Router has any rules at all in that component, and then Browser Router takes over. If you want to set a default browser, use Browser Router instead of File Associations Manager. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/gpos.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/gpos.md index da10d7b561..905afdda5a 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/gpos.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/gpos.md @@ -22,3 +22,5 @@ resulting association list: - .`txt -> Sublime.exe`, (Because GPO2 wins in the conflict.) - .`log-> Notepad.exe`, (Because there are no conflicts.) - `.cfg -> Sublime.exe` (Because there are no conflicts.) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/legacy.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/legacy.md index 9a7233b17f..e44c512324 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/legacy.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/legacy.md @@ -46,3 +46,5 @@ By establishing to use Legacy File Assoc Method & Features the following occurs: machines. - Endpoint Policy Manager File Associations Manager policies can only take effect when you log out and back in. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/oemdefaultassociations.md b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/oemdefaultassociations.md index ef5ad35ab3..b20f66d503 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/oemdefaultassociations.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/troubleshooting/oemdefaultassociations.md @@ -20,3 +20,5 @@ achieve File Associations goals. Remove any in-box Group Policy settings, etc, w to set File Associations and use only Endpoint Policy Manager to do it. ![660_1_faq4-img1](/images/endpointpolicymanager/fileassociations/660_1_faq4-img1.webp) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/_category_.json index 1c4c158a37..491e75991a 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/applymode.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/applymode.md index f109f8a5dc..82bd7d2e91 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/applymode.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/applymode.md @@ -40,3 +40,5 @@ You can use this Apply once and drift approach for a single policy as well. Simp **New Policy** and click the **Apply** drop down menu and select **Once**. ![about_policypak_file_associations_31](/images/endpointpolicymanager/fileassociations/about_endpointpolicymanager_file_associations_31.webp) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/_category_.json index f3e7bac34b..d37bacd0d6 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/logs.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/logs.md index ced19ffc4d..32a70ab834 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/logs.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/logs.md @@ -43,6 +43,7 @@ Figure 55. An example of a Endpoint Policy Manager File Associations Manager log Figure 56. Highlights from the Endpoint Policy Manager k File Associations Manager log. -If needed, logs can be automatically wrapped up and sent to -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) with the `PPLOGS.EXE` command on any endpoint +If needed, logs can be automatically wrapped up and sent to support by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) with the `PPLOGS.EXE` command on any endpoint where the client-side extension is installed. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/xmlfile.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/xmlfile.md index b59579e854..c5b6721e6f 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/xmlfile.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/configuration/xmlfile.md @@ -21,3 +21,5 @@ PolicyPak File Associations Manager. If you are expecting an application extensi application, but it does not, first check this file to see if what you expected is here or not. If the association is absent, then the target computer most likely did not get the policy to make the association. Fixing that should be your next step. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/gettingtoknow/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/gettingtoknow/_category_.json index e327f602f8..6a62f6c67c 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/gettingtoknow/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/gettingtoknow/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/helperutility.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/helperutility.md index 2f16270f09..2100135098 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/helperutility.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/helperutility.md @@ -57,3 +57,5 @@ create a new entry and click **Select Program**. To import the exported file into a Endpoint Policy Manager File Associations Manager GPO, pull up the Select Program Association window, and then click on **From XML file** under Import. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/_category_.json index c013e145db..7eca3603a6 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/advantages.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/advantages.md index 5002b1677d..aa95be55c8 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/advantages.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/advantages.md @@ -51,3 +51,5 @@ nor Microsoft's method can affect a user until the second login, see the topic for additional information.. ::: + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/overview.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/overview.md index c9f9302857..d2c6b0cf36 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/overview.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/overview.md @@ -11,3 +11,5 @@ the basic goal is to map a file extension, like .pdf, to an application, like Ad This sounds easy to do, but it is actually very difficult. In this section, we'll examine the history around file associations, explain Microsoft's way to perform file associations, and explain how Endpoint Policy Manager File Associations Manager works and what its limitations are. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows10.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows10.md index 938e73edee..aed636970b 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows10.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows10.md @@ -63,3 +63,5 @@ In summary, All this becomes time consuming every time you update and roll out an application that will be the registered extension or protocol. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows7.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows7.md index 906a1a1d4f..c50a887eae 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows7.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/insouts/windows7.md @@ -27,3 +27,5 @@ This method worked well on Windows XP to Windows 8, but stopped working with Win Endpoint Policy Manager File Associations Manager fills in this gap. If you are already accustomed to using Group Policy (with Group Policy Preferences) to manage file associations, then Endpoint Policy Manager File Associations Manager will be a familiar way to perform that work. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/_category_.json index 649a1baa7a..42955f07fd 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/exportcollection.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/exportcollection.md index b857a5d011..ebadda8f44 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/exportcollection.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/exportcollection.md @@ -48,3 +48,5 @@ you've used items that represent Group Membership in Active Directory, then thos function when the machine is domain-joined. ::: + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/overview.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/overview.md index 4efe1563aa..dcbf530016 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/overview.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/overview.md @@ -78,3 +78,5 @@ orange, which shows that it now has Item-Level Targeting. When Item-Level Targeting is on, the policy won't apply unless the conditions evaluate to True, and if Item-Level Targeting is on for a collection, then none of the items in the collection will apply unless the Item-Level Targeting on the collection evaluates to True. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/processorderprecedence.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/processorderprecedence.md index 54a6db3d17..019008b19d 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/itemleveltargeting/processorderprecedence.md @@ -46,3 +46,5 @@ overlap of policies. Here is how the precedence works: - Policies delivered through Endpoint Policy Manager files have the next highest precedence. - Policies delivered through Endpoint Policy Manager Group Policy directives have the highest precedence. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/mapextensions.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/mapextensions.md index 22993a5feb..60a1cd1018 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/mapextensions.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/mapextensions.md @@ -90,3 +90,5 @@ should open Acrobat Reader, double-clicking on the MP4 should open Metro Media P your Wordpad doc, which has a MAILTO: email address, should open Claws Mail (or Outlook). ![about_policypak_file_associations_19](/images/endpointpolicymanager/fileassociations/about_endpointpolicymanager_file_associations_19.webp) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/overview.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/overview.md index b5fb91b692..27f6d8fc83 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/overview.md @@ -48,7 +48,7 @@ Windows 10: :::note For an overview of Endpoint Policy Manager File Associations Manager, see -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-file-associations-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-file-associations-manager.html). +[https://www.policypak.com/products/endpointpolicymanager-file-associations-manager.html](https://www.policypak.com/products/endpointpolicymanager-file-associations-manager.html). ::: @@ -86,3 +86,5 @@ settings to non-domain-joined machines over the Internet. Manager Admin Templates Manager and our other products' XML files and wrap them into a "portable" MSI file for deployment using Microsoft Endpoint Manager (SCCM and Intune), an MDM service, or your own systems management software. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/policies.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/policies.md index 96ead3e8c8..16cbd41bf3 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/policies.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/policies.md @@ -95,3 +95,5 @@ files listed here: Mail (or Outlook), and the UWP version of Metro Media Player. - An example endpoint machine with a PDF file, a MP4 file, a MAILTO: example, and an XML file loaded on the Desktop. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/preconfigured.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/preconfigured.md index 0a8b5cdc63..2f6c7ce9e7 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/preconfigured.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/preconfigured.md @@ -61,3 +61,5 @@ In this way, it's very easy to download the files and immediately get started, w figure out how each file type should be mapped for an application. We're increasing the number of our Endpoint Policy Manager File Associations Manager manufacturer's advice files, so check for updates periodically. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/productwizard.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/productwizard.md index f250fd1c16..981e5d9b0e 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/productwizard.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/productwizard.md @@ -33,3 +33,5 @@ When you are done, you have , a collection that contains all the selected extens Media Player to use. ![about_policypak_file_associations_26](/images/endpointpolicymanager/fileassociations/about_endpointpolicymanager_file_associations_26.webp) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/registeredextensions.md b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/registeredextensions.md index e07a835c1d..2ba7de516a 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/manual/registeredextensions.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/manual/registeredextensions.md @@ -61,3 +61,5 @@ log on again. When you do, you'll see the XML file icon change to Notepad++. Dou icon will launch Notepad++ Portable. ![about_policypak_file_associations_22](/images/endpointpolicymanager/fileassociations/about_endpointpolicymanager_file_associations_22.webp) + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/overview.md b/docs/endpointpolicymanager/components/fileassociationsmanager/overview.md index 10ed8a0eb3..6d62480c0d 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/overview.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/overview.md @@ -26,3 +26,5 @@ File Associations Manager is a component of Endpoint Policy Manager (PolicyPak) - Configuration Guide - Getting Started Videos - Troubleshooting + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/_category_.json index 08b2b0a69c..48b4bb9e46 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/_category_.json @@ -8,3 +8,4 @@ "id": "videolearningcenter" } } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/_category_.json index edb57b5129..9b170c37fa 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/applyonce.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/applyonce.md index d2da88d3bf..e643f8b1c1 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/applyonce.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/applyonce.md @@ -9,7 +9,7 @@ Want to lay down one set of File Associations for some apps, but leave others to change themselves? Use Endpoint Policy Manager File Associations Manager to "apply once" and let those settings drift after you set them with the tips in this video. - + Hi, this is Jeremy Moskowitz. In this video, I'm going to show you how you can use Endpoint Policy Manager File Associations Manager to set up your user or computer side file associations and do it @@ -55,3 +55,5 @@ The idea here is you could set it one time which will work fine and then if you then and only then will it snapback. That will be a gpupdate/force and I have to set the policy to make that work. Hope this apply once for file associations then drift helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/preconfiguredadvice.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/preconfiguredadvice.md index fc4632c27a..ed739144ac 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/preconfiguredadvice.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/preconfiguredadvice.md @@ -9,7 +9,7 @@ Endpoint Policy Manager File Associations Manager comes with some preconfigure a easy to use. Here's the how to video, to associate Adobe Reader, Writer and other applications in Windows 10. - + ### Endpoint Policy Manager File Associations Manager: Use our preconfigured advice @@ -72,3 +72,5 @@ If you're looking to get started with Endpoint Policy Manager File Associations a webinar, we'll hand over the bits and you can get started right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/universalwindowsapps.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/universalwindowsapps.md index e5477f3e6d..cb879d3641 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/universalwindowsapps.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/universalwindowsapps.md @@ -8,7 +8,7 @@ sidebar_position: 30 Once you have your Windows Universal applications installed on an endpoint, how to manage the file associations? Watch this video to make it 1-2-3 easy ! - + ### Endpoint Policy Manager: Associate Programs to Universal Windows Apps (Metro Apps) @@ -71,3 +71,5 @@ get started with it right away. If you're ready to get started, join us for a we over the bits and get started as soon as you can. Thanks. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/windows10.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/windows10.md index 69734c6a3c..79012431a7 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/windows10.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/windows10.md @@ -9,7 +9,7 @@ Windows 10 File Associations shouldn't be done via XML file. That's a total wast doesn't help you out when your needs change. Instead, use Endpoint Policy Manager File Associations Manager to manage both COMPUTER and USER file associations. You're gonna love it. - + Hi, this is Jeremy Moskowitz, Founder and CTO of Endpoint Policy Manager Software, and in this video I'm going to show you how you can manage the heck out of your Windows 10 file associations. Boy @@ -111,3 +111,5 @@ gets exactly the same settings. This is amazing. I hope you love it as much as we love to bring it to you. Thank you very much for watching, and hope to get you started with a trial real soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/wizard.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/wizard.md index f660b1248f..01bba0a646 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/wizard.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/gettingstarted/wizard.md @@ -8,7 +8,7 @@ sidebar_position: 40 If an application has a LOT of file extensions, this built-in PPFAM Wizard enables you to quickly find them all, and make them a collection. Couldn't be simpler! - + ### Endpoint Policy Manager: Manage all File Associations with the PPFAM Wizard @@ -81,3 +81,5 @@ that. I hope this helps you out. Looking forward to getting you started real soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/_category_.json index bf3482899d..e671dd1396 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloud.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloud.md index 2b9882709c..d1608e01da 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloud.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloud.md @@ -11,7 +11,7 @@ Endpoint Policy Manager File Associations Manager. Trying to manage with "Set a configuration" is for the birds, and isn't flexible. Instead, manage it quickly using Group Policy, and PolicyPak. - + If you've got not domain-joined machines, as I have here, and you're using Endpoint Policy Manager Cloud, how do you use Endpoint Policy Manager File Associations Manager with it? Well, it's super @@ -44,3 +44,5 @@ emailer. Instead, it is the Clause Mail, which is what I wanted. There you go; that's it. we've done our file associations This is one of the shortest videos ever. Hope this makes sense and hope you love Endpoint Policy Manager as much as we love bringing it to you. Thanks so much. Take care. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloudusage.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloudusage.md index df1a9006b0..353007d3a9 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloudusage.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/cloudusage.md @@ -9,7 +9,7 @@ When you don't have a "Fake DC" to create file association policies on-prem to e Endpoint Policy Manager's File Association Manager Helper utility can be used to create the desired associations on a sample workstation. - + Hi, this is John at Endpoint Policy Manager, and in this video, we're going to take a look at setting up File Association Manager in the cloud. I have here my non-domain joined machine here, and @@ -53,3 +53,5 @@ you're going to see these applications change before your very eyes. There we go opening up now in Adobe Reader. We've got this little video opening up in VLC now. You can see the little pylon there. We've got our mailto link opening up in Chrome. It doesn't actually do anything in Chrome, but the change was made. That's it. Thank you very much for watching. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/mdm.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/mdm.md index 9b00952163..b7cae4882b 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/mdm.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/mdm.md @@ -11,7 +11,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) File Associations Manager. with "Set a default associations configuration" is for the birds, and isn't flexible. Instead, manage it quickly using Group Policy, and Endpoint Policy Manager. - + In a previous video, you saw me send file associations down to the right applications at the right time for user side and computers using Group Policy. In this video, I'm going to show you how to do @@ -69,3 +69,5 @@ If you want to take your file associations on the road with you to your non doma you can do it with Endpoint Policy Manager File Associations Manager and your MDM service like Microsoft Endpoint Manager. Hope this video helps you out. Looking forward to getting you started real soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/pdqdeploy.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/pdqdeploy.md index 6ed6450223..f84c0f7684 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/pdqdeploy.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/methods/pdqdeploy.md @@ -12,7 +12,7 @@ Policy Manager File Associations Manager, after your applications are deployed, clicks to get ALL of your associations handled. Check out this video to see how to map everything from Acrobat Reader to Outlook. - + ### Setting Default File Associations with Endpoint Policy Manager and PDQ Deploy @@ -219,3 +219,5 @@ Jeremy: So simple. That's it for us. Katie: I'm Katie. Jeremy: I'm Jeremy. Thanks for watching. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/acroreader.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/acroreader.md index eb91891469..39b0f72d9a 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/acroreader.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/acroreader.md @@ -8,7 +8,7 @@ sidebar_position: 70 How do you make PP File Associations "think" about what to do, and have one group of associations with Acrobat READER and another with Acrobat WRITER. Here's how. - + ### PolicyPak File Associations Trick – Acro Reader AND Writer @@ -171,3 +171,5 @@ With that in mind, that's all there is really to it. Hope this helps you get on Endpoint Policy Manager File Associations Manager. Looking forward to getting you started real soon. Thanks so much. Take care. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/adobereader.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/adobereader.md index 5f0b13a72b..aab00055be 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/adobereader.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/adobereader.md @@ -9,7 +9,7 @@ Ever wished you could force Internet Explorer to open PDFs in Adobe Reader inste browser? Using the Netwrix Endpoint Policy Manager (formerly PolicyPak) Application Manager and File Associations Manager combo, you can. - + ### Endpoint Policy Manager: Force IE to user Adobe Reader for PDFs @@ -47,3 +47,5 @@ If now we click on the link to a PDF file, it will now launch that PDF file into itself. Okay, I hope it helps. Thank you. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/firstlogin.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/firstlogin.md index 9124174fcf..72abe18658 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/firstlogin.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/firstlogin.md @@ -9,7 +9,7 @@ This isn't a problem with Endpoint Policy Manager File Associations Manager, but the behavior of what occurs at very first login. Good news: There's a quick fix; just log out and back on, and then.. boom. Problem solved for good! - + :::note This is OLD behavior; Endpoint Policy Manager doesn't require logoff and back on for File @@ -71,3 +71,5 @@ that person to log off and log back on not to see those prompts anymore, so do k you're using Endpoint Policy Manager File Associations Manager. I hope this helps you out. Looking forward to getting you started real soon. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helperapplication.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helperapplication.md index aa4221eb23..b96c5511da 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helperapplication.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helperapplication.md @@ -9,7 +9,7 @@ If you have an application you simply cannot install on your own Management Stat included PPFAM Helper utility to capture the association, then bring the XML file over to your machine. - + ### Endpoint Policy Manager File Associations Manager: Helper Application @@ -73,3 +73,5 @@ I hope this helps you out. If you're looking to get started, we're here to help Just join us for the webinar and see you onboard. Thanks. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helpertool.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helpertool.md index 83b653d147..6ff2128064 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helpertool.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/helpertool.md @@ -10,7 +10,7 @@ Associations Manager, and you want to associate a file to a program that's not o station? Use the File Associations Manager Helper Tool, then use the resulting XML file to manage File Associations on your MDM enrolled machine like a boss! - + ### Endpoint Policy Manager MDM: File Associations Manager Helper Tool @@ -107,3 +107,5 @@ That's how you're going to fix the problem of having an application on your endp can't get on your management station but you still want to associate files to it. Thanks for watching, and we'll see you in the next video. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/mailto.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/mailto.md index 2f8ca85f35..bde7df83f0 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/mailto.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/mailto.md @@ -10,7 +10,7 @@ directly in Office 365. When done OWA will be the default handler for the mailto Windows, so that clicking an email address will open the OWA "Compose message" window. Hope this helps you out. - + Code: @@ -36,7 +36,7 @@ How did I perform this magic here? The first thing is that I have a little batch is that it silences it as much as it can ("@echo off"). Then it says "set address=%1" which means it's going to take in the item that you're passing. So -that would be the address: "mailto:jeremym@endpointpolicymanager.com." Then what it does is removes the first +that would be the address: "mailto:jeremym@policypak.com." Then what it does is removes the first seven characters which would be "mailto:" and then what we do is that we run the default browser against the special link in "https://outlook.office.com" and then we put in "`%address%`" which is the address without the "mailto:". @@ -85,3 +85,5 @@ If you like what you see here and want to get started with PolicyPak , then go a you in the webinar. Then after that, we'll hand over the bits, and you can try it out yourself. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10modify.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10modify.md index 29e3da1737..780ba77c49 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10modify.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10modify.md @@ -11,7 +11,7 @@ work great in Windows 7 with Group Policy, but not anymore. To change Windows 10 you need Netwrix Endpoint Policy Manager (formerly PolicyPak) File Associations Manager, which can be seen in this demo. - + ### Set, Change and Remove Windows 10 File Associations @@ -229,3 +229,5 @@ Manager simplifies Windows 10 File Associations, but it also demonstrates the so features. Once you've seen the webinar, we'll hand over the bits so you can start a free 14-day trial. During your evaluation, a Windows 10 File Associations specialist will be available to help you with your project. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10questions.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10questions.md index feb9b7b0e3..ff4d227058 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10questions.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/tipsandtricks/windows10questions.md @@ -9,7 +9,7 @@ How do I get Windows 10 to stop asking me to open PDFs in Microsoft Edge? When y Policy Manager File Associations Manager, you might have done "everything right" but even then, it still doesn't work as expected. See this video for a universal fix. - + Hi, this is Jeremy Moskowitz and if you're watching this video, you're probably wondering why when you use file associations manager you still get this question. Do you want to open this file? You've @@ -38,3 +38,5 @@ no questions. Hopefully that policy setting helps you out and therefore you can associations manager quickly and easily and no more questions. Thanks so very much for watching and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/videolearningcenter.md index 270566fc46..b3aa0c42c1 100644 --- a/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/videolearningcenter.md @@ -27,3 +27,5 @@ Discover tips, tricks, and advanced configurations to maximize the effectiveness --- *All videos include step-by-step guidance and real-world examples.* + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/_category_.json index c17f2559c5..134b74be97 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/manual/_category_.json index 872eac79bd..3568930657 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/_category_.json @@ -3,4 +3,4 @@ "position": 1, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/gettingstarted.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/gettingstarted.md index a1e782be35..735aeb122f 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/gettingstarted.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/gettingstarted.md @@ -123,3 +123,5 @@ This ends the Endpoint Policy Manager Java Rules Manager Quickstart, which demon Endpoint Policy Manager Java Enterprise Rules Manager in the fastest amount of time. Note that prompts for various Java-related items might be received during your Quickstart. To overcome this, please see section on [Overcoming Java Prompts](/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/overview.md). + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/_category_.json index 10bdcb77e3..ef77a8c099 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/deploymentruleset.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/deploymentruleset.md index 57acfeaa61..5ddd58e4db 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/deploymentruleset.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/deploymentruleset.md @@ -19,3 +19,5 @@ is valid; this determines which Endpoint Policy Manager Rules Manager should aut ![troubleshooting_policypak_4](/images/endpointpolicymanager/troubleshooting/javaenterpriserules/troubleshooting_endpointpolicymanager_4.webp) Figure 33. The active Deployment Rule Sets. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/eventviewer.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/eventviewer.md index 3f5ff4c1d0..69c49d0b8a 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/eventviewer.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/eventviewer.md @@ -18,3 +18,5 @@ Figure 34. Event 8021 shows the XML used to write the Java Rules. Event Forwarding, which is built into Windows, can be set up. Information on Event Forwarding is demonstrated here: [https://blogs.technet.microsoft.com/jepayne/2015/11/23/monitoring-what-matters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/](https://blogs.technet.microsoft.com/jepayne/2015/11/23/monitoring-what-matters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/). + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/itemleveltargeting.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/itemleveltargeting.md index 7a879c15f6..94213583a0 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/itemleveltargeting.md @@ -9,3 +9,5 @@ sidebar_position: 60 Item-Level Targeting (ILT) filters can apply and match (or not match) to any Endpoint Policy Manager Java Rules Manager rule. If an ILT filter evaluates to TRUE, then it will appear in the Java Rule Set. If an ILT filter evaluates to FALSE, then it will be removed from the Java Rule Set. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/licensefile.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/licensefile.md index 428ee44f6c..f020a7a098 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/licensefile.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/licensefile.md @@ -15,3 +15,5 @@ Figure 29. Figure 29. Endpoint Policy Manager Java Rules Manager must be licensed like every other Endpoint Policy Manager component. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/logfiles.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/logfiles.md index c192ca73f1..94c5dcf290 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/logfiles.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/logfiles.md @@ -31,8 +31,9 @@ Group Policy applies. The following list shows some of these logs: - `ppComputer_onSchedule` is used when Endpoint Policy Manager's internal processes attempt to look for any changes while offline (usually every 60 minutes). -Logs are automatically wrapped up and can be sent to -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) with the `PPLOGS.EXE` command on any endpoint +Logs are automatically wrapped up and can be sent to support by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) with the `PPLOGS.EXE` command on any endpoint where the client-side extension (CSE) is installed. Since the main logs for Endpoint Policy Manager Java Rules Manager are in ProgramData, run an Elevated Command Prompt (as admin), and run `PPLOGS.EXE` to obtain the data from the PolicyPak Java Rules Manager logs. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/overview.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/overview.md index 1f0fb383c6..c9d5696b8b 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/overview.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/overview.md @@ -12,3 +12,5 @@ Java Rules Manager only applies to the Computer side and not to the User side. T encountered with Endpoint Policy Manager Java Rules Manager is that RIA websites don't honor the version of Java JRE you expect on an endpoint. The sections below list the most common reasons why they don't and provide some troubleshooting steps. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/processorder.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/processorder.md index 657ec608e4..916faebcae 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/processorder.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/processorder.md @@ -10,3 +10,5 @@ Multiple GPOs that have Endpoint Policy Manager Java Rules Manager policies can and will be cumulative. If a conflict does occur, the higher Group Policy with the higher precedence should "win." See the "Processing Order" section earlier in this document to understand what happens when Group Policy, file-based policy, and cloud-based policy conflict. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/version.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/version.md index 34fd479b36..cf39737183 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/version.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/version.md @@ -28,3 +28,5 @@ version of Java is utilized. Figure 32. "Latest on machine" does what it implies; it utilizes the latest version of Java available and installs it on the machine. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/_category_.json index 907145e942..955e6d5a3d 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefox.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefox.md index 89b1d88504..6ecaeae047 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefox.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefox.md @@ -16,3 +16,5 @@ Allow Now or Allow and Remember appear See [Firefox: How do I set "Allow Now", "Allow and Remember" or "Block Plugin" as plug-ins are requested?](https://helpcenter.netwrix.com/bundle/endpointpolicymanager/page/Content/endpointpolicymanager/ApplicationSettings/Preconfigured/Firefox/AllowRemember.htm) for additional information. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefoxinternetexplorer.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefoxinternetexplorer.md index 5a48757f31..14b1e60463 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefoxinternetexplorer.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/firefoxinternetexplorer.md @@ -33,3 +33,5 @@ encounter that can be overcome: To work around these prompts, see [Leveraging an Existing Preconfigured AppSet](https://helpcenter.netwrix.com/bundle/endpointpolicymanager/page/Content/endpointpolicymanager/ApplicationSettings/Preconfigured/QuickStart/LeverageExisting.htm) for relevant topics that start with the word Java. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/_category_.json index 9d1912f85a..ea2e98c694 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message1.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message1.md index 9629a38d1f..5010282ac3 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message1.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message1.md @@ -34,3 +34,5 @@ You can also use Endpoint Policy Manager Application Settings Manager to merge y user's. ![overcoming_java_prompts_7](/images/endpointpolicymanager/javaenterpriserules/prompts/internetexplorer/overcoming_java_prompts_7.webp) + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message2.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message2.md index 1d480419bc..46402295fa 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message2.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message2.md @@ -41,3 +41,5 @@ By creating these registry values, you can make the Java messages automatically ![overcoming_java_prompts_10](/images/endpointpolicymanager/javaenterpriserules/prompts/internetexplorer/overcoming_java_prompts_10.webp) The result is that the prompt for iCacls is no longer received, but the Java applet will not run. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message3.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message3.md index 259af9a514..d15e287d99 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message3.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/message3.md @@ -41,3 +41,5 @@ values as shown in the table below: The result is that the Java applet is allowed. Since Endpoint Policy Manager Application Settings Manager does not yet have a way to set this dynamically, we suggest Group Policy Preferences be used to deliver these registry values. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/overview.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/overview.md index fecf8ff7ea..c38393b643 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/overview.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/internetexplorer/overview.md @@ -8,3 +8,5 @@ sidebar_position: 30 You likely want to eliminate messages about Java when users are using Internet Explorer. The tips in this section can help you to do just that. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/overview.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/overview.md index f2b63f9a9a..7138f48bce 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/overview.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/prompts/overview.md @@ -13,3 +13,5 @@ Therefore, you will receive Java prompts, which apply to the following browsers: either browser.) - Type 2 — Firefox - Type 3 — Internet Explorer + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/theory.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/theory.md index d8fca1db04..717e029136 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/theory.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/theory.md @@ -49,3 +49,5 @@ or your own tool, and gets everything to work the first time. Policy Manager Java Rules Manager and our other products' XML files and wrap them into a portable MSI file for deployment using Microsoft Endpoint Manager (SCCM and Intune) or your own systems management software. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/_category_.json index 7599c89372..824388d255 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "usage" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/exportcollections.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/exportcollections.md index 77d3fe884c..66042f7c07 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/exportcollections.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/exportcollections.md @@ -21,3 +21,5 @@ collections, even if you export one single policy. In other words, a collection created at export time even if you export a single policy. ::: + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/itemleveltargeting.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/itemleveltargeting.md index 2a2c6f65f8..e08f8dc1b7 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/itemleveltargeting.md @@ -65,3 +65,5 @@ orange. The Item-Level Targeting column will indicate if Item-Level Targeting is In this way, you can have granular control over policies and collections. First, filter with Item-Level Targeting on a collection, and then filter any specific rule if any Item-Level Targeting is applied there. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/manageria.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/manageria.md index 1ae63205d5..284ae7b3c6 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/manageria.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/manageria.md @@ -119,3 +119,5 @@ when you paste it into the Endpoint Policy Manager Java Rules Manager MMC snap i automatically stripped. ![using_policypak_java_rules_6](/images/endpointpolicymanager/javaenterpriserules/using_endpointpolicymanager_java_rules_6.webp) + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/processorderprecedence.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/processorderprecedence.md index af2c8aed73..74bb9a2849 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/processorderprecedence.md @@ -32,3 +32,5 @@ overlap of policies. Here is how the precedence works: - Policies delivered through Endpoint Policy Manager files have the next highest precedence. - Policies delivered through Endpoint Policy Manager k Group Policy directives have the highest precedence. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/usage.md b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/usage.md index 4054ae1232..7e7a2923a2 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/usage.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/manual/usage/usage.md @@ -13,3 +13,5 @@ In this section, you will learn how to do the following: - Understand the processing order of rules - Learn how to export collections and rules to deploy using Microsoft Endpoint Manager (SCCM and Intune) or Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/overview.md b/docs/endpointpolicymanager/components/javaenterpriserules/overview.md index 4d39ef3e5a..ef6f949dd8 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/overview.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/overview.md @@ -7,8 +7,7 @@ sidebar_position: 30 # Java Enterprise Rules Manager :::note -Before reading this section, please ensure you have read Book 2: -[Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you +Before reading this section, please ensure you have read the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you learn to do the following: ::: @@ -92,3 +91,5 @@ If you use the PolicyPak Cloud service, you can deliver Group Policy settings ev non-domain-joined machines over the Internet. ::: + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/_category_.json index 976ee0414f..03b0c1a0b6 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/evaluateurls.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/evaluateurls.md index fcfd051067..ac501cb8bd 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/evaluateurls.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/evaluateurls.md @@ -26,3 +26,5 @@ contain a path, then all paths from the host are considered a match. For example host.example.com/samples matches host.example.com/samples and host.example.com/samples/test, but does not match host.example.com/test. However, host.example.com matches host.example.com/samples, host.example.com/samples/test, and host.example.com/test. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/javaprompts.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/javaprompts.md index 7f4cf77a31..f6ce261e88 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/javaprompts.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/javaprompts.md @@ -37,7 +37,7 @@ can overcome are: - "Do you want to run this application" To see exactly how to work around these prompts, see -[https://www.endpointpolicymanager.com/support-sharing/preconfigured-paks.html](https://www.endpointpolicymanager.com/support-sharing/preconfigured-paks.html) +[https://www.policypak.com/support-sharing/preconfigured-paks.html](https://www.policypak.com/support-sharing/preconfigured-paks.html) and look for the KB articles which start with the word "Java:" ### Type 2: Java Messages specifically found in Firefox @@ -162,3 +162,5 @@ Like this: ![558_15_ppjrm-img-14](/images/endpointpolicymanager/troubleshooting/javaenterpriserules/558_15_ppjrm-img-14.webp) Result: The Java applet is ALLOWED. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/version64bit.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/version64bit.md index 190b434e5e..14908b01a9 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/version64bit.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/version64bit.md @@ -29,3 +29,5 @@ Then you can map 32-bit Javas to the 32-bit browsers you have. - When running 32-bit IE www.bar.com –> 32-bit Java 7 U 95. - When running 64-bit IE www.xyz.com –> 64-bit Java 7 U 99. - When running 64-bit IE www.pdq.com –> 64-bit Java U 51. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionjava.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionjava.md index af750ebfed..fb3dc2ac78 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionjava.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionjava.md @@ -10,3 +10,5 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) Java Rules Manager will wor or later is on the machine. Then you can make maps to any version of Java higher or lower. Keep in mind that PPJRM will not work without at LEAST Java 7 U 40 installed on the machine. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionlatest.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionlatest.md index 77c49d49ff..745062dcc3 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionlatest.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionlatest.md @@ -49,3 +49,5 @@ the required version of java. ![889_4_image-20210721212259-12](/images/endpointpolicymanager/troubleshooting/javaenterpriserules/889_4_image-20210721212259-12.webp) ![889_5_image-20210721212259-13](/images/endpointpolicymanager/troubleshooting/javaenterpriserules/889_5_image-20210721212259-13.webp) + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/virtualizedbrowsers.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/virtualizedbrowsers.md index aa9764ee81..f1aaddcfb4 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/virtualizedbrowsers.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/virtualizedbrowsers.md @@ -22,3 +22,5 @@ What will not work is: While the first scenario should work, this scenario is Unsupported, which means it should work as described, but there are no guarantees, and no plans to improve support for App-V + PPJRM. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/wildcards.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/wildcards.md index f5349a4ad9..0653f89aa9 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/wildcards.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/wildcards.md @@ -34,3 +34,5 @@ Rules which will not work: - 137.238.1.\* – will not work; Java isn't loaded - 137.238.1.\*/is/javatest/ – will not work; Java isn't loaded + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/knowledgebase.md b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/knowledgebase.md index f6bf91da94..24fb835460 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/technotes/knowledgebase.md @@ -17,3 +17,5 @@ See the following Knowledge Base articles for Java Enterprise Rules Manager. - [Does Endpoint Policy Manager Java Rules Manager work with 64-bit versions of Java?](/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/version64bit.md) - [What is the earliest version / what versions of Java are required for Java Rules Manager to work with?](/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionjava.md) - [Why is the latest Java version installed being used instead of the version specified by Java Rules Manager?](/docs/endpointpolicymanager/components/javaenterpriserules/technotes/gettingstarted/versionlatest.md) + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/videos/_category_.json index 12b644b19b..a611105f99 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/block.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/block.md index b9b7d493aa..1efd902b01 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/block.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/block.md @@ -8,7 +8,7 @@ sidebar_position: 30 We know you hate Java, and want to get rid of it. This video shows you how you can block ALL Java, but then make exceptions as needed. - + ### Java Rules Manager: Block ALL Java-with some exceptions @@ -62,3 +62,5 @@ to create a couple of exceptions and map a particular version to a particular we If that's of interest to you, let us know. We can get you started with a free trial of PolicyPak Software. We look forward to hearing from you. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/browserrouter.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/browserrouter.md index 76b5e64c92..cc35e8e15b 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/browserrouter.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/browserrouter.md @@ -9,4 +9,6 @@ Open the right browser for the website, then dictate what version of Java to run combo made in heaven. These are both included with the Endpoint Policy Manager On-Prem or Endpoint Policy Manager Cloud suite! - + + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/gettingstartedv.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/gettingstartedv.md index cd49deaaf2..c2355115c7 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/gettingstartedv.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/gettingstartedv.md @@ -6,8 +6,10 @@ sidebar_position: 10 # Use Group Policy to dictate which version of Java for what website Configure websites to use the version of Java you choose, or block Java websites entirely -([https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites)) +([https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites)) – this demo uses Group Policy. Making a Java Deployment Rule Set for your Enterprise has never been easier or more flexible. - + + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/itemleveltargeting.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/itemleveltargeting.md index d1f14b981f..339a9e971a 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/itemleveltargeting.md @@ -8,11 +8,11 @@ sidebar_position: 40 Use Netwrix Endpoint Policy Manager (formerly PolicyPak) Java Rules Manager policies and specify which version of Java you want to run for a website, but vary it by operating system. Learn how to use Item Level Targeting -([https://www.endpointpolicymanager.com/pp-blog/item-level-targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting)) +([https://www.policypak.com/pp-blog/item-level-targeting](https://www.policypak.com/pp-blog/item-level-targeting)) with Endpoint Policy Manager Java Rules quickly. Making a Java Deployment Rule Set for your Enterprise has never been easier or more flexible. - + ### Endpoint Policy Manager Java Rules Manager: Specify which version of Java for which computer @@ -78,3 +78,5 @@ helps you out and gets you on the road to getting you started with Java Rules Ma Thanks so very much. If you're looking to get started, go ahead and connect with us and we'll get you the bits and we'll get you started real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/oracledeploymentrulesets.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/oracledeploymentrulesets.md index 116171c94e..cd208cef81 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/oracledeploymentrulesets.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/gettingstarted/oracledeploymentrulesets.md @@ -7,7 +7,7 @@ sidebar_position: 50 Got existing Oracle Deployment Rule Sets? No problem. Right-click and import.. and.. you're done. - + Hi, this is Jeremy Moskowitz. From time to time, people ask us hey, I want to transition from an existing Oracle Java deployment rule set over to PolicyPak Java Rules Manager. Do you have a quick @@ -20,3 +20,5 @@ that and you're off to the races. Then you can turn off your Java deployment rul update on the endpoint and you're off to the races. It's just as simple as that. This is the shortest video ever. Thanks, have a nice day. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/_category_.json index 49f9e436c7..eb6a1aeb2a 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/cloud.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/cloud.md index fed5a3ca8e..44389494a9 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/cloud.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/cloud.md @@ -8,11 +8,11 @@ sidebar_position: 30 Use Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud to deliver Endpoint Policy Manager Java Rules Manager policies. Configure websites to use the version of Java you choose, or block Java websites entirely -([https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites)) +([https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites)) – even for remote machines via the Cloud. Making a Java Deployment Rule Set for your Enterprise has never been easier or more flexible. - + Hi, this is Whitney with PolicyPak software. Have you ever had the situation where you were using some older legacy web app that needs an older version of Java but everywhere else you wanted to run @@ -51,3 +51,5 @@ happening in the same browser at the same time. Every other site that uses Java going to fall upward to whatever is latest on the machine. If that's as magical to you as it is to me, then sign up for our webinar. We will get you started on your 30-day free trial right away. Thanks so much + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/mdm.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/mdm.md index c66c8f0cd5..135400c0f9 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/mdm.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/mdm.md @@ -9,7 +9,7 @@ Open the right browser for the website, then dictate what version of Java to run combo made in heaven. See how to do it with Netwrix Endpoint Policy Manager (formerly PolicyPak) MDM and your MDM service. - + Hi, this is Whitney with PolicyPak Software. If you have a situation where you need to run an old version of Java on some legacy webpage but you want to make sure to use the latest version @@ -53,3 +53,5 @@ When I come over to java.com to do the same thing, we see that I am running Vers There you have it. We were able to route the right version of Java to the right website and deploy those policies using your own MDM service. If this is of interest to you, sign up for our webinar and we'll get you started on a free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/pdqdeploy.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/pdqdeploy.md index b6c024c1ad..2e594a1ef0 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/pdqdeploy.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/pdqdeploy.md @@ -8,7 +8,7 @@ sidebar_position: 10 Microsoft MVP Jeremy Moskowitz and Shane from Admin Arsenal show how to deploy Java with PDQ Deploy and manage the group policy with Netwrix Endpoint Policy Manager (formerly PolicyPak). - + ### Deploy and Manage Java with PDQ Deploy and Endpoint Policy Manager @@ -95,7 +95,7 @@ Shane: I'm the admin. Jeremy: You're in charge not them. Now, we're driving in these two settings, PolicyPak and GP Answers in here, but, wait, there's more. We can say even if a user tries to be super naughty, -perform ACL lockdown ([https://www.endpointpolicymanager.com/lockdown](https://www.endpointpolicymanager.com/lockdown)) thus +perform ACL lockdown ([https://www.policypak.com/lockdown](https://www.policypak.com/lockdown)) thus taking ownership of that file so the user can't work around your settings. Shane: After you drop the site exceptions file. @@ -165,3 +165,5 @@ Shane: PolicyPak guys. I'm Shane. Jeremy: Jeremy. Shane: Talk to you later. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/sccm.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/sccm.md index eca0a00e68..2245a88146 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/sccm.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/sccm.md @@ -6,11 +6,11 @@ sidebar_position: 40 # Use SCCM, KACE, etc to specify different websites for different Java Configure websites to use the version of Java you choose, or block Java websites entirely -([https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites)) +([https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites)) – this demo uses SCCM, KACE, Altiris, whatever method you like (instead of Group Policy.) Making a Java Deployment Rule Set for your Enterprise has never been easier or more flexible. - + ### Endpoint Policy Manager Java Rules Manager: Use SCCM, KACE, etc to specify different websites for different Java @@ -69,3 +69,5 @@ if you don't want to. I hope this helps you out and you're ready to get started real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/versionsmultiple.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/versionsmultiple.md index 98a3fedc4d..0cf696bbe3 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/versionsmultiple.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/methods/versionsmultiple.md @@ -11,7 +11,7 @@ Enterprise Mobility from Netwrix Endpoint Policy Manager (formerly PolicyPak) So multiple versions of Java and then MAP the correct version of Java to the right website. If you have ANY applications that have Java, you're going to FLIP OUT when you see this. - + ### Deploying Multiple Versions of Java to the Same Endpoint Using Endpoint Policy Manager and PDQ Deploy @@ -120,3 +120,5 @@ Shane: All right, I'm Shane. Jeremy: And I'm Jeremy. Shane: Talk to you later + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/_category_.json index c5b7b877f0..a71f34efae 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/xmlsurgery.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/xmlsurgery.md index 5f4ebc9549..9e88ab813a 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/xmlsurgery.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/xmlsurgery.md @@ -9,7 +9,7 @@ What do you do if you want to tie a specific version of Java to a specific websi you want isn't in the MMC? It doesn't happen often, but if it does, just a little bit of XML surgery does the trick. - + Hi, this is Whitney with PolicyPak Software. In this video we're going to do just a little bit of XML surgery to fix a small problem. It's not something that happens very often, but here's what to @@ -76,3 +76,5 @@ It is working just like we told it to. Instead of getting that error popup, we tied this to Version 8 Update 221 just like we told it to. Again, this doesn't come up very often, but if it every does happen for you, this is an easy way to fix it. I hope this helps you out. Thank you for watching. + + diff --git a/docs/endpointpolicymanager/components/javaenterpriserules/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/javaenterpriserules/videos/videolearningcenter.md index eb9702c395..fe969752b2 100644 --- a/docs/endpointpolicymanager/components/javaenterpriserules/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/javaenterpriserules/videos/videolearningcenter.md @@ -31,3 +31,5 @@ See the following Video topics for Java Enterprise Rules Manager. ## Troubleshooting - [Endpoint Policy Manager Java Rules Manager: XML Surgery](/docs/endpointpolicymanager/components/javaenterpriserules/videos/troubleshooting/xmlsurgery.md) + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/_category_.json b/docs/endpointpolicymanager/components/networksecuritymanager/_category_.json index 435ada7ce2..6f460244a5 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/_category_.json +++ b/docs/endpointpolicymanager/components/networksecuritymanager/_category_.json @@ -3,4 +3,4 @@ "position": 9, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/manual/_category_.json b/docs/endpointpolicymanager/components/networksecuritymanager/manual/_category_.json index 5bc73990cd..8e05bf86ef 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/networksecuritymanager/manual/_category_.json @@ -1 +1,2 @@ {"label": "Manual", "position": 5, "collapsed": true, "collapsible": true, "link": {"type": "doc", "id": "overview"}} + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/manual/overview.md b/docs/endpointpolicymanager/components/networksecuritymanager/manual/overview.md index dffdfa817c..1355e21e6c 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/manual/overview.md @@ -150,3 +150,5 @@ topics via our How-To videos: [Endpoint Policy Manager Network Security Manager - Applications and Ports](/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/applicationsports.md) - Deeper Dive into Customizations & Notifications: [Endpoint Policy Manager Network Security Manager - Global settings](/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/globalsettings.md) + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/technotes/_category_.json b/docs/endpointpolicymanager/components/networksecuritymanager/technotes/_category_.json index 7aafe0ff8d..53a0b98db0 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/networksecuritymanager/technotes/_category_.json @@ -1 +1,2 @@ {"label": "Tech Notes", "position": 10, "collapsed": true, "collapsible": true} + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/_category_.json b/docs/endpointpolicymanager/components/networksecuritymanager/videos/_category_.json index 77675c0c90..c3aa6c973f 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/_category_.json +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/applicationsports.md b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/applicationsports.md index a3a22a2b0c..4d5412a548 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/applicationsports.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/applicationsports.md @@ -8,4 +8,6 @@ sidebar_position: 30 Got applications you want to lockdown to use specific IPs and ports? Use this video to get the gist. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/auditingevents.md b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/auditingevents.md index 8100108876..713d99d1e4 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/auditingevents.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/auditingevents.md @@ -8,4 +8,6 @@ sidebar_position: 50 Need to turn on eventing? You can do this per Process then per activity. See how in this video. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/basics.md b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/basics.md index 5cd912c97f..68a7b56d9f 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/basics.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/basics.md @@ -9,4 +9,6 @@ sidebar_position: 10 Here's a demo of Netwrix Endpoint Policy Manager (formerly PolicyPak) Network Security Manager and how to ensure specific processes are allowed to talk with only specific network / IP devices. - + + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/domainnames.md b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/domainnames.md index eaa45b2ade..4fd5f0b5cd 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/domainnames.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/domainnames.md @@ -8,4 +8,6 @@ sidebar_position: 20 Want to use Domain Names to allow and block? You can do that ! - + + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/globalsettings.md b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/globalsettings.md index 35a0560ddb..24c5c24aa8 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/globalsettings.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/globalsettings.md @@ -10,4 +10,6 @@ Learn how you can specify the text of the dialog box presented to users when Net Manager is actively managing a process. You can even use links in the dialog to send them to your helpdesk for more information ! - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/networksecuritymanager/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/networksecuritymanager/videos/videolearningcenter.md index f7d835c013..97741eaabe 100644 --- a/docs/endpointpolicymanager/components/networksecuritymanager/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/networksecuritymanager/videos/videolearningcenter.md @@ -15,3 +15,5 @@ See the following Video topics for Network Security Manager. - [Endpoint Policy Manager Network Security Manager - Applications and Ports](/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/applicationsports.md) - [Endpoint Policy Manager Network Security Manager - Global settings](/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/globalsettings.md) - [Endpoint Policy Manager Network Security Manager - Auditing Events](/docs/endpointpolicymanager/components/networksecuritymanager/videos/gettingstarted/auditingevents.md) + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/_category_.json b/docs/endpointpolicymanager/components/preferencesmanager/_category_.json index 8cf96db072..235fd0fb1c 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/_category_.json +++ b/docs/endpointpolicymanager/components/preferencesmanager/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/_category_.json b/docs/endpointpolicymanager/components/preferencesmanager/manual/_category_.json index 20ca7992c8..0c5b98a0c0 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/_category_.json index 9a0009e0f3..b99eea22a8 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "gettingstarted" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/deploymsis.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/deploymsis.md index 045dc60a9e..9648d73af7 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/deploymsis.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/deploymsis.md @@ -26,7 +26,7 @@ install, and the MSI would install silently in the background. Next, the Group Policy Preferences XML file is placed within a Endpoint Policy Manager directory on the machine, to be read and processed. Within 10 seconds, you should see the Group Policy Preference -item apply the www.endpointpolicymanager.com shortcut URL on the desktop. +item apply the www.policypak.com shortcut URL on the desktop. ![quickstart_using_policypak_10](/images/endpointpolicymanager/preferences/quickstart_using_endpointpolicymanager_10.webp) @@ -36,3 +36,5 @@ mode (with "computer" in the name) and the Endpoint Policy Manager Preferences M extension (CSE) is installed on the machine. ::: + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/gettingstarted.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/gettingstarted.md index 56a3a8c47d..3e35e85f92 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/gettingstarted.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/gettingstarted.md @@ -46,21 +46,21 @@ examples, you'll see a file named `ppprefs-shortcut.xml`. Remove the file from the ZIP archive, and put it in a handy place for the deployment step. -The Group Policy Preference item has a simple goal: to place a shortcut for www.endpointpolicymanager.com on the +The Group Policy Preference item has a simple goal: to place a shortcut for www.policypak.com on the desktop. If you wish to create a Group Policy Preference item from scratch, see the next section. ## Option 2 - Using Microsoft Group Policy Preferences Editor While you can use any combination of Group Policy Preference items, we strongly recommend that you -use the Group Policy Preference item shown below, which puts an icon for www.endpointpolicymanager.com on the +use the Group Policy Preference item shown below, which puts an icon for www.policypak.com on the desktop. These are the settings used to make the Group Policy Preference item: -- Name: www.endpointpolicymanager.com +- Name: www.policypak.com - Target Type: URL - Location: Desktop -- Target URL: www.endpointpolicymanager.com +- Target URL: www.policypak.com - Icon file path: `%SystemRoot%\system32\SHELL32.dll` - Icon index: 47 @@ -81,3 +81,5 @@ Computer side, depending on which side on are on. ![quickstart_using_policypak_3](/images/endpointpolicymanager/preferences/quickstart_using_endpointpolicymanager_3.webp) Keep the Group Policy Preference item file you created handy for the next step. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/maintaincompliance.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/maintaincompliance.md index 9fb2ba62cd..d7244c7588 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/maintaincompliance.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/maintaincompliance.md @@ -8,7 +8,7 @@ sidebar_position: 30 When a computer is off the network and out of contact with a domain controller, Group Policy Preferences has no way to reapply its settings. Endpoint Policy Manager Preferences Manager fixes -this problem. To see this in action, delete the www.endpointpolicymanager.com icon from the desktop. Then, test +this problem. To see this in action, delete the www.policypak.com icon from the desktop. Then, test Endpoint Policy Manager Preferences Manager's automatic compliance on the client machine by unplugging the network cable and then doing one of the following: @@ -30,3 +30,5 @@ You can filter which users will see this shortcut item via Item-Level Targeting Targeting within the MSI itself. ::: + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/makemsis.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/makemsis.md index e64b0f28b6..d244a81563 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/makemsis.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/gettingstarted/makemsis.md @@ -8,7 +8,7 @@ sidebar_position: 10 :::note For an overview of the Endpoint Policy Manager Exporter utility, please watch this video: -[](http://www.endpointpolicymanager.com/video/endpointpolicymanager-preferences-with-endpointpolicymanager-exporter.html)[Endpoint Policy ManagerPreferences with Endpoint Policy Manager Exporter](/docs/endpointpolicymanager/archive/preferencesexporter.md)l. +[](https://www.policypak.com/video/endpointpolicymanager-preferences-with-endpointpolicymanager-exporter.html)[Endpoint Policy ManagerPreferences with Endpoint Policy Manager Exporter](/docs/endpointpolicymanager/archive/preferencesexporter.md)l. ::: @@ -69,3 +69,5 @@ we've saved it to the desktop as Deploy GPP MSI.msi. See Appendix A: [Using Endpoint Policy Manager with MDM and UEM Tools](/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md) for additional information on the Endpoint Policy Manager Exporter utility + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/itemleveltargeting.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/itemleveltargeting.md index 52ddd6c052..4c0566286e 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/itemleveltargeting.md @@ -79,3 +79,5 @@ Filters section. ![group_policy_preferences_item_4](/images/endpointpolicymanager/preferences/group_policy_preferences_item_4.webp) The XML of the Group Policy Preference item verifies that Item-Level Targeting is being used. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/overview.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/overview.md index 747569dbcf..293283050c 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/overview.md @@ -7,8 +7,7 @@ sidebar_position: 20 # Preferences Manager :::note -Before reading this section, please ensure you have read Book 2: -[Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you +Before reading this section, please ensure you have read the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you learn to do the following: ::: @@ -112,3 +111,5 @@ schema. Additionally, you do not need to install any server components, upgrade or buy any server-side infrastructure. There is no requirement for domain mode or functional level. To be clear, every client computer (Windows 7 and higher) or Terminal Services (RDS)/Citrix machine (Windows Server 2008 or higher) must have the Endpoint Policy Manager CSE installed and licensed. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/_category_.json b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/_category_.json index 10bdcb77e3..ef77a8c099 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/_category_.json +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/clientmachines.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/clientmachines.md index 657edb33c2..1ad497dd42 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/clientmachines.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/clientmachines.md @@ -21,8 +21,7 @@ Endpoint Manager (SCCM and Intune), or a similar program, did you first manually installation of the MSI? **Step 4 –** Is your computer licensed? All computers must be licensed in order for Endpoint Policy -Manager Preferences Manager to work properly (see Book 1: -[Introduction and Basic Concepts](/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md) for more information). Alternatively, try +Manager Preferences Manager to work properly (see the [Introduction and Basic Concepts](/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md) for more information). Alternatively, try renaming the computer to "Computer1" (or a similar name) such that "computer" is in the name. When you do this, the Endpoint Policy Manager Preferences Manager CSE will act as if it's fully licensed. If Endpoint Policy Manager Preferences Manager starts to work, you have a licensing issue. @@ -36,3 +35,5 @@ you're actually trying to apply the file to a Windows 8 system? reboot. See if your settings apply now. If so, try to determine why the settings worked when the computer was in Trial mode (i.e., when it had the word "computer" in the computer name) and not in Licensed mode. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logs.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logs.md index c13070e1fd..b0e3ab12a5 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logs.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logs.md @@ -44,3 +44,5 @@ You can see an example of the contents of the logs in Figure 21. ![troubleshooting_2](/images/endpointpolicymanager/troubleshooting/preferences/troubleshooting_2.webp) Figure 21. The contents of the logs that are required for troubleshooting. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logsenhanced.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logsenhanced.md index 7f4a9450fa..a7c6375724 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logsenhanced.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/logsenhanced.md @@ -25,3 +25,5 @@ logs called `Service`. Then within `Service` add a `Reg_DWORD` called Verbose an Figure 23. The Service key will not exist by default and must be created before the value is set within it. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/overview.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/overview.md index 88ff360036..0a33e87eb4 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/overview.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/preferences/overview.md @@ -22,8 +22,8 @@ To get you working as quickly as possible, please send us the following items: - Your Group Policy Preferences XML data file(s). - An example of a client's log files. All Endpoint Policy Manager products have a universal log "collector" utility. Simply run` pplogs.exe` from a command prompt and a ZIP file will be - generated for you. Mail that ZIP file to [support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) or - directly to your support representative if asked. + generated for you. [Open a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) and attach that ZIP file, or + contact your support representative if asked. - Screenshots or a video of the problem, if there's something to see. Use an application such as ScreenShot Pilot ([http://tinyurl.com/screenshotpilot](http://tinyurl.com/screenshotpilot)) or Jing ([www.Techsmith.com](http://www.Techsmith.com)) to capture images or videos showing your @@ -31,3 +31,5 @@ To get you working as quickly as possible, please send us the following items: We'll try to get you an answer right away. Call (800) 883-8002 if you think we haven't gotten your request for help. We want to help you! + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/manual/setup.md b/docs/endpointpolicymanager/components/preferencesmanager/manual/setup.md index ca48e4eefa..fc6752ef63 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/manual/setup.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/manual/setup.md @@ -33,3 +33,5 @@ At this point, you should have the following ready: - The Endpoint Policy Manager Exporter utility on the management station. Now you're ready to test Endpoint Policy Manager Preferences Manager. + + diff --git a/docs/endpointpolicymanager/components/preferencesmanager/overview.md b/docs/endpointpolicymanager/components/preferencesmanager/overview.md index 14d98f97a0..0be78a020e 100644 --- a/docs/endpointpolicymanager/components/preferencesmanager/overview.md +++ b/docs/endpointpolicymanager/components/preferencesmanager/overview.md @@ -17,3 +17,5 @@ Complete documentation for using Preferences Manager: - **Item Level Targeting** - Advanced targeting capabilities - **Getting Started** - Step-by-step deployment guides - **Preferences** - Detailed preferences configuration + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/_category_.json index e9286a705a..a638cb4ae0 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/_category_.json index 10ef29b1e3..021b3f2c63 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/overview.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/overview.md index 2373be5001..265bcf9208 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/overview.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/knowledgebase/overview.md @@ -15,4 +15,6 @@ Configuration and installation guides for RDP Manager. Best practices and helpful tips for using RDP Manager effectively. ## Troubleshooting -Solutions to common issues and problems with RDP Manager. \ No newline at end of file +Solutions to common issues and problems with RDP Manager. + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/_category_.json index e49e37b4ba..7fe3599c06 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/_category_.json index 231704b45b..e5db75a598 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/exportcollections.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/exportcollections.md index f2b996a09b..0539902365 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/exportcollections.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/exportcollections.md @@ -19,3 +19,5 @@ Remember that Endpoint Policy Manager RDP policies can be created and exported o Computer side. For instance, below we have a collection being exported. ![using_item_level_targeting_8](/images/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/using_item_level_targeting_8.webp) + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/itemleveltargeting.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/itemleveltargeting.md index 50f0f4f38a..18f0bd2862 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/itemleveltargeting.md @@ -25,3 +25,5 @@ Item-level targeting provides granular control over which users or computers rec - Target based on computer properties For detailed configuration steps, see the original item-level targeting documentation. + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/processorderprecedence.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/processorderprecedence.md index 7f9f374077..8ec9e76a8f 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/configuration/processorderprecedence.md @@ -14,3 +14,5 @@ to highest. ![using_item_level_targeting_5](/images/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/using_item_level_targeting_5.webp) ![using_item_level_targeting_6](/images/endpointpolicymanager/remotedesktopprotocol/itemleveltargeting/using_item_level_targeting_6.webp) + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/_category_.json index 400fb26178..bdda3fbb72 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/importrdpfile.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/importrdpfile.md index 5ab26f6f0d..805fc67627 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/importrdpfile.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/importrdpfile.md @@ -14,3 +14,5 @@ Then browse to the saved RDP file. Below you can see the imported path of the RD the file path setting was automatically imported, as are all other settings. ![getting_to_know_policypak_7](/images/endpointpolicymanager/remotedesktopprotocol/getting_to_know_endpointpolicymanager_7.webp) + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/overview_1.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/overview_1.md index 9460538e7a..e3e70a9e56 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/overview_1.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/overview_1.md @@ -30,3 +30,5 @@ in Figure 18. ![troubleshooting](/images/endpointpolicymanager/troubleshooting/remotedesktopprotocol/troubleshooting.webp) Figure 18. The ppuser log file. + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/policiessettings.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/policiessettings.md index 9d09411a29..682fc5ca01 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/policiessettings.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/gettingtoknow/policiessettings.md @@ -52,3 +52,5 @@ green it means that no value has been assigned to that variable. You can also configure experience settings such as optimized performance speed. ![getting_to_know_policypak_5](/images/endpointpolicymanager/remotedesktopprotocol/getting_to_know_endpointpolicymanager_5.webp) + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/overview.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/overview.md index 264aee4c49..b2e02c8da9 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/manual/overview.md @@ -30,3 +30,5 @@ Advanced configuration options including item-level targeting and process order - Tech Notes Get started by exploring the Getting to Know RDP Manager section. + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/overview.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/overview.md index 7da6a915ee..d7acba9d7c 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/overview.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/overview.md @@ -34,3 +34,5 @@ Video tutorials and demonstrations: - Support for multiple deployment methods Start with the Manual section to learn the basics, then explore specific topics as needed. + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videolearningcenter/_category_.json index e683fd5a16..c050164c33 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videolearningcenter/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/_category_.json index c96d7f4f5b..005e87b0f4 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/_category_.json b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/_category_.json index bfc8ecc3e2..26900b834c 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/_category_.json +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/cloud.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/cloud.md index e1c9521aa4..489fcbfb02 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/cloud.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/cloud.md @@ -12,4 +12,6 @@ Manager RDP Manager enables you to deliver .RDP files using the Endpoint Policy Edition and dictate connections as YOU want them defined. Don't leave it up to end users--you set it for them! - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/itemleveltargeting.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/itemleveltargeting.md index 02c340efac..fc98c94fd7 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/itemleveltargeting.md @@ -9,4 +9,6 @@ sidebar_position: 40 Deliver unique RDP sessions to multiple users, machines, security groups and more using Netwrix Endpoint Policy Manager (formerly PolicyPak)'s RDP Manager and Item Level Targeting! - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/mdm.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/mdm.md index 43d0b75e86..11267e344e 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/mdm.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/mdm.md @@ -11,4 +11,6 @@ up to date if a user changes it. Welcome Endpoint Policy Manager RDP Manager. En Manager RDP manager enables you to deliver .RDP files and dictate connections as YOU want them defined. Don't leave it up to end users-- you set it for them! - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/vdiscenarios.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/vdiscenarios.md index 502ba2f232..f05b6cc089 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/vdiscenarios.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/remoteworkandvdi/vdiscenarios.md @@ -11,7 +11,7 @@ up to date if a user changes it. Welcome Netwrix Endpoint Policy Manager (former Manager. Endpoint Policy Manager RDP manager enables you to deliver .RDP files and dictate connections as YOU want them defined. Don't leave it up to end users... you set it for them! - + Hi, this is Jeremy Moskowitz and in this video, we're going to learn how to use Endpoint Policy Manager RDP Manager. The basic gist is that users, if they knew what they were doing, which they @@ -106,3 +106,5 @@ the way we want. All these things are available to you to keep updated. You can dictate the remote work and work-from-home scenarios that you're after using Endpoint Policy Manager RDP link manager. I hope this video helps you out. Looking forward to getting you started real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/videolearningcenter.md index 11c30895ab..3e0fbcf9d7 100644 --- a/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/remotedesktopprotocolmanager/videos/videolearningcenter.md @@ -14,3 +14,5 @@ See the following Video topics for Endpoint Policy Manager RDP Manager. - [Create and update .RDP files for end-users using Endpoint Policy Manager Cloud Edition](./remoteworkandvdi/cloud.md) - [Create and update .RDP files for end-users using Endpoint Policy Manager MDM Edition](./remoteworkandvdi/mdm.md) - [Use Item Level Targeting to Deliver Targeted .RDP Files](./remoteworkandvdi/itemleveltargeting.md) + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/_category_.json index 6caeb869ad..6ae043b56b 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/_category_.json index e49e37b4ba..7fe3599c06 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/cloudmdm.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/cloudmdm.md index 7f6477b490..ace0cc51e3 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/cloudmdm.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/cloudmdm.md @@ -61,3 +61,5 @@ Next, specify the overwrite mode. After the Endpoint Policy Manager Remote Work Delivery Manager policy setting is delivered one time using your MDM service, all you need to do is update the ZIP file as needed. Endpoint Policy Manager keeps those files updated on your endpoints. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/exportcollections.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/exportcollections.md index 448c74565d..356fbaa8dd 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/exportcollections.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/exportcollections.md @@ -55,3 +55,5 @@ for additional information on how to export policies and use Endpoint Policy Man Note that exported collections or policies maintain any Item-Level Targeting set within them. If you've used items that represent Group Membership in Active Directory, then those items will only function when the machine is domain-joined. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/_category_.json index e3dd134faa..154faff0a5 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "gettoknow" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/collections.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/collections.md index ae16e86da1..6b5dd6b270 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/collections.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/collections.md @@ -25,3 +25,5 @@ As such, you can use a collection to: order. - Process policies synchronously — When checked, this will ensure that each individual policy is finished processing before the next one starts. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/computerside.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/computerside.md index 1a249083aa..4486f976b6 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/computerside.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/computerside.md @@ -44,3 +44,5 @@ Also, note some subtle differences about when policies are set to Always apply: - All policies with **Always run** selected will reapply when policy changes are made. - All policies with **Always run** selected will reapply when the Endpoint Policy Manager service starts up. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/_category_.json index 4a1fa85222..66b6ab45c7 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/overview.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/overview.md index e2ea0900bd..31eccc80f8 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/overview.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/overview.md @@ -9,3 +9,5 @@ sidebar_position: 10 This is a two-part Quickstart example. In Part 1, we're going to copy the installer file for Notepad++ from an SMB share, and then run it silently after the install. In Part 2, we're going to copy a file from an HTTP(S) webserver like Dropbox. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesstandard.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesstandard.md index 937e149f0a..94d6f1ed0f 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesstandard.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesstandard.md @@ -107,3 +107,5 @@ Notepad++ appear under the Recently added heading. to Link Enabled, or delete the GPO, and see Notepad++ go away. ![getting_to_know_policypak_15](/images/endpointpolicymanager/remoteworkdelivery/gettingstarted/getting_to_know_endpointpolicymanager_15.webp) + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesweb.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesweb.md index 7bb080b243..5807d5030f 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesweb.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettingstarted/policiesweb.md @@ -80,3 +80,5 @@ There is a little more to understanding web policies, which will be explained in Advanced Web Policies: Unpacking and Using ZIP Archives. There is also a security concern about web policies within GPOs. For more information on this issue, see the section titled Remote Work Delivery Manager Security Concerns. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettoknow.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettoknow.md index ccc65b6fbc..f588ebc3a1 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettoknow.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/gettoknow.md @@ -26,3 +26,5 @@ The functions of collections and policies are as follows: Both collections and policies may have Item-Level Targeting (explained in more detail later), which enables you to target policies based on criteria that you specify. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/multiplefiles.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/multiplefiles.md index 99840939fd..df910548f6 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/multiplefiles.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/multiplefiles.md @@ -44,3 +44,5 @@ modified date or time stamp. Therefore, if the source and destination file size the source and destination timestamp is unequal, then the file is assumed to have been changed. ::: + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/recursion.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/recursion.md index 75249ceb9d..e67be02295 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/recursion.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/gettoknow/recursion.md @@ -60,3 +60,5 @@ the number of files copied during an operation. You can also require that files be only copied when an attribute is set or not set. ![getting_to_know_policypak_30](/images/endpointpolicymanager/remoteworkdelivery/advanced/standard/getting_to_know_endpointpolicymanager_30.webp) + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/insouts.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/insouts.md index 9d117a9610..322fa26d74 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/insouts.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/insouts.md @@ -42,3 +42,5 @@ use the MDM service's MSI file deployment ability. Even though it works, and wou time, this is not a great system when you need to update one or more files on a regular basis, because the process becomes tedious and error-prone. With Endpoint Policy Manager, you'll see how to quickly copy files to endpoints and keep them updated on a regular basis. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/itemleveltargeting.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/itemleveltargeting.md index f45f2cc85b..fd40d578d5 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/itemleveltargeting.md @@ -66,3 +66,5 @@ Item-Level Targeting is applied to a collection, then none of the items in the c unless the Item-Level Targeting on the collection evaluates to True. ::: + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/overview.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/overview.md index 81239d1e27..6df028591b 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/overview.md @@ -7,8 +7,7 @@ sidebar_position: 10 # Remote Work Delivery Manager :::note -Before reading this section, please ensure you have read Book 2: -[Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you +Before reading this section, please ensure you have read the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you learn to do the following: ::: @@ -69,8 +68,9 @@ even to non-domain-joined machines over the Internet. Policy Manager CSE must be present in order to accept Endpoint Policy Manager Remote Work Delivery Manager directives via Group Policy, or when using MEMCM, KACE, MDM, or similar utilities. - Endpoints — In order to use these, they must be licensed for Endpoint Policy Manager Remote Work - Delivery Manager using one of the licensing methods, which are described in Book 1: - [Introduction and Basic Concepts](/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md). + Delivery Manager using one of the licensing methods, which are described in the [Introduction and Basic Concepts](/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md). - PolicyPak Exporter (optional) — A free utility that lets you take Endpoint Policy Manager Admin Templates Manager and our other products' XML files and wrap them into a portable MSI file for deployment using MEMCM, an MDM service, or your own systems management software. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/processorderprecedence.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/processorderprecedence.md index b1e2e3fb94..4c97e0519b 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/processorderprecedence.md @@ -37,3 +37,5 @@ Here is how precedence works: - Endpoint Policy Manager file-based policies (including those delivered from an MDM service) have the next highest precedence. - Endpoint Policy Manager Group Policy policies have the highest precedence. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/_category_.json index 75c60fcdde..27512f921a 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/events.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/events.md index c4ddc64ae4..73a1856135 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/events.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/events.md @@ -55,3 +55,5 @@ events in each category: - EventId = 709: HTTP revert job fails with error. - EventId = 710: HTTP revert job fails with error. - EventId = 711: HTTP revert job is completed. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/logs.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/logs.md index bd7e57cb9a..980babd4b4 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/logs.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/logs.md @@ -56,6 +56,7 @@ Manager Remote Work Delivery Manager (see Figure 56): Figure 56. Log files showing when a policy applies and when a policy reverts. -If needed, logs are automatically wrapped up and can be sent to -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) using the `PPLOGS.EXE` command on any endpoint +If needed, logs are automatically wrapped up and can be sent to support by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) using the `PPLOGS.EXE` command on any endpoint where the client-side extension is installed. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/overview.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/overview.md index 1a344b207d..db1adf313e 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/overview.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/overview.md @@ -8,3 +8,5 @@ sidebar_position: 80 In this section, we give you a few tips about Netwrix Endpoint Policy Manager (formerly PolicyPak) Remote Work Delivery Manager and discuss a security concern with some ways to troubleshoot it. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/refreshtiming.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/refreshtiming.md index 12194f9262..d06831f73b 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/refreshtiming.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/refreshtiming.md @@ -12,3 +12,5 @@ standards of Group Policy: at logon, and in the background every 90–120 minute policies, they are downloaded and applied after that. When using Endpoint Policy Manager Cloud, clients check in for new policies every 60 minutes, and this is configurable within Endpoint Policy Manager Cloud per computer group. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/securityconcerns.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/securityconcerns.md index 2a157cf767..67d7f8028d 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/securityconcerns.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/securityconcerns.md @@ -72,3 +72,5 @@ permissions, the user cannot read the User side of the GPO's contents. ![tips_security_and_troubleshooting_5](/images/endpointpolicymanager/troubleshooting/remoteworkdelivery/tips_security_and_troubleshooting_5.webp) Figure 54. The result of hardening a GPO. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/_category_.json index 3630dccaeb..f1861a6079 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/overview.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/overview.md index 992b406e25..3c85a6d970 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/overview.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/overview.md @@ -8,3 +8,5 @@ sidebar_position: 10 In the next sections we discuss some helpful tips for using Endpoint Policy Manager Remote Work Delivery Manager. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/specialvariables.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/specialvariables.md index 872779ed15..7f722dc5f0 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/specialvariables.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/specialvariables.md @@ -50,3 +50,5 @@ Policy Manager Cloud: - Install a non-MSI application, like Notepad++ setup installer immediately after downloading it (with its own switches, such as capital /S for silent, in the case of Notepad++ setup routine): `npp.7.5.6.Installer.exe $Env:DestinationFile /S` + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/wildcards.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/wildcards.md index 8c81730f8a..e11f0750bc 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/wildcards.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/remoteworkdelivery/tips/wildcards.md @@ -28,3 +28,5 @@ Examples: additional character (like Folder1, Folder4, Folder9) and then match every file that has two characters (like 11.pdf, 12.pdf, 22.pdf) from `\\server\share\Folder1`, `\\server\share\Folder2`, and so on. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/savetime.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/savetime.md index b247a6832d..b4e1f08c3f 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/savetime.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/manual/savetime.md @@ -30,3 +30,5 @@ For those using an MDM solution: - Your MDM service can only deploy MSI-wrapped files. With Endpoint Policy Manager Remote Work Delivery Manager, you can keep files updated and automatically deploy them to endpoints, without having to repeatedly update the MSI files. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/overview.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/overview.md index fb8b52d01a..199db583de 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/overview.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/overview.md @@ -39,3 +39,5 @@ Technical information and troubleshooting: - Integration with Azure Blob Storage and web services Start with the Manual section to learn the basics, then explore specific topics as needed. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/_category_.json index 94afda5423..41681dfa32 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/_category_.json @@ -8,3 +8,4 @@ "id": "knowledgebase" } } + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/knowledgebase.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/knowledgebase.md index 28c5e801b3..66d6217644 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/knowledgebase.md @@ -19,3 +19,5 @@ See the following Knowledge Base articles for Remote Work Delivery Manager. ## Troubleshooting - [My Dropbox link won't verify in Remote Work Delivery Manager](/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/dropboxlink.md) + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/_category_.json index 303bcb02f6..5331eea174 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installsequentially.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installsequentially.md index e0bc39b7d9..d656560ffd 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installsequentially.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installsequentially.md @@ -37,3 +37,5 @@ and close the script, thus completing it. But if your goals are modest, and you simply want to download applications in order, and at the end of each download, run a single installer (either .msi or .exe), then we recommend the **Run Process** method instead of PowerShell. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installuwp.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installuwp.md index f693236051..f88706abff 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installuwp.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/installuwp.md @@ -170,3 +170,5 @@ Add-AppPackage -path "C:\Installers\Microsoft.AzureVpn_1.1069.25.0_neutral___8we to skip. **Step 13 –** You are done, give the Policy a descriptive name then click **Finish**. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/printers.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/printers.md index 738235dd3d..895c6108b8 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/printers.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/printers.md @@ -90,3 +90,5 @@ The printer may take around 30 seconds to install. ![571_13_image-20210320020022-13](/images/endpointpolicymanager/remoteworkdelivery/571_13_image-20210320020022-13.webp) + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/updateclientsideextension.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/updateclientsideextension.md index b0d8b7aeab..79d480281e 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/updateclientsideextension.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/updateclientsideextension.md @@ -95,3 +95,5 @@ Click **Next**. **Step 16 –** If required, repeat steps 4 – 16 for 32-bit, making the necessary changes along the way. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/variables.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/variables.md index e05008d230..4ddcb98db7 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/variables.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/tipsandtricks/variables.md @@ -57,3 +57,5 @@ DestinationDir Destination DestinationFile ``` + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/_category_.json index 289c6f8855..30e7620b07 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/dropboxlink.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/dropboxlink.md index 4002c70468..c0c6eba3bf 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/dropboxlink.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/technotes/troubleshooting/dropboxlink.md @@ -94,3 +94,5 @@ This policy cannot be altered by either of the Administrative Consoles (On-premi Cloud). Any changes must be done manually to the XML and re-imported as detailed above. ::: + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/_category_.json index 9995c360e4..a8abb586cc 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/_category_.json @@ -8,3 +8,4 @@ "id": "videolearningcenter" } } + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/masscopy.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/masscopy.md index 74e5bf54f9..53ce314e8c 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/masscopy.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/masscopy.md @@ -10,4 +10,6 @@ copy files from a source and keep them up to date. It's a like a swiss army knif files. Copy one folder, multiple folders, and/or recursively or not. Keep target folders up to date with one, single policy... instead of deploying files each and every time. - + + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/patching.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/patching.md index f4881439cc..1491cede09 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/patching.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/patching.md @@ -8,7 +8,7 @@ sidebar_position: 40 Instead of specifying time and time again which computers should update, instead use the auto-update feature. This video shows how to use the "Always" property to always check for updates. Here's how ! - + :::note This technique works with SMB and web-based shares. @@ -58,3 +58,5 @@ exchange program underneath the hood, and you're off to the races. That's how you can keep software updated and patched all automatically using Endpoint Policy Manager Remote Work Delivery Manager. Hope this video helps you out. Looking forward to getting you started real soon with Endpoint Policy Manager. Thanks. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/smb.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/smb.md index a83d95dd9c..583c2d8b78 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/smb.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/smb.md @@ -10,4 +10,6 @@ with Endpoint Policy Manager Remote Work Delivery Manager. Just point toward the it. Endpoint Policy Manager will also uninstall the software when the policy no longer applies. It's easy, and fast. (And Powerful!) - + + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/webbasedshares.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/webbasedshares.md index d62fb2fd19..97443ebeb8 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/webbasedshares.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/gettingstarted/webbasedshares.md @@ -10,4 +10,6 @@ can do that with Endpoint Policy Manager Remote Work Delivery Manager. Just poin a web service like S3, Dropbox, Azure, etc. And ... that's it. Endpoint Policy Manager will also uninstall the software when the policy no longer applies. It's easy, and fast. (And Powerful!) - + + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/_category_.json index b6dcc179eb..1e013fe142 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/cloud.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/cloud.md index 75a9bdef03..7e9c9a0048 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/cloud.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/cloud.md @@ -10,7 +10,7 @@ start using Remote Work Delivery Manager to deploy that software! It's easy! Jus a cloud web service then let Netwrix Endpoint Policy Manager (formerly PolicyPak) do the rest of the work! - + Hi, this is Jeremy Moskowitz and in this video, I'm going to show you how you can deploy software to your domain-joined or non-domain joined machines using Endpoint Policy Manager Cloud. To get started @@ -85,3 +85,5 @@ Just like that, using Endpoint Policy Manager Cloud to deliver software to your your non-domain joined machines. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Cloud and Remove Work Delivery Manager real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/mdm.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/mdm.md index 8eb7030382..2c96ce8d98 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/mdm.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/methods/mdm.md @@ -11,4 +11,6 @@ not with Netwrix Endpoint Policy Manager (formerly PolicyPak) Remote Work Delive you store your file on a web service, then set a policy to download it, and keep it downloaded. And automatically updated. It's awesome. - + + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/_category_.json index eccef4c011..71019ba89a 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/azureblobstorage.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/azureblobstorage.md index f7269d04ec..74f6511155 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/azureblobstorage.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/azureblobstorage.md @@ -10,7 +10,7 @@ Endpoint Policy Manager (formerly PolicyPak), it's super easy. Here's how to cre upload your software, then use Endpoint Policy Manager Remote Work Delivery Manager to deploy that software (and keep it updated.) - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can use Endpoint Policy Manager Remote Work Delivery Manager with Azure Blob Storage. If you're not familiar with @@ -111,3 +111,5 @@ You replace the files in Azure Blob Storage as you need to making it update, and off to the races. Azure Blob Storage, Endpoint Policy Manager Remote Work Delivery Manager, your endpoints, it's a match made in heaven. Hope this video helps you out. Thanks for watching. Hope to get you started with Endpoint Policy Manager real soon. Bye-bye. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/localfilecopy.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/localfilecopy.md index 1c4dbdb7fe..51f2e719d8 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/localfilecopy.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/localfilecopy.md @@ -8,7 +8,7 @@ sidebar_position: 10 Want to copy files from the same box to a different source? Here's the magic unlock on how to hand-edit the XML to do that. - + Hi, this is Jeremy, and in this video, I'm going to show you how you can take files that live in a source folder locally and copy them to another local source folder using them Netwrix Endpoint @@ -80,3 +80,5 @@ You can't just change the destination path to something like \\server\share\123. permitted. You can trick it locally here with the sources, but you can't trick the destination. That is not permitted by Remote Work Delivery Manager. Hope this video helps you out, and looking forward to seeing you in the inside. Take care. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/updateclientsideextension.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/updateclientsideextension.md index 83f9497d9d..4775367072 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/updateclientsideextension.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/updateclientsideextension.md @@ -8,7 +8,7 @@ sidebar_position: 30 Want to keep everyone running the same version of the Client Side Extension and then update them all automatically when you're ready to? Here's how to do that using Remote Work Delivery Manager. - + Hi, this is John with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software. Today, we're going to walk through updating your Endpoint Policy Manager client-side extension using Remote Work @@ -82,3 +82,5 @@ It's a 68-meg file, so it takes a little bit of time to do. Then in a second, it actually installing the file, so you should probably see another command prompt pop up here. Alright, and it's done already. Now we can see that it's at 20.10.2592. Where it was at 2536, it's now at 2592. That's it. Thanks for watching and hope this helps. + + diff --git a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/videolearningcenter.md index 793fa627df..d82a92c5a6 100644 --- a/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/videolearningcenter.md @@ -25,3 +25,5 @@ See the following Video topics for Remote Work Delivery Manager. - [Endpoint Policy Manager: Remote Work Delivery Manager Local File Copy Magic](/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/localfilecopy.md) - [Endpoint Policy Manager: Use Azure Blob Storage to Deploy and Patch your software](/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/azureblobstorage.md) - [Using Remote Work Delivery Manager to Update the Endpoint Policy Manager Client Side Extension](/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/updateclientsideextension.md) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/_category_.json index b3e7cbb66e..567ffae70f 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/_category_.json index f890ea6095..bd3755797e 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/_category_.json @@ -8,3 +8,4 @@ "id": "knowledgebase" } } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/installation/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/installation/_category_.json index ee3640f7af..76ffd74d1c 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/installation/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/installation/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/knowledgebase.md index e331f82f4d..54d244e393 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/knowledgebase.md @@ -29,3 +29,5 @@ Scripts and Triggers Manager provides powerful automation capabilities for enter --- *Consult the troubleshooting section for script debugging guidance and common issue resolution.* + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/bitlockerdeployment.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/bitlockerdeployment.md index fb9fc60284..fa5a18c849 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/bitlockerdeployment.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/bitlockerdeployment.md @@ -120,3 +120,5 @@ collection to target your desired groupings. When the policy has been deployed to the user, they will receive a notification that a reboot will be required. It is not necessary that it be one immediately. Upon reboot BitLocker will automatically start to encrypt the drive with no input required from the user. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/edgefirstlogon.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/edgefirstlogon.md index 1a9c2e2fda..1d436d461f 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/edgefirstlogon.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/edgefirstlogon.md @@ -47,3 +47,5 @@ this option. the screen below after a successful 1st logon. ![868_3_image-20220225024809-3_900x490](/images/endpointpolicymanager/scriptstriggers/868_3_image-20220225024809-3_900x490.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/eventlogtriggers.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/eventlogtriggers.md index 48019e0b24..7806886854 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/eventlogtriggers.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/eventlogtriggers.md @@ -126,3 +126,5 @@ VPN disconnect example using Azure Point-to-Site VPN policy to disconnect the drives. ::: + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localaccountpassword.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localaccountpassword.md index e5ad65b916..e744ba182f 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localaccountpassword.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localaccountpassword.md @@ -86,3 +86,5 @@ The targeted endpoint must have rights to read the share and file used above (i. Lastly, apply the policy to any endpoints as needed and you are good to go. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localscheduledtask.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localscheduledtask.md index 1b37542a2f..89f97297ca 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localscheduledtask.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/localscheduledtask.md @@ -57,3 +57,5 @@ This policy will create a local scheduled task that will reboot the PC daily at if no one is logged into the PC. ::: + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/powershell.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/powershell.md index 1e44cc724b..655082ab81 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/powershell.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/powershell.md @@ -64,3 +64,5 @@ Use" from the CMD prompt try enabling the "Launch folder windows in a separate p image below) to see if that resolves the issue. ![216_9_image-20210204105234-1](/images/endpointpolicymanager/scriptstriggers/mappeddrives/216_9_image-20210204105234-1.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/processesdetails.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/processesdetails.md index 937371d5e8..35c1004a65 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/processesdetails.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/processesdetails.md @@ -48,3 +48,5 @@ behavior? Can this cause the CSE to malfunction? A: This is because the output from the script engine is in ANSI code but our logs are in Unicode. It does not cause any issues with the CSE or the ability to execute the script. This is strictly in the logging. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/resetsecurechannel.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/resetsecurechannel.md index 5c61ab0809..48310271de 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/resetsecurechannel.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/resetsecurechannel.md @@ -79,3 +79,5 @@ PowerShell to verify the Secure Channel is working again. Example of successful result in log file (`c:\temp\SecureChannel_PS.log` ) is below: ![300_9_image-20200623000029-9_950x181](/images/endpointpolicymanager/scriptstriggers/300_9_image-20200623000029-9_950x181.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/screensavers.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/screensavers.md index 73abeea023..1c96901441 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/screensavers.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/screensavers.md @@ -209,3 +209,5 @@ reg add HKCU\Software\Microsoft\Windows Photo Viewer\Slideshow\Screensaver /v En FINISH ![207_37_image-20200819181623-19](/images/endpointpolicymanager/scriptstriggers/207_37_image-20200819181623-19.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/shortcutpublicdesktop.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/shortcutpublicdesktop.md index 18d41c574c..dcd3c82633 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/shortcutpublicdesktop.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/shortcutpublicdesktop.md @@ -62,3 +62,5 @@ upgraded. Alternatively, you can change the "Policy process mode configuration" instead of "Once or when forced" to always create the shortcut at login or when `GPUPDATE` runs. ::: + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/silentbrowserinstall.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/silentbrowserinstall.md index a1ecdd54ac..db28a6a4ce 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/silentbrowserinstall.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/silentbrowserinstall.md @@ -165,3 +165,5 @@ from a CMD prompt to speed up the process. Chrome and Firefox will create a shor by default but the WinZip 14.5 MSI does not, to verify that WinZip installed correctly you can try to launch WinZip with the following command:` "C:\Program Files (x86)\WinZip\WINZIP32.EXE"` from Start > Run or a CMD prompt. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/teamsminimized.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/teamsminimized.md index b61b1b758a..239bbf26d5 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/teamsminimized.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/teamsminimized.md @@ -108,3 +108,5 @@ time, however, one of the icons will disappear shortly. Also, if this is the fir since the policy was applied it may take a 2nd login for the policy to kick in. ::: + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/temperatureunit.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/temperatureunit.md index 519e9639cc..c4ec451d78 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/temperatureunit.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/temperatureunit.md @@ -54,3 +54,5 @@ before the "set-content". steps on the wizard. ![438_5_image-20200626100413-4](/images/endpointpolicymanager/scriptstriggers/438_5_image-20200626100413-4.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/updateregistry.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/updateregistry.md index f4a06bf346..c01533e6c0 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/updateregistry.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/updateregistry.md @@ -58,3 +58,5 @@ specified each time Group Policy is processed **Step 8 –** Give a descriptive name to the policy and set Item Level Targeting if required -> FINISH + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/vpnconnection.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/vpnconnection.md index 74cd9e408a..c6820aa4da 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/vpnconnection.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/vpnconnection.md @@ -46,3 +46,5 @@ virtual network adapter that matched to following mask "FortinetVirtual Ethernet PPScripts listens if new network adapter was added/removed, check adapter's name, and execute corresponding script but without name of server. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/windows10modifyscript.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/windows10modifyscript.md index 6852f6bb82..abb5edf76b 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/windows10modifyscript.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/windows10modifyscript.md @@ -31,3 +31,5 @@ Then the expected behavior should be: This will all occur in the same processing cycle, and should not take several GPupdates or Endpoint Policy Manager Cloud syncs. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlandropbox.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlandropbox.md index c1019ad2b9..549f26ebe4 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlandropbox.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlandropbox.md @@ -91,3 +91,5 @@ command prompt. `netsh wlan delete profile name="Company WiFi"` + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlannetwork.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlannetwork.md index 4a82ad71f9..bac0e8387d 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlannetwork.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/tipsandtricks/wlannetwork.md @@ -54,3 +54,5 @@ command prompt. `netsh wlan delete profile name="Company WiFi"` + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/_category_.json index 2a7c1d7f13..269232431c 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/adminapproval.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/adminapproval.md index b71702d66c..64ac41f5f0 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/adminapproval.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/adminapproval.md @@ -97,7 +97,7 @@ environment in policy #2, see below. ![927_3_3_950x296](/images/endpointpolicymanager/troubleshooting/scriptstriggers/927_3_3_950x296.webp) -[https://www.endpointpolicymanager.com/pp-files/PPScripts\_\_MS_Teams_update_to_resolve_issue_with_Admin_Approval_prompts.xml](https://www.endpointpolicymanager.com/pp-files/PPScripts__MS_Teams_update_to_resolve_issue_with_Admin_Approval_prompts.xml) +[https://www.policypak.com/pp-files/PPScripts\_\_MS_Teams_update_to_resolve_issue_with_Admin_Approval_prompts.xml](https://www.policypak.com/pp-files/PPScripts__MS_Teams_update_to_resolve_issue_with_Admin_Approval_prompts.xml) ### WORKAROUND 3: For CSEs previous to 24.4 (Not recommended - as any MSIEXEC command line with "-embedding \*" will be elevated - use at own risk) @@ -105,3 +105,5 @@ Using Endpoint Policy Manager Least Privilege Manager create the 2 separate poli screen shot below. ![927_4_image-20231213102010-1](/images/endpointpolicymanager/troubleshooting/scriptstriggers/927_4_image-20231213102010-1.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/cylance.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/cylance.md index 7a0576b8e9..bff656006d 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/cylance.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/cylance.md @@ -18,3 +18,5 @@ Safelist, and Endpoint Policy Manager Scripts will run PowerShell scripts as exp This note came from Cylance and is not validated by Endpoint Policy Manager. ::: + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/onapplyscript.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/onapplyscript.md index a595bd7e7b..9c48810bf8 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/onapplyscript.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/onapplyscript.md @@ -24,3 +24,5 @@ Then the expected behavior we should see is: - 7zip uninstall (REVERT script is run.) - 7zip reinstall (Changed on script is run.) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/powershellscripts.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/powershellscripts.md index c861e8838d..f816082348 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/powershellscripts.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/powershellscripts.md @@ -87,3 +87,5 @@ then PowerShell will be blocked. ![867_7_image-20210721211958-7](/images/endpointpolicymanager/scriptstriggers/867_7_image-20210721211958-7.webp) ![867_8_image-20210721211958-8](/images/endpointpolicymanager/scriptstriggers/867_8_image-20210721211958-8.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/scriptlocation.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/scriptlocation.md index ef7b133c5e..d3d22e1f4a 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/scriptlocation.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/scriptlocation.md @@ -32,3 +32,5 @@ Client-Side Extensions | Scripts Manager | Use custom location for temporary scr what's seen here. ![827_3_image004](/images/endpointpolicymanager/scriptstriggers/827_3_image004.webp) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/systemprocesses.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/systemprocesses.md index 8f1a6018e8..cd40ae0aca 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/systemprocesses.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/systemprocesses.md @@ -19,3 +19,5 @@ it. Batch and PowerShell scripts when run from within an open cmd.exe or powersh however, do not open a new process; they run within that existing process. As no new process is started, there's nothing for Least Privilege Manager to intercept and the command is thereby allowed to run. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpn.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpn.md index f46c1835f0..85d043de42 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpn.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpn.md @@ -104,3 +104,5 @@ the VPN disconnects by using the script below and also changing the trigger to " **Step 12 –** "On trigger" does not work with Revert action script which is why you need to create a new policy to disconnect the drives. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpnsolutions.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpnsolutions.md index 96ca28150d..cc43343b0e 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpnsolutions.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/vpnsolutions.md @@ -13,3 +13,5 @@ The following VPNs are currently supported for use in Scripts Manager VPN Trigge 3. Fortinet 4. OpenVPN (GUI) 5. OpenVPN (Connect) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/windows7tls.md b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/windows7tls.md index e103fe7706..358ddd0dc9 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/windows7tls.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/knowledgebase/troubleshooting/windows7tls.md @@ -103,3 +103,5 @@ msiexec.exe /i c:\temp\Apps\MicrosoftEasyFix51044.msi /qn /L*V C:\temp\apps\MSEa } #Script ends here ``` + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/manual/_category_.json index 1c4c158a37..491e75991a 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/_category_.json @@ -8,3 +8,4 @@ "id": "overview" } } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/_category_.json index 231704b45b..e5db75a598 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/insouts.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/insouts.md index f84a1758d5..6ed753d888 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/insouts.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/configuration/insouts.md @@ -112,3 +112,5 @@ on any given MDM solution, since they are all very different). - The scripts only run when a computer is associated with a user; so with kiosk devices, using the MDM scripting is often not possible. - The scripts will not run with hybrid scenarios (domain-joined and Azure registered devices.) + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/_category_.json index 04d2942591..e43740d98e 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/advantages.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/advantages.md index eea55ab17c..a13b037b56 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/advantages.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/advantages.md @@ -31,3 +31,5 @@ policy method you already employ. - You can apply the script always, once, or when forced manually. - You can write your script in most common languages; not just PowerShell. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/computerside.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/computerside.md index 7b30715c4b..fb617207b4 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/computerside.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/computerside.md @@ -45,3 +45,5 @@ Note some subtle differences about when policies are set to "Always apply": - All policies with "Always apply" selected will reapply when policy changes are made. - All policies with "Always apply" selected will reapply when the Endpoint Policy Manager service starts up. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview.md index a93ac1b10c..ad57e14886 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview.md @@ -42,3 +42,5 @@ should have a folder that looks similar to what's seen in Figure 6. ![getting_to_know_scripts_triggers_2](/images/endpointpolicymanager/scriptstriggers/gettoknow/getting_to_know_scripts_triggers_2.webp) Figure 6. Endpoint Policy Manager script examples unpacked. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview_1.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview_1.md index 7cd6664196..4cad5f2bff 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview_1.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/overview_1.md @@ -46,6 +46,7 @@ annotations. Figure 33. An example of a Endpoint Policy Manager Scripts & Triggers Manager log. -**Step 2 –** If needed, logs are automatically wrapped up and can be sent to -[support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) using the `PPLOGS.EXE` command on any endpoint +**Step 2 –** If needed, logs are automatically wrapped up and can be sent to support by [opening a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket) using the `PPLOGS.EXE` command on any endpoint where the client-side extension is installed. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/shortcuts.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/shortcuts.md index 8723d9196d..0ed4c25541 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/shortcuts.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/shortcuts.md @@ -8,7 +8,7 @@ sidebar_position: 10 :::note For some video overviews of Endpoint Policy Manager Scripts & Triggers Manager, see -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-scripts-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-scripts-manager.html) +[https://www.policypak.com/products/endpointpolicymanager-scripts-manager.html](https://www.policypak.com/products/endpointpolicymanager-scripts-manager.html) ::: @@ -124,3 +124,5 @@ Figure 16. Make a policy stop applying by removing the "Link Enabled" settings i The policy has now fallen out of scope and will stop applying. Back on the endpoint, run GPupdate. When you do, the "Off" script will run and the "Visit Endpoint Policy Manager" icon will disappear. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/usage.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/usage.md index 24324742fe..6af57474e1 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/usage.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/gettingtoknow/usage.md @@ -68,3 +68,5 @@ Acrobat Reader. **Step 8 –** Finally, point to the application file or open process and configure Item-level Targeting if desired. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/_category_.json index dea7223125..796aab5943 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/exportcollections.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/exportcollections.md index 1d3ffbcb09..1ef763b5f7 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/exportcollections.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/exportcollections.md @@ -62,3 +62,5 @@ Figure 32. Choosing this option will allow the user to export the policy for lat Note that exported collections or policies maintain any Item-Level Targeting set within them. If you've used items that represent Group Membership in Active Directory, then those items will only function when the machine is domain-joined. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/overview.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/overview.md index 25c5d00283..7d276c848f 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/overview.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/overview.md @@ -71,3 +71,5 @@ Figure 27. When the policy or collection's icon is orange, the entry has Item-Le When Item-Level Targeting is on, the policy won't apply unless the conditions are true. If Item-Level Targeting is on a collection, then none of the items in the collection will apply unless the Item-Level Targeting on the collection evaluates to True. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/processorderprecedence.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/processorderprecedence.md index f2eec6984e..c15d157e74 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/itemleveltargeting/processorderprecedence.md @@ -36,3 +36,5 @@ overlap of policies. Here is how the precedence works: - Policies delivered through Endpoint Policy Manager files have the next highest precedence. - Policies delivered through Endpoint Policy Manager Group Policy directives have the highest precedence. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/manual/overview.md b/docs/endpointpolicymanager/components/scriptstriggers/manual/overview.md index c75447c3f0..bb71674506 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/manual/overview.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/manual/overview.md @@ -29,3 +29,5 @@ Scripts and Triggers Manager transforms static Group Policy environments into dy 1. Start with Getting to Know Scripts and Triggers Manager for fundamental concepts 2. Learn Configuration for setting up scripts and triggers 3. Use Item Level Targeting for advanced deployment scenarios + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/overview.md b/docs/endpointpolicymanager/components/scriptstriggers/overview.md index a166894618..68fd35bd27 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/overview.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/overview.md @@ -27,3 +27,5 @@ Scripts and Triggers Manager is a component of Endpoint Policy Manager (PolicyPa - Getting Started Videos - Trigger Examples - Troubleshooting + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/_category_.json index 08b2b0a69c..48b4bb9e46 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/_category_.json @@ -8,3 +8,4 @@ "id": "videolearningcenter" } } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/_category_.json index edb57b5129..9b170c37fa 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/cloud.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/cloud.md index e2b44b1b59..b43248f3d2 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/cloud.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/cloud.md @@ -9,7 +9,7 @@ Use Netwrix Endpoint Policy Manager (formerly PolicyPak) Scripts whenever you ne something that in-box Policy, Preference or Endpoint Policy Manager cannot normally do. Find your scripting superpowers and manage those non-domain joined machines! - + ### PolicyPak Scripts-Deploy any script via the Cloud to domain joined and non-domain joined machines @@ -103,3 +103,5 @@ never check in. Now you have an extra way to manage the heck out of them. I hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager Cloud real soon. See ya. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/onpremise.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/onpremise.md index 5eb38fa53c..8a966bfd60 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/onpremise.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/gettingstarted/onpremise.md @@ -7,10 +7,10 @@ sidebar_position: 10 Netwrix Endpoint Policy Manager (formerly PolicyPak) Scripts Manager goes beyond in-box Group Policy and enables you to deliver settings MORE than once, use any language you want, and eliminate -[https://www.endpointpolicymanager.com/pp-blog/group-policy-loopback](https://www.endpointpolicymanager.com/pp-blog/group-policy-loopback) +[https://www.policypak.com/pp-blog/group-policy-loopback](https://www.policypak.com/pp-blog/group-policy-loopback) so you can apply scripts to all users on the machine. - + ### PolicyPak Scripts-Use with on-prem Group Policy @@ -118,3 +118,5 @@ Thanks so much for watching. If you're using Endpoint Policy Manager Cloud or En Manager with your MDM service, we have other videos to show you how that works. Thanks so very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/_category_.json index bf3482899d..e671dd1396 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/mdm.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/mdm.md index 2137348e7c..debb86981c 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/mdm.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/mdm.md @@ -9,7 +9,7 @@ MDM services cannot deliver scripts and UN-deliver scripts. That's where Netwrix Manager (formerly PolicyPak) Scripts Manager AND your MDM service become awesome. Check out this video for an overview of WHY you need it and some examples of PP Scripts + MDM in use. - + ### PolicyPak Scripts and YOUR MDM service-Un-real power @@ -203,3 +203,5 @@ where Endpoint Policy Manager Scripts plus your MDM solution equals way more awe five minutes ago. Thanks so much for watching, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/pdqdeploy.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/pdqdeploy.md index e802cd77b7..b8bb68b41f 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/pdqdeploy.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/methods/pdqdeploy.md @@ -14,7 +14,7 @@ Manager preconfigured script. Check out this video to see Endpoint Policy Manager instantly remove junk from the Windows 10 desktop… in no time flat. - + Shane: Hey, everybody, I'm Shane. @@ -95,3 +95,5 @@ builds. And it does it one time and never again. Shane: Endpoint Policy Manager, baby. Jeremy: Here for you, guys. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/_category_.json index a74978754e..431040a5b1 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/bitlocker.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/bitlocker.md index 8f1f14ebff..ea7362e8b6 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/bitlocker.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/bitlocker.md @@ -9,7 +9,7 @@ If you need to encrypt your company data to protect it against prying eyes, Netw Manager (formerly PolicyPak) can help configure and implement BitLocker into your existing environment. - + Hi, this is John from Endpoint Policy Manager. We're going to look at deploying BitLocker. With more and more out of the office in potentially less secure locations, protecting data from theft is of @@ -119,3 +119,5 @@ a couple minutes when it's all done. Let's see where we stand now. It's at 0%. BitLocker version is at none. It's fully decrypted. No key protectors. It has been successfully uninstalled. Thanks for watching. Have yourself a great day. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/chocolaty.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/chocolaty.md index 5912304376..fa089d1180 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/chocolaty.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/chocolaty.md @@ -11,7 +11,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak), and... bingo. You're done. just about any pre-packaged software from Choco's repository. And use Endpoint Policy Manager Scripts to install or un-install. Couldn't be simpler. - + Hi, this is Jeremy Moskowitz and in this video, we're going to talk about automating remote installation of software from Chocolaty.org using Endpoint Policy Manager. Now what I'm about to @@ -135,3 +135,5 @@ solution I think it really helps out and gives you the ability to deploy softwar your endpoints no matter where they are. If they're working from home or whatever using Chocolaty. Hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/customdefaultfileassociations.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/customdefaultfileassociations.md index 04aa3a239b..73a93b4a18 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/customdefaultfileassociations.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/customdefaultfileassociations.md @@ -8,7 +8,7 @@ sidebar_position: 30 How to apply custom default application associations to Windows 10 using Netwrix Endpoint Policy Manager (formerly PolicyPak) Scripts Manager. - + Hi, this is David in Endpoint Policy Manager tech support. In this video I'm going to show you how to apply custom default application file associations using Endpoint Policy Manager Scripts Manager. @@ -32,3 +32,5 @@ Here I'm logging in as EastSalesUser1, who is one of the users who should be rec There you have it. Everything is working as expected. I hope that you'll find this video helpful and informative. If you have any questions, please ask in our forums under the Scripts Manager forum. Thank you. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/printers.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/printers.md index 997e353216..8e577ae65e 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/printers.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/printers.md @@ -10,7 +10,7 @@ PolicyPak) Scripts manager to do "loopback without loopback." In this demonstrat how to ADD a shared printer to every user who logs onto a machine... just like loopback. With Endpoint Policy Manager, its easy. Here you go ! - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can deploy shared printers without loopback using Endpoint Policy Manager Scripts Manager. You're going to have to do @@ -117,3 +117,5 @@ one, last thing, here we go. "Item-level targeting evaluated to FALSE", and ther that, we're going to run the off one. Hopefully this gives you a little bit to go on here, and hopefully this video helps you out. You could do shared printers without loopback on the computer side. Hope this video helps you out. Thanks very much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/unwantedapps.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/unwantedapps.md index 1396dc5907..e1987a143d 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/unwantedapps.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/unwantedapps.md @@ -11,4 +11,6 @@ Policy Manager (formerly PolicyPak) Scripts & Triggers Manager, and a Endpoint P preconfigured script. Check out this video to see Endpoint Policy Manager instantly remove junk from the Windows 10 desktop… in no time flat. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/windows10prolockscreen.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/windows10prolockscreen.md index 4649650b67..62fdee7713 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/windows10prolockscreen.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/tipsandtricks/windows10prolockscreen.md @@ -5,7 +5,7 @@ sidebar_position: 20 --- # Replace the Windows 10 PRO Professional Lock screen - + ### PolicyPak Scripts: Replace the Windows 10 PRO Professional Lock screen @@ -70,3 +70,5 @@ Hope this helps you out. Looking forward to getting you started with a trial rea soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/_category_.json index 3f9c57e133..e325bff529 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/anyconnect.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/anyconnect.md index 5397fa6f50..c1cc367c7f 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/anyconnect.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/anyconnect.md @@ -8,7 +8,7 @@ sidebar_position: 60 Got Cisco AnyConnect? And want to make a specific script run ON connect and another script when the VPN disconnects? If yes, you're gonna love this ! - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can run a script like map a drive or map a printer or clean up the computer, whatever you want to do, on Cisco AnyConnect @@ -54,3 +54,5 @@ you've got it all set, bring it in to Endpoint Policy Manager Scripts with the T you can have a nice on script and a nice off script, and you are off to the races with Endpoint Policy Manager and Cisco AnyConnect. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/events.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/events.md index 6c69a68222..336ed02549 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/events.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/events.md @@ -7,7 +7,7 @@ sidebar_position: 70 Use the Event Log to trigger when any kind of scriptable event should occur. - + Hi, this is Jeremy Moskowitz. In this video I'm going to show you how you can use Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Scripts & Triggers Manager to set off any kind of script you @@ -48,3 +48,5 @@ With that in mind, this gives you the opportunity to look for any kind of event in any Event Log. When it happens on the client machine, do a complex action or a simple action. I hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager Scripts & Triggers real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/lockunlocksession.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/lockunlocksession.md index 3c7c4946b4..92b3c1c66b 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/lockunlocksession.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/lockunlocksession.md @@ -9,7 +9,7 @@ In this demo you'll see how to use Session Lock and Session Unlock trigger types Endpoint Policy Manager (formerly PolicyPak) Scripts. It's easy to do ! Pre-test your script first, then you're off to the races. Remember which processes require RUN INTERACTIVE though! - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can use Endpoint Policy Manager scripts and triggers to fire off activities when the session is locked and unlocked. @@ -61,3 +61,5 @@ background. Of course, we can't see it. Now if we unlock, bang, we put it back o Endpoint Policy Manager scripts and triggers enables you to at session lock or unlock time, do some superpower magic and hopefully this example will give you some great stuff for your imagination. Hope this helps you out. Looking forward to helping you get started real soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/mapdrivetriggers.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/mapdrivetriggers.md index 3e6c68278f..268222c47b 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/mapdrivetriggers.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/mapdrivetriggers.md @@ -10,7 +10,7 @@ Endpoint Policy Manager (formerly PolicyPak) Scripts + Triggers of course. Its e pre-try your script first, then use Endpoint Policy Manager Scripts + Triggers to do the magic. Its easy! - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can use Endpoint Policy Manager scripts and triggers to map a drive, or map a printer, or do some other exciting @@ -82,3 +82,5 @@ how the printer takes a couple seconds the very first time to probably get that rocking and rolling. After that, you can see it actually happens really, really quickly. I hope this helps you out and you're ready to use Endpoint Policy Manager scripts and triggers. Thanks very much. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/scripttriggers.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/scripttriggers.md index 115b12a0dd..fb0bb9433c 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/scripttriggers.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/scripttriggers.md @@ -9,7 +9,7 @@ No login scripts in MDM and Intune got your down? Looking to have something fast (and something that works offline) for GPO and Netwrix Endpoint Policy Manager (formerly PolicyPak) cloud? Then check out Endpoint Policy Manager Scripts + Login Script Triggers... right here! - + Hi, this is Jeremy Moskowitz. In this video, we're going to learn how to use triggers with regards to Endpoint Policy Manager scripts. There's a bunch of problems we want to overcome. The first one @@ -69,3 +69,5 @@ script is running. If you like the idea of Endpoint Policy Manager scripts and triggers, you're welcome to watch some more videos on how the triggers work. Thanks so very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/shutdownscripts.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/shutdownscripts.md index 1d972562b3..0b3d703ce7 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/shutdownscripts.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/shutdownscripts.md @@ -9,7 +9,7 @@ Want to do ANY kind of shutdown script... with Group Policy, an MDM service like PolicyPak cloud? Here's how to do it, with PolicyPak Scripts and Triggers.... and Shutdown triggers ! - + Hi, this is Jeremy Moskowitz, and in this video we're going to use PolicyPak scripts and triggers to do something at computer shutdown time. We're going to keep it simple in this video and we're going @@ -38,3 +38,5 @@ Triggers to the rescue. Hope this helps you out. Remember doing this on the computer side because you can only do shutdown on the computer side. Hope this helps you out. Thanks very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/vpnconnect.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/vpnconnect.md index 34b0774a45..1f9b1143dd 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/vpnconnect.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/vpnconnect.md @@ -9,7 +9,7 @@ Want to map a drive or perform any other login script when you connect via VPN? Endpoint Policy Manager (formerly PolicyPak) Scripts & Triggers with this awesome way to handle this problem. - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can use Endpoint Policy Manager Scripts and Triggers to map a drive or do any kind of log on script thing you want @@ -58,3 +58,5 @@ bang, delete the file. Just like that using Endpoint Policy Manager Scripts and any kind of scripty thing you want on a VPN connection and also a VPN disconnection. Hope this video helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Thank you very much. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/videolearningcenter.md index cee53a5b7b..d90602b88b 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/videolearningcenter.md @@ -32,3 +32,5 @@ Specialized guidance for implementing Scripts and Triggers Manager in cloud envi --- *All videos include practical examples and downloadable sample scripts.* + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/_category_.json b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/_category_.json index 00cf3c2306..8b0f5128c2 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/_category_.json +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/_category_.json @@ -4,3 +4,4 @@ "collapsed": true, "collapsible": true } + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/auditpol.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/auditpol.md index e050a1ab5e..82c84dee42 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/auditpol.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/auditpol.md @@ -8,7 +8,7 @@ sidebar_position: 40 Use Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Scripts and Triggers Manager and Auditpol.exe to configure advanced auditing on your remote (domain or non-domain joined) computers. - + Hi, this is John from Endpoint Policy Manager. In this video, we're going to show you how you can enable advanced auditing for remote domain or nondomain joined computers using Endpoint Policy @@ -66,3 +66,5 @@ different set of auditing. Either way. Minimize that. Let's update the policy. N policy is no longer there. Query object access, and again, back to no auditing. Let's clear the log. Open up my file. Close it. Refresh. No logging. Okay, so this is how we can enable advanced auditing in remote domain or nondomain joined computers. Thanks for watching. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/cloud.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/cloud.md index e0b7e99f1c..8e27e4fba6 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/cloud.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/cloud.md @@ -10,7 +10,7 @@ Policy Manager (formerly PolicyPak). Using Endpoint Policy Manager Scripts you c to your machines which are domain joined and VPN, or those with Endpoint Policy Manager Cloud. Here's how to do it! - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can use Endpoint Policy Manager Scripts to deploy software to remote workers. In this demonstration, this machine, @@ -103,3 +103,5 @@ Manager Scripts Manager to deploy your software through the internet, through yo machines and VPN, or to your not domain joined machines with Endpoint Policy Manager Cloud as well. Hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/printersetup.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/printersetup.md index bb802503e8..fdae81544a 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/printersetup.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/printersetup.md @@ -5,4 +5,6 @@ sidebar_position: 30 --- # Endpoint Policy Manager Cloud TCP/IP Printer setup using Scripts Manager - + + + diff --git a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/x509certificates.md b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/x509certificates.md index ac10df7776..08b0b3399b 100644 --- a/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/x509certificates.md +++ b/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/withcloud/x509certificates.md @@ -9,7 +9,7 @@ Use Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud and Scripts Manag import X.509 certificates to your endpoints, regardless of where they may reside, for use with Endpoint Policy Manager VPN Manager or any any other purpose you have. - + Script: @@ -79,3 +79,5 @@ certificate all set to go. That said, again, this is great for use with VPN Manager. Again, this is for absolutely any purpose you need to get custom X509 Certificates onto your endpoints. Thanks a lot and have a great day. + + diff --git a/docs/endpointpolicymanager/components/securitysettingsmanager/_category_.json b/docs/endpointpolicymanager/components/securitysettingsmanager/_category_.json index 1c6f73b736..a19247746a 100644 --- a/docs/endpointpolicymanager/components/securitysettingsmanager/_category_.json +++ b/docs/endpointpolicymanager/components/securitysettingsmanager/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/_category_.json b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/_category_.json index 20ca7992c8..0c5b98a0c0 100644 --- a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/_category_.json +++ b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/exportwizard.md b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/exportwizard.md index b4d10331fa..60fa528781 100644 --- a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/exportwizard.md +++ b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/exportwizard.md @@ -49,3 +49,5 @@ location and filename to save your XML file. Keep this file handy since you'll use it with Endpoint Policy Manager Exporter or Endpoint Policy Manager Cloud. To learn more about how to deliver settings outside of Group Policy, be sure to read Appendix A, [Using Endpoint Policy Manager with MDM and UEM Tools](/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md). + + diff --git a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/gettoknow.md b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/gettoknow.md index c74cf45a85..11a50ffa76 100644 --- a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/gettoknow.md +++ b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/gettoknow.md @@ -22,3 +22,5 @@ Additionally, if you use the PolicyPak Cloud service, you can even deliver these Policy security settings to non-domain-joined machines over the Internet. ::: + + diff --git a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/overview.md b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/overview.md index c3568eb4da..ae9a7c8daf 100644 --- a/docs/endpointpolicymanager/components/securitysettingsmanager/manual/overview.md +++ b/docs/endpointpolicymanager/components/securitysettingsmanager/manual/overview.md @@ -7,8 +7,7 @@ sidebar_position: 40 # Security Settings Manager :::note -Before reading this section, please ensure you have read Book 2: -[Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you +Before reading this section, please ensure you have read the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md), which will help you learn to do the following: ::: @@ -59,3 +58,5 @@ Endpoint Policy Manager Security Settings Manager has the following components: Policy Manager Admin Templates Manager and other Endpoint Policy Manager products' XML files and wrap them into a portable MSI file for deployment using Microsoft Endpoint Manager (SCCM and Intune), a mobile device management service, or your own systems management software. + + diff --git a/docs/endpointpolicymanager/components/securitysettingsmanager/overview.md b/docs/endpointpolicymanager/components/securitysettingsmanager/overview.md index 0a46ac8f27..7970504ef4 100644 --- a/docs/endpointpolicymanager/components/securitysettingsmanager/overview.md +++ b/docs/endpointpolicymanager/components/securitysettingsmanager/overview.md @@ -15,3 +15,5 @@ Complete documentation for using Security Settings Manager: - **Overview** - Getting started with security settings - **Export Wizard** - Exporting security settings for deployment - **Configuration** - Advanced security settings configuration + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/_category_.json index 6c7f0ed99a..fa08af3777 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/_category_.json @@ -3,4 +3,4 @@ "position": 15, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/manual/_category_.json index cd6b8d995f..980db1e24a 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/_category_.json index 67f6682c82..0877f21fbb 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/addremovepackages.md b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/addremovepackages.md index bba94f3a31..0b1f86e32b 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/addremovepackages.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/addremovepackages.md @@ -28,3 +28,5 @@ Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' 'CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' -NE -Value 'CN=PolicyPak Software, Inc.,O=PolicyPak Software, Inc.,L=Media,S=Pennsylvania,C=US' | Format-Table -Property Name, Publisher -AutoSize + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/helpertool.md b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/helpertool.md index 8f630d0762..9efad741bc 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/helpertool.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/helpertool.md @@ -48,3 +48,5 @@ done this, you can then use the Import button in the Remove Package Policy Mode. Next, select an application from the list to be populated into the policy. ![appx_policies_and_settings_16](/images/endpointpolicymanager/softwarepackage/appx/appx_policies_and_settings_16.webp) + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/installpackage.md b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/installpackage.md index 0f816a98ff..eecabe7f61 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/installpackage.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/installpackage.md @@ -36,3 +36,5 @@ Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' 'CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' -NE -Value 'CN=PolicyPak Software, Inc.,O=PolicyPak Software, Inc.,L=Media,S=Pennsylvania,C=US' | Format-Table -Property Name, Publisher -AutoSize + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/overview.md b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/overview.md index 0c4576b86f..ba3cddcc66 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/overview.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/overview.md @@ -30,3 +30,5 @@ Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' 'CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' -NE -Value 'CN=PolicyPak Software, Inc.,O=PolicyPak Software, Inc.,L=Media,S=Pennsylvania,C=US' | Format-Table -Property Name, Publisher -AutoSize + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/removepackage.md b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/removepackage.md index 63f8526ed7..cb3ad8ee11 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/appx/removepackage.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/appx/removepackage.md @@ -29,3 +29,5 @@ Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' 'CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US' | Where-Object -Property 'Publisher' -NE -Value 'CN=PolicyPak Software, Inc.,O=PolicyPak Software, Inc.,L=Media,S=Pennsylvania,C=US' | Format-Table -Property Name, Publisher -AutoSize + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/exportcollections.md b/docs/endpointpolicymanager/components/softwarepackage/manual/exportcollections.md index 4e354885fb..013b4959f0 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/exportcollections.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/exportcollections.md @@ -21,3 +21,5 @@ Remember that Endpoint Policy Manager RDP policies can be created and exported o Computer side. For instance, below you can see an item being exported from the Computer side. ![exporting_collections_1](/images/endpointpolicymanager/softwarepackage/exporting_collections_1.webp) + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/itemleveltargeting.md b/docs/endpointpolicymanager/components/softwarepackage/manual/itemleveltargeting.md index 1c5192b68b..400c0e8506 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/itemleveltargeting.md @@ -45,3 +45,5 @@ users not be on the corporate LAN. In this example, the Pak would only apply to Windows 10 machines when the machine is portable and not on the corporate LAN subnet, and the user is in the FABRIKAM\Traveling Sales Users group. + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/overview.md b/docs/endpointpolicymanager/components/softwarepackage/manual/overview.md index 4fe2021361..03055d570b 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/overview.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/overview.md @@ -21,3 +21,5 @@ For AppX packages, you can do the following with Software Package Manager: Watch this video for an overview of See Endpoint Policy Manager Software Package Manager: [Endpoint Policy Manager Software Package Manager: AppX Manager](/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/appxmanager.md) for additional information. + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/manual/processorderprecedence.md b/docs/endpointpolicymanager/components/softwarepackage/manual/processorderprecedence.md index 0551657d06..10115f7621 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/manual/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/softwarepackage/manual/processorderprecedence.md @@ -17,3 +17,5 @@ Therefore, you might want to organize your policies such that removal policies c those operations are faster. Then, order the installation policies by length of installation time, with the items with the shortest install times first and the items with the longest install times last. + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/technotes/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/technotes/_category_.json index d50e383b71..77c2c1e4ae 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/technotes/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/winget.md b/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/winget.md index 6d7e168ee1..5a8634de2a 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/winget.md +++ b/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/winget.md @@ -45,3 +45,5 @@ installs Chocolaty on your server. ![820_3_image-20230824192325-3_950x265](/images/endpointpolicymanager/softwarepackage/820_3_image-20230824192325-3_950x265.webp) ![820_4_image-20230824192325-4_950x521](/images/endpointpolicymanager/softwarepackage/820_4_image-20230824192325-4_950x521.webp) + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/technotes/knowledgebase.md b/docs/endpointpolicymanager/components/softwarepackage/technotes/knowledgebase.md index 7d8a2c09b0..2693c899f2 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/components/softwarepackage/technotes/knowledgebase.md @@ -11,3 +11,5 @@ See the following Knowledge Base article for Software Package Manager. ## Getting Started - [How to install WinGet on a server that you are using as a management station (unsupported)?](/docs/endpointpolicymanager/components/softwarepackage/technotes/gettingstarted/winget.md) + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/videos/_category_.json index 77675c0c90..c3aa6c973f 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/_category_.json index 87775cc7bf..ff39ee480e 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/appxmanager.md b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/appxmanager.md index 1faf7fefa7..37df0ad7a7 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/appxmanager.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/appxmanager.md @@ -10,7 +10,7 @@ Want to nuke Candy Crush and other pre-installed Windows 10 apps? And would you install Windows Store apps? You've got it with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software Package Manager and our AppX Manager function. - + Hi, this is Jeremy Moskowitz. In this video we're going to talk about adding and removing packages from the Microsoft Store, also known as AppX packages. You know the drill. Your users think you @@ -95,3 +95,5 @@ it. Check out our other videos if you like Endpoint Policy Manager Package Manager and everything we have to offer. Thanks very much for watching. We'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/blockapps.md b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/blockapps.md index 6fe56cbc10..1daea2a95a 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/blockapps.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/blockapps.md @@ -8,7 +8,7 @@ sidebar_position: 30 Want to deploy Windows Store Apps via Software Package Manager, but want to enforce that ONLY specific UWP apps can run? This is the one-two combination you need to get the job done! - + In a previous video you saw me use Netwrix Endpoint Policy Manager (formerly PolicyPak)'s Software @@ -119,3 +119,5 @@ remove applications. Many of them you can add using Software Package Manager. Th put the full smack down on the Least Privilege Manager with our Add New UWP Policy to Deny your UWP Applications and then Allow the ones that you expressly want to open up, there you go. I hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/removeapps.md b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/removeapps.md index 48cd46e739..68844a267e 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/removeapps.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/appxpoliciesitems/removeapps.md @@ -10,4 +10,6 @@ Trying to remove built-in apps on Windows 10 or Windows 11? Netwrix Endpoint Pol wildcards may and may not be used to remove applications. Note this requires latest version of the PP CSE to perform. - + + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/_category_.json index eccef4c011..71019ba89a 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/extrastool.md b/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/extrastool.md index 2d4e27fd38..3b048d5c91 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/extrastool.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/tipsandtricks/extrastool.md @@ -8,4 +8,6 @@ sidebar_position: 10 See how to survey a machine for what applications you're already using. Then export those settings for use with Netwrix Endpoint Policy Manager (formerly PolicyPak) Software Package Manager + Winget. - + + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/_category_.json index d121c14f5f..ddb919c15a 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/mdm.md b/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/mdm.md index ae03c7addd..45c5c4a308 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/mdm.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/mdm.md @@ -10,7 +10,7 @@ important Windows 10 Store applications? With Netwrix Endpoint Policy Manager (f Package Manager (AppX) policies of course! Use your Intune (or any other MDM service) to remove "junkware" but then add important business related Windows 10 Store applications! - + Hi, this is Jeremy Moskowitz. In this video I'm going to show you how you can use Endpoint Policy Manager Software Package Manager to deliver AppX settings and also remove AppX settings from your @@ -74,3 +74,5 @@ even with the latest edition of Windows 10. I hope this helps you out, giving you the power to deploy and remove applications from the Microsoft Store using Endpoint Policy Manager and your MDM service. I hope this helps you out. Looking forward to getting you started with Endpoint Policy Manager real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/softwarepackage/videos/videolearningcenter.md index 933da4d221..314a606adc 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/videolearningcenter.md @@ -26,3 +26,5 @@ See the following Video topics for Software Package Manager. ## Using with other METHODS (Cloud, MDM, etc.) - [Endpoint Policy Package Manager (AppX Policies): Add or Remove Microsoft Store using your MDM service.](/docs/endpointpolicymanager/components/softwarepackage/videos/usingwithothermethod/mdm.md) + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/_category_.json b/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/_category_.json index d66753d485..33fe7a2bda 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/_category_.json +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/deployapplications.md b/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/deployapplications.md index 4eda8805cb..7d518f39a8 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/deployapplications.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/deployapplications.md @@ -9,4 +9,6 @@ WinGet is built into Windows. But how do you mass deploy applications and keep t Netwrix Endpoint Policy Manager (formerly PolicyPak) Software Pakage Manager, it's easy. Maybe too easy. See this video to see how its done. - + + + diff --git a/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/run.md b/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/run.md index ea440a3e12..7ab58b2994 100644 --- a/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/run.md +++ b/docs/endpointpolicymanager/components/softwarepackage/videos/wingetpolicies/run.md @@ -9,4 +9,6 @@ You'll want to try out some packages before you deliver them to your endpoints. get the package names you want, test things out then use Netwrix Endpoint Policy Manager (formerly PolicyPak) to deliver those applications via WinGet. - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/_category_.json index f6cc4b7c4b..7cd20159cd 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/_category_.json @@ -3,4 +3,4 @@ "position": 16, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/_category_.json index cd6b8d995f..980db1e24a 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/_category_.json index f0e03818c4..1a9fcbc164 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "collectionssettingsilt" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/collectionssettingsilt.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/collectionssettingsilt.md index f6f0005f88..de6de2db31 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/collectionssettingsilt.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/collectionssettingsilt.md @@ -20,3 +20,5 @@ the following ways: policies that add icons to those groups. - With Endpoint Policy Manager Taskbar Manager, Item-Level Targeting can be used within collections, as well as policies, that pin icons to the Taskbar. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/expectedbehavior.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/expectedbehavior.md index 5896cde78b..35d8c23337 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/expectedbehavior.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/expectedbehavior.md @@ -17,3 +17,5 @@ Figure 49. After a policy no longer applies, users are free to manage their Star At this point, users are free to add or remove icons from the groups or delete the group. If the policies ever come back into effect, they will reapply and lock down the groups again. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/exportcollections.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/exportcollections.md index da16a348c7..4bbec899fa 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/exportcollections.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/exportcollections.md @@ -49,3 +49,5 @@ you've used items that represent Group Membership in Active Directory, then thos function when the machine is domain-joined. For more information about exporting settings and using Endpoint Policy Manager Exporter utility, see Appendix A: [Using Endpoint Policy Manager with MDM and UEM Tools](/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md). + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/processorderprecedence.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/processorderprecedence.md index 2441d3b9c7..6f8c1a12a5 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/processorderprecedence.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/processorderprecedence.md @@ -79,3 +79,5 @@ overlap of policies. Here is how the precedence works: - Policies delivered through Endpoint Policy Manager files have the next highest precedence. - Policies delivered through Endpoint Policy Manager Group Policy directives have the highest precedence. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/_category_.json index 980c663b4b..cef6a5747a 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/groupaction.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/groupaction.md index ae984c8650..4830b4f5c6 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/groupaction.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/groupaction.md @@ -33,3 +33,5 @@ field. The options are described below. this checkbox is checked, the group will be replaced only if a matching group name is not found. - The default behavior is: create new groups if they do not exist and update groups if they do exist. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/overview.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/overview.md index 0c8a727b23..49a2075631 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/overview.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/overview.md @@ -118,3 +118,5 @@ The fields inside the Group Editor are as follows: tile) or you can insert an "Edge link" (which will explain what was missing). This will be described in more detail in an upcoming section. - Item-Level Targeting: This was described above. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/placeholder.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/placeholder.md index 5b87d7960b..db43d39913 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/placeholder.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/startscreen/placeholder.md @@ -50,3 +50,5 @@ Figure 42. Applications with Item-Level Targeting evaluating to FALSE will alway The application is not shown and there is no Edge tile to explain why. This is expected when Item-Level Targeting for an application tile evaluates to False. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/taskbar.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/taskbar.md index f874bb5a8f..67496969e6 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/taskbar.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/collectionssettingsi/taskbar.md @@ -40,3 +40,5 @@ The fields inside the Taskbar Manager Pinned Collection Editor are as follows: Figure 45. Pinned desktop icons will appear in the Endpoint Policy Manager Start Screen Manager advertisement group, or a group of your choice. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/gettoknow.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/gettoknow.md index 4d4cc45b35..c57d9fe996 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/gettoknow.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/gettoknow.md @@ -35,3 +35,5 @@ Figure 4. Adding collections and policies. The next sections provide a Quickstart to using the Start Screen Manager node and the Taskbar Manager node. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/helperutility.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/helperutility.md index 99639695d7..0586d2bea0 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/helperutility.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/helperutility.md @@ -62,3 +62,5 @@ Figure 57. On the management station you can import from the XML file. At this point, your list will change to what was imported from the XML file. This process means you don't need to install the actual application on your machine to deliver Endpoint Policy Manager Start Screen or Endpoint Policy Manager Taskbar Manager policies. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/_category_.json index c013e145db..7eca3603a6 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/advantages.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/advantages.md index 4882c31aa9..2eed8c2e91 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/advantages.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/advantages.md @@ -32,3 +32,5 @@ settings that the in-box Microsoft method uses. That is Endpoint Policy Manager Taskbar Manager will create its own XML file (one per computer when computer-side Group Policy is used and one per user when user-side Group Policy is used). It works with Microsoft's method (using the XML file and corresponding Group Policy setting), but adds functionality. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/overview.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/overview.md index c86908d87c..b4bc4b1033 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/overview.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/overview.md @@ -15,3 +15,5 @@ Together they have two goals: In this manual, we will walk through examples of how to perform these functions. We'll start out by understanding the need to manage Start Screen and Taskbar settings and the use of the in-box method from Microsoft; then, we'll learn how Endpoint Policy Manager can make the whole process easier. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/windows10.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/windows10.md index 8a129c5f04..6cdc389e1f 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/windows10.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/insouts/windows10.md @@ -54,3 +54,5 @@ In summary: All of this becomes time consuming and will quickly get out of hand every time you must update and roll out an application that will be the registered extension or protocol. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/overview.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/overview.md index 42c50eb2d6..8f95e8e5d1 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/overview.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/overview.md @@ -35,7 +35,7 @@ perform the following operations on Windows 10: :::note For an overview of Endpoint Policy Manager Start Screen & Taskbar Manager, watch the videos at -[https://www.endpointpolicymanager.com/products/endpointpolicymanager-start-screen-taskbar-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-start-screen-taskbar-manager.html). +[https://www.policypak.com/products/endpointpolicymanager-start-screen-taskbar-manager.html](https://www.policypak.com/products/endpointpolicymanager-start-screen-taskbar-manager.html). ::: @@ -75,3 +75,5 @@ settings even to non-domain-joined machines over the Internet. Manager Admin Templates Manager and our other products' XML files and wrap them into a "portable" MSI file for deployment using Microsoft Endpoint Manager (SCCM and Intune), an MDM service, or your own systems management software. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/_category_.json index f9bb499c38..1c3969666c 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/desktopapplications.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/desktopapplications.md index dd13d45894..7580af1cb2 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/desktopapplications.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/desktopapplications.md @@ -67,3 +67,5 @@ The Start Screen icon policy you created can be seen in Figure 22. Figure 22. The Endpoint Policy Manager Start Screen Manager policy is contained within the collection. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/edgetiles.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/edgetiles.md index 5429d10fe0..2c134a283e 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/edgetiles.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/edgetiles.md @@ -42,3 +42,5 @@ you to log off and log on again to see the Start Menu changes. ![quickstart_start_screen_manager_22](/images/endpointpolicymanager/startscreentaskbar/startscreen/quickstart_start_screen_manager_22.webp) Figure 27. The application tiles inside the new group. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/overview.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/overview.md index fd68aacaf0..6143a7fdda 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/overview.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/overview.md @@ -34,3 +34,5 @@ the Start Menu. Using Start Screen & Taskbar Manager, we want to place all of ou applications into a single group called "My Important Apps." In this Quickstart, we will create a group policy object (GPO) and link it to your sample users. (You could also create and link a GPO to your computers, but we will not be doing that in this Quickstart.) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/uwpapplications.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/uwpapplications.md index 52631b82a0..937521d318 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/uwpapplications.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/uwpapplications.md @@ -49,3 +49,5 @@ Figure 16. Specifying the UWP policy name. ![quickstart_start_screen_manager_12](/images/endpointpolicymanager/startscreentaskbar/startscreen/quickstart_start_screen_manager_12.webp) Figure 17. The UWP application icon entry. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/windows10.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/windows10.md index e44efa4b17..0709669c2a 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/windows10.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreen/windows10.md @@ -95,3 +95,5 @@ tile, and Edge tile), by right-clicking and selecting "Add to Group," as seen in Figure 13. Use the MMC editor to add a new universal (UWP) application tile, desktop application tile, and new Edge tile. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/_category_.json index ef83254957..af026a07ec 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/logsusercomputerside.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/logsusercomputerside.md index 509b8bda94..16a4d31720 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/logsusercomputerside.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/logsusercomputerside.md @@ -25,3 +25,5 @@ The resulting files are stored in - Computer side: switched.xml - User side: user.xml - Final/composite XML: ssmResults.xml + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/overview.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/overview.md index 4a066b501c..e104a25583 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/overview.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/overview.md @@ -19,3 +19,5 @@ Here are some tips when trying to troubleshoot Start Screen & Taskbar Manager: then logs on again. - Start Screen & Taskbar Manager's policies may not work the very first time a user logs onto a Windows 10 machine, but will take effect in the background a bit later. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/xmlfiles.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/xmlfiles.md index d8aaa4bf4e..3b9336b0c4 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/xmlfiles.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/startscreentaskbar/xmlfiles.md @@ -22,3 +22,5 @@ which should be pinned to the Taskbar. If you are expecting an application to be Start Menu or Taskbar, but it is absent, start by checking this file to see if the application is present. If the association is absent, then, most likely, the target computer didn't get the policy to add the icon to the Start Menu or Taskbar. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/taskbar.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/taskbar.md index 320c6feb5b..086a7c21e3 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/taskbar.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/manual/taskbar.md @@ -10,7 +10,7 @@ Now you're ready to create Netwrix Endpoint Policy Manager (formerly PolicyPak) :::note For a video overview of Taskbar Manager, see -[](https://www.endpointpolicymanager.com/products/endpointpolicymanager-start-screen-manager.html)[Endpoint Policy Taskbar Manager: Quick Demo](/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/demotaskbar.md). +[](https://www.policypak.com/products/endpointpolicymanager-start-screen-manager.html)[Endpoint Policy Taskbar Manager: Quick Demo](/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/demotaskbar.md). ::: @@ -61,3 +61,5 @@ are implemented. This ends the Endpoint Policy Manager Start Screen & Taskbar Manager Quickstart sections. Next, we'll dive into more detail about the Endpoint Policy Manager Start Screen & Taskbar Manager. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/_category_.json index d50e383b71..77c2c1e4ae 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/knowledgebase.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/knowledgebase.md index dee32c9558..3c7b7ebc5c 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/knowledgebase.md @@ -35,3 +35,5 @@ See the following Knowledge Base articles for Start Screen and Task Bar Manager. - [How-To create a folder shortcut in Windows 10 Start Menu using Endpoint Policy Manager Starts Screen Manager?](/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/foldershortcut.md) - [How can I add a link to the Control Panel to the Start Screen or Taskbar using Endpoint Policy Manager Start Screen Manager?](/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/addlink.md) - [How to automatically kill explorer at 1st Logon to Bypass needing to logout and back in for Start Screen Manager to apply](/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/logonworkaround.md) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/_category_.json index 6ba42bb498..c105a1fef1 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/addlink.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/addlink.md index b629a748b2..b2a2877000 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/addlink.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/addlink.md @@ -12,3 +12,5 @@ we recommend you choose a Shortcut Icon from Shell32.DLL. The other fields may be left blank. ![914_1_image001](/images/endpointpolicymanager/startscreentaskbar/914_1_image001.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/appv.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/appv.md index f14759c7d2..6c8128cf0e 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/appv.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/appv.md @@ -42,3 +42,5 @@ The target application path must exist in the client machine. **Step 7 –** Log-off and log back on to see the required Starts Screen items. ![808_5_image-20201121192420-5](/images/endpointpolicymanager/integration/808_5_image-20201121192420-5.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/explorer.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/explorer.md index 55d10a2c19..fcc8496740 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/explorer.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/explorer.md @@ -7,3 +7,5 @@ sidebar_position: 10 # How do I add Explorer.exe to the taskbar using Endpoint Policy Manager Start Screen & Taskbar Manager ? ![731_1_sss](/images/endpointpolicymanager/startscreentaskbar/731_1_sss.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/foldershortcut.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/foldershortcut.md index 13bc2b5a07..61ff891615 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/foldershortcut.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/foldershortcut.md @@ -12,3 +12,5 @@ Replace the command-line argument (RED text-color) as per your requirement. `%systemroot%\explorer.exe "%userprofile%\Desktop\New Folder"` ![824_1_image-20210304053215-1](/images/endpointpolicymanager/startscreentaskbar/824_1_image-20210304053215-1.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/helpertools.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/helpertools.md index 5e4a63dc49..085b5b70e7 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/helpertools.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/helpertools.md @@ -174,3 +174,5 @@ Shortcuts - Remove Programs Changes to the Left side are immediate and do not need a log off. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/logonworkaround.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/logonworkaround.md index 78ee80534e..93a546b985 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/logonworkaround.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/logonworkaround.md @@ -62,3 +62,5 @@ You will see a very brief flash on the end-user computer for new logins. This policy should be set to apply after the PPSSM policy. ::: + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/sccmsoftwarecenter.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/sccmsoftwarecenter.md index 7c7eaab14d..cbc71ed453 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/sccmsoftwarecenter.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/tipsandtricks/sccmsoftwarecenter.md @@ -38,3 +38,5 @@ Finally, take the defaults… and/or change the ShortCut name to suit. Final results should look like this… ![724_9_hf-936-img-05](/images/endpointpolicymanager/startscreentaskbar/724_9_hf-936-img-05.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/_category_.json index 5a4bd8ada0..11c90f2c7f 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/appcantrun.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/appcantrun.md index 8e29b92e8a..e96372571f 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/appcantrun.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/appcantrun.md @@ -21,3 +21,5 @@ supported. ![699_2_img2_950x396](/images/endpointpolicymanager/troubleshooting/error/startscreentaskbar/699_2_img2_950x396.webp) ![699_3_img3_950x368](/images/endpointpolicymanager/troubleshooting/error/startscreentaskbar/699_3_img3_950x368.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/crash.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/crash.md index e0c42aa1a8..c9d04d267c 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/crash.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/crash.md @@ -12,3 +12,5 @@ function. Do not disable this dmwappushservice service. ![537_1_asdfghkyhj](/images/endpointpolicymanager/troubleshooting/startscreentaskbar/537_1_asdfghkyhj.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/customicons.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/customicons.md index b16ae493ed..c4fd5f6a63 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/customicons.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/customicons.md @@ -74,3 +74,5 @@ or `%AppData%\Microsoft\Windows\Start Menu\Programs` will get you the results yo this. ![735_15_image-20200723210823-8_950x998](/images/endpointpolicymanager/troubleshooting/startscreentaskbar/735_15_image-20200723210823-8_950x998.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/existingicons.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/existingicons.md index 7c55ed2247..f472d17bc8 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/existingicons.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/existingicons.md @@ -17,3 +17,5 @@ In short, there are two categories of Start Screen items: Items that fall into the second category "Applications pinned by Enterprise" are wiped out when new layout is applied by Endpoint Policy Manager Start Screen & Taskbar Manager. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/linked.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/linked.md index 8d5fe1ca72..881c9a061e 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/linked.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/linked.md @@ -59,3 +59,5 @@ It will remove the Endpoint Policy Manager tile from the Start Menu. The example sample script is below. ![819_5_c4b607f18774d1a207d45cbd8a96b426](/images/endpointpolicymanager/troubleshooting/startscreentaskbar/819_5_c4b607f18774d1a207d45cbd8a96b426.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/logons.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/logons.md index 3354f9fce0..b876bf5098 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/logons.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/logons.md @@ -23,3 +23,5 @@ Scenario 2: - When the User logs on, because policies are applied asynchronously, the end-user missed the chance to apply those to Explorer. So, you see the result at the next logon because the Start Screen & Taskbar policies are "now written, but not yet seen." + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/mappeddrives.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/mappeddrives.md index 4fb18295a6..c851fb08e5 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/mappeddrives.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/mappeddrives.md @@ -14,3 +14,5 @@ the Start Screen, then it means that either the Application is not present at t it is configured with a Mapped Drive instead of the UNC Path. ![841_1_image-20201201090844-1](/images/endpointpolicymanager/requirements/support/startscreentaskbar/841_1_image-20201201090844-1.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/modes.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/modes.md index 4c33337058..86c30d5abd 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/modes.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/modes.md @@ -91,3 +91,5 @@ After running gpupdate to apply policy you must logout then back in to receive t TBM policy settings. ::: + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/office365.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/office365.md index 463f6ae733..a961185973 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/office365.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/office365.md @@ -38,3 +38,5 @@ Summary to get Office icons to appear on endpoints: **Step 2 –** Use the Helper tool. **Step 3 –** Then create the icons from the export the helper tool made. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/pinnedcollection.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/pinnedcollection.md index 916cfd707e..06ad6380f4 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/pinnedcollection.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/pinnedcollection.md @@ -17,3 +17,5 @@ see how to do it in the second screenshot. ![623_1_faq-07-img-01](/images/endpointpolicymanager/troubleshooting/startscreentaskbar/623_1_faq-07-img-01.webp) ![623_2_faq-07-img-02](/images/endpointpolicymanager/troubleshooting/startscreentaskbar/623_2_faq-07-img-02.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/rollback.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/rollback.md index 7326a42d1f..3d01c2ffa4 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/rollback.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/rollback.md @@ -11,3 +11,5 @@ re-trigger the initial start menu layout. Note you may not get an EXACT revert; close. [Endpoint Policy ManagerStart Screen and Endpoint Policy Manager Scripts: Specify exact Start Menu experience one time](/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/onetime.md) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10.md index 99717feb02..95d9e15404 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10.md @@ -11,3 +11,5 @@ fully work with Windows 10 build 1703. With build 1607 only Start Screen policies are expected to work. To get both Start Screen and Taskbar Manager policies to work, you will need to have the endpoint(s) be 1703 or later. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10disablenotification.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10disablenotification.md index be0534d6da..323e158a31 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10disablenotification.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windows10disablenotification.md @@ -97,3 +97,5 @@ next. **Step 9 –** Lastly, apply policy to computer OU or domain where you want New App notifications to be disabled. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowsdefault.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowsdefault.md index 2d69a06245..da8b964a02 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowsdefault.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowsdefault.md @@ -31,3 +31,5 @@ Workaround for many computers using GPPref Item: - Use Group Policy Preferences Item to remove those folders from the location. ![678_2_image-20191219082753-6](/images/endpointpolicymanager/troubleshooting/startscreentaskbar/678_2_image-20191219082753-6.webp) + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowserver.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowserver.md index 79fb862615..4bf6a6dca6 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowserver.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/technotes/troubleshooting/windowserver.md @@ -15,3 +15,5 @@ Manager: 2019 and later. Neither component will work on Server 2012 R2 (with Desktop Experience). + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/_category_.json index 77675c0c90..c3aa6c973f 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/_category_.json index 8a57d40e96..b05f9c49f6 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/onetime.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/onetime.md index 5e284db47f..bd8fab3846 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/onetime.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/onetime.md @@ -8,4 +8,6 @@ sidebar_position: 10 If your Start Menu is a little unhappy, or if you want to dictate the Start Layout ONE TIME and let users do whatever they want, then use these scripts to get the job done. - + + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/demotaskbar.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/demotaskbar.md index 63b24b50ff..b3f9cc3ee4 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/demotaskbar.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/demotaskbar.md @@ -8,7 +8,7 @@ sidebar_position: 30 Quickly and easily manage what icons are pinned to the Windows 10 Taskbar. Use Group Policy, SCCM or your MDM service. It couldn't be easier. - + ### PolicyPak Taskbar Manager: Quick Demo @@ -66,3 +66,5 @@ knock your socks off, I don't know what will. I hope this makes you as happy as you're looking to get started soon, just join us for the webinar and you can get started right away. Thanks so very much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/helperutility.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/helperutility.md index 6c62a37ee3..f2cf17dfd7 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/helperutility.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/helperutility.md @@ -8,7 +8,7 @@ sidebar_position: 10 If you don't have the application already installed on your management station, then use this utility to grab application IDs. It's easy. Check it out! - + ### PolicyPak Start Screen and Taskbar Manager Helper Utility @@ -84,3 +84,5 @@ way I wanted to. That's all we have for now. I hope this helps you out. Looking forward to getting you started real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/itemleveltargeting.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/itemleveltargeting.md index 0a486d97f2..9acfef2c35 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/itemleveltargeting.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/itemleveltargeting.md @@ -8,7 +8,7 @@ sidebar_position: 40 Automatically specify "who should get what" settings based upon conditions like security group, Laptop vs. Not laptop and so on. - + ### PolicyPak Start Screen Manager: Using Item Level Targeting @@ -21,7 +21,7 @@ This is East Sales User 1 who is currently logged on, and he's getting "My Impor maintain that for East Sales Users, so what we'll do is we'll go over to "Collection 1" over here. Let's rename that. Let's "Edit Collection" and call it "East Sales Users." While we're here, we'll change the -"[https://www.endpointpolicymanager.com/pp-blog/item-level-targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting)" +"[https://www.policypak.com/pp-blog/item-level-targeting](https://www.policypak.com/pp-blog/item-level-targeting)" and specify that this stuff will only work when the "Security Group" is our "EastSalesUsers."What we're doing is we're marrying using item-level targeting and saying do this stuff called "My Important Apps" when the guys are "East Sales Users." @@ -65,3 +65,5 @@ when I have that application do that. It's incredibly flexible. I just wanted to give you a quick taste of how that would work. One policy to rule them all. You don't have to be stuck with one fixed policy. Just as simple as that. I hope this helps you out. We're looking to get you started soon with Endpoint Policy Manager Start Screen Manager. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/linksie.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/linksie.md index ba7fcaf1fd..e52e3d89a3 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/linksie.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/linksie.md @@ -8,7 +8,7 @@ sidebar_position: 50 Need to add IE links to the Start Menu? Here's the quick and easy way… With Netwrix Endpoint Policy Manager (formerly PolicyPak)! - + ### PolicyPak Start Screen Manager – Add IE links @@ -60,3 +60,5 @@ Now it is going to do this in another window. We can't somehow magically merge t But that should get you where you need to go. I hope this video helps you out and you're ready to get started with Endpoint Policy Manager Start Screen Manager real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/windows10startmenu.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/windows10startmenu.md index c1f8697447..7b08981cb7 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/windows10startmenu.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/gettingstarted/windows10startmenu.md @@ -8,7 +8,7 @@ sidebar_position: 20 The Windows 10 Start Menu is a beast to configure. Instead of leaving the Start Menu to users, YOU be in charge. See this video to get the basics down in minutes ! - + ### PolicyPak Start Screen Manager: Own the Win10 Start Menu @@ -17,7 +17,7 @@ Hi. This is Jeremy Moskowitz, former Group Policy MVP and Founder of Netwrix End Windows 10 Start Screen. How do we do it? We're going to use our Start Screen Manager program. You can see, we already have three groups that are here in the -[https://www.endpointpolicymanager.com/pp-blog/windows-10-start-screen](https://www.endpointpolicymanager.com/pp-blog/windows-10-start-screen). +[https://www.policypak.com/pp-blog/windows-10-start-screen](https://www.policypak.com/pp-blog/windows-10-start-screen). We're going to create our own called Our Important Apps. What are we're going to add there? We're going to add maybe "Adobe Reader," maybe add the "Calculator" and also add and Edge tile. We'll see how to do that. @@ -67,7 +67,7 @@ go ahead and choose the "Large" and I'll call this "big calc." Then the last thing I'll do is I'll "Add/New Edge Tile." My Edge tile will let me give it a name. I'll call this "Get Endpoint Policy Manager Help," and then the "URL" can be -[https://www.endpointpolicymanager.com](https://www.endpointpolicymanager.com); There we go, and click "Next" and I can make +[https://www.policypak.com](https://www.policypak.com); There we go, and click "Next" and I can make this a "Wide" tile. You can also change the Desktop "Background" colors if you're so inclined and all that sort of @@ -141,3 +141,5 @@ videos, like how to change to see how you can easily open PDFs, MAILTO and MP4s with the programs you want. Thanks so much for watching, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/_category_.json index 1f1354f705..5ba805c3e9 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/citrix.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/citrix.md index 594d26df21..23d4c70058 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/citrix.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/citrix.md @@ -10,7 +10,7 @@ Menus and Taskbars? Good luck… if you don't have Netwrix Endpoint Policy Manag PolicyPak) Start Screen and Taskbar manager. Here's the video to show you how to manage XenApp and XenDesktop icons on the Start Menu and Taskbar. - + ### PP Start Screen and Taskbar manager with Citrix XenApp and XenDesktop @@ -184,3 +184,5 @@ do different things for different circumstances. I hope this helps you out and you're ready to get started with Endpoint Policy Manager Start Screen and Taskbar Manager in your real world and also in your Citrix world. Thanks so much for watching. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdm.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdm.md index 60ce284b07..c3fce59b01 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdm.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdm.md @@ -9,7 +9,7 @@ The Windows 10 Start Menu is a beast to configure, and once configured, it's not Instead of leaving the Start Menu to users, YOU be in charge. See this video to get the basics down in minutes, then deploy your settings using the MDM service of your choice! - + ### PolicyPak MDM: Manage the Windows 10 Start Screen Like a Boss @@ -119,7 +119,7 @@ Start Screen. There we go. We have the "Important Apps" just like we directed. If I click on any of these, it takes me just exactly where it's supposed to. The "Calculator" works. "Adobe Acrobat Reader DC" opens right up. If I go to the Edge tile, then we'll go to -"www.endpointpolicymanager.com." So they all are there and they all work. +"www.policypak.com." So they all are there and they all work. Now notice that there are still the original groups still there and the original pins. That is because when we created the collection, we chose the PARTIAL (PRESERVE) option. That is why we @@ -136,3 +136,5 @@ So there we are. If that's interesting for you, then let us know. We'll be happy with a free trial right away. Look forward to seeing you in the next video. Thanks. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdmitemleveltargeting.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdmitemleveltargeting.md index 5e023238c2..24a19ef4d7 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdmitemleveltargeting.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/mdmitemleveltargeting.md @@ -9,7 +9,7 @@ Making an MDM policy to manage the Start Menu and Taskbar can be a NIGHTMARE. Bu Endpoint Policy Manager (formerly PolicyPak) Start Screen Manager. With us you can have ONE policy which can be used again and again. See how it's done. - + ### PolicyPak Start Screen Manager and MDM @@ -69,3 +69,5 @@ Manager Start Screen Manager settings. I hope that helps you out. Looking forward to getting started with you soon. Take care. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/nondomainjoined.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/nondomainjoined.md index 4db4b83398..84b359fc61 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/nondomainjoined.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/nondomainjoined.md @@ -9,7 +9,7 @@ Got non-domain joined machines? Use Netwrix Endpoint Policy Manager (formerly Po deliver Endpoint Policy Manager Start Screen and Taskbar settings to them. Couldn't be easier. Here's how. - + ### PolicyPak Start Screen & Taskbar Manager: Manage non-domain joined machines using PolicyPak Cloud @@ -69,3 +69,5 @@ joined machine to accept your directives with Endpoint Policy Manager Cloud. With that in mind, you can join us for a webinar to get started right away and try this out yourself. Thanks so very much. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/pdqdeploy.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/pdqdeploy.md index 5a59263e52..c0f555154b 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/pdqdeploy.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/methods/pdqdeploy.md @@ -12,7 +12,7 @@ In this video, Kris from PDQ and Jeremy Moskowitz, former Group Policy MVP from Manager Software show you how to get it "out there" and nicely manage that Windows 10 Start Screen and Taskbar. - + ### Taking Control of Your Taskbar and Start Menu with PolicyPak and PDQ Deploy @@ -277,3 +277,5 @@ Jeremy: Well, thanks for having me on the video. Kris: Yeah. Thanks for watching. Jeremy: Thanks, guys. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/_category_.json b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/_category_.json index 289c6f8855..30e7620b07 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/customicons.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/customicons.md index 1bad479d15..de7e52abc0 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/customicons.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/customicons.md @@ -11,7 +11,7 @@ back in twice to see the changes the first time. `C:\ProgramData\Microsoft\Windows\Start Menu\Programs` - + ### Endpoint Policy Manager Start Screen Manager and Special Custom Icons @@ -97,3 +97,5 @@ requires you to also nuke those things. Hope this video helps you out and gets y doing custom icons. Thanks so very much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/revertstartmenu.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/revertstartmenu.md index a3125baa02..3865500ed9 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/revertstartmenu.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/troubleshooting/revertstartmenu.md @@ -7,7 +7,7 @@ sidebar_position: 20 If your Start Menu is a little unhappy, use these scripts to make it right. - + ### Using PP SCRIPTS to Revert Start Menu @@ -114,3 +114,5 @@ mind, if you have any questions, please ask on the forums in the Start Screen an forum. Thank you very much, and talk to you soon. + + diff --git a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/videolearningcenter.md b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/videolearningcenter.md index 469b39ffe3..fdf5eeeb57 100644 --- a/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/videolearningcenter.md @@ -32,3 +32,5 @@ See the following Video topics for Start Screen and Task Bar Manager. ## Extras - [Endpoint Policy ManagerStart Screen and Endpoint Policy Manager Scripts: Specify exact Start Menu experience one time](/docs/endpointpolicymanager/components/startscreenandtaskbar/videos/extras/onetime.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/_category_.json b/docs/endpointpolicymanager/deliverymethods/_category_.json index 28fac483cb..b676695d93 100644 --- a/docs/endpointpolicymanager/deliverymethods/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/_category_.json @@ -3,4 +3,4 @@ "position": 19, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/_category_.json index 6bdb715333..cbe1c32e86 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/_category_.json @@ -1 +1,2 @@ {"label":"Cloud","position":10,"collapsed":true,"collapsible":true} + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/_category_.json index ebf9bc76c5..b6fae684d8 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/_category_.json @@ -1 +1,2 @@ {"label":"Knowledge Base","position":1,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"knowledgebase"}} + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/_category_.json index f192cb35ae..098f15a833 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/azurevirutaldesktop.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/azurevirutaldesktop.md index 9631ed7a42..9c08d77fdc 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/azurevirutaldesktop.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/azurevirutaldesktop.md @@ -33,7 +33,7 @@ on the Master Desktop Image. The required PPC client version (20.5.2449.838 or higher) can be found within your PPC Portal at the following page -[https://cloud.endpointpolicymanager.com/ManageCustomer/UserList](https://cloud.endpointpolicymanager.com/ManageCustomer/UserList) +[https://cloud.policypak.com/ManageCustomer/UserList](https://cloud.policypak.com/ManageCustomer/UserList) under the Downloads section, by clicking on the Download other versions link at the bottom of the page. @@ -102,7 +102,7 @@ on the Master Desktop Image. The required PPC client version (20.5.2449.838 or higher) can be found within your PPC Portal on the following page -[https://cloud.endpointpolicymanager.com/ManageCustomer/UserList](https://cloud.endpointpolicymanager.com/ManageCustomer/UserList) +[https://cloud.policypak.com/ManageCustomer/UserList](https://cloud.policypak.com/ManageCustomer/UserList) under the **Downloads** section, by clicking on the Download other versions link at the bottom of the page. @@ -192,7 +192,7 @@ ensure that you have followed all steps exactly. ``` Could not sync with the cloud.  -A network error occurred during sending RegisterComputer to https://cloudsvc.endpointpolicymanager.com/Services/Registration: Keyset does not exist +A network error occurred during sending RegisterComputer to https://cloudsvc.policypak.com/Services/Registration: Keyset does not exist ``` ![332_10_image-20210529214259-11](/images/endpointpolicymanager/integration/332_10_image-20210529214259-11.webp) @@ -204,3 +204,5 @@ Using `GPEDIT.MSC`, verify that the following setting **Run startup scripts asy enabled under **Local Computer Policy** > **Administrative Templates** > **System**. ![332_11_image-20210529214259-10](/images/endpointpolicymanager/integration/332_11_image-20210529214259-10.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/clientsilent.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/clientsilent.md index e90a67de9a..c1f728ed41 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/clientsilent.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/clientsilent.md @@ -43,3 +43,5 @@ msiexec /i %1 /norestart /quiet /lv*x %logfile% ``` ![530_1_image-20230330095004-1](/images/endpointpolicymanager/install/cloud/530_1_image-20230330095004-1.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/edit.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/edit.md index d84e760fe3..e68d1d35b6 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/edit.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/edit.md @@ -65,3 +65,5 @@ A:Great, ask it in the FORUMS please in the PP Cloud section. Q:Why did you build this? A:Because its awesome, and it needed to be done. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/groups.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/groups.md index 54d479f182..b523ada666 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/groups.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/groups.md @@ -16,3 +16,5 @@ Information on creating jointokens: [https://helpcenter.netwrix.com/bundle/endpointpolicymanager_AppendixE/page/Tools.html](https://helpcenter.netwrix.com/bundle/endpointpolicymanager_AppendixE/page/Tools.html) and - Video: [Endpoint Policy Manager Cloud: Automatically Join Groups with JOINTOKEN](/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/jointoken.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/printers.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/printers.md index a5eb57332c..cfe6943681 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/printers.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/printers.md @@ -29,3 +29,5 @@ cloud and sync it locally. Then PPC will be able to install that Printer back We've edited the value for Printer's location in the PPC Pref Object. ![747_1_front-desk-retry](/images/endpointpolicymanager/troubleshooting/cloud/747_1_front-desk-retry.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/publickeypoliciessettings.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/publickeypoliciessettings.md index 44b7bc552c..d64cb04731 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/publickeypoliciessettings.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/publickeypoliciessettings.md @@ -28,3 +28,5 @@ you export, then deploy using PPCloud or Netwrix Endpoint Policy Manager (former Inside the exported XML you can see the certificate embedded like this and ready for use. ![580_2_q10-img-2](/images/endpointpolicymanager/cloud/security/580_2_q10-img-2.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/remoteworkdeliverymanager.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/remoteworkdeliverymanager.md index fbd12d8b4c..b4c6412afa 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/remoteworkdeliverymanager.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/remoteworkdeliverymanager.md @@ -85,3 +85,5 @@ Endpoint Firewall settings BEFORE import: Endpoint Firewall settings AFTER import: ![788_11_image-20210309203819-11](/images/endpointpolicymanager/cloud/788_11_image-20210309203819-11.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/removeendpoint.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/removeendpoint.md index b3eb048d68..367931b836 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/removeendpoint.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/removeendpoint.md @@ -11,3 +11,5 @@ permanently** command, the next time the Cloud Client syncs to the Cloud Service (Cloud agent and Cloud CSE) are physically removed from the endpoint automatically. ![588_1_image001](/images/endpointpolicymanager/install/cloud/588_1_image001.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/syncfrequency.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/syncfrequency.md index 9f6533a516..aad9882525 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/syncfrequency.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/syncfrequency.md @@ -10,3 +10,5 @@ The Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud client will sync the computer starts. If a computer started at 2:22, the next sync will be at 3:22. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/targetingeditor.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/targetingeditor.md index bb6f6f2322..f54bb5cc8e 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/targetingeditor.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/targetingeditor.md @@ -128,3 +128,5 @@ Policy Manager Cloud based Internal Item-Level Targeting Filter window. ![732_16_image-20200213172020-9_950x629](/images/endpointpolicymanager/cloud/732_16_image-20200213172020-9_950x629.webp) **Step 10 –** Click the **OK** button. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/transition.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/transition.md index 1e85be7e10..0301e8d556 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/transition.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/transition.md @@ -7,4 +7,6 @@ hide_title: true import Transition from '/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/transition.md'; - \ No newline at end of file + + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/type.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/type.md index 9acecfb6dd..f51446289a 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/type.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/type.md @@ -70,3 +70,5 @@ This does not affect the operation of the policy in any way. The policy is still Endpoint Policy Manager Cloud to `\programdata\policypak\Xmldata\cloud`, and processed by a licensed CSE. The policy affects all users (by default), and then any ILT on the user-side (if any) will then be processed, thus limiting the scope of where the policy is affected. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/unlink.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/unlink.md index e366169094..b5ec2f4531 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/unlink.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/unlink.md @@ -21,3 +21,5 @@ To remove all the Example policies at once perform the following steps. **Step 4 –** Click **Remove**. ![799_3_image-20201230211039-3](/images/endpointpolicymanager/cloud/799_3_image-20201230211039-3.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/updatefrequency.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/updatefrequency.md index a137c94509..013c1fa9ba 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/updatefrequency.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/updatefrequency.md @@ -10,3 +10,5 @@ The Netwrix Endpoint Policy Manager (formerly PolicyPak) cloud client pulls down directives every 60 minutes while the computer is on. You can also run the `PPUPDATE` command or `PPCLOUD /SYNC` which will force an update now. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/vdisolutions.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/vdisolutions.md index 81a68746b4..8d8649b65a 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/vdisolutions.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/vdisolutions.md @@ -23,7 +23,7 @@ the Gold Image VM. Endpoint Policy Manager Cloud Client version 20.5.2449.838 and higher can be found within your PPC Portal on the following page -[https://cloud.endpointpolicymanager.com/ManageCustomer/UserList](https://cloud.endpointpolicymanager.com/ManageCustomer/UserList) +[https://cloud.policypak.com/ManageCustomer/UserList](https://cloud.policypak.com/ManageCustomer/UserList) under the Downloads section, by clicking on the **Download other versions** link at the bottom of the page. @@ -116,3 +116,5 @@ process failed. Revisit the steps above to see if anything was missed. If after you find that this process still did not work for you please contact support for further assistance. ![555_13_image-20200603123515-7_950x260](/images/endpointpolicymanager/integration/555_13_image-20200603123515-7_950x260.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/version.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/version.md index 2f5d44d5f2..464fba314f 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/version.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/version.md @@ -15,3 +15,5 @@ select the **Company Details** tab. **Step 3 –** View the PPC Client Version and PPC CSE version columns in the **Computer list** report, filter the columns if needed. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/_category_.json index 1de0a3339d..2bccf7bb7e 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/autoupdates.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/autoupdates.md index 3771eda773..00c517ddf8 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/autoupdates.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/autoupdates.md @@ -33,3 +33,5 @@ This should: - Keep the computer's group membership and - Ensure it can re-join the new Endpoint Policy Manager Cloud Service and - Start accepting licenses and policies. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/ciscoanyconnect.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/ciscoanyconnect.md index 0024c27a37..b709e8379a 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/ciscoanyconnect.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/ciscoanyconnect.md @@ -20,3 +20,5 @@ seen below. This is dump MAC as a matching criteria and use only UUID which is somewhat less aggressive. ![817_1_image001_950x578](/images/endpointpolicymanager/troubleshooting/cloud/integration/817_1_image001_950x578.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/clientsideextension.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/clientsideextension.md index 09267b03f0..69698ec9dd 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/clientsideextension.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/clientsideextension.md @@ -63,7 +63,7 @@ Download the CSE from the Endpoint Policy Manager Portal **Step 1 –** Browse to the portal and sign in -- [https://portal.endpointpolicymanager.com](https://portal.endpointpolicymanager.com) +- [https://portal.policypak.com](https://portal.policypak.com) **Step 2 –** On the Home page, download the "Latest Bits" in the form of either a ZIP or ISO file @@ -80,3 +80,5 @@ and copy out the "Endpoint Policy Manager Client Side Extension x??.msi" Can be run from anywhere, does not have to be in the cached install folder above ::: + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/expired.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/expired.md index 3ab5672d92..67d84cda6c 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/expired.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/expired.md @@ -16,3 +16,5 @@ To learn more about the WAITING LIST, [Endpoint Policy Manager Cloud Client: Why are computers appearing in WAITING LIST and how can I fix it?](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/waitinglist.md). ![308_1_jhhj](/images/endpointpolicymanager/troubleshooting/cloud/308_1_jhhj.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/grouppolicyeditors.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/grouppolicyeditors.md index 1c81352fca..3c2b62f1ed 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/grouppolicyeditors.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/grouppolicyeditors.md @@ -83,3 +83,5 @@ Finally, on the endpoint, use Regedit to verify the final value is or is not pre Endpoint Policy Manager did the work you expect. ![611_7_image-20200923152313-3](/images/endpointpolicymanager/troubleshooting/cloud/611_7_image-20200923152313-3.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/incomplete.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/incomplete.md index 11acd942ca..db6b18c886 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/incomplete.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/incomplete.md @@ -86,3 +86,5 @@ downloaded from our customer portal and pre-installed. Please refer to the follo [How can I best install Endpoint Policy Manager Cloud for remote clients over a slow link/internet connection?](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/slowinternet.md) ```` + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/invalidcertificate.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/invalidcertificate.md index 19b4678d90..5f8e00cf1b 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/invalidcertificate.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/invalidcertificate.md @@ -8,3 +8,5 @@ sidebar_position: 160 One customer reported that this was because of a missing SonicWall certificate. Check for this or something similar on your configuration. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/outage.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/outage.md index 0f6adf2d8e..221844e223 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/outage.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/outage.md @@ -28,7 +28,7 @@ Syncing with the cloud... Could not sync with the cloud. ``` -A network error occurred during sending Sync to https://cloudsvc.endpointpolicymanager.com/Services/Synchronization:  +A network error occurred during sending Sync to https://cloudsvc.policypak.com/Services/Synchronization:  The request channel timed out while waiting for a reply after 00:00:29.9686167.  Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding.  The time allotted to this operation may have been a portion of a longer timeout. @@ -36,15 +36,15 @@ The time allotted to this operation may have been a portion of a longer timeout. ``` ``` -A network error occurred during sending Sync to https://cloudsvc.endpointpolicymanager.com/Services/Synchronization:  +A network error occurred during sending Sync to https://cloudsvc.policypak.com/Services/Synchronization:  The request channel timed out while waiting for a reply after 00:00:29.9530410.  Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding.  The time allotted to this operation may have been a portion of a longer timeout. ``` ``` -A security error occurred during sending Sync to http://cloudsvc.endpointpolicymanager.com/Services/Synchronization:  -The token provider cannot get tokens for target 'http://cloudsvc.endpointpolicymanager.com/Services/Synchronization'.  +A security error occurred during sending Sync to https://cloudsvc.policypak.com/Services/Synchronization:  +The token provider cannot get tokens for target 'https://cloudsvc.policypak.com/Services/Synchronization'.  Elapsed time: 00:01:00.7012049 ``` @@ -54,3 +54,5 @@ However, existing clients will maintain their already-delivered Policy settings. Additionally, clients will not disconnect or become un-joined from the Endpoint Policy Manager Cloud server. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyserver.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyserver.md index 6b162b7a51..47ebee0510 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyserver.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyserver.md @@ -11,6 +11,8 @@ encrypted end to end. Endpoint Policy Manager cloud will try on port 443 or 80 a need to configure your Proxy Server to allow communication to specific hosts, you need to set the following: -- cloud-agent.endpointpolicymanager.com via HTTPS/443 -- cloud-events.endpointpolicymanager.com via HTTPS/443 +- cloud-agent.policypak.com via HTTPS/443 +- cloud-events.policypak.com via HTTPS/443 - ppdl.blob.core.windows.net via HTTPS/443 + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyservices.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyservices.md index bf0886844a..9cd0fe18ae 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyservices.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/proxyservices.md @@ -35,3 +35,5 @@ and ` SavedLegacySettings.` You should see the proxy information like what is seen here in the binary value. ![373_1_image005sdfggrt](/images/endpointpolicymanager/troubleshooting/cloud/373_1_image005sdfggrt.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationlimit.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationlimit.md index b8c85682ac..d1d96f96df 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationlimit.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationlimit.md @@ -32,3 +32,5 @@ Conclusion: Always plan your deployment matching the registration limit, either you're doing it manually or with software deployment tool to avoid unnecessary delays. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationmode.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationmode.md index 43eaf7760d..561fa643d5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationmode.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/registrationmode.md @@ -55,3 +55,5 @@ then re-established and Endpoint Policy Manager Cloud software reinstalled. | Loose (UUID) | Re-established connection to existing account | All group memberships maintained | | Loose (UUID or MAC) | Re-established connection to existing account | All group memberships maintained | | Advanced | Old computer account remained AND new account created (Duplicate Entries) | Old account maintained existing group memberships and new account reverted to built-in default memberships | + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/securitytoken.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/securitytoken.md index 609e9c9705..45336f1f35 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/securitytoken.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/securitytoken.md @@ -25,3 +25,5 @@ certificate like this. Then re-download the MSIs here, and re-attempt your Endpoint Policy Manager Cloud join. ![209_4_img-4](/images/endpointpolicymanager/troubleshooting/error/cloud/209_4_img-4.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/servicecommunication.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/servicecommunication.md index ddcca7fe66..e0c67899c9 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/servicecommunication.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/servicecommunication.md @@ -32,7 +32,7 @@ information. ::: -**Step 2 –** At a command prompt, type in the following: `telnet cloud-agent.endpointpolicymanager.com 443` +**Step 2 –** At a command prompt, type in the following: `telnet cloud-agent.policypak.com 443` ![Telnet Cloud Agent Script](/images/endpointpolicymanager/troubleshooting/cloud/telnetcloudagent.webp) @@ -43,7 +43,7 @@ information. ![Communication Passes](/images/endpointpolicymanager/troubleshooting/cloud/communicationpasses.webp) -**Step 3 –** You can also try `telnet cloud-agent.endpointpolicymanager.com 80` +**Step 3 –** You can also try `telnet cloud-agent.policypak.com 80` - If the command just hangs and takes a long time to complete, then comes back with "Connection failed", then the communication failed. @@ -60,3 +60,5 @@ Additional Considerations succeeds. If that still fails to work, see the [I am getting an error about "GPSVC failed at sign-in". This error occurs exactly one time. What does this mean?](/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/gpsvcfailed.md) topic for additional information on alternative time fix instructions. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/sync.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/sync.md index 7d737225a0..e92bc020b4 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/sync.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/sync.md @@ -18,28 +18,28 @@ The client and server cannot communicate, because they do not possess a common a ## Could not sync with the cloud A communication error occurred during sending Sync to -[https://cloudsvc.endpointpolicymanager.com/Services/Synchronization](https://cloudsvc.endpointpolicymanager.com/Services/Synchronization): +[https://cloudsvc.policypak.com/Services/Synchronization](https://cloudsvc.policypak.com/Services/Synchronization): An error occurred while making the HTTP request to -[https://cloudsvc.endpointpolicymanager.com/Services/Synchronization](https://cloudsvc.endpointpolicymanager.com/Services/Synchronization). +[https://cloudsvc.policypak.com/Services/Synchronization](https://cloudsvc.policypak.com/Services/Synchronization). This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. A communication error occurred during sending Sync to -[https://cloudsvc.endpointpolicymanager.com/Services/Synchronization](https://cloudsvc.endpointpolicymanager.com/Services/Synchronization): +[https://cloudsvc.policypak.com/Services/Synchronization](https://cloudsvc.policypak.com/Services/Synchronization): An error occurred while making the HTTP request to -[https://cloudsvc.endpointpolicymanager.com/Services/Synchronization](https://cloudsvc.endpointpolicymanager.com/Services/Synchronization). +[https://cloudsvc.policypak.com/Services/Synchronization](https://cloudsvc.policypak.com/Services/Synchronization). This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server. A security error occurred during sending Sync to -[http://cloudsvc.endpointpolicymanager.com/Services/Synchronization](http://cloudsvc.endpointpolicymanager.com/Services/Synchronization): +[https://cloudsvc.policypak.com/Services/Synchronization](http://cloudsvc.policypak.com/Services/Synchronization): The token provider cannot get tokens for target -'[http://cloudsvc.endpointpolicymanager.com/Services/Synchronization](http://cloudsvc.endpointpolicymanager.com/Services/Synchronization)'. +'[https://cloudsvc.policypak.com/Services/Synchronization](http://cloudsvc.policypak.com/Services/Synchronization)'. To resolve this issue, you need to edit the registry on any computers experiencing this issue to add a DWORD = "SchUseStrongCrypto" with a value of "1", under the following two registry keys: @@ -77,3 +77,5 @@ Windows Registry Editor Version 5.00 ``` "SchUseStrongCrypto"=dword:00000001 ``` + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/syncfail.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/syncfail.md index ad6b42e918..dd88c4db27 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/syncfail.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/syncfail.md @@ -97,3 +97,5 @@ the final result of policies upon the machine. This is helpful so you can know w current state actually is. Example with some text removed to save space… ![887_15_image-20230525200517-14_950x1022](/images/endpointpolicymanager/troubleshooting/cloud/887_15_image-20230525200517-14_950x1022.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/transition.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/transition.md index 75230ce9e0..7e66187f34 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/transition.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/transition.md @@ -13,7 +13,7 @@ endpoints.  This will MAINTAIN the Endpoint Policy Manager Client Side Extensio **Step 2 –** Leave in place -or- Upgrade to the LATEST Endpoint Policy Manager Client Side Extension using SCCM or PDQ Deploy Example: -[https://www.endpointpolicymanager.com/video/managing-group-policy-using-Endpoint Policy Manager-and-pdq-deploy.html ](https://www.endpointpolicymanager.com/video/managing-group-policy-using-endpointpolicymanager-and-pdq-deploy.html) +[https://www.policypak.com/video/managing-group-policy-using-Endpoint Policy Manager-and-pdq-deploy.html ](https://www.policypak.com/video/managing-group-policy-using-endpointpolicymanager-and-pdq-deploy.html) **Step 3 –** In Endpoint Policy Manager Cloud, you will already have some POLICIES. You can DOWNLOAD the policies from Endpoint Policy Manager Cloud like this. (see below.) @@ -25,3 +25,5 @@ Note that some items might be restricted to COMPUTER or USER side, and may be ac the "wrong" side. For those, you will have to recreate the policies. ![585_2_jm-2_900x438](/images/endpointpolicymanager/troubleshooting/cloud/585_2_jm-2_900x438.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/twofactorauthenticationcode.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/twofactorauthenticationcode.md index 51c19dcc6e..22751baefd 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/twofactorauthenticationcode.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/twofactorauthenticationcode.md @@ -30,3 +30,5 @@ now. Add URL Endpoint Policy Manager.com website in the trusted site section of NoScript plug-in. ![674_3_kb-resolution](/images/endpointpolicymanager/troubleshooting/cloud/674_3_kb-resolution.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verbose.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verbose.md index a532343b48..ee38c807a7 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verbose.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verbose.md @@ -20,3 +20,5 @@ More parameters for msiexec command may be found at [https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc759262(v=ws.10)?redirectedfrom=MSDN]() ![928_1_image-20230207215348-7_950x351](/images/endpointpolicymanager/troubleshooting/cloud/log/928_1_image-20230207215348-7_950x351.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verifysecurity.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verifysecurity.md index c11e9266b5..a993c70154 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verifysecurity.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/verifysecurity.md @@ -30,3 +30,5 @@ Please follow the following steps **Step 5 –** After join, change timezone to your correct timezone. **Step 6 –** Verify PPcloud still works with commandline: `ppcloud /sync` + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/versions.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/versions.md index 5b2fb2e709..aed44eeb55 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/versions.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/versions.md @@ -28,3 +28,5 @@ version. Try running a repair on the Endpoint Policy Manager CSE version using Programs and Features, and if that does not work then reinstall the Endpoint Policy Manager CSE manually to fix the issue. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/waitinglist.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/waitinglist.md index a2e92ea5f8..bd8afd2201 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/waitinglist.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttroubleshooting/waitinglist.md @@ -46,3 +46,5 @@ separately. ![382_1_ppcloud-status1-300x88](/images/endpointpolicymanager/troubleshooting/cloud/382_1_ppcloud-status1-300x88.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/_category_.json index ebd269fad4..37264e1db5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/usage.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/usage.md index 24395180a3..7987747806 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/usage.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudlicensing/usage.md @@ -77,3 +77,5 @@ Then, assuming the Monthly Highest Numbers for each month was something like: - March: 900 Your average among the Monthly Highest Number would be 1083. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/_category_.json index 6da13f3c26..2d9e75319c 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/administrator.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/administrator.md index 135b385ab1..0207231681 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/administrator.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/administrator.md @@ -47,3 +47,5 @@ pending request and approve/reject from there. ![956_4_image-20230706151408-8_663x573](/images/endpointpolicymanager/cloud/add/956_4_image-20230706151408-8_663x573.webp) The requester will receive an email indicating if the request was approved or rejected. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/datasafety.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/datasafety.md index ad8ae4dec2..2b045ceff8 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/datasafety.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportalsecurity/datasafety.md @@ -80,3 +80,5 @@ encrypted. Here is how the client attempts to communicate with Endpoint Policy M algorithm suite that uses RSA15 as the key wrap algorithm, SHA256 for the signature digest, and 256-bit Basic as the message encryption algorithm. In HTTP mode the Endpoint Policy Manager Cloud client verifies the identity of the server using a hardcoded certificate. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/_category_.json index c290b45f9f..91f6012684 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/entraid.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/entraid.md index 80ef8e7e6e..7a79087d5b 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/entraid.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/cloudportaltroubleshooting/entraid.md @@ -62,3 +62,5 @@ $spApplicationPermissions | ForEach-Object {     Remove-AzureADServiceAppRoleAssignment -ObjectId $_.PrincipalId -AppRoleAssignmentId $_.objectId } ``` + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/_category_.json index ec8d6dee6a..504989c4c3 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/_category_.json @@ -3,4 +3,4 @@ "position": 80, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/childgroups.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/childgroups.md index 6e167295f6..1f39e80d21 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/childgroups.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/childgroups.md @@ -29,3 +29,5 @@ settings, then the following rules apply: then the previous rule doesn't apply. All always takes precedence. ![940_1_image002_950x536](/images/endpointpolicymanager/cloud/eventcollection/940_1_image002_950x536.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/report.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/report.md index 150a47e1d3..fe31b92dd1 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/report.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/report.md @@ -57,3 +57,5 @@ additional information on the event categories and IDs. ![1331_7_1836b2dba9db9365124356840324b8d1](/images/endpointpolicymanager/cloud/eventcollection/1331_7_1836b2dba9db9365124356840324b8d1.webp) **Step 8 –** You can edit the policy name and the policy conditions if needed. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/splunk.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/splunk.md index 17bdece397..4e0b0cc1b2 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/splunk.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/splunk.md @@ -32,7 +32,7 @@ Internet. **Configure Event Forwarder in PP Cloud** -**Step 2 –** Navigate to [https://cloud.endpointpolicymanager.com/,](https://cloud.endpointpolicymanager.com/) go to +**Step 2 –** Navigate to [https://cloud.policypak.com/,](https://cloud.policypak.com/) go to **Company details** > **Event Forwarder List** > **Add Event Forwarder** . ![976_1_1](/images/endpointpolicymanager/cloud/eventcollection/976_1_1.webp) @@ -73,3 +73,5 @@ icon. ![976_6_6](/images/endpointpolicymanager/cloud/eventcollection/976_6_6.webp) **Step 12 –** View the event data + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/activedirectory.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/activedirectory.md index e402febfac..f87632c7f5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/activedirectory.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/activedirectory.md @@ -8,3 +8,5 @@ sidebar_position: 50 No, there is no Active Directory connector. Our feedback is that most companies don't want something reaching into their Active Directory and causing a security concern. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/client.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/client.md index f49d2e1fbd..daf090f2b5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/client.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/client.md @@ -21,8 +21,10 @@ Client Side Extension, you need to be proactive. Please see this article for keeping things proactive: -[https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/) +[https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/) This video also has some important information on how to perform updates: [Endpoint Policy Manager Cloud Groups CSE and Cloud Client Small-Scale Testing and Updates](/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientdomainnondomain.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientdomainnondomain.md index f391323259..c161f3613e 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientdomainnondomain.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientdomainnondomain.md @@ -11,3 +11,5 @@ Windows machines: non-domain joined and domain joined. That being said, the oppo You cannot install the on-prem CSE and have it connect to the cloud service. You need the cloud client to claim a cloud license, and that can be used for either/both Domain Joined and non-DJ machines. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientremote.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientremote.md index 0b7eab0f3f..52cd483173 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientremote.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/clientremote.md @@ -47,3 +47,5 @@ deployed remotely to the computer. If the computer is also connected to an RMM tool: Most RMM tools have a way to deploy other software; you could get the PPC Client MSI file deployed this way. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/cloud.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/cloud.md index eed1f619e9..eff19420ab 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/cloud.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/cloud.md @@ -10,3 +10,5 @@ All PolicyPak products are supported only on existing supported versions of Micr Microsoft's supported list, see this list: [https://docs.microsoft.com/en-us/windows/release-health/release-information](https://docs.microsoft.com/en-us/windows/release-health/release-information) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/creditcard.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/creditcard.md index 469d06afe5..a2ca17d167 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/creditcard.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/creditcard.md @@ -14,3 +14,5 @@ Then when you're there, click on **SaaS Billing**, then **Start Subscription**. Follow the directions after that. ![936_1_image001](/images/endpointpolicymanager/cloud/936_1_image001.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/fakedc.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/fakedc.md index 47ccb9423c..8352a123d1 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/fakedc.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/fakedc.md @@ -95,3 +95,5 @@ mind you may also need an editing station. | Group Policy Preferences Environment Variables | 100% | | | Group Policy Preferences Services | 100% | If a service isn't built-in, you should create the policy with on-prem editor first, then upload to PP Cloud. | | Other Group Policy Preferences items | 0% | | + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/slowinternet.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/slowinternet.md index 90461857f7..3ae6c01dcf 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/slowinternet.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/slowinternet.md @@ -18,7 +18,7 @@ option to avoid the long delays during the installation, or just as a precautio failed installation due to timeout errors during the process. CSE is available for download within the Customer Portal only. Go to -[https://portal.endpointpolicymanager.com](https://portal.endpointpolicymanager.com/) and download **Latest Bits**. You'll +[https://portal.policypak.com](https://portal.policypak.com/) and download **Latest Bits**. You'll find the Endpoint Policy Manager Client-Side Extension folder in the archive. ![image1](/images/endpointpolicymanager/install/cloud/image1.webp) @@ -48,3 +48,5 @@ For more details about setting up machines for VDI environments please check the [Can I embed the Endpoint Policy ManagerClient Side Extension and/or Endpoint Policy Manager Cloud client into a master image for VDI, MDT, Ghost, Citrix, etc?](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/embedclient.md) [How to install the Endpoint Policy Manager Cloud Client for use in an Azure Virtual Desktop image](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/azurevirutaldesktop.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/transition.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/transition.md index 54ee2deca1..45b1b069a9 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/transition.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/gettingstarted/transition.md @@ -285,3 +285,5 @@ Manager best practices. See the [Endpoint Policy Manager Cloud Groups CSE and Cloud Client Small-Scale Testing and Updates](/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md) topic for additional information on how to perform small scale testing before large scale upgrades. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/knowledgebase.md index 5883bba737..3b9b502fea 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/knowledgebase.md @@ -88,3 +88,5 @@ See the following Knowledge Base articles for getting started with Cloud. - [How can I keep the same or specify different parameters for Event Collection for child groups? How does a computer behave if a member of multiple groups?](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/childgroups.md) - [ Endpoint Policy Manager Cloud Event Forwarding to Splunk](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/eventcollection/splunk.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/_category_.json index aacd612c96..adc14c2d28 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/client.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/client.md index 2bd8df4779..326391a956 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/client.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/client.md @@ -69,3 +69,5 @@ When you see Synchronized: Yes you are ready to make rules in Endpoint Policy Ma You should see your Mac in the MacOS | All group like what's seen here. ![888_9_image_16_950x511](/images/endpointpolicymanager/cloud/install/mac/888_9_image_16_950x511.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/mac.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/mac.md index 895cdc9df6..0edcc76e96 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/mac.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/mac.md @@ -9,3 +9,5 @@ sidebar_position: 30 `/Library/Application Support/PolicyPak/Logs` These log files should be small enough to attach directly in email to an existing SRX. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/sha.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/sha.md index bc0f447c2d..296ddb6914 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/sha.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/sha.md @@ -28,3 +28,5 @@ Mac-mini ~ % shasum -a 512 /Users/sashadaft/Downloads/SkypeForBusinessInstaller- 819dadbaceae58fc24f48c6ddd187325619e82d4c8d7fb5744b4c966262f4d2fd0114541b6dbfdfad29431f1417c074d947285f4ab1bd2b002d57d1a0aa288fd   /Users/sashadaft/Downloads/SkypeForBusinessInstaller-16.29.0.72.pkg ``` + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signature.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signature.md index 91342ef7ce..a6fadec662 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signature.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signature.md @@ -69,3 +69,5 @@ In this example, you can pull signed details in three ways: **Step 3 –** O=Microsoft Corporation To get this information refer to this example of how to pull these details. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signingid.md b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signingid.md index 410bd054d6..652ce9f6a3 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signingid.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/macintegration/signingid.md @@ -52,3 +52,5 @@ com.apple.pkg.XProtectPlistConfigData_10_15.16U4206   com.endpointpolicymanager.endpointpolicymanagerInstaller ``` + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/_category_.json index f5151829fd..7851d76a40 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/_category_.json @@ -1 +1,2 @@ {"label":"Videos","position":2,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"videolearningcenter"}} + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxfiles.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxfiles.md index 62467be9e6..be53611aa5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxfiles.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxfiles.md @@ -5,7 +5,7 @@ sidebar_position: 70 --- # Endpoint Policy ManagerCloud: Upload and use your own ADMX files to Endpoint Policy Manager Cloud - + Using Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud and want to use your own custom ADMX files? Here's how to do it. @@ -148,3 +148,5 @@ All right, that's it. I hope that this feature helps you out and you're looking PolicyPak Cloud real soon. Thanks. Bye-bye. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxsettings.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxsettings.md index 9be8b6839a..a3236f66c5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxsettings.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/admxsettings.md @@ -5,7 +5,7 @@ sidebar_position: 60 --- # Endpoint Policy ManagerCloud: Use in-cloud ADMX settings maintained by Endpoint Policy Manager for Windows, Office, Chrome and more - + Amazing new breakthrough with Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud. Just CLICK your way to creating any ADMX setting for Windows or Office. Takes about 10 seconds to make your @@ -83,3 +83,5 @@ With that in mind, have fun using this amazing new functionality of being able t new Policy," and then you'll be able to see new policy types pop in, in the near future. Thank you very much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/armsupport.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/armsupport.md index 722c6416ce..aa0cfaa60a 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/armsupport.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/armsupport.md @@ -9,4 +9,6 @@ sidebar_position: 30 Want to use Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud with ARM but not sure how to get started? This video will get you off and running! - + + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/endpointpolicymanagersettings.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/endpointpolicymanagersettings.md index a551ca3ef5..1a6bac2439 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/endpointpolicymanagersettings.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/endpointpolicymanagersettings.md @@ -9,7 +9,7 @@ Its easy to do MANY things with Netwrix Endpoint Policy Manager (formerly Policy in-cloud editors. Here's how to use them, how to find more details PER COMPONENT, and also how to export on-prem items and use them inside PP Cloud. - + Hi, this is Jeremy Moskowitz. In a previous video you saw me use PolicyPak Cloud in-cloud editors to do Microsoft real Group Policy settings with our create and link a new policy. You saw me use our @@ -75,7 +75,7 @@ Go back to our test machine here. We'll run ppcloud/sync. Give this a second to make sure we got it, Browser Router Manager Test. I'm just going to open up Notepad file that's going to represent getting a Teams link or something like that. -If I go to www.endpointpolicymanager.com and I click on it, it's not going to go to my default browser. It's +If I go to www.policypak.com and I click on it, it's not going to go to my default browser. It's going to go to the routed browser that I selected using PolicyPak Browser Router. That's going to be Chrome. @@ -109,3 +109,5 @@ The point is that sometimes you need to do the on-prem test lab first between yo domain controller and your domain-joined machine. Once you have that ready to go, you can then do tests with PolicyPak Cloud. Hope this video helps you out. Looking forward to getting you started with PolicyPak real soon. Take care. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/grouppolicysettings.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/grouppolicysettings.md index 2d95c5a22a..460f2ece49 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/grouppolicysettings.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/grouppolicysettings.md @@ -12,7 +12,7 @@ creating policies with the in-cloud editors, and also creating a directive insid uploading. Remember: There's also the method to import a whole GPO and make PP Cloud policies, but that's another video. - + Hi, this is Jeremy Moskowitz. In this video I'm going to show you how you can use PolicyPak Cloud to deliver real Microsoft Group Policy settings through PolicyPak Cloud. We have another video @@ -221,3 +221,5 @@ we're going to use the PolicyPak in-cloud editors first. If that doesn't work, y use any of our MMC editors and take those settings and upload those to PolicyPak Cloud, basically the same gist. I hope this video helps you out. Looking forward to getting you started with PolicyPak Cloud real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/introduction.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/introduction.md index 3ab678fc02..b201955d94 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/introduction.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/introduction.md @@ -10,4 +10,6 @@ Have computers which are domain joined and non-domain joined? How are you going Endpoint Policy Manager (formerly PolicyPak) and Microsoft Group Policy settings? Check out this video to see ! - + + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/onpremiseexport.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/onpremiseexport.md index 194440b03b..d39a74aa9b 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/onpremiseexport.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/onpremiseexport.md @@ -8,7 +8,7 @@ sidebar_position: 80 Copy and Paste to get your DC / on-prem directives uploaded. This video shows you how. It's a faster way to get going with Netwrix Endpoint Policy Manager (formerly PolicyPak) cloud ! - + ### Endpoint Policy Manager Cloud: Quick upload method diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/preferences.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/preferences.md index 83f5d28b64..c05299e101 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/preferences.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/preferences.md @@ -9,7 +9,7 @@ Create Group Policy Preferences inside theNetwrix Endpoint Policy Manager (forme portal without having to go to your GPMC! Watch this video and see how to create and deploy Group Policy Preferences within our cloud portal! - + ### Endpoint Policy Manager Cloud + GPPrefs video transcript @@ -132,7 +132,7 @@ In this section of our video, we are going to learn how to deploy shortcuts usin Preferences inside the PolicyPak Cloud portal. Right now we are over here on my cloud-joined machine here. We don't have a shortcut here or here, -which is what I want to create. I want to create a shortcut that's going to take me to endpointpolicymanager.com +which is what I want to create. I want to create a shortcut that's going to take me to policypak.com and I also want to deploy a shortcut that will take me to the Calculator that's in the system already. @@ -145,7 +145,7 @@ I'm going to go ahead and choose "Replace" because later on down here in the "Co to choose to remove this when it's no longer applied and it will change it to Replace anyway. So I'll put it there. I'm going to "Name" this "PolicyPak." This is not going to be a "File system location." It's actually going to be a "URL." I'm going to send this to the "Desktop." My "Target -URL" is going to be "https://www.endpointpolicymanager.com." +URL" is going to be "https://www.policypak.com." While you can work with the rest of this, I'm going to just leave it alone for now. I'm going to choose "Common." I want to "Remove this when it's no longer applied." There we go. You can see that @@ -167,9 +167,9 @@ Let's come back over to our endpoint here. Let's run a "ppcloud /sync." All righ we saw these shortcuts pop up on the Desktop. Just for good measure, let me go ahead and double click on this and make sure it's going to open up -"https://www.endpointpolicymanager.com" like we think it's going to. Sure enough, here we go. While that's +"https://www.policypak.com" like we think it's going to. Sure enough, here we go. While that's loading, let's check out this "Calculator." Just like we expected, it links us right to that -Calculator, so we created that shortcut. And here we go, showing right up and endpointpolicymanager.com. +Calculator, so we created that shortcut. And here we go, showing right up and policypak.com. All right and once again just as we've done in some of the other videos, let's go ahead and we will "Unlink XML Data file from Computer Group." We will come back over here and run that "ppcloud @@ -183,3 +183,5 @@ items within the PolicyPak Cloud portal and then deploying those as you'd like. you out. Thanks so much. Bye-bye. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/quickstart.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/quickstart.md index dab153b999..2c7ea98699 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/quickstart.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/quickstart.md @@ -11,4 +11,6 @@ account... fast? This is the fastest way. Learn how to download your client, use policies, create your first policies in the cloud, and take on-prem policies and get them intoEndpoint Policy Manager cloud. A perfect first tour! - + + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/securitysettings.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/securitysettings.md index 41570f4f8f..77d245fc3c 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/securitysettings.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/securitysettings.md @@ -9,7 +9,7 @@ Use the in-cloud editors to manage Netwrix Endpoint Policy Manager (formerly Pol settings. This couldn't be easier. Set the password, account settings, and other security settings for your Windows machines, domain joined and non-domain joined. - + ### Endpoint Policy Manager Cloud and Security Settings @@ -96,3 +96,5 @@ I hope this helps you out. Looking to get started with PolicyPak Cloud? Just rea get you started with a free trial. It's good if you come to a webinar first. Thank you very much. We'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/_category_.json index c185023dc4..c05b084beb 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/administrator.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/administrator.md index 1600ac5c58..de889417d9 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/administrator.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/administrator.md @@ -58,3 +58,5 @@ Then you'll create the request. You'll say, Okay. From there, we'll take care of request, and make sure that your user gets created as anticipated. Hope this helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/emaillogs.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/emaillogs.md index 2c2656fdd6..19f56aa852 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/emaillogs.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/emaillogs.md @@ -55,3 +55,5 @@ You'll see those actions that have happened for that previous time period. With these events are keyed by [03:00]. Therefore, you can use it in just about any system you want. I hope this helps you out. Looking forward to getting you started with PolicyPak real soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/features.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/features.md index 311ee6d06a..6722aa5078 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/features.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/features.md @@ -150,3 +150,5 @@ restricting logon based on whitelisting or blacklisting IP addresses or IP addre That covers the new PolicyPak Cloud security features. I hope this video helps you out. Thanks so much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/immutablelog.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/immutablelog.md index 938b4d299c..11a7fbba6c 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/immutablelog.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/immutablelog.md @@ -8,3 +8,5 @@ sidebar_position: 20 Have you ever wondered what's going on in your cloud service? Have you wondered what other admins are doing, what policies have changed, or been linked, or uploaded? Check out the immutable log as we make things easy for YOU! + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/_category_.json index 358b50212d..4324bbdc89 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/createdc.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/createdc.md index 313165d6cb..e65ffb9442 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/createdc.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/createdc.md @@ -8,7 +8,7 @@ sidebar_position: 20 In this video, learn how to create a DC in order to build GPOs that you can export then upload to Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud or your MDM provider. - + ### Endpoint Policy Manager (all versions): How to create a DC for editing purposes @@ -70,7 +70,7 @@ this. We're going to choose "Edit." You're going to see we have the nodes. We ha "Administrative Templates," however many thousand of them. They're all hidden up in here. But you're going to notice that we don't have a Endpoint Policy Manager node, so we can't do -Endpoint Policy Manager magic yet. What we need here is go to "www.endpointpolicymanager.com." We're going to go +Endpoint Policy Manager magic yet. What we need here is go to "www.policypak.com." We're going to go to this "Customer Login" here. In this particular case, it's going to take us to the "Endpoint Policy Manager CLOUD Login" and the "CUSTOMER PORTAL & CUSTOMER SUPPORT LOGIN." diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/onpremise.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/onpremise.md index f9acfcb901..94852401fc 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/onpremise.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/onpremise.md @@ -7,5 +7,4 @@ sidebar_position: 40 So you need a small on-prem test lab, just for some editing purposes. Here's how to install the CSE, how to name your computer, and how to quick test your test lab. - - + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/renameendpoint.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/renameendpoint.md index 450b8c47a7..ce95e9f986 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/renameendpoint.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/renameendpoint.md @@ -9,4 +9,4 @@ If you want to bypass any potential licensing issue, test your Cloud or MDM poli exporting them, or set up a home test lab, rename your endpoint to contain the word "computer" in the name. See this concept at work in this video! - + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/start.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/start.md index 66b08315b0..e1eb403bf9 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/start.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/start.md @@ -7,7 +7,7 @@ sidebar_position: 10 Lets get you set up right. Watch this Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud orientation video to make sure you have everything you need to rock and roll with Endpoint Policy Manager Cloud. - + ### PolicyPak Cloud: What you need to get Started @@ -48,3 +48,5 @@ also look at how to create the directives, how to upload them, what the portal l all of it works all running together. So keep watching, and I'll look forward to seeing you in the next videos. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/_category_.json index 91bd4d5de4..b4979bd607 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/entraid.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/entraid.md index 837452970a..5f2b02bd3c 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/entraid.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/entraid.md @@ -8,3 +8,5 @@ sidebar_position: 20 Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud lets you marry your Endpoint Policy Manager Cloud account to Azure AD. When you do you'll turn on COMPUTER SIDE targeting for ILT and also the ability to link policies to Azure Groups. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/fileinfoviewer.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/fileinfoviewer.md index dbd44faf7f..31e08e4a5c 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/fileinfoviewer.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/fileinfoviewer.md @@ -9,6 +9,8 @@ Instead of having to use your on-prem MMC snap in to create your Least Priv poli Information Viewer instead. This lightweight utility enables you to get information about your application and then copy/paste into PP Cloud editors ! + + Hi, this is Jeremy Moskowitz and in this video, I'm going to show you how you can use the File Information Viewer in conjunction with PolicyPak Cloud to set policies without needing to use the on-prem editor. By way of example, let's pretend you wanted to create a new policy here for your diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/leastprivilegemanagerrule.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/leastprivilegemanagerrule.md index 3139fc602e..f9c6937cf4 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/leastprivilegemanagerrule.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/leastprivilegemanagerrule.md @@ -9,3 +9,5 @@ If you are enabling remote work for your users, you might want to get the PP Clo installed... on your ON-prem machines. This is permitted, but you need a PP Least Priv manager rule on the machine via Group Policy FIRST. Use this idea to get the machine READY to install the PP Cloud client which requires local admin rights. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/restricted_groups_editor.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/restricted_groups_editor.md index 47b0441ae6..dd43a1de23 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/restricted_groups_editor.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/tipsandtricks/restricted_groups_editor.md @@ -9,7 +9,7 @@ Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud has a Restricted Grou Use this video to understand all the details how to take existing GPO Restricted Groups and then use it in Cloud; then use the in-cloud editors after that. - + Hi, this is Jeremy Moskowitz. In this video, we're going to talk about the Restricted Groups Editor in PolicyPak Cloud. Now as we do that, we're going to first get started with a little bit of what's @@ -122,3 +122,5 @@ it and copy it to PolicyPak Cloud and then continue your editing using PolicyPak Okay, I know that was a lot of information to keep in your head. I hope that was clear enough and hope that helps you out and gets you started real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/_category_.json index c1e8a0886e..ad922bde64 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md index 1b0110e8d0..07222e2939 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md @@ -7,7 +7,7 @@ sidebar_position: 30 How do PP Cloud Groups work with regard to CSE versions? Here's how to use them. - + Hi, this is Jeremy. In this video, we're going to learn how to use PolicyPak Groups to dictate exactly how to do small scale, medium scale, and large scale testing, so you can do a roll-out with @@ -91,3 +91,5 @@ upgrade some medium scale and then finally full scale with the All group. Hope this video helps you out. Looking forward to getting you started with PolicyPak real soon. Take care. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/import.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/import.md index ae5f9264ff..80017fa2b9 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/import.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/import.md @@ -10,7 +10,7 @@ PolicyPak) Cloud. Use our wizard-driven UI to take GPO contents for Group Policy GPPreferences and/or Endpoint Policy Manager settings and quickly upload them. When you want the FASTEST onramp from GPO to the Cloud... this is it ! - + Hi, this is Jeremy Moskowitz. In this video I want to show you how you can take an existing GPO or multiple GPOs and quickly import them into PolicyPak Cloud. Here's a GPO that's called DEMO GPO. @@ -62,7 +62,7 @@ If you want to, you can put multiple GPOs in. I recommend you just do one at a t you at this point to make some choices. I'm just going to import this one here. If you don't know what the contents are here, let's say this shortcut item, we give you a little -brief overview of what's going on here. Oh, yeah, that's the shortcut to endpointpolicymanager.com. The point is +brief overview of what's going on here. Oh, yeah, that's the shortcut to policypak.com. The point is that we kind of give you the XML view of what's happening here. I'll show you another one here. This is some items that manage the Control Panel. It will kind of give you like a brief overview of what's happening here. @@ -98,3 +98,5 @@ They're now hanging out in XML data files, and you're ready to link them over to places in Computer Groups. Couldn't be easier to take existing GPO contents and get them into PolicyPak Cloud. I think this is just amazing. I hope you do too. I hope this helps you out. Looking forward to getting you started with PolicyPak Cloud real soon. Thanks. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/jointoken.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/jointoken.md index 7384e1202d..d555e7331b 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/jointoken.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/jointoken.md @@ -10,7 +10,7 @@ to one or more specific groups? With the JOINTOKEN flag you simply pick one or m token, and... just pass it on the command line. Use Intune or another MDM service if you want to do deploy the PP Cloud client and get those machines to join the groups you want... instantly! - + Hi, this is Jeremy Moskowitz. In this video, I'm going to show you how you can automatically join your computers to specific computer groups using PolicyPak Cloud and this thing called Join Token. @@ -122,3 +122,5 @@ Computers. There we go. The point is, is that, we can now enable you to join the groups you want with the link Join Token. Hopefully, that helps you enormously and if you have any questions, you can email support or you can try us in the forums. Thank you very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/registrationmode.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/registrationmode.md index 5716cc2b5a..6cc7efa1f5 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/registrationmode.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/registrationmode.md @@ -9,7 +9,7 @@ What happens when you nuke the Netwrix Endpoint Policy Manager (formerly PolicyP from an endpoint, then re-install the client and re-register your computer with the cloud? There are a few different options, and this video explains them all! - + ### PolicyPak Cloud – Strict vs. Loose Computer Registration Mode @@ -86,3 +86,5 @@ put it back into the groups that it was originally in. If we come back over here, if we refresh this page right here, you'll see that the computer stayed in the groups that we had originally put it in because we now have it on Loose mode. So there you have it. I hope that helps, and I'll see you soon in the next video. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/reports.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/reports.md index 9bcaa591ce..f9b42e9e45 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/reports.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/reports.md @@ -8,7 +8,7 @@ sidebar_position: 10 Learn how to find out what XML files your non-domain joined machines are receiving by using the Reporting tab of the Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud portal. - + ### PolicyPak Cloud Reporting Demo @@ -51,3 +51,5 @@ some of them are not receiving it at all. This is how you're going to go about finding out which machines are receiving what directives. I hope that helps you out. Thanks. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/_category_.json b/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/_category_.json index 52a4f6d8f9..b0d21d0751 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/mdm.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/mdm.md index 2f50bb4e8e..e85f994560 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/mdm.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/mdm.md @@ -11,7 +11,7 @@ can automatically join a Endpoint Policy Manager Cloud group, and finally automa policies within that group. It's awesome and works with any MDM service (or RMM service, actually), in addition to Autopilot. - + Hi, this is Jeremy Moskowitz. In this video I'm going to show you how you can deliver the PolicyPak Cloud Client and automatically the PolicyPak Cloud Client-Side Extension using your MDM service like @@ -206,3 +206,5 @@ settings. You have combined the two. Remember, we also have another video on how client side with Azure to do item level targeting. That's a different video. You can find that as well, but just a little tip of the hat to that video too. I hope this helps you out. Talk to you soon. Thanks so much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/onpremise.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/onpremise.md index de5f1b6a38..3496fce028 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/onpremise.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/usingwithothermethods/onpremise.md @@ -9,6 +9,8 @@ You get a free "on premise" license when you consume a Netwrix Endpoint Policy M PolicyPak) Cloud license. Here is a demonstration video to show you a best practice way to set up Endpoint Policy Manager cloud AND Endpoint Policy Manager on-premise together. + + Hi, this is Whitney with PolicyPak software, and in this video I'm going to show you how you can use your PolicyPak cloud licenses with your existing PolicyPak on-premise machines. It is super easy. @@ -64,7 +66,7 @@ WIN-10-Computer-1607, we will add that. Now we are in good shape. Now for my roaming computers, I can add cloud-based items. I can choose to link XML here and I can choose some of these example polices which, in this case, I'll go ahead and grab the example of putting a shortcut on the desktop. Let's add that and there we go. We see the Roaming Machines is -going to receive shortcuttoendpointpolicymanager.com on all desktops. +going to receive shortcuttopolicypak.com on all desktops. We'll go back to our cloud machine and I'm going to run ppcloud/sync. What it does is takes a look out into the cloud and sees what has changed. Just like that, you can see that we got the items that diff --git a/docs/endpointpolicymanager/deliverymethods/cloud/videos/videolearningcenter.md b/docs/endpointpolicymanager/deliverymethods/cloud/videos/videolearningcenter.md index 88ba85bc7c..7757c99186 100644 --- a/docs/endpointpolicymanager/deliverymethods/cloud/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/deliverymethods/cloud/videos/videolearningcenter.md @@ -53,3 +53,5 @@ See the following Video topics for all things installation and upkeep. - [Endpoint Policy Manager Cloud Groups CSE and Cloud Client Small-Scale Testing and Updates](/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/groups.md) - [Endpoint Policy Manager Cloud: Automatically Join Groups with JOINTOKEN](/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/jointoken.md) - [How to import GPOs to Endpoint Policy Manager Cloud](/docs/endpointpolicymanager/deliverymethods/cloud/videos/upkeepanddailyuse/import.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/_category_.json index 0c7aab8306..e2de81986e 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/_category_.json @@ -1 +1,2 @@ {"label":"Group Policy","position":20,"collapsed":true,"collapsible":true} + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/_category_.json index ebf9bc76c5..b6fae684d8 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/_category_.json @@ -1 +1,2 @@ {"label":"Knowledge Base","position":1,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"knowledgebase"}} + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/_category_.json index b25b04ca7c..ec8637ffa9 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/pdqdeploy.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/pdqdeploy.md index 38174dcded..dbf8a4c767 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/pdqdeploy.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/pdqdeploy.md @@ -45,3 +45,5 @@ valid network path for your environment. successfully check your network share to see the results. ![784_9_hf-faq-914-img-05](/images/endpointpolicymanager/grouppolicy/784_9_hf-faq-914-img-05.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/knowledgebase.md index 5e9e5b2863..a6c55cc5e0 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/knowledgebase.md @@ -24,3 +24,5 @@ See the following Knowledge Base articles for getting started with Group Policy. ## Endpoint Policy Manager Group Policy - [How to use PDQ Deploy to collect PPLOGS from remote computers then save them to a network location](/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/grouppolicy/pdqdeploy.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/_category_.json index ec6d6b9133..0e09d56fa2 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/insertuserinfo.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/insertuserinfo.md index 926ab03722..fa3d20d2f3 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/insertuserinfo.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/tipstricksfaq/insertuserinfo.md @@ -75,3 +75,5 @@ required. For more information on AD attributes for User Object, please see Self ADSI's article [Attributes for AD Users](http://www.selfadsi.org/user-attributes-w2k12.htm) for additional information. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/_category_.json index 5a4bd8ada0..11c90f2c7f 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cacheengine.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cacheengine.md index be02d79c0d..d78053a76b 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cacheengine.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cacheengine.md @@ -44,3 +44,5 @@ Initializing the Criteria Engine (2023/04/04, 15:28:32.094, PID: 5216, TID: 5220 } // End of Initializing the Criteria Engine, elapsed time: 00:00:00.002 ``` + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cachepreferences.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cachepreferences.md index 3757a4d6f8..58ffc9a9b3 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cachepreferences.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/cachepreferences.md @@ -37,3 +37,5 @@ If you want to manipulate how long the ILT timeout occurs, we have a policy sett Policy Manager ADMX settings here: ![499_1_q15-img1](/images/endpointpolicymanager/grouppolicy/itemleveltargeting/499_1_q15-img1.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/guid.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/guid.md index b8b9a9a88c..d24d6056b9 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/guid.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/guid.md @@ -11,3 +11,5 @@ Use Powershell to reverse from a GPO GUID to a GPO name like this: Import-Module GroupPolicy Get-GPO -Guid 31a09564-cd4a-4520-98fa-446a2af23b4b -Domain sales.contoso.com + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/itemleveltargeting.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/itemleveltargeting.md index f248971a6d..8e59a8d1a4 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/itemleveltargeting.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/itemleveltargeting.md @@ -50,3 +50,5 @@ in group.” ![itemleveltargeting2](/images/endpointpolicymanager/troubleshooting/log/itemleveltargeting/itemleveltargeting2.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/preferences.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/preferences.md index 70b07ee4f4..482b80fc7e 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/preferences.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/preferences.md @@ -78,3 +78,5 @@ turning on ILT logging for Endpoint Policy Manager items using this KB:[How do I turn on Item Level Targeting (ILT) logging if asked by Endpoint Policy Manager Tech Support?](/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/itemleveltargeting.md) All log files require a support case to analyze. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/reportingadm.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/reportingadm.md index 305344599a..06bcfc327d 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/reportingadm.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/knowledgebase/troubleshooting/reportingadm.md @@ -35,3 +35,5 @@ and then edit it back again, etc. **Step 5 –** We should automatically re-write the whole ADM. ![616_9_img-05](/images/endpointpolicymanager/troubleshooting/616_9_img-05.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/_category_.json index f5151829fd..7851d76a40 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/_category_.json @@ -1 +1,2 @@ {"label":"Videos","position":2,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"videolearningcenter"}} + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/explained.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/explained.md index 376bb387f0..69bfb452d8 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/explained.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/explained.md @@ -7,7 +7,7 @@ sidebar_position: 10 Learn how PolicyPak enables increased security, management, automation, remote work and reporting. - + ### Endpoint Policy Manager: Editions Overview @@ -48,3 +48,5 @@ Get started with PolicyPak today and learn the secret that other I.T. admins and their machines and applications configured, compliant and secure. PolicyPak: Securing Your Standards. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/gettingstartedv.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/gettingstartedv.md index d74535699b..b47af5dbd8 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/gettingstartedv.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/gettingstartedv.md @@ -9,7 +9,7 @@ This video gives you a basic rundown of what our components do, where to find th more in-depth information on our website. This is great if you're just getting started and want to get some brief information on all of our PolicyPak components. - + ### PPGP Quick Rundown: Getting Started Video Transcript @@ -188,7 +188,7 @@ scope or if something is not true anymore. It allows you a lot more control than mechanisms. Now that I have given you the rough rundown of what all of our components do, I want to come over -here and go to "www.endpointpolicymanager.com" and I want to show you the "Video Learning Center." If you come +here and go to "www.policypak.com" and I want to show you the "Video Learning Center." If you come to the "SUPPORT" tab right here and go to "Video Learning Center," then you're going to choose if you're working with the "Group Policy Edition/Cloud Edition/MDM Edition" or if you're working with specifically the "GP Compliance Reporter." @@ -216,3 +216,5 @@ wasn't able to show you. In the next video, I'll be talking more about the Application Settings Manager, how to set that up and how to work with it. So thanks for watching, and I'll see you there. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/install.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/install.md index 650559e7dd..55c8d548e5 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/install.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/install.md @@ -8,14 +8,14 @@ sidebar_position: 20 Learn where to download and how to install the Bits that you'll need to get started with PolicyPak Group Policy Edition! - + ### Admin Console And CSE Installation Hi, this is Whitney with PolicyPak Software. In this video, we're going to look at getting started with the PolicyPak Group Policy Edition. -In order to get prepared for this video, I went ahead and I went to endpointpolicymanager.com. I went to the +In order to get prepared for this video, I went ahead and I went to policypak.com. I went to the "Customer Login" area and then went ahead and logged in. Once I got there, I went ahead and I went over to the "Downloads" tab, which should load in just a second here. There we go. I went to this "Downloads" tab, and I went to the "Latest Bits" and I installed those. These are, as it says right @@ -94,3 +94,5 @@ In the next video, we're going to talk about some of what the components do and PolicyPak itself, so I hope to see you there. Thank you very much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/integration.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/integration.md index edbbfe1d32..0546ae9e90 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/integration.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/integration.md @@ -8,7 +8,7 @@ sidebar_position: 50 See how PolicyPak installs into Group Policy, backs up and restores with Group Policy, works with GP Reporting and more! - + Hi, this is Jeremy Moskowitz, 15-year group policy and Microsoft endpoint manager MVP, and in this video I'm going to show you how PolicyPak hooks right into the group policy infrastructure you @@ -84,3 +84,5 @@ policy as if Microsoft had shipped it from the factory. We also do a great job w Endpoint Manager as well, and you can see that in our other integrations. Thanks so very much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/renameendpoint.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/renameendpoint.md index 6ea72e73c8..1ad3aa87e3 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/renameendpoint.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/renameendpoint.md @@ -9,5 +9,7 @@ If you want to bypass any potential licensing issue, test your Cloud or MDM poli exporting them, or set up a home test lab, rename your endpoint to contain the word "computer" in the name. See this concept at work in this video! - + + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/_category_.json b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/_category_.json index 6ba42bb498..c105a1fef1 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/editmanual.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/editmanual.md index c03c017a9c..afbb9498b8 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/editmanual.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/editmanual.md @@ -7,7 +7,7 @@ sidebar_position: 10 PolicyPak: Manual editing Item Level Targeting to affect local Admins and other local accounts - + ### Endpoint Policy Manager: Manual editing Item Level Targeting to affect local Admins and other local accounts @@ -17,7 +17,7 @@ Group Policy or PolicyPak-land to local administrators and local groups. Let me show you what the problem is. The idea is that if you go to "Add" a "New Policy" setting here – and I'm going to say something like "Control Panel," "Prohibit access to the Control Panel" – you can use our "Item Level Targeting" feature -([https://www.endpointpolicymanager.com/pp-blog/item-level-targeting](https://www.endpointpolicymanager.com/pp-blog/item-level-targeting)) +([https://www.policypak.com/pp-blog/item-level-targeting](https://www.policypak.com/pp-blog/item-level-targeting)) and specify a "Security Group." So you only want to do this thing when the guy is a member of a "Security Group." @@ -72,7 +72,7 @@ the opportunity to utilize it in PolicyPak Cloud. The same thing goes for just about everything else we do. For instance, if you have an item-level targeting for "Application Settings Manager," "Browser Router," "Least Privilege Manager" -([https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)) +([https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)) or anything, this all looks exactly the same. You can use the same exact technique if you want to find the SID. @@ -94,3 +94,5 @@ That should give you enough to go on to modify it. I hope that helps you out and PolicyPak to affect your local users or groups with item-level targeting. Thanks so much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/exportgpos.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/exportgpos.md index b04df7bd70..cb676af988 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/exportgpos.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/exportgpos.md @@ -10,7 +10,7 @@ PolicyPak)'s PP Merge Utility to take entire GPOs, or portions of GPOs and merge Templates Files format. Then, after that you've got LESS GPOs.. and also a quick way to export for use with PP Cloud or PP with MDM. - + ### PolicyPak: Reduce GPOs (and/or export them for use with PolicyPak Cloud or with MDM) @@ -138,3 +138,5 @@ Objects you have. A lot of people asked us for this, and this is the way that yo hope this helps you out and gets you started. Thanks so much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/flatlegacyview.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/flatlegacyview.md index 04faba54b6..b395ebf716 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/flatlegacyview.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/flatlegacyview.md @@ -7,7 +7,7 @@ sidebar_position: 30 Adjust the view style of the PolicyPak Components in the GPMC to suite your preference. - + This is John with PolicyPak. As you go into a policy to create a new one or edit an existing, you'll notice with the latest CSEs that we've kind of combined all the different components that make up @@ -24,3 +24,5 @@ If you wanted to put it back, all you need to do, again, is highlight it, right- select Group Snap-Ins. Now it's back to the new way of taking a look at it. When you exit this and go back in the next time or any policy, it is right back to where you left it off the last time. I hope this answers your question. Thanks for listening. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/mmcconsole.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/mmcconsole.md index 4d08b565fb..6097ee6440 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/mmcconsole.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/mmcconsole.md @@ -7,7 +7,7 @@ sidebar_position: 40 If you want to hide some of the PolicyPak MMC items for your OU admins, this is how to do it. - + Hi. This is Jeremy Moskowitz, former 15-year Group Policy MVP and Founder of PolicyPak Software. In this vid, I'm going to show you how you can trim what you see in the PolicyPak Management Console. @@ -94,3 +94,5 @@ don't consider this a security boundary. Consider this light electric fencing. All right, well, I hope this helps you out and helps you get started. Thank you very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/remotedesktopconnection.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/remotedesktopconnection.md index 838550d0bb..de5e775313 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/remotedesktopconnection.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/remotedesktopconnection.md @@ -8,7 +8,7 @@ sidebar_position: 50 Microsoft MVP Jeremy Moskowitz shows you how to prevent disconnect during GP update / force using registry settings. - + ### How to Prevent a Remote Desktop Connection Drop During GP Update @@ -40,3 +40,5 @@ setting. And you can blast that same registry setting out using Group Policy Pre PolicyPak or any number of items and get it out there and you'll be ready to go. I hope this video helps you out. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/videolearningcenter.md b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/videolearningcenter.md index 08ed5cc75d..555a0230dd 100644 --- a/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/videolearningcenter.md @@ -24,3 +24,5 @@ See the following Video topics for getting started with Group Policy. - [Expand Modular View of Endpoint Policy Manager Components in the GPMC back to the Flat Legacy View](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/flatlegacyview.md) - [Trim the MMC console for OU admins](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/mmcconsole.md) - [Prevent a Remote Desktop Connection Drop During GP Update](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/remotedesktopconnection.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/_category_.json index fb88ff7c94..33f4d150e7 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/_category_.json @@ -1 +1,2 @@ {"label":"MDM","position":30,"collapsed":true,"collapsible":true} + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/_category_.json index ebf9bc76c5..b6fae684d8 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/_category_.json @@ -1 +1,2 @@ {"label":"Knowledge Base","position":1,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"knowledgebase"}} + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/knowledgebase.md index 62aa59c257..87b4dba4b5 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/knowledgebase.md @@ -11,3 +11,5 @@ See the following Knowledge Base articles for getting started with MDM. ## Troubleshooting & Tips and Tricks - [How can I "stack" Endpoint Policy Manager MSIs so the XML items inside the MSI execute in a predictable order?](/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/stackmsi.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/_category_.json index 00617ebbec..d6188f04f2 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/stackmsi.md b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/stackmsi.md index d7309cee8d..d8af130ec5 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/stackmsi.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/knowledgebase/troubleshooting/stackmsi.md @@ -49,3 +49,5 @@ As you can see, LOWER numbered Policy Layer items will process before HIGHER num items. ![749_3_image009_950x433](/images/endpointpolicymanager/mdm/749_3_image009_950x433.webp) + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/videos/_category_.json index f5151829fd..7851d76a40 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/_category_.json @@ -1 +1,2 @@ {"label":"Videos","position":2,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"videolearningcenter"}} + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/_category_.json index 8173e7fcb4..ca4b447233 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/admintemplates.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/admintemplates.md index dab5132dfa..fe31f4df5b 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/admintemplates.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/admintemplates.md @@ -9,7 +9,7 @@ MDM solutions are awesome, but they don't have real group policy, or extra Windo management features. Watch this video and learn how to use Netwrix Endpoint Policy Manager (formerly PolicyPak) to deliver REAL Group Policy settings to all your MDM enrolled Windows 10 machines. - + Hi, this is Whitney with Endpoint Policy Manager Software. Imagine this scenario. You're getting prepared for having remote workers, people working from home, and you invest in an MDM solution, @@ -61,3 +61,5 @@ here, just like we expected. We were able to deliver real group policy settings machines using the Admin Templates Manager and then deploying with your existing MDM service. If this is of interest to you, get signed up for our webinar, and we'll get you started on a 30-day free trial right away. Thanks so much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exporterutility.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exporterutility.md index 535d4943a6..0dca892854 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exporterutility.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exporterutility.md @@ -11,7 +11,7 @@ PolicyPak) directives if you are using Intune, SCCM, LanDesk, KACE or similar so deployment, and your team doesn't want to use Group Policy but wants to use Endpoint Policy Manager. See this video to see how it's done. - + ### PolicyPak: Deploying PolicyPak directives without Group Policy(PolicyPak Exporter Utility) @@ -23,7 +23,7 @@ service. By now, you've probably seen a lot of great videos showing you a bunch of awesome things that Endpoint Policy Manager can do: delivering settings using Group Policy, giving single applications elevated rights for standard users, you can -[https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites) +[https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites) – all kinds of great things. But what if you aren't using Group Policy? What if you're using SCCM or KACE or LANDESK or you have @@ -97,7 +97,7 @@ right click and "Export Collections as XML." Since I have two, I'll go ahead and "Save" and we're done. With -"[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)," +"[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)," which allows you to kill local admin rights and elevate only the applications you need, you'll create your directives like I've done here. Again, we can right click and "Export as XML," we can "EXPORT COLLECTION," or we can right click and "Export Collections as XML." If we do this, this will @@ -174,3 +174,5 @@ webinar to learn all of the things Endpoint Policy Manager can do. Then we'll ha and you'll be off to the races for your very own trial of Endpoint Policy Manager. Thanks, and we'll see you in the next video. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exportgpos.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exportgpos.md index 2af867d828..229b8243e0 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exportgpos.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/exportingtips/exportgpos.md @@ -9,3 +9,5 @@ import ExportGPOs from '/docs/endpointpolicymanager/deliverymethods/grouppolicy/ + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/citrixendpointmanager.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/citrixendpointmanager.md index bd7e4eb64b..00a1f118d6 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/citrixendpointmanager.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/citrixendpointmanager.md @@ -9,7 +9,7 @@ CEM is great ! But it has no way to deliver real Group Policy settings, or Netwr Manager (formerly PolicyPak)'s own special settings. Use Endpoint Policy Manager MDM alongside Citrix CEM for a powerful combination to increase your endpoint management capabilities ! - + Hi, this is Jeremy Moskowitz, Microsoft MVP and founder of Endpoint Policy Manager Software. In this video we're going to learn how to use Endpoint Policy Manager plus Citrix Endpoint Management or CEM @@ -169,3 +169,5 @@ can analyze them and do everything to your heart's content. I hope this video he with Endpoint Policy Manager and Citrix CEM. If you need any TLC, we're here to help you out and so are our friends at Citrix. Thank you very much and looking forward to getting you started with Endpoint Policy Manager and Citrix CEM soon. Thanks very much. Take care. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/microsoftintune.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/microsoftintune.md index 347f97371b..58c81ef590 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/microsoftintune.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/microsoftintune.md @@ -10,7 +10,7 @@ management features. Watch this video and learn how to use Netwrix Endpoint Poli PolicyPak) to deliver REAL Group Policy settings and Endpoint Policy Manager's extra settings to all your Windows Intune joined Windows 10 machines. - + Hi, this is Jeremy Moskowitz, founder and CTO of Endpoint Policy Manager software and Enterprise Mobility MVP. In this video I'm going to show you how you can take your existing on-prem group @@ -35,7 +35,7 @@ involved. The same thing with a group policy preference or shortcut or really any other group policy preferences; Endpoint Policy Manager supports all of these. For instance, in this example, I've got -a shortcut called www.endpointpolicymanager.com, and it's going to head on over to the desktop. We're going to +a shortcut called www.policypak.com, and it's going to head on over to the desktop. We're going to do that only when the machine has got the computer name with the NetBIOS name as "ndj" for not domain joined in its machine name. @@ -170,10 +170,10 @@ as this is done. We're back. Now that InTune has deployed the three moving pieces, we can see some things have changed. First, we can see the icon here on the desktop, this group policy preferences item on the -desktop going to endpointpolicymanager.com, of course, and opening up Edge as the browser. Next, we said to use +desktop going to policypak.com, of course, and opening up Edge as the browser. Next, we said to use Endpoint Policy Manager to open up PDFs in Acrobat Reader. Sure enough, we're able to do that. Go ahead and just see this white paper called Why Am Microsoft Endpoint Manager Admins Need Endpoint -Policy Manager, available at our website endpointpolicymanager.com. +Policy Manager, available at our website policypak.com. Then let's go ahead and take a look at some other items. We said don't show me Mr. Evil CD-ROM anymore. You can see no more D drive. No CD-ROM. That's not a thing anymore. @@ -199,3 +199,5 @@ then use your InTune to do the magic. Endpoint Policy Manager can help you immediately close the gap between what you need to do on your endpoints and what's capable with Microsoft Endpoint Manager. I hope this video helps you out. I'm looking forward to getting you started with Endpoint Policy Manager real soon. Thank you very much. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/mobileiron.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/mobileiron.md index 0920dd19d1..88c82ec9d6 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/mobileiron.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/mobileiron.md @@ -10,7 +10,7 @@ features. Watch this video and learn how to use Netwrix Endpoint Policy Manager to deliver REAL Group Policy settings and Endpoint Policy Manager's extra settings to all your MobileIron MDM joined Windows 10 machines. - + ### PolicyPak and MobileIron MDM @@ -34,7 +34,7 @@ browser. I have one that will run an application with elevated rights. If you have an application that won't let you bypass the UAC prompt, we can do that by elevating the rights using "Endpoint Policy Manager - [https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)." + [https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)." We can also deploy Group Policy Preferences "shortcut" items or just about every other "Microsoft Group Policy Preferences" item and also "Microsoft Group Policy Security Settings" where you can rename a "guest-account." @@ -90,7 +90,7 @@ example, I deployed it to every computer. So therefore, as soon as they join the time it should come down, install these guys and we should see the result. What I'm going to do is go over to my Windows 10 machine here and I'm going to join the MDM service -here. Let's go ahead and say "mdmuser1@endpointpolicymanager.com." Here's the "Letter from MobileIron" I got as +here. Let's go ahead and say "mdmuser1@policypak.com." Here's the "Letter from MobileIron" I got as the example user. It told me when prompted, to run this from a browser to then tell me what to put here in the server. Let me go ahead and do that. @@ -125,3 +125,5 @@ I hope this helps you out. If you're looking to get started, just give us a buzz the bits and you can bang on it yourself. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/realgrouppolicy.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/realgrouppolicy.md index 09fd52be3a..883fed6eda 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/realgrouppolicy.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/realgrouppolicy.md @@ -10,7 +10,7 @@ management features. Watch this video and learn how to use Netwrix Endpoint Poli PolicyPak) to deliver REAL Group Policy settings and Endpoint Policy Manager's extra settings to all your MDM enrolled Windows 10 machines. - + ### PolicyPak and MDM: Deploying Real Group Policy (and Extra PolicyPak Settings) Overview @@ -52,3 +52,5 @@ back in the home office. Supercharge your MDM service with Endpoint Policy Manager, and manage your Windows 10 machines like a boss. Endpoint Policy Manager: securing your standards. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/testsample.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/testsample.md index b4b1e2f705..0d5f373159 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/testsample.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/testsample.md @@ -10,7 +10,7 @@ watch this video and WALK BEFORE YOU RUN with Netwrix Endpoint Policy Manager (f MDM, and try this example.. before using your MDM service to do all the work to deploy the MSI files. When you test this procedure our first, you will have a lot more of a guarantee of success! - + Hi, this is Jeremy Moskowitz. In this video we’re going to walk before we run with our MDM service and PolicyPak. You do need to be a little bit prepared for this. In this example I’ve got my @@ -82,3 +82,5 @@ into an MSI file using your MDM service. Hope this video helps you out. Thank you for walking before you run before you try to do this for real with your MDM service. Thank you very much. Talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/workspaceone.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/workspaceone.md index cfbe0cf7af..ef0117f50a 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/workspaceone.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/workspaceone.md @@ -10,7 +10,7 @@ desktop management features. Watch this video and learn how to useNetwrix Endpoi (formerly PolicyPak) to deliver REAL Group Policy settings and Endpoint Policy Manager's extra settings to all your Workspace One (Airwatch) MDM joined Windows 10 machines. - + ### PolicyPak and Workspace One (Airwatch) MDM: Deploy Group Policy and PolicyPak superpowers today @@ -18,7 +18,7 @@ Hi. This is Jeremy Moskowitz, former Group Policy MVP and Founder of Endpoint Po Software. In this video, I'm going to show you how you can get real Group Policy settings – "Policies," "Preferences" and Endpoint Policy Manager's special settings like "Application Settings Manager," -"[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)," +"[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)," "Java Rules Manager" and so on – all of these settings out to your AirWatch investment and all of your clients using MDM. @@ -28,7 +28,7 @@ Extension." It's a little MSI that gets deployed to all of your endpoints. It's work. You're also going to upload the license file that we give you (" Endpoint Policy Manager MDM -Licenses for \*@endpointpolicymanager.com") that lights up your client side extension. Basically, what we do is +Licenses for \*@policypak.com") that lights up your client side extension. Basically, what we do is we say that you're welcome to light up anybody at a particular domain name. In my case, it would be anyone at the "Endpoint Policy Manager.com" domain name can join AirWatch and get Group Policy settings or Endpoint Policy Manager special settings. @@ -83,7 +83,7 @@ of configuration stuff and lock it down so users can't be naughty and work aroun Let's go ahead and close all this out. Now it's time to do an MDM join, and then we'll wait a little bit and we'll take a look at the after picture. To get started here, we'll put in -"mdmuser1@endpointpolicymanager.com." It needs to know the special "Server URL" here. This is exactly the +"mdmuser1@policypak.com." It needs to know the special "Server URL" here. This is exactly the process your end users would do in order to join AirWatch or any MDM service here. "Group ID" they would have gotten in an email. I just copied it here to make it easy on myself. @@ -141,3 +141,5 @@ now. If you're looking to get started with Endpoint Policy Manager plus AirWatch give us a buzz. We'll let you get started, you can bang on it and you can try it out for yourself. Thanks so much, and we'll talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/_category_.json b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/_category_.json index 53232712c2..dc12f9843f 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/_category_.json +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraid.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraid.md index 0055428ef5..d235862f3f 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraid.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraid.md @@ -185,3 +185,5 @@ groups a user or a computer has in Azure Active Directory and then take an actio that's what you want to do. Hope this helps you out. Thank you very much and talk to you soon. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupdetermine.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupdetermine.md index 8ba6fc60d1..b2728a9fe6 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupdetermine.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupdetermine.md @@ -109,3 +109,5 @@ I hope this helps you out and you're looking to get started with Endpoint Policy soon. Thanks. Bye-bye. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupmembership.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupmembership.md index a5c65b29f8..0c43fce0f0 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupmembership.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupmembership.md @@ -8,3 +8,5 @@ sidebar_position: 20 If you have Netwrix Endpoint Policy Manager (formerly PolicyPak) Cloud \*AND\* Azure AD, then use this technique to query the User or Computer groups. Then use Item Level Targeting to trigger when GPPrefs or Endpoint Policy Manager items will apply. + + diff --git a/docs/endpointpolicymanager/deliverymethods/mdm/videos/videolearningcenter.md b/docs/endpointpolicymanager/deliverymethods/mdm/videos/videolearningcenter.md index 3183c18c55..63958ddc4e 100644 --- a/docs/endpointpolicymanager/deliverymethods/mdm/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/deliverymethods/mdm/videos/videolearningcenter.md @@ -33,3 +33,5 @@ See the following Video topics for getting started with MDM. - [Determine the Azure AAD Group Membership for User or Computers](/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraid.md) - [Use Endpoint Policy Manager cloud + Azure AAD Group Membership for User or Computers](/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupmembership.md) - [Use PP MDM to determine the Azure AAD Group Membership for User or Computers](/docs/endpointpolicymanager/deliverymethods/mdm/videos/iltwithscripts/entraidgroupdetermine.md) + + diff --git a/docs/endpointpolicymanager/deliverymethods/overview.md b/docs/endpointpolicymanager/deliverymethods/overview.md index 705bc5be02..29140202aa 100644 --- a/docs/endpointpolicymanager/deliverymethods/overview.md +++ b/docs/endpointpolicymanager/deliverymethods/overview.md @@ -43,3 +43,5 @@ Consider these factors when selecting your delivery method: ## Getting Started Each delivery method section contains detailed implementation guides, best practices, and troubleshooting information specific to that deployment model. + + diff --git a/docs/endpointpolicymanager/gettingstarted/_category_.json b/docs/endpointpolicymanager/gettingstarted/_category_.json index 4429446868..92865c41e5 100644 --- a/docs/endpointpolicymanager/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/_category_.json b/docs/endpointpolicymanager/gettingstarted/basicconcepts/_category_.json index 019e1264ec..34c327fa1a 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "basicconcepts" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md b/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md index 51fdfefae4..4215c98b87 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/basicconcepts.md @@ -29,3 +29,5 @@ discuss the following Endpoint Policy Manager policies: Endpoint Policy Manager has one goal for your users' applications: to ensure that we are Securing YOUR Standards™. + + diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/_category_.json b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/_category_.json index 50faa544c2..d54709f19b 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/overview.md b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/overview.md index 958ef7a7f1..5abf551eb1 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/overview.md @@ -36,3 +36,5 @@ Products and solution methods. | Cloud Hybrid Method (MDM or RMM + Endpoint Policy Manager Cloud) | ✓ | ✓ | ✓ | | Unified Endpoint Management Method | ✓ | ✓ | X | | Virtualization | ✓ (Single desktops, shared desktops, shared sessions) | ✓ (Single desktops, shared desktops, shared sessions) | ✓ (Single virtualized desktops) | + + diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/paks.md b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/paks.md index 27e00ecb71..4814e3d5c2 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/paks.md +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/paks.md @@ -19,3 +19,5 @@ Pak offerings change from time to time when new components are added. Below we s available Paks from the Endpoint Policy Manager home page at time of publication of this manual. ![editions_solutions_paks_and_7](/images/endpointpolicymanager/editions/editions_solutions_paks_and_7.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/policies.md b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/policies.md index d49eac1cba..7761d6bf4d 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/policies.md +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/policies.md @@ -53,7 +53,7 @@ Complete. If a customer is a Endpoint Policy Manager Enterprise or SaaS customer Privilege Manager Complete. If the customer is a Endpoint Policy Manager Professional customer, they can decide between Least Privilege Manager Standard or Complete. For an overview of the two versions, check out this page: -[https://www.endpointpolicymanager.com/paks/least-privilege-security-pak/](https://www.endpointpolicymanager.com/paks/least-privilege-security-pak/). +[https://www.policypak.com/paks/least-privilege-security-pak/](https://www.policypak.com/paks/least-privilege-security-pak/). ::: @@ -234,3 +234,5 @@ non-domain-joined machines. **Note**: For more information on this topic, please see this video: [Video Learning Center](/docs/endpointpolicymanager/components/softwarepackage/videos/videolearningcenter.md) > Software Package Manager. + + diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/solutions.md b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/solutions.md index 23b8d6d141..cb436adfe7 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/solutions.md +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/editions/solutions.md @@ -157,7 +157,7 @@ of using Group Policy. :::note For a video overview of using Endpoint Policy Manager with SCCM and similar tools (such as KACE) visit: -[http://www.endpointpolicymanager.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html](http://www.endpointpolicymanager.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html) +[https://www.policypak.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html](http://www.policypak.com/video/deploying-endpointpolicymanager-directives-without-group-policy-endpointpolicymanager-exporter-utility.html) ::: @@ -183,7 +183,7 @@ systems. However, each session needs to be accounted for. :::note To learn more about Citrix and WVD multi-session Windows licensing scenarios, -[https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/](https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/). +[https://www.policypak.com/purchasing/vdi-licensing-scenarios/](https://www.policypak.com/purchasing/vdi-licensing-scenarios/). ::: @@ -197,3 +197,5 @@ use it with Endpoint Policy Manager SaaS/Cloud. For more answers about licensing Endpoint Policy Manager with virtualized systems, see: [Knowledge Base](/docs/endpointpolicymanager/) > All Things Licensing. + + diff --git a/docs/endpointpolicymanager/gettingstarted/basicconcepts/licensing.md b/docs/endpointpolicymanager/gettingstarted/basicconcepts/licensing.md index c5caad2a6b..9f55e15b00 100644 --- a/docs/endpointpolicymanager/gettingstarted/basicconcepts/licensing.md +++ b/docs/endpointpolicymanager/gettingstarted/basicconcepts/licensing.md @@ -34,7 +34,7 @@ Policy Manager licenses. For instance, if you want to use Endpoint Policy Manage 200 laptops, and 100 concurrent Terminal Services or Citrix session connections, then you will need 800 Endpoint Policy Manager licenses. Full details of how Endpoint Policy Manager licenses Terminal Services (RDS) or Citrix inbound connections can be found at the following link: -[http://www.endpointpolicymanager.com/purchasing/citrix-licensing-scenarios.html](http://www.endpointpolicymanager.com/purchasing/citrix-licensing-scenarios.html). +[https://www.policypak.com/purchasing/citrix-licensing-scenarios.html](http://www.policypak.com/purchasing/citrix-licensing-scenarios.html). ::: @@ -295,6 +295,8 @@ Volume licenses and domain-wide licenses for Endpoint Policy Manager are availab :::note For an overview and FAQ of the licensing process, please visit: -[http://www.endpointpolicymanager.com/support-sharing/licensing-faq.html](http://www.endpointpolicymanager.com/support-sharing/licensing-faq.html). +[https://www.policypak.com/support-sharing/licensing-faq.html](http://www.policypak.com/support-sharing/licensing-faq.html). ::: + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/_category_.json index 9d8f85b071..bf22535874 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/_category_.json index f50d2e6366..60f7339411 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "concepts" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/concepts.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/concepts.md index aaced4e3e7..abbfc76539 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/concepts.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/concepts.md @@ -71,3 +71,5 @@ more detail later. Tip: When you use the Endpoint Policy Manager Cloud service, you can deliver any Endpoint Policy Manager setting plus nearly any Microsoft Group Policy setting, even to non-domain-joined machines. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/downloads.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/downloads.md index a717136d43..101bf5b300 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/downloads.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/downloads.md @@ -30,7 +30,7 @@ The main menu for the Endpoint Policy Manager Customer Portal is shown below. ![concepts_logons_and_downloads_10_374x437](/images/endpointpolicymanager/cloud/concepts_logons_and_downloads_10_374x437.webp) Video: For an overview on how to use the Endpoint Policy Manager Customer Portal, please watch this -video: [http://www.endpointpolicymanager.com/customerportal](http://www.endpointpolicymanager.com/customerportal). +video: [https://www.policypak.com/customerportal](http://www.policypak.com/customerportal). For now, downloading the Bits is sufficient, but you are also welcome to download everything. If you do, you will get a ZIP file with the following: @@ -53,3 +53,5 @@ download. You won't need most of these items for Endpoint Policy Manager Cloud. Indeed, the only folders you need are the **Admin Console MSI** folder and the **Client Side Extension (CSE)** folder, as explained in the next section. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/logons.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/logons.md index d0955ebdf7..40fe750eb6 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/logons.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/logons.md @@ -9,7 +9,7 @@ sidebar_position: 10 You should have received credentials to log on to Endpoint Policy Manager Cloud. To log on, go to the Endpoint Policy Manager home page and click **Customer Login**. Then, select Log In from the Endpoint Policy Manager Cloud path on the right side of the screen. You may also go to and bookmark -cloud.endpointpolicymanager.com if you want a specific link. +cloud.policypak.com if you want a specific link. ![concepts_logons_and_downloads_2](/images/endpointpolicymanager/cloud/concepts_logons_and_downloads_2.webp) @@ -59,3 +59,5 @@ some details called out above. If you are trying out Endpoint Policy Manager Clo Endpoint Policy Manager Cloud, you should see the licenses available to you as soon as you log on. Verify you have the correct number of licenses and your expiration date looks correct. If something is wrong, please contact your Endpoint Policy Manager sales team member. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/testlab.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/testlab.md index b2f79cc970..26331f9b0a 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/testlab.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/concepts/testlab.md @@ -36,3 +36,5 @@ machines (each one within a "tab" in VMware Workstation): ![concepts_logons_and_downloads_13_624x282](/images/endpointpolicymanager/cloud/concepts_logons_and_downloads_13_624x282.webp) ![concepts_logons_and_downloads_14_623x372](/images/endpointpolicymanager/cloud/concepts_logons_and_downloads_14_623x372.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/gettingstarted.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/gettingstarted.md index a56b4c3280..5e400d95f3 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/gettingstarted.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/gettingstarted.md @@ -34,3 +34,5 @@ which is typically set up as follows: After you're done testing and you're ready to get a pool of licenses, which are good for a year, contact Netwrixsupport to obtain a license. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/_category_.json index 770b2a84f6..623907dd36 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/billing.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/billing.md index b0b409edab..0a36ca63ca 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/billing.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/billing.md @@ -9,3 +9,5 @@ sidebar_position: 80 Under the **Billing** tab, you can pay for Endpoint Policy Manager Cloud monthly using your credit card. There is a video on the page to help walk you through the process. It is recommended you always have two valid credit cards on file to ensure uninterrupted service. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/_category_.json index 43a3c8c121..ecbb75bfb1 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/addcompanyadmin.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/addcompanyadmin.md index cf50e3355e..2110dcbbf6 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/addcompanyadmin.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/addcompanyadmin.md @@ -17,3 +17,5 @@ Once there are two admins already set up, additional admins must be agreed upon admins who have the **Customer Admin Manager** role. ::: + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/_category_.json index c2645b14fd..e443cfc03a 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/_category_.json index 9c2d747221..6de8e6718b 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/changeemail.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/changeemail.md index 78f2d6da3b..321c4fc35a 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/changeemail.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/changeemail.md @@ -35,3 +35,5 @@ needs to be entered as well to confirm the change. ![web_interface_and_controls_81_499x312](/images/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/web_interface_and_controls_81_499x312.webp) You will then be immediately logged out and must log on with the new email to continue. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/loginrestrictionseditor.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/loginrestrictionseditor.md index a901ae7d3e..cced8ba440 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/loginrestrictionseditor.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/loginrestrictionseditor.md @@ -11,3 +11,5 @@ section were applied per company. The login restrictions that we are referring h admin. You can set a specific IP address or IP range to allow, as well as block, logins. ![web_interface_and_controls_83_624x528](/images/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/web_interface_and_controls_83_624x528.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/notificationeditor.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/notificationeditor.md index fc998a84b2..70c63f80f8 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/notificationeditor.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/notificationeditor.md @@ -8,3 +8,5 @@ sidebar_position: 40 See the topic [Edit Notification Configuration](/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md) for details on this operation. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/overview.md index 30c1344dbf..2fbd586b3c 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/overview.md @@ -17,3 +17,5 @@ The actions you can take are listed below and explained in the following section - [Resend Welcome Letter](/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/resendwelcomeletter.md) - [Login Restrictions Editor](/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/loginrestrictionseditor.md) - [N](/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md)[Notification Editor](/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/notificationeditor.md)ditor + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/resendwelcomeletter.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/resendwelcomeletter.md index e5c594fea5..c3227ba5c2 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/resendwelcomeletter.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/generalinfo/resendwelcomeletter.md @@ -11,3 +11,5 @@ another admin to reset his password. In this case, the helping admin would selec Letter, which would send a new welcome letter to the other admin, thus enabling access again. ![web_interface_and_controls_82_499x294](/images/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/generalinfo/web_interface_and_controls_82_499x294.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/overview.md index 94f7289cdb..14d3a05038 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/overview.md @@ -20,3 +20,5 @@ In this window, you can specify the following: - General information - Two-factor options - Role management + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/rolemanagement.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/rolemanagement.md index 6a2ec55833..b552ac8601 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/rolemanagement.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/rolemanagement.md @@ -23,3 +23,5 @@ The following roles are available: [Edit Notification Configuration](/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md) section). - Customer Admin Manager: An admin with this role can approve newly created admins when other admins initiate the request. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/twofactoroptions.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/twofactoroptions.md index 29fd85939d..743b699eda 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/twofactoroptions.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/companyadministrator/twofactoroptions.md @@ -11,3 +11,5 @@ method. If you want to force an admin to use a different method (email-based ver application-based or vice versa) or both methods, you can do that here. ![web_interface_and_controls_84_625x94](/images/endpointpolicymanager/cloud/interface/companydetails/companyadministrators/web_interface_and_controls_84_625x94.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/configureentraidaccess.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/configureentraidaccess.md index e9357b7c12..4dcb1af4a6 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/configureentraidaccess.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/configureentraidaccess.md @@ -27,3 +27,5 @@ The results are that Item-Level Targeting evaluations can now be performed direc users in Azure AD. ![web_interface_and_controls_107_623x361](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_107_623x361.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/customerlog.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/customerlog.md index e845134fc2..7464b1d6f0 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/customerlog.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/customerlog.md @@ -46,3 +46,5 @@ before and after editing. If you discover that a change is unwanted, you can imm to the previous version by selecting **Revert**. ![web_interface_and_controls_101_623x491](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_101_623x491.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/downloads.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/downloads.md index f1ada11ac0..8ec3bb1bfc 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/downloads.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/downloads.md @@ -27,3 +27,5 @@ version of the client. In this case, you can click on Download other versions an version. ![web_interface_and_controls_87_624x282](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_87_624x282.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editcustomerlevelportalpolicies.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editcustomerlevelportalpolicies.md index dce2ad1191..3320455061 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editcustomerlevelportalpolicies.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editcustomerlevelportalpolicies.md @@ -22,3 +22,5 @@ Someone with this role may set the following values: minutes. This can be changed here. ![web_interface_and_controls_103_625x304](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_103_625x304.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md index 05ebcf9e97..58b845ed6a 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/editnotificationconfiguration.md @@ -60,3 +60,5 @@ When the check box for remaining license notification threshold is set and the p below the reporting threshold, all admins get a notification. ![web_interface_and_controls_97_624x209](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_97_624x209.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/exportcompanycertificatepfx.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/exportcompanycertificatepfx.md index eacb38b29a..34d23cd40d 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/exportcompanycertificatepfx.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/exportcompanycertificatepfx.md @@ -16,3 +16,5 @@ If you perform the **Revoke Company Certificate** action, any previously downloa company certificate becomes invalid. ::: + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/loginrestrictions.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/loginrestrictions.md index dc837009ae..1b7854f53b 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/loginrestrictions.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/loginrestrictions.md @@ -16,3 +16,5 @@ you only want a connection to be allowed from your on-prem network, which remain This is the result of a blocked login: ![web_interface_and_controls_73_312x450](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_73_312x450.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/overview.md index 2f482e89b7..af80458fb5 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/overview.md @@ -78,3 +78,5 @@ certificate embedded into the MSI. Therefore, guessing the UUID or MAC address i unrelated person to join your Endpoint Policy Manager Cloud. ::: + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/revokecompanycertificate.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/revokecompanycertificate.md index 6cdf75778d..46ee0bd57e 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/revokecompanycertificate.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/companydetails/revokecompanycertificate.md @@ -31,3 +31,5 @@ existing MSIs will stop functioning. Attempts to use them will fail and the inst message:. ![web_interface_and_controls_90_624x510](/images/endpointpolicymanager/cloud/interface/companydetails/web_interface_and_controls_90_624x510.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/_category_.json index b9d23faf01..fdf134376b 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/overview.md index 5903d9ee25..8f7c0b4a57 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/overview.md @@ -72,3 +72,5 @@ Once you have your exported policy XML data file, you can select the group, then link a new XML here and then, paste the XML data. ![web_interface_and_controls_53_623x265](/images/endpointpolicymanager/cloud/interface/computergroups/web_interface_and_controls_53_623x265.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/workingwith.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/workingwith.md index 53663771a4..d507f88116 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/workingwith.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/computergroups/workingwith.md @@ -103,7 +103,7 @@ latest policies and directives. However, mass updating 100% of your endpoints at ill-advised for the same reasons you wouldn't want to roll out new system-level software to 100% of your machines at once. As such, we encourage you to review Microsoft's recommendation for a ring model when it comes to rollouts. We have documented this in great detail here: -[https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.endpointpolicymanager.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/). +[https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/](https://www.policypak.com/resources/pp-blog/using-rings-to-test-and-update-the-policypak-client-side-extension-and-how-to-stay-supported/). In Endpoint Policy Manager Cloud, because the concept of groups is already established, you can use a Endpoint Policy Manager Cloud group like a ring. To do this, choose a group and manually specify @@ -227,3 +227,5 @@ see we are searching for the word "fire" and finding policies and groups with th quickly. ![web_interface_and_controls_69_312x320](/images/endpointpolicymanager/cloud/interface/computergroups/web_interface_and_controls_69_312x320.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/filebox.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/filebox.md index 94974717ca..af98eda6b3 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/filebox.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/filebox.md @@ -68,3 +68,5 @@ Now you're ready to use the uploaded ADMX and ADML files when using the Endpoint Cloud in-cloud ADMX editors to create administrative template policies. ![web_interface_and_controls_49_624x318](/images/endpointpolicymanager/cloud/interface/web_interface_and_controls_49_624x318.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/licensestatus.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/licensestatus.md index bf5cfd2c0a..69a67399a9 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/licensestatus.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/licensestatus.md @@ -59,3 +59,5 @@ Below you can see that nine computers have transitioned from consumed to waiting waiting for all of those nine computers was due to inactivity, not because of oversubscription. ![web_interface_and_controls_4_625x326](/images/endpointpolicymanager/cloud/interface/web_interface_and_controls_4_625x326.webp) + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/overview.md index 077bd98a68..496cee61f8 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/overview.md @@ -31,3 +31,5 @@ actually appear) - Tools - Reports - Billing + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/reports.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/reports.md index 20d72172ff..c9e4e45b3e 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/reports.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/reports.md @@ -63,3 +63,5 @@ most recent XML file (in green), the date and time the computer got an old versi ![web_interface_and_controls_118_499x373](/images/endpointpolicymanager/cloud/interface/web_interface_and_controls_118_499x373.webp) This allows you to precisely knows which XML policy files were embraced by what machine and when. + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/tools.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/tools.md index acdd561a47..0cc56d928b 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/tools.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/tools.md @@ -60,3 +60,5 @@ before the word JOINTOKEN. `msiexec /i "PolicyPak Cloud Client.msi" /qn /norestart /log ` "`c:\temp\ppcloudinstall.log" JOINTOKEN="AQOLsGUcYHV6OL03pP88Qe0=`" + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/_category_.json index c712a2d39c..f695f43078 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicy.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicy.md index 4fe07d1d88..fa76ff3c70 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicy.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicy.md @@ -63,3 +63,4 @@ how to use this editor in this video: To learn how to use the in-cloud Microsoft Group Policy Preferences editors, we recommend this video: [Endpoint Policy Manager Cloud + GPPrefs (More examples)](/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/preferences.md). + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicytemplate.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicytemplate.md index c6b66df617..a10e81bea3 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicytemplate.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/createpolicytemplate.md @@ -20,3 +20,4 @@ Once selected, all the policies from that level are implemented, but are changea ![web_interface_and_controls_34_624x344](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_34_624x344.webp) Once saved, the policy is like any other XML data file. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/delete.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/delete.md index 9846cbf7d7..60ef4de4f0 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/delete.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/delete.md @@ -9,3 +9,4 @@ sidebar_position: 40 You can delete any XML data file by clicking on the **Delete** icon. ![web_interface_and_controls_13_624x476](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_13_624x476.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/download.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/download.md index ec94ec5c9a..fc258c15be 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/download.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/download.md @@ -38,3 +38,4 @@ from XML. ![web_interface_and_controls_12_562x337](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_12_562x337.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/duplicate.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/duplicate.md index 6d8bcaa2a3..9f7d42c231 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/duplicate.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/duplicate.md @@ -11,3 +11,4 @@ Note that the XML is not changeable on this screen and is shown only for referen policies have a unique name. ![web_interface_and_controls_14_624x418](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_14_624x418.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/importpolicies.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/importpolicies.md index 55a56404f6..ae4d0e5727 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/importpolicies.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/importpolicies.md @@ -56,3 +56,4 @@ When the process is completed you can see each selected policy to import with it appearing in the XML Data Files section like any other policy you create. ![web_interface_and_controls_43_500x301](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_43_500x301.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/itemleveltargetingcollections.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/itemleveltargetingcollections.md index ad538a681b..5dd824f5f3 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/itemleveltargetingcollections.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/itemleveltargetingcollections.md @@ -107,3 +107,4 @@ root node Item-Level Targeting must evaluate to "True" first, and only then will root node be evaluated for additional policy and collection Item-Level Targeting. ![web_interface_and_controls_32_624x277](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_32_624x277.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/modify.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/modify.md index afd7edcb15..efdbfa604b 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/modify.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/modify.md @@ -17,3 +17,4 @@ take an existing Endpoint Policy Manager XML export from the MMC console and ent . ![web_interface_and_controls_7_624x431](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_7_624x431.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/overview.md index 59a26f4d99..0141600520 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/overview.md @@ -28,3 +28,4 @@ Additionally, you can perform the following actions, which create new policies: ![web_interface_and_controls_5_624x199](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_5_624x199.webp) These functions and actions are described in more detail in the sections that follow. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/showreport.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/showreport.md index b621cb2056..731c12cf06 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/showreport.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/showreport.md @@ -13,3 +13,4 @@ multiple settings, and collections of settings. ![web_interface_and_controls_8_624x164](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_8_624x164.webp) ![web_interface_and_controls_9_624x317](/images/endpointpolicymanager/cloud/interface/xmldatafiles/web_interface_and_controls_9_624x317.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/upload.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/upload.md index b47fef051d..772a365960 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/upload.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/interface/xmldatafiles/upload.md @@ -41,3 +41,4 @@ Remember, after XML data files are uploaded, they do not automatically enforce a users' PCs. In order for settings to be enforced, those XML files should be linked to appropriate computer groups with computers assigned. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/_category_.json index fea603bcc1..93a0b824a6 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/computeraccountdeletion.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/computeraccountdeletion.md index 5e1d6fa2f0..116d209ae4 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/computeraccountdeletion.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/computeraccountdeletion.md @@ -21,3 +21,4 @@ The computer account then goes to the **Deleted** group. From there, you have tw connection). ![licensing_with_policypak_cloud_5_499x266](/images/endpointpolicymanager/cloud/licensing/licensing_with_endpointpolicymanager_cloud_5_499x266.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/licensemanagement.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/licensemanagement.md index d62963e1bb..c3aac4c69e 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/licensemanagement.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/licensemanagement.md @@ -19,3 +19,4 @@ You can see that only that component's license is revoked. The next time this computer connects, it will stop participating with the specified Endpoint Policy Manager Cloud component. The license, however, is immediately recovered and available to the license pool for other computers to consume. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/otherpolicydeliverymechanisms.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/otherpolicydeliverymechanisms.md index 43115f2772..3922cc8df1 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/otherpolicydeliverymechanisms.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/otherpolicydeliverymechanisms.md @@ -27,3 +27,4 @@ Directory, for example, then all directives are merged together. In the case of Policy always wins. ![licensing_with_policypak_cloud_1_624x574](/images/endpointpolicymanager/cloud/licensing/licensing_with_endpointpolicymanager_cloud_1_624x574.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/overview.md index ae60c38821..5bab66bec9 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/overview.md @@ -114,3 +114,4 @@ Manager use with Active Directory, SCCM, or MDM. The following is an example: - March: 900 In summary, you are charged for the highest number (averaged) in the 12-month period which is 1,083. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/reconnectionperiod.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/reconnectionperiod.md index dfd5bac594..0a9844d4b1 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/reconnectionperiod.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/reconnectionperiod.md @@ -28,3 +28,4 @@ no way to know if a machine is still valid and should maintain a license. If you circumstance, you can work with the Endpoint Policy Manager sales team to configure a reasonable number of days in which computers must re-connect and re-validate with Endpoint Policy Manager Cloud. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/serversessionvirtualization.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/serversessionvirtualization.md index a7dc5f4db5..bb322bd662 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/serversessionvirtualization.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/serversessionvirtualization.md @@ -34,3 +34,4 @@ your purchase. multi-session computer without a specific agreement. This is because Endpoint Policy Manager cloud will see the license use as a single license for a multi-session server, instead of handling actual usage to the maximum extent of the server. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/vdi.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/vdi.md index f5401d9b4a..6c610d5647 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/vdi.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/licensing/vdi.md @@ -33,3 +33,4 @@ scenarios: [How to install the Endpoint Policy Manager Cloud Client for use in an Azure Virtual Desktop image](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/azurevirutaldesktop.md). - Endpoint Policy Manager Cloud and VMware Horizon: [How to install and configure the PPC Client for a Non-Persistent VDI Image in VMware Horizon](/docs/endpointpolicymanager/deliverymethods/cloud/knowledgebase/clienttips/vdisolutions.md). + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/overview.md index 3a13255432..20af3f37cf 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/overview.md @@ -29,3 +29,5 @@ make sure you have your free-to-use test lab working: Getting Started with Cloud Cloud including some key security settings. Enjoy Endpoint Policy Manager Cloud! + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/_category_.json index aae812d125..d5c76d7050 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "quickstart" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/quickstart.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/quickstart.md index 07475c543c..8c94eaea35 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/quickstart.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/quickstart.md @@ -28,7 +28,7 @@ test client computer. Your account has some pre-configured policies linked to th | PPAM: WinZip 14 and Later (Example) | Application Settings Manager | If WinZip 14.5 is installed, uses Endpoint Policy Manager Application Settings Manager to manage the password settings. | WinZip 14.5, downloadable at [https://www.oldapps.com/winzip.php](https://www.oldapps.com/winzip.php) | | PPATM: Screen Saver Items Collection (Example) | Admin Templates Manager | Changes the screen saver to "Ribbons" and makes the timeout 17 minutes | Windows 10 | | PPLPM: Run Process Monitor Elevated (Example) | Least Privilege Manager | Overcomes the UAC prompt received when trying to run Process Monitor without local admin rights. | ProcMon, downloadable at [https://docs.microsoft.com/en-us/sysinternals/downloads/procmon](https://docs.microsoft.com/en-us/sysinternals/downloads/procmon) | -| PPPrefs: Shortcut to endpointpolicymanager.com on All Desktops | Group Policy Preferences: Shortcuts | Puts a shortcut to [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) with a lock icon on the destop | Windows 10 | +| PPPrefs: Shortcut to policypak.com on All Desktops | Group Policy Preferences: Shortcuts | Puts a shortcut to [www.policypak.com](https://www.policypak.com/) with a lock icon on the destop | Windows 10 | | PPSEC: Rename Guest Account (Example) | Group Policy Security | Renames the guest account to PPGUEST | Windows 10 | | PPBR: PP to IE, Mozilla to FF, GPanswers to Chrome, Block Facebook (Example) | Browser Router | Makes routes from browser to browser | Firefox ESR, downloadable at [https://www.mozilla.org/en-US/firefox/enterprise/](https://www.mozilla.org/en-US/firefox/enterprise/) Chrome, downloadable at [https://www.google.com/chrome/](https://www.google.com/chrome/) | @@ -72,3 +72,4 @@ The Endpoint Policy Manager Cloud client then immediately downloads any Endpoint directives for the computer's groups. All directives should be downloaded and active within 10 seconds after the Endpoint Policy Manager Cloud MSI is installed and the computer has joined Endpoint Policy Manager Cloud. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/verify.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/verify.md index 94172ff889..49ce5cd1c4 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/verify.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/quickstart/verify.md @@ -14,8 +14,8 @@ Windows machines. ## Endpoint Policy Manager Shortcut Preferences We have pre-loaded a Group Policy Preferences shortcut item to display a shortcut to -[www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) on the desktop for all joined machines. You can see -the [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) icon on the desktop of your client machine +[www.policypak.com](https://www.policypak.com/) on the desktop for all joined machines. You can see +the [www.policypak.com](https://www.policypak.com/) icon on the desktop of your client machine immediately after successfully joining Endpoint Policy Manager Cloud. ![policypak_cloud_quickstart_5_624x496](/images/endpointpolicymanager/cloud/endpointpolicymanager_cloud_quickstart_5_624x496.webp) @@ -64,7 +64,7 @@ Cameras tabs, which were pre-populated from an example file in Endpoint Policy M If you installed Chrome and Firefox you are welcome to test Endpoint Policy Manager Browser Router. For a very quick test, run Chrome and see the Endpoint Policy Manager Browser Router extension get loaded. Note this pop-up should only happen one time per user. Then, in the search bar, type -[www.endpointpolicymanager.com](http://www.endpointpolicymanager.com/) and hit enter. +[www.policypak.com](https://www.policypak.com/) and hit enter. ![policypak_cloud_quickstart_9_624x391](/images/endpointpolicymanager/cloud/endpointpolicymanager_cloud_quickstart_9_624x391.webp) @@ -97,3 +97,4 @@ By default your computer is only a member of two special built-in groups named * These examples show that Endpoint Policy Manager Cloud is working. You are now all set up and ready to create and upload your own directives to Endpoint Policy Manager Cloud. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/security.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/security.md index 06de1eb7b3..dc65dc67ad 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/security.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/security.md @@ -50,3 +50,5 @@ Endpoint Policy Manager Cloud will usually work using proxy servers with either HTTPS and should honor system-wide proxy settings. ::: + + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/_category_.json b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/_category_.json index 9f9312f8e2..0ba7bd40de 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/clientcommands.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/clientcommands.md index f8e6c0f33e..30b93f1b51 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/clientcommands.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/clientcommands.md @@ -28,3 +28,4 @@ The Endpoint Policy Manager Cloud client can be invoked from an elevated command license. Used with a virtual desktops scenario. - `/jointoken:value`: Used in conjunction with the `/sysprep `switch to automatically join a computer to specified groups. Used with a virtual desktop scenario. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/installation.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/installation.md index a7a4daf33d..148982252c 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/installation.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/installation.md @@ -28,7 +28,7 @@ Cloud. :::note If you always use a proxy, and the Endpoint Policy Manager Cloud client cannot seem to contact the Endpoint Policy Manager services, please read this Endpoint Policy Manager KB article: -[http://www.endpointpolicymanager.com/knowledge-base/client-installation-troubleshooting/i-always-use-a-proxy-and-the-cloud-client-cannot-seem-to-make-contact-with-the-services-see-faq-item-3-above-first-what-else-can-i-try.html](http://www.endpointpolicymanager.com/knowledge-base/client-installation-troubleshooting/i-always-use-a-proxy-and-the-cloud-client-cannot-seem-to-make-contact-with-the-services-see-faq-item-3-above-first-what-else-can-i-try.html). +[https://www.policypak.com/knowledge-base/client-installation-troubleshooting/i-always-use-a-proxy-and-the-cloud-client-cannot-seem-to-make-contact-with-the-services-see-faq-item-3-above-first-what-else-can-i-try.html](http://www.policypak.com/knowledge-base/client-installation-troubleshooting/i-always-use-a-proxy-and-the-cloud-client-cannot-seem-to-make-contact-with-the-services-see-faq-item-3-above-first-what-else-can-i-try.html). ::: @@ -101,3 +101,4 @@ computer and keep existing records)" for VDI machines. ![web_interface_and_controls_71_624x518](/images/endpointpolicymanager/troubleshooting/cloud/underhood/web_interface_and_controls_71_624x518.webp) Figure 162. Selecting the registration mode. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/overview.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/overview.md index 809e82c96f..271deab007 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/overview.md @@ -26,3 +26,4 @@ interaction with the client machines, let's explore three areas: - XML data storage (where XML directives are downloaded) - Troubleshooting installation of the Cloud client and connection troubles - Command line syntax for initiating commands from the client to the server + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/xmldatastorage.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/xmldatastorage.md index 6a8338e818..e837c9af7c 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/xmldatastorage.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/underhood/xmldatastorage.md @@ -57,3 +57,4 @@ Therefore, for instance, if you delivered a setting using Endpoint Policy Manage then undelivered that same setting using an XML data file, and then used Group Policy to re-deliver that same setting, Group Policy would always win. In short, directives delivered by Endpoint Policy Manager Cloud have the least precedence, and Group Policy always wins. + diff --git a/docs/endpointpolicymanager/gettingstarted/cloudmanual/uninstall.md b/docs/endpointpolicymanager/gettingstarted/cloudmanual/uninstall.md index 25342e24cc..7851b1a7e9 100644 --- a/docs/endpointpolicymanager/gettingstarted/cloudmanual/uninstall.md +++ b/docs/endpointpolicymanager/gettingstarted/cloudmanual/uninstall.md @@ -16,3 +16,5 @@ following happens: - Any Endpoint Policy Manager component will become unlicensed. Different licenses have different behaviors when they become unlicensed. Check the KB article here for more information: [What happens to each component when Endpoint Policy Manager gets unlicensed or the GPO or policy no longer applies?](/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/components_2.md). + + diff --git a/docs/endpointpolicymanager/gettingstarted/fastest.md b/docs/endpointpolicymanager/gettingstarted/fastest.md index e082ff3edb..f864123af5 100644 --- a/docs/endpointpolicymanager/gettingstarted/fastest.md +++ b/docs/endpointpolicymanager/gettingstarted/fastest.md @@ -30,7 +30,7 @@ answers more than 90% of use cases and installation questions. :::info Learn about what you already own/what it can do. Sign up for the IT Admin webinar -at: [https://www.endpointpolicymanager.com/demo/](https://www.endpointpolicymanager.com/demo/) +at: [https://www.policypak.com/demo/](https://www.policypak.com/demo/) ::: @@ -39,9 +39,9 @@ at: [https://www.endpointpolicymanager.com/demo/](https://www.endpointpolicymana Endpoint Policy Manager has two login areas, both of which are accessible from the main Customer Login page at Endpoint Policy Manager.com: -- [Portal](http://portal.endpointpolicymanager.com/) — On-Prem bits downloads, extras, Endpoint Policy Manager +- [Portal](https://portal.policypak.com/) — On-Prem bits downloads, extras, Endpoint Policy Manager Bootcamp (Free Training), Payment location for monthly usage -- [Cloud](http://cloud.endpointpolicymanager.com/) — The Endpoint Policy Manager Cloud service +- [Cloud](https://cloud.policypak.com/) — The Endpoint Policy Manager Cloud service ![gs1](/images/endpointpolicymanager/gettingstarted/gs1.webp) @@ -100,7 +100,7 @@ way to get oriented on the navigation. ## Get Help from Support :::warning -Email is no longer monitored at the old support @endpointpolicymanager.com email address. +Email is no longer monitored at the old support @policypak.com email address. ::: @@ -134,3 +134,5 @@ secondary user of Endpoint Policy Manager, Welcome! We strive to give you world-class support and resources. If you need anything at all, please reach out! + + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/_category_.json b/docs/endpointpolicymanager/gettingstarted/mdmmanual/_category_.json index efe5711596..44c4893ed9 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/gettingstarted.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/gettingstarted.md index 5c3bde8b98..5603f7c56e 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/gettingstarted.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/gettingstarted.md @@ -51,7 +51,7 @@ wrapped-up version of the provided XML files. Below is a summary of what each XM - `Ppatm-screensaver-settings.xml` sets the Windows screensaver to 17 minutes and forces the machine to be locked when it is powered back on. - `Ppbr-examples` makes some sample Endpoint Policy Manager Browser Router routes. Specifically, it - will route endpointpolicymanager.com to Internet Explorer, GPanswers.com to Chrome, and Mozilla.org to + will route policypak.com to Internet Explorer, GPanswers.com to Chrome, and Mozilla.org to Firefox, and it will block Facebook.com. - `Pplpm-run-procmon-elevated.xml` enables Process Monitor to bypass UAC prompts and run elevated. - P`pprefs-shortcut.xml` shows a Endpoint Policy Manager shortcut item on the desktop. @@ -77,3 +77,4 @@ following video: Then, you can learn more about how to use Endpoint Policy Manager with your own MDM tool on this page: Getting Started with MDM > [Video Learning Center](/docs/endpointpolicymanager/deliverymethods/mdm/videos/videolearningcenter.md). + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/overview.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/overview.md index cb1cb3b2ad..3eed7aa0de 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/overview.md @@ -66,3 +66,4 @@ Endpoint Policy Manager directives, including the following: Instead, you want it to get some Endpoint Policy Manager directives. - You are using Microsoft Intune or another remote management system to manage machines, and you want to add Group Policy functionality, but that utility doesn't have Group Policy functionality. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/_category_.json b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/_category_.json index 95d467382f..e0fcb1c3d5 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/copypaste.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/copypaste.md index f78f42292e..9ab93ded74 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/copypaste.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/copypaste.md @@ -25,3 +25,4 @@ Explorer includes in order to make it easier to read. **Step 4 –** Click **Validate**. If successful, the **Validate** button will change to Save. ![policypak_exporter_tips_tricks_4](/images/endpointpolicymanager/mdm/tips/endpointpolicymanager_exporter_tips_tricks_4.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/enableprioritymode.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/enableprioritymode.md index e3e06543b0..83c7d54cb1 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/enableprioritymode.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/enableprioritymode.md @@ -31,3 +31,4 @@ As you can see in the figure, items with lower numbered Policy Layer IDs will pr with higher numbered Policy Layer IDs. ![policypak_exporter_tips_tricks_1](/images/endpointpolicymanager/mdm/tips/endpointpolicymanager_exporter_tips_tricks_1.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/manual.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/manual.md index 83f6821c7a..de70d567f3 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/manual.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/manual.md @@ -54,3 +54,4 @@ The reason Endpoint Policy Manager uses the SID and not the actual user or group SIDs are permanent, whereas the underlying name in Active Directory can be changed. Once the exported XML data files are in the directory, the Endpoint Policy Manager engine will pick up the change within 10 seconds and perform the function. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/modify.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/modify.md index e3bb319d4b..6679789526 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/modify.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/modify.md @@ -50,3 +50,4 @@ this technical note from Microsoft: In short, when you open and utilize the MSI, save it again (using the same name or a different name), and update the product version, the resulting MSI will correctly remove any old references and correctly update any new references. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/overview.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/overview.md index 7bfb5d91fe..c83387da81 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/overview.md @@ -15,3 +15,4 @@ tips and tricks. Below are the tips we will be exploring: - Enabling Priority Mode - Understand how XML data files are processed when they are delivered - Manually placing XML data files on target computers (advanced topic) + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/processorder.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/processorder.md index d5bc60e4dd..33dc127db8 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/processorder.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/processorder.md @@ -48,3 +48,4 @@ Log files for the automatic application of XML data settings are found in `%appdata%\local\PolicyPak` in a file called ppUser_onXMLdata.log. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/recycle.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/recycle.md index a664ae9559..8a56da6107 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/recycle.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/tips/recycle.md @@ -24,3 +24,4 @@ as shown in Figure 57. ![policypak_exporter_tips_tricks_6](/images/endpointpolicymanager/mdm/tips/endpointpolicymanager_exporter_tips_tricks_6.webp) Figure 57. The steps to copy an existing user list by working in the "Select Users" dialog. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/_category_.json b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/_category_.json index c1b4360f0a..58fce522c9 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "uemtools" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/_category_.json b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/_category_.json index b8aac0f134..4e22a7531f 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/ensuringenrollment.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/ensuringenrollment.md index ed2aa8b829..d00a0e7ce8 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/ensuringenrollment.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/ensuringenrollment.md @@ -13,3 +13,4 @@ verify this. In the figure, the machine is not MDM enrolled, and therefore canno Figure 49. Verifying if the computer is MDM enrolled. In this example, the machine is not MDM enrolled. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/installhand.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/installhand.md index 3b66342741..87c4680721 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/installhand.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/installhand.md @@ -15,3 +15,4 @@ three items by hand, then we can quickly rule out the following issues: - Licensing issues - Problems with the wrong CSE (too old or incorrect bits—32-bit or 64-bit—on the machine) - Problems wrapping up your XMLs into an MSI + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/overview.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/overview.md index d6cfc21ccf..14592c3917 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/overview.md @@ -11,3 +11,4 @@ the Endpoint Policy Manager CSE, the Endpoint Policy Manager license file, and t Manager settings MSI files. That means there are (at least) three places to look when things go wrong. The next three sections address the top problems and resolutions connected to these three items. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/successevents.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/successevents.md index 1a3c174269..542398a9f1 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/successevents.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/successevents.md @@ -27,3 +27,4 @@ By attempting to deploy the free Terminals MSI without any other Endpoint Policy can see if the problem is in the MDM deployment of MSIs in general. For instance, you might have the MDM targeting set up incorrectly or there might be some other MDM problem that you can work with your MDM vendor to solve. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/_category_.json b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/_category_.json index 47e89c70bb..a6663ed797 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/microsoftintune.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/microsoftintune.md index 97c3cf1498..5f48c2d09b 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/microsoftintune.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/microsoftintune.md @@ -27,3 +27,4 @@ item from the Add/Remove Programs options to prevent uninstallation. Using the f Once you select the group, you can change the Deployment Action to Required Install. Be sure the computer is MDM-joined and in the correct group. If the MSIs do not download as expected, see the [Troubleshooting](/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/overview.md) section. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/mobileiron.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/mobileiron.md index 3dd69e62dc..1b0763a5c1 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/mobileiron.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/mobileiron.md @@ -63,3 +63,4 @@ service. Be sure the computer is MDM-joined and in the correct group (if any). If the MSIs do not download as expected, see [Troubleshooting](/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/mdm/overview.md). + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/overview.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/overview.md index 452b3c31d0..c25e882719 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/overview.md @@ -88,3 +88,4 @@ The name of the actual license file you get might be somewhat different. The next three sections discuss a few setup tips and tricks for Microsoft Intune MDM, MobileIron MDM, and VMware Workspace ONE MDM. The setup steps may vary a little from what is listed in the next few sections, but they are the basic steps for each of the major services. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/vmwareworkspaceone.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/vmwareworkspaceone.md index a76f2271a9..5b67cbfdeb 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/vmwareworkspaceone.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/service/vmwareworkspaceone.md @@ -43,3 +43,4 @@ This is the final result in VMware Workspace ONE: **Step 4 –** As a test, on an example client, perform your MDM enrollment to your VMware Workspace ONE service. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md index 7e550e9fad..7b81021169 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/uemtools/uemtools.md @@ -39,3 +39,4 @@ SCCM, KACE, etc., see the following link: Getting Started with Endpoint Policy M [Knowledge Base](/docs/endpointpolicymanager/). ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/_category_.json b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/_category_.json index 934bee403e..2aeab466de 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/administrativetemplates.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/administrativetemplates.md index 3b7d3257a7..06aec07e6b 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/administrativetemplates.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/administrativetemplates.md @@ -18,3 +18,4 @@ Figure 15. Exporting the policy as an XML file. ![deploying_policypak_directives_16](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_16.webp) Figure 16. Exporting the collection as an XML file. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/applicationssettings.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/applicationssettings.md index ef419961d1..fa1fd34c92 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/applicationssettings.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/applicationssettings.md @@ -24,3 +24,4 @@ to XMLData File," as shown in Figure 11. Then save the XML file for the next ste Figure 11. Using an existing GPO with a Endpoint Policy Manager Application Settings Manager directive to select "Export settings to XMLData File." + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/browserrouter.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/browserrouter.md index 930106877b..23244a5b04 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/browserrouter.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/browserrouter.md @@ -9,7 +9,7 @@ sidebar_position: 30 Endpoint Policy Manager Browser Router settings can be exported as an XML file. Right-click` Computer Configuration | PolicyPak | Browser Router` or `User Configuration | PolicyPak | Browser Router`, and pick the collection you wish to export, as -shown in Figure 13. For full details on the Endpoint Policy Manager Browser Router, see Book 5: +shown in Figure 13. For full details on the Endpoint Policy Manager Browser Router, see the [Browser Router](/docs/endpointpolicymanager/components/browserrouter/overview.md). ![deploying_policypak_directives_12](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_12.webp) diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/feature.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/feature.md index e90ba579bf..b1dc69dd00 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/feature.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/feature.md @@ -23,3 +23,4 @@ the menu, as shown in Figure 29. ![deploying_policypak_directives_29](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_29.webp) Figure 29. Exporting a single Endpoint Policy Manager Feature Manager entry. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/fileassociations.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/fileassociations.md index 6e4275bead..703a1b65cc 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/fileassociations.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/fileassociations.md @@ -18,3 +18,4 @@ Figure 17. Exporting a single Endpoint Policy Manager File Associations Manager ![deploying_policypak_directives_18](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_18.webp) Figure 18. Exporting a whole collection. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/javaenterpriserules.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/javaenterpriserules.md index b0fad1e604..f4f32b6ccd 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/javaenterpriserules.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/javaenterpriserules.md @@ -22,3 +22,4 @@ as is shown in Figure 14. ![deploying_policypak_directives_14](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_14.webp) Figure 14. Exporting a single Endpoint Policy Manager Java Enterprise Rules Manager entry. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/leastprivilegemanager.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/leastprivilegemanager.md index f06ce503c8..1c2e7900b2 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/leastprivilegemanager.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/leastprivilegemanager.md @@ -15,3 +15,4 @@ as shown in Figure 12. ![deploying_policypak_directives_11](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_11.webp) Figure 12. Exporting a collection as an XML file via Least Privilege Manager. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/overview.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/overview.md index f6f967f871..12866ff18c 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/overview.md @@ -157,3 +157,4 @@ Figure 10. Naming the MSI. **Step 7 –** When you click "Next" in the Installer Properties page, you will be prompted to save your MSI file. If you need it later, the MSI file can be opened and edited again (see the section "Modifying Existing MSI files with Endpoint Policy Manager Exporter"). + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/preferences.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/preferences.md index d90eb437f9..802f8beafe 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/preferences.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/preferences.md @@ -9,7 +9,7 @@ sidebar_position: 70 To make an XML file from a Group Policy Preference item, first create the item. Be sure to embed any Group Policy Preference Item-Level Targeting within your item to limit when the item will apply. For instance, you may want to limit by operating system, IP address range, the presence of a file, and -so on. Refer to Book 9: [Preferences Manager](/docs/endpointpolicymanager/components/preferencesmanager/manual/overview.md), for more details. +so on. Refer to the [Preferences Manager](/docs/endpointpolicymanager/components/preferencesmanager/manual/overview.md) for more details. Then, drag the Group Policy Preference item from the MMC console to create the XML data file. You can drag this file to a folder or your desktop, as shown in Figure 19. diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/scripts.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/scripts.md index 7832cce586..b79031445c 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/scripts.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/scripts.md @@ -18,3 +18,4 @@ Alternatively, you can export a whole collection, as shown in Figure 27, by righ ![deploying_policypak_directives_27](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_27.webp) Figure 27. Exporting a whole collection using Endpoint Policy Manager Scripts Manager. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/securitysettings.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/securitysettings.md index ea3c01a46e..e035d8b21e 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/securitysettings.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/securitysettings.md @@ -9,7 +9,7 @@ sidebar_position: 80 Endpoint Policy Manager Security Settings Manager will export the computer-side security within a GPO as an XML file. Right-click `Computer Configuration | PolicyPak | Security Manager`, and select the only setting that is available in the menu, as shown in Figure 21. For full details on the -Endpoint Policy Manager Security Settings Manager Export Wizard, see Book 10: +Endpoint Policy Manager Security Settings Manager Export Wizard, see the [Security Settings Manager](/docs/endpointpolicymanager/components/securitysettingsmanager/manual/overview.md). ![deploying_policypak_directives_21](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_21.webp) diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/startscreen.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/startscreen.md index c3257ed478..7044ff40dc 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/startscreen.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/startscreen.md @@ -21,3 +21,4 @@ You can export a single Endpoint Policy Manager Start Screen Manager entry, as s ![deploying_policypak_directives_23](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_23.webp) Figure 23. Exporting a single Endpoint Policy Manager Start Screen Manager entry. + diff --git a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/taskbar.md b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/taskbar.md index 449b7033b8..0b0aac77a6 100644 --- a/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/taskbar.md +++ b/docs/endpointpolicymanager/gettingstarted/mdmmanual/xmldatafiles/taskbar.md @@ -22,3 +22,4 @@ Figure 25. ![deploying_policypak_directives_25](/images/endpointpolicymanager/mdm/xmldatafiles/deploying_endpointpolicymanager_directives_25.webp) Figure 25. Exporting a single Endpoint Policy Manager Taskbar Manager entry. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/_category_.json index bd8acf57fb..116f871e27 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/_category_.json @@ -1 +1,2 @@ {"label":"Misc","position":40,"collapsed":true,"collapsible":true} + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/_category_.json index ebf9bc76c5..b6fae684d8 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/_category_.json @@ -1 +1,2 @@ {"label":"Knowledge Base","position":1,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"knowledgebase"}} + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/_category_.json index df8e174b92..351ace2865 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/changemanagementtools.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/changemanagementtools.md index b4f40f0682..75421442a0 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/changemanagementtools.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/changemanagementtools.md @@ -118,3 +118,4 @@ Additionally, tools like Netwrix Auditor can monitor all GPO changes for both Mi Policy Manager-specific and alert you to unwanted changes. ![921_3_image-20230207205126-1](/images/endpointpolicymanager/troubleshooting/921_3_image-20230207205126-1.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/arm.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/arm.md index 58e879d794..e8cd99ee9c 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/arm.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/arm.md @@ -42,3 +42,4 @@ When Endpoint Policy Manager CSE is installed we will not install some component don't apply when the processor is determined to be unable to run ARM32 applications. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guide.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guide.md index ae68de4e19..a4f9b9b640 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guide.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guide.md @@ -8,3 +8,4 @@ sidebar_position: 10 Yes, see the [Netwrix Endpoint Policy Manager Quick Start](/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md) topic to help you get started with Netwrix Endpoint Policy Manager (formerly PolicyPak) immediately. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guideinstall.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guideinstall.md index 2d90dc3d5a..714124f572 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guideinstall.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/guideinstall.md @@ -8,3 +8,4 @@ sidebar_position: 20 Yes, see the [Installation Quick Start](/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md) topic for information on how to install Netwrix Endpoint Policy Manager (formerly PolicyPak) . + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/history.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/history.md index 36ddf9874e..21b2e0facd 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/history.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/history.md @@ -136,3 +136,4 @@ Before 2017 - Endpoint Policy Manager CSE Process Exclusions to actively exclude entanglement in other systems - Standalone (non-MMC) Policy Editor - MMC: GPO What changed, history and rollback + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/prepare.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/prepare.md index 3e322709af..7730bf8b94 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/prepare.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/prepare.md @@ -66,7 +66,7 @@ It is important to get organized before the session starts. Follow these steps t is ready on your side: **Step 1 –** Use the Endpoint Policy Manager Customer Portal -([http://www.endpointpolicymanager.com/customerportal](http://www.endpointpolicymanager.com/customerportal)) to download +([https://www.policypak.com/customerportal](http://www.policypak.com/customerportal)) to download Everything. ![289_1_image-20240111131924-2](/images/endpointpolicymanager/gettingstarted/289_1_image-20240111131924-2.webp) @@ -257,8 +257,8 @@ Example machine renamed to work UN-licensed: - The Endpoint Policy Manager Cloud is the service to manage machines over the Internet. - You should have a Welcome Letter to the Endpoint Policy Manager Cloud. If you cannot find your welcome letter, go to - [https://cloud.endpointpolicymanager.com/Account/ForgotPassword](https://cloud.endpointpolicymanager.com/Account/ForgotPassword) - and request it. Then log on to [https://cloud.endpointpolicymanager.com](https://cloud.endpointpolicymanager.com/). + [https://cloud.policypak.com/Account/ForgotPassword](https://cloud.policypak.com/Account/ForgotPassword) + and request it. Then log on to [https://cloud.policypak.com](https://cloud.policypak.com/). - Verify that you can log on to the Endpoint Policy Manager Cloud. - Make sure that from your machine we can remote control the endpoint which is the machine you'll be managing using Endpoint Policy Manager Cloud. @@ -321,3 +321,4 @@ tool) and create Endpoint Policy Manager Least Privilege Manager rules that will Make sure both computers are joined to the domain and we can create GPOs and affect Computer2 with Endpoint Policy Manager directives. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/rightclick.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/rightclick.md index 2b241b3012..47abcbf559 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/rightclick.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/rightclick.md @@ -35,3 +35,4 @@ menu. Without an anchor item, the right-click fly-out menu doesn't work as expec This is a limitation in Windows 11. If this behavior changes or improves in Windows 11 (or later), we will update this article. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows11.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows11.md index 33cb63bca6..84e1c4b57e 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows11.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows11.md @@ -41,7 +41,7 @@ The general rules are as follows: If you have an explicit route to a URL and specify Internet Explorer, Endpoint Policy Manager Browser Router will attempt to invoke IE in Edge mode. An explicit route could be something like -https://www.endpointpolicymanager.com/webinar. +https://www.policypak.com/webinar. An example can be seen below. Note it doesn't matter if the pulldown is set for **Open in standalone IE** or **Open as IE in Edge tab** is set. Those settings only matter for Windows 10 and are ignored @@ -128,3 +128,4 @@ No particular Windows 11 changes or incompatibilities. If you were to use an older CSE you shouldn't see any incompatibilities or any differences. That being said, we always recommend you use the latest CSE, as fixes and updates occur regularly. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows7.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows7.md index be499e7869..74e144163c 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows7.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/gettingstarted/windows7.md @@ -48,3 +48,4 @@ updated all the time. More details about .Net framework versions can be found here: [https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/versions-and-dependencies](https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/versions-and-dependencies) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/knowledgebase.md index a67d97d6ef..8b1994e3d7 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/knowledgebase.md @@ -88,3 +88,4 @@ The following topics can help you getting started with Endpoint Policy Manager ( ## Endpoint Policy Manager & Change Management Utilities - [Understanding the Difference Between Endpoint Policy Manager and GPO Change Management Tools](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/changemanagementutilities/changemanagementtools.md) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/_category_.json index 704ff428b6..47f9c727c8 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/mmcsnapin.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/mmcsnapin.md index feea3b4a37..0280bcc431 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/mmcsnapin.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/mmcsnapin.md @@ -81,3 +81,4 @@ the MMC snap-in. **Step 3 –** Going forward, the ADMX setting will command the MMC snap-in and it will be unconfigurable. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/permissions.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/permissions.md index 6678c5315d..f9c78fc593 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/permissions.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/netwrixauditor/permissions.md @@ -56,3 +56,4 @@ Final result can be seen here where the user is now permitted to see the Endpoin report. ![969_5_image-20231017185713-5_950x730](/images/endpointpolicymanager/integration/auditor/969_5_image-20231017185713-5_950x730.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/_category_.json index c48c4157c9..7eddf74dd1 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/chrome.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/chrome.md index 0ca7d77313..db193f5b88 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/chrome.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/chrome.md @@ -101,3 +101,4 @@ In our testing, here are the settings which will and will not work when non-doma | Extension-Install-Sources | ![Checkmark Icon](/images/endpointpolicymanager/troubleshooting/nondomain/517_1_thick.webp) | If you have questions about our results, please use the Endpoint Policy Manager Forums. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/edge.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/edge.md index e92a834760..86604bf4af 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/edge.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/edge.md @@ -97,3 +97,4 @@ else     -PropertyType String -Force | Out-Null     } ``` + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/limitations.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/limitations.md index 650843e2f5..b20edb4dd7 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/limitations.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/nondomainjoined/limitations.md @@ -38,3 +38,4 @@ There are some items which will not work if the computer is not domain joined… 4. Windows Edge + Chromium: The Browser Router Extension will not install automatically. There is NO workaround at this time except to manually install the Chrome Extension on Edge by hand. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/_category_.json index b90c962c2d..9a8b388dfe 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/adduser.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/adduser.md index 99b2181c01..abc8439fdb 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/adduser.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/adduser.md @@ -7,8 +7,8 @@ sidebar_position: 10 # How do I create a Secondary (or Accounting) contact within the Portal to enable another person to participate in Endpoint Policy Manager (including downloads, updates, etc.)? :::note -This article pertains to portal.endpointpolicymanager.com.  If you need to manage users in the Netwrix -Endpoint Policy Manager (formerly PolicyPak) Cloud Portal (cloud.endpointpolicymanager.com) +This article pertains to portal.policypak.com.  If you need to manage users in the Netwrix +Endpoint Policy Manager (formerly PolicyPak) Cloud Portal (cloud.policypak.com) see [Endpoint Policy Manager Cloud: Adding New Admins](/docs/endpointpolicymanager/deliverymethods/cloud/videos/security/administrator.md) ::: @@ -16,7 +16,7 @@ see [Endpoint Policy Manager Cloud: Adding New Admins](/docs/endpointpolicymana There are three steps in the process: **Step 1 –** Your **Primary** must log on to the Endpoint Policy Manager portal -([portal.endpointpolicymanager.com](https://portal.endpointpolicymanager.com/)). +([portal.policypak.com](https://portal.policypak.com/)). **Step 2 –** Click on **Your Contacts** and then **Secondary** to see who is secondary. @@ -31,4 +31,5 @@ people. - Accounting people get ONLY renewal emails Finally, note that this does not add someone as another Endpoint Policy Manager CLOUD admin. That -function is exclusively within the [CLOUD.endpointpolicymanager.com](https://cloud.endpointpolicymanager.com/) function. +function is exclusively within the [CLOUD.policypak.com](https://cloud.policypak.com/) function. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/cheksum.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/cheksum.md index 3b41380ce5..c871757f8d 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/cheksum.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/cheksum.md @@ -34,3 +34,4 @@ produce a different result. ![912_2_image002_950x217](/images/endpointpolicymanager/cloud/912_2_image002_950x217.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/emailoptout.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/emailoptout.md index 29e24c6be2..c0d597e057 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/emailoptout.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/emailoptout.md @@ -10,3 +10,4 @@ Emails are a key component to ensure that your product is up to date, free of bu made aware of any and all security concerns. As such it is not possible to opt out of emails because they are part of our commitment to you as a customer. We are also bound legally to inform you of any such issues. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/login.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/login.md index a3e7dcd978..35cdcb7fc4 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/login.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/login.md @@ -65,3 +65,4 @@ images and files is checked. All 3 browsers have the Ctrl-Shift-Del shortcut that provides quick access to this setting. ![926_8_image-20230104100124-9_370x346](/images/endpointpolicymanager/troubleshooting/cloud/926_8_image-20230104100124-9_370x346.webp) ![926_9_image-20230104100144-10_322x350](/images/endpointpolicymanager/troubleshooting/cloud/926_9_image-20230104100144-10_322x350.webp) ![926_10_image-20230104100211-11_294x358](/images/endpointpolicymanager/troubleshooting/cloud/926_10_image-20230104100211-11_294x358.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/profileupdate.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/profileupdate.md index 4ae7f41e6c..122de5630e 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/profileupdate.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/profileupdate.md @@ -37,3 +37,4 @@ and acknowledge. **Step 4 –** Afterward, the contact will receive an email at the new address where they can click to confirm the email address. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/twofactorauthentication.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/twofactorauthentication.md index 723efe644d..3e03ae340a 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/twofactorauthentication.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/portalquestions/twofactorauthentication.md @@ -122,3 +122,4 @@ In this particular scenario, if anyone had app 2FA previously configured (had sc QR code) then that code will still work. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/_category_.json index 54d8242ddf..95ebd5e234 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/applypreferences.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/applypreferences.md index 301d984ad7..9008a9b0d6 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/applypreferences.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/applypreferences.md @@ -17,7 +17,7 @@ the example below, and you want to use Item Level Targeting (ITM) to do it. :::note Item Level Targeting is a Microsoft technology provided as part of the their Group Policy Preferences CSE for Group Policy.See -[Apply Item-Level Targeting Outside Domains & GP Preferences](https://www.endpointpolicymanager.com/resources/pp-blog/item-level-targeting/) +[Apply Item-Level Targeting Outside Domains & GP Preferences](https://www.policypak.com/resources/pp-blog/item-level-targeting/) for additional information. Endpoint Policy Manager utilizes this ability to filter based on criteria, but the underlying engine is developed by Microsoft. Because this is not our code, What that means is that its not our code and so sometimes there are behaviors related to ILT that we @@ -67,3 +67,4 @@ This is the sequence after clicking the three dots: ![139_5_overall-faq-01-img-05](/images/endpointpolicymanager/itemleveltargeting/139_5_overall-faq-01-img-05.webp) ![139_6_overall-faq-01-img-06](/images/endpointpolicymanager/itemleveltargeting/139_6_overall-faq-01-img-06.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/emailoptout.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/emailoptout.md index b4433e1c6a..e524a7d3b7 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/emailoptout.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/emailoptout.md @@ -27,7 +27,7 @@ What you cannot opt out of are the following types of emails: - Renewal-time emails before you expire (which start 90 days before you expire.) - General announcements and requests (like survey requests, etc.) -You may use the portal.endpointpolicymanager.com login, then select Your Profile to choose to opt out of SOME +You may use the portal.policypak.com login, then select Your Profile to choose to opt out of SOME emails. If, after un-selecting the items below, you still want to receive LESS email, then you will need to @@ -37,3 +37,4 @@ We at Endpoint Policy Manager have a responsibility for ensuring that some commu you, and agree to do our best. It's up to you if you wish to actively block these emails. ![693_1_faq2](/images/endpointpolicymanager/tips/693_1_faq2.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/embedclient.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/embedclient.md index 212d9f7250..3a88828682 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/embedclient.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/embedclient.md @@ -71,3 +71,4 @@ Extension) to a Citrix machine that hosts multiple users. This is because Endpoi Cloud sees this as ONE consumed license; where you would need to pay licensing fees for each concurrent connection. The only time this is permissible is with an express written agreement between your company and Endpoint Policy Manager where we both agree that you are doing this. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidgroups.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidgroups.md index 02422263bd..b674a54349 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidgroups.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidgroups.md @@ -24,3 +24,4 @@ videos Scripts are available in the Advice section of the Portal. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidsids.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidsids.md index 8980453531..75c9421937 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidsids.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/entraidsids.md @@ -108,3 +108,4 @@ column to verify that the policy applied. Alternatively, check the Endpoint Policy Manager event log: ![1_21_image-20200129215924-11](/images/endpointpolicymanager/itemleveltargeting/1_21_image-20200129215924-11.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventcategories.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventcategories.md index bea347697a..750fb8fc46 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventcategories.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventcategories.md @@ -443,3 +443,4 @@ The following are all the operational events for Endpoint Policy Manager: | 11015 | Collector Events submission started on schedule | | 11016 | Collector Events submission activity ended | | 11017 | Collector Events pushed manually | + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md index 3a3a6f5033..fea4e0f3fd 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/eventlogs.md @@ -15,7 +15,7 @@ If you want to learn more about on-prem Event Forwarding, you can see my Walkthr that here [Using Windows Event Forwarding to search for interesting events](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/eventing/windowseventforwarding.md) and -[How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/eventing/windowseventforwarding.md). +[How to forward interesting events for Least Privilege Manager (or anything else) to a centralized location using Windows Event Forwarding.](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/eventing/windowseventforwarding.md). ::: diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/folderredirection.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/folderredirection.md index 7df367d8b3..65622753f3 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/folderredirection.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/folderredirection.md @@ -102,3 +102,4 @@ The policy settings you might want to use are… and / or ![590_2_img-2](/images/endpointpolicymanager/tips/590_2_img-2.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/mmcdisplay.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/mmcdisplay.md index b0db7d3afd..bb8b59f9ca 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/mmcdisplay.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/mmcdisplay.md @@ -14,3 +14,4 @@ station. This policy doesn't need to hit the end-points.. just the admin machine. ![603_1_faq-5-img-1](/images/endpointpolicymanager/tips/603_1_faq-5-img-1.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/onpremisecloud.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/onpremisecloud.md index 6878dd9fa4..3cbada1ddb 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/onpremisecloud.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/onpremisecloud.md @@ -16,3 +16,4 @@ All policies are simply merged together. If there's a conflict, the on-premise d Group Policy) wins. ![609_1_img19-deliveryconflict005-resized-450px](/images/endpointpolicymanager/tips/609_1_img19-deliveryconflict005-resized-450px.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/operatingsystem.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/operatingsystem.md index 79a5b230c4..3136405d3e 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/operatingsystem.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/operatingsystem.md @@ -44,3 +44,4 @@ example, AppLocker requires Windows Enterprise edition. \* Endpoint Policy Manager utilizes the built-in GPPrefs Item Level Targeting. As such, any item which relies upon Item Level Targeting will evaluate to TRUE or not function, since GPPrefs are not part of this operating system. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/securitygroup.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/securitygroup.md index 9461f4e7f3..6c66bafb12 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/securitygroup.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/securitygroup.md @@ -10,3 +10,4 @@ The Security Group Item Level Targeting (ILT) option is Direct by default, when unchecked, but Recursive when it is checked. ![561_1_overall-faq-s1p5](/images/endpointpolicymanager/itemleveltargeting/561_1_overall-faq-s1p5.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/services.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/services.md index 223e75713e..9b19d82188 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/services.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/services.md @@ -8,3 +8,4 @@ sidebar_position: 140 Yes. The services are an integral part of every Netwrix Endpoint Policy Manager (formerly PolicyPak) component and required for each of them to function properly. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/syspreperror.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/syspreperror.md index 0b12360da8..1da6d50f56 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/syspreperror.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/syspreperror.md @@ -55,3 +55,4 @@ at the second login. See the Microsoft article [Sysprep fails remove or update store apps](https://learn.microsoft.com/en-us/troubleshoot/windows-client/installing-updates-features-roles/sysprep-fails-remove-or-update-store-apps) for more information. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/thirdpartyadvice.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/thirdpartyadvice.md index e0a99633bd..a011fb1171 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/thirdpartyadvice.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/thirdpartyadvice.md @@ -74,7 +74,7 @@ if endpoints got the contents of the CIS Benchmarks you expect. :::note View -[https://www.endpointpolicymanager.com/products/compliance-reporter.html](https://www.endpointpolicymanager.com/products/compliance-reporter.html) +[https://www.policypak.com/products/compliance-reporter.html](https://www.policypak.com/products/compliance-reporter.html) to get the general feel for how you would do this. ::: @@ -135,3 +135,4 @@ The basics for how to take existing Group Policy settings (from CIS Benchmarks o use with Endpoint Policy Manager MDM can be found [Reduce GPOs (and/or export them for use with Endpoint Policy Manager Cloud or with MDM)](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/tipsandtricks/exportgpos.md) and [Endpoint Policy Manager and Microsoft Intune](/docs/endpointpolicymanager/deliverymethods/mdm/videos/gettingstarted/microsoftintune.md). + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/uninstallpassword.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/uninstallpassword.md index fd93db506f..849b6415a9 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/uninstallpassword.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/uninstallpassword.md @@ -161,3 +161,4 @@ the password previously set earlier. Remember, anyone with full admin rights (or ability to use the Endpoint Policy Manager ADMX settings) can circumvent the password set on the machine. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/virtualdesktops.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/virtualdesktops.md index 6d48ee6293..85b37d5552 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/virtualdesktops.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/virtualdesktops.md @@ -23,3 +23,4 @@ For other unusual SKUs and information on how to get the ID, see the Microsoft a [OperatingSystemSKU Enum.](https://learn.microsoft.com/en-us/dotnet/api/microsoft.powershell.commands.operatingsystemsku?view=powershellsdk-1.1.0) ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows.md index c15982158e..4c5a12fafa 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows.md @@ -24,3 +24,4 @@ Windows 7, and so on. The final build with best effort support is 23.8, and no m produced after that. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows11.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows11.md index fcaac18a2f..656ca073c2 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows11.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windows11.md @@ -114,3 +114,4 @@ SELECT OperatingSystemSKU FROM Win32_OperatingSystem WHERE OperatingSystemSKU = Here's an example: ![14_8_faq-4-rev-1-img-8](/images/endpointpolicymanager/itemleveltargeting/14_8_faq-4-rev-1-img-8.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsendpoint.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsendpoint.md index 25032c80e5..a65450d552 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsendpoint.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsendpoint.md @@ -43,3 +43,4 @@ To add additional targets, simply add another Registry Match option for CurrentB specify the additional value and change the separator option from AND to OR. ![803_5_image-20230207212701-6](/images/endpointpolicymanager/itemleveltargeting/803_5_image-20230207212701-6.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsserver2019.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsserver2019.md index ed2232c184..a0310427c4 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsserver2019.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/tipstricksandfaqs/windowsserver2019.md @@ -62,3 +62,4 @@ following technique: Windows 10 and BuildNumber \<= 17704 ![88_7_image](/images/endpointpolicymanager/itemleveltargeting/88_7_image.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/_category_.json index 697c5fe85f..530b52cb98 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/antivirus.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/antivirus.md index 2c93ed8cdd..c887fdf551 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/antivirus.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/antivirus.md @@ -19,3 +19,4 @@ The example files we provide are examples to use or ignore. And, we even put it the folder about the possibility of this file being seen by download filters. ![756_3_img2](/images/endpointpolicymanager/troubleshooting/756_3_img2.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/browserrouter.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/browserrouter.md index 26ef78bb92..0a96fcc461 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/browserrouter.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/browserrouter.md @@ -27,3 +27,4 @@ If you want to open an investigation on WHY a machine's Endpoint Policy Manager crashing, open a support ticket and prepare to generate both user and admin logs for investigation. ![378_5_img-03-image009_950x1116](/images/endpointpolicymanager/troubleshooting/378_5_img-03-image009_950x1116.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/clientsideextension.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/clientsideextension.md index 80921f8d99..5f4e5b61a8 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/clientsideextension.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/clientsideextension.md @@ -33,3 +33,4 @@ Client Side Extensions (CSE). [https://aka.ms/vs/16/release/vc_redist.x64.exe](https://aka.ms/vs/16/release/vc_redist.x64.exe) [https://aka.ms/vs/16/release/vc_redist.x86.exe](https://aka.ms/vs/16/release/vc_redist.x86.exe) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/conflictresolved.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/conflictresolved.md index f4a7e1b13b..9d2811dcb2 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/conflictresolved.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/conflictresolved.md @@ -48,3 +48,4 @@ individual policies. As such you might see an undesired "flip flop" behavior whe Security Settings are delivered from multiple sources like Group Policy and Endpoint Policy Manager Cloud. For details on this particular problem see this existing KB: [Why do I sometimes see Endpoint Policy Manager Cloud security settings and sometimes see on-prem GPO security settings?](/docs/endpointpolicymanager/components/admintemplatesmanager/knowledgebase/exportinggrouppolicysecurity/onpremisecloud.md) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/customdialog.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/customdialog.md index 831cb0fa44..27802b02ef 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/customdialog.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/customdialog.md @@ -19,3 +19,4 @@ Note that when the setting is: with no notification. ![780_1_img-01_950x653](/images/endpointpolicymanager/troubleshooting/780_1_img-01_950x653.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/debug.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/debug.md index b84830a8cc..2e5b9dc0eb 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/debug.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/debug.md @@ -30,3 +30,4 @@ correctly. **Step 4 –** After that, reproduce the problem, and run` PPLOGS` as seen in Step 3 [What must I send to Endpoint Policy Manager support in order to get the FASTEST support?](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md) and attach to your support case. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/evaluations.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/evaluations.md index 81ab87d5b7..86c9f55c50 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/evaluations.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/evaluations.md @@ -70,3 +70,4 @@ later. Disabled Value 0 ![880_3_image-20220204232914-3](/images/endpointpolicymanager/troubleshooting/itemleveltargeting/880_3_image-20220204232914-3.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md index a94c8bc145..f30ccc769d 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md @@ -166,3 +166,4 @@ Do not attach in your email, they will be automatically dumped by the email syst - `SRX01234-gpresult-as-ADMIN.html` - `SRX01234-gpresult-as-USER.html` - XMLs, like: `SRX01234-PPAM-Export.XML`, `SRX01234-PPBR.Export.XML`, `SRX01234-PPLPM.Export.XML` + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/forepointdlp.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/forepointdlp.md index 98de1344b2..2863cf9fae 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/forepointdlp.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/forepointdlp.md @@ -11,3 +11,4 @@ You must upgrade to the latest Forepoint DLP client of at least 23.10.5661. This was a bug in Forcepoint. ![982_1_oct-11](/images/endpointpolicymanager/troubleshooting/982_1_oct-11.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/guids.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/guids.md index 1fb2b6d6de..1af97bec7f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/guids.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/guids.md @@ -33,3 +33,4 @@ sidebar_position: 110 | Endpoint Policy Manager Preferences 2.0 Registry | 071E543B-68D3-4886-A2FF-21032C825C0D | 3375 | Only used for searching for data within GPOs; cannot be turned off unless all of GPPRefs 2.0 is disabled. | | Endpoint Policy Manager Shortcuts | 67B2F97B-C990-4590-823F-53246DC8D9D5 | 3467 | Only used for searching for data within GPOs; cannot be turned off unless all of GPPRefs 2.0 is disabled. | | Enterprise Universal Product Component (aka Enterprise Full) | fddb98dd-4668-4742-9b8a-757274b86fc8 | 3557 | Only used for searching for LICENSING data within GPOs; cannot be turned off in Licensing XML file. | + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/hangingprocess.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/hangingprocess.md index cf80130487..8f8a745162 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/hangingprocess.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/hangingprocess.md @@ -55,3 +55,4 @@ You can pre-watch this video on PROCMON here: 12345). **Step 7 –** Upload via SHAREFILE.. do NOT attach to your ticket. This will continue our analysis. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/intelgraphicdriver.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/intelgraphicdriver.md index 0f3e6fcdd4..b91bf47db3 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/intelgraphicdriver.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/intelgraphicdriver.md @@ -23,7 +23,7 @@ not show a UAC prompt, which is needed for the update to install. Resolution 1 See the Scenario 2 section of the -[How can I change the behavior of "Run as Admin" with Endpoint Privilege Manager and how has it changed from previous versions?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipspplpm/runasadmin.md) +[How can I change the behavior of "Run as Admin" with Endpoint Privilege Manager and how has it changed from previous versions?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipspplpm/runasadmin.md) topic for additional information on how to disable the Explicit Elevate option. Resolution 2 @@ -32,7 +32,7 @@ Alternatively, you can import and use the Endpoint Policy Manager Admin Template with this setting already configured. ``` - + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/manual.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/manual.md index 721655c8f1..23e25ad7ae 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/manual.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/manual.md @@ -96,3 +96,4 @@ keys that do not exist. `pplogs_as_user_SRX#.zip` (substitute your Service request number for "SRX#") then upload to the SUPPORT INBOX on SHAREFILE: [https://endpointpolicymanager.sharefile.com/share/getinfo/rc857a57f16b4d4b9](https://endpointpolicymanager.sharefile.com/share/getinfo/rc857a57f16b4d4b9) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/minidumpfiles.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/minidumpfiles.md index f1d0423736..ba3536f75f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/minidumpfiles.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/minidumpfiles.md @@ -19,3 +19,4 @@ The mindump file is automatically created by CSE 750 and later if any of our com encounter a crash.Having the minidump file turned on automatically is a pretty good idea anyway. ![473_1_image007](/images/endpointpolicymanager/troubleshooting/log/473_1_image007.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/pplogsprompt.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/pplogsprompt.md index bc8173fa03..bddd05925c 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/pplogsprompt.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/pplogsprompt.md @@ -24,3 +24,4 @@ where the command will execute on the machine itself. `echo y|pplogs /out:"c:\temp\pplogs_"$env:computername"_admin.zip"` ![934_1_image001_950x736](/images/endpointpolicymanager/troubleshooting/powershell/934_1_image001_950x736.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/procmon.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/procmon.md index cec36d4050..a15b62bc77 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/procmon.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/procmon.md @@ -78,3 +78,4 @@ on SHAREFILE: And remember to click the UPLOAD button! Video KB:[Gathering and Uploading Logs](/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/logs.md) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/registrydebug.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/registrydebug.md index ead644b4ab..22f8a2c842 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/registrydebug.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/registrydebug.md @@ -80,3 +80,4 @@ Support. | Type | REG_DWORD | | Data | ILT cache lifetime in milliseconds. | | Purpose | CSE doesn't re-evaluate ILT filter if it was evaluated less than Lifetime milliseconds ago. When Lifetime is not set in the registry, it defaults to 5000ms (5 seconds). | + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/services.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/services.md index 9a0a8e221b..6664fffd80 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/services.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/services.md @@ -33,7 +33,7 @@ when you use Endpoint Policy Manager to perform the following: - Making sure users only execute allowed applications (PP Least Priv / SecureRun). - Allowing users to [run applications or access settings that require administrative privileges without giving them full - privileges](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html on their + privileges](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html on their system.) (PP Least Priv.) - Manage Java control (PP Java Rules Manager.) @@ -57,3 +57,4 @@ to a corresponding Client Side Extension. Endpoint Policy Manager's components are also architected as Client Side Extensions, but CSEs cannot continue to perform duties in real-time, only services can do that. Therefore, Endpoint Policy Manager has some services to watch over and perform items in realtime. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/settingsrevert.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/settingsrevert.md index c8bb761cc3..fb3613b483 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/settingsrevert.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/settingsrevert.md @@ -48,3 +48,4 @@ This flag must be set or Endpoint Policy Manager cannot revert the item when the applies ![417_3_image008](/images/endpointpolicymanager/troubleshooting/417_3_image008.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/watcherservice.md b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/watcherservice.md index c1b9b70137..f8bab9361e 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/watcherservice.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/watcherservice.md @@ -33,3 +33,4 @@ of 7 processes. An x86 system with TWO users logged in would look like this. ![670_2_2017-11-13_2302](/images/endpointpolicymanager/troubleshooting/490_2_2017-11-13_2302.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/_category_.json index f5151829fd..7851d76a40 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/_category_.json @@ -1 +1,2 @@ {"label":"Videos","position":2,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"videolearningcenter"}} + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/_category_.json index e9a32270d4..88d1b43c91 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/_category_.json @@ -3,4 +3,4 @@ "position": 80, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/applicationsettings.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/applicationsettings.md index f38814aae8..d7185c423c 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/applicationsettings.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/applicationsettings.md @@ -10,4 +10,5 @@ Got apps using Cameyo (cameyo.com?)? Of course you do! Now secure those apps set Endpoint Policy Manager (formerly PolicyPak) and Application Settings Manager. With over 500 preconfigured Paks you can be sure you're covered ! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/browserright.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/browserright.md index 10f45b8dac..c18ba509ef 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/browserright.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/browserright.md @@ -10,4 +10,5 @@ You know some websites require the right browser. Maybe its IE, or Chrome or Fir Netwrix Endpoint Policy Manager (formerly PolicyPak)... its easy for users to get exactly the right browser at the right time. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/startscreen.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/startscreen.md index 8ff891cbf8..368af89d8f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/startscreen.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/startscreen.md @@ -10,4 +10,5 @@ Got Cameyo apps? Want to make it easy for users to know what to click on to laun apps? This shows you how to place specific tiles on the Start Menu (or Taskbar) to launch Cameyo apps, and also open local files as a bonus! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/uacprompts.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/uacprompts.md index f4612694fd..022b276349 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/uacprompts.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/cameyo/uacprompts.md @@ -10,4 +10,5 @@ Cameyo is awesome... but sometimes those apps you publish wont run with standard this video see how Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager can overcome these challenges. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/_category_.json index 2741f7ff3c..0981137f3d 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/_category_.json @@ -3,4 +3,4 @@ "position": 90, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/advancedgrouppolicymanagement.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/advancedgrouppolicymanagement.md index a5097e33a9..e72ba0e925 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/advancedgrouppolicymanagement.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/advancedgrouppolicymanagement.md @@ -11,7 +11,7 @@ If you don't know, Microsoft has a tool called Advanced Group Policy Management, AGPM is a great utility to handle the workflow around Group Policy management. But, to be super clear, AGPM doesn't add any "super powers" to your Group Policy infrastructure. You don't suddenly get more -[https://dev.endpointpolicymanager.com/lockdown-recordings-portal/](https://dev.endpointpolicymanager.com/lockdown-recordings-portal/) +[https://policypak.com/lockdown-recordings-portal/](https://policypak.com/lockdown-recordings-portal/) capability on your Windows client machines. That's what Netwrix Endpoint Policy Manager (formerly PolicyPak) does: we lock down your @@ -19,9 +19,9 @@ applications and operating systems using Group Policy. That being said, however, Endpoint Policy Manager does work with Microsoft AGPM – superbly. So, if you've got Microsoft's AGPM, Endpoint Policy Manager just fits right in, right at -[https://dev.endpointpolicymanager.com/](https://dev.endpointpolicymanager.com/) like the Group Policy items in the box. +[https://policypak.com/](https://policypak.com/) like the Group Policy items in the box. Watch this video (exclusively for Microsoft AGPM administrators) to see exactly how to AGPM and Endpoint Policy Manager work together to provide full reporting, history and rollback capabilities. - + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/gpoadmintool.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/gpoadmintool.md index 9ca524ab4d..2d1376b224 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/gpoadmintool.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/gpoadmintool.md @@ -12,7 +12,7 @@ constructs: check-in, check-out, deploy, differences reports, and more. Check ou you're a Quest GPOADmin customer to see how Endpoint Policy Manager integrates perfectly with your Quest GPOADmin Group Policy management solution. - + ### Endpoint Policy Manager works along Quest's GPOADmin Video Transcript @@ -38,7 +38,7 @@ central storage. We'll just go ahead and select "Endpoint Policy Manager for Moz for fun. We'll go ahead and click on this guy right here, "Mozilla Firefox." We'll change the -[https://dev.endpointpolicymanager.com/](https://dev.endpointpolicymanager.com/) from "about:blank" to "www.web1.com," just +[https://policypak.com/](https://policypak.com/) from "about:blank" to "www.web1.com," just something like that. So we've changed the homepage to "www.web1.com," and we'll go ahead and click "OK." That's it. diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/history.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/history.md index 5e292c0d92..1b68dc9237 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/history.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/history.md @@ -11,4 +11,5 @@ Using this MMC enhancement you can see WHO and WHEN and WHAT Netwrix Endpoint Po like an AGPM and just want to know the basics of if/when something changed AND perform a point-in-time rollback. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/netiq.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/netiq.md index 3957dbb927..519d110054 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/netiq.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/netiq.md @@ -9,7 +9,7 @@ sidebar_position: 40 LLearn how NetIQ’s Group Policy Administrator (GPA) utility adds change management capability to Group Policy and how Endpoint Policy Manager seamlessly integrates with it! - + ### PolicyPak works with NetIQ Group Policy Administrator video transcript @@ -93,3 +93,4 @@ https://www.netwrix.com/sign_in.html?rf=tickets.html#/open-a-ticket. Or if you h particularly on NetIQ’s GPA, their support team is awesome and they’d love to help you. Thanks so very much. We look forward to seeing you soon. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/scriptlogicactiveadministrator.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/scriptlogicactiveadministrator.md index 8471992168..435499ae92 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/scriptlogicactiveadministrator.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/scriptlogicactiveadministrator.md @@ -10,7 +10,7 @@ ActiveAdministrator by ScriptLogic is a great tool for managing your GPOs. The g Endpoint Policy Manager (formerly PolicyPak) is fully compatible with ActiveAdministrator, and works right alongside it. Check out this video see how it all fits together! - + ### PolicyPak works alongside Active Administrator Video Transcript @@ -72,5 +72,5 @@ Administrator user and you are using it for the advanced Group Policy management back up, restore, perform history and do modeling on your GPOs themselves, you're in good company because PolicyPak is going to work with it. -[Thanks](https://dev.endpointpolicymanager.com/resources/thank-you-whitepapers/) so much, and I'll talk to you +[Thanks](https://policypak.com/resources/thank-you-whitepapers/) so much, and I'll talk to you soon. diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/sdmchangemanager.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/sdmchangemanager.md index 1693eaaab6..36934777f7 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/sdmchangemanager.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/sdmchangemanager.md @@ -9,4 +9,5 @@ sidebar_position: 60 Got SDM Change Manager? Want to know if it's compatible with Netwrix Endpoint Policy Manager (formerly PolicyPak)? (Spoiler alert: It is.) See this video to find out ! - \ No newline at end of file + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/_category_.json index d68ff00f59..1570a6372f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/appmasking.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/appmasking.md index 1502813b9c..3805425392 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/appmasking.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/appmasking.md @@ -10,4 +10,5 @@ FSLogix masks and reveals applications, like browsers. Great. Now use Netwrix En Manager (formerly PolicyPak) to set the default browser based upon which browsers are available to the user. Use FSLogix to do the MASKING of BROWSERS, and let Endpoint Policy Manager do the ROUTING. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/broswerright.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/broswerright.md index 355e999040..8e184a01b8 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/broswerright.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/broswerright.md @@ -10,4 +10,5 @@ Got some websites which only render perfectly in IE or Chrome or FF? Then ROUTE upon URLs or patterns. Use FSLogix to do the MASKING of BROWSERS, and let Netwrix Endpoint Policy Manager (formerly PolicyPak)do the ROUTING. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserconfiguration.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserconfiguration.md index 53363c08ec..36010439d3 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserconfiguration.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserconfiguration.md @@ -10,7 +10,7 @@ FSLogix can hide/reveal applications, like browsers. Netwrix Endpoint Policy Man PolicyPak) can actually SET the settings, like homepage and security settings INSIDE your browsers and KEEP them secure. See how Endpoint Policy Manager + FSLogix can work together. - + ### PolicyPak + FSLogix: Setting browser configuration based upon which browser you actually have. @@ -78,3 +78,4 @@ Just like that, PolicyPak is enforcing your settings based upon the browser that machine because of FSLogix. I hope you like this better together story. If you're looking to get started soon, just fill out the form and we'll be in touch and we can get started right away. Thanks so much. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserdefault.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserdefault.md index 2ed05cbbf3..9fd152db60 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserdefault.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/browserdefault.md @@ -9,7 +9,7 @@ sidebar_position: 40 Netwrix Endpoint Policy Manager (formerly PolicyPak) + FSLogix: Set default browser based upon if the browser is masked or revealed. - + ### PolicyPak + FSLogix: Set default browser based upon if the browser is masked or revealed @@ -76,3 +76,4 @@ I hope this helps you out. If you're looking to get started soon, fill out the f you the bits and you can try it out yourself and off to the races. Thanks so much. We'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/elevatingapplications.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/elevatingapplications.md index 06eba03891..22c4226516 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/elevatingapplications.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/elevatingapplications.md @@ -10,7 +10,7 @@ Some applications just don't work properly without admin rights. But DONT give t administrator access! Instead, use FSLogix to hide/reveal apps users need, and use Netwrix Endpoint Policy Manager (formerly PolicyPak) to ELEVATE those applications and situations when needed. - + ### PolicyPak + FSLogix: Elevating applications when needed (and available by FSLogix) @@ -92,3 +92,4 @@ all because the application is being hidden with FSLogix. So there you go. That's the better together story using PolicyPak to elevate applications when needed and use FSLogix to hide them for the guys you don't want to see them. Thanks so much. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/profiles.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/profiles.md index 0170a07b34..bdd73d5426 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/profiles.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/profiles.md @@ -11,7 +11,7 @@ Manager (formerly PolicyPak) helps you go beyond additional Group Policy to mana Taskbar, File Associations, Least Privilege, applications, browsers and more ! This isn't a short video, but it does show the better together story ! - + ### PolicyPak and FSLogix Profiles: Better Together @@ -305,3 +305,4 @@ applications profiles work better together. Looking forward to getting you start products real soon. Thanks so very much and see you soon. Bye-bye. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/startmenu.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/startmenu.md index 74014d6942..942bce69ca 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/startmenu.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/fslogix/startmenu.md @@ -10,12 +10,12 @@ Managing the Windows 10 Start Menu after using FSLogix is a piece of cake with N Policy Manager (formerly PolicyPak). Use FSLogix to hide/expose apps, then use Endpoint Policy Manager to manage those applications on the Start Menu and on the TaskBar. AWESOME! - + ### PolicyPak + FSLogix: Manage the Windows 10 Start Menu Hi. This is Jeremy Moskowitz. In this video, I'm going to show you how you can tame the -[https://www.endpointpolicymanager.com/pp-blog/windows-10-start-screen](https://www.endpointpolicymanager.com/pp-blog/windows-10-start-screen) +[https://www.policypak.com/pp-blog/windows-10-start-screen](https://www.policypak.com/pp-blog/windows-10-start-screen) with PolicyPak and FSLogix better together. In this example, I have a bunch of applications that are installed on the machine, but I'm going to use FSLogix to hide or mask those applications. The things is that you want to put them back with FSLogix for some users and put them into special Start @@ -113,3 +113,4 @@ PolicyPak, great better together story. If you're looking to get started, hit us you the bits and you can get started right away. Thanks so much. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/_category_.json index 7f108a598c..9e55371f98 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/arm.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/arm.md index e9d508a898..c90009357a 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/arm.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/arm.md @@ -8,4 +8,5 @@ sidebar_position: 40 Want to see how Netwrix Endpoint Policy Manager (formerly PolicyPak) works with ARM? Perfectly ! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/editor.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/editor.md index f5b63fd4ac..9dbdba0bce 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/editor.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/editor.md @@ -9,4 +9,5 @@ sidebar_position: 50 Don't want to use the GPMC to create or edit Netwrix Endpoint Policy Manager (formerly PolicyPak) policies? No GPMC, no problem with this included utility! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/freetraining.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/freetraining.md index 3f6601aa7f..d59a8635fc 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/freetraining.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/freetraining.md @@ -9,6 +9,7 @@ sidebar_position: 10 New to Netwrix Endpoint Policy Manager (formerly PolicyPak)? Get started by understanding the Endpoint Policy Manager Portal in this brief tutorial. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/sidexporter.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/sidexporter.md index 479307f99a..2fabde18f0 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/sidexporter.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/sidexporter.md @@ -9,4 +9,5 @@ sidebar_position: 30 Need to quickly get SIDs from on-prem or Azure AD and use them with Netwrix Endpoint Policy Manager (formerly PolicyPak)? Here's the video. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md index b96f729546..fae311ebc8 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/solutionmethods.md @@ -12,7 +12,7 @@ Intune, we've got you covered. Or maybe you're using or nothing at all, where yo Policy Manager Cloud. Watch this technical video to learn about the differences in the Solutions methods and walk away knowing which one(s) you should use. - + Hi, this is Jeremy Moskowitz. If you've made it here, you want to understand the PolicyPak methods. Now you know you can buy in at either the Enterprise or Professional or SaaS levels. Maybe you're a @@ -382,3 +382,4 @@ With that in mind, I hope this has been informative for you. If you have any que personally take your questions. Of course, the sales team is also available to help you through your journey. Thank you very much for being a PolicyPak customer. Looking forward to helping you out real soon. Thanks so very much. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/_category_.json index be32e15c43..b1a6d23f66 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/exporterutility.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/exporterutility.md index a00403fabf..8adce0efd7 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/exporterutility.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/exporterutility.md @@ -11,7 +11,7 @@ PolicyPak) directives if you are using Intune, SCCM, LanDesk, KACE or similar so deployment, and your team doesn't want to use Group Policy but wants to use Endpoint Policy Manager. See this video to see how it's done. - + ### PolicyPak: Deploying PolicyPak directives without Group Policy(PolicyPak Exporter Utility) @@ -23,7 +23,7 @@ service. By now, you've probably seen a lot of great videos showing you a bunch of awesome things that Endpoint Policy Manager can do: delivering settings using Group Policy, giving single applications elevated rights for standard users, you can -[https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites) +[https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites) – all kinds of great things. But what if you aren't using Group Policy? What if you're using SCCM or KACE or LANDESK or you have @@ -97,7 +97,7 @@ right click and "Export Collections as XML." Since I have two, I'll go ahead and "Save" and we're done. With -"[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)," +"[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)," which allows you to kill local admin rights and elevate only the applications you need, you'll create your directives like I've done here. Again, we can right click and "Export as XML," we can "EXPORT COLLECTION," or we can right click and "Export Collections as XML." If we do this, this will @@ -174,3 +174,4 @@ webinar to learn all of the things Endpoint Policy Manager can do. Then we'll ha and you'll be off to the races for your very own trial of Endpoint Policy Manager. Thanks, and we'll see you in the next video. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmendpointpolicymanager.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmendpointpolicymanager.md index e49f57b5ae..a34076884b 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmendpointpolicymanager.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmendpointpolicymanager.md @@ -10,7 +10,7 @@ Do you want to deploy Netwrix Endpoint Policy Manager (formerly PolicyPak) setti idea of using Group Policy to do it? You're in luck–this video tells you how to create, export, and deploy Endpoint Policy Manager magic using your own desktop management system like SCCM or LanDesk! - + ### Deploy PolicyPak Settings Using SCCM or Other Management System @@ -27,11 +27,11 @@ little bit wider. We're going to actually use three different components of the PolicyPak software. Here we go. Let's open up this node. I'm going to use the "Application Settings Manager" to manage some Firefox settings. I'm going to use the -"[https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)" +"[https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)" component here to make sure that my users can't download and run unknown ware, malicious software. And I'm going to use the "Browser Router" to make sure that every URL with the word "Google" in it will open up in Chrome, and I'll use it also to -[https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites](https://www.endpointpolicymanager.com/pp-blog/windows-10-block-websites) +[https://www.policypak.com/pp-blog/windows-10-block-websites](https://www.policypak.com/pp-blog/windows-10-block-websites) like Facebook. Let's start off with the "Application Settings Manager." There are other videos on the website that @@ -39,7 +39,7 @@ will go into greater detail on all of these components. For today, all I want to some settings and then export them and deploy them using not Group Policy. Let's go over here. I want to deliver the setting that I want a particular "Home Page" to be there. -Let's just go with "www.endpointpolicymanager.com." Then let's also say that we can't have users going into +Let's just go with "www.policypak.com." Then let's also say that we can't have users going into incognito mode. Let's go over to "Extras." We're going to "Turn off private browsing," and we'll save that. @@ -118,7 +118,7 @@ here. Now that we've done this, when we go to our settings that used to be ungoverned we'll find out a new thing. Let's open up "Mozilla Firefox" and see what happens. There we go. We have our homepage set -to "www.endpointpolicymanager.com" just like we told it to. When we come here, we can no longer get into the +to "www.policypak.com" just like we told it to. When we come here, we can no longer get into the incognito mode. So we ripped the knob off of that one, we set this homepage, and that was done using the Application Settings Manager. @@ -141,3 +141,4 @@ it using SCCM or KACE or whatever you have. If this is interesting to you, let us know and we'll get you started on a free trial right away. I'll see you in the next video. Thanks for watching. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmgrouppolicy.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmgrouppolicy.md index ec4f749a38..fb3666febc 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmgrouppolicy.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/methods/sccmgrouppolicy.md @@ -11,7 +11,7 @@ something else? Never fear, Netwrix Endpoint Policy Manager (formerly PolicyPak) day by allowing you to deploy Admin Templates, Preferences, and Security Settings to your endpoints by using SCCM, KACE, Altiris, or whatever desktop management system you're already in love with! - + ### Deploy Real Group Policy using SCCM or Other Management System @@ -37,7 +37,7 @@ and "Save" that. There we go. It just dropped it right on the desktop there. The next things we're going to do, the Group Policy Preferences and the Security Settings, are a little bit different. Instead of creating stuff within the "PolicyPak" node, I've done a little prepro on this and I have created "Shortcuts" over on the computer side. It's just a little -"PolicyPak" shortcut. It's going to take you to "www.endpointpolicymanager.com" and the icon is a little +"PolicyPak" shortcut. It's going to take you to "www.policypak.com" and the icon is a little butterfly. I've already created that in "Preferences." What PolicyPak now allows me to do is when I go to @@ -112,11 +112,11 @@ real quick. Again, this would be done silently in the background if you were usi software. I'm just doing it manually for this video. And here we are. We have the butterfly icon that popped up. If we double click it, it's going to -take us to "endpointpolicymanager.com" just like we said. If I'm trying to get back into that "Control Panel," +take us to "policypak.com" just like we said. If I'm trying to get back into that "Control Panel," I'm not going to be able to do it. It has been restricted. Finally, let me just -"[Run as administrator](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html)" +"[Run as administrator](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html)" so we can check out that guest account. All right, let's drill down to "Windows Settings/Security Settings/Local Policies/Security Options." What do you know? "PolicyPakGuest." @@ -128,3 +128,4 @@ If that's interesting to you, get in touch with us and we'll be happy to get you trial right away. I'll see you in the next video. Thanks for watching. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/_category_.json index 07d5677b41..4bf1633dff 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditordemo.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditordemo.md index 96f21a93af..93afaddffc 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditordemo.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditordemo.md @@ -9,4 +9,5 @@ sidebar_position: 10 Want to know what changed in GPO / Netwrix Endpoint Policy Manager (formerly PolicyPak) land using Netwrix Auditor? Check out this demo of how the integration works! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditorsetup.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditorsetup.md index a5a96231ad..40c6f4b20c 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditorsetup.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/netwrixauditor/auditorsetup.md @@ -9,4 +9,5 @@ sidebar_position: 20 Ready to connect Netwrix Endpoint Policy Manager (formerly PolicyPak) and Netwrix Auditor? See these initial setup steps! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/_category_.json index 289c6f8855..30e7620b07 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admx.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admx.md index e60e1e4d76..f37ade8119 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admx.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admx.md @@ -10,4 +10,5 @@ You're likely already excluding your AV and other system software from Netwrix E Manager (formerly PolicyPak). But you can use this ADMX setting to specify which processes Endpoint Policy Manager should exclude. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admxfiles.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admxfiles.md index 12ccb06785..50bd9df68a 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admxfiles.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/admxfiles.md @@ -9,4 +9,5 @@ sidebar_position: 10 Learn how to implement theNetwrix Endpoint Policy Manager (formerly PolicyPak) ADMX trouble-shooting files. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/gpobackup.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/gpobackup.md index 56cf8ae91a..2dfaf25047 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/gpobackup.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/gpobackup.md @@ -9,7 +9,7 @@ sidebar_position: 40 If we need a full GPO backup for troubleshooting, here is the CORRECT process for what we need from you. - + Hi, this is Jeremy Moskowitz. If you're watching this video, it means we've asked you for GPO backup. Here's a Group Policy object that has a bunch of stuff in it. Maybe there's something we @@ -62,3 +62,4 @@ what's going on. I hope this gives you enough to go on. If you're watching this video, that means we need you to back up a Group Policy object, get it to us as a zip in this format with the contents of the backup and the manifested XML file. That way we can take the steps we need to help you out. Thank you very much. Talk to you soon. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/itemleveltargeting.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/itemleveltargeting.md index e8f9ff22e6..628a80cc2f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/itemleveltargeting.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/itemleveltargeting.md @@ -9,10 +9,11 @@ sidebar_position: 70 Use this tool to troubleshoot if a POLICY, COLLECTION or full ROOT with Collections and Policies should apply or not to any particular machine or user. - + :::note This tool only works when the Netwrix Endpoint Policy Manager (formerly PolicyPak) CSE is installed on the machine you wish to perform ILT tests. ::: + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/logs.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/logs.md index a0a2bff990..6e3d8f0de8 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/logs.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/logs.md @@ -10,7 +10,7 @@ If you are experiencing issues with Netwrix Endpoint Policy Manager (formerly Po step is to collect logs for support to review. Follow the steps in this video to correctly gather logs of the issue so support can troubleshoot it quickly. - + See the [What must I send to Endpoint Policy Manager support in order to get the FASTEST support?](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md) @@ -20,3 +20,4 @@ topic for additional information on current support policies and how to get the Use this video for gathering and uploading logs for versions previous to Endpoint Policy Manager v25.4. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/mdm.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/mdm.md index b1740dfd5e..6cfb658b1f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/mdm.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/mdm.md @@ -4,7 +4,7 @@ If you want to bypass any potential licensing issue, test your Cloud or MDM poli exporting them, or set up a home test lab, rename your endpoint to contain the word "computer" in the name. See this concept at work in this video! - + ### PP (All Versions): Testing and Troubleshooting By Renaming an endpoint Computer @@ -47,8 +47,8 @@ for a Group Policy Edition or for the pre-deployment testing for the Cloud or MD All right, and we are back. Let's check and see if this machine is behaving as though it's licensed. See if Process Monitor ("Procmon") will run elevated. There we go. It runs elevated just like we -told it to. If we come over to "Firefox," let's see if it takes us to endpointpolicymanager.com homepage that I -set for it. There we go: "Waiting for www.endpointpolicymanager.com." It looks like it's going to take us there, +told it to. If we come over to "Firefox," let's see if it takes us to policypak.com homepage that I +set for it. There we go: "Waiting for www.policypak.com." It looks like it's going to take us there, and there we have it. All right, so just to prove that I haven't pulled any trickery on you, let's go back and look at my @@ -68,3 +68,4 @@ you have permission from Sales, it's a great way to be able to have just like a some work on. I hope that helps you out, and we'll talk to you soon. Thanks. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/powershell.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/powershell.md index 23671c6509..f2239cd546 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/powershell.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/powershell.md @@ -9,4 +9,5 @@ sidebar_position: 50 Not sure which GPOs contain Netwrix Endpoint Policy Manager (formerly PolicyPak) XMLs? Use our handy PowerShell applet to get to the bottom of where your PP settings are. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/processmonitor.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/processmonitor.md index 1dcfce72c3..013cd86a0f 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/processmonitor.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/processmonitor.md @@ -9,7 +9,7 @@ sidebar_position: 30 Need to show us some details of a problem? If we ask you to use Process Monitor, here's how to download and use it. - + ### Process Monitor 101 @@ -60,3 +60,4 @@ That should give you enough to go on in order to get us a very simple Process Mo then we can go from there and see if we can address your concern. Thank you very much. Talk to you soon. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/unlicense.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/unlicense.md index 92a1ce500e..093b2d12fe 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/unlicense.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/unlicense.md @@ -10,7 +10,7 @@ If directed by Netwrix Endpoint Policy Manager (formerly PolicyPak) support, you some computers up to stop processing some directives by actively un-licensing all components, then re-enabling SOME components. This video shows you how. - + Hi, this is Jeremy. In this video, I'm going to show you how to use the ADMX templates that we have to narrow down troubleshooting. If you're watching this video, it probably means that we asked you @@ -67,3 +67,4 @@ we can just get down and figure out exactly which component it is that's causing ope this video helps you out. Looking forward to getting you fixed, up and running with PolicyPak real soon. Thanks so much. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/_category_.json index e1e400b680..dac3d7501a 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backup.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backup.md index 273192fbe9..8ce2af3873 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backup.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backup.md @@ -10,7 +10,7 @@ Backing up your Netwrix Endpoint Policy Manager (formerly PolicyPak) GPOs is eas existing GPO backup and restore you already know and love. What’s more, you can export your Endpoint Policy Manager configuration and share them with friends or other administrators. - + ### PolicyPak:Backup and Restore and Export and Import video transcript @@ -82,3 +82,4 @@ configuration and import it into another Group Policy Object. So this gives you the ultimate ability to have a corporate-wide standard and then set it once and then dictate it to the particular Group Policy Objects you need, no matter what domain that they’re in. With that in mind, this is Jeremy Moskowitz saying thanks for checking out PolicyPak. Take care. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backupoptions.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backupoptions.md index 650a83a6c2..5cb4f61ad9 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backupoptions.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/upgradingmaintenance/backupoptions.md @@ -6,4 +6,5 @@ sidebar_position: 10 # Endpoint Policy Manager: Backup and Restore Options to Recover from nearly any problem - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/videolearningcenter.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/videolearningcenter.md index b2de90ffe7..49dc07e7d4 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/videolearningcenter.md @@ -80,3 +80,4 @@ See the following Video topics for getting started with Endpoint Policy Manager - [Endpoint Policy Manager Integrates with NetIQ GPA](/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/netiq.md) - [Endpoint Policy Manager and Quest (ScriptLogic) ActiveAdministrator](/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/scriptlogicactiveadministrator.md) - [Endpoint Policy Manager and SDM CHANGE MANAGER](/docs/endpointpolicymanager/gettingstarted/misc/videos/changemanagementutilities/sdmchangemanager.md) + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/_category_.json b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/_category_.json index 19b4abe465..f69ddc3f9e 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/admintemplatemanager.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/admintemplatemanager.md index 11fb0f9f67..de69f26d33 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/admintemplatemanager.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/admintemplatemanager.md @@ -10,4 +10,5 @@ What you DONT want is to have MORE GPOs then you need to for WVD. Use Netwrix En Manager (formerly PolicyPak) Admin Template Manager to make decisions about which settings should hit what machines at what times. Reduce the amount of GPOs at the same time. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/applicationsettings.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/applicationsettings.md index d6050fcd6e..7966934d79 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/applicationsettings.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/applicationsettings.md @@ -10,7 +10,7 @@ WVD is "all about the apps" which is great. Now how do you manage them? We have our website, but this one shows how quickly and easily you can manage your WVD apps using Netwrix Endpoint Policy Manager (formerly PolicyPak). - + Hi. This is Jeremy Moskowitz, former 15-year Group Policy MVP and Founder of PolicyPak Software. In this video, we're going to learn how you can take your Windows Virtual Desktop applications and @@ -54,7 +54,7 @@ Now I'll just right click, "New Application," and I'll pick "PolicyPak for Mozil We'll go ahead and double click on this guy. We have over 500 preconfigured Paks so if there's some particular application you want to manage, chances are we can do it. -If you want to set the "Home Page" to "www.endpointpolicymanager.com," that's great. While we're here, why don't +If you want to set the "Home Page" to "www.policypak.com," that's great. While we're here, why don't we right click and "Lockdown this setting using the same system-wide config file" so users can't be naughty and work around it. We'll go ahead and do that. @@ -81,7 +81,7 @@ are fast enough here, maybe we can see PolicyPak's magic kick in right here. It its thing, but the idea is that PolicyPak runs right alongside with Group Policy at logon time. And when it does, magic occurs. -There you can see, "www.endpointpolicymanager.com" as the default there. If we take a look at some of the other +There you can see, "www.policypak.com" as the default there. If we take a look at some of the other settings that we set, go to "Tools/Options" here, we can see that we've got the "Home page" locked down. We can see that we've got "Never check for updates" the way we want to as well. And then if we go to "Privacy & Security," we've unchecked "Remember logins and passwords for websites." @@ -97,3 +97,4 @@ All right, I hope this video helps you out. Looking forward to getting you start real soon. Thanks. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/browserrouter.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/browserrouter.md index 216ec41c01..21bf832a3b 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/browserrouter.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/browserrouter.md @@ -10,7 +10,7 @@ Got multiple browsers with WVD? Great, we have you covered. See how to get the R RIGHT website with Netwrix Endpoint Policy Manager (formerly PolicyPak) Browser Router and Windows Virtual Desktop ! - + Hi, this is Jeremy Moskowitz, Microsoft MVP and founder of PolicyPak Software. In this video we're going to learn how to get the right browser for the right website. In fact, in previous videos you @@ -145,3 +145,4 @@ it doesn't matter what browser we're in. We're going to smack that down. Again, I hope this video helps you out. I'm looking forward to getting you start with PolicyPak and Windows virtual desktop and Browser Router real soon. Thank you very much. Take care. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateapplication.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateapplication.md index ef86a6b2ad..12487eceec 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateapplication.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateapplication.md @@ -10,7 +10,7 @@ Sometimes and app won't run unless you're running with local admin rights. NOT a Instead, use Netwrix Endpoint Policy Manager (formerly PolicyPak) Least Privilege Manager to elevate applications when needed, and keep Standard Users just that... users and NOT admins. - + Hi. This is Jeremy Moskowitz, former 15-year Group Policy MVP and Founder of PolicyPak Software. In this video, we're going to talk about a Windows Virtual Desktop problem that you can overcome with @@ -79,3 +79,4 @@ Okay, well, with that in mind, I hope this helps you out and gets you past a bun privilege problems using PolicyPak Least Privilege Manager. Thanks so very much for watching and talk to you soon. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateinstall.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateinstall.md index ac948e45cb..628f97a5c9 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateinstall.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/elevateinstall.md @@ -10,7 +10,7 @@ Users cannot auto-update the Remote Desktop app for Windows Virtual Desktop. Wit Policy Manager (formerly PolicyPak) though, this is a slam-dunk. See how users on their own laptops can keep the WVD Remote Desktop app updated themsevles. - + Users cannot auto-update the Remote Desktop app for Windows Virtual Desktop. With Netwrix Endpoint Policy Manager (formerly PolicyPak) though, this is a slam-dunk. See how users on their own laptops @@ -92,3 +92,4 @@ And that's it. Let me go ahead and relaunch it just for fun. The user has then a completed the goal of keeping their own "Remote Desktop" up to date just like that. All right, hope this video helps you out, and continue onward to the next video. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/gettingstarted.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/gettingstarted.md index 3c7539f836..0de501cf84 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/gettingstarted.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/gettingstarted.md @@ -9,7 +9,7 @@ sidebar_position: 10 Before you RUN with Netwrix Endpoint Policy Manager (formerly PolicyPak) & WVD, here's a walk around our internal test lab, so you can see how Endpoint Policy Manager + WVD followup videos will fit in. - + Hi. This is Jeremy Moskowitz, former 15-year Group Policy MVP and Founder of PolicyPak Software. This video is sort of a walk before you run video with PolicyPak and Windows Virtual Desktop. @@ -118,3 +118,4 @@ Okay, that's it for this video. In the next video, you'll see lots of magic tric and Windows Virtual Desktop. Thank you very much for watching, and talk to you soon. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/leastprivilege.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/leastprivilege.md index d5b25e87d9..a3d6a1516b 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/leastprivilege.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/leastprivilege.md @@ -13,4 +13,5 @@ users cannot auto-update the Remote Desktop app for Windows Virtual Desktop. Wit Manager though, this is a slam-dunk. See how users on their own laptops can keep the WVD Remote Desktop app updated themselves. - + + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/startscreen.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/startscreen.md index 050c8b77d6..86c2f65c09 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/startscreen.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/startscreen.md @@ -9,7 +9,7 @@ sidebar_position: 40 WVD is great. But finding the icons to run applications can be hard. Use Netwrix Endpoint Policy Manager (formerly PolicyPak) to add visibility to your icons on the Start Screen and Taskbar! - + Hi. This is Jeremy Moskowitz, former 15-year Group Policy MVP and Founder of Endpoint Policy Manager Software. In this video, we're going to take the Windows Virtual Desktop icons and put them into a @@ -182,3 +182,4 @@ Start Screen & Taskbar Manager. I hope this video helps you out. Looking forward to helping you get started real soon. Thanks a bunch. + diff --git a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/tour.md b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/tour.md index c686e567c3..07e0d792c2 100644 --- a/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/tour.md +++ b/docs/endpointpolicymanager/gettingstarted/misc/videos/windowsvirtualdesktops/tour.md @@ -12,4 +12,5 @@ Additionally, if you have multiple browsers with WVD then we have you covered! S RIGHT browser for the RIGHT website with Endpoint Policy Manager Browser Router and Windows Virtual Desktop! - + + diff --git a/docs/endpointpolicymanager/gettingstarted/overview.md b/docs/endpointpolicymanager/gettingstarted/overview.md index a9d2093bb1..9ea5ea09ba 100644 --- a/docs/endpointpolicymanager/gettingstarted/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/overview.md @@ -36,7 +36,7 @@ Figure 1. Inside the Endpoint Policy Manager Customer Portal. :::note Video: For an overview on how to use the Endpoint Policy Manager Customer Portal and understand subscriptions, please watch the following video: -[https://www.endpointpolicymanager.com/video/endpointpolicymanager-portal-how-to-download-endpointpolicymanager-and-get-free-training.html](https://www.endpointpolicymanager.com/video/endpointpolicymanager-portal-how-to-download-endpointpolicymanager-and-get-free-training.html) +[https://www.policypak.com/video/endpointpolicymanager-portal-how-to-download-endpointpolicymanager-and-get-free-training.html](https://www.policypak.com/video/endpointpolicymanager-portal-how-to-download-endpointpolicymanager-and-get-free-training.html) ::: @@ -141,3 +141,5 @@ MDM provider. - For video overviews of using Endpoint Policy Manager with a UEM tool like SCCM see: Getting Started with Endpoint Policy Manager (Misc) > [Knowledge Base](/docs/endpointpolicymanager/). + + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/_category_.json b/docs/endpointpolicymanager/gettingstarted/overviewinstall/_category_.json index 8b6ba04b1f..a9baf5118f 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overviewinstall" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/clientsideextension.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/clientsideextension.md index 66e0d5e49e..94fb5adfd0 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/clientsideextension.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/clientsideextension.md @@ -115,3 +115,4 @@ Policy Software Installation, it's easy to do. For more information on how to perform an upgrade using Group Policy Software Installation. See the [Upgrading the CSE using GPSI](/docs/endpointpolicymanager/archive/upgrading.md) topic for additional information. + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/downloadcontents.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/downloadcontents.md index a9963350b3..2194d4c319 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/downloadcontents.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/downloadcontents.md @@ -28,3 +28,4 @@ need them past this point. The result will be three unpacked folders looking lik for Application Manager or Production-Guidance. Now that everything is organized, you are ready to begin your installation. + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md index f2a9c4a151..f78db6471a 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/overviewinstall.md @@ -43,3 +43,4 @@ Netwrix Sales for a Endpoint Policy Manager Cloud enablement. Additionally, if you want to try Endpoint Policy Manager for Macintosh, that will also require a discussion with Netwrix Sales. + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/powershell.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/powershell.md index 7123469da6..78073292e1 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/powershell.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/powershell.md @@ -179,3 +179,4 @@ PolicyPak, you can use cmdlets like the following examples: Description automatically generated](/images/endpointpolicymanager/install/endpointpolicymanager_and_powershell_9_850x594.webp) + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/prepareendpoint.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/prepareendpoint.md index ab1503e73e..39f9d5fd60 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/prepareendpoint.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/prepareendpoint.md @@ -78,3 +78,4 @@ topic for further details on validating licensing. See also the [Testing and Troubleshooting By Renaming an endpoint Computer](/docs/endpointpolicymanager/gettingstarted/misc/videos/troubleshooting/mdm.md) topic for further details showing what happens when you rename a computer and how Endpoint Policy Manager reacts. + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/_category_.json b/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/_category_.json index c930e6161f..70d636da54 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "preparemanagementstation" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/preparemanagementstation.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/preparemanagementstation.md index 46429ab9b2..3dcfc2ceae 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/preparemanagementstation.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/preparemanagementstation.md @@ -59,3 +59,4 @@ Additional resources you may be interested in: - [How to create a DC for editing purposes](/docs/endpointpolicymanager/deliverymethods/cloud/videos/testlabbestpractices/createdc.md) - [Admin Console And CSE Installation](/docs/endpointpolicymanager/deliverymethods/grouppolicy/videos/gettingstarted/install.md) + diff --git a/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/specificcomponents.md b/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/specificcomponents.md index cf12d68ea2..6059738b48 100644 --- a/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/specificcomponents.md +++ b/docs/endpointpolicymanager/gettingstarted/overviewinstall/preparemanagementsta/specificcomponents.md @@ -34,3 +34,4 @@ Talk to sales if you need help and/or wish to try Endpoint Policy Manager Cloud Lastly, if you need help and/or wish to try Endpoint Policy Manager cloud you will need to talk with your Netwrix Salesperson. For help, please email [endpointpolicymanagerSales@netwrix.com](mailto:endpointpolicymanagerSales@netwrix.com). + diff --git a/docs/endpointpolicymanager/gettingstarted/quickstart/_category_.json b/docs/endpointpolicymanager/gettingstarted/quickstart/_category_.json index 7ac1777b8f..c97afefc3d 100644 --- a/docs/endpointpolicymanager/gettingstarted/quickstart/_category_.json +++ b/docs/endpointpolicymanager/gettingstarted/quickstart/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md b/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md index 7bf012f082..5307b0315b 100644 --- a/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md +++ b/docs/endpointpolicymanager/gettingstarted/quickstart/cloud.md @@ -13,7 +13,7 @@ Follow the steps below to carry out the Endpoint Policy Manager cloud delivery: **Step 1 –** Install the Endpoint Policy Manager Cloud Client on an example endpoint -Log on to [cloud.endpointpolicymanager.com](http://cloud.endpointpolicymanager.com/) with the credentials provided to you +Log on to [cloud.policypak.com](https://cloud.policypak.com/) with the credentials provided to you via email from Netwrix sales. In the Company tab download the PolicyPak Cloud Client MSI for your PolicyPak Cloud tenant. @@ -54,3 +54,4 @@ If you want to make Endpoint Policy Manager specific settings (like Endpoint Pol Privilege Manager, etc.) via Endpoint Policy Manager Cloud, see the [Endpoint Policy ManagerCloud: How to deploy Endpoint Policy Manager specific settings (using in-cloud editors and exporting from on-prem)](/docs/endpointpolicymanager/deliverymethods/cloud/videos/gettingstarted/endpointpolicymanagersettings.md) video. + diff --git a/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md b/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md index 52fd44ee1b..cc7e781bd6 100644 --- a/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md +++ b/docs/endpointpolicymanager/gettingstarted/quickstart/grouppolicy.md @@ -40,3 +40,4 @@ video to install a license file. Check the [What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) topic to see how to rename a computer or perform alternative licensing. + diff --git a/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md b/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md index 576bc715ca..fb8ec12b8a 100644 --- a/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md +++ b/docs/endpointpolicymanager/gettingstarted/quickstart/mdm.md @@ -41,3 +41,4 @@ video to install an MDM license file. Check the [What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) topic to see how to rename a computer or perform alternative licensing. + diff --git a/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md b/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md index 11ff576855..5aa612eff1 100644 --- a/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md +++ b/docs/endpointpolicymanager/gettingstarted/quickstart/overview.md @@ -9,7 +9,7 @@ sidebar_position: 20 Getting Started First, download the Netwrix Endpoint Policy Manager (formerly PolicyPak) software from the portal at -endpointpolicymanager.com. See the +policypak.com. See the [Endpoint Policy ManagerPortal: How to download Endpoint Policy Manager and get free training](/docs/endpointpolicymanager/gettingstarted/misc/videos/gettingstartedmisc/freetraining.md) topic for video details on downloading. @@ -21,3 +21,4 @@ Use Group Policy for your Quick Start. However, any delivery method may be used as appropriate. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/_category_.json index fa39204c6b..8d26c8fd4c 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/_category_.json index 700bbc7e70..aefa364a3c 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/_category_.json @@ -1 +1,2 @@ {"label":"Manual","position":1,"collapsed":true,"collapsible":true} + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/admxregistry.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/admxregistry.md index e8c5961c80..d1cf412d81 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/admxregistry.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/admxregistry.md @@ -82,3 +82,4 @@ Table 4: Settings to enable diagnostics. | Endpoint Policy Manager GPCR client (admin console) | Enable diagnostics output for Endpoint Policy Manager GPCR | Key: `HKEY_LOCAL_MACHINE\Software\Wow6432Node\Policies\PolicyPak\PPGPCR Client` Values: EnableDiagnostics, DiagnosticsPath | `%LOCALAPPDATA%\PolicyPak\PolicyPak Group Policy Compliance Reporter\Diagnostics` | | Endpoint Policy Manager GPCR server | Enable diagnostics output for Endpoint Policy Manager GPCR server | Key: `HKEY_LOCAL_MACHINE\Software\Wow6432Node\Policies\PolicyPak\PPGPCR Server` Values: `EnableDiagnostics`, `DiagnosticsPath` | `%ProgramData%\PolicyPak\PolicyPak Group Policy Compliance Reporter Server\Diagnostics` | | Endpoint (to downgrade Auditor to older GPRESULT /X method from WMI Method) | None (yet) | Key: `HKEY_LOCAL_MACHINE\Software\Policies\\PolicyPak\PPGPCR Auditor Endpoint` Value: `UseGPResultBasedAuditor = 1` | | + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/auditing.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/auditing.md index 0b098bc1c3..8a683c4083 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/auditing.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/auditing.md @@ -57,3 +57,4 @@ The "Has Audit Task" column is only present when the Endpoint Policy Manager GPC is communicating with a Endpoint Policy Manager GPCR server (clientless auditing mode). ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/clientendpoint.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/clientendpoint.md index 06598a26ab..2edfb87b62 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/clientendpoint.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/clientendpoint.md @@ -135,3 +135,4 @@ computer. Unless there is a perfect match, you will receive a warning, as shown Figure 67. You will receive a warning if there is not a perfect match between the RCT and the target computer. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/_category_.json index fed5f95f34..edb7774ad8 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "concepts" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/concepts.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/concepts.md index b86ce0c943..7184ca3be5 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/concepts.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/concepts.md @@ -8,3 +8,4 @@ sidebar_position: 10 In the sections below, we'll discuss some important GPCR concepts and then jump into the Quickstart guide. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/grouppolicyresults.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/grouppolicyresults.md index 9fbe5a04c8..fbd81ac718 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/grouppolicyresults.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/grouppolicyresults.md @@ -35,3 +35,4 @@ cannot: Endpoint Policy Manager GPCR allows you to define pass/fail settings compliance across your network, providing a metric to test against. Its two modes of operation, pull mode and push mode, are described next. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/overview.md index 8fb042c503..d73d2f939d 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/overview.md @@ -32,3 +32,4 @@ to be on at the time administrators want to query their status. As soon as Group data is automatically delivered to the shared database on the designated Endpoint Policy Manager GPCR server. Additionally, since all data is centrally stored in a server, administrators can share all tests or results. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/_category_.json index aeda5ae471..abf01969f5 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/client.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/client.md index 3bf8f2429e..4239cf6db8 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/client.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/client.md @@ -35,3 +35,4 @@ Server Start menu, as shown in Figure 7. ![gpcr_concepts_and_quickstart_8](/images/endpointpolicymanager/grouppolicycompliancereporter/prepare/gpcr_concepts_and_quickstart_8.webp) Figure 7. Endpoint Policy Manager GPCR in the Start menu. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/configurationwizard.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/configurationwizard.md index 94bebbf86e..9de1d340f7 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/configurationwizard.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/configurationwizard.md @@ -40,3 +40,4 @@ same shared location. To share Endpoint Policy Manager GPCR data, you must utili Policy Manager GPCR server component. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/licensing.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/licensing.md index 2ff596c332..5d947f3cdf 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/licensing.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/licensing.md @@ -115,3 +115,4 @@ the future. Endpoint Policy Manager Sales can send you a working Endpoint Policy Manager GPCR key. To install the key, follow these instructions: [How to install UNIVERSAL licenses for NEW Customers (via GPO, SCCM or MDM)](/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md). + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/overview.md index 393ff6066d..3e3e419bb7 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/overview.md @@ -10,3 +10,4 @@ In this initial Quickstart, we will be using the Endpoint Policy Manager GPCR cl in pull mode only. For information about how use the Endpoint Policy Manager GPCR server in push mode (which enables administrators to store and share data plus perform clientless auditing), see the section called "GPCR Server with Push Mode." + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/trialmode.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/trialmode.md index 954182b20a..40e7bb24d4 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/trialmode.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/prepare/trialmode.md @@ -33,3 +33,4 @@ Manager GPCR client (admin console). That machine can be named anything. In addi already having Group Policy Objects (GPOs) set up on the machines. The contents of those GPOs can be Microsoft ADMX policies, Microsoft security policies, Microsoft Group Policy Preferences settings, or any Endpoint Policy Manager Settings. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/_category_.json index ebd0689a66..29e6e03515 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/history.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/history.md index 74deba5832..dbed2dc33d 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/history.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/history.md @@ -14,3 +14,4 @@ don't want to have to populate the tests or the snapshot again. ![gpcr_concepts_and_quickstart_33](/images/endpointpolicymanager/grouppolicycompliancereporter/mode/pull/gpcr_concepts_and_quickstart_33.webp) Figure 32. The "History" button populates the Results pane with a test scenario you used before. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/overview.md index 17b5166b7d..6e5f2e6ca1 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/overview.md @@ -24,3 +24,4 @@ Figure 11. The Results pane of the GPCR client (admin console). Endpoint Policy Manager GPCR starts on the Snapshots pane. We'll start on this pane and move through each of the panes in the sections below. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/results.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/results.md index 1751a6d9e2..7884261e5e 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/results.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/results.md @@ -55,7 +55,7 @@ the computer-side OK status will indicate which part is out of compliance. Figure 28. Checking the status of a particular computer. -On this computer, the [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com) URL was delivered to the +On this computer, the [www.policypak.com](https://www.policypak.com) URL was delivered to the Desktop; however, two of the settings in the Group Policy Preferences shortcut item were different than those that were tested for. Specifically, the Group Policy Preferences "Action" and "Icon index" types were different on the computer than what was desired in the test. These values are @@ -85,3 +85,4 @@ Figure 31. Anything completely absent from the computer appears in red. Using the Results pane in this way, you can know what Group Policy settings are on a machine, and you can take action to correct it. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/snapshots.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/snapshots.md index 92a06c8ede..e18df596dc 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/snapshots.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/snapshots.md @@ -86,3 +86,4 @@ Figure 18. Renaming a snapshot once taken. At this point, you have a snapshot created for the computer set. Now you're ready to move on to creating tests. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/tests.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/tests.md index 6dfe647db0..56cea30715 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/tests.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/pull/tests.md @@ -52,7 +52,7 @@ Management Editor appears, as shown in Figure 20. Figure 20. A temporary Group Policy Object is created. At this point you can test for thousands of possible conditions. In Figure 19, we're using a Group -Policy Preferences item and making a test to see that [www.endpointpolicymanager.com](http://www.endpointpolicymanager.com) +Policy Preferences item and making a test to see that [www.policypak.com](https://www.policypak.com) (and all related settings within the Preference item) are tested for. When you're done editing your test, click "OK" and close the GPO. Note, you may receive a "Waiting…" @@ -93,3 +93,4 @@ unsupported data is will be ignored during testing. Figure 23. Unsupported data within tests show up within the test contents reports. Now that you have a test (or multiple tests) defined, you can continue onward to the Results pane. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/testsrctorder.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/testsrctorder.md index 1d5fef463c..d3f8830cc4 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/testsrctorder.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/concepts/testsrctorder.md @@ -12,7 +12,7 @@ to the RCT, as shown in Figure 33. In this way you can test for any complex comb Policy, Group Policy Preferences, Application Settings Manager, or Admin Templates Manager settings. Items that are not conflicting and are in different tests are sorted alphabetically within a category. This is why you see [www.GPanswers.com](http://www.GPanswers.com) appear before -[www.endpointpolicymanager.com](http://www.endpointpolicymanager.com) in the example in Figure 33. +[www.policypak.com](https://www.policypak.com) in the example in Figure 33. ![gpcr_concepts_and_quickstart_34](/images/endpointpolicymanager/grouppolicycompliancereporter/gpcr_concepts_and_quickstart_34.webp) @@ -37,3 +37,4 @@ shifted to have higher precedence. As such, the RCT changes to test for Minimum ![gpcr_concepts_and_quickstart_36](/images/endpointpolicymanager/grouppolicycompliancereporter/gpcr_concepts_and_quickstart_36.webp) Figure 35. You can shift a test to a higher precedence. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/eventlogs.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/eventlogs.md index 87cd357f45..a789790ae0 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/eventlogs.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/eventlogs.md @@ -16,3 +16,4 @@ application log. Figure 76. Creating a custom view for Endpoint Policy Manager GPCR events. If asked by Endpoint Policy Manager Support, be prepared to export these events for analysis. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/overview.md index 32225e386a..02dc46f35a 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/overview.md @@ -9,3 +9,4 @@ sidebar_position: 30 This section details tuning Netwrix Endpoint Policy Manager (formerly PolicyPak) GPCR endpoints if the defaults need to be changed. We will also discuss several common problems, solutions, and troubleshooting steps with Endpoint Policy Manager GPCR. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/_category_.json index 2ca7ad9049..63cacb6bc3 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/clientlessauditing.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/clientlessauditing.md index aff324b792..aa8bd843eb 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/clientlessauditing.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/clientlessauditing.md @@ -48,3 +48,4 @@ with. ![gpcr_server_with_push_mode_20](/images/endpointpolicymanager/grouppolicycompliancereporter/mode/push/gpcr_server_with_push_mode_20.webp) Figure 56. Users reporting audit data. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/concepts.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/concepts.md index 1fec138854..a1fc729e3a 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/concepts.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/concepts.md @@ -44,3 +44,4 @@ The server will only accept data from computers which are specifically enabled t via an Active Directory group. This will be discussed in more detail in the next section. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/install.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/install.md index cbadf499a8..0b62928633 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/install.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/install.md @@ -55,3 +55,4 @@ uninstall Endpoint Policy Manager. Then, remove `C:\ProgramData\PolicyPak\PolicyPak Group Policy Compliance Reporter Server` and all subfolders. Additionally, remove the Endpoint Policy Manager Group Policy Compliance Reporter (endpoint) license from the Group Policy Object (GPO). + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/overview.md index 4215c528e5..2ce5c372d8 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/overview.md @@ -35,3 +35,4 @@ Manager GPCR data will not be corrupted when multiple admins try to access it at Endpoint Policy Manager GPCR Server does not require any extra licensing to be used. Only computer endpoints must be licensed for GPCR. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/resultsreports.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/resultsreports.md index 927e51ef78..c5a2abde2d 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/resultsreports.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/resultsreports.md @@ -23,3 +23,4 @@ is always flowing from the endpoint to the server. You can manually pull data fr if you wish. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/_category_.json index 979e38f376..11c8493920 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/auditorpath.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/auditorpath.md index 902e057587..c00b794b66 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/auditorpath.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/auditorpath.md @@ -28,3 +28,4 @@ You may copy the auditor EXE and its related DLLs to another server or get them endpoints to run locally. If you choose to do this, update the path accordingly. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/overview.md index e3669793f4..2895489933 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/overview.md @@ -33,3 +33,4 @@ steps are covered in the following sections. ![gpcr_server_with_push_mode_9](/images/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/gpcr_server_with_push_mode_9.webp) Figure 45. The Audit Setup Wizard. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/selectauditedcomputers.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/selectauditedcomputers.md index c8bc9441b8..87c5212b1d 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/selectauditedcomputers.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/selectauditedcomputers.md @@ -24,3 +24,4 @@ Figure 47. ![gpcr_server_with_push_mode_11](/images/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/gpcr_server_with_push_mode_11.webp) Figure 47. Choosing a self-made Active Directory group containing the computers to audit. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/specifyserver.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/specifyserver.md index b80428db33..b3beee093d 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/specifyserver.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/specifyserver.md @@ -13,3 +13,4 @@ requires the specified port to be open. By installing Endpoint Policy Manager GP ![gpcr_server_with_push_mode_14](/images/endpointpolicymanager/grouppolicycompliancereporter/mode/push/setup/gpcr_server_with_push_mode_14.webp) Figure 50. Specifing the PolicyPak GPCR server name and port. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/taskdelivery.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/taskdelivery.md index 2d1974e6f9..a9f44fa07a 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/taskdelivery.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/setup/taskdelivery.md @@ -33,3 +33,4 @@ Figure 53. The Group Policy Settings Report. can link it to any level (or multiple levels) if you want. The only requirements for endpoints are that they are (a) licensed and (b) contained within the security group specified in the Audited group, as covered in the previous section, "Select Audited Computers." + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/switchmode.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/switchmode.md index 9e921ce778..f3782c7350 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/push/switchmode.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/push/switchmode.md @@ -24,3 +24,4 @@ Troubleshooting." ![gpcr_server_with_push_mode_5](/images/endpointpolicymanager/grouppolicycompliancereporter/mode/push/gpcr_server_with_push_mode_5.webp) Figure 41. The server connection error. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/scheduledtasks.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/scheduledtasks.md index d9f240d6b9..dc107f5076 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/scheduledtasks.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/scheduledtasks.md @@ -29,3 +29,4 @@ the target server (in this case DC), as shown in Figure 75. ![tuning_and_troubleshooting_16](/images/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/tuning_and_troubleshooting_16.webp) Figure 75. Verifying the action is set correctly. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/server.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/server.md index 9446de888f..818d11e989 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/server.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/server.md @@ -23,3 +23,4 @@ Figure 69. Ensuring the firewall is properly configured. If this does not solve the problem, temporarily disable the server's firewall to determine whether requests start to come in. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/_category_.json index 005f1f93b3..25c5146246 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/admx.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/admx.md index 2ac20a2d46..a9d4c016ac 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/admx.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/admx.md @@ -156,3 +156,4 @@ bandwidth. The following options are available for the setting: - Default/Not configured: Runs on the computer side regardless of whether a user is logged in or not - Enabled: Only runs on the computer side when a user is logged in - Disabled: Runs on the computer side regardless of whether a user is logged in or not + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/overview.md index 18c6a0f5df..8c3532a8a3 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/manual/tuning/overview.md @@ -103,3 +103,4 @@ Endpoint Policy Manager GPCR has a problem where bandwidth is constrained betwee DCs, but build 1227 has dramatically improved on this problem. In builds beyond 1227, we will continue working on additional ways to minimize the problem GPresult /x causes over slow links with future releases. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/overview.md b/docs/endpointpolicymanager/gpcompliancereporter/overview.md index d57802cc02..9007313780 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/overview.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/overview.md @@ -42,3 +42,4 @@ Technical information and troubleshooting: ## Getting Started Start with the Manual section to learn the basics and get GP Compliance Reporter installed and configured in your environment. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/technotes/_category_.json index 4616dbde55..8564a201f3 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/_category_.json @@ -1 +1,2 @@ {"label":"Tech Notes","position":20,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"knowledgebase"}} + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/_category_.json index 6997fa359b..da5b56237b 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/basis.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/basis.md index 1447aca398..e304d196ca 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/basis.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/basis.md @@ -9,3 +9,4 @@ sidebar_position: 10 Netwrix Endpoint Policy Manager (formerly PolicyPak) products are always licensed on a per-computer basis. Any desktop, laptop, VDI and/or concurrent Terminal Services/Citrix connections count as a license. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/compliancereports.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/compliancereports.md index 20bf3b80d4..19648ed1b0 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/compliancereports.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/compliancereports.md @@ -13,3 +13,4 @@ via Netwrix Endpoint Policy Manager (formerly PolicyPak) Group Policy Compliance available via the Paid License. The Free License allows reporting on Endpoint Policy Manager products only. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/difference.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/difference.md index 9d031410fc..82a6875662 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/difference.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/difference.md @@ -22,3 +22,4 @@ pushed.) Additionally, when using the PPGPCR Server, you can save and share tests, results, history and reports to be stored centrally on-premise and shared among multiple administrators. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/expire.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/expire.md index 177569253c..ed5e2d62d5 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/expire.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/expire.md @@ -18,3 +18,4 @@ Anytime a computer's Active Directory account is moved to an un-licensed OU, or another domain (or the license simply expires), then Endpoint Policy Manager Group Policy Compliance reporter will stop reporting on those target computers. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/minimum.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/minimum.md index c76491e47a..e6c78d610a 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/minimum.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/minimum.md @@ -8,4 +8,5 @@ sidebar_position: 80 For a quote for Netwrix Endpoint Policy Manager (formerly PolicyPak) Group Policy Compliance Reporter, call us at 800-883-8002 or -click [https://www.endpointpolicymanager.com/licensing-faq-ppgpcr/support-sharing/about-us/contact-us-for-a-trial-download.html](https://www.endpointpolicymanager.com/licensing-faq-ppgpcr/support-sharing/about-us/contact-us-for-a-trial-download.html). +click [https://www.policypak.com/licensing-faq-ppgpcr/support-sharing/about-us/contact-us-for-a-trial-download.html](https://www.policypak.com/licensing-faq-ppgpcr/support-sharing/about-us/contact-us-for-a-trial-download.html). + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/multiyear.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/multiyear.md index 1b897b8799..292b21a2a5 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/multiyear.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/multiyear.md @@ -14,3 +14,4 @@ Every year you get one-year license keys and However, you are still required to and pay for any overage should your computer count increase from last year. We give you a one year key, and when you true up, we give you the key for the next year. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/shareacrossteam.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/shareacrossteam.md index f4f4b409b2..99739f05da 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/shareacrossteam.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/shareacrossteam.md @@ -11,3 +11,4 @@ PolicyPak) Group Policy Compliance Reporter. When the server component is used you can store and share tests, reports and history from a central on-premise server across an entire team of Administrators. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/tool.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/tool.md index 2c006e708e..cf3dda001f 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/tool.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/tool.md @@ -21,3 +21,4 @@ Management tool to perform a "True-Up." We will continue to send email reminders effort to call you if we see you're getting close to lapsing. At the one year anniversary, Endpoint Policy Manager Group Policy Compliance Reporter will stop functioning – unless you get a new license file from us each year. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trial.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trial.md index 1c4f9ac15a..9a924202bd 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trial.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trial.md @@ -8,3 +8,4 @@ sidebar_position: 70 See this article: [What is the fastest way to get started in an Endpoint Policy Manager trial, without running the License Request Tool?](/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trueup.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trueup.md index df7ac789b8..b8bafbd086 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trueup.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/trueup.md @@ -27,3 +27,4 @@ anything for new licenses. However, you are still bound to pay the maintenance amount of computers found in the last three audits. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/types.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/types.md index 12e5c3421c..fcc2b2540d 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/types.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/types.md @@ -36,3 +36,4 @@ The Paid License (which requires a licensing XML file), enables unlimited use of - You can report upon Microsoft Group Policy settings (Group Policy ADM/ADMX settings within the Microsoft "Administrative Templates Node", most Microsoft Group Policy Preferences item types, mostly all Microsoft Group Policy Security Settings) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/userlimit.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/userlimit.md index 4d272269d1..10d61cdc63 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/userlimit.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettinglicensed/userlimit.md @@ -10,3 +10,4 @@ Unlimited Administrators may use the Netwrix Endpoint Policy Manager (formerly P Policy Compliance Reporter console. You only pay for endpoints to report data. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/_category_.json index 7eb735f33a..3eef2a0a44 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/deliveryreports.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/deliveryreports.md index 7f896d07bd..7d7d856c7b 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/deliveryreports.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/deliveryreports.md @@ -21,7 +21,7 @@ What customers typically want to know is: To answer question #1: Use Endpoint Policy Manager Group Policy Compliance Reporter. PPGPCR can tell you "Did your Group Policy & Endpoint Policy Manager settings make it there when using Group Policy as the settings delivery -mechanism." [https://www.endpointpolicymanager.com/products/endpointpolicymanager-compliance-reporter.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-compliance-reporter.html) +mechanism." [https://www.policypak.com/products/endpointpolicymanager-compliance-reporter.html](https://www.policypak.com/products/endpointpolicymanager-compliance-reporter.html) To answer question #2: Use the free Endpoint Policy Manager Cloud reporting tool. The Endpoint Policy Manager Cloud reporting tool can tell you "Did your Endpoint Policy Manager cloud directives @@ -60,3 +60,4 @@ In Endpoint Policy Manager Cloud, the on-prem Endpoint Policy Manager Group Poli Reporter license will look like this… and this is a paid extra for Endpoint Policy Manager Cloud. ![684_1_gpcr-faq-2-img-1](/images/endpointpolicymanager/grouppolicycompliancereporter/684_1_gpcr-faq-2-img-1.webp) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/install.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/install.md index c18fa01ea7..f2733213e0 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/install.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/install.md @@ -132,7 +132,7 @@ profile (e.g. Domain). When installing GPCR, download the latest bits from Endpoint Policy Manager. It is our recommendation that when downloading the latest software version, to grab "everything" (latest bits plus Paks, manuals and guidance). They can be found at -[https://portal.endpointpolicymanager.com/downloads/everything](https://portal.endpointpolicymanager.com/downloads/everything) +[https://portal.policypak.com/downloads/everything](https://portal.policypak.com/downloads/everything) ### GPCR Server @@ -205,3 +205,4 @@ higher. Select "Yes, I confirm" and "Next >" to continue For information on completing the GPCR configuration wizard, setting up Auditing and Licensing, and for general usage, please refer to the manual. In addition, review the KB video [Installing Compliance Reporter Server and Client](/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/install.md) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/scenarios.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/scenarios.md index e28b01fa5e..62c0491b98 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/scenarios.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/scenarios.md @@ -65,3 +65,4 @@ command, and is hardcoded the way it works, and as such, is the bulk of the band We know PPGPCR has this as a problem where bandwidth is constrained between the client and the DCs. We're working on ways to minimize the problem in future releases. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/sqlserver.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/sqlserver.md index 92843c4c50..8ff838a88c 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/sqlserver.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/gettingstarted/sqlserver.md @@ -68,3 +68,4 @@ most current is marked for future deletion. You can tune when this occurs with t setting: ![762_7_image-20191028221305-4_950x726](/images/endpointpolicymanager/requirements/gpocompilancereporter/762_7_image-20191028221305-4_950x726.webp) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/knowledgebase.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/knowledgebase.md index 5f7ccce8df..67d8d87443 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/knowledgebase.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/knowledgebase.md @@ -39,3 +39,4 @@ See the following Knowledge Base articles for Endpoint Policy Manager GP Complia - [When using a remote SQL Server, GPCR Snapshot fails with error "System.InvalidOperationException" and "MSDTC has been disabled" in Debug log](/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexceptionmsdtc.md) - [When does the Auditor process send up events to the server?](/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/processauditor.md) - [How do I turn on enhanced logging for Endpoint Policy Manager Group Policy Compliance Reporter if asked to do so?](/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/logenhanced.md) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/_category_.json index c5b7b877f0..a71f34efae 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/domainmultiple.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/domainmultiple.md index 552e34279b..f6a3a51012 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/domainmultiple.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/domainmultiple.md @@ -98,7 +98,7 @@ Domain 2 and deploy it there 3. Restore GPO to Domain 2 4. This article describes the general process of backing up and restoring GPO's, specifically in the "About Backup and Import (between domains)" section - - [https://www.endpointpolicymanager.com/pp-blog/backing-up-your-gpos-with-and-without-policypak-data-dont-get-burned](https://www.endpointpolicymanager.com/pp-blog/backing-up-your-gpos-with-and-without-policypak-data-dont-get-burned) + [https://www.policypak.com/pp-blog/backing-up-your-gpos-with-and-without-policypak-data-dont-get-burned](https://www.policypak.com/pp-blog/backing-up-your-gpos-with-and-without-policypak-data-dont-get-burned) **Step 3 –** Create an AD group with the SAME NAME as the AD Group in Domain 1 @@ -112,3 +112,4 @@ Domain 2 and deploy it there same name as the primary GPCR domain ![758_3_image-20200130171300-2](/images/endpointpolicymanager/grouppolicycompliancereporter/758_3_image-20200130171300-2.webp) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/logenhanced.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/logenhanced.md index f5a561859c..cae5c89be3 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/logenhanced.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/logenhanced.md @@ -15,7 +15,7 @@ amount of data, this allows a quick turn on and off to limit the amount of ‘ju ## Pre-requisites: Download the .reg update files from -[https://www.endpointpolicymanager.com/pp-files/PPGPCR_Logging.zip](https://www.endpointpolicymanager.com/pp-files/PPGPCR_Logging.zip). +[https://www.policypak.com/pp-files/PPGPCR_Logging.zip](https://www.policypak.com/pp-files/PPGPCR_Logging.zip). After downloading, unzip the files and copy them to the required computer(s): GPCR Server, Client (Admin console), and/or Endpoint. @@ -82,3 +82,4 @@ ticket number (e.g. `SRX0000????-gpcr.zip`) **Step 6 –** Upload to ShareFile link provided by your support rep. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/processauditor.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/processauditor.md index 5926628888..4e914c0ff2 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/processauditor.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/processauditor.md @@ -56,3 +56,4 @@ If you turn on enhanced PPGPCR Auditor logging (as explained in this article) yo - And did the data get sent successfully to the server. ![741_7_image-20200409172758-4_950x475](/images/endpointpolicymanager/troubleshooting/grouppolicycompliancereporter/741_7_image-20200409172758-4_950x475.webp) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/serverside.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/serverside.md index f5399e9894..833dd5349b 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/serverside.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/serverside.md @@ -13,3 +13,4 @@ requested. You do not need to STOP the PPGPCR Server service first. ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexception.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexception.md index c0fd28cbab..6f2508bb26 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexception.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexception.md @@ -50,3 +50,4 @@ of the computers this can also be performed after the uninstall to verify it was removed ::: + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexceptionmsdtc.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexceptionmsdtc.md index 4e47c29cd0..e8bfd4c7a3 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexceptionmsdtc.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/systeminvalidoperationexceptionmsdtc.md @@ -76,3 +76,4 @@ profile (e.g. Domain). ![669_11_image-20200327172830-7](/images/endpointpolicymanager/troubleshooting/error/gpocompilancereporter/669_11_image-20200327172830-7.webp) **Step 4 –** Click OK to save and close + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/unsupporteditem.md b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/unsupporteditem.md index d51656aad2..1272d03a5c 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/unsupporteditem.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/technotes/troubleshooting/unsupporteditem.md @@ -18,3 +18,4 @@ alert similar to what's seen here: The current list of what is supported and not supported is listed in the PPGPCR manual in a table in the first 15 pages. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/videos/_category_.json index ecb52d82cd..b0af8dc0dc 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/_category_.json @@ -1 +1,2 @@ {"label":"Videos","position":10,"collapsed":true,"collapsible":true,"link":{"type":"doc","id":"videolearningcenter"}} + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/_category_.json index a4fd673330..3cf5678aae 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/install.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/install.md index f386767db9..18e04c8429 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/install.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/install.md @@ -8,7 +8,7 @@ sidebar_position: 10 Learn how to quickly license PPGPCR Endpoints, and Server. Then install both and verify that everything is working. - + ## PPGPCR: Installing Compliance Reporter Server and Client @@ -119,3 +119,4 @@ Okay, thank you. I hope this helps you out to get started. We have this all very documented in the manuals. If you have ‘how do I' questions, please post them in the forums and we'll get back to you very, very quickly. And looking forward to getting you started on your journey. Thanks. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepull.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepull.md index 43e0176994..c00bb9840e 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepull.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepull.md @@ -9,7 +9,7 @@ Use Netwrix Endpoint Policy Manager (formerly PolicyPak) GP Compliance Reporter' Standalone" mode to request (interrogate) Group Policy Settings from endpoints. With this method, the PPGPCR server is not used. All new PPGPCR customers should start here. - + ### PPGPCR Standalone Quickstart @@ -140,3 +140,4 @@ this pane right there. I hope that helps you out and gets you quick started with compliance reporter standalone edition. In order to get set up and running and using all the auditing features of the server edition, well that's a separate video. Thanks so much for watching. We'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepush.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepush.md index 78ada443d4..536fb0a05b 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepush.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/modepush.md @@ -11,7 +11,7 @@ Client-less Endpoint Auditing Use this video to set up PPGPCR Server’s Client-less endpoint Push-based auditing. Once set up, all clients will send GP data to the server in real time. - + ### Endpoint Policy Manager GP Compliance Reporter Server: Setting up Client-less Endpoint Auditing @@ -164,3 +164,4 @@ I hope this helps. If you have questions about getting the Compliance Reporter s support ticket https://www.netwrix.com/sign_in.html?rf=tickets.html#/open-a-ticket Thanks so much, and we’ll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/securityenhanced.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/securityenhanced.md index 9f9fd1616a..6d34fe5dd8 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/securityenhanced.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/gettingstarted/securityenhanced.md @@ -7,7 +7,7 @@ sidebar_position: 40 Upgrade PPGPCR Compliance Reporter Server and Client for enhanced AD security. - + Hi, this is Jeremy, and in this video, I'm going to show you how to upgrade your Compliance Reporter server for enhanced and increased security. The current problem is that the Compliance Reporter @@ -79,3 +79,4 @@ This is a big, big security enhancement. Hope this helps you out. Thanks for usi Reporter. Remember, it's free except for reporting on Microsoft settings, so we want you to be sure use it as much as possible to make sure your real Group Policy and PolicyPak settings are making its way out there. Thanks so much and talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/_category_.json index fa13af16ba..c750935477 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/firewallports.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/firewallports.md index c0e5b76f5a..20024c8f50 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/firewallports.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/firewallports.md @@ -8,7 +8,7 @@ sidebar_position: 10 Use this tip to open the required ports in the client machines' firewalls, so the PP GP Compliance Reporter can pull data from your endpoints. - + ### PPGPCR: firewall ports @@ -61,3 +61,4 @@ addresses will allow this inbound remote admin exception and once you do that, y started with the Compliance Reporter and see what's going on there. Use the other videos to figure out how to create tests and to perform results but, hopefully, that gets you off the starting line to get going. Thanks so much and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/_category_.json index ee4e54ed5f..914b850afe 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/existinggpos.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/existinggpos.md index 4b0c19ddc4..0ed26d343a 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/existinggpos.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/existinggpos.md @@ -9,7 +9,7 @@ The Netwrix Endpoint Policy Manager (formerly PolicyPak) Group Policy Compliance you know if your existing settings (from a GPO) have -made it- to a target machine. Watch this video to learn how to utilize an existing GPO as a PPGPCR Test. - + ### Endpoint Policy Manager GP Compliance Reporter: Using an Existing GPO as a test @@ -117,3 +117,4 @@ has, such as Group Policy admin templates or security settings or Group Policy P that's the paid version of the Compliance Reporter. I hope this has been helpful. Thanks so very much, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importgpos.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importgpos.md index 0e4ae156ac..c13482347c 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importgpos.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importgpos.md @@ -8,7 +8,7 @@ sidebar_position: 20 In PPGPCR you now have a way to take one OU, or multiple OUs and keep your tests updated. This video shows you how. - + Hi, this is Jeremy Moskowitz, and in this video, I'm going to show you how you can take lots of different GPOs from across your entire estate here in Active Directory and make them into tests in @@ -67,3 +67,4 @@ then when it's time to test for those things, you now have an all-encompassing s to round trip take those items and bring them into your test world, and you can go generate your results, and you're off to the races. Hope this feature helps you out. Looking forward to getting you started with PolicyPak Group Policy Compliance Reporter real soon. Thanks so much. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importstig.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importstig.md index d87a824ec5..b573a071ea 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importstig.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/using/importstig.md @@ -10,7 +10,7 @@ applications like Java, Firefox, Internet Explorer and more … and make them mo US Government recommendations. See how Endpoint Policy Manager can deliver these settings to your machines and lock them down using Group Policy. - + ### Manage Different Users In The Same OU (And Reduce Number of GPOs) With Endpoint Policy Manager @@ -159,3 +159,4 @@ determine, "Did I really get the settings as delivered by the STIG?" That's what about. Thanks so much for watching, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/videolearningcenter.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/videolearningcenter.md index 90d3464eee..13ef29dea5 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/videolearningcenter.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/videolearningcenter.md @@ -31,3 +31,4 @@ See the following Video topics for Endpoint Policy Manager GP Compliance Reporte ## Troubleshooting - [Open required firewall ports](/docs/endpointpolicymanager/gpcompliancereporter/videos/troubleshooting/firewallports.md) + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/_category_.json b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/_category_.json index ed661a60be..e0dde80799 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/_category_.json +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modeserver.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modeserver.md index 2310a40202..2e5ac9e9d1 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modeserver.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modeserver.md @@ -9,7 +9,7 @@ Why do you need PPGPCR Server mode? Because all your computers' GP Results will place, and you can quickly test to see if you are in compliance or not. Without PPGPCR Server, you simply don't know what's going on with ALL of your users or computers. - + ### PPGPCR: Server Mode @@ -56,3 +56,4 @@ If you want to get started with the Group Policy Compliance Reporter Server, it' go ahead and connect with us, and we'll get you the bits and you can try it real soon. Thanks so much, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modestandalone.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modestandalone.md index cff130208f..6b47314d8c 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modestandalone.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/modestandalone.md @@ -7,7 +7,7 @@ sidebar_position: 30 Quickly see what the PPGPCR Standalone Mode can do for you. - + ### PPGPCR: Standalone Mode @@ -76,3 +76,4 @@ the ability for endpoints to push their data to a central storage location, go a next video. Thanks so much, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewmanager.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewmanager.md index 0b266a197f..cacb60ad90 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewmanager.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewmanager.md @@ -10,7 +10,7 @@ actually made it to your endpoints. With Netwrix Endpoint Policy Manager (former Policy Compliance Reporter, you can be sure that all your machines have your IT Team's desired settings, and no holes in your armor. - + ### Endpoint Policy Manager Group Policy Compliance Reporter: 2 Minute Quick Overview for Managers @@ -44,3 +44,4 @@ Snapshot" and "Generate Results." I know you'll love this tool because it will help you quickly determine which computers are, in fact, in compliance and which aren't, based on the tests you selected. + diff --git a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewtechnical.md b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewtechnical.md index 5f2249e709..d7d9478163 100644 --- a/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewtechnical.md +++ b/docs/endpointpolicymanager/gpcompliancereporter/videos/whatdoesitdo/overviewtechnical.md @@ -10,7 +10,7 @@ PolicyPak) Group Policy Compliance Reporter. You can use it alone, or with your which machines on your network did and did not get the IT and security settings you need for them to get to be compliant. - + ### Endpoint Policy Manager Group Policy Compliance Reporter: 7 Minute Technical Overview for IT Pros @@ -49,7 +49,7 @@ accelerate things for this little demonstration, I have three tests that I've al instance, if I want to verify that the "Screen Saver Password Lock must be ENABLED," and that is called "Password protect the screen saver," you can see it's set to "Enabled." Or you can use Group Policy Preference item, and you can verify things like: Is a particular "URL" like -"www.endpointpolicymanager.com" delivered to the desktop? Or a PolicyPak Application Manager setting, for +"www.policypak.com" delivered to the desktop? Or a PolicyPak Application Manager setting, for instance: Is Java set to very high security ("Set Java Security to Very High")? Creating a new test couldn't be simpler. You can either right click and "Create test." I'll call @@ -95,7 +95,7 @@ Policy Compliance Reporter has actually verified that that's true. If we move back to the "Compliance Reporter," we can then also subtract a test and add another particular test or you can summate tests together.If you want to test for the "Screen Saver Password -Lock must be ENABLED" and PolicyPak must be on the desktop ("Place www.endpointpolicymanager.com on Desktop") +Lock must be ENABLED" and PolicyPak must be on the desktop ("Place www.policypak.com on Desktop") and "Set Java Security to Very High," you can do that very quickly. This represents the thing that you want to make sure is compliant. This is the report of everything @@ -146,3 +146,4 @@ Thanks so much for watching. If you're looking to get started with the Group Pol Reporter, just get in touch with the PolicyPak sales team, and we'll get you started. Thanks so much, and we'll talk to you soon. + diff --git a/docs/endpointpolicymanager/index.md b/docs/endpointpolicymanager/index.md index 61718d7692..3b3fd28aef 100644 --- a/docs/endpointpolicymanager/index.md +++ b/docs/endpointpolicymanager/index.md @@ -6,7 +6,7 @@ sidebar_position: 1 # Netwrix Endpoint Policy Manager (formerly PolicyPak) Documentation -Netwrix Endpoint Policy Manager (formerly PolicyPak) allows you to secure end users wherever they +Netwrix Endpoint Policy Manager (formerly PolicyPak) allows you to secure end users wherever they work and make them more productive with Netwrix endpoint management software. In today's hybrid work environment, users need to access their desktops, laptops and other devices @@ -27,7 +27,7 @@ Comprehensive documentation index for all Endpoint Policy Manager components, or | ![applicationmanager](/images/endpointpolicymanager/applicationmanager.webp) | Application Settings Manager |
  • [Manual](/docs/endpointpolicymanager/components/applicationsettingsmanager/manual/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/applicationsettingsmanager/technotes/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/videolearningcenter.md)
| | ![browserrouter](/images/endpointpolicymanager/browserrouter.webp) | Browser Router |
  • [Manual](/docs/endpointpolicymanager/components/browserrouter/manual/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/browserrouter/knowledgebase/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/browserrouter/videolearningcenter/videolearningcenter.md)
| | ![devicemanager](/images/endpointpolicymanager/devicemanager.webp) | Device Manager |
  • [Manual](/docs/endpointpolicymanager/components/devicemanager/manual/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/devicemanager/knowledgebase/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/devicemanager/videolearningcenter/videolearningcenter.md)
| -| ![leastprivilegemanager](/images/endpointpolicymanager/leastprivilegemanager.webp) | Endpoint Privilege Manager (Windows and Mac) |
  • [Manual](/docs/endpointpolicymanager/components/endpointprivilegemanager/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/videolearningcenter.md)
| +| ![leastprivilegemanager](/images/endpointpolicymanager/leastprivilegemanager.webp) | Endpoint Privilege Manager (Windows and Mac) |
  • [Manual](/docs/endpointpolicymanager/components/endpointprivilegemanager/overview.md)
  • [Videos](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/videolearningcenter.md)
| | ![featuremanagerwindows](/images/endpointpolicymanager/featuremanagerwindows.webp) | Feature Manager for Windows |
  • [Manual](/docs/endpointpolicymanager/components/featuremanager/manual/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/featuremanager/technotes/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/featuremanager/videos/videolearningcenter.md)
| | ![fileassociationsmanager](/images/endpointpolicymanager/fileassociationsmanager.webp) | File Associations Manager |
  • [Manual](/docs/endpointpolicymanager/components/fileassociationsmanager/manual/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/fileassociationsmanager/knowledgebase/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/fileassociationsmanager/videolearningcenter/videolearningcenter.md)
| | ![javaenterpriserulesmanager](/images/endpointpolicymanager/javaenterpriserulesmanager.webp) | Java Enterprise Rules Manager |
  • [Manual](/docs/endpointpolicymanager/components/javaenterpriserules/manual/javaenterpriserules/overview.md)
  • [Tech Notes](/docs/endpointpolicymanager/components/javaenterpriserules/technotes/knowledgebase.md)
  • [Videos](/docs/endpointpolicymanager/components/javaenterpriserules/videos/videolearningcenter.md)
| diff --git a/docs/endpointpolicymanager/installation/_category_.json b/docs/endpointpolicymanager/installation/_category_.json index fa2bd96f9a..96ad0949df 100644 --- a/docs/endpointpolicymanager/installation/_category_.json +++ b/docs/endpointpolicymanager/installation/_category_.json @@ -3,4 +3,4 @@ "position": 15, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/_category_.json index d92c78eb54..63873d39b4 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/_category_.json index 39d893ae13..642cde10c9 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/_category_.json @@ -3,4 +3,4 @@ "position": 100, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/restoredetails.md b/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/restoredetails.md index 9d1890c7d0..e4f53c26a5 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/restoredetails.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/backupandrestore/restoredetails.md @@ -26,3 +26,4 @@ Then you can use this file from the backup, and perform an "Import from XML" lik Note this might not work for all types of Endpoint Policy Manager items, like Endpoint Policy Manager Application Settings Manager; but should work in most cases. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/_category_.json index 812bef8c64..e32f62bb68 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/adminconsole.md b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/adminconsole.md index c5e796becd..95ea373b59 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/adminconsole.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/adminconsole.md @@ -34,3 +34,4 @@ Point 3 is needed for Endpoint Policy Manager Application Settings Manager (PPAS So, nothing is ever needed to be installed on DCs. And nothing is ever required to be running on DCs. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/methods.md b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/methods.md index fbce43e55e..c297598db4 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/methods.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/methods.md @@ -47,3 +47,4 @@ Now you are ready to install the Endpoint Policy Manager Admin Console MSI, whic Endpoint Policy Manager node within the Group Policy Editor. ![268_7_img-04_950x743](/images/endpointpolicymanager/install/268_7_img-04_950x743.webp) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/node.md b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/node.md index 782375bc32..30509bec65 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/node.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/node.md @@ -12,3 +12,4 @@ PolicyPak) on Windows 7. For users running Windows 8 and later, ensure you have .Net Framework 4.0 or higher installed on your management station. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/savesettings.md b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/savesettings.md index fa6610b1b3..45667571db 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/savesettings.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/gpoinitialinstall/savesettings.md @@ -14,3 +14,4 @@ Apply this KB to apply to all your DCs: [https://support.microsoft.com/en-us/kb/2791372](https://support.microsoft.com/en-us/kb/2791372) Then retry the Netwrix Endpoint Policy Manager (formerly PolicyPak) operation. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/_category_.json index a506889fd9..79ef781d54 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/assignmentremovalfailed.md b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/assignmentremovalfailed.md index 0b6c60e265..67602f9298 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/assignmentremovalfailed.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/assignmentremovalfailed.md @@ -18,3 +18,4 @@ message is generated in the System Event log: To resolve this error, uncheck "Make this 32-bit X86 application available to Win64 computers" checkbox for the 32bit Endpoint Policy Manager Client-Side Extension in the Group Policy Software Deployment policy. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/computersidersop.md b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/computersidersop.md index 0710867bbc..7812c09f72 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/computersidersop.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/computersidersop.md @@ -37,3 +37,4 @@ COMPUTER side RSOP..) The final result will be that THIS USER can now see the COMPUTER SIDE RSOP. ![560_9_img-05](/images/endpointpolicymanager/troubleshooting/560_9_img-05.webp) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/gpsvcfailed.md b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/gpsvcfailed.md index b8968af746..dc372858b4 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/gpsvcfailed.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/gpsvcfailed.md @@ -22,3 +22,4 @@ There is more information at the Microsoft website: [https://support.microsoft.com/en-us/help/2976660/first-logon-fails-with-the-universal-unique-identifier-uuid-type-is-no](https://support.microsoft.com/en-us/help/2976660/first-logon-fails-with-the-universal-unique-identifier-uuid-type-is-no) ![20_1_sdgdfhfgnfjfghjfghjfghjfghj](/images/endpointpolicymanager/troubleshooting/error/20_1_sdgdfhfgnfjfghjfghjfghjfghj.webp) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/newversionissues.md b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/newversionissues.md index 5049c4ad44..31103fa698 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/newversionissues.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/newversionissues.md @@ -58,10 +58,11 @@ build and this build. Yes? → As ADMIN.. Run `PPLOGS` and send us PPLOGS (renam - Do NOT run with the Driver disabled in Production. - This will stop much of Endpoint Policy Manager's inner workings such as: - Endpoint Policy Manager - [https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) (completely). + [https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) (completely). - Endpoint Policy Manager Application Manager (Reapply on launch.) - Endpoint Policy Manager Browser Router (FF extension installation in some cases). - Endpoint Policy Manager Applock. - Endpoint Policy Manager File Associations Manager. … And possibly other items. ![175_1_image002](/images/endpointpolicymanager/troubleshooting/install/175_1_image002.webp) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/slowlogins.md b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/slowlogins.md index 8c031d8a91..1c94bede20 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/slowlogins.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/slowlogins.md @@ -169,3 +169,4 @@ version for you to test. **Step 4 –** Here is how to get us log files and results reports (perform EVERY step):[What must I send to Endpoint Policy Manager support in order to get the FASTEST support?](/docs/endpointpolicymanager/gettingstarted/misc/knowledgebase/troubleshooting/fastsupport.md) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/uninstall.md b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/uninstall.md index 11b51144e9..57335eec5d 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/uninstall.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/installandupgrade/uninstall.md @@ -30,7 +30,7 @@ If the procedure from Microsoft's article is unsuccessful, try the following ste **Step 1 –** Remove existing CSE version to allow a re-installation of the newest CSE, download MSICUU from this link: -[https://www.endpointpolicymanager.com/pp-files/msicuu2.zip](https://www.endpointpolicymanager.com/pp-files/msicuu2.zip) +[https://www.policypak.com/pp-files/msicuu2.zip](https://www.policypak.com/pp-files/msicuu2.zip) **Step 2 –** Then launch it and select the CSE version and click **Remove**. @@ -56,7 +56,7 @@ tool, either version will work. Once the new CSE is deployed to the remainder of your machines, follow these steps. **Step 1 –** Download our -[`MSIZAP` and batch file](https://www.endpointpolicymanager.com/pp-files/ppMSIzapscript-4191.zip). +[`MSIZAP` and batch file](https://www.policypak.com/pp-files/ppMSIzapscript-4191.zip). :::note `MSIZAP` is a command line version of `MSICUU` that was used in the previous steps.. @@ -94,3 +94,4 @@ yield more success, according to at least one customer report. The machines are now updated with a new CSE. If this solution was unsuccessful, contact your Netwrix support representative for additional assistance. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/installation/knowledgebase/knowledgebase.md index 066d466118..d1ad6245cf 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/knowledgebase.md @@ -74,3 +74,4 @@ See the following Knowledge Base articles for all things installation and upkeep - [How do I uninstall Endpoint Policy Manager?](/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall.md) - [How to Rollback CSE version from newer to older using PowerShell](/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/rollback.md) - [How can I uninstall the Least Privilege Manager client for MacOS?](/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall_1.md) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/_category_.json index 5634b9349d..e354bfe910 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/pdqdeploy.md b/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/pdqdeploy.md index 4a70c6d3b9..1d56873eac 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/pdqdeploy.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/methodpdqdeploy/pdqdeploy.md @@ -42,7 +42,7 @@ Manager node. This is super easy. You probably want to do this step by hand. You Deploy to do it, but just to make things easier for this demonstration, I just want to go to the downloaded Endpoint Policy Manager, which you get my contacting Endpoint Policy Manager first of all. Then you go to the "Admin Console MSI for all On-Prem -[https://dev.endpointpolicymanager.com/products/](https://dev.endpointpolicymanager.com/products/)," and you just install +[https://policypak.com/products/](https://policypak.com/products/)," and you just install the admin. I'm pretty sure this machine is x86, right?. diff --git a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/_category_.json index 7e8b8f2bd2..d1dbfce5a0 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/bitversion.md b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/bitversion.md index 85b1e982dc..81b2676f6d 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/bitversion.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/bitversion.md @@ -11,3 +11,4 @@ utilizing Group Policy to push out the Endpoint Policy Manager Client Side Exten you can even configure a GPO to automatically deliver the correct version to each computer by using the WMI filters option that is built into Group Policy.But even if you don't — nothing "bad" will happen. The installation simply won't "incorrectly" occur. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/outlook.md b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/outlook.md index b1c5b26ba3..bd1d87c3e5 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/outlook.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/outlook.md @@ -10,3 +10,4 @@ For anyone experiencing the Outlook To-Do bar flashing when GP or PP does a back has released KB3191883 May 2018 which solves that issue. [https://support.microsoft.com/en-us/help/3191883/may-2-2017-update-for-outlook-2016-kb3191883](https://support.microsoft.com/en-us/help/3191883/may-2-2017-update-for-outlook-2016-kb3191883) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/why.md b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/why.md index bb3702ae34..d4844433ed 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/why.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/why.md @@ -48,3 +48,4 @@ Group Policy itself), or SCCM, or installing it into your core image. Once deployed to clients, Endpoint Policy Manager's CSE starts working and embraces Endpoint Policy Manager directives. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/windows7.md b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/windows7.md index a7ae9146cc..d219c91b94 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/windows7.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/miscquestions/windows7.md @@ -12,10 +12,11 @@ algorithm that un-patched Windows 7 doesn't understand. So to get Endpoint Policy Manager Application Settings Manager Re-apply on Launch to work, Group Policy Preferences Scheduled Tasks, and Endpoint Policy Manager - [https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) to + [https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) to work as expected, Windows 7 requires and updated patch. For Endpoint Policy Manager to work as expected on Windows 7, Windows 7 requires [https://www.microsoft.com/en-us/download/details.aspx?id=46148](https://www.microsoft.com/en-us/download/details.aspx?id=46148) for 64-bit and requires 32-bit [https://www.microsoft.com/en-pk/download/details.aspx?id=46078](https://www.microsoft.com/en-pk/download/details.aspx?id=46078) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/_category_.json index 19f3f9f233..0bd40ff079 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/sccm.md b/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/sccm.md index a55461e0f9..fb00b0f44c 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/sccm.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/sccminitialinstall/sccm.md @@ -37,3 +37,4 @@ Do {$ieCheck = Get-Process iexplore -ErrorAction SilentlyContinueIf ($ieCheck -e {msiexec /i ‘PolicyPak Client-Side Extension x64.msi' /q#Write-Host ‘Installing'Start-Sleep -s 600Exit}else  {#Write-Host ‘IE Open'Start-Sleep -s 600}} while ($ieCheck -ne $null) ``` + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/_category_.json index bc74fae5f9..f86bde2611 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/_category_.json @@ -3,4 +3,4 @@ "position": 110, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/rollback.md b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/rollback.md index 4d7c919bb1..1840871557 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/rollback.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/rollback.md @@ -88,3 +88,4 @@ Troubleshooting: Logs for the Rollback process and MSI install process can both be found in `"C:\Temp\PP_CSE"` once the script has executed. + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall.md b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall.md index 0361e29170..948ccf73ed 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall.md @@ -49,3 +49,4 @@ continue onward. For more information on this process, please see Finally, there is a specific cosmetic issue with regards to Endpoint Policy Manager Browser Router removal and Default Browser. For more information on this issue and how to deal with it, please see [When I unlicense or remove Endpoint Policy ManagerBrowser Router from scope,Endpoint Policy Manager Browser Router Agent still shows as OS "default browser". Why is that and is there a workaround?](/docs/endpointpolicymanager/components/browserrouter/knowledgebase/installation/defaultbrowser.md). + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall_1.md b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall_1.md index c04ea5c346..74d40226cc 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall_1.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/uninstallation/uninstall_1.md @@ -18,3 +18,4 @@ Please note that this command must be run by an administrator of the computer  The outcome should be as follows: ![931_1_image-20221216000132-1](/images/endpointpolicymanager/troubleshooting/leastprivilege/931_1_image-20221216000132-1.webp) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/updating/_category_.json b/docs/endpointpolicymanager/installation/knowledgebase/updating/_category_.json index 7730b87278..2a1e563af3 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/updating/_category_.json +++ b/docs/endpointpolicymanager/installation/knowledgebase/updating/_category_.json @@ -3,4 +3,4 @@ "position": 90, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/knowledgebase/updating/config.md b/docs/endpointpolicymanager/installation/knowledgebase/updating/config.md index f95a6ed071..2dd00c04d8 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/updating/config.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/updating/config.md @@ -113,3 +113,4 @@ following two Endpoint Policy Manager On-Prem Suite's log files: - Additional logs (to see if the CSE is finding the `update.config` file at all) are found in `%programdata%\endpointpolicymanager\ppWatcher.log` (for 32-bit machines) or `%programdata%\endpointpolicymanager\ppWatcher_x64.log` (for 64-bit machines). + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/updating/datadirectives.md b/docs/endpointpolicymanager/installation/knowledgebase/updating/datadirectives.md index 2bbbe2a9b3..7b9c24d841 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/updating/datadirectives.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/updating/datadirectives.md @@ -25,3 +25,4 @@ An example output can be seen below, which returns all the GPOs and which Endpoi Client Side Extension data types are inside them. ![548_2_gpe-fag-06-img-02](/images/endpointpolicymanager/troubleshooting/powershell/548_2_gpe-fag-06-img-02.webp) + diff --git a/docs/endpointpolicymanager/installation/knowledgebase/updating/ringsupgrade.md b/docs/endpointpolicymanager/installation/knowledgebase/updating/ringsupgrade.md index 048899d389..ef2ad2305f 100644 --- a/docs/endpointpolicymanager/installation/knowledgebase/updating/ringsupgrade.md +++ b/docs/endpointpolicymanager/installation/knowledgebase/updating/ringsupgrade.md @@ -217,3 +217,4 @@ following two Endpoint Policy Manager On-Prem Suite's log files: 2. Additional logs (to see if the CSE is finding the `update.config` file at all) are found in `%programdata%\endpointpolicymanager\ppWatcher.log` (for 32-bit machines) or `%programdata%\endpointpolicymanager\ppWatcher_x64.log` (for 64-bit machines). + diff --git a/docs/endpointpolicymanager/installation/videolearningcenter/_category_.json b/docs/endpointpolicymanager/installation/videolearningcenter/_category_.json index cb657b91c6..c96de79669 100644 --- a/docs/endpointpolicymanager/installation/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/installation/videolearningcenter/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/_category_.json b/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/_category_.json index 2ab35f133d..6045a7fad4 100644 --- a/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/_category_.json +++ b/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/autoupdate.md b/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/autoupdate.md index 3758931b71..713d6bb72e 100644 --- a/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/autoupdate.md +++ b/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/autoupdate.md @@ -9,7 +9,7 @@ Starting in build 545, you can silently update the PP CSE anytime you want. You Netwrix Endpoint Policy Manager (formerly PolicyPak) Central Store, or a share of your choice. In this video, we'll explore exactly how to demonstrate the new PP Automatic updates. - + :::note Extra details are covered in Appendix A of the PP Quickstart and User guide. @@ -131,3 +131,4 @@ questions, we're here for you. Please go to the support forums, and we'll look f you out. Thanks so much. Take care. + diff --git a/docs/endpointpolicymanager/installation/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/installation/videolearningcenter/videolearningcenter.md index 6fe776c873..50d131d7e5 100644 --- a/docs/endpointpolicymanager/installation/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/installation/videolearningcenter/videolearningcenter.md @@ -11,3 +11,4 @@ See the following Video topics for all things installation and upkeep. ## Method GPO (and Active Directory): Keeping up to date - [Auto-updating the CSE](/docs/endpointpolicymanager/installation/videolearningcenter/methodgpoandad/autoupdate.md) + diff --git a/docs/endpointpolicymanager/knowledgebase/_category_.json b/docs/endpointpolicymanager/knowledgebase/_category_.json index aa816f1619..b49861294d 100644 --- a/docs/endpointpolicymanager/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/knowledgebase/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/_category_.json b/docs/endpointpolicymanager/licensing/_category_.json index 4ee464b6ef..6de9a9ad01 100644 --- a/docs/endpointpolicymanager/licensing/_category_.json +++ b/docs/endpointpolicymanager/licensing/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/_category_.json index d92c78eb54..63873d39b4 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "knowledgebase" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/_category_.json index 256db08f98..03f211b814 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/_category_.json @@ -3,4 +3,4 @@ "position": 75, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/components_2.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/components_2.md index 382628ad3c..51e098ffaf 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/components_2.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/components_2.md @@ -248,3 +248,4 @@ When Endpoint Policy Manager Device Manager becomes unlicensed, it will: - Not honor new Endpoint Policy Manager Device Manager policies - Any removable drive protections are stopped and existing rules will be unenforced, basically reverting it back to normal Windows' in-box behavior + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentscloud.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentscloud.md index 15bfe706a9..418108df93 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentscloud.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentscloud.md @@ -41,3 +41,4 @@ result should be similar to this example, where you can see the license is valid (in this case Browser Router) is prevented from being licensed by a policy. ![188_7_img-2_950x649](/images/endpointpolicymanager/license/unlicense/188_7_img-2_950x649.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentsexclude.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentsexclude.md index 2d94985257..1f376d26ce 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentsexclude.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/componentsexclude.md @@ -143,3 +143,4 @@ After the computer picks up the new license (via GPO, MDM, etc.) you can verify The result of modified components via blocked license can be seen in this example. ![748_5_image-20230820022159-5_950x814](/images/endpointpolicymanager/license/unlicense/748_5_image-20230820022159-5_950x814.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/fileold.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/fileold.md index 999215f6dc..b4fa5a069b 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/fileold.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/fileold.md @@ -23,3 +23,4 @@ instructions on how to install your new license. See [Using LT for license cleanup](/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/cleanup.md) for additional information on how to use our LT to help you do a Deep search for licenses and help you automatically clean up + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/forceddisabled.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/forceddisabled.md index cb012952ed..8e3a528722 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/forceddisabled.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/forceddisabled.md @@ -170,3 +170,4 @@ then PolicyPak Preferences will always be unlicensed and disabled (even if the a In the future, we plan for Endpoint Policy Manager Preferences to evolve to enable co-existence from multiple sources. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/options.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/options.md index fa651a0997..f25b4d388e 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/options.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/options.md @@ -93,3 +93,4 @@ method. So as per the EULA, you must manually state if you plan to use Endpoint Terminal Services sessions and add that number to the computer count. ::: + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/reset.md b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/reset.md index ce51e857a5..4d7197d253 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/reset.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/activedirectorygposccm/reset.md @@ -49,3 +49,4 @@ Test-ComputerSecureChannel -Repair -Server PDCEmulatorName -Credential Domain\Us See this article from PCPMag, [Rejoin a Computer from a Domain In One Easy Step!](https://mcpmag.com/articles/2015/03/05/rejoin-a-computer-from-a-domain.aspx) for information on alternate steps. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/_category_.json index 0f65ce0fde..7d92377dc8 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/disabledcomputer.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/disabledcomputer.md index 9a824845aa..ad6ecb9b08 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/disabledcomputer.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/disabledcomputer.md @@ -9,3 +9,4 @@ sidebar_position: 90 No, the Netwrix Endpoint Policy Manager (formerly PolicyPak) licensing tool automatically excludes any disabled computer accounts, as well as computers that have the word computer included within their name (which is our trial mode.). + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domain.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domain.md index 7f605b6f56..e5cf740f4a 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domain.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domain.md @@ -21,3 +21,4 @@ What happens then if you add OUs mid-year? - If you pick option 2, you would need to re-run the tool mid-year if you update OUs. But it doesn't cost you anything, unless you increase a lot of machines mid-year (20% of your current count). We would call that a mid-year true up. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainmultiple.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainmultiple.md index 148ba579cb..d4547e2bc4 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainmultiple.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainmultiple.md @@ -17,3 +17,4 @@ We then create licensing keys, one for each domain. See [How to install UNIVERSAL licenses for NEW Customers (via GPO, SCCM or MDM)](/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainou.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainou.md index 13f7817ae7..26a24867cb 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainou.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/domainou.md @@ -22,3 +22,4 @@ See how PP Application Manager Paks can be stored in a share. ::: + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/enforced.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/enforced.md index b2d2595f23..c76a32cf14 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/enforced.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/enforced.md @@ -20,3 +20,4 @@ Below all Endpoint Policy Manager Licenses are contained within one GPO. But you licensing GPOs, all which need to be enforced. ![168_1_image0013](/images/endpointpolicymanager/license/activedirectory/168_1_image0013.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/gpoedit.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/gpoedit.md index dab562f00e..0733cd1707 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/gpoedit.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/gpoedit.md @@ -26,3 +26,4 @@ controllers. See [Using Shares to Store Your Paks (Share-Based Storage)](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/shares.md) for additional information on using shares with Endpoint Policy Manager Admin Templates Manager. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ou.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ou.md index 595bd19be5..13189c9c62 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ou.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ou.md @@ -8,3 +8,4 @@ sidebar_position: 20 If Sales Comptuers OU is licensed, and you want to also license Marketing Computers OU, that's fine. Re-Run your licensing tool, and perform a mid-year True Up. You only need to pay for overage. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ousub.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ousub.md index b145008ce0..c1ca813118 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ousub.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/ousub.md @@ -12,3 +12,4 @@ automatically. This means you can create and/or delete as many OUs within your l wish. This makes our licensing structure highly flexible and worry-free. At the time of your Endpoint Policy Manager license renewal date you will have the opportunity to true up, but, again, this would only be for additional computer accounts within your AD structure. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/scope.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/scope.md index 279d02388d..1d250ee76a 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/scope.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/scope.md @@ -142,3 +142,4 @@ installed. Without the CSE installed, Endpoint Policy Manager directives are ign because there's a GPO linked to the domain doesn't mean that computers will be able to do anything. They have to be in scope of management and also have the CSE installed to pick up Endpoint Policy Manager directives. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/server.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/server.md index 48ebf7d337..1a9ba12b9e 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/server.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/server.md @@ -9,3 +9,4 @@ sidebar_position: 10 There are absolutely no servers involved in the licensing process for Netwrix Endpoint Policy Manager (formerly PolicyPak), so you will not need a license server. Licenses are contained within a Group Policy Object and are typically linked to the domain, but can be linked to a specific OU. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/users.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/users.md index 4658b18bea..39c513b131 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/users.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/users.md @@ -11,3 +11,4 @@ a computer is licensed for Endpoint Policy Manager, all/any users logged on that receive all computer and user GPOs involving Endpoint Policy Manager. This means that the users and computers can reside in separate OUs within your Active Directory structure. Only the computer needs to be licensed. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/wizard.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/wizard.md index 8f3189237c..98326fb367 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/wizard.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqactivedirectory/wizard.md @@ -73,3 +73,4 @@ when providing your license request key before your licenses are cut. ![69_7_image011](/images/endpointpolicymanager/license/activedirectory/69_7_image011.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/_category_.json index e1fd0150a1..f98a189ecd 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/billing.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/billing.md index b282670162..8a1d7f39d0 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/billing.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/billing.md @@ -59,3 +59,4 @@ June: - On June 30th you install the Endpoint Policy Manager Cloud Client on 100 computers, bringing your consumption to 250. - We will automatically bill you June 30th for the 250 licenses you used in June. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/licensestatus.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/licensestatus.md index 568240832c..f0b894558c 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/licensestatus.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/licensestatus.md @@ -46,3 +46,4 @@ the waiting list. You will see the computer name, OS, last known IP address, las the status of the machine. Under Status you'll see either Active, indicating that the computer has correctly consumed a license, or Waiting List (Check in overdue)\], which indicates that the computer attempted to consume a license, but there were none available. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/notifications.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/notifications.md index 960fc0259f..38cf2a1ce3 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/notifications.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/notifications.md @@ -15,3 +15,4 @@ Uncheck **Send a weekly report of inactive computers to all company admins**. Al also change the Threshold. ![613_2_hfkb-1089-img-02_950x609](/images/endpointpolicymanager/license/cloud/613_2_hfkb-1089-img-02_950x609.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/onpremise.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/onpremise.md index eac99e7152..a21cff5134 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/onpremise.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/onpremise.md @@ -29,3 +29,4 @@ enable the Group Policy Method, you need to transition from Endpoint Policy Mana Policy Manager Enterprise Edition or Endpoint Policy Manager Professional Edition. You can still manage Active Directory joined machines, but you must use the Endpoint Policy Manager Cloud delivery mechanism to perform the operation, and not Active Directory / GPO. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/reclaimed.md b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/reclaimed.md index 3e360a629d..3594fdaac1 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/reclaimed.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/faqcloud/reclaimed.md @@ -20,3 +20,4 @@ then one of two things happens: So, in practice, if you have any available licenses in the Endpoint Policy Manager cloud pool, when computers re-connect, they'll simply pick right back up again where they left off. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/installing/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/installing/_category_.json index 636e108450..791e01f9de 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/installing/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/installing/_category_.json @@ -3,4 +3,4 @@ "position": 60, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/installing/filemultiple.md b/docs/endpointpolicymanager/licensing/knowledgebase/installing/filemultiple.md index 889277bdb1..04e9e35106 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/installing/filemultiple.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/installing/filemultiple.md @@ -9,3 +9,4 @@ sidebar_position: 20 Yes. Netwrix Endpoint Policy Manager (formerly PolicyPak) is licensed as a suite, and as such you have paid for multiple components. Use LT to install each received license file, which will fully enable the client's Client Side Extension on your endpoints. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/installing/universal.md b/docs/endpointpolicymanager/licensing/knowledgebase/installing/universal.md index 42d8133e5e..a4abc7977e 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/installing/universal.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/installing/universal.md @@ -29,3 +29,4 @@ Only remove the old Licensing GPO when you are sure you have rolled out a CSE 26 later (anything from year 2021 and later). ::: + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/knowledgebase.md b/docs/endpointpolicymanager/licensing/knowledgebase/knowledgebase.md index 78639dc8d0..1e618f1b3d 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/knowledgebase.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/knowledgebase.md @@ -91,3 +91,4 @@ licensing. - [When and why would I license Endpoint Policy Manager on servers?](/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/whenwhy.md) - [What items and components are licensed, and what components are free?](/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/components_1.md) - [Why must I transition from Legacy to Universal licenses (and what are the differences?)](/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/transition.md) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/_category_.json index 767bd049e2..b74798cea8 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/_category_.json @@ -3,4 +3,4 @@ "position": 90, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/components_1.md b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/components_1.md index 24982ff7b6..551aadc22f 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/components_1.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/components_1.md @@ -19,7 +19,7 @@ components such as: - Endpoint Policy Manager File Associations Manager - Endpoint Policy Manager Browser Router - Endpoint Policy Manager - [Least Privilege Manager ](https://www.endpointpolicymanager.com/products/endpointpolicymanager-least-privilege-manager.html) + [Least Privilege Manager ](https://www.policypak.com/products/endpointpolicymanager-least-privilege-manager.html) - Endpoint Policy Manager Java Rules Manager - Endpoint Policy Manager Start Screen & Taskbar Manager - Endpoint Policy Manager Scripts Manager @@ -70,5 +70,6 @@ To generate license request keys for Endpoint Policy Manager On-Prem suite endpo fort additional information. Once you acquire licenses from our sales team, you can implement them in two ways. -[See PolicyPak Solution Methods: Group Policy, MDM, UEM Tools, and PolicyPak Cloud compared. for additional information on ](https://kb.endpointpolicymanager.com/kb/article/489-policypak-licensing-onpremise-licensing-methods-compared) +[See PolicyPak Solution Methods: Group Policy, MDM, UEM Tools, and PolicyPak Cloud compared. for additional information on ](https://docs.netwrix.com/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/licensingmethods) how to import the licenses. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/transition.md b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/transition.md index 077b6254e2..5651543175 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/transition.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/transition.md @@ -69,3 +69,4 @@ In the Group Policy editor you can consume the Universal license and it will loo And finally using` PPUPDATE` command on the endpoint, you can see how you are licensed : ![861_7_hfkb-1130-img-07_950x984](/images/endpointpolicymanager/license/861_7_hfkb-1130-img-07_950x984.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/whenwhy.md b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/whenwhy.md index e68d51630a..962c999049 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/whenwhy.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/miscquestions/whenwhy.md @@ -12,7 +12,7 @@ serving multiple people on the same machine, then that usage counts as multiple two FAQs for details: - General Citrix & Multi-Session Windows Licensing: - [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.endpointpolicymanager.com/purchasing/citrix-licensing-scenarios.html) + [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.policypak.com/purchasing/citrix-licensing-scenarios.html) - For Citrix + Cloud: [How do I license my Citrix, RDS, WVD, VDI or other multi-session Windows version with Endpoint Policy Manager Cloud ?](/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/multisession.md) @@ -23,7 +23,7 @@ Here are some examples: reduce the amount of GPOs and then target them to specific servers. There are many, many use cases for this, but just one is Windows Update, where you can take a bunch of GPOs and get them down to one. See this blog for details: - [https://www.endpointpolicymanager.com/pp-blog/windows-update-business](https://www.endpointpolicymanager.com/pp-blog/windows-update-business). + [https://www.policypak.com/pp-blog/windows-update-business](https://www.policypak.com/pp-blog/windows-update-business). Then, here's the video on how to perform reduction of existing GPOs: [Reduce GPOs (and/or export them for use with Endpoint Policy Manager Cloud or with MDM)](/docs/endpointpolicymanager/components/admintemplatesmanager/videolearningcenter/admintemplatesmethods/reducegpos.md) 2. You can use Endpoint Policy Manager Admin Templates Manager to specify and lockdown settings for @@ -41,7 +41,7 @@ Here are some examples: [Block PowerShell in General, Open up for specific items](/docs/endpointpolicymanager/components/endpointprivilegemanager/videolearningcenter/bestpractices/powershellblock.md) 6. You can use Endpoint Policy Manager Least Privilege Manager to reduce the admin rights on specific processes or applications, like IE and - others:[Can I use Endpoint Privilege Manager to LOWER / remove admin rights from Administrators from an application or process, like Internet Explorer?](/docs/endpointpolicymanager/components/endpointprivilegemanager/knowledgebase/tipsforadminapproval/reduceadminrights.md) + others:[Can I use Endpoint Privilege Manager to LOWER / remove admin rights from Administrators from an application or process, like Internet Explorer?](/docs/endpointpolicymanager/components/endpointprivilegemanager/technotes/tipsforadminapproval/reduceadminrights.md) 7. You can use Endpoint Policy Manager Scripts Manager to perform specific logon scripts for specific servers using Triggers: [Endpoint Policy Manager Scripts and Triggers: Get to understand login script trigger with GP and MDM systems !](/docs/endpointpolicymanager/components/scriptstriggers/videolearningcenter/triggersexamples/scripttriggers.md) diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/_category_.json index 3fcf15c782..a6f868beec 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/editpolicies.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/editpolicies.md index 4d9ca5cff6..0cd8d6d2a1 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/editpolicies.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/editpolicies.md @@ -31,7 +31,7 @@ A: We do it for you. For Windows, Office and Endpoint Policy Manager ADMX settin Q: Do you have Windows 10 and 11 settings in Endpoint Policy Manager Cloud? A: Yes. See -[How Netwrix PolicyPak Enables Flexibility of Different Group Policy Stores for Windows 10 and Windows 11](https://www.endpointpolicymanager.com/resources/pp-blog/group-policy-stores/) +[How Netwrix PolicyPak Enables Flexibility of Different Group Policy Stores for Windows 10 and Windows 11](https://www.policypak.com/resources/pp-blog/group-policy-stores/) for additional information. Q: What about Custom ADMX, like Acrobat and Chrome? Can I upload those myself? @@ -53,3 +53,4 @@ Q: How are users and groups supported within ILT in cloud? A: Basically the same way. If you know the SID of the group or user ,you would place it into the SID box. If the SID is not known, the ILT engine does its best to evaluate by name, but it's not guaranteed. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/intune.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/intune.md index 413ce31b0f..d9ec1bb11c 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/intune.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/intune.md @@ -38,3 +38,4 @@ See [MDM Intune company name troubleshooting](/docs/endpointpolicymanager/licens Between the count (pictures) and the company name (text file), we'll have the two pieces we need. Send them to your Sales team if requested and/or to close the loop on a support request. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/logs.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/logs.md index bab67863ac..11fd789be8 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/logs.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/logs.md @@ -26,3 +26,4 @@ Once you have collected the required logs, please ZIP up the following folder an support case in SHAREFILE. ![182_1_1_950x786](/images/endpointpolicymanager/troubleshooting/license/182_1_1_950x786.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/tool.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/tool.md index 26b0e2c279..f748139a06 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/tool.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/tool.md @@ -45,3 +45,4 @@ real keys. Email your Endpoint Policy Manager Sales team member for more information if you have licensing questions. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md index 2faec8b492..3e25ab1400 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingall/trial.md @@ -69,7 +69,7 @@ After you rename your computer to have Computer in the name, then: If you're trying our Endpoint Policy Manager Enterprise, Endpoint Policy Manager Professional or Endpoint Policy Manager SaaS, they all come with an included Endpoint Policy Manager Cloud license.  Your trial should automatically generate credentials -to [cloud.endpointpolicymanager.com](http://cloud.endpointpolicymanager.com/) (aka the Endpoint Policy Manager Cloud +to [cloud.policypak.com](https://cloud.policypak.com/) (aka the Endpoint Policy Manager Cloud Service.) When you install the Endpoint Policy Manager Cloud client, a license is automatically taken from @@ -141,3 +141,4 @@ instructions: [How to install UNIVERSAL licenses for NEW Customers (via GPO, SC Then follow these directions to get started with Endpoint Policy Manager and your MDM service, making sure to follow the "Walk Before You Run" video: Getting Started with MDM > [Video Learning Center](/docs/endpointpolicymanager/deliverymethods/mdm/videos/videolearningcenter.md) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/_category_.json index c36c35fd31..b146e196b6 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/adminrights.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/adminrights.md index 456e74854c..b8db943926 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/adminrights.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/adminrights.md @@ -34,3 +34,4 @@ Application permissions | -------------------------------------- | ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | | DeviceManagementServiceConfig.Read.All | Read Microsoft Intune configuration | Allows the app to read Intune service properties, including device enrollment and third party service connection configuration. | Yes | | DeviceManagementConfiguration.Read.All | Read Microsoft Intune device configuration and policies | Allows the app to read properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups. | Yes | + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/autopilot.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/autopilot.md index 41866e10db..bff9e6aa09 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/autopilot.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/autopilot.md @@ -19,3 +19,4 @@ An example, taken from can be seen here. ![1336_1_f6195331f68904f96c183fe8a7dfdd29](/images/endpointpolicymanager/license/mdm/1336_1_f6195331f68904f96c183fe8a7dfdd29.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/domainmultiple.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/domainmultiple.md index 198602af14..e03ab05433 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/domainmultiple.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/domainmultiple.md @@ -24,3 +24,4 @@ services. ![356_1_image_950x402](/images/endpointpolicymanager/license/mdm/356_1_image_950x402.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/entraid.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/entraid.md index f8f41dd2b9..d339de0621 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/entraid.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/entraid.md @@ -172,3 +172,4 @@ Final number for purchase, where each machine is licensed once: - 150 Grand total: 1,250 computers + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/hybrid.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/hybrid.md index bc1d4d2f8d..b8c918f4d8 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/hybrid.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/hybrid.md @@ -128,5 +128,6 @@ See for additional information on all the Azure vocabulary and scenarios. If there are other cases that you might have which are not covered in this document, please email -support at endpointpolicymanager.com so we can try to express how to license Endpoint Policy Manager with your +support at policypak.com so we can try to express how to license Endpoint Policy Manager with your scenario. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/jointype.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/jointype.md index 0326584f82..f093df4d41 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/jointype.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/jointype.md @@ -33,3 +33,4 @@ Using LT, you can see all computers noted above would be counted within LT for l as seen here. ![754_2_2_950x795](/images/endpointpolicymanager/license/mdm/754_2_2_950x795.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/name.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/name.md index dfe7bc59be..43e09680d8 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/name.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/name.md @@ -56,3 +56,4 @@ who enrolled the machine does not match what is in the license file. See the Microsoft article on how to [Plan and troubleshoot User Principal Name changes in Microsoft Entra ID](https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/howto-troubleshoot-upn-changes) for additional information regarding UPN names in Azure. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/setup.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/setup.md index e645cfdbfb..a014e63eb0 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/setup.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/setup.md @@ -100,3 +100,4 @@ From the Analyze page, go to Reporting > Devices & Apps and take a screenshot sh count and Ownership: ![44_14_image-20200815220310-29](/images/endpointpolicymanager/license/mdm/44_14_image-20200815220310-29.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/tool.md b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/tool.md index 0dc5af140e..da50f749fa 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/tool.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/requestingmdm/tool.md @@ -117,3 +117,4 @@ Disconnect-MgGraph | Out-Null See the [MDM Intune company name troubleshooting](/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/mdm.md) video for additional information. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/_category_.json index e27cfae2fc..fa996ccf6c 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 70, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/components.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/components.md index e418b00e5b..2712bfeecf 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/components.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/components.md @@ -77,3 +77,4 @@ Endpoint Policy Manager Cloud Portal.) ![681_16_e7_954x1262](/images/endpointpolicymanager/troubleshooting/license/681_16_e7_954x1262.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/enterprisefull.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/enterprisefull.md index efce9a05fa..4925a35e97 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/enterprisefull.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/enterprisefull.md @@ -194,3 +194,4 @@ we recommend updating to the latest MMC snap-in. - _Remember,_ You are still required to run the LT after each term year and pay for true-ups, even though the keys you will get back in return are now for the duration of the term, and not one year keys as we issued in the past. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/expires.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/expires.md index 68011e1464..140f338eb4 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/expires.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/expires.md @@ -76,3 +76,4 @@ registry keys with old Endpoint Policy Manager license info. Afterward, reopen GPMC and try editing a GPO again, does the message appear? If not, you are done. If yes, then open a support ticket for further assistance. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/graceperiod.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/graceperiod.md index b5ba0eabe8..ab8dc2b7f6 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/graceperiod.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/graceperiod.md @@ -169,3 +169,4 @@ Event 233: License has become unavailable or has become unlicensed (only availab versions equal or later to 24.4) ![1250_7_e85476dc329c7942430a995eb0548beb](/images/endpointpolicymanager/troubleshooting/license/1250_7_e85476dc329c7942430a995eb0548beb.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/legacy.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/legacy.md index 1d838d274b..a7893dda1d 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/legacy.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/legacy.md @@ -46,13 +46,12 @@ sidebar_position: 60 in the first place. - When we cut keys for existing customers (who started before 2021) we always provided Universal keys and sometimes provided Legacy keys. -- Therefore: You should be able to pick up your existing keys at portal.endpointpolicymanager.com. Example of +- Therefore: You should be able to pick up your existing keys at portal.policypak.com. Example of how to find existing keys: ![840_1_1](/images/endpointpolicymanager/troubleshooting/license/840_1_1.webp) -- Only email [support@endpointpolicymanager.com](mailto:support@endpointpolicymanager.com) if you cannot locate your - Universal license because it should already be in the Portal at portal.endpointpolicymanager.com. +- If you cannot locate your Universal license because it should already be in the Portal at portal.policypak.com, please [open a support ticket](https://www.netwrix.com/tickets.html#/open-a-ticket). ## In the portal, after I download my license keys, how can I tell which are UNIVERSAL and which are LEGACY keys? @@ -181,3 +180,4 @@ You can still use Universal licenses via GPO and/or MDM/XML method. The updated latest CSEs is as follows: ![840_7_image_950x724](/images/endpointpolicymanager/troubleshooting/license/840_7_image_950x724.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/mmcsnapinlogs.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/mmcsnapinlogs.md index e9597f1e32..793e290e43 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/mmcsnapinlogs.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/mmcsnapinlogs.md @@ -23,3 +23,4 @@ Inspect the logs from: `C:\Users\user\AppData\Local\PolicyPak` and see if your i any logs and/or obvious errors. Send the logs to support as instructed. ![753_1_img-01_950x545](/images/endpointpolicymanager/troubleshooting/license/753_1_img-01_950x545.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/toollogs.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/toollogs.md index 9c228e9895..fc8404cbc0 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/toollogs.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/toollogs.md @@ -23,3 +23,4 @@ Log files and related files for LT.exe (if any errors are detected) are located When asked, a customer need to access this location and ZIP the content of this folder for a further transfer to the Support team. The user behind the asterisks is the one who was executing` LT.exe.` + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/universal.md b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/universal.md index 8392e402ce..0666129aca 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/universal.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/troubleshooting/universal.md @@ -13,3 +13,4 @@ manipulate the storage location of licenses before new licenses were put in plac As such you will still see licenses in place when running `PPUPDATE` command. ![826_1_img-01](/images/endpointpolicymanager/troubleshooting/license/826_1_img-01.webp) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/_category_.json b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/_category_.json index bae5c20ca0..a134c96372 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/_category_.json +++ b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/count.md b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/count.md index 326e5cfc85..4c6dae9ad4 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/count.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/count.md @@ -13,7 +13,7 @@ connection. In other words, if one Citrix server can handle 100 inbound connections, that would require a declaration of 100 Endpoint Policy Manager licenses. See -[Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/) +[Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.policypak.com/purchasing/vdi-licensing-scenarios/) for additional information on how we count licenses for any kind of multi-session Windows. ## On-Prem / Active Directory Notes @@ -88,3 +88,4 @@ bought only 10, 20, etc. If this is your situation, simply express the raw number of purchased licenses to your sales or renewals person. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/desktops.md b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/desktops.md index 1473c91494..516fb1835f 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/desktops.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/desktops.md @@ -13,9 +13,10 @@ This depends on what kind of virtual desktops they are: Edition and the Citrix licenses are accounted for. - Same with Windows Virtual Desktop (if using Multi-session Windows). Those sessions each count as onelicense. See - [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/) + [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.policypak.com/purchasing/vdi-licensing-scenarios/) for additional information. - However, full VDI single-session desktops are licensed in the same manner as physical desktops. From a licensing perspective, there is no difference between the two. If there's a computer account in Active Directory, and it's active, it counts your Endpoint Policy Manager licensing. In this case you may use it with Endpoint Policy Manager SaaS / Cloud. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/multisession.md b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/multisession.md index 087783d522..2367d3aca2 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/multisession.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/multisession.md @@ -61,9 +61,10 @@ go to 470. But you will only (in practice) use the 400 licenses: Total Usage: 402. Total in your pool after agreement: 470. This is really no different than how we ask PP Group Policy customers to do. See -[Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/) +[Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.policypak.com/purchasing/vdi-licensing-scenarios/) for additional information. In summary: If you want to use Endpoint Policy Manager Cloud with any kind of multi-session version of Windows, you need to have enough licenses purchased, and cannot perform the installation on multi-session Windows without an agreement first. + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/terminalservices.md b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/terminalservices.md index 2840c0473d..42f1becc37 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/terminalservices.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/terminalservices.md @@ -20,4 +20,5 @@ connections do not need to be declared at purchase time. For example scenarios of how to license Endpoint Policy Manager Group Policy Edition with Citrix and/or Terminal Services, please -see [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/)[.](https://www.endpointpolicymanager.com/support-sharing/citrix-licensing-scenarios.html) +see [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.policypak.com/purchasing/vdi-licensing-scenarios/)[.](https://www.policypak.com/support-sharing/citrix-licensing-scenarios.html) + diff --git a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/tool_1.md b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/tool_1.md index 5ff41d9b50..e45075b918 100644 --- a/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/tool_1.md +++ b/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/tool_1.md @@ -31,4 +31,5 @@ There are also multiple ways the Endpoint Policy Manager On-Prem suite can be li For understanding all the scenarios, please see the following additional technotes: - [How are Terminal Services and/or Citrix connections licensed?](/docs/endpointpolicymanager/licensing/knowledgebase/vertualizationcitrix/terminalservices.md) -- [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.endpointpolicymanager.com/purchasing/vdi-licensing-scenarios/) +- [Citrix & WVD Multi-session Windows Licensing Scenarios](https://www.policypak.com/purchasing/vdi-licensing-scenarios/) + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/_category_.json b/docs/endpointpolicymanager/licensing/videolearningcenter/_category_.json index cb657b91c6..c96de79669 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/_category_.json +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "videolearningcenter" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/installall/_category_.json b/docs/endpointpolicymanager/licensing/videolearningcenter/installall/_category_.json index d103be6b72..83af317b1e 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/installall/_category_.json +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/installall/_category_.json @@ -3,4 +3,4 @@ "position": 20, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md b/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md index 30a14bcbbb..c96db16485 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/installall/installuniversal.md @@ -5,7 +5,7 @@ get it installed? This is your "one-stop shop" video to explain it all. Just get deployed via GPO, an on-prem tool like SCCM, or an MDM tool like Intune, and... you're done! Once license... and that's it. We call it the "universal" license! - + Hi, this is Jeremy Moskowitz. In this video, we're going to learn how to install your license files. This is what your license files should look like. Maybe the file names are a little different, but @@ -148,3 +148,4 @@ saw how to do that too. Long story short, hope this helps you out. Looking forward to getting you started with PolicyPak real soon. Thank you so much. + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/_category_.json b/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/_category_.json index eec5d63eb4..12c49daacc 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/_category_.json +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/_category_.json @@ -3,4 +3,4 @@ "position": 30, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/upgrades.md b/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/upgrades.md index a4e72d8cd1..f8b9af3a64 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/upgrades.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/installalllegacy/upgrades.md @@ -11,4 +11,5 @@ continuing (or else the license will not be able to be imported.) ::: - + + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/_category_.json b/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/_category_.json index 76400dbe44..03368b7025 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/_category_.json +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/_category_.json @@ -3,4 +3,4 @@ "position": 10, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/licenserequestkey.md b/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/licenserequestkey.md index f85e553055..410c4b8da1 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/licenserequestkey.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/requestall/licenserequestkey.md @@ -4,7 +4,7 @@ Want to get started with Netwrix Endpoint Policy Manager (formerly PolicyPak)? W number of computers in on-prem AD and, if desired, in Intune. Here's how to choose which path, and a walk through of each scenario. - + Hi, this is Jeremy Moskowitz, and in this video we're going to learn how to request licenses from PolicyPak. You'll have to do this every year, so it's good to understand how this works. diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/_category_.json b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/_category_.json index 7d2564a42f..befcd0741e 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/_category_.json +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/cleanup.md b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/cleanup.md index 19a83fc728..2147c6603f 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/cleanup.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/cleanup.md @@ -9,7 +9,7 @@ sidebar_position: 30 If you're a renewing customer, take a moment and find your old licenses and clean them out. This video shows you how. - + ### PolicyPak: Using LT for license cleanup @@ -70,3 +70,4 @@ I hope that helps explain how to clean up old licenses if you happen to have any you have any questions about this, we're here for you on the support forums. Thanks. Take care. + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/legacy.md b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/legacy.md index 10eae49218..c3febc0939 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/legacy.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/legacy.md @@ -6,4 +6,5 @@ sidebar_position: 10 # Legacy License Retirement Guidance (for Feb 28, 2023) - + + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/lttool.md b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/lttool.md index fd862ea27a..8afc0290a1 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/lttool.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/lttool.md @@ -8,4 +8,4 @@ sidebar_position: 60 Having problems with the Netwrix Endpoint Policy Manager (formerly PolicyPak) LT tool but need to get "counting" with your number of Intune connected machines? Use this workaround. - + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/mdm.md b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/mdm.md index 43c809080f..4a9a352223 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/mdm.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/mdm.md @@ -8,4 +8,4 @@ sidebar_position: 40 Please run these steps if asked by support - + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/renameendpoint.md b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/renameendpoint.md index 97f65e33d1..2b7929c9e2 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/renameendpoint.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/renameendpoint.md @@ -10,4 +10,5 @@ If you want to bypass any potential licensing issue, test your Cloud or MDM poli exporting them, or set up a home test lab, rename your endpoint to contain the word "computer" in the name. See this concept at work in this video! - + + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/unlicense.md b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/unlicense.md index 56f1f3e64c..7b4ca84abd 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/unlicense.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/unlicense.md @@ -8,7 +8,7 @@ sidebar_position: 20 If asked by support, you might want to unlicense a specific component. This video shows you how. - + Hi, this is Jeremy Moskowitz. In this video we're going to talk about how to unlicensed one component, if asked by tech support. The idea is that if you were to go to an endpoint and type PP @@ -75,3 +75,4 @@ There's two different methods to get unlicensed, which you kind of need to know need to. Typically you would only need to do this if asked. If there's something that you want to do this for, you can let us know and we can talk through it. I hope this video helps you out. Looking forward to getting you started with PolicyPak real soon. Bye. + diff --git a/docs/endpointpolicymanager/licensing/videolearningcenter/videolearningcenter.md b/docs/endpointpolicymanager/licensing/videolearningcenter/videolearningcenter.md index febb74f590..be51c76fc5 100644 --- a/docs/endpointpolicymanager/licensing/videolearningcenter/videolearningcenter.md +++ b/docs/endpointpolicymanager/licensing/videolearningcenter/videolearningcenter.md @@ -26,3 +26,4 @@ See the following Video topics for more information on Endpoint Policy Manager l - [How to Un-License any Endpoint Policy ManagerComponent via ADMX or Endpoint Policy Manager Cloud](/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/unlicense.md) - [Using LT for license cleanup](/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/cleanup.md) - [MDM Intune company name troubleshooting](/docs/endpointpolicymanager/licensing/videolearningcenter/troubleshooting/mdm.md) + diff --git a/docs/endpointpolicymanager/upgrademaintenance/_category_.json b/docs/endpointpolicymanager/upgrademaintenance/_category_.json index a6fb2f3494..c867130ed4 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/_category_.json +++ b/docs/endpointpolicymanager/upgrademaintenance/_category_.json @@ -3,4 +3,4 @@ "position": 25, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/_category_.json b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/_category_.json index 8c98264c85..1342d2cd72 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/_category_.json +++ b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/_category_.json @@ -3,4 +3,4 @@ "position": 40, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/antivirus.md b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/antivirus.md index 1674e0966d..2fd85462b9 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/antivirus.md +++ b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/antivirus.md @@ -147,7 +147,7 @@ Follow the steps to resolve Netskope errors. [Creating a Custom Certificate Pinned Application](https://docs.netskope.com/en/creating-a-custom-certificate-pinned-application/#creating-a-custom-certificate-pinned-application) for additional information. -**Step 2 –** Create a local domain bypass for `cloud-agent.endpointpolicymanager.com`. +**Step 2 –** Create a local domain bypass for `cloud-agent.policypak.com`. Explanation of Root Cause @@ -159,3 +159,4 @@ application. These steps above provide a workaround for Netskope + Endpoint Policy Manager Cloud installation issues. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/citrixapplayering.md b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/citrixapplayering.md index b30cd095f0..22285c5bfc 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/citrixapplayering.md +++ b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/citrixapplayering.md @@ -11,3 +11,4 @@ Citrix App Layering lets you add packages at the OS, PLATFORM or APP LAYER. While it ispossible that Netwrix Endpoint Policy Manager (formerly PolicyPak) should work at any layer, we recommend the OS layer since Endpoint Policy Manager acts as part of the operating system and is tightly integrated with Group Policy. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/digitallysigneddriver.md b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/digitallysigneddriver.md index cdfe224284..3ddaca5eb8 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/digitallysigneddriver.md +++ b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/digitallysigneddriver.md @@ -24,3 +24,4 @@ This will enable Windows 7 to honor 256-hash signed files. As you can see here, all Endpoint Policy Manager files are signed with SHA256. ![351_2_image002](/images/endpointpolicymanager/troubleshooting/install/351_2_image002.webp) + diff --git a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/overview.md b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/overview.md index 8afa247849..34a26a508f 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/overview.md +++ b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/overview.md @@ -31,4 +31,5 @@ Troubleshoot common problems related to third-party software interference: - Always configure antivirus software to exclude Endpoint Policy Manager files and processes - Test thoroughly in virtualized environments before deployment -- Be aware that some security software may prevent proper CSE operation without proper configuration \ No newline at end of file +- Be aware that some security software may prevent proper CSE operation without proper configuration + diff --git a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/sufficientprivileges.md b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/sufficientprivileges.md index fed07b9c06..449afd1d65 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/sufficientprivileges.md +++ b/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/sufficientprivileges.md @@ -22,3 +22,4 @@ For more information Example of error and results in Event log: ![97_1_carbonblack1](/images/endpointpolicymanager/troubleshooting/error/install/97_1_carbonblack1.webp) + diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/_category_.json b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/_category_.json index 9e134f991b..6e6468760d 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/_category_.json +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/_category_.json @@ -3,4 +3,4 @@ "position": 80, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/commandline.md b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/commandline.md index 51e5390e48..16a155224d 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/commandline.md +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/commandline.md @@ -60,3 +60,4 @@ ppupdate /cseupdatenow /force  When specified along with /cseupdatenow, forces CSE to check for updates even when automatic updates are disabled in `update.config`. This option is useful for those who want to check for updates on their own schedule. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency.md b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency.md index a64e58033c..5b32f831d9 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency.md +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency.md @@ -29,3 +29,4 @@ supports any older CSEs. So the best practice is to stay updated so that if you do find an issue that requires attention, the problem is not compound by being months or years behind. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency_1.md b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency_1.md index b6719e4b55..311caa17d5 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency_1.md +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency_1.md @@ -35,3 +35,4 @@ shipping CSE version and put out the next shipping version for all customerswith In this way, the closer you are to latest version the easier the transition to the latest version will be, should the need arise. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/overview.md b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/overview.md index 7f9843223a..072b4e8145 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/overview.md +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/overview.md @@ -23,4 +23,5 @@ Understand Endpoint Policy Manager versioning and update frequency: - [Update Frequency Guidelines](/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency.md) - When to upgrade or not upgrade the CSE - [Update Frequency and Support](/docs/endpointpolicymanager/upgrademaintenance/bestpractices/frequency_1.md) - How often EPM is updated and version support policy -These best practices will help ensure your Endpoint Policy Manager deployment remains stable, secure, and fully supported. \ No newline at end of file +These best practices will help ensure your Endpoint Policy Manager deployment remains stable, secure, and fully supported. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/rings.md b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/rings.md index a95087bb84..1590a4b98f 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/rings.md +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/rings.md @@ -63,7 +63,7 @@ It is recommend to become familiar with Microsoft's idea of rings using the foll - Microsoft documentation: [Prepare a servicing strategy for Windows client updates](https://learn.microsoft.com/en-us/windows/deployment/update/waas-servicing-strategy-windows-10-updates) - Endpoint Policy Manager's blog post: - [Windows Update for Business (WuFB): A Simplified Guide](https://www.endpointpolicymanager.com/resources/pp-blog/windows-update-business/) + [Windows Update for Business (WuFB): A Simplified Guide](https://www.policypak.com/resources/pp-blog/windows-update-business/) - Microsoft Ignite's talk about rings: [Strategic and tactical considerations for ring-based Windows 10 deployments](https://www.youtube.com/watch?v=omwelzp-Hlw) - Jeremy's MDM book (Chapter 9): [MDMandGPanswers.com/book](https://www.mdmandgpanswers.com/books) @@ -187,7 +187,7 @@ While it's possible to deploy the Endpoint Policy Manager CSE via Microsoft's Gr software installation, it is not recommended. The best practice to deploy the Endpoint Policy Manager CSE, should you have no on-prem software deployment tool, is the free version of PDQ Deploy. For more information, see the video -series[PolicyPak and PDQ](https://www.endpointpolicymanager.com/integration/endpointpolicymanager-and-pdq.html). +series[PolicyPak and PDQ](https://www.policypak.com/integration/endpointpolicymanager-and-pdq.html). ::: @@ -356,3 +356,4 @@ support. Just remember that you will have to reproduce the issue on a machine with the latest CSE and/or Cloud Client and be prepared to get logs from a very clean machine. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/versions.md b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/versions.md index f3140a5b4d..07ca1b66be 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/bestpractices/versions.md +++ b/docs/endpointpolicymanager/upgrademaintenance/bestpractices/versions.md @@ -67,3 +67,4 @@ In this screenshot, you can see the original style and the new style: - New Style (15.12.827.19) means build 827 of the DesignStudio compiled the Pak. ![217_5_image006](/images/endpointpolicymanager/troubleshooting/217_5_image006.webp) + diff --git a/docs/endpointpolicymanager/upgrademaintenance/overview.md b/docs/endpointpolicymanager/upgrademaintenance/overview.md index 901917e74d..407d1543b0 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/overview.md +++ b/docs/endpointpolicymanager/upgrademaintenance/overview.md @@ -38,4 +38,5 @@ Configure third-party software to work properly with Endpoint Policy Manager: - [AntiVirus Configuration](/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/antivirus.md) - Configuring AV software - [Citrix App Layering](/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/citrixapplayering.md) - Implementation with Unidesk - [Digitally Signed Driver](/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/digitallysigneddriver.md) - Driver prompts and workarounds -- [Service Start Privileges](/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/sufficientprivileges.md) - Troubleshooting service start issues \ No newline at end of file +- [Service Start Privileges](/docs/endpointpolicymanager/upgrademaintenance/antivirussystemsoftware/sufficientprivileges.md) - Troubleshooting service start issues + diff --git a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/_category_.json b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/_category_.json index 0a21727f4b..5563a0e2b6 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/_category_.json +++ b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/_category_.json @@ -3,4 +3,4 @@ "position": 50, "collapsed": true, "collapsible": true -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/cpuslowdown.md b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/cpuslowdown.md index 6892fb2d34..cb30559bcd 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/cpuslowdown.md +++ b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/cpuslowdown.md @@ -95,3 +95,4 @@ If you still think Endpoint Policy Manager is causing high disk usage / slowdown **Step 2 –** Screenshot of the perfmon as configured above running for a full minute. **Step 3 –** Dump file created with task manager. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/overview.md b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/overview.md index a66f9655df..57ff5ea60c 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/overview.md +++ b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/overview.md @@ -22,4 +22,5 @@ Diagnose and verify CSE performance impact on your systems: ## Troubleshooting Tips -These articles will help you identify whether performance issues are related to Endpoint Policy Manager and provide guidance on proper investigation methods to ensure optimal system performance. \ No newline at end of file +These articles will help you identify whether performance issues are related to Endpoint Policy Manager and provide guidance on proper investigation methods to ensure optimal system performance. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/watcherservicememoryusage.md b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/watcherservicememoryusage.md index a5c2159537..c14ee59317 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/performancequestions/watcherservicememoryusage.md +++ b/docs/endpointpolicymanager/upgrademaintenance/performancequestions/watcherservicememoryusage.md @@ -49,3 +49,4 @@ Then you can add up the RAM used. For this example with three logged on users th memory is 13.92 MB. ![490_3_hf-kb-img-001](/images/endpointpolicymanager/troubleshooting/490_3_hf-kb-img-001.webp) + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/_category_.json b/docs/endpointpolicymanager/upgrademaintenance/upgrade/_category_.json index f3fd2490f7..3e37f60abf 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/_category_.json +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/overview.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/overview.md index a81e6e7a79..d382cf5f5c 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/overview.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/overview.md @@ -53,4 +53,5 @@ testing. A clean machine would have the following installed: This way you can install the latest Endpoint Policy Manager CSE by hand and do some testing of a new CSE before you attempt to roll it out to more client machines. Then, if you encounter a bug, you can quickly validate your bug report and collect logs from a machine that is available whenever you need -it, not just when the user is available. \ No newline at end of file +it, not just when the user is available. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/_category_.json b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/_category_.json index e8ada68482..fd07508e38 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/_category_.json +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/_category_.json @@ -7,4 +7,4 @@ "type": "doc", "id": "overview" } -} \ No newline at end of file +} diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/activedirectory.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/activedirectory.md index 51a6dd6e8a..9f00a93390 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/activedirectory.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/activedirectory.md @@ -47,7 +47,7 @@ While it's possible to deploy the Endpoint Policy Manager CSE via Microsoft's Gr software installation, it is not recommended. The best practice to deploy the Endpoint Policy Manager CSE, should you have no on-prem software deployment tool, is the free version of PDQ Deploy. For more information, see the video series at -[https://www.endpointpolicymanager.com/integration/endpointpolicymanager-and-pdq.html](https://www.endpointpolicymanager.com/integration/endpointpolicymanager-and-pdq.html). +[https://www.policypak.com/integration/endpointpolicymanager-and-pdq.html](https://www.policypak.com/integration/endpointpolicymanager-and-pdq.html). ::: @@ -117,3 +117,4 @@ topic for additional information. See the [Using Remote Work Delivery Manager to Update the Endpoint Policy Manager Client Side Extension](/docs/endpointpolicymanager/components/remoteworkdeliverymanager/videos/tipsandtricks/updateclientsideextension.md)video for additional information. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/cloud.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/cloud.md index dc8d294d24..8a6c6675c9 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/cloud.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/cloud.md @@ -38,3 +38,4 @@ Update the CSE first or the Cloud Client first in the test groups and let each p software update. Upgrading both at the same time is supported but is not recommended. ::: + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/finalthoughts.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/finalthoughts.md index 0616b9b9e5..4fde509448 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/finalthoughts.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/finalthoughts.md @@ -22,3 +22,4 @@ and fixes in the latest CSE. With that being said, even if you fall out of date Endpoint Policy Manager CSE, you are still entitled to support. Just remember that you will have to reproduce the issue on a machine with the latest CSE and be prepared to get logs from a clean machine. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/mdm.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/mdm.md index 7d6cc55ffa..314b1b05fc 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/mdm.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/mdm.md @@ -24,3 +24,4 @@ automatically be part of the first or second dynamic group. But because the firs group with hand-picked machines, those machines are the only ones that will get the initial rollout of a new CSE. Then, because the Endpoint Policy Manager CSE is an MSI, you can use the MSI deployment method with your MDM service to target to these groups. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/overview.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/overview.md index 261059b8de..96226db954 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/overview.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/rings/overview.md @@ -31,7 +31,7 @@ with Microsoft's idea of rings using the following resources: - Microsoft documentation: [Prepare a servicing strategy for Windows client updates](https://learn.microsoft.com/en-us/windows/deployment/update/waas-servicing-strategy-windows-10-updates) - Endpoint Policy Manager's blog post: - [Windows Update for Business (WuFB): A Simplified Guide](https://www.endpointpolicymanager.com/resources/pp-blog/windows-update-business/) + [Windows Update for Business (WuFB): A Simplified Guide](https://www.policypak.com/resources/pp-blog/windows-update-business/) - Microsoft Ignite's talk about rings: [Strategic and tactical considerations for ring-based Windows 10 deployments](https://www.youtube.com/watch?v=omwelzp-Hlw) - Jeremy's MDM book (Chapter 9): [MDMandGPanswers.com/book](https://www.mdmandgpanswers.com/books) @@ -88,3 +88,4 @@ started using it. In the follow sections, we'll provide our recommendations for various Endpoint Policy Manager products on how to implement a ring policy for Endpoint Policy Manager CSE updates. + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/settings.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/settings.md index c67083e19e..f98720ddf3 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/settings.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/settings.md @@ -64,3 +64,4 @@ utility to update each GPO automatically with the latest version of the AppSet D To see a video overview of how to manually touch a GPO, see [GPOTouch Utility](/docs/endpointpolicymanager/components/applicationsettingsmanager/videos/centralstoresharing/touchutility.md). + diff --git a/docs/endpointpolicymanager/upgrademaintenance/upgrade/tips.md b/docs/endpointpolicymanager/upgrademaintenance/upgrade/tips.md index 9c98f6db1d..95359a1dc0 100644 --- a/docs/endpointpolicymanager/upgrademaintenance/upgrade/tips.md +++ b/docs/endpointpolicymanager/upgrademaintenance/upgrade/tips.md @@ -73,3 +73,4 @@ and video demos. ::: + diff --git a/docs/endpointprotector/admin/denylistsallowlists/allowlists.md b/docs/endpointprotector/admin/denylistsallowlists/allowlists.md index 21c664f275..5807810f20 100644 --- a/docs/endpointprotector/admin/denylistsallowlists/allowlists.md +++ b/docs/endpointprotector/admin/denylistsallowlists/allowlists.md @@ -95,6 +95,14 @@ and **description**, add the items separated by a new line, comma, or semicolon File Location Allowlists will not apply to groups of users, only to groups of computers. File Location Allowlists will only apply for the selected computer groups after 15 minutes. +:::note +By clicking the "Select All Computers" checkbox, ONLY computers existing in the Computers list at that moment can be checked and selected all at once. This DOES NOT imply that all the computers that will ever exist in the EPP Server Computer's list will be added to the "Allowlist - File Location" exception. + +This is because adding new entities by default to the File Location's Allowlist exceptions without the Administrator knowledge could prove troublesome. When a new computer is added to the EPP Server, the "Select All Computers" checkbox becomes unchecked again but the computers that were checked before remain selected. By pressing that checkbox again, the newly added/unselected computers are added to the selectoion. + +The same behavior also applies for Groups. The Administrator has the option to create custom Groups based on the existing computers/users already existing in the EPP Server's DB. When a new computer is added, it is not allocated to a group by default because the group in which the computer will be placed might not be the one that the Administrator intended for it to be in and it needs to be added manually. +::: + ![New File Location Allowlists ](filelocationnewdenylists.webp) ## Network Share diff --git a/docs/kb/1secure/configure_proxy_for_rdp_connections_(installupdate_certificate_to_prevent_rdp_certificate_warnings).md b/docs/kb/1secure/configure_proxy_for_rdp_connections_(installupdate_certificate_to_prevent_rdp_certificate_warnings).md index 13c3e97e1f..d3ab4953e0 100644 --- a/docs/kb/1secure/configure_proxy_for_rdp_connections_(installupdate_certificate_to_prevent_rdp_certificate_warnings).md +++ b/docs/kb/1secure/configure_proxy_for_rdp_connections_(installupdate_certificate_to_prevent_rdp_certificate_warnings).md @@ -150,4 +150,5 @@ This article outlines the process for installing or updating a certificate to pr ![Command Prompt showing sbpam-proxy.exe ca import command](./images/servlet_image_07c7409683d2.png) -3. The new certificate has now been imported to an SbPAM Proxy Server. Repeat this process for all SbPAM Proxy Servers if using more than one. (The default installation of SbPAM uses one proxy service on the SbPAM server itself; however, additional proxy services can be distributed.) \ No newline at end of file +3. The new certificate has now been imported to an SbPAM Proxy Server. Repeat this process for all SbPAM Proxy Servers if using more than one. (The default installation of SbPAM uses one proxy service on the SbPAM server itself; however, additional proxy services can be distributed.) + diff --git a/docs/kb/1secure/troubleshoot_failed_action_service_connections_to_windows_resources_(psremotingwinrm).md b/docs/kb/1secure/troubleshoot_failed_action_service_connections_to_windows_resources_(psremotingwinrm).md index 37ff85939a..829792ed3b 100644 --- a/docs/kb/1secure/troubleshoot_failed_action_service_connections_to_windows_resources_(psremotingwinrm).md +++ b/docs/kb/1secure/troubleshoot_failed_action_service_connections_to_windows_resources_(psremotingwinrm).md @@ -131,4 +131,5 @@ The output indicates that the credentials used can run remote PowerShell command ## Related articles -[Configure Remote Management in Server Manager − Enabling or Disabling Remote Management ⸱ Microsoft 🡥](https://learn.microsoft.com/en-us/windows-server/administration/server-manager/configure-remote-management-in-server-manager#enabling-or-disabling-remote-management) \ No newline at end of file +[Configure Remote Management in Server Manager − Enabling or Disabling Remote Management ⸱ Microsoft 🡥](https://learn.microsoft.com/en-us/windows-server/administration/server-manager/configure-remote-management-in-server-manager#enabling-or-disabling-remote-management) + diff --git a/docs/kb/accessanalyzer/500-Internal-Server-Error-Using-Okta-SSO-Published-Reports.md b/docs/kb/accessanalyzer/500-Internal-Server-Error-Using-Okta-SSO-Published-Reports.md new file mode 100644 index 0000000000..7a03d3e516 --- /dev/null +++ b/docs/kb/accessanalyzer/500-Internal-Server-Error-Using-Okta-SSO-Published-Reports.md @@ -0,0 +1,57 @@ +--- +description: > + Users encounter a 500 Internal Server Error when accessing the Netwrix Access Analyzer Published Reports site using Okta Single Sign-On (SSO). The issue occurs because the Okta application uses the SHA1 algorithm, which is not supported by modern .NET Framework and OWIN security libraries. +keywords: + - 500 error + - Okta SSO + - SHA1 + - SHA256 + - RSA_SHA256 + - internal server error + - published reports + - Netwrix Access Analyzer + - OWIN + - SAML +products: + - access-analyzer +sidebar_label: '500 Internal Server Error When Using Okta SSO for Published Reports' +title: '500 Internal Server Error When Using Okta SSO for Published Reports' +knowledge_article_id: ka0Qk000000G55NIAS +--- + +# 500 Internal Server Error When Using Okta SSO for Published Reports + +## Related Queries + +- "Receiving 500 error after login using Okta." +- "Published Reports site fails with Okta." +- "NAA SAML SSO broken." + +## Symptom + +When attempting to connect to the Netwrix Access Analyzer (formerly Enterprise Auditor) Published Reports site using Okta Single Sign-On (SSO), users encounter the following error message: + +```text +500 Internal Server Error +``` + +## Cause + +The Okta application is configured to use the **SHA1** algorithm for signing SAML assertions. + +The modern .NET Framework (4.6.2 and later) and OWIN-based security libraries reject SHA1, as it is deprecated. These platforms require a more secure algorithm, such as **SHA256**, for WS-Federation and SAML tokens. + +## Resolution + +To resolve this issue, update the signature and digest algorithms in the Okta application settings. These changes ensure compatibility with the security expectations of modern .NET/OWIN libraries used by the Published Reports site. + +1. In Okta, navigate to the **Application** used for Published Reports. +2. Open the **General Settings** tab. +3. Scroll to the **Signature Algorithm** section. + ![Okta Application Settings page showing the Signature Algorithm section with SHA1 selected](./images/kA0Qk00000036C9KAI-Okta-settings.png) +4. Set the following: + - **Signature Algorithm**: `RSA_SHA256` + - **Digest Algorithm**: `SHA256` +5. Save the changes. + +> **NOTE:** After saving, users may need to sign out and back in for the new settings to take effect. diff --git a/docs/kb/accessanalyzer/Exchange-Online-Certificate-Warning-Private-Key-CertificateAuthority-Store.md b/docs/kb/accessanalyzer/Exchange-Online-Certificate-Warning-Private-Key-CertificateAuthority-Store.md new file mode 100644 index 0000000000..ef6c23dbb9 --- /dev/null +++ b/docs/kb/accessanalyzer/Exchange-Online-Certificate-Warning-Private-Key-CertificateAuthority-Store.md @@ -0,0 +1,55 @@ +--- +description: > + Explains the cause and resolution for the "Matching cert does not have private key" warning that appears when running the EWSMAILBOX data collector in Netwrix Access Analyzer for Exchange Online. Includes steps to locate and remove duplicate certificates. +keywords: + - Exchange Online + - EWSMAILBOX + - certificate warning + - private key + - CertificateAuthority + - certmgr.msc + - Intermediate Certification Authorities + - Personal store + - thumbprint + - Netwrix Access Analyzer +products: + - access-analyzer +sidebar_label: 'Exchange Online Certificate Warning for Private Key in CertificateAuthority Store' +title: 'Exchange Online Certificate Warning for Private Key in CertificateAuthority Store' +knowledge_article_id: ka0Qk000000G8WHIA0 +--- + +# Exchange Online Certificate Warning for Private Key in CertificateAuthority Store + +## Symptom + +You see the following warning after running any jobs using the `EWSMAILBOX` data collector to collect data from Exchange Online: + +```text +WARNING | Matching cert: '{Certificate Thumbprint}' in location: CurrentUser store: CertificateAuthority does not have private key. +``` + +## Cause + +This warning typically occurs because certificates are stored in different locations on the system. Below is an example of why this warning may appear, depending on the certificate configuration. + +1. The certificate (including the private key) is correctly installed in the **Personal** (My) store. +2. A *duplicate* public key-only version of the same certificate is also present in the **Intermediate Certification Authorities** (`CertificateAuthority`) store. +3. When code searches certificate stores, it encounters the `CertificateAuthority` version first—but it lacks the private key. +4. A warning is logged before continuing to the correct version in the **Personal** store, which contains the private key. + +## Resolution + +To resolve the warning, follow these steps: + +1. Open **`certmgr.msc`**. +2. In the **Personal > Certificates** store, verify that the certificate with the specified thumbprint exists *and includes a private key*. + + > **NOTE:** You can confirm this by opening the certificate and checking for the message: + > `You have a private key that corresponds to this certificate.` +3. Once confirmed, navigate to the **Intermediate Certification Authorities > Certificates** store. +4. Locate the *duplicate* certificate with the same thumbprint. +5. Confirm that this version *does not* contain a private key. +6. Delete the duplicate certificate from the Intermediate Certification Authorities store. + + > **IMPORTANT:** Always confirm that the valid certificate with the private key exists in the **Personal** store *before* removing the duplicate from the `CertificateAuthority`. diff --git a/docs/kb/accessanalyzer/ExchangePS-Error-WinRM-Shell-Client-Cannot-Process-Request.md b/docs/kb/accessanalyzer/ExchangePS-Error-WinRM-Shell-Client-Cannot-Process-Request.md new file mode 100644 index 0000000000..5a5f8238ab --- /dev/null +++ b/docs/kb/accessanalyzer/ExchangePS-Error-WinRM-Shell-Client-Cannot-Process-Request.md @@ -0,0 +1,127 @@ +--- +title: "ExchangePS Error: The WinRM Shell Client Cannot Process the Request" +sidebar_label: "ExchangePS Error: The WinRM Shell Client Cannot Process the Request" +description: "Resolves the 'WinRM Shell client cannot process the request' error in ExchangePS data collector jobs by updating the PackageManagement and ExchangeOnlineManagement PowerShell modules to supported versions." +keywords: + - WinRM + - ExchangePS + - PowerShell + - New-ExoPSSession + - ExchangeOnlineManagement + - PackageManagement + - Office 365 + - remote session + - module update + - data collector + - Netwrix Access Analyzer + - Netwrix Enterprise Auditor +products: [enterprise_auditor, access_analyzer] +knowledge_article_id: kA0Qk0000003Fc1KAE +--- + +## Related Queries + +- "ExchangePS shell handle is not valid." +- "New-ExoPSSession fails with WinRM Shell client error." +- "ExchangeOnlineManagement 2.0.5 error with StealthAUDIT job." +- "Stealthbits Exchange data collector fails to connect." + +## Symptom + +Jobs that use the ExchangePS data collector fail with the following error: + +```text +PowerShell error: System.Exception: New-ExoPSSession : Processing data from remote server outlook.office365.com failed with the following error message: The WinRM Shell client cannot process the request. The shell handle passed to the WSMan Shell function is not valid. The shell handle is valid only when WSManCreateShell function completes successfully. +``` + +## Cause + +This issue occurs when one or both of the following PowerShell modules are outdated or incompatible: + +- `PackageManagement` module version is earlier than `1.0.0.1` +- `ExchangeOnlineManagement` module version is `2.0.5` or earlier + +These versions are known to cause instability with remote sessions using `New-ExoPSSession`. + +## Resolution + +### Step 1: Verify Installed Module Versions + +Open a PowerShell session and run: + +```powershell +Get-Module -ListAvailable PackageManagement +Get-Module -ListAvailable ExchangeOnlineManagement +``` + +### Step 2: Update Modules Using PowerShell (Preferred Method) + +- Update `PackageManagement` module: + ```powershell + Install-Module PackageManagement -Force -Scope AllUsers + ``` + +- Update `ExchangeOnlineManagement` module: + ```powershell + Install-Module ExchangeOnlineManagement -Force -Scope AllUsers + ``` + +> **IMPORTANT:** +> Close and reopen all PowerShell sessions after updating modules. + +### Step 3: Manual Update (If Unable to Install via PowerShell) + +If the environment prevents direct downloads from PowerShell, update the modules manually. + +#### Download the `.nupkg` Files + +1. Visit the following URLs: + - [PackageManagement 1.4.8.1](https://www.powershellgallery.com/packages/PackageManagement/1.4.8.1) + - [ExchangeOnlineManagement 3.9.1-Preview1](https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.9.1-Preview1) + +2. Download the `.nupkg` file for each required version. + +#### Convert `.nupkg` to ZIP and Extract + +1. Rename the downloaded `.nupkg` file to `.zip` + Example: `PackageManagement.1.4.8.1.zip` +2. Unblock the ZIP file using one of the following methods: + - In File Explorer, right-click **Properties** > **Unblock**. + - Or run: + ```powershell + Unblock-File .\PackageManagement.1.4.8.1.zip + ``` +3. Extract the contents of each ZIP file. + +#### Rename the Extracted Folder + +- Rename `PackageManagement.1.4.8.1` to `1.4.8.1` +- Rename `ExchangeOnlineManagement.3.4.0` to `3.4.0` (or the version you downloaded) + +#### Move to PowerShell Modules Directory + +Place the renamed folders in the correct directories: + +- For PackageManagement: + `C:\Program Files\WindowsPowerShell\Modules\PackageManagement\1.4.8.1` +- For ExchangeOnlineManagement: + `C:\Program Files\WindowsPowerShell\Modules\ExchangeOnlineManagement\3.4.0` + +### Step 4: Confirm Module Versions + +Re-run the version checks: + +```powershell +Get-Module -ListAvailable PackageManagement +Get-Module -ListAvailable ExchangeOnlineManagement +``` + +Ensure that: + +- `PackageManagement` is version **1.4.8.1** or newer +- `ExchangeOnlineManagement` is version **2.0.6** or newer + +> **IMPORTANT:** +> Rerun jobs that use the ExchangePS data collector to confirm that the error message no longer appears. + +--- diff --git a/docs/kb/accessanalyzer/ExchangePS-error-cannot-find-variable-with-name-enablesearchonlysession.md b/docs/kb/accessanalyzer/ExchangePS-error-cannot-find-variable-with-name-enablesearchonlysession.md new file mode 100644 index 0000000000..3cb3d2b3fd --- /dev/null +++ b/docs/kb/accessanalyzer/ExchangePS-error-cannot-find-variable-with-name-enablesearchonlysession.md @@ -0,0 +1,57 @@ +--- +title: "ExchangePS Error: Cannot Find a Variable With the Name 'EnableSearchOnlySession'" +sidebar_label: "ExchangePS Error: Cannot Find a Variable With the Name 'EnableSearchOnlySession'" +description: "Resolves the 'Cannot find a variable with the name EnableSearchOnlySession' error in ExchangePS data collector jobs by configuring an explicit connection profile with valid Exchange credentials." +keywords: + - WinRM + - ExchangePS + - EnableSearchOnlySession + - PowerShell + - Exchange + - connection profile + - EX_MBRights + - EX_SendAs + - data collector + - Netwrix Access Analyzer + - Netwrix Enterprise Auditor + - Exchange credentials +products: [enterprise_auditor, access_analyzer] +knowledge_article_id: kA0Qk00000039TNKAY +--- + +## Related Queries + +- "Receiving Get-Variable 'EnableSearchOnlySession' error on EX_MBRights job." +- "EX_SendAs job failed to inherit credentials." +- "Cannot find a variable with the name 'EnableSearchOnlySession'." + +## Symptom + +When running Exchange jobs using the ExchangePS data collector, the following error appears: + +```text +Get-Variable 'EnableSearchOnlySession' error: Cannot find a variable with the name 'EnableSearchOnlySession'. +``` + +## Cause + +This issue occurs when the ExchangePS data collector fails to inherit the correct session credentials. +Without proper credentials, the session does not initialize the expected variables, including `EnableSearchOnlySession`. + +## Resolution + +To resolve the issue, configure the job to use an explicit connection profile. +This ensures the session uses the appropriate credentials, allowing the necessary variables to load correctly. + +1. Right-click the affected job. +2. Select **Properties**. +3. Go to the **Connection** tab. +4. Choose the bottom radio button to specify a custom connection profile. +5. Select the connection profile that contains valid Exchange credentials. + +> **NOTE:** +> Navigate to **Settings > Connection** to verify which credentials are valid for Exchange. + +6. Click **OK** to save the changes. + +--- diff --git a/docs/kb/accessanalyzer/FileSystem-Permissions-Format-Reference.md b/docs/kb/accessanalyzer/FileSystem-Permissions-Format-Reference.md new file mode 100644 index 0000000000..88b1ba6522 --- /dev/null +++ b/docs/kb/accessanalyzer/FileSystem-Permissions-Format-Reference.md @@ -0,0 +1,100 @@ +--- +description: > + Reference guide for interpreting the compact letter-based permission format used in Netwrix Access Analyzer FileSystem Access Auditing (FSAA). Includes definitions for each permission letter, example strings, related database views, and SQL logic details. +keywords: + - filesystem permissions + - FSAA + - Netwrix Access Analyzer + - allowrightsdescription + - denyrightsdescription + - L R W D M A + - permission strings + - SQL bitwise + - effective permissions + - access control +products: + - access-analyzer +sidebar_label: 'FileSystem Permissions Format Reference' +title: 'FileSystem Permissions Format Reference' +knowledge_article_id: ka0Qk000000G6ZJIA0 +--- + +# FileSystem Permissions Format Reference + +## Related Queries + +- "What does LRWDMA mean in FSAA?" +- "What does the 'A' permission stand for in Netwrix Access Analyzer?" +- "Why are there letters like L, R, W in permission strings?" + +## Overview + +The Netwrix Access Analyzer (formerly Enterprise Auditor) for FSAA (FileSystem Access Auditing) permission views include columns called `AllowRightsDescription` and `DenyRightsDescription`, which use a **compact letter-based format** to represent access rights to files and folders. This article explains what each letter means, how to read the permission strings, and where these codes are used. + +## Instructions + +### Permission Letter Definitions + +Each letter in the permission string corresponds to a specific type of access: + +| Letter | Name | Bit Value | Description | +|--------|------|------------|-------------| +| L | List | 32 (0x20) | List folder contents or traverse folder paths | +| R | Read | 1 (0x01) | Read data from files or list contents of a folder | +| W | Write | 2 (0x02) | Write data to files or create files and folders | +| D | Delete | 4 (0x04) | Delete files and folders | +| M | Manage | 8 (0x08) | Modify permissions or change ownership | +| A | Admin | 16 (0x10) | Full administrative control, including ownership rights | + +> **NOTE:** Permission strings are formed by combining the letters in the order `L-R-W-D-M-A`. An empty string means no permissions are granted. + +### Example Permission Strings + +| String | Meaning | +|---------|----------| +| `LRWDMA` | Full Control | +| `LRWD` | Modify (no admin rights) | +| `LRW` | Standard user access | +| `LR` | Read-only access | +| `L` | Traverse only | +| `RW` | Read and write without list | +| `A` | Admin-only | +| `(empty)` | No permissions | + +### Views That Use This Format + +The letter-based permission format is used in the following database views: + +- `SA_FSAA_ExpandedPermissionsView` — Includes both direct and inherited effective permissions. +- `SA_FSAA_DirectPermissionsView` — Directly assigned permissions only. +- `SA_FSAA_InheritedPermissionsView` — Permissions inherited from parent folders. +- `SA_FSAA_PermissionsView` — Combined view of direct and inherited permissions. +- `SA_FSAA_EffectiveAccessView` — Effective permissions on shared resources. + +### Related Columns in Views + +In addition to `AllowRightsDescription` and `DenyRightsDescription`, the permission views also include: + +- Boolean columns: `AllowList`, `AllowRead`, `AllowWrite`, etc. +- Raw bitmask columns: `AllowRights`, `DenyRights` +- Windows-style descriptions: `AllowMaskDescription`, `DenyMaskDescription` + +### Technical Details + +The permission strings are generated using SQL bitwise logic. For example: + +```sql +(CASE WHEN (p.AllowRights & 32) <> 0 THEN 'L' ELSE '' END) + +(CASE WHEN (p.AllowRights & 1) <> 0 THEN 'R' ELSE '' END) + +(CASE WHEN (p.AllowRights & 2) <> 0 THEN 'W' ELSE '' END) + +(CASE WHEN (p.AllowRights & 4) <> 0 THEN 'D' ELSE '' END) + +(CASE WHEN (p.AllowRights & 8) <> 0 THEN 'M' ELSE '' END) + +(CASE WHEN (p.AllowRights & 16) <> 0 THEN 'A' ELSE '' END) AS AllowRightsDescription +``` + +### Important Usage Notes + +- **Deny overrides allow**: If both Allow and Deny include the same letter, the permission is denied. +- **Empty string means no rights**: No access is granted if the string is blank. +- **Always in order**: Letters appear in the standard order (`L-R-W-D-M-A`) when present. +- **Effective access**: Use the expanded view to see the final calculated result after inheritance is resolved. diff --git a/docs/kb/accessanalyzer/SEEK-warning-DLPEX-Database-Not-Exist.md b/docs/kb/accessanalyzer/SEEK-warning-DLPEX-Database-Not-Exist.md new file mode 100644 index 0000000000..0a31a3d967 --- /dev/null +++ b/docs/kb/accessanalyzer/SEEK-warning-DLPEX-Database-Not-Exist.md @@ -0,0 +1,69 @@ +--- +title: "SEEK Bulk Import Warning: DLPEX Database Does Not Exist" +sidebar_label: "SEEK Bulk Import Warning: DLPEX Database Does Not Exist" +description: "Explains why the warning 'DLPEX database does not exist' appears during SEEK Bulk Import and how to resolve it by verifying SEEK Scan completion and DLPEX database availability." +keywords: + - SEEK + - DLPEX + - bulk import + - T2 database + - data classification + - sensitive data + - SEEK Scan + - import warning + - Netwrix Access Analyzer + - Netwrix Enterprise Auditor + - scan failure + - missing database +products: [enterprise_auditor, access_analyzer] +knowledge_article_id: kA0Qk0000003BdFKAU +--- + +## Related Queries + +- "SEEK Bulk Import error DLPEX database does not exist." +- "No sensitive data to import SEEK." +- "SEEK import warning T2 not found." +- "SEEK or SDD scan ran, but import fails." + +## Symptom + +When running a SEEK Bulk Import, the following warning is displayed: + +```text +WARNING | DLPEX database does not exist, there is no data to import. +``` + +Despite the warning, the import process completes without any imported data. + +## Cause + +This warning indicates that the system attempted to import sensitive data (T2) from a host that does not have the required DLPEX database. +This can occur due to one of the following reasons: + +- **Unscanned hosts in the import list:** One or more hosts included in the bulk import were not scanned using SEEK Scan, and therefore, no DLPEX (T2) database was created. +- **Scan failures:** The host experienced a catastrophic error during the SEEK Scan, which prevented the creation of the sensitive data (T2) database. + +> **NOTE:** +> If the import runs and simply finds no new data (but the database exists), no warning is shown and the import completes successfully. +> The warning only appears if the expected DLPEX database is missing entirely. + +## Resolution + +To resolve this warning, follow these steps: + +1. **Review the host list** + - Confirm that all hosts listed in the SEEK Bulk Import are being scanned via SEEK Scan. + - Remove any hosts from the list that are not currently scanned. + +2. **Check scan results** + - Investigate SEEK Scan logs for any failed scans. + - Look for errors indicating that the DLPEX or T2 database could not be created. + +3. **Rerun the scan** + - Rerun the SEEK Scan on the affected hosts to generate the T2 database. + +4. **Retry the bulk import** + - Once scans have completed successfully and the DLPEX databases exist, rerun the SEEK Bulk Import. + +--- diff --git a/docs/kb/accessanalyzer/SharePoint-Permissions-Format-Reference.md b/docs/kb/accessanalyzer/SharePoint-Permissions-Format-Reference.md new file mode 100644 index 0000000000..eb8a4f9ce6 --- /dev/null +++ b/docs/kb/accessanalyzer/SharePoint-Permissions-Format-Reference.md @@ -0,0 +1,92 @@ +--- +description: > + Explains how Netwrix Access Analyzer represents SharePoint permissions using the simplified 4-bit model (R, W, D, M). Includes definitions, value mapping, and examples of where the format appears in SPAA database views. +keywords: + - SharePoint permissions + - SPAA + - Netwrix Access Analyzer + - AllowRights + - DenyRights + - RWDM + - SPBasePermissions + - GenericRights + - 4-bit model + - effective permissions +products: + - access-analyzer +sidebar_label: 'SharePoint Permissions Format Reference' +title: 'SharePoint Permissions Format Reference' +knowledge_article_id: ka0Qk000000G6cXIAS +--- + +# SharePoint Permissions Format Reference + +## Related Queries + +- "What does `AllowRights = 15` mean in SharePoint permissions?" +- "What does RWDM represent in SPAA?" +- "How are SharePoint permissions simplified in Netwrix Access Analyzer?" + +## Overview + +In Netwrix Access Analyzer (formerly Enterprise Auditor) for SharePoint Access Auditing (SPAA), the `AllowRights` and `DenyRights` columns use numeric values to represent simplified access rights. These values are based on SharePoint’s `SPBasePermissions` enumeration and mapped to a 4-bit model that includes **Read (R), Write (W), Delete (D), and Manage (M)**. + +This article explains what those letters mean, how the bitmask values are calculated, and where they appear in the SPAA interface. + +## Instructions + +### Permission Letter Definitions + +Each right corresponds to a specific bit value and represents a simplified category of SharePoint permissions: + +| Letter | Name | Decimal Value | Description | +|--------|------|----------------|--------------| +| R | Read | 1 | View items, pages, versions, and user profile info | +| W | Write | 2 | Add or edit list items, documents, and web content | +| D | Delete | 4 | Delete items, past versions, or cancel checkouts | +| M | Manage | 8 | Approve items, manage lists, permissions, or alerts | + +> **NOTE:** These letters are always ordered as **R-W-D-M**, and combined additively. A value of `0` (or empty string) means no permissions. + +### Common Permission Values + +| Decimal | String | Meaning | +|----------|---------|----------| +| 0 | (empty) | No rights granted | +| 1 | R | Read only | +| 3 | RW | Read + Write | +| 7 | RWD | Read + Write + Delete | +| 8 | M | Manage only | +| 9 | RM | Read + Manage | +| 15 | RWDM | Full rights (all four permissions) | + +### How Rights Are Calculated + +SPAA evaluates SharePoint’s full `SPBasePermissions` bitmask (a 64-bit `ulong` value) and translates it into the simplified 4-bit `GenericRights` model using internal logic like the following: + +- If the base permissions include *any* rights associated with reading (e.g., `ViewListItems`, `Open`, `ViewVersions`), the **Read** bit is set. +- If write-related permissions are present (e.g., `AddListItems`, `EditListItems`, `ManageLists`), the **Write** bit is set. +- If deletion capabilities are found (e.g., `DeleteListItems`, `DeleteVersions`), the **Delete** bit is set. +- If *any* administration permissions are found (e.g., `ManagePermissions`, `ManageWeb`, `ApproveItems`), the **Manage** bit is set. + +Each enabled bit is summed to produce a decimal value between 0 and 15. + +### Where This Format Appears + +The SPAA `RWDM` format is used in the following database views: + +- `SA_SPAA_EffectiveAccessView` +- `SA_SPAA_PermissionsView` +- `SA_SPAA_DirectPermissionsView` +- `SA_SPAA_InheritedPermissionsView` + +You may also see these supporting columns: + +- `AllowRightsDescription`, `DenyRightsDescription` — Human-readable letter strings +- `AllowRead`, `AllowWrite`, `AllowDelete`, `AllowManage` — Boolean flags +- `AllowRights`, `DenyRights` — Raw numeric rights (0–15) + +### Key Considerations + +- **Deny takes precedence**: If a right exists in both Allow and Deny, access is denied. +- **Order is consistent**: Always shown as R-W-D-M. diff --git a/docs/kb/accessanalyzer/access-information-center-not-reporting-attribute-changes.md b/docs/kb/accessanalyzer/access-information-center-not-reporting-attribute-changes.md index 691e363aa6..00541902bc 100644 --- a/docs/kb/accessanalyzer/access-information-center-not-reporting-attribute-changes.md +++ b/docs/kb/accessanalyzer/access-information-center-not-reporting-attribute-changes.md @@ -37,7 +37,7 @@ Ensure that differential scans for AD Inventory are enabled and running. This wi - To enable differential scanning of AD Inventory, enable the **Collect only updates since the last scan** option in the query configuration as shown below: - ![Collect only updates since the last scan](images/servlet_image_bd5be116677a.png) + ![Collect only updates since the last scan](./images/servlet_image_bd5be116677a.png) - For further information on customizing the `AD > 1-AD_Scan` job, please visit: https://docs.netwrix.com/docs/auditor/10_8 diff --git a/docs/kb/accessanalyzer/access-information-center-requiring-domain-prefix-to-log-in-to-web-page.md b/docs/kb/accessanalyzer/access-information-center-requiring-domain-prefix-to-log-in-to-web-page.md index e0adb904bb..1c31d4799e 100644 --- a/docs/kb/accessanalyzer/access-information-center-requiring-domain-prefix-to-log-in-to-web-page.md +++ b/docs/kb/accessanalyzer/access-information-center-requiring-domain-prefix-to-log-in-to-web-page.md @@ -26,12 +26,12 @@ knowledge_article_id: kA0Qk0000001jO5KAI ## Symptom You receive the following error when Domain Prefix is required for log-in: -![image (14).png](images/ka0Qk000000DXNx_00N0g000004CA0p_0EMQk00000AGwf1.png) +![image (14).png](./images/ka0Qk000000DXNx_00N0g000004CA0p_0EMQk00000AGwf1.png) ## Cause Due to the change from IIS to a new web server, subdomain users will now need to include their domain prefix before their username when logging in. -![Login prompt showing username field with domain prefix required.](images/ka0Qk000000DXNx_00N0g000004CA0p_0EMQk000009d2RO.png) +![Login prompt showing username field with domain prefix required.](./images/ka0Qk000000DXNx_00N0g000004CA0p_0EMQk000009d2RO.png) > **NOTE:** You can create a more uniform and consistent log-in experience across all domains connected to the AIC by leaving it as is and requiring the domain prefix. diff --git a/docs/kb/accessanalyzer/access-violations.md b/docs/kb/accessanalyzer/access-violations.md index 23e913e1ff..371e6c5a21 100644 --- a/docs/kb/accessanalyzer/access-violations.md +++ b/docs/kb/accessanalyzer/access-violations.md @@ -38,7 +38,7 @@ knowledge_article_id: kA04u0000000II7CAM - Exchange2k DC - Smartlog DC -This issue can be caused by having UAC turned on, or the account running Netwrix Access Analyzer not having sufficient local administrator privileges. +This issue can be caused by having UAC turned on, or the account running Netwrix Access Analyzer (formerly Enterprise Auditor) not having sufficient local administrator privileges. A workaround for this is to set all `.exe` files in the Private Assemblies folder to always Run as Administrator. diff --git a/docs/kb/accessanalyzer/active-directory-permissions-analyzer-reports-are-outdated.md b/docs/kb/accessanalyzer/active-directory-permissions-analyzer-reports-are-outdated.md index b0a442f560..17c3073870 100644 --- a/docs/kb/accessanalyzer/active-directory-permissions-analyzer-reports-are-outdated.md +++ b/docs/kb/accessanalyzer/active-directory-permissions-analyzer-reports-are-outdated.md @@ -27,7 +27,7 @@ knowledge_article_id: kA04u000000HDhRCAW Old data in the Active Directory Permissions Analyzer **(ADPA)** reports from deprecated Domains. Example of the incorrect data: -![Chart Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aiy.png) +![Chart Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aiy.png) ## Cause @@ -41,28 +41,28 @@ To do so you can follow the steps below. 1. Create a new Job in the Netwrix Auditor console: right click the **Jobs Node** in the left-hand window and select **Create Job**: - ![Graphical user interface, application Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aiz.png) + ![Graphical user interface, application Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aiz.png) Select the **Local host** in the jobs host list: - ![Graphical user interface, application Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aj0.png) + ![Graphical user interface, application Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aj0.png) 2. Click on the **Create Query**: - ![Graphical user interface, application, Word Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aj1.png) + ![Graphical user interface, application, Word Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aj1.png) 3. Configure the jobs query Properties. Under the **Data Sources** tab, select the **ADPERMISSIONS** option from the dropdown menu then click on **Configure**. - ![Graphical user interface, application, Word Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aj2.png) + ![Graphical user interface, application, Word Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aj2.png) Select **Remove Tables** and click **Next**: - ![Graphical user interface, text, application, email Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aj3.png) + ![Graphical user interface, text, application, email Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aj3.png) Check the Results option: Click **Next** → **Finish** → **Ok**. - ![Graphical user interface, text, application Description automatically generated](images/ka04u000000HdDV_0EM4u0000084aj4.png) + ![Graphical user interface, text, application Description automatically generated](./images/ka04u000000HdDV_0EM4u0000084aj4.png) 4. Now run the new Job. diff --git a/docs/kb/accessanalyzer/collecting-ad-summary.md b/docs/kb/accessanalyzer/collecting-ad-summary.md index bf924c7e07..d113950c94 100644 --- a/docs/kb/accessanalyzer/collecting-ad-summary.md +++ b/docs/kb/accessanalyzer/collecting-ad-summary.md @@ -31,9 +31,9 @@ Licensing of Netwrix Access Analyzer is based on the quantity of enabled AD user To find this data: 1. Ensure **.Active Directory Inventory** has recently run or run now. Navigate to **Jobs** > **.Active Directory Inventory** > **1-AD_Scan** and click **Run Now** - ![Group_001.png](images/ka0Qk000000Dl4L_0EM4u000008M8wx.png) + ![Group_001.png](./images/ka0Qk000000Dl4L_0EM4u000008M8wx.png) 2. Navigate to **Jobs** > **.Active Directory Inventory** > **1-AD_Scan** > **Results** > **Active Directory Summary** 3. Take a screenshot or otherwise capture the values displayed in **Total Users** and **Disabled Users** - ![Group_002.png](images/ka0Qk000000Dl4L_0EM4u000008M8x2.png) + ![Group_002.png](./images/ka0Qk000000Dl4L_0EM4u000008M8x2.png) diff --git a/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md b/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md index d5e5346308..031b9795bd 100644 --- a/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md +++ b/docs/kb/accessanalyzer/console-migration-workflow-step-3-rebuild-the-console.md @@ -97,7 +97,7 @@ Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $ta 4. Open `\NAA_Migration\NAA\Web\webserver.exe.config` and copy the content between `` and paste it in place of the `` block in `%SAInstallDir%Web\webserver.exe.config`. - ![webserver config image](images/ka0Qk000000FDY1_0EMQk00000CFkgO.png) + ![webserver config image](./images/ka0Qk000000FDY1_0EMQk00000CFkgO.png) NOTE: Open the destination `webserver.exe.config` as an administrator by following these steps: @@ -115,7 +115,7 @@ Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $ta 6. Open the Netwrix Access Analyzer application and follow through the Access Analyzer Configuration Wizard, selecting **Choose a StealthAUDIT root folder path to copy from** if prompted. - ![Configuration Wizard image](images/ka0Qk000000FDY1_0EMQk00000CFxaL.png) + ![Configuration Wizard image](./images/ka0Qk000000FDY1_0EMQk00000CFxaL.png) 1. See the following for more information on the Netwrix Access Analyzer Configuration Wizard: [Access Analyzer Initial Configuration](https://docs.netwrix.com/docs/accessanalyzer/12_0) @@ -123,7 +123,7 @@ Register-ScheduledTask -Xml (get-content $_.FullName | out-string) -TaskName $ta 8. In the Access Analyzer Console, navigate to **Settings** > **Reporting**, and set the **Website URL** to contain the new console server's name. - ![Reporting settings image](images/ka0Qk000000FDY1_0EMQk00000CFqfK.png) + ![Reporting settings image](./images/ka0Qk000000FDY1_0EMQk00000CFqfK.png) 9. If using Windows Authentication to connect Access Analyzer to its database (click **Settings** > **Storage**), open `services.msc` and set the **Netwrix Access Analyzer Web Server** service to log on as a **Windows** service account with appropriate permissions on the Access Analyzer database. diff --git a/docs/kb/accessanalyzer/deleted-ad-user-s-still-show-in-netwrix-access-analyzer-reports.md b/docs/kb/accessanalyzer/deleted-ad-user-s-still-show-in-netwrix-access-analyzer-reports.md index e4f98234f7..d4d78ac360 100644 --- a/docs/kb/accessanalyzer/deleted-ad-user-s-still-show-in-netwrix-access-analyzer-reports.md +++ b/docs/kb/accessanalyzer/deleted-ad-user-s-still-show-in-netwrix-access-analyzer-reports.md @@ -35,9 +35,9 @@ A failure on the ADI scan that could be caused by a myriad of reasons. Run a full **AD Inventory Scan** by disabling differential scanning for the **1-AD_Scan** job using the steps below: 1. Navigate to **Access Analyzer > Jobs > .Active Directory Inventory > 1-AD_Scan > Configure > Queries > Query Properties > Configure > Options**. - ![Image_2024-11-19_15-36-30.png](images/ka0Qk000000DYa9_0EMQk00000AdoIX.png) + ![Image_2024-11-19_15-36-30.png](./images/ka0Qk000000DYa9_0EMQk00000AdoIX.png) 2. Uncheck the box for **Collect only updates since the last scan**. - ![Image_2024-11-19_15-37-33.png](images/ka0Qk000000DYa9_0EMQk00000AdoSD.png) + ![Image_2024-11-19_15-37-33.png](./images/ka0Qk000000DYa9_0EMQk00000AdoSD.png) 3. Click **Next** through the end of the Active Directory Inventory DC Wizard. 4. Re-run the **1-AD_Scan** job. 5. Select the previously-unchecked box for **Collect only updates since the last scan**. diff --git a/docs/kb/accessanalyzer/disabling-the-server-header.md b/docs/kb/accessanalyzer/disabling-the-server-header.md index 4ed9c5f754..bb5a19c2b8 100644 --- a/docs/kb/accessanalyzer/disabling-the-server-header.md +++ b/docs/kb/accessanalyzer/disabling-the-server-header.md @@ -30,7 +30,7 @@ This article explains how to disable the server header in Netwrix Access Analyze > **NOTE:** Banner grabbing is the process of capturing banner information, such as application type and version, that is transmitted by a remote port when a connection is initiated. For more information, see Banner Grabbing ⸱ NIST 🔗 > https://csrc.nist.gov/glossary/term/banner_grabbing > -> ![Screenshot showing server information revealed through banner grabbing](images/ka0Qk000000E74r_0EMQk00000Brg4P.png) +> ![Screenshot showing server information revealed through banner grabbing](./images/ka0Qk000000E74r_0EMQk00000Brg4P.png) ## Instructions @@ -42,11 +42,11 @@ Follow these steps to disable the server header in Netwrix Access Analyzer: 3. Set the value to: `DWORD: 000002` - ![Registry editor showing disabled server header](images/ka0Qk000000E74r_0EMQk00000CHuq5.png) + ![Registry editor showing disabled server header](./images/ka0Qk000000E74r_0EMQk00000CHuq5.png) 4. Reboot the server to apply the changes. 5. After the reboot, the result should resemble the Edge example below, in which the Server node is no longer listed. -![Screenshot showing browser developer tools with no server header information displayed](images/ka0Qk000000E74r_0EMQk00000BrSj0.png) +![Screenshot showing browser developer tools with no server header information displayed](./images/ka0Qk000000E74r_0EMQk00000BrSj0.png) > **IMPORTANT:** Modifications to this registry setting may occur due to the following reasons: > - Netwrix Access Analyzer and Netwrix Access Information Center do not modify this setting during patching. diff --git a/docs/kb/accessanalyzer/display-new-names-of-renamed-files-in-access-information-center.md b/docs/kb/accessanalyzer/display-new-names-of-renamed-files-in-access-information-center.md index 7c56853f28..56bc89449d 100644 --- a/docs/kb/accessanalyzer/display-new-names-of-renamed-files-in-access-information-center.md +++ b/docs/kb/accessanalyzer/display-new-names-of-renamed-files-in-access-information-center.md @@ -31,4 +31,4 @@ How to establish the new name a file was renamed to in Netwrix Access Analyzer? 2. Right-click the header bar and select **Target Path**. 3. The **Target Path** will show the new name of the renamed file. -![Activity Details showing Target Path](images/ka04u000000wwHf_0EM4u000008pesA.png) +![Activity Details showing Target Path](./images/ka04u000000wwHf_0EM4u000008pesA.png) diff --git a/docs/kb/accessanalyzer/error-code-5-access-is-denied-when-opening-the-console.md b/docs/kb/accessanalyzer/error-code-5-access-is-denied-when-opening-the-console.md index a3acd00a87..2c57b6dd48 100644 --- a/docs/kb/accessanalyzer/error-code-5-access-is-denied-when-opening-the-console.md +++ b/docs/kb/accessanalyzer/error-code-5-access-is-denied-when-opening-the-console.md @@ -31,7 +31,7 @@ When opening the Netwrix Access Analyzer console, you receive the following erro System Error. Code: 5. Access is denied. ``` -![Error dialog image](images/ka0Qk000000EMFB_0EMQk00000CzhkH.png) +![Error dialog image](./images/ka0Qk000000EMFB_0EMQk00000CzhkH.png) ## Cause diff --git a/docs/kb/accessanalyzer/error-connection-attempt-failed-because-connected-party-did-not-properly-respond.md b/docs/kb/accessanalyzer/error-connection-attempt-failed-because-connected-party-did-not-properly-respond.md index 92c16ab7a6..b8be8545fd 100644 --- a/docs/kb/accessanalyzer/error-connection-attempt-failed-because-connected-party-did-not-properly-respond.md +++ b/docs/kb/accessanalyzer/error-connection-attempt-failed-because-connected-party-did-not-properly-respond.md @@ -50,7 +50,7 @@ Test-NetConnection -ComputerName $RPC_host -Port 8766 -InformationLevel Detailed Test-NetConnection -ComputerName $RPC_host -Port 8767 -InformationLevel Detailed ``` -![Test-NetConnection output image](images/ka0Qk000000E4gT_0EMQk000009AG1X.png) +![Test-NetConnection output image](./images/ka0Qk000000E4gT_0EMQk000009AG1X.png) 2. If the test connections are successful on both ports, then the error should not appear. diff --git a/docs/kb/accessanalyzer/error-invalid-local-storage-version.md b/docs/kb/accessanalyzer/error-invalid-local-storage-version.md index d6cbddc7e1..8fe841fa4d 100644 --- a/docs/kb/accessanalyzer/error-invalid-local-storage-version.md +++ b/docs/kb/accessanalyzer/error-invalid-local-storage-version.md @@ -1,54 +1,57 @@ --- -description: >- - An Activity Auditing (SPAC) scan fails after upgrading Netwrix Access Analyzer - with an Invalid local SPAA storage version error; follow the steps to update - the SPAA database schema. +title: "Error: Invalid Local SPAA Storage Version. Expected 11603 but Found 0" +sidebar_label: "Error: Invalid Local SPAA Storage Version. Expected 11603 but Found 0" +description: "Resolves the 'Invalid local SPAA storage version' error that occurs when running a SPAC System Scan in Netwrix Access Analyzer by updating the SPAA database schema through the appropriate System Scan and Bulk Import jobs." keywords: - SPAA - SPAC - - Invalid local storage version - - SPSEEK - - SPAA_BulkImport + - System Scan + - Bulk Import + - InvalidStorageVersionException + - SharePoint + - schema update - Netwrix Access Analyzer - - database schema - - SystemScans + - Netwrix Enterprise Auditor + - database version + - upgrade issue + - SPSEEK products: - - access-analyzer -sidebar_label: "Error: Invalid Local Storage Version" -tags: [] -title: 'Error: Invalid Local Storage Version' + - enterprise_auditor knowledge_article_id: kA0Qk0000001RUPKA2 --- -# Error: Invalid Local Storage Version +# Error: Invalid Local SPAA Storage Version When Running SPAC System Scan ## Symptom -After the recent Netwrix Access Analyzer upgrade (`11.6.0.69`), an Activity Auditing (SPAC) scan populates the following error: +When attempting to run a **SPAC System Scan** in **Netwrix Access Analyzer** (formerly Enterprise Auditor) after upgrading, the following error occurs: ```text Stealthbits.StealthAUDIT.DataCollectors.SPAA.Storage.InvalidStorageVersionException: -Invalid local SPAA storage version. Expected %x& but found %y%. +Invalid local SPAA storage version. Expected 11603 but found 0. ``` ## Cause -The SPAA database schema is outdated and requires an update. +The SPAA database schema is outdated and requires an update. This error occurs when a SPAC System Scan* is run *before* a SPAA System Scan or SPSEEK System Scan has been executed. ## Resolution Perform the following steps to update the database schema: -1. Run either the **1-SPSEEK_SystemScans** or **2-SPAA_SystemScans** job at `level 0`. Refer to the following articles for additional information: - - https://docs.netwrix.com/docs/auditor/10_8 - - https://docs.netwrix.com/docs/auditor/10_8 -2. Depending on the previously selected job, run either the **4-SPSEEK_BulkImport** or **5-SPAA_BulkImport** job to update the schema. -3. Run the **3-SPAC_SystemScans** job to verify that the issue is resolved. +1. **Run a System Scan job at level 0** + - Run either the **1-SPSEEK_SystemScans** or **2-SPAA_SystemScans** job. + - Refer to the following documentation for details: + - [1-SPSEEK_SystemScans Job ⸱ Netwrix Docs 🡥](https://docs.netwrix.com/docs/accessanalyzer/12_0/solutions/sharepoint/collection/spseek_systemscans) + - [2-SPAA_SystemScans Job ⸱ Netwrix Docs 🡥](https://docs.netwrix.com/docs/accessanalyzer/12_0/solutions/sharepoint/collection/spaa_systemscans) + +2. **Run a Bulk Import job to update the schema** + - Depending on the job used in step 1, run either the **4-SPSEEK_BulkImport** or **5-SPAA_BulkImport** job. -## Related Articles +3. **Verify the issue is resolved** + - Run the **3-SPAC_SystemScans** job to confirm that the error no longer appears. -- 0.Collection Job Group — 1-SPSEEK_SystemScans Job · v11.6 - https://docs.netwrix.com/docs/auditor/10_8 +## Related Links -- 0.Collection Job Group — 2-SPAA_SystemScans Job · v11.6 - https://docs.netwrix.com/docs/auditor/10_8 +- [1-SPSEEK_SystemScans Job](https://docs.netwrix.com/docs/accessanalyzer/12_0/solutions/sharepoint/collection/spseek_systemscans) +- [2-SPAA_SystemScans Job](https://docs.netwrix.com/docs/accessanalyzer/12_0/solutions/sharepoint/collection/spaa_systemscans) diff --git a/docs/kb/accessanalyzer/error-refused-to-connect-in-web-console.md b/docs/kb/accessanalyzer/error-refused-to-connect-in-web-console.md index b79d6674c4..02958ee4de 100644 --- a/docs/kb/accessanalyzer/error-refused-to-connect-in-web-console.md +++ b/docs/kb/accessanalyzer/error-refused-to-connect-in-web-console.md @@ -61,7 +61,7 @@ Unbind the port from the application. Refer to the following steps: The `BindingURL` includes the port number and the protocol (HTTP or HTTPS). - ![Config file](images/ka0Qk0000005DxV_0EMQk0000075k4b.png) + ![Config file](./images/ka0Qk0000005DxV_0EMQk0000075k4b.png) 2. On your Netwrix Access Analyzer host, run the following line in an elevated Command Prompt instance to retrieve all reserved URLs: @@ -85,6 +85,6 @@ Unbind the port from the application. Refer to the following steps: If the output does not include the affected port, refer to the following article to learn more about the SSL binding: https://docs.netwrix.com/docs/auditor/10_8 -## Related Articles +## Related Link - https://docs.netwrix.com/docs/auditor/10_8 (Reports via the Web Console — Securing the Web Console · v11.6) diff --git a/docs/kb/accessanalyzer/error-request-for-downloading-published-reports-failed.md b/docs/kb/accessanalyzer/error-request-for-downloading-published-reports-failed.md index 2d82214c3c..c4853c6b53 100644 --- a/docs/kb/accessanalyzer/error-request-for-downloading-published-reports-failed.md +++ b/docs/kb/accessanalyzer/error-request-for-downloading-published-reports-failed.md @@ -33,11 +33,11 @@ Either of the following symptoms is present in your environment: ! Request for downloading published reports failed: Internal Server Error ``` -![Error message indicating 'Request for downloading published reports failed: Internal Server Error'](images/ka0Qk000000EHKL_0EMQk00000C2keA.png) +![Error message indicating 'Request for downloading published reports failed: Internal Server Error'](./images/ka0Qk000000EHKL_0EMQk00000C2keA.png) - If the file is corrupted, the following error could appear when opening the Netwrix Access Analyzer console. -![Console pop-up showing the error message 'Hexadecimal value 0x00, is an invalid character.'](images/ka0Qk000000EHKL_0EMQk00000C2hzg.png) +![Console pop-up showing the error message 'Hexadecimal value 0x00, is an invalid character.'](./images/ka0Qk000000EHKL_0EMQk00000C2hzg.png) - Log entry example: @@ -62,18 +62,18 @@ To resolve these errors, follow the steps below. 3. To publish the report(s) again, right-click a needed Job Group (for example, **Jobs**), and select **Publish** to publish the reports from the selected job group or job without regenerating the report. -![Publishing from a job group in Access Analyzer](images/ka0Qk000000EHKL_0EMQk00000BzUfZ.png) +![Publishing from a job group in Access Analyzer](./images/ka0Qk000000EHKL_0EMQk00000BzUfZ.png) 4. Select **Publish Reports** and click **Next**. -![Navigation and publishing actions in Access Analyzer](images/ka0Qk000000EHKL_0EMQk00000BzScA.png) +![Navigation and publishing actions in Access Analyzer](./images/ka0Qk000000EHKL_0EMQk00000BzScA.png) 5. Select objects as needed. Then, click **Next** to run the report. -![Selecting objects to publish](images/ka0Qk000000EHKL_0EMQk00000BzbFd.png) +![Selecting objects to publish](./images/ka0Qk000000EHKL_0EMQk00000BzbFd.png) 6. Once the report has run successfully, click **Finish** to close out of the Reporting web page. -![Finish publishing reports](images/ka0Qk000000EHKL_0EMQk00000BzVN9.png) +![Finish publishing reports](./images/ka0Qk000000EHKL_0EMQk00000BzVN9.png) > **NOTE:** Additionally, reports will be rebuilt when the related job completes its next run. diff --git a/docs/kb/accessanalyzer/error-task-name-has-an-incorrect-format-incorrect-number-of-components.md b/docs/kb/accessanalyzer/error-task-name-has-an-incorrect-format-incorrect-number-of-components.md index 8e3f7ec12d..9833bafbe5 100644 --- a/docs/kb/accessanalyzer/error-task-name-has-an-incorrect-format-incorrect-number-of-components.md +++ b/docs/kb/accessanalyzer/error-task-name-has-an-incorrect-format-incorrect-number-of-components.md @@ -27,7 +27,7 @@ knowledge_article_id: kA0Qk0000002gRNKAY When selecting **Schedules** or any **Job**, the following pop-up task format error message appears: -![Pop-up error message](images/ka0Qk000000Ea0P_0EMQk00000DDGST.png) +![Pop-up error message](./images/ka0Qk000000Ea0P_0EMQk00000DDGST.png) ## Cause diff --git a/docs/kb/accessanalyzer/error-the-default-schema-name-is-incorrect.md b/docs/kb/accessanalyzer/error-the-default-schema-name-is-incorrect.md index 8e0cb9be84..1e2f1a28e8 100644 --- a/docs/kb/accessanalyzer/error-the-default-schema-name-is-incorrect.md +++ b/docs/kb/accessanalyzer/error-the-default-schema-name-is-incorrect.md @@ -42,7 +42,7 @@ Refer to the corresponding resolution: 1. Log in to Netwrix Access Analyzer (NEA) with a user account that has properly provisioned permissions to the SQL database. Hold **Shift** and right-click the **Netwrix Access Analyzer** icon. Select **Run as different user**. - ![Netwrix Access Analyzer Run as different user](images/ka0Qk0000006PDR_0EMQk000007SBir.png) + ![Netwrix Access Analyzer Run as different user](./images/ka0Qk0000006PDR_0EMQk000007SBir.png) 2. Grant the correct SQL DB permissions to the current user via the SQL Server Management Studio (SSMS) application. Refer to the following article for additional information on required permissions: Netwrix Access Analyzer Database — Database Creation & First Level of Security · v11.6. diff --git a/docs/kb/accessanalyzer/file-not-found-reports-error-unable-to-log-error-to-access-analyzer.md b/docs/kb/accessanalyzer/file-not-found-reports-error-unable-to-log-error-to-access-analyzer.md index 5ec4178042..8df0386a22 100644 --- a/docs/kb/accessanalyzer/file-not-found-reports-error-unable-to-log-error-to-access-analyzer.md +++ b/docs/kb/accessanalyzer/file-not-found-reports-error-unable-to-log-error-to-access-analyzer.md @@ -35,7 +35,7 @@ When the report grid settings are configured for a non-interactive grid on the A Unable to log error to Access Analyzer: Object doesn't support property or method 'LogJSMessage'. ``` -![Error image](images/ka0Qk000000CgOT_0EMQk00000B05RB.png) +![Error image](./images/ka0Qk000000CgOT_0EMQk00000B05RB.png) ## Cause @@ -46,19 +46,19 @@ This error message is caused by setting the report grid configuration to Non Int To resolve this error, refer to the following steps: 1. Click **Configure** to access the report settings. - ![Configure button image](images/ka0Qk000000CgOT_0EMQk00000Aq6Zr.png) + ![Configure button image](./images/ka0Qk000000CgOT_0EMQk00000Aq6Zr.png) 2. Navigate to the **Widgets** node and select **Configure** on the layout location of the report. - ![Widgets configure image](images/ka0Qk000000CgOT_0EMQk00000AqZFF.png) + ![Widgets configure image](./images/ka0Qk000000CgOT_0EMQk00000AqZFF.png) 3. After clicking **Configure**, select the **Interactive grid** option in the top-right corner under Table Properties. - ![Interactive grid option image](images/ka0Qk000000CgOT_0EMQk00000AqJtg.png) + ![Interactive grid option image](./images/ka0Qk000000CgOT_0EMQk00000AqJtg.png) 4. Ensure that you have the **Export table data as CSV** box checked. - ![Export table data as CSV image](images/ka0Qk000000CgOT_0EMQk00000BF2eH.png) + ![Export table data as CSV image](./images/ka0Qk000000CgOT_0EMQk00000BF2eH.png) 5. Confirm that the error has been resolved using either of the following methods: - Right-click the **Job** itself and select **Run Job**. - ![Run Job image](images/ka0Qk000000CgOT_0EMQk00000Aqj6X.png) + ![Run Job image](./images/ka0Qk000000CgOT_0EMQk00000Aqj6X.png) - In the Reports pane, click the **Kebab menu** (three vertical dots) next to **Configure** and select **Generate**. - ![Generate image](images/ka0Qk000000CgOT_0EMQk00000Aqj6Y.png) + ![Generate image](./images/ka0Qk000000CgOT_0EMQk00000Aqj6Y.png) diff --git a/docs/kb/accessanalyzer/how-to-add-site-collection-administrators-for-sharepoint-online.md b/docs/kb/accessanalyzer/how-to-add-site-collection-administrators-for-sharepoint-online.md index f4f183937f..f052e690f2 100644 --- a/docs/kb/accessanalyzer/how-to-add-site-collection-administrators-for-sharepoint-online.md +++ b/docs/kb/accessanalyzer/how-to-add-site-collection-administrators-for-sharepoint-online.md @@ -38,6 +38,6 @@ This article describes how to configure site collection permissions so you can r 5. Click **Owners** > **Manage Administrators**. 6. Add the account configured in the SPAA scan job to access sites to the **Site Collection Administrators** field. - ![Site Collection Administrators dialog](images/ka0Qk0000006P8b_0EMQk000007UAdp.png) + ![Site Collection Administrators dialog](./images/ka0Qk0000006P8b_0EMQk000007UAdp.png) 7. Click **OK** to save changes. diff --git a/docs/kb/accessanalyzer/how-to-add-the-jobs-for-a-newly-licensed-solution-to-an-existing-application-installation.md b/docs/kb/accessanalyzer/how-to-add-the-jobs-for-a-newly-licensed-solution-to-an-existing-application-installation.md index d43b09d5d0..c78ce6daa0 100644 --- a/docs/kb/accessanalyzer/how-to-add-the-jobs-for-a-newly-licensed-solution-to-an-existing-application-installation.md +++ b/docs/kb/accessanalyzer/how-to-add-the-jobs-for-a-newly-licensed-solution-to-an-existing-application-installation.md @@ -35,23 +35,23 @@ This article explains how to add jobs for a newly licensed solution to an existi ### Add Solution via Instant Solutions 1. Open the Netwrix Access Analyzer console, right-click the **Jobs** folder, and select **Add Instant Job**. - ![image](images/ka0Qk000000DDCL_0EMQk00000Bv4AE.png) + ![image](./images/ka0Qk000000DDCL_0EMQk00000Bv4AE.png) 2. In the Instant Job Wizard, expand **Library Name: Instant Solutions** by clicking the **+** icon. - ![Instant Solutions library with newly licensed module selected](images/ka0Qk000000DDCL_0EMQk00000BvBy5.png) + ![Instant Solutions library with newly licensed module selected](./images/ka0Qk000000DDCL_0EMQk00000BvBy5.png) 3. Select the newly licensed module (e.g., `.Active Directory Inventory`), then click **Next**. - ![image](images/ka0Qk000000DDCL_0EMQk00000BvEJF.png) + ![image](./images/ka0Qk000000DDCL_0EMQk00000BvEJF.png) 4. On the Summary page of the Instant Job Wizard, select **Save & Exit**. - ![Summary page of Instant Job Wizard with Save & Exit button highlighted](images/ka0Qk000000DDCL_0EMQk00000Bv76U.png) + ![Summary page of Instant Job Wizard with Save & Exit button highlighted](./images/ka0Qk000000DDCL_0EMQk00000Bv76U.png) 5. Your newly licensed module should now appear in the Netwrix Access Analyzer Job Tree. ### Add Solution via File Explorer 1. With the Netwrix Access Analyzer console closed, navigate to the **Instant Solutions** folder in Netwrix Access Analyzer's installation directory (`%SAInstallDir%InstantSolutions`). - ![Instant Solutions folder in installation directory](images/ka0Qk000000DDCL_0EMQk00000ArqFd.png) + ![Instant Solutions folder in installation directory](./images/ka0Qk000000DDCL_0EMQk00000ArqFd.png) 2. Locate the **GROUP_** folder for the new solution and copy it to the Jobs folder (`%SAInstallDir%Jobs`). diff --git a/docs/kb/accessanalyzer/how-to-drop-data-collected-from-sql-servers-using-the-databases-module.md b/docs/kb/accessanalyzer/how-to-drop-data-collected-from-sql-servers-using-the-databases-module.md index a1b2d61ad9..64d2a3cc7d 100644 --- a/docs/kb/accessanalyzer/how-to-drop-data-collected-from-sql-servers-using-the-databases-module.md +++ b/docs/kb/accessanalyzer/how-to-drop-data-collected-from-sql-servers-using-the-databases-module.md @@ -36,32 +36,32 @@ This article explains how to drop data collected from SQL Servers using the Data > **NOTE:** You can create a separate folder (e.g., Sandbox) for custom jobs. 1. Right-click the **custom** or **Jobs** folder and select **Create Job** `Ctrl+Alt+A`. - ![ ](images/ka0Qk000000DG6z_0EMQk00000BvYY7.png) + ![ ](./images/ka0Qk000000DG6z_0EMQk00000BvYY7.png) 2. Navigate to the **Configure** node of the NewJob and select the **Queries** node. - ![ ](images/ka0Qk000000DG6z_0EMQk00000BvhTJ.png) + ![ ](./images/ka0Qk000000DG6z_0EMQk00000BvhTJ.png) 3. Click the **Create Query** button. - ![ ](images/ka0Qk000000DG6z_0EMQk00000BvhZl.png) + ![ ](./images/ka0Qk000000DG6z_0EMQk00000BvhZl.png) 4. In the General tab, designate a clear **Name** and **Description** (e.g., `DropSQLHostData`). 5. In the Data Source tab, select **SQL** from the **Data Collector** dropdown menu. - ![ ](images/ka0Qk000000DG6z_0EMQk00000Bvheb.png) + ![ ](./images/ka0Qk000000DG6z_0EMQk00000Bvheb.png) 6. Click **Configure** to launch the SQL Data Collector Configuration Wizard. - ![ ](images/ka0Qk000000DG6z_0EMQk00000BvhgD.png) + ![ ](./images/ka0Qk000000DG6z_0EMQk00000BvhgD.png) 7. On the Wizard Category page, select the **Utilities > Remove Storage Tables** option under the appropriate database type and click **Next** to drop all collected SQL data for SQL Servers. - ![Category page with Utilities > Remove Storage Tables option highlighted](images/ka0Qk000000DG6z_0EMQk00000BvdWA.png) + ![Category page with Utilities > Remove Storage Tables option highlighted](./images/ka0Qk000000DG6z_0EMQk00000BvdWA.png) 8. To complete the query, ensure you have selected the desired Available Properties, click **Next**, and then **Finish**. Last, click **OK**. 9. To run the job, you can either select **Run now** from the job windowpane or right-click the job and select **Run Job**. - ![ ](images/ka0Qk000000DG6z_0EMQk00000Bvjzl.png) + ![ ](./images/ka0Qk000000DG6z_0EMQk00000Bvjzl.png) ### Drop Data for Specific Hosts/Instances for SQL Servers or Drop Specific Data for SQL Hosts/Instances 1. Follow steps 1–6 detailed above. 2. On the SQL Data Collector Configuration Wizard Category page, select the **Utilities > Remove Storage Data** option and click **Next**. - ![Category page with Utilities > Remove Storage Data option highlighted](images/ka0Qk000000DG6z_0EMQk00000Bvk6D.png) + ![Category page with Utilities > Remove Storage Data option highlighted](./images/ka0Qk000000DG6z_0EMQk00000Bvk6D.png) 3. On the Filters page, select the databases/instances via the **Filter Options** drop-down menu: - All database objects - Only select database objects - When using this option, select the database objects you want to delete in the **Available database objects** pane, then click **Add**. - ![Available database objects pane with Add highlighted](images/ka0Qk000000DG6z_0EMQk00000Bvbfg.png) + ![Available database objects pane with Add highlighted](./images/ka0Qk000000DG6z_0EMQk00000Bvbfg.png) 4. On the Settings page, select the type of data you would like to remove for your specified hosts: - Permissions - Audits diff --git a/docs/kb/accessanalyzer/how-to-enable-debug-logging-manually.md b/docs/kb/accessanalyzer/how-to-enable-debug-logging-manually.md index 491f741c78..4456b410e2 100644 --- a/docs/kb/accessanalyzer/how-to-enable-debug-logging-manually.md +++ b/docs/kb/accessanalyzer/how-to-enable-debug-logging-manually.md @@ -42,4 +42,4 @@ Refer to the following steps to manually enable the debug mode in Netwrix Access Refer to the example of the value in the configuration file that must be changed to `0`: -![Configuration example](images/ka0Qk00000056mL_0EMQk000006Clm6.png) +![Configuration example](./images/ka0Qk00000056mL_0EMQk000006Clm6.png) diff --git a/docs/kb/accessanalyzer/how-to-optimize-seek-system-scans-with-system-resources.md b/docs/kb/accessanalyzer/how-to-optimize-seek-system-scans-with-system-resources.md index c70cbbe7c4..1eb74a60a0 100644 --- a/docs/kb/accessanalyzer/how-to-optimize-seek-system-scans-with-system-resources.md +++ b/docs/kb/accessanalyzer/how-to-optimize-seek-system-scans-with-system-resources.md @@ -56,7 +56,7 @@ To comfortably scan 4 file systems using a dedicated proxy server, the optimized 2. Verify the number of SDD scan processes: - On the **Sensitive Data Settings** page of the FSAA Data Collector query settings, set the **Number of SDD Scan Processes** to reflect the available CPU threads on the scanning server. This number should not exceed `1-2x` the number of available CPU threads. By default, this is set to `2`. - ![Sensitive Data Settings page example](images/ka0Qk000000D59x_0EMQk00000BK3Rd.png) + ![Sensitive Data Settings page example](./images/ka0Qk000000D59x_0EMQk00000BK3Rd.png) > **NOTE:** If the scan server has other responsibilities (e.g., NEA Console server, busy file server, SQL server), take those into account when configuring how many CPU threads should be allocated for SDD scan processes. diff --git a/docs/kb/accessanalyzer/how-to-view-stored-sensitive-data-discovery-sdd-matches.md b/docs/kb/accessanalyzer/how-to-view-stored-sensitive-data-discovery-sdd-matches.md index a04f424447..e1087288bb 100644 --- a/docs/kb/accessanalyzer/how-to-view-stored-sensitive-data-discovery-sdd-matches.md +++ b/docs/kb/accessanalyzer/how-to-view-stored-sensitive-data-discovery-sdd-matches.md @@ -41,7 +41,7 @@ You can view stored SDD matches using one of the following methods. 1. Select the server. 2. In the right **Reports** pane, select **Sensitive Content Details**. -![rtaImage.png](images/ka0Qk0000009j17_00N0g000004CA0p_0EMQk000002m1YX.png) +![rtaImage.png](./images/ka0Qk0000009j17_00N0g000004CA0p_0EMQk000002m1YX.png) For additional information, refer to: Resource Audit Overview − Sensitive Content Reports · v11.6 https://docs.netwrix.com/docs/accessanalyzer/12_0) @@ -55,7 +55,7 @@ https://docs.netwrix.com/docs/accessanalyzer/12_0) > **IMPORTANT:** Check the **Reviewers are able to see the sensitive data match if available** checkbox for the review to contain sensitive data matches. -![rtaImage1.png](images/ka0Qk0000009j17_00N0g000004CA0p_0EMQk000002m1a9.png) +![rtaImage1.png](./images/ka0Qk0000009j17_00N0g000004CA0p_0EMQk000002m1a9.png) ### Netwrix Access Analyzer − Custom report diff --git a/docs/kb/accessanalyzer/images/kA0Qk00000036C9KAI-Okta-settings.png b/docs/kb/accessanalyzer/images/kA0Qk00000036C9KAI-Okta-settings.png new file mode 100644 index 0000000000..ea978de125 Binary files /dev/null and b/docs/kb/accessanalyzer/images/kA0Qk00000036C9KAI-Okta-settings.png differ diff --git a/docs/kb/accessanalyzer/manually-setting-up-entra-id-auditing-for-netwrix-access-analyzer.md b/docs/kb/accessanalyzer/manually-setting-up-entra-id-auditing-for-netwrix-access-analyzer.md index b862549ff6..a1e5629a8d 100644 --- a/docs/kb/accessanalyzer/manually-setting-up-entra-id-auditing-for-netwrix-access-analyzer.md +++ b/docs/kb/accessanalyzer/manually-setting-up-entra-id-auditing-for-netwrix-access-analyzer.md @@ -36,17 +36,17 @@ While it is always recommended to use the `AZ_RegisterAzureAppAuth` instant job 1. Open the Microsoft Entra admin center: https://entra.microsoft.com/#home. 2. Navigate to **Identity > Applications > App registrations** and select **+ New registration**. - ![Entra App Registration](images/ka0Qk000000DYVJ_0EMQk00000B6ziP.png) + ![Entra App Registration](./images/ka0Qk000000DYVJ_0EMQk00000B6ziP.png) 3. On the **Register an application** page, set the following: - **Name:** Something meaningful, e.g., `NEA_EntraID`. - **Support account types:** Accounts in this org. directory only. 4. From the **Application Overview** page, navigate to **Manage > API Permissions** and select **Add a permission**. - ![API Permissions](images/ka0Qk000000DYVJ_0EMQk00000B6i4s.png) + ![API Permissions](./images/ka0Qk000000DYVJ_0EMQk00000B6i4s.png) 5. From the **Request API permissions** page, select **Microsoft Graph**. - ![Request API permissions](images/ka0Qk000000DYVJ_0EMQk00000B6qwr.png) + ![Request API permissions](./images/ka0Qk000000DYVJ_0EMQk00000B6qwr.png) - Add the following **Delegated Permissions**: - `Group.Read.All` – Read all groups @@ -56,20 +56,20 @@ While it is always recommended to use the `AZ_RegisterAzureAppAuth` instant job - `Directory.Read.All` – Read directory data 6. After adding the aforementioned permissions, grant them admin consent by selecting **Grant admin consent for `\{TENANT NAME\}`**. - ![Grant admin consent](images/ka0Qk000000DYVJ_0EMQk00000B6f5O.png) + ![Grant admin consent](./images/ka0Qk000000DYVJ_0EMQk00000B6f5O.png) 7. Navigate to the Entra app registration and on the **Certificates & secrets** page, select **+ New client secret**. - ![Certificates & secrets](images/ka0Qk000000DYVJ_0EMQk00000B6fbf.png) + ![Certificates & secrets](./images/ka0Qk000000DYVJ_0EMQk00000B6fbf.png) 8. On the **Add a client secret** page, add the following: - **Description:** Something meaningful, e.g., `Access Analyzer Entra ID`. - **Expires:** Usually recommended to set this to the longest option OR per the organization’s internal certificate expiration timeframe. 9. After creating the client secret, copy the secret **Value** to a notepad. - ![Client secret value](images/ka0Qk000000DYVJ_0EMQk00000B6d20.png) + ![Client secret value](./images/ka0Qk000000DYVJ_0EMQk00000B6d20.png) 10. Next, navigate to the **Overview** tab and copy the **Application (client) ID** which is needed for the Netwrix Access Analyzer Connection Profile. - ![Application client ID](images/ka0Qk000000DYVJ_0EMQk00000B6kbK.png) + ![Application client ID](./images/ka0Qk000000DYVJ_0EMQk00000B6kbK.png) ## Netwrix Access Analyzer Connection Profile diff --git a/docs/kb/accessanalyzer/missing-icons-and-graphical-elements-in-access-analyzer-web-console.md b/docs/kb/accessanalyzer/missing-icons-and-graphical-elements-in-access-analyzer-web-console.md index 099711a399..a78754ba2c 100644 --- a/docs/kb/accessanalyzer/missing-icons-and-graphical-elements-in-access-analyzer-web-console.md +++ b/docs/kb/accessanalyzer/missing-icons-and-graphical-elements-in-access-analyzer-web-console.md @@ -49,7 +49,7 @@ You may see icons missing in the Netwrix Access Analyzer Web Console. 4. Right-click the `MitigationOptions` value and select **Modify**. Verify the **Value data** field states Hexadecimal `2000000000000`. Click **OK** to save changes. - ![Registry screenshot](images/ka0Qk000000DZ6P_0EM4u000008Ma1V.png) + ![Registry screenshot](./images/ka0Qk000000DZ6P_0EM4u000008Ma1V.png) ### Related articles diff --git a/docs/kb/accessanalyzer/netwrix-threat-prevention-agent-not-processing-events.md b/docs/kb/accessanalyzer/netwrix-threat-prevention-agent-not-processing-events.md index 51868ba049..c6d3614419 100644 --- a/docs/kb/accessanalyzer/netwrix-threat-prevention-agent-not-processing-events.md +++ b/docs/kb/accessanalyzer/netwrix-threat-prevention-agent-not-processing-events.md @@ -51,7 +51,7 @@ This issue may be caused by any one of the following: > > `C:\Program Files\Netwrix\Netwrix Threat Prevention\SIWindowsAgent` > -> ![Screenshot of logging ini file](images/ka0Qk000000Co13_0EMQk00000AJwk5.png) +> ![Screenshot of logging ini file](./images/ka0Qk000000Co13_0EMQk00000AJwk5.png) ## Resolution diff --git a/docs/kb/accessanalyzer/opening-a-ticket.md b/docs/kb/accessanalyzer/opening-a-ticket.md index 7d0bc9bd1f..36b3428fbd 100644 --- a/docs/kb/accessanalyzer/opening-a-ticket.md +++ b/docs/kb/accessanalyzer/opening-a-ticket.md @@ -65,7 +65,7 @@ Follow these steps to gather logs: - On the home page of the job, click **View Log**, and save the log file. - ![Job View Log screenshot](images/ka0Qk000000C8rR_0EMQk000007oXpZ.png) + ![Job View Log screenshot](./images/ka0Qk000000C8rR_0EMQk000007oXpZ.png) - Locate the **job logs** using the following path: @@ -81,7 +81,7 @@ Follow these steps to gather logs: - In the **Navigation Pane**, right-click the job and select **Export**. In the new window, specify the components to export and proceed with the export. - ![Export Job screenshot](images/ka0Qk000000C8rR_0EMQk000007oXrB.png) + ![Export Job screenshot](./images/ka0Qk000000C8rR_0EMQk000007oXrB.png) ## Messages Table diff --git a/docs/kb/accessanalyzer/reports-not-visible-or-name-truncated-after-publishing-in-custom-job-or-group.md b/docs/kb/accessanalyzer/reports-not-visible-or-name-truncated-after-publishing-in-custom-job-or-group.md index 2f1ef8b0fc..129ad6c7ae 100644 --- a/docs/kb/accessanalyzer/reports-not-visible-or-name-truncated-after-publishing-in-custom-job-or-group.md +++ b/docs/kb/accessanalyzer/reports-not-visible-or-name-truncated-after-publishing-in-custom-job-or-group.md @@ -27,10 +27,10 @@ knowledge_article_id: kA0Qk00000023ufKAA When creating a report for a custom job or group, the following issues are present in your environment: - The custom job or group name appears normally in the **Netwrix Access Analyzer** console. - ![](images/ka0Qk000000CW0v_0EMQk00000AxazR.png) + ![](./images/ka0Qk000000CW0v_0EMQk00000AxazR.png) - After publishing the report, it does not appear in the reporting web interface. - The custom job or group name is truncated in the reporting web interface. - ![](images/ka0Qk000000CW0v_0EMQk00000Axnrl.png) + ![](./images/ka0Qk000000CW0v_0EMQk00000Axnrl.png) ## Cause diff --git a/docs/kb/accessanalyzer/resetting-the-aic-administrator-password.md b/docs/kb/accessanalyzer/resetting-the-aic-administrator-password.md index 6f0dc59b47..bfe5ec85be 100644 --- a/docs/kb/accessanalyzer/resetting-the-aic-administrator-password.md +++ b/docs/kb/accessanalyzer/resetting-the-aic-administrator-password.md @@ -38,7 +38,7 @@ If you have access to another Administrator within the AIC, follow the steps bel 2. Navigate to **Configure Console**. 3. Modify the Built-In Administrator, as shown below: -![Modify Built-In Administrator](images/ka0Qk000000EatF_0EMQk000009FrLO.png) +![Modify Built-In Administrator](./images/ka0Qk000000EatF_0EMQk000009FrLO.png) ### Without Access to Another Administrator in AIC @@ -48,7 +48,7 @@ If you do not have access to another AIC Administrator account, perform the foll 1. Open the file as an administrator and remove the hash between " " for the **AuthBuiltinAdminPassword3 key**: - ![Remove hash for AuthBuiltinAdminPassword3](images/ka0Qk000000EatF_0EMQk000009FkN9.png) + ![Remove hash for AuthBuiltinAdminPassword3](./images/ka0Qk000000EatF_0EMQk000009FkN9.png) 2. Restart the Netwrix AIC service in `Services.msc`. diff --git a/docs/kb/accessanalyzer/resolving-insecure-permissions-for-service-executables.md b/docs/kb/accessanalyzer/resolving-insecure-permissions-for-service-executables.md index 7bf0829969..4133e1aaff 100644 --- a/docs/kb/accessanalyzer/resolving-insecure-permissions-for-service-executables.md +++ b/docs/kb/accessanalyzer/resolving-insecure-permissions-for-service-executables.md @@ -51,4 +51,4 @@ Follow the steps below to resolve this issue: > **NOTE:** This approach ensures secure operation and mitigates the risk of privilege escalation. -![Screenshot showing the Member Type configuration in Netwrix Access Analyzer settings](images/ka0Qk000000E7EX_0EMQk00000CHoHe.png) +![Screenshot showing the Member Type configuration in Netwrix Access Analyzer settings](./images/ka0Qk000000E7EX_0EMQk00000CHoHe.png) diff --git a/docs/kb/accessanalyzer/support-for-historical-data-retention-in-access-analyzer-jobs.md b/docs/kb/accessanalyzer/support-for-historical-data-retention-in-access-analyzer-jobs.md index af096042fa..380fffcab9 100644 --- a/docs/kb/accessanalyzer/support-for-historical-data-retention-in-access-analyzer-jobs.md +++ b/docs/kb/accessanalyzer/support-for-historical-data-retention-in-access-analyzer-jobs.md @@ -36,7 +36,7 @@ Depending on the needs, the historical data retention option can be set up in Ne The default History Retention setting is set to 6 months for both `EX_MetricsCollection` and `EX_MetricsDetail` Jobs. To adjust it, modify the **SET HISTORY RETENTION** analysis task for the corresponding job. This can be configured for months or days. - ![histRetention](images/ka0Qk000000DYzx_0EMQk000002q3VJ.png) + ![histRetention](./images/ka0Qk000000DYzx_0EMQk000002q3VJ.png) 2. **CAS Metrics Job Group** − **ActiveSync Job Group** − **EX_ActiveSync Job** diff --git a/docs/kb/accessanalyzer/the-autodiscover-service-couldn-t-be-located.md b/docs/kb/accessanalyzer/the-autodiscover-service-couldn-t-be-located.md index 7bae39cf71..7577195347 100644 --- a/docs/kb/accessanalyzer/the-autodiscover-service-couldn-t-be-located.md +++ b/docs/kb/accessanalyzer/the-autodiscover-service-couldn-t-be-located.md @@ -42,7 +42,7 @@ To resolve this error, follow the steps below: 1. Open the **Query Properties** for the EWSMailbox task. 2. Select **View XML**. -![View XML screenshot](images/ka0Qk000000CDO5_0EMQk000008w1gf.png) +![View XML screenshot](./images/ka0Qk000000CDO5_0EMQk000008w1gf.png) 3. Insert the following code that best matches your environment within the ` ` tags. This is located near the bottom of the XML. @@ -82,11 +82,11 @@ To resolve this error, follow the steps below: 4. On the **Query Properties** window, select **Configure**. -![Configure button screenshot](images/ka0Qk000000CDO5_0EMQk000008vjWt.png) +![Configure button screenshot](./images/ka0Qk000000CDO5_0EMQk000008vjWt.png) 5. On the **Scan options** window, uncheck the option for **Match job host against autodiscovered host**. -![Scan options screenshot](images/ka0Qk000000CDO5_0EMQk000008w3KH.png) +![Scan options screenshot](./images/ka0Qk000000CDO5_0EMQk000008w3KH.png) 6. Proceed through the wizard by selecting **Next** and complete the process by clicking **Finish** to close out the **EWSMailbox DC Wizard**. 7. Select **OK** to close the **Query Properties** window. diff --git a/docs/kb/auditor/access-errors-for-user-activity-monitoring-plan.md b/docs/kb/auditor/access-errors-for-user-activity-monitoring-plan.md index 78d03c922f..4b34cc79e3 100644 --- a/docs/kb/auditor/access-errors-for-user-activity-monitoring-plan.md +++ b/docs/kb/auditor/access-errors-for-user-activity-monitoring-plan.md @@ -25,7 +25,7 @@ knowledge_article_id: kA04u00000110zkCAA ## Symptom -A User Activity (UAVR) monitoring plan generates errors on missing access permissions: +User Activity (UAVR) monitoring plan generates errors on missing access permissions: ```text Requested registry access is not allowed diff --git a/docs/kb/auditor/access-is-denied-error-in-event-log-manager-health-log.md b/docs/kb/auditor/access-is-denied-error-in-event-log-manager-health-log.md index 233f798a3e..6764ec0dac 100644 --- a/docs/kb/auditor/access-is-denied-error-in-event-log-manager-health-log.md +++ b/docs/kb/auditor/access-is-denied-error-in-event-log-manager-health-log.md @@ -44,9 +44,9 @@ Error details: Access is denied. ## Resolution - Configure the permissions for the data collection account used in the Event Log Manager. For additional information, refer to the following article: Windows Server — Permissions for Windows Server Auditing. -- Configure the password for your data collection account in Event Log Manager. Refer to the following article for additional information: [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md). +- Configure the password for your data collection account in Event Log Manager. Refer to the following article for additional information: [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change). ## Related articles - Windows Server — Permissions for Windows Server Auditing — 10.6 -- [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md) +- [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change) diff --git a/docs/kb/auditor/account-and-password-expiration-mismatch-in-netwrix-auditor-password-expiration-notifier.md b/docs/kb/auditor/account-and-password-expiration-mismatch-in-netwrix-auditor-password-expiration-notifier.md index ec0637055a..6c966d8a8a 100644 --- a/docs/kb/auditor/account-and-password-expiration-mismatch-in-netwrix-auditor-password-expiration-notifier.md +++ b/docs/kb/auditor/account-and-password-expiration-mismatch-in-netwrix-auditor-password-expiration-notifier.md @@ -35,7 +35,7 @@ Password Expiration Notifier may include data on expiring accounts, if enabled. 3. Select the **Advanced** tab, and either check or uncheck the **Include data on expiring accounts**. 4. The next report will be affected. -![Include data on expiring accounts](images/ka04u00000117wO_0EM4u000008MQhR.png) +![Include data on expiring accounts](./images/ka04u00000117wO_0EM4u000008MQhR.png) To verify the account expiration date, refer to the following steps: @@ -43,8 +43,9 @@ To verify the account expiration date, refer to the following steps: 2. Right-click the user, and select **Properties**. 3. The account expiration date is provided in the **Account** tab > **Account expires**, and the **Attribute Editor** tab > `accountExpires` attribute. -![Account expires and accountExpires attribute](images/ka04u00000117wO_0EM4u000008MQmb.png) +![Account expires and accountExpires attribute](./images/ka04u00000117wO_0EM4u000008MQmb.png) ### Related articles - [How Long Until My Password Expires? ⸱ Microsoft 🙅](https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/scripting-articles/ms974598(v=msdn.10)?redirectedfrom=MSDN) + diff --git a/docs/kb/auditor/account-lockout-examiner-generates-excessive-traffic-in-the-network.md b/docs/kb/auditor/account-lockout-examiner-generates-excessive-traffic-in-the-network.md index 887e7880e6..0202e77dc7 100644 --- a/docs/kb/auditor/account-lockout-examiner-generates-excessive-traffic-in-the-network.md +++ b/docs/kb/auditor/account-lockout-examiner-generates-excessive-traffic-in-the-network.md @@ -45,4 +45,5 @@ There is also an option to disable examination of workstations. In this case nam 3. Create a new DWORD value `PF_Enabled` and set its value to `0`. 4. Restart Netwrix Account Lockout Examiner Service via the **Services** snap-in. -![User-added image](images/ka04u000000HcUv_0EM700000004wr4.png) +![User-added image](./images/ka04u000000HcUv_0EM700000004wr4.png) + diff --git a/docs/kb/auditor/account-lockout-examiner-works-very-slowly.md b/docs/kb/auditor/account-lockout-examiner-works-very-slowly.md index 495b60159d..d19b4f7fb4 100644 --- a/docs/kb/auditor/account-lockout-examiner-works-very-slowly.md +++ b/docs/kb/auditor/account-lockout-examiner-works-very-slowly.md @@ -35,4 +35,5 @@ To address the slow performance issue, perform the following steps: **NOTE**: This will remove info about all old lockouts from Account Lockout Examiner. Backup this files if you need them for the further access. 4. Start Netwrix Account Lockout Examiner Service -[![User-added image](images/ka04u000000HcWK_0EM700000004wmE.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAbJ&feoid=00N700000032Pj2&refid=0EM700000004wmE) +[![User-added image](./images/ka04u000000HcWK_0EM700000004wmE.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAbJ&feoid=00N700000032Pj2&refid=0EM700000004wmE) + diff --git a/docs/kb/auditor/account-lockouts-are-displayed-with-delay.md b/docs/kb/auditor/account-lockouts-are-displayed-with-delay.md index e74c22e571..8605fa7f8b 100644 --- a/docs/kb/auditor/account-lockouts-are-displayed-with-delay.md +++ b/docs/kb/auditor/account-lockouts-are-displayed-with-delay.md @@ -46,7 +46,7 @@ To change to all DCs mode, perform the following steps: 2. Select your domain and click **Edit**. 3. Select **All DCs** radio button and click **OK** to save the changes. -![User-added image](images/ka04u000000HcUw_0EM700000004wlz.png) +![User-added image](./images/ka04u000000HcUw_0EM700000004wlz.png) ### Change event processing method @@ -56,4 +56,5 @@ To change to all DCs mode, perform the following steps: 4. Create a new value called `UseWatcher`, set its type to `DWORD` and value to `1`. 5. Restart NetWrix Account Lockout Examiner Service via `services.msc`. -![User-added image](images/ka04u000000HcUw_0EM700000004wm4.png) +![User-added image](./images/ka04u000000HcUw_0EM700000004wm4.png) + diff --git a/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md b/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md index 6e55ec7dff..5ed825ec75 100644 --- a/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md +++ b/docs/kb/auditor/active-directory-exchange-and-group-policy-changes-reported-as-made-by-system.md @@ -24,10 +24,15 @@ knowledge_article_id: kA00g000000H9SmCAK This article contains references to the most popular Active Directory, Exchange, and Group Policy changes which may be reported as made by **System** by Netwrix Auditor: -- [Alert Reported Change Made by System](/docs/kb/auditor/alert-reported-change-made-by-system.md). -- [System Changed Object Path after Account Name Change](/docs/kb/auditor/system-changed-object-path-after-account-name-change.md). -- [System Changed Client Operating System](/docs/kb/auditor/system-changed-client-operating-system.md). -- [System Changed Directory Objects for Foreign Security Principals](/docs/kb/auditor/system-changed-directory-objects-for-foreign-security-principals.md). -- [Workstation Field Reported as Unknown](/docs/kb/auditor/workstation-field-reported-as-unknown.md) -- [Duplicate Configuration and Schema Changes for All Monitored Domains in Forest Made by System](/docs/kb/auditor/duplicate-configuration-and-schema-changes-for-all-monitored-domains-in-forest-made-by-system.md). -- [System Changed Service Principle Name Attribute](/docs/kb/auditor/system-changed-service-principle-name-attribute.md). +- [Alert Reported Change Made by System](/docs/kb/auditor/alert-reported-change-made-by-system). +- [System Changed Object Path after Account Name Change](/docs/kb/auditor/system-changed-object-path-after-account-name-change). +- [System Changed Client Operating System](/docs/kb/auditor/system-changed-client-operating-system). +- [System Changed Directory Objects for Foreign Security Principals](/docs/kb/auditor/system-changed-directory-objects-for-foreign-security-principals). +- [Workstation Field Reported as Unknown](/docs/kb/auditor/workstation-field-reported-as-unknown) +- [Duplicate Configuration and Schema Changes for All Monitored Domains in Forest Made by System](/docs/kb/auditor/duplicate-configuration-and-schema-changes-for-all-monitored-domains-in-forest-made-by-system). +- [System Changed Service Principle Name Attribute](/docs/kb/auditor/system-changed-service-principle-name-attribute). + + + + + diff --git a/docs/kb/auditor/active-directory-object-restore.md b/docs/kb/auditor/active-directory-object-restore.md index 511b2506c0..a77f4c3db5 100644 --- a/docs/kb/auditor/active-directory-object-restore.md +++ b/docs/kb/auditor/active-directory-object-restore.md @@ -38,10 +38,13 @@ The Netwrix Active Directory Object Restore tool recovers removed Active Directo The account used for recovery and restore is the same account used for data collection in your Netwrix Auditor Active Directory monitoring plan. -
![Active](images/servlet_image_3823966b1661.png)
+
![Active](./images/servlet_image_3823966b1661.png)
> **NOTE:** This tool should **NOT** be used to revert the changes caused by raising the forest functional level. For additional information, refer to the following article: Object Restore for Active Directory. ## Related Link - Object Restore for Active Directory + + + diff --git a/docs/kb/auditor/ad-hoc-and-email-reports-shows-different-results-in-one-way-trust-forests-environment.md b/docs/kb/auditor/ad-hoc-and-email-reports-shows-different-results-in-one-way-trust-forests-environment.md index 76c8fa1ebd..94bfb2e81f 100644 --- a/docs/kb/auditor/ad-hoc-and-email-reports-shows-different-results-in-one-way-trust-forests-environment.md +++ b/docs/kb/auditor/ad-hoc-and-email-reports-shows-different-results-in-one-way-trust-forests-environment.md @@ -46,7 +46,7 @@ To check if the Data Processing Account has enough permissions please perform th If you do not see the `CN=Password Settings Container` under the `CN=System` node or cannot read the properties this indicates Data Processing Account does have read rights (see the screenshot below: the account does not have rights to access the Password Settings Container). -![User-added image](images/ka04u000000HcS1_0EM700000007Jf8.png) +![User-added image](./images/ka04u000000HcS1_0EM700000007Jf8.png) ## To provide read permissions to the Data Processing Account 1. Run ADSI Edit as a domain Administrator. @@ -56,4 +56,5 @@ If you do not see the `CN=Password Settings Container` under the `CN=System` nod Once the read permission for the Data Processing Account is set, verify the access by opening the `CN=Password Settings Container` properties with the Data Processing Account. This time you should be able to see `CN=Password Settings Container` under the `CN=System` node and read its properties (see the screenshot below). -![User-added image](images/ka04u000000HcS1_0EM700000007JfD.png) +![User-added image](./images/ka04u000000HcS1_0EM700000007JfD.png) + diff --git a/docs/kb/auditor/ale-service-is-unable-to-start-during-installation.md b/docs/kb/auditor/ale-service-is-unable-to-start-during-installation.md index 13cdb8f4d8..cde6545158 100644 --- a/docs/kb/auditor/ale-service-is-unable-to-start-during-installation.md +++ b/docs/kb/auditor/ale-service-is-unable-to-start-during-installation.md @@ -23,7 +23,7 @@ knowledge_article_id: kA00g000000H9YCCA0 During installation of NetWrix Account Lockout Examiner on **Windows 2003**, a "Service 'NetWrix Account Lockout Examiner' (ALService) failed to start" message is received that the service cannot be started due to insufficient permissions. The account in use is a domain admin. -![User-added image](images/ka04u000000HcRH_0EM700000004wmJ.png) +![User-added image](./images/ka04u000000HcRH_0EM700000004wmJ.png) ## Cause @@ -39,3 +39,6 @@ Also: 1. Verify that the account specified during installation is a local admin. 2. Check that there are no restrictive policies for this account to run services. 3. Try entering another local admin or domain admin account during the installation. + + + diff --git a/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md b/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md index a25169f7f3..016dab553f 100644 --- a/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md +++ b/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md @@ -53,7 +53,7 @@ Refer to the following steps to troubleshoot the SQL Server-based causes: 1. In the main Netwrix Auditor screen, select **Health Status** and click **View details** in the **Database Statistics** pane. 2. Review the database states. If a database state reads **Failed to store data**, review the database details. - > **IMPORTANT:** The SQL Server Express databases have a 10 GB size limit. In case the affected database states **Failed to store data** with the size limit of **10 GB**, refer to the following article: [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md) + > **IMPORTANT:** The SQL Server Express databases have a 10 GB size limit. In case the affected database states **Failed to store data** with the size limit of **10 GB**, refer to the following article: [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb) 3. If multiple or all databases state **Failed to store data** with no size limits, refer to the following troubleshooting steps. 2. Verify that the SQL Server instance is available. 3. Verify the credentials of the SQL Server instance account: @@ -82,6 +82,6 @@ Verify that the Audit Database account has the correct permissions—refer to th ## Related Articles -- [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md) +- [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb) - [Configure Audit Database Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver#configure-audit-database-account) - [Configure Long-Term Archive Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/longtermarchive#configure-long-term-archive-account) diff --git a/docs/kb/auditor/audit-status-shows-logon-auditing-is-disabled.md b/docs/kb/auditor/audit-status-shows-logon-auditing-is-disabled.md index f523916cdc..27ac5919d7 100644 --- a/docs/kb/auditor/audit-status-shows-logon-auditing-is-disabled.md +++ b/docs/kb/auditor/audit-status-shows-logon-auditing-is-disabled.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9YbCAK Audit status of some Domain controllers in the list shows that some auditing is disabled, for example "Logon Auditing is disabled, some funcionality will be unavailable for this DC. Please turn on auditing of invalid logons in audit policy for this DC" -![User-added image](images/ka04u000000HcRc_0EM700000004wxR.png) +![User-added image](./images/ka04u000000HcRc_0EM700000004wxR.png) --- @@ -49,7 +49,7 @@ To resolve the issue configure audit policies/ advanced audit policies. - **Audit account logon events: Failure** - **Audit logon events: Failure** - ![User-added image](images/ka04u000000HcRc_0EM700000004wxC.png) + ![User-added image](./images/ka04u000000HcRc_0EM700000004wxC.png) 5. Update group policy an all monitored DCs (for example run `gpupdate /force`) @@ -60,7 +60,7 @@ To resolve the issue configure audit policies/ advanced audit policies. 3. Expand the **Computer Configuration** -> **Policies** -> **Windows Settings** -> **Security Settings** -> **Advanced Audit Policy Configuration** node. 4. Configure audit policies according to page 12, Section 4.2: Enabling Audit Policy, of the [Account Lockout Examiner Administrator Guide](https://www.netwrix.com/download/documents/NetWrix_Account_Lockout_Examiner_Administrator_Guide.pdf?_ga=2.126161166.2092059225.1569427026-1766003445.1557946744). -![User-added image](images/ka04u000000HcRc_0EM7000000054jS.png) ![User-added image](images/ka04u000000HcRc_0EM7000000054jX.png) ![User-added image](images/ka04u000000HcRc_0EM700000004wxH.png) +![User-added image](./images/ka04u000000HcRc_0EM7000000054jS.png) ![User-added image](./images/ka04u000000HcRc_0EM7000000054jX.png) ![User-added image](./images/ka04u000000HcRc_0EM700000004wxH.png) 5. Update group policy an all monitored DCs (for example run `gpupdate /force`) @@ -77,4 +77,5 @@ In order to do this: 3. Change the value of **UseWMI_Audit** to `0`, 4. In the Account Lockout Examiner console go to **File - Settings** and click **OK** to apply registry changes. -![User-added image](images/ka04u000000HcRc_0EM700000004wxM.png) +![User-added image](./images/ka04u000000HcRc_0EM700000004wxM.png) + diff --git a/docs/kb/auditor/auditing-policies-are-not-being-enabled-on-all-or-several-domain-controllers-in-monitored-domain.md b/docs/kb/auditor/auditing-policies-are-not-being-enabled-on-all-or-several-domain-controllers-in-monitored-domain.md index 7c8c2fbfa9..a2dc302363 100644 --- a/docs/kb/auditor/auditing-policies-are-not-being-enabled-on-all-or-several-domain-controllers-in-monitored-domain.md +++ b/docs/kb/auditor/auditing-policies-are-not-being-enabled-on-all-or-several-domain-controllers-in-monitored-domain.md @@ -38,11 +38,11 @@ The reasons why the auditing policies are not being enabled on domain controller - Run Resultant Set of Policy (RSoP): `Start > Run` > type `rsop.msc` and press Enter. - Expand Audit Policy as shown in the picture below and make sure you see the corresponding source GPO (the GPO which you enabled auditing policies in) for auditing policies and ensure there are no warnings or errors. In our case we see that Audit Account Management policy is set to Failure, while for successful auditing we need to have this policy set to Success. -![rsop](images/ka04u000000HcSR_0EM7000000053Be.png) +![rsop](./images/ka04u000000HcSR_0EM7000000053Be.png) - To fix this problem open **Group Policy Management Console** (**Start > Administrative Tools > Group Policy Management**), select the **Domain Controllers** node, open the **Group Policy Inheritance** tab and in the right pane review the order the GPOs are being applied to the Domain Controllers OU. In our case the Default Domain Policy is enforced and being applied first which causes a GPO conflict. Manage your GPO inheritance to exclude the necessary policy settings from being overridden. For more details regarding GPO inheritance please refer to the following Microsoft KB article: http://technet.microsoft.com/en-us/library/cc757050(v=ws.10).aspx -![gpmc](images/ka04u000000HcSR_0EM7000000053Bj.png) +![gpmc](./images/ka04u000000HcSR_0EM7000000053Bj.png) ## If GPO distribution is correct but auditing settings still not applied @@ -52,7 +52,7 @@ If you resolved the inheritance issue and corresponding GPOs are being distribut 2. Open Local Group Policy Editor: `Start > Run` > `secpol.msc`. 3. Expand Audit Policy as shown in the picture below and make sure that the necessary auditing policies are set to Success (for example, Audit Account Management, Audit Directory Service Access) and are equal to the ones you see in Resultant Set of Policy (RSoP). -![secpol](images/ka04u000000HcSR_0EM7000000053Bo.png) +![secpol](./images/ka04u000000HcSR_0EM7000000053Bo.png) - If the Local Group Policy Editor indicates different auditing settings (different from the ones you configured and see in Resultant Set of Policy (RSoP)), this may indicate an issue with GPO applying on that particular domain controller. To troubleshoot this issue please refer to the following Microsoft KB articles: @@ -61,3 +61,4 @@ If you resolved the inheritance issue and corresponding GPOs are being distribut - Group Policy Analysis and Troubleshooting Overview: http://technet.microsoft.com/en-us/library/jj134223.aspx - Fixing Group Policy problems by using log files: http://technet.microsoft.com/en-us/library/cc775423(WS.10).aspx - SceCli 1202 events are logged every time Computer Group Policy settings are refreshed on a computer that is running Windows Server 2008 R2: http://support.microsoft.com/kb/974639/en-us + diff --git a/docs/kb/auditor/backup-recommendations.md b/docs/kb/auditor/backup-recommendations.md index 9d85342fcc..ee0c22b2f2 100644 --- a/docs/kb/auditor/backup-recommendations.md +++ b/docs/kb/auditor/backup-recommendations.md @@ -46,9 +46,9 @@ configserverDbProcessor.exe export -target "C:\NA_Backups\naconfig.xml" 4. Once the components are backed up, you can store them in any location to use once needed. -For additional information on import, refer to the following article: [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md). +For additional information on import, refer to the following article: [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server). ## Related articles -- [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md) -- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) +- [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server) +- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) diff --git a/docs/kb/auditor/can-any-additional-attribites-be-displayed-in-the-modification-reports.md b/docs/kb/auditor/can-any-additional-attribites-be-displayed-in-the-modification-reports.md index 7d12e12dcc..ede18babea 100644 --- a/docs/kb/auditor/can-any-additional-attribites-be-displayed-in-the-modification-reports.md +++ b/docs/kb/auditor/can-any-additional-attribites-be-displayed-in-the-modification-reports.md @@ -49,6 +49,7 @@ objectType:Attribute: ``` Examples: -![Attr](images/ka04u000000HcP8_0EM7000000051Zt.png) +![Attr](./images/ka04u000000HcP8_0EM7000000051Zt.png) **NOTE:** Each attribute should be put in a separate line. The pound key at the beginning of a line means exclusion of the line. + diff --git a/docs/kb/auditor/cannot-access-roles-page.md b/docs/kb/auditor/cannot-access-roles-page.md index acd0377eb6..bba1ea6b2d 100644 --- a/docs/kb/auditor/cannot-access-roles-page.md +++ b/docs/kb/auditor/cannot-access-roles-page.md @@ -30,7 +30,7 @@ All pages on Administrative portals work except the Roles. An error occurred on the server when processing the URL. Please contact the system administrator. If you are the system administrator please click here to find out more about this error. -![User-added](images/servlet_image_3823966b1661.png) +![User-added](./images/servlet_image_3823966b1661.png) --- @@ -46,5 +46,6 @@ Follow these steps to fix the issue: 2. Locate the web-site that is hosting the `PM` virtual directory. 3. Navigate to the **admin** virtual directory. 4. Open **ASP** settings under the **IIS** section. - ![User-added](images/servlet_image_3823966b1661.png) + ![User-added](./images/servlet_image_3823966b1661.png) 5. Make sure that **Enable Buffering** is set to `True`. + diff --git a/docs/kb/auditor/cannot-access-the-help-desk-portal.md b/docs/kb/auditor/cannot-access-the-help-desk-portal.md index 10fb95c123..54e777e6ec 100644 --- a/docs/kb/auditor/cannot-access-the-help-desk-portal.md +++ b/docs/kb/auditor/cannot-access-the-help-desk-portal.md @@ -36,20 +36,21 @@ This error indicates your authentication settings need to be adjusted to comply c) In the **Properties** dialog, open the **Directory Security** tab, and select **Edit** for **Authentication and Access Control**. d) In the **Authentication Methods** dialog, select either the **Integrated Windows authentication** box or **Basic authentication** (password is sent in clear text), and clear all other authentication options for Authentication access. - ![User-added image](images/ka04u000000HcNm_0EM700000004xES.png) + ![User-added image](./images/ka04u000000HcNm_0EM700000004xES.png) To ensure the required settings are enabled in **IIS7**, do the following: a) In the **IIS Manager** left pane, navigate to the **ALE** virtual directory (by default `\ -> Sites -> Default Web Site -> ALE`). b) In the Manager central pane, double-click the **Authentication** option. c) In the Authentication list, enable either the **Windows Authentication** option or **Basic Authentication**, and disable all other authentication options. - ![User-added image](images/ka04u000000HcNm_0EM700000004xEN.png) + ![User-added image](./images/ka04u000000HcNm_0EM700000004xEN.png) 3. Your proxy server is disabled or bypassed. To check the proxy settings, do the following: a) Go to **Control panel -> Internet options**. b) In the **Internet Properties** dialog, open the **Connections** tab and click the **LAN settings** button. c) Make sure the **Use a proxy server for your LAN** option is not enabled. Otherwise, make sure the **Bypass proxy server for local addresses** option is enabled too; in this case the Help-Desk portal must be a member of the **Local intranet zone**, or specified as exception. - ![User-added image](images/ka04u000000HcNm_0EM700000004xEI.png) + ![User-added image](./images/ka04u000000HcNm_0EM700000004xEI.png) 4. The account you are using has READ access to the physical directory of the Web-portal (by default `C:Program Files (x86)NetWrixAccount Lockout ExaminerWeb`) + diff --git a/docs/kb/auditor/cannot-complete-login-due-to-an-incorrect-user-name-or-password.md b/docs/kb/auditor/cannot-complete-login-due-to-an-incorrect-user-name-or-password.md index b214e3ae78..b1288dde5c 100644 --- a/docs/kb/auditor/cannot-complete-login-due-to-an-incorrect-user-name-or-password.md +++ b/docs/kb/auditor/cannot-complete-login-due-to-an-incorrect-user-name-or-password.md @@ -29,4 +29,5 @@ knowledge_article_id: kA00g000000H9bPCAS Select the **Change** button to enter in the credentials for the Virtual Center or ESX(i) Server: -![User-added](images/servlet_image_3823966b1661.png) +![User-added](./images/servlet_image_3823966b1661.png) + diff --git a/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md b/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md index 9bd884c2d6..9f253f910f 100644 --- a/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md +++ b/docs/kb/auditor/cannot-establish-a-connection-to-a-windows-file-server-compression-service.md @@ -47,5 +47,9 @@ After that, the **Netwrix Auditor Application Deployment Service** appears on th ### Related Articles -- [How to Investigate Compression Services Errors](/docs/kb/auditor/how-to-investigate-compression-services-errors.md) +- [How to Investigate Compression Services Errors](/docs/kb/auditor/how-to-investigate-compression-services-errors) - [Windows File Servers — Enable Remote Registry Service — v10.8.](https://docs.netwrix.com/docs/auditor/10_8/configuration/fileservers/windows/remoteregistryservice) + + + + diff --git a/docs/kb/auditor/cannot-find-the-application-error-in-sharepoint-online-and-ms-teams-monitoring-plan.md b/docs/kb/auditor/cannot-find-the-application-error-in-sharepoint-online-and-ms-teams-monitoring-plan.md index 9f65d06ac8..d24050ae8a 100644 --- a/docs/kb/auditor/cannot-find-the-application-error-in-sharepoint-online-and-ms-teams-monitoring-plan.md +++ b/docs/kb/auditor/cannot-find-the-application-error-in-sharepoint-online-and-ms-teams-monitoring-plan.md @@ -50,7 +50,7 @@ Cannot find the application. - Review the Application ID provided. You can find the Application ID of your app in the **Overview** page once you select the app in the **App registrations** section. Refer to the following Netwrix Auditor article for additional information on the initial Azure app setup: Netwrix Auditor — Permissions for SharePoint Online Auditing − Creating and registering a new app in Microsoft Entra ID ⸱ v10.6. For additional information on creating an app for Teams auditing, refer to the following Netwrix Auditor article: Netwrix Auditor — Permissions for Teams Auditing − Create and Register a New App in Microsoft Entra ID ⸱ v10.6. -![SPOAppID](images/ka0Qk0000001L8r_0EM4u000008MV3l.png) +![SPOAppID](./images/ka0Qk0000001L8r_0EM4u000008MV3l.png) - Review the app API permissions granted. You can either specify API permissions manually or use a manifest. Refer to the following Netwrix Auditor article for additional information on granting permissions: Netwrix Auditor — Permissions for SharePoint Online Auditing − Granting required permissions ⸱ v10.6. For additional information on permissions for Teams auditing, refer to the following Netwrix Auditor article: Netwrix Auditor — Permissions for Teams Auditing − Grant Required Permissions ⸱ v10.6. @@ -63,3 +63,6 @@ Cannot find the application. - Netwrix Auditor — Permissions for SharePoint Online Auditing − Granting Required Permissions ⸱ v10.6 - Netwrix Auditor — Permissions for Teams Auditing − Grant Required Permissions ⸱ v10.6 + + + diff --git a/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md b/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md index f181d99de4..fbcb7856bb 100644 --- a/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md +++ b/docs/kb/auditor/cannot-generate-sspi-context-error-in-sql-server-monitoring-plan.md @@ -98,16 +98,21 @@ If you are unable to resolve the issue with SPN registration, and if your scenar ### Cause #3 – Different TLS Protocol Versions -Allow the operating systems to select the protocol for incoming and outgoing communication on both your Netwrix Auditor and SQL servers. For more information, see Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md) +Allow the operating systems to select the protocol for incoming and outgoing communication on both your Netwrix Auditor and SQL servers. For more information, see Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm) ### Cause #4 – SQL and Netwrix Auditor Servers Time Difference -Synchronize the time on both SQL and Netwrix Auditor servers to eliminate clock skew. For more information, see Clock Skew Is Too Great: [Clock Skew Is Too Great](/docs/kb/auditor/clock-skew-is-too-great.md) +Synchronize the time on both SQL and Netwrix Auditor servers to eliminate clock skew. For more information, see Clock Skew Is Too Great: [Clock Skew Is Too Great](/docs/kb/auditor/clock-skew-is-too-great) ## Related Articles - [SQL Server Ports](https://docs.netwrix.com/docs/auditor/10_8/configuration/sqlserver/ports) - Cannot Generate SSPI Context – Fix the Error with Kerberos Configuration Manager · Microsoft: https://learn.microsoft.com/en-US/troubleshoot/sql/database-engine/connect/cannot-generate-sspi-context-error#fix-the-error-with-kerberos-configuration-manager-recommended - Register Service Principal Name for Kerberos Connections – Automatic SPN Registration · Microsoft: https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/register-a-service-principal-name-for-kerberos-connections?view=sql-server-ver16#Auto -- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md) -- [Clock Skew Is Too Great](/docs/kb/auditor/clock-skew-is-too-great.md) +- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm) +- [Clock Skew Is Too Great](/docs/kb/auditor/clock-skew-is-too-great) + + + + + diff --git a/docs/kb/auditor/cannot-obtain-credential-information-for-mapped-drive.md b/docs/kb/auditor/cannot-obtain-credential-information-for-mapped-drive.md index d02871f48b..583264770a 100644 --- a/docs/kb/auditor/cannot-obtain-credential-information-for-mapped-drive.md +++ b/docs/kb/auditor/cannot-obtain-credential-information-for-mapped-drive.md @@ -26,8 +26,9 @@ The following error is returned on account lockout examination: `Cannot obtain credential information for drive <> mapped by <>` -![User-added image](images/ka04u000000HcMw_0EM700000004wzm.png) +![User-added image](./images/ka04u000000HcMw_0EM700000004wzm.png) --- This error means that there are mapped drives in the system, but Netwrix Account Lockout Examiner for some reason cannot read the information on the credentials used to map drives in the Windows registry of the examined machine. This error usually occurs when the user under whose account a drive is mapped, used their own credentials, or a drive is mapped each time a user logs on with the current crendeitals. + diff --git a/docs/kb/auditor/cannot-retrieve-audit-settings-in-audit-configuration-assistant.md b/docs/kb/auditor/cannot-retrieve-audit-settings-in-audit-configuration-assistant.md index 28c59fc9d0..ad479e0812 100644 --- a/docs/kb/auditor/cannot-retrieve-audit-settings-in-audit-configuration-assistant.md +++ b/docs/kb/auditor/cannot-retrieve-audit-settings-in-audit-configuration-assistant.md @@ -41,7 +41,7 @@ Cannot retrieve admin audit logging settings. Cannot execute the PowerShell comm The user %user% isn't assigned to any management roles. ``` -![Audit Configuration Assistant error screenshot](images/ka04u00000117HQ_0EM4u000008M035.png) +![Audit Configuration Assistant error screenshot](./images/ka04u00000117HQ_0EM4u000008M035.png) ## Cause @@ -50,3 +50,4 @@ The user is not included in any or one of the following groups: Domain Admins, E ## Resolution Configure the user to be used in the Audit Configuration Assistant utility. For additional information on user permissions required for Audit Configuration Assistant utility, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8/tools/overview + diff --git a/docs/kb/auditor/certificate-related-and-unauthorized-errors-occur-when-trying-to-review-netwrix-auditor-reports.md b/docs/kb/auditor/certificate-related-and-unauthorized-errors-occur-when-trying-to-review-netwrix-auditor-reports.md index 54892f299a..a898caa296 100644 --- a/docs/kb/auditor/certificate-related-and-unauthorized-errors-occur-when-trying-to-review-netwrix-auditor-reports.md +++ b/docs/kb/auditor/certificate-related-and-unauthorized-errors-occur-when-trying-to-review-netwrix-auditor-reports.md @@ -31,7 +31,7 @@ An error occurred while enrolling for a certificate, the certificate request cou ``` 2. Symptom 2. Unauthorized error while accessing a report. - ![User-added image](images/ka04u000001173i_0EM4u000008Liq9.png) + ![User-added image](./images/ka04u000001173i_0EM4u000008Liq9.png) ## Causes @@ -52,4 +52,5 @@ Here are possible options to resolve the issue: - Check that the account used for data collection is on the same domain as the Netwrix Auditor Server or another domain. - Check if those domains are trusted. If not, add the Netwrix Site to the trusted list. -![User-added image](images/ka04u000001173i_0EM4u000008LirC.png) +![User-added image](./images/ka04u000001173i_0EM4u000008LirC.png) + diff --git a/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md b/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md index 9056d6642d..96a5e79432 100644 --- a/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md +++ b/docs/kb/auditor/change-data-collecting-account-password-in-netwrix-auditor.md @@ -37,4 +37,4 @@ Refer to the following steps to update the password for your data-collection acc 5. Provide a new password, and click **OK** to save changes. 6. In some cases, you might need to restart Netwrix services for the changes to take effect. -> **NOTE:** A new password won't be applied to Netwrix Password Reset, Event Log Manager, or Inactive User Tracker data-collection accounts. Refer to the following article for additional information: [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md). +> **NOTE:** A new password won't be applied to Netwrix Password Reset, Event Log Manager, or Inactive User Tracker data-collection accounts. Refer to the following article for additional information: [Failed Logon Attempts after Recent Service Account Password Change](/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change). diff --git a/docs/kb/auditor/child-item-with-this-name-already-exists-in-file-server-monitoring-plan.md b/docs/kb/auditor/child-item-with-this-name-already-exists-in-file-server-monitoring-plan.md index 1b961345d1..874ecdf5e5 100644 --- a/docs/kb/auditor/child-item-with-this-name-already-exists-in-file-server-monitoring-plan.md +++ b/docs/kb/auditor/child-item-with-this-name-already-exists-in-file-server-monitoring-plan.md @@ -42,5 +42,9 @@ The licensing data was corrupted. ## Resolution - In case you've encountered the issue after a recent upgrade, wait for 24 hours to see if the issue is resolved on its own. -- Reapply the license file. Refer to the following article for additional information: [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md). +- Reapply the license file. Refer to the following article for additional information: [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license). - In case reapplying the license did not help, contact [Netwrix Technical Support](https://www.netwrix.com/open_a_ticket.html). + + + + diff --git a/docs/kb/auditor/compression-service-does-not-appear-under-installed-programs-but-still-exists-in-the-services-overvi.md b/docs/kb/auditor/compression-service-does-not-appear-under-installed-programs-but-still-exists-in-the-services-overvi.md index 3e455f906d..bf3dd4bc10 100644 --- a/docs/kb/auditor/compression-service-does-not-appear-under-installed-programs-but-still-exists-in-the-services-overvi.md +++ b/docs/kb/auditor/compression-service-does-not-appear-under-installed-programs-but-still-exists-in-the-services-overvi.md @@ -38,7 +38,7 @@ You can manually delete the Service and its components. For that: 1. Open the **Services** snap-in and open properties of the problematic service. 2. Copy the full name of the service and the path to executable, for example, to a **Notepad** document. - ![User-added image](images/ka0Qk0000001hxN_0EMQk000002u2KX.png) + ![User-added image](./images/ka0Qk0000001hxN_0EMQk000002u2KX.png) 3. Run the command prompt as administrator and run the following command: ```bat @@ -47,3 +47,6 @@ You can manually delete the Service and its components. For that: where the `` is the full name of the service you copied on the step 2. 4. After that, navigate to the file path you copied earlier and delete all the files. + + + diff --git a/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md b/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md index 889a0b30fb..1ccf2507f4 100644 --- a/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md +++ b/docs/kb/auditor/compression-service-encountered-an-internal-error-in-windows-server-monitoring-plan.md @@ -107,5 +107,5 @@ The Windows Server Auditing host and compression service cannot operate due to d ## Related articles -- [Сonnection Issue when TLS 1.2 Is Required](/docs/kb/auditor/сonnection_issue_when_tls_1.2_is_required.md) -- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md) +- [Сonnection Issue when TLS 1.2 Is Required](/docs/kb/auditor/сonnection_issue_when_tls_1.2_is_required) +- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm) diff --git a/docs/kb/auditor/configure-microsoft-365-data-sources-to-use-proxy-server-settings.md b/docs/kb/auditor/configure-microsoft-365-data-sources-to-use-proxy-server-settings.md index fa698b07ad..e4923e0950 100644 --- a/docs/kb/auditor/configure-microsoft-365-data-sources-to-use-proxy-server-settings.md +++ b/docs/kb/auditor/configure-microsoft-365-data-sources-to-use-proxy-server-settings.md @@ -41,7 +41,7 @@ Exchange Online relies on PowerShell gathering proxy settings from the network a netsh winhttp show proxy ``` - ![netsh winhttp show proxy output](images/ka0Qk0000000ws1_0EM4u000008MMY1.png) + ![netsh winhttp show proxy output](./images/ka0Qk0000000ws1_0EM4u000008MMY1.png) 2. If the system prompts **Direct settings**, configure the network adapter to use the correct proxy settings: @@ -51,7 +51,7 @@ Exchange Online relies on PowerShell gathering proxy settings from the network a Replace the proxy server settings in the line with your actual settings. - ![netsh winhttp set proxy example](images/ka0Qk0000000ws1_0EM4u000008MMY6.png) + ![netsh winhttp set proxy example](./images/ka0Qk0000000ws1_0EM4u000008MMY6.png) ### Microsoft Entra ID (formerly Azure AD) @@ -84,11 +84,11 @@ After editing: Before editing image: -![Before editing configuration](images/ka0Qk0000000ws1_0EM4u000008MMXd.png) +![Before editing configuration](./images/ka0Qk0000000ws1_0EM4u000008MMXd.png) After editing image: -![After editing configuration](images/ka0Qk0000000ws1_0EM4u000008MMYB.png) +![After editing configuration](./images/ka0Qk0000000ws1_0EM4u000008MMYB.png) Replace `***.***.***.***:port` with your actual proxy settings. @@ -110,3 +110,6 @@ Replace `proxyaddress="***.***.***.***:port"` with your actual proxy settings. ### Microsoft Teams To use proxy server settings for the Teams audit, set up both Microsoft Entra ID and SharePoint Online settings. + + + diff --git a/docs/kb/auditor/connection-string-is-not-valid-in-sql-server-monitoring-plan.md b/docs/kb/auditor/connection-string-is-not-valid-in-sql-server-monitoring-plan.md index a2bcf33aaf..ae72952be9 100644 --- a/docs/kb/auditor/connection-string-is-not-valid-in-sql-server-monitoring-plan.md +++ b/docs/kb/auditor/connection-string-is-not-valid-in-sql-server-monitoring-plan.md @@ -53,10 +53,13 @@ Review the affected item in your SQL Server monitoring plan: 4. Review the instance name specified: - For a default SQL instance name (`MSSQLSERVER`), only specify the server FQDN or NetBIOS name. See the example for a reference. - ![Default instance example](images/ka04u000000wvzg_0EM4u000008pVor.png) + ![Default instance example](./images/ka04u000000wvzg_0EM4u000008pVor.png) - For a named SQL instance, specify `FQDN\Instance_name`. - ![Named instance example](images/ka04u000000wvzg_0EM4u000008pVow.png) + ![Named instance example](./images/ka04u000000wvzg_0EM4u000008pVow.png) 5. Once the changes are introduced, click **Save & Close**. + + + diff --git a/docs/kb/auditor/connection-to-microsoft-365-tenant-in-netwrix-auditor-completes-with-error-validating-your-account-s.md b/docs/kb/auditor/connection-to-microsoft-365-tenant-in-netwrix-auditor-completes-with-error-validating-your-account-s.md index 3740e5766c..08589dcf16 100644 --- a/docs/kb/auditor/connection-to-microsoft-365-tenant-in-netwrix-auditor-completes-with-error-validating-your-account-s.md +++ b/docs/kb/auditor/connection-to-microsoft-365-tenant-in-netwrix-auditor-completes-with-error-validating-your-account-s.md @@ -45,6 +45,9 @@ Make sure you provided the same parameters in a Netwrix Auditor monitoring plan 1. **Tenant name** in Netwrix should equal the `Directory (tenant) ID` in Microsoft Office 365 Admin center. 2. **Modern authentication application ID** should equal `Application (client) ID` in Microsoft Office 365 Admin center. -![00371273 O365 Tenant.PNG](images/ka04u00000117A1_0EM4u000008LuEC.png) +![00371273 O365 Tenant.PNG](./images/ka04u00000117A1_0EM4u000008LuEC.png) For additional information on configuring Office 365 tenant, refer to the following article: Microsoft 365. Select the data source you want to audit and review the corresponding section. + + + diff --git a/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md b/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md index 331323cdab..27123af3f9 100644 --- a/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md +++ b/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md @@ -89,4 +89,4 @@ To recreate the database, follow these steps: - Considerations for the Autogrow and Autoshrink Settings in SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/database-engine/database-file-operations/considerations-autogrow-autoshrink - [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console) - [Netwrix Auditor Settings – Investigations (v10.6) feature](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations) -- [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md) +- [SQL Server Express Database Size Reached 10GB](/docs/kb/auditor/sql-server-express-database-size-reached-10gb) diff --git a/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md b/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md index 8b2fffaee6..90ddf6647b 100644 --- a/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md +++ b/docs/kb/auditor/could-not-find-stored-procedure-getallproperties.md @@ -46,6 +46,10 @@ The ReportServer database is corrupted and has to be rebuilt. 1. Once you've opened SSMS, unfold the **Databases** folder in the **Object Explorer** pane on the left. 2. Right-click each (`ReportServer` and `ReportServerTemp`) database and select **Delete**. 3. Before confirming the deletion, make sure to check the **Close existing connections** checkbox. -3. Once the databases are deleted, regenerate the `ReportServer` database. Refer to the following article for additional information: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +3. Once the databases are deleted, regenerate the `ReportServer` database. Refer to the following article for additional information: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) 4. After you've configured the `ReportServer` database, grant the roles to the SSRS service account the roles required. Refer to the following article for additional information: [Configure SSRS Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice#configure-ssrs-account) 5. Restart **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service** via **Services**. + + + + diff --git a/docs/kb/auditor/could_not_create_ssltls_secure_channel_error_in_windows_server_monitoring_plan.md b/docs/kb/auditor/could_not_create_ssltls_secure_channel_error_in_windows_server_monitoring_plan.md index 51fc559c26..c9c0f5fdec 100644 --- a/docs/kb/auditor/could_not_create_ssltls_secure_channel_error_in_windows_server_monitoring_plan.md +++ b/docs/kb/auditor/could_not_create_ssltls_secure_channel_error_in_windows_server_monitoring_plan.md @@ -36,7 +36,7 @@ products: ## Resolutions - Enable TLS 1.2 in your environment − refer to the following article for additional information: Connection Issue when TLS 1.2 Is Required. -- In case TLS protocol versions are limited to specific versions in your environment, make sure to allow the operating system to select the protocol for incoming and outgoing communication. Refer to the following article for additional information: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md). +- In case TLS protocol versions are limited to specific versions in your environment, make sure to allow the operating system to select the protocol for incoming and outgoing communication. Refer to the following article for additional information: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm). - Review the certificate used for Windows Server auditing: 1. In the Netwrix Auditor server, either press **Win + R** or launch the **Run** command window. 2. In the **Run** command window, type `mmc` and press **OK**. Select **Yes** in the following prompt. @@ -52,4 +52,4 @@ products: ## Related Articles - Connection Issue when TLS 1.2 Is Required -- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md) \ No newline at end of file +- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm) \ No newline at end of file diff --git a/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md b/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md index b5a20a8b92..67626267fa 100644 --- a/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md +++ b/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md @@ -117,9 +117,9 @@ You can edit and customize the notification and report templates in Netwrix Pass ### Edit email header and footer -You can disable header and footer in Netwrix Password Reset emails. Refer to the following article for additional information: [Hide and Disable Header and Footer in Netwrix Password Reset Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md). +You can disable header and footer in Netwrix Password Reset emails. Refer to the following article for additional information: [Hide and Disable Header and Footer in Netwrix Password Reset Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails). ## Related articles -- [Hide and Disable Header and Footer in Netwrix Password Reset Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md) +- [Hide and Disable Header and Footer in Netwrix Password Reset Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails) - [All attributes ⸱ Microsoft 🡺](https://learn.microsoft.com/en-us/windows/win32/adschema/attributes-all) diff --git a/docs/kb/auditor/database-contains-tables-not-compatible-with-the-product.md b/docs/kb/auditor/database-contains-tables-not-compatible-with-the-product.md index 197ce7974d..79ec9e5235 100644 --- a/docs/kb/auditor/database-contains-tables-not-compatible-with-the-product.md +++ b/docs/kb/auditor/database-contains-tables-not-compatible-with-the-product.md @@ -42,10 +42,11 @@ Using SQL Management Studio give the Data Processing Account `DB_Owner` rights t 1) Log into the instance which contains the product database using SQL Management Studio with a **sysadmin account**. 2) Expand **Security** and then **Logins**. - ![User-added image](images/ka04u000000HcT5_0EM700000008DPW.png) + ![User-added image](./images/ka04u000000HcT5_0EM700000008DPW.png) 3) **Right click** the **Data Processing Account** and go to **Properties** (add the account if it doesn't exist). - ![User-added image](images/ka04u000000HcT5_0EM700000008DPb.png) + ![User-added image](./images/ka04u000000HcT5_0EM700000008DPb.png) 4) Under **Server Roles** you can give **sysadmin** to this account OR alternatively you can go to **User Mapping** and select each Netwrix database individually and add **DB_Owner** permissions. - ![User-added image](images/ka04u000000HcT5_0EM700000008DPg.png) + ![User-added image](./images/ka04u000000HcT5_0EM700000008DPg.png) + diff --git a/docs/kb/auditor/deploying-the-report-server-database.md b/docs/kb/auditor/deploying-the-report-server-database.md index 973451b115..33ca1ff1e6 100644 --- a/docs/kb/auditor/deploying-the-report-server-database.md +++ b/docs/kb/auditor/deploying-the-report-server-database.md @@ -68,7 +68,7 @@ Once the database has been successfully deployed, provide the Report Server URL 1. In the main Netwrix Auditor screen, click **Settings**. In the left pane, select the **Audit Database** tab and click **Modify** under the **Audit Database** section. - ![Audit Database Modify](images/ka04u000000wvtY_0EM4u000008pRVW.png) + ![Audit Database Modify](./images/ka04u000000wvtY_0EM4u000008pRVW.png) 2. Input the credentials and click **Next**. @@ -83,3 +83,4 @@ Netwrix Auditor should now be able to process and generate reports. - SQL Server State-In-Time Reports · v10.6 https://docs.netwrix.com/docs/auditor/10_8 + diff --git a/docs/kb/auditor/disable-multi-factor-authentication-for-microsoft-365-service-accounts.md b/docs/kb/auditor/disable-multi-factor-authentication-for-microsoft-365-service-accounts.md index cf8b1fa683..a55329db65 100644 --- a/docs/kb/auditor/disable-multi-factor-authentication-for-microsoft-365-service-accounts.md +++ b/docs/kb/auditor/disable-multi-factor-authentication-for-microsoft-365-service-accounts.md @@ -46,7 +46,7 @@ To disable MFA for your data-collecting account in any Microsoft 365 source, use 3. Select the service user to be used in the **Select excluded users and groups** window, and click **Select**. 4. To complete the setup, click **Save** in the bottom left corner. - ![Exclude user from MFA policy](images/ka0Qk0000001LLl_0EM4u000008MMJG.png) + ![Exclude user from MFA policy](./images/ka0Qk0000001LLl_0EM4u000008MMJG.png) - To exclude an app from the MFA policy: 1. Click the highlighted text under the **Target sources** section. @@ -54,7 +54,7 @@ To disable MFA for your data-collecting account in any Microsoft 365 source, use 3. Select the app to be used in the **Select excluded cloud apps** window, and click **Select**. 4. To complete the setup, click **Save** in the bottom left corner. - ![Exclude app from MFA policy](images/ka0Qk0000001LLl_0EM4u000008MMJL.png) + ![Exclude app from MFA policy](./images/ka0Qk0000001LLl_0EM4u000008MMJL.png) Refer to the following articles for additional information on data-collecting account setup for your Microsoft 365 sources: @@ -72,3 +72,6 @@ Refer to the following articles for additional information on data-collecting ac - Microsoft 365 — Permissions for Exchange Online Auditing ⸱ v10.6 https://docs.netwrix.com/docs/auditor/10_8 - Microsoft 365 — Permissions for SharePoint Online Auditing ⸱ v10.6 https://docs.netwrix.com/docs/auditor/10_8 - Microsoft 365 — Permissions for Teams Auditing ⸱ v10.6 https://docs.netwrix.com/docs/auditor/10_8 + + + diff --git a/docs/kb/auditor/entitlement-reviews-event-id-6527.md b/docs/kb/auditor/entitlement-reviews-event-id-6527.md index 39944fff26..2b8efe852a 100644 --- a/docs/kb/auditor/entitlement-reviews-event-id-6527.md +++ b/docs/kb/auditor/entitlement-reviews-event-id-6527.md @@ -35,7 +35,7 @@ License name: Entitlement reviews. Your subscription plan for Netwrix Auditor has expired. ``` -![image001.png](images/ka04u0000011688_0EM4u000008LCjZ.png) +![image001.png](./images/ka04u0000011688_0EM4u000008LCjZ.png) ## Cause @@ -53,3 +53,4 @@ Netwrix Auditor Access Reviews is no longer installed. ``` Click **OK** to proceed to the configuration tool. + diff --git a/docs/kb/auditor/error-0x80040605-connection-failed.md b/docs/kb/auditor/error-0x80040605-connection-failed.md index 6d61a37c84..f5d6a50735 100644 --- a/docs/kb/auditor/error-0x80040605-connection-failed.md +++ b/docs/kb/auditor/error-0x80040605-connection-failed.md @@ -50,8 +50,8 @@ One (or more) of the following services has stopped in the Netwrix Auditor serve Review the services running in the Netwrix Auditor server − make sure the services are running with their startup type set to **Automatic**. -> **IMPORTANT:** If the disk storing Long-Term Archive is running out of space, you'll corresponding events in Health Log. When the free disk space is below 3GB, the Netwrix services responsible for audit data collection will be stopped, preventing the data collection. For additional information on reducing disk space consumption, refer to the following article: [Netwrix Auditor Consumes Disk Space — Recommendations](/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md). +> **IMPORTANT:** If the disk storing Long-Term Archive is running out of space, you'll corresponding events in Health Log. When the free disk space is below 3GB, the Netwrix services responsible for audit data collection will be stopped, preventing the data collection. For additional information on reducing disk space consumption, refer to the following article: [Netwrix Auditor Consumes Disk Space — Recommendations](/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations). ## Related articles -- [Netwrix Auditor Consumes Disk Space — Recommendations](/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md) +- [Netwrix Auditor Consumes Disk Space — Recommendations](/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations) diff --git a/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable.md b/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable.md index df58236fb8..a05aa1d3af 100644 --- a/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable.md +++ b/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable.md @@ -73,7 +73,7 @@ Failed to update the agent on the following server: %server% > **NOTE:** If you see the following error in the Event Viewer while checking **Event Viewer (Local)** connection to another computer, enable inbound rules (COM+ Network Access and all rules in the Remote Event Log Management group) on the target computer. Refer to the following article for additional information: Configuration − Logon Activity Ports: Configure Windows Firewall Inbound Connection Rules ⸱ v10.6. > - > ![COM+ Network Access screenshot](images/ka04u000000wvy4_0EM4u000008LkB8.png) + > ![COM+ Network Access screenshot](./images/ka04u000000wvy4_0EM4u000008LkB8.png) > > Learn more in: 0x80004027 error when you try to remotely access COM+ object after you upgrade to Windows Server 2016 or later versions ⸱ Microsoft @@ -105,3 +105,4 @@ Failed to update the agent on the following server: %server% - [Windows Server Troubleshooting: RPC server is unavailable ⸱ Microsoft](https://social.technet.microsoft.com/wiki/contents/articles/4494.windows-server-troubleshooting-rpc-server-is-unavailable.aspx) - Сonnection Issue when TLS 1.2 Is Required - [Server Hardware Performance Considerations ⸱ Microsoft](https://learn.microsoft.com/en-us/windows-server/administration/performance-tuning/hardware/) + diff --git a/docs/kb/auditor/error-403.md b/docs/kb/auditor/error-403.md index 331f3b67cd..d9f5ebbaa0 100644 --- a/docs/kb/auditor/error-403.md +++ b/docs/kb/auditor/error-403.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9TwCAK When trying to browse to any portal, you get "Error 403 - Access is denied" -![User-added image](images/ka04u000000HcNi_0EM700000004yKg.png) +![User-added image](./images/ka04u000000HcNi_0EM700000004yKg.png) The 403 error can be caused by several reasons. The most common reasons are: @@ -37,9 +37,9 @@ The 403 error can be caused by several reasons. The most common reasons are: 3. In the central pane double-click **SSL Settings** 4. Check settings, change if necessary - ![User-added image](images/ka04u000000HcNi_0EM700000004yKq.png) + ![User-added image](./images/ka04u000000HcNi_0EM700000004yKq.png) - ![User-added image](images/ka04u000000HcNi_0EM700000004yKv.png) + ![User-added image](./images/ka04u000000HcNi_0EM700000004yKv.png) 2. Default document IIS feature is not enabled. @@ -50,6 +50,7 @@ The 403 error can be caused by several reasons. The most common reasons are: 3. In the central pane double-click **Default Document** 4. In the right pane click **Enable** (if there is no Enable option there, but **Disable** is, it means that the feature is enabled) - ![User-added image](images/ka04u000000HcNi_0EM700000004yL0.png) + ![User-added image](./images/ka04u000000HcNi_0EM700000004yL0.png) + + ![User-added image](./images/ka04u000000HcNi_0EM700000004yL5.png) - ![User-added image](images/ka04u000000HcNi_0EM700000004yL5.png) diff --git a/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md b/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md index 5d4174ceb9..4b8b0002bf 100644 --- a/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md +++ b/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md @@ -56,10 +56,10 @@ HTTP Error 503. The service is unavailable. ## Resolutions -- Review Web Service and Web Portal URLs — refer to the following article for additional information: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +- Review Web Service and Web Portal URLs — refer to the following article for additional information: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) - Verify the `SQL Server Reporting Services` service on your SSRS server is running. You can also run **Report Server Configuration Manager** > the **Report Server Status** tab to verify the report server status. - IMPORTANT: Refer to the following article if you're unable to start the `SQL Server Reporting Services` service: [Error: Service Did Not Respond to Start or Control Request in SSRS](/docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs.md) + IMPORTANT: Refer to the following article if you're unable to start the `SQL Server Reporting Services` service: [Error: Service Did Not Respond to Start or Control Request in SSRS](/docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs) - Remove the SSRS account from the Protected Users security group. Learn more about Protected Users in Protected Users Security Group ⸱ Microsoft. - https://learn.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/protected-users-security-group @@ -86,6 +86,6 @@ A license is now required. ## Related articles -- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) -- [Error: Service Did Not Respond to Start or Control Request in SSRS](/docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs.md) +- [Error: Service Did Not Respond to Start or Control Request in SSRS](/docs/kb/auditor/error-service-did-not-respond-to-start-or-control-request-in-ssrs) diff --git a/docs/kb/auditor/error-an-unknown-error-occurred-while-processing-the-request-on-the-server.md b/docs/kb/auditor/error-an-unknown-error-occurred-while-processing-the-request-on-the-server.md index d8d81a678e..5370a714f0 100644 --- a/docs/kb/auditor/error-an-unknown-error-occurred-while-processing-the-request-on-the-server.md +++ b/docs/kb/auditor/error-an-unknown-error-occurred-while-processing-the-request-on-the-server.md @@ -45,4 +45,5 @@ Extend the report timeout on the on the Report Manager URL. For that: 2. Find the problematic report and open it. 3. Click the 3 dots in the Reports Manager for the report itself, then click **Manage**. 4. In the **Advanced** section, modify the report timeout settings. - ![User-added image](images/ka0Qk0000001ZBp_0EMQk000002dUpt.png) + ![User-added image](./images/ka0Qk0000001ZBp_0EMQk000002dUpt.png) + diff --git a/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md b/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md index 7dc167112b..7aff29f179 100644 --- a/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md +++ b/docs/kb/auditor/error-can-not-process-sql-commands-for-the-netwrix-auditor-self-audit-database.md @@ -53,4 +53,4 @@ Follow the steps below to turn off the **Recovery** mode for the database: ### Related Article: -- [Recovery Mode Changes in SQL Databases](/docs/kb/auditor/recovery-mode-changes-in-sql-databases.md) +- [Recovery Mode Changes in SQL Databases](/docs/kb/auditor/recovery-mode-changes-in-sql-databases) diff --git a/docs/kb/auditor/error-check-your-sql-server-settings-in-audit-database-settings.md b/docs/kb/auditor/error-check-your-sql-server-settings-in-audit-database-settings.md index d39ac777c2..d9a8e8d669 100644 --- a/docs/kb/auditor/error-check-your-sql-server-settings-in-audit-database-settings.md +++ b/docs/kb/auditor/error-check-your-sql-server-settings-in-audit-database-settings.md @@ -56,7 +56,7 @@ Refer to the list of possible causes for the error: 2. Configure your SQL Server instance to allow remote connections. Learn more in [Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft 🧩](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure). 3. Enable the TCP/IP protocol in the SQL Server—refer to the following article for additional information: Enable TCP/IP Protocol in SQL Server. -> **NOTE:** Alternatively, review the TCP port used for SQL Server communication—learn more in [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft 🧩](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine). For additional information on setting a custom TCP port in Netwrix Auditor, refer to the following article: [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md). +> **NOTE:** Alternatively, review the TCP port used for SQL Server communication—learn more in [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft 🧩](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine). For additional information on setting a custom TCP port in Netwrix Auditor, refer to the following article: [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database). ## Related Articles @@ -64,4 +64,8 @@ Refer to the list of possible causes for the error: - [Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft 🧩](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure) - Enable TCP/IP Protocol in SQL Server - [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft 🧩](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine) -- [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md) +- [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database) + + + + diff --git a/docs/kb/auditor/error-could-not-connect-to-server.md b/docs/kb/auditor/error-could-not-connect-to-server.md index c2f1dabe66..4c912a1c7a 100644 --- a/docs/kb/auditor/error-could-not-connect-to-server.md +++ b/docs/kb/auditor/error-could-not-connect-to-server.md @@ -52,14 +52,14 @@ Refer to the list of possible causes for the error: 1. Verify the SQL Server instance name specified in the Audit Database settings. Refer to the following article for additional information:[Specifying the SQL Server Instance Name](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase) 2. Configure your SQL Server instance to allow remote connections. Learn more in Microsoft's documentation: [Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure) -3. Enable the TCP/IP protocol in the SQL Server—refer to the following article for additional information: [Enable TCP/IP Protocol in SQL Server](/docs/kb/auditor/enable_tcpip_protocol_in_sql_server.md) +3. Enable the TCP/IP protocol in the SQL Server—refer to the following article for additional information: [Enable TCP/IP Protocol in SQL Server](/docs/kb/auditor/enable_tcpip_protocol_in_sql_server) -> **NOTE:** Alternatively, review the TCP port used for SQL Server communication—learn more in Microsoft's documentation: [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine). For additional information on setting a custom TCP port in Netwrix Auditor, refer to the following article: [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md). +> **NOTE:** Alternatively, review the TCP port used for SQL Server communication—learn more in Microsoft's documentation: [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine). For additional information on setting a custom TCP port in Netwrix Auditor, refer to the following article: [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database). ## Related Articles - [Specifying the SQL Server Instance Name](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase) - [Configure remote access (server configuration option) — Use SQL Server Management Studio ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option?view=sql-server-ver16#SSMSProcedure) -- [Enable TCP/IP Protocol in SQL Server](/docs/kb/auditor/enable_tcpip_protocol_in_sql_server.md) +- [Enable TCP/IP Protocol in SQL Server](/docs/kb/auditor/enable_tcpip_protocol_in_sql_server) - [Configure SQL Server to listen on a specific TCP port — Assign a TCP/IP port number to the SQL Server Database Engine ⸱ Microsoft](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/configure-a-server-to-listen-on-a-specific-tcp-port?view=sql-server-ver15#assign-a-tcpip-port-number-to-the-sql-server-database-engine) -- [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md) +- [Specify Custom SQL Server Port for Netwrix Auditor Audit Database](/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database) diff --git a/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md b/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md index 723f7fb6bf..7839290a0b 100644 --- a/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md +++ b/docs/kb/auditor/error-during-report-processing-rserrorimpersonatinguser-running-reports.md @@ -49,7 +49,7 @@ SQL Server Reporting Services (SSRS) connection issues or insufficient permissio If you use a `gMSA` account for data collection, refer to the following article for additional information: [GMSA](https://docs.netwrix.com/docs/auditor/10_8/requirements/gmsa) -4. Check your Report Services configuration. [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +4. Check your Report Services configuration. [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) 5. Check the permissions for your SSRS Account. Refer to the following article:[Configure SSRS Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice#configure-ssrs-account) @@ -67,5 +67,5 @@ SQL Server Reporting Services (SSRS) connection issues or insufficient permissio - [Configure Audit Database Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver#configure-audit-database-account) - [Data Collecting Accounts](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts) - [Requirements – Use Group Managed Service Account (gMSA](https://docs.netwrix.com/docs/auditor/10_8/requirements/gmsa) -- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) - [Configure SSRS Account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice#configure-ssrs-account) diff --git a/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md b/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md index 33689282e3..6f42919d47 100644 --- a/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md +++ b/docs/kb/auditor/error-failed-to-load-registry-hive-file-is-used-by-another-process.md @@ -53,7 +53,7 @@ This issue may be caused by one or more of the following factors: Apply one or more of the following solutions to resolve this error: -- Configure antivirus exclusions in your Netwrix Auditor environment. For details, see the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- Configure antivirus exclusions in your Netwrix Auditor environment. For details, see the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) - Follow these steps if excluding Auditor-related folders did not resolve the issue: @@ -89,4 +89,4 @@ Apply one or more of the following solutions to resolve this error: ## Related Article -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) diff --git a/docs/kb/auditor/error-generating-a-report-in-ssrs-http-error-401-unauthorized.md b/docs/kb/auditor/error-generating-a-report-in-ssrs-http-error-401-unauthorized.md index 69ce0c085d..c2306c304a 100644 --- a/docs/kb/auditor/error-generating-a-report-in-ssrs-http-error-401-unauthorized.md +++ b/docs/kb/auditor/error-generating-a-report-in-ssrs-http-error-401-unauthorized.md @@ -57,12 +57,12 @@ HTTP Error 401 - Unauthorized. Provide another credentials or change security se 2. In the left pane, click **Local server**. 3. Click **On** to the right of **IE Enhanced Security Configuration**. - ![](images/ka0Qk00000031Iv_0EM4u000008LafD.png) + ![](./images/ka0Qk00000031Iv_0EM4u000008LafD.png) 4. In the configuration window, switch both **Administrators** and **Users** categories to **Off**. 5. Click **OK** to save changes. - ![](images/ka0Qk00000031Iv_0EM4u000008LafI.png) + ![](./images/ka0Qk00000031Iv_0EM4u000008LafI.png) - Review your SSRS account permissions. For additional information, refer to: SQL Server Reporting Services: Configure SSRS Account · v10.6 — https://docs.netwrix.com/docs/auditor/10_8/requirements/overview @@ -121,3 +121,4 @@ HTTP Error 401 - Unauthorized. Provide another credentials or change security se ## Related articles - Netwrix Auditor Settings − Investigations · v10.6 — https://docs.netwrix.com/docs/auditor/10_8 + diff --git a/docs/kb/auditor/error-memory-limit-is-reached.md b/docs/kb/auditor/error-memory-limit-is-reached.md index 7200f634b4..a9e715a5c0 100644 --- a/docs/kb/auditor/error-memory-limit-is-reached.md +++ b/docs/kb/auditor/error-memory-limit-is-reached.md @@ -42,8 +42,8 @@ The default memory limit has been reached for the process. Increase the resource pool on your Netwrix Auditor server. Refer to the following article for additional information on hardware requirements for different deployment scenarios: [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console). -> **IMPORTANT:** Verify that the antivirus exclusions are in place on your Netwrix Auditor server. Review the following article for recommendations on antivirus exclusions in the Auditor environment: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +> **IMPORTANT:** Verify that the antivirus exclusions are in place on your Netwrix Auditor server. Review the following article for recommendations on antivirus exclusions in the Auditor environment: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). ## Related Articles - [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console) -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) diff --git a/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly.md b/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly.md index 2e4f759461..9eecd41259 100644 --- a/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly.md +++ b/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly.md @@ -59,4 +59,8 @@ If you are currently on a 10.5 version and build other than 10950, perform the p ## Related articles -- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md) +- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor) + + + + diff --git a/docs/kb/auditor/error-no-more-threads.md b/docs/kb/auditor/error-no-more-threads.md index 8efd3d2f08..df0cf214cb 100644 --- a/docs/kb/auditor/error-no-more-threads.md +++ b/docs/kb/auditor/error-no-more-threads.md @@ -31,4 +31,5 @@ To fix the issue, restart the **WMI service** on the **target domain controller* 3. Locate the **Windows Management Instrumentation Service** in the list. 4. Right-click this service and select **Restart** from the popup menu. -![User-added image](images/ka04u000000HcMv_0EM700000004wr9.png) +![User-added image](./images/ka04u000000HcMv_0EM700000004wr9.png) + diff --git a/docs/kb/auditor/error-request-operation-timeout.md b/docs/kb/auditor/error-request-operation-timeout.md index 113c59bb5f..2eebeee43f 100644 --- a/docs/kb/auditor/error-request-operation-timeout.md +++ b/docs/kb/auditor/error-request-operation-timeout.md @@ -26,7 +26,7 @@ knowledge_article_id: kA00g000000H9bxCAC You receive the "request timeout" error message when you launch the Netwrix Account Lockout Examiner console or some time after. -![User-added image](images/ka04u000000HcUi_0EM700000004xfn.png) +![User-added image](./images/ka04u000000HcUi_0EM700000004xfn.png) --- @@ -45,7 +45,7 @@ In order to resolve the issue perform the following steps on the Account Lockout f. Set `invLogonCleaningPeriod` to `10 decimal` g. Restart the NetWrix Account Lockout Examiner service - ![User-added image](images/ka04u000000HcUi_0EM700000004xfx.png) + ![User-added image](./images/ka04u000000HcUi_0EM700000004xfx.png) 2. If the above does not help, disable searching of invalid logons on workstations. This will reduce the service load. a. Run Registry Editor (`Start - Run - regedit`) @@ -53,11 +53,12 @@ In order to resolve the issue perform the following steps on the Account Lockout c. Create a DWORD called `PF_Enabled` with the value of `0` d. Restart the NetWrix Account Lockout Examiner service - ![User-added image](images/ka04u000000HcUi_0EM700000004xg2.png) + ![User-added image](./images/ka04u000000HcUi_0EM700000004xg2.png) 3. If all of the registry settings did not address the issue set Account Lockout Examiner to monitor the PDC only: a. In Netwrix Account Lockout Examiner navigate to **File > Settings > Managed Objects**. b. Select your domain and click **Edit**. c. Select the **Only PDC emulator** radio button and click **OK** to save the changes. - ![User-added image](images/ka04u000000HcUi_0EM700000004xg7.png) + ![User-added image](./images/ka04u000000HcUi_0EM700000004xg7.png) + diff --git a/docs/kb/auditor/error-snapshot-saving-process-was-interrupted.md b/docs/kb/auditor/error-snapshot-saving-process-was-interrupted.md index 6e24a550cf..4f29d232b0 100644 --- a/docs/kb/auditor/error-snapshot-saving-process-was-interrupted.md +++ b/docs/kb/auditor/error-snapshot-saving-process-was-interrupted.md @@ -41,8 +41,8 @@ An antivirus or EDR/XDR solution in your environment affects the operation of yo ## Resolution -Add antivirus exclusions to both your Netwrix Auditor monitoring plan and to targets by referring to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +Add antivirus exclusions to both your Netwrix Auditor monitoring plan and to targets by referring to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). ## Related Articles -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) diff --git a/docs/kb/auditor/error-the-maximum-password-age-is-not-set.md b/docs/kb/auditor/error-the-maximum-password-age-is-not-set.md index 9b2b01219c..113008dc7e 100644 --- a/docs/kb/auditor/error-the-maximum-password-age-is-not-set.md +++ b/docs/kb/auditor/error-the-maximum-password-age-is-not-set.md @@ -43,4 +43,5 @@ To set the Maximum Password Age policy for the domain: 4. In the right pane define the **Maximum password age** value 5. Update policies, for example run `gpupdate /force` -![User-added image](images/ka04u000000HcU6_0EM7000000054Ba.png) +![User-added image](./images/ka04u000000HcU6_0EM7000000054Ba.png) + diff --git a/docs/kb/auditor/error-the-pipe-endpoint-cannot-be-found.md b/docs/kb/auditor/error-the-pipe-endpoint-cannot-be-found.md index 0a0dd27514..5ba24b5d5a 100644 --- a/docs/kb/auditor/error-the-pipe-endpoint-cannot-be-found.md +++ b/docs/kb/auditor/error-the-pipe-endpoint-cannot-be-found.md @@ -24,7 +24,7 @@ knowledge_article_id: kA00g000000H9c4CAC You get the "pipe endpoint cannot be found" error when you launch the console, or after some time after launching it. -![User-added image](images/ka04u000000HcUp_0EM700000004xfs.png) +![User-added image](./images/ka04u000000HcUp_0EM700000004xfs.png) The issue occurs when the Account Lockout Examiner does not start or crashes. @@ -35,3 +35,4 @@ To resolve the issue please make sure that the Netwrix Account Lockout Examiner If the issue persists, please make sure that you are running the latest version of Account Lockout Examiner: https://www.netwrix.com/account_lockout_examiner.html + diff --git a/docs/kb/auditor/error-the-remote-procedure-call-failed.md b/docs/kb/auditor/error-the-remote-procedure-call-failed.md index 64ea3d55d6..2c9af34273 100644 --- a/docs/kb/auditor/error-the-remote-procedure-call-failed.md +++ b/docs/kb/auditor/error-the-remote-procedure-call-failed.md @@ -41,7 +41,7 @@ The "Remote procedure call failed" error can have a number of root causes such a Depending on the error cause, follow the resolution steps below: 1. Make sure you have all required ports opened. For additional information on configuring ports for Netwrix Auditor, refer to the following article: [Protocols and Ports Required](https://docs.netwrix.com/docs/auditor/10_8/requirements/ports) -2. Review your Antivirus exclusions. For additional information on required exclusions for your antivirus, refer to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +2. Review your Antivirus exclusions. For additional information on required exclusions for your antivirus, refer to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) 3. If the issue occurs during Logon Activity data collection, try to follow the steps in these articles: - - [System Cannot Find the Path Specified in Logon Activity Monitoring Plan](/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan.md) - - [Error: Size of Collected Data Files Exceeded Limit in Logon Activity Monitoring Plan](/docs/kb/auditor/error-size-of-collected-data-files-exceeded-limit-in-logon-activity-monitoring-plan.md) + - [System Cannot Find the Path Specified in Logon Activity Monitoring Plan](/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan) + - [Error: Size of Collected Data Files Exceeded Limit in Logon Activity Monitoring Plan](/docs/kb/auditor/error-size-of-collected-data-files-exceeded-limit-in-logon-activity-monitoring-plan) diff --git a/docs/kb/auditor/error-user-activity-core-service-has-been-already-launched.md b/docs/kb/auditor/error-user-activity-core-service-has-been-already-launched.md index d4e085bbfe..38c30bd0e2 100644 --- a/docs/kb/auditor/error-user-activity-core-service-has-been-already-launched.md +++ b/docs/kb/auditor/error-user-activity-core-service-has-been-already-launched.md @@ -38,7 +38,7 @@ The computer is included in this or another monitoring plan - The list of monitored computers in your User Activity monitoring plan states the **Duplicate** status for one or multiple servers. -![Duplicate status screenshot](images/ka0Qk0000004pqL_0EM4u000008M4JN.png) +![Duplicate status screenshot](./images/ka0Qk0000004pqL_0EM4u000008M4JN.png) - No monitoring data is available for the **Duplicate** servers. @@ -70,7 +70,7 @@ Stop-Service -Name "NwUserActivitySvc" Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix\User Activity Video Reporter Agent ``` - ![Registry key screenshot](images/ka0Qk0000004pqL_0EM4u000008M4JS.png) + ![Registry key screenshot](./images/ka0Qk0000004pqL_0EM4u000008M4JS.png) Locate the `UniqID` value. Copy the value data and refer to it in the future steps—right-click the key and select **Modify...**. Once you copy the value, delete the `UniqID` value. @@ -100,3 +100,4 @@ Start-Service -Name "NwUserActivitySvc" - Uninstall Netwrix Auditor — Delete Netwrix Auditor User Activity Core Service · v10.7 https://docs.netwrix.com/docs/auditor/10_8 + diff --git a/docs/kb/auditor/essential-netwrix-license-usage-data-and-url-resources.md b/docs/kb/auditor/essential-netwrix-license-usage-data-and-url-resources.md index 9755a31a51..41b8f197e2 100644 --- a/docs/kb/auditor/essential-netwrix-license-usage-data-and-url-resources.md +++ b/docs/kb/auditor/essential-netwrix-license-usage-data-and-url-resources.md @@ -31,7 +31,7 @@ Each data source that Netwrix Auditor audits is associated with a license. For e > **Note:** License usage data does not include any sensitive information. See the following screenshot for an example of what data Netwrix receives: -![User-added image](images/ka04u00000116GR_0EM4u000002PWPR.png) +![User-added image](./images/ka04u00000116GR_0EM4u000002PWPR.png) If a Netwrix server in your environment has limited Internet access, whitelist the following URLs so Netwrix can collect license usage data: @@ -41,3 +41,4 @@ http://updates.netwrix.com/ http://www.netwrix.com/ https://stats.netwrix.com/ ``` + diff --git a/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md b/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md index 71ecc8f13c..c27e17efa1 100644 --- a/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md +++ b/docs/kb/auditor/event-id-1000-application-errors-in-netwrix-auditor-server.md @@ -54,7 +54,7 @@ The **Faulting module name** dynamic-link library file was corrupted. This could ## Resolutions -1. Set up antivirus exclusions to prevent both your antivirus solution and Netwrix Auditor from conflicting — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +1. Set up antivirus exclusions to prevent both your antivirus solution and Netwrix Auditor from conflicting — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) 2. Establish the scope of affected `.dll` files. In case the **Faulting module path** links the system folder (e.g., `C:\Windows\System32`), follow these steps: @@ -80,9 +80,9 @@ The **Faulting module name** dynamic-link library file was corrupted. This could 3. Once the commands are completed and components are restored, restart the server. -3. In case the **Faulting module path** links a Netwrix-related folder (e.g., `C:\Program Files (x86)\Netwrix Auditor\Active Directory Auditing`), repair your Netwrix Auditor installation. Refer to the following article for additional information: [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md) +3. In case the **Faulting module path** links a Netwrix-related folder (e.g., `C:\Program Files (x86)\Netwrix Auditor\Active Directory Auditing`), repair your Netwrix Auditor installation. Refer to the following article for additional information: [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation) ## Related articles -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) -- [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) +- [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation) diff --git a/docs/kb/auditor/event-id-1024-in-health-log.md b/docs/kb/auditor/event-id-1024-in-health-log.md index b2d894fb65..6f755ba562 100644 --- a/docs/kb/auditor/event-id-1024-in-health-log.md +++ b/docs/kb/auditor/event-id-1024-in-health-log.md @@ -58,9 +58,9 @@ Regenerate the Activity Summary: > wevtutil epl "Netwrix Auditor" %userprofile%\desktop\NASH.evtx > ``` > -> Refer to the following article for additional information for an option to manually save the Auditor event log: [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md). +> Refer to the following article for additional information for an option to manually save the Auditor event log: [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log). ## Related articles -- [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md) +- [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log) - [My Tickets · Netwrix](https://www.netwrix.com/tickets.html#/tickets/open) diff --git a/docs/kb/auditor/event-id-1208-in-health-log.md b/docs/kb/auditor/event-id-1208-in-health-log.md index 232be68ad1..27bbaf6439 100644 --- a/docs/kb/auditor/event-id-1208-in-health-log.md +++ b/docs/kb/auditor/event-id-1208-in-health-log.md @@ -34,7 +34,7 @@ Refer to the entries below for possible causes and resolutions based on event de ### `Fatal error during installation` - Cause: The **Timeout expired** error is prompted after SharePoint Core Service installation has taken over 10 minutes. - **Resolution:** Refer to the following article for additional information: [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md) + **Resolution:** Refer to the following article for additional information: [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment) - Cause: An invalid SharePoint Central Administration URL was specified during monitoring plan creation. **Resolution:** @@ -114,7 +114,8 @@ Refer to the entries below for possible causes and resolutions based on event de ## Related articles -- [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md) +- [Timeout Expired Error on SharePoint Core Service Deployment](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment) - [Permissions for SharePoint Auditing](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/permissions) - [SharePoint Ports](https://docs.netwrix.com/docs/auditor/10_8/configuration/sharepoint/ports) - [Install for SharePoint Core Service](https://docs.netwrix.com/docs/auditor/10_8/install/sharepointcoreservice) + diff --git a/docs/kb/auditor/event-id-1225-in-health-log.md b/docs/kb/auditor/event-id-1225-in-health-log.md index b1007f0190..6461cee970 100644 --- a/docs/kb/auditor/event-id-1225-in-health-log.md +++ b/docs/kb/auditor/event-id-1225-in-health-log.md @@ -41,10 +41,10 @@ Netwrix Auditor is unable to collect farm configuration changes due to network c Refer to the corresponding article for additional information on resolution: -- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md) -- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md) +- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log) +- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log) ## Related articles -- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md) -- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md) +- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log) +- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log) diff --git a/docs/kb/auditor/event-id-1274-in-health-log.md b/docs/kb/auditor/event-id-1274-in-health-log.md index 0534f9b8b1..7b79d1fcd0 100644 --- a/docs/kb/auditor/event-id-1274-in-health-log.md +++ b/docs/kb/auditor/event-id-1274-in-health-log.md @@ -43,11 +43,11 @@ because the product is unable to detect the forest where the audited SharePoint - Cause #1 − Verify the **SharePoint Central Administration** site is reachable by opening the URL in a browser. - Cause #2 − Refer to the following articles for additional information: - - [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md) - - [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md) + - [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log) + - [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log) - Cause #3 − Verify the global catalog domain controller is reachable. ## Related articles -- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md) -- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md) +- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log) +- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log) diff --git a/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md b/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md index 5db37aba0e..731e27d91a 100644 --- a/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md +++ b/docs/kb/auditor/event-id-2002-the-term-get-help-is-not-recognized.md @@ -43,4 +43,4 @@ To resolve the issue, upgrade Netwrix Auditor to the version 10.6 build 12322 an ### Related article: -- [Administrator Audit Logging (AAL) configuration details](/docs/kb/auditor/administrator-audit-logging-aal-configuration-details.md) +- [Administrator Audit Logging (AAL) configuration details](/docs/kb/auditor/administrator-audit-logging-aal-configuration-details) diff --git a/docs/kb/auditor/exporting-information-on-account-lockout-events.md b/docs/kb/auditor/exporting-information-on-account-lockout-events.md index 2b39bbf720..2ef8c5ecaa 100644 --- a/docs/kb/auditor/exporting-information-on-account-lockout-events.md +++ b/docs/kb/auditor/exporting-information-on-account-lockout-events.md @@ -29,8 +29,9 @@ Can I export information on account lockout events for audit purposes? The Netwrix Account Lockout Examiner console does not have an export feature. However, all lockout information is stored in the `allinfo.xml` file located in the product installation directory. It can be easily parsed by a third-party tool or script to get the required information. However account names are not stored in the `allinfo.xml`; all accounts are referred to as SIDs. -![User-added image](images/ka04u000000HcN3_0EM700000004wrO.png) +![User-added image](./images/ka04u000000HcN3_0EM700000004wrO.png) Netwrix also has another product called Netwrix Event Log Manager for this purpose. This product is able to collect event log entries from multiple computers across the network and centrally store all events in a central location in a compressed format. For more information, refer to the following link: https://www.netwrix.com/event_log_archiving_consolidation_freeware.html + diff --git a/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md b/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md index 9aad491a9e..b4d845cf59 100644 --- a/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md +++ b/docs/kb/auditor/failed-logon-attempts-after-recent-service-account-password-change.md @@ -44,4 +44,5 @@ For Event Log Manager, Inactive User Tracker and Netwrix Password Reset: Refer to the following screenshots for reference on service accounts credentials to be changed in case you've reset a password in Netwrix Auditor: -![Service account credentials screenshot](images/ka04u00000117Vm_0EM4u000008M8Pe.png) +![Service account credentials screenshot](./images/ka04u00000117Vm_0EM4u000008M8Pe.png) + diff --git a/docs/kb/auditor/failed-to-open-log.md b/docs/kb/auditor/failed-to-open-log.md index c2fb6b9752..f3d89d3678 100644 --- a/docs/kb/auditor/failed-to-open-log.md +++ b/docs/kb/auditor/failed-to-open-log.md @@ -45,11 +45,11 @@ There are several possible reasons for this error to appear: 1. Make sure the problematic server is started and is accessible through the network. 2. Make sure the **Server** service is started and set to **Automatic** on the problematic server. -![Services snap-in: Server service](images/ka04u000000HcUb_0EM7000000051QD.png) +![Services snap-in: Server service](./images/ka04u000000HcUb_0EM7000000051QD.png) 3. Make sure the **File and Printer Sharing for Microsoft Networks** component is enabled in the Local Area Connection properties. -![Local Area Connection Properties: File and Printer sharing](images/ka04u000000HcUb_0EM7000000051QI.png) +![Local Area Connection Properties: File and Printer sharing](./images/ka04u000000HcUb_0EM7000000051QI.png) 4. Disable the **Windows Firewall** service on the problematic server: @@ -62,4 +62,5 @@ Or configure the Windows Firewall exception: - Expand nodes as follow: `Computer Configuration / Administrative Templates / Network / Network Connections / Windows Firewall`, and then open either Domain Profile or Standard Profile, depending on which profile you want to configure. - Enable the **Allow inbound file and printer sharing exception** exception. -![Firewall Settings: Allow inbound file and printer sharing exception](images/ka04u000000HcUb_0EM7000000051QN.png) +![Firewall Settings: Allow inbound file and printer sharing exception](./images/ka04u000000HcUb_0EM7000000051QN.png) + diff --git "a/docs/kb/auditor/failed_to_load_registry_hive_\342\210\222_system_cannot_find_file_specified_configuration_registry_database_is_.md" "b/docs/kb/auditor/failed_to_load_registry_hive_\342\210\222_system_cannot_find_file_specified_configuration_registry_database_is_.md" index 4d40b938b5..40d5e48d09 100644 --- "a/docs/kb/auditor/failed_to_load_registry_hive_\342\210\222_system_cannot_find_file_specified_configuration_registry_database_is_.md" +++ "b/docs/kb/auditor/failed_to_load_registry_hive_\342\210\222_system_cannot_find_file_specified_configuration_registry_database_is_.md" @@ -46,10 +46,10 @@ The error can be resolved by performing one of the following steps: 2. Add **ProfileImagePath** value (Expandable String Value) with an empty value to the profiles with the value missing. 3. Check the affected server for unknown user profiles by accessing **Control Panel** > **System** > **Advanced system settings** > **Advanced** tab > **Settings** button under the **User Profiles** section to delete them. 4. Ask the remaining users to log in to the system — a user affected by a faulty `NTUSER.DAT` won't be able to log in. -5. In case collection is not affected (e.g., the user does not appear in the registry), you can omit the error. Add the `%*,*,*Remove Software data provider failed to load the user *domain\user*%` line to the Windows Server Auditing **omiterror** list. Refer to the following article for additional information on omit lists: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md). +5. In case collection is not affected (e.g., the user does not appear in the registry), you can omit the error. Add the `%*,*,*Remove Software data provider failed to load the user *domain\user*%` line to the Windows Server Auditing **omiterror** list. Refer to the following article for additional information on omit lists: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists). Once the changes are introduced, reboot the target server. ### Related Articles -[How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md) \ No newline at end of file +[How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists) \ No newline at end of file diff --git a/docs/kb/auditor/fixing-reports-displaying-letters-instead-of-command-text-in-ssrs.md b/docs/kb/auditor/fixing-reports-displaying-letters-instead-of-command-text-in-ssrs.md index cf8f9e4193..d0d8e40585 100644 --- a/docs/kb/auditor/fixing-reports-displaying-letters-instead-of-command-text-in-ssrs.md +++ b/docs/kb/auditor/fixing-reports-displaying-letters-instead-of-command-text-in-ssrs.md @@ -26,7 +26,7 @@ knowledge_article_id: kA04u000000Tt80CAC ## Scenario Upon opening reports, the command buttons have been replaced by text symbols and it looks similar to this: -![Screenshot_1.png](images/ka04u000000HdFq_0EM4u0000052m0m.png) +![Screenshot_1.png](./images/ka04u000000HdFq_0EM4u0000052m0m.png) ## Solution The issue is with Internet Explorer's handling of permissions. To fix the issue you need to add the reporting server to the **Trusted Sites** and disable the **Protected Mode** for Admins on the Netwrix Server. @@ -49,3 +49,4 @@ This operation can be done using Group Policy. You need to locate the Group Poli 5. Select `DISABLED` from the PROTECTED MODE selection box. If this solution didn't help, please contact Netwrix Technical Support. + diff --git a/docs/kb/auditor/group-policy-error-is-not-in-a-valid-format.md b/docs/kb/auditor/group-policy-error-is-not-in-a-valid-format.md index 7d1ddc642c..f1c1bf1b3f 100644 --- a/docs/kb/auditor/group-policy-error-is-not-in-a-valid-format.md +++ b/docs/kb/auditor/group-policy-error-is-not-in-a-valid-format.md @@ -27,7 +27,7 @@ You may receive a Group Policy daily summary email with the error: "The file `DC --- The group policy is corrupted or it is not in a valid format. If you open the Group Policy Management Console (GPMC) > highlight the group policy in Summary and navigate to > **Settings** tab, most likely it will return you an error message. -![Settings](images/ka04u000000HcUd_0EM7000000051OC.png) +![Settings](./images/ka04u000000HcUd_0EM7000000051OC.png) --- @@ -36,7 +36,7 @@ The group policy is corrupted or it is not in a valid format. If you open the Gr First of all you need to find out the affected policy. In the error message `"DC01.corp..com\sysvol\corp..com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\registry.pol"` — `31B2F340-016D-11D2-945F-00C04FB984F9` is the GUID of the affected group policy. To find out the GUID of a group policy open GPMC > highlight a group policy and open **Details** tab > **Unique ID** is the GUID of a GPO. -![GUID GPO](images/ka04u000000HcUd_0EM7000000051O7.png) +![GUID GPO](./images/ka04u000000HcUd_0EM7000000051O7.png) There are 3 possible solutions: @@ -50,3 +50,4 @@ There are 3 possible solutions: If you didn't find a solution please refer to the following Microsoft article regarding this issue - http://support.microsoft.com/kb/814751
+ diff --git a/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md b/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md index 6c5660d976..9ad0a03da8 100644 --- a/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md +++ b/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md @@ -28,28 +28,29 @@ You'd like to remove the Netwrix header and footer from emails sent to users and ## Resolution -> **IMPORTANT:** In some cases both header and footer reset after your Netwrix Auditor instance has been upgraded to v10.6. For additional information, refer to the following article: [Netwrix Password Reset Email Header and Footer Reset After Upgrade](/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md) +> **IMPORTANT:** In some cases both header and footer reset after your Netwrix Auditor instance has been upgraded to v10.6. For additional information, refer to the following article: [Netwrix Password Reset Email Header and Footer Reset After Upgrade](/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade) 1. Open Registry Editor on the Netwrix Auditor Server host. 2. Navigate to `HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\Password Expiration Notifier`. 3. Right-click the **Password Expiration Notifier** hive and click **New**. 4. Select **DWORD (32-bit) Value**. - ![New DWORD (32-bit) Value](images/ka04u00000117kD_0EM4u000008MHts.png) + ![New DWORD (32-bit) Value](./images/ka04u00000117kD_0EM4u000008MHts.png) 5. Name the key `HideEmailAdditionalInfo`. 6. Right-click the key and select **Modify**. 7. Set the value data to `1` (Hexadecimal). - ![Modify DWORD value to 1](images/ka04u00000117kD_0EM4u000008MHuC.png) + ![Modify DWORD value to 1](./images/ka04u00000117kD_0EM4u000008MHuC.png) 8. The next round of emails will be sent without the header and footer. > **NOTE:** If you'd like to re-enable the header and footer, simply change the value data to `0`. -To further customize Netwrix Password Reset emails, refer to the following article: [Customize Notifications and Reports in Netwrix Password Reset](/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md). +To further customize Netwrix Password Reset emails, refer to the following article: [Customize Notifications and Reports in Netwrix Password Reset](/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier). ### Related articles -- [Customize Notifications and Reports in Netwrix Password Reset](/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier.md) -- [Netwrix Password Reset Email Header and Footer Reset After Upgrade](/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md) +- [Customize Notifications and Reports in Netwrix Password Reset](/docs/kb/auditor/customize-notifications-and-reports-in-password-expiration-notifier) +- [Netwrix Password Reset Email Header and Footer Reset After Upgrade](/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade) + diff --git a/docs/kb/auditor/high-cpu-load-and-memory-usage.md b/docs/kb/auditor/high-cpu-load-and-memory-usage.md index 7bfbbcd969..880ff19a80 100644 --- a/docs/kb/auditor/high-cpu-load-and-memory-usage.md +++ b/docs/kb/auditor/high-cpu-load-and-memory-usage.md @@ -37,4 +37,5 @@ In order to reduce CPU load and memory usage, perform the following steps: If this does not help, set the `LockoutStatusRefreshPeriod` key value to `0`, but in this case the Account Lockout Examiner will not verify accounts status via Active Directory, so account lockouts will not be reported if a corresponding event is not found in the event log. -![User-added image](images/ka04u000000HcN0_0EM700000004wxW.png) +![User-added image](./images/ka04u000000HcN0_0EM700000004wxW.png) + diff --git a/docs/kb/auditor/high-cpu-usage-on-domain-controllers.md b/docs/kb/auditor/high-cpu-usage-on-domain-controllers.md index bc01d814d0..e9535f1114 100644 --- a/docs/kb/auditor/high-cpu-usage-on-domain-controllers.md +++ b/docs/kb/auditor/high-cpu-usage-on-domain-controllers.md @@ -39,7 +39,7 @@ There are two options to fix the issue: 3. Create a DWORD called `UseWatcher` with value `1` 4. Restart the **Netwrix Account Lockout Examiner service** via **Services.msc** - ![User-added image](images/ka04u000000HcUT_0EM7000000052iw.png) + ![User-added image](./images/ka04u000000HcUT_0EM7000000052iw.png) 2. If the above does not help, disable usage of WMI to communicate with domain controllers. (A .Net-based mechanism will be used for it.) @@ -50,4 +50,5 @@ There are two options to fix the issue: 3. Change the `UseWMI` value to `0` 4. Restart the **Netwrix Account Lockout Examiner service** via **Services.msc** - ![User-added image](images/ka04u000000HcUT_0EM7000000052jG.png) + ![User-added image](./images/ka04u000000HcUT_0EM7000000052jG.png) + diff --git a/docs/kb/auditor/high-cpu-usage-on-remote-desktop-servers.md b/docs/kb/auditor/high-cpu-usage-on-remote-desktop-servers.md index a9066fa493..3142a65b3f 100644 --- a/docs/kb/auditor/high-cpu-usage-on-remote-desktop-servers.md +++ b/docs/kb/auditor/high-cpu-usage-on-remote-desktop-servers.md @@ -47,7 +47,7 @@ To change this on the machine where ALE is installed: 3. Change the `UseWMI_Workstations` value to `0`. 4. Restart the Netwrix Account Lockout Examiner service via `Services.msc`. -![User-added image](images/ka04u000000HcUO_0EM7000000052ir.png) +![User-added image](./images/ka04u000000HcUO_0EM7000000052ir.png) ### Option 2 — Disable searching for detailed info about invalid logons @@ -60,4 +60,5 @@ To change this on the machine where ALE is installed: 3. Create a new DWORD called `PF_Enabled` and set its value to `0`. 4. Restart the Netwrix Account Lockout Examiner service via `Services.msc`. -![User-added image](images/ka04u000000HcUO_0EM7000000052im.png) +![User-added image](./images/ka04u000000HcUO_0EM7000000052im.png) + diff --git a/docs/kb/auditor/how-do-i-migrate-the-reporting-database-to-another-ms-sql-server-instance-lower-version.md b/docs/kb/auditor/how-do-i-migrate-the-reporting-database-to-another-ms-sql-server-instance-lower-version.md index ac24b3eafc..39376f5bd1 100644 --- a/docs/kb/auditor/how-do-i-migrate-the-reporting-database-to-another-ms-sql-server-instance-lower-version.md +++ b/docs/kb/auditor/how-do-i-migrate-the-reporting-database-to-another-ms-sql-server-instance-lower-version.md @@ -34,48 +34,49 @@ There are a few options to downgrade the database from a higher version of SQL S 1.1 In Object Explorer connect to the SQL server, right-click the database, expand **Tasks** and choose **Generate Scripts**. -![User-added image](images/ka04u000000HcOn_0EM700000005TB6.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TB6.png) 1.2 This launches the **Generate and Publish Scripts** wizard. Click **Next** to skip the Introduction screen and proceed to the Choose Objects page. -![User-added image](images/ka04u000000HcOn_0EM700000005TBB.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBB.png) 1.3 On the Choose Objects page, choose **Script entire database and all database objects**, and then click **Next** to proceed to the **Set Scripting Options** page. -![User-added image](images/ka04u000000HcOn_0EM700000005TBG.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBG.png) 1.4 On the **Set Scripting Options** page, specify the location where you want to save the script file, and then click the **Advanced** button. -![User-added image](images/ka04u000000HcOn_0EM700000005TBL.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBL.png) 1.5 In the **Advanced Scripting Options** dialog box, set `Script Triggers`, `Indexes` and `Primary Key` options to `True`, set `Script for Server Version` to ``<version of the destination SQL server instance>``, and set `Types of data to script` to `Schema and Data`. This last option is key because this is what generates the data per table. -![User-added image](images/ka04u000000HcOn_0EM700000005TC4.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TC4.png) 1.6 Once done, click **OK** to close the **Advanced Scripting Options** dialog box and return to the **Set Scripting Options** page. In the **Set Scripting Options** page, click **Next** to continue to the Summary page. 1.7 After reviewing your selections on the Summary page, click **Next** to generate scripts. -![User-added image](images/ka04u000000HcOn_0EM700000005TBV.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBV.png) 1.8 Once scripts are generated successfully, choose the **Finish** button to close the **Generate and Publish Scripts** wizard. -![User-added image](images/ka04u000000HcOn_0EM700000005TBa.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBa.png) 2. Connect to the destination SQL Server instance, and then run the SQL scripts that were generated, to create the database schema and copy its data. 2.1 In Object Explorer connect to the destination SQL Server instance and then in SQL Server Management Studio open the SQL Server script you saved in Step 1. -![User-added image](images/ka04u000000HcOn_0EM700000005TBf.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBf.png) -![User-added image](images/ka04u000000HcOn_0EM700000005TBk.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBk.png) -![User-added image](images/ka04u000000HcOn_0EM700000005TBp.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TBp.png) 2.2 Modify the script to specify the correct location for the database data and log files. Once done, run the script to create the database on the destination SQL Server instance. -![User-added image](images/ka04u000000HcOn_0EM700000005TCE.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TCE.png) 2.3 Upon successful execution, refresh the Database folder in Object Explorer. -![User-added image](images/ka04u000000HcOn_0EM700000005TC9.png) +![User-added image](./images/ka04u000000HcOn_0EM700000005TC9.png) + diff --git a/docs/kb/auditor/how-do-i-monitor-hidden-file-shares.md b/docs/kb/auditor/how-do-i-monitor-hidden-file-shares.md index 4ee65bb107..d4734bc9e3 100644 --- a/docs/kb/auditor/how-do-i-monitor-hidden-file-shares.md +++ b/docs/kb/auditor/how-do-i-monitor-hidden-file-shares.md @@ -26,6 +26,7 @@ If you specified **Computer** as an Item in the Netwrix Auditor Windows File Ser If you would like to audit all hidden shares on the server, check the corresponding option at the **Scope** tab of your **Computer** item: -![image.png](images/ka04u000000HcNr_0EM4u000007qtQ1.png) +![image.png](./images/ka04u000000HcNr_0EM4u000007qtQ1.png) **NOTE:** It is not recommended to specify the system drive (`\server\c$`) as an Item. This will force Netwrix to audit local folders including the system ones that produce a lot of noise and degrade the product performance. + diff --git a/docs/kb/auditor/how-does-netwrix-account-lockout-examiner-work.md b/docs/kb/auditor/how-does-netwrix-account-lockout-examiner-work.md index a201ad7139..e194bd983f 100644 --- a/docs/kb/auditor/how-does-netwrix-account-lockout-examiner-work.md +++ b/docs/kb/auditor/how-does-netwrix-account-lockout-examiner-work.md @@ -38,4 +38,5 @@ To run an examination: 1. Click the **Examine** button at the bottom of the list in the **Summary** tab, or 2. Right-click an account and select **Examine**. -When you run an examination, it shows a list of invalid logons, specifies the names of the processes that used invalid credentials, and checks the most common reasons for lockouts: mapped drives, scheduled tasks, RDP sessions, and services running under the credentials of the account in question. Examination results look like this: [![User-added image](images/ka0Qk00000045if_0EM700000004wzI.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAbd&feoid=00N700000032Pj2&refid=0EM700000004wzI) +When you run an examination, it shows a list of invalid logons, specifies the names of the processes that used invalid credentials, and checks the most common reasons for lockouts: mapped drives, scheduled tasks, RDP sessions, and services running under the credentials of the account in question. Examination results look like this: [![User-added image](./images/ka0Qk00000045if_0EM700000004wzI.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAbd&feoid=00N700000032Pj2&refid=0EM700000004wzI) + diff --git a/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md b/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md index c14b65c1fa..2b2c8d2d73 100644 --- a/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md +++ b/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md @@ -53,4 +53,4 @@ It is up to you to decide how long you want to keep historical data. If you know Learn more about Investigations in the following article: [Investigations](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations) -Review additional recommendations for preventing Long-Term Archive overflow in the following article: [How to Prevent Long-Term Archive Overflow](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md) +Review additional recommendations for preventing Long-Term Archive overflow in the following article: [How to Prevent Long-Term Archive Overflow](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow) diff --git a/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md b/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md index 30239cca2d..6a649bab01 100644 --- a/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md +++ b/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md @@ -33,10 +33,11 @@ You may have received an email from our licensing team — download the attached 1. In the main Netwrix Auditor screen, go to **Settings** > **Licenses** and click **Update**. - ![2.png](images/ka04u00000116MV_0EM4u000007cekk.png) + ![2.png](./images/ka04u00000116MV_0EM4u000007cekk.png) 2. Navigate to your `*.lic` file and select the file. 3. Click **Open**. The license is now applied to your Netwrix Auditor instance. Verify the information in the **Licenses** section. + diff --git a/docs/kb/auditor/how-to-audit-another-domain-with-netwrix-auditor.md b/docs/kb/auditor/how-to-audit-another-domain-with-netwrix-auditor.md index 65d285128c..bb326c39a6 100644 --- a/docs/kb/auditor/how-to-audit-another-domain-with-netwrix-auditor.md +++ b/docs/kb/auditor/how-to-audit-another-domain-with-netwrix-auditor.md @@ -30,12 +30,12 @@ Can I audit another domain with Netwrix Auditor? With Netwrix Auditor you can audit domains different from the one where the Netwrix Auditor host resides. Refer to the following scenarios: - If there is a two-way trust set up between the audited domain and the domain where the Netwrix Auditor host is installed, no limitations apply. Learn more about trusts in [How trust relationships work for forests in Active Directory ⸱ Microsoft 🤝](https://learn.microsoft.com/en-us/azure/active-directory-domain-services/concepts-forest-trust). -- For audit of non-trusted domains, refer to the following article for additional information: [How to Audit a Non-Trusted Domain](/docs/kb/auditor/how-to-audit-a-non-trusted-domain.md). +- For audit of non-trusted domains, refer to the following article for additional information: [How to Audit a Non-Trusted Domain](/docs/kb/auditor/how-to-audit-a-non-trusted-domain). > **NOTE:** The data collecting account should have required permissions in the monitored domain. Refer to the following article for additional information on Data Collecting Account and group Managed Service Account (gMSA) requirements: Monitoring Plans — Data Collecting Account ⸱ v10.6. ### Related articles - [How trust relationships work for forests in Active Directory ⸱ Microsoft 🤝](https://learn.microsoft.com/en-us/azure/active-directory-domain-services/concepts-forest-trust) -- [How to Audit a Non-Trusted Domain](/docs/kb/auditor/how-to-audit-a-non-trusted-domain.md) +- [How to Audit a Non-Trusted Domain](/docs/kb/auditor/how-to-audit-a-non-trusted-domain) - Monitoring Plans — Data Collecting Account ⸱ v10.6 diff --git a/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md b/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md index b5bedd2524..dc410b6249 100644 --- a/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md +++ b/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md @@ -46,7 +46,7 @@ There is also the chance that the Health Log is relaying an error received from The Health Log also provides the option for filtering, allowing administrators to view messages from specific data sources/monitoring plans, as well as different types of messages (Information, warning, errors). -There may be times where Netwrix Auditor Technical Support requests a copy of your Health Log. To provide this file, please view the steps [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md). More details on the Health Log can be obtained here. +There may be times where Netwrix Auditor Technical Support requests a copy of your Health Log. To provide this file, please view the steps [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log). More details on the Health Log can be obtained here. ### Database Statistics @@ -62,4 +62,4 @@ This simple, yet effective, tile gives administrators insight on Long Term Archi ### Working Folder -The Working Folder is a structure of files that plays an integral part in event processing. Similar to the LTA tile, this tile will provide visibility on Working Folder growth. Expect this directory to grow and shrink periodically as it receives data, processes, and then sends it off for storage in SQL and the LTA. This directory can also be migrated to a drive independent to the system drive. The steps to migrate the Working Folder can be viewed [How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md). +The Working Folder is a structure of files that plays an integral part in event processing. Similar to the LTA tile, this tile will provide visibility on Working Folder growth. Expect this directory to grow and shrink periodically as it receives data, processes, and then sends it off for storage in SQL and the LTA. This directory can also be migrated to a drive independent to the system drive. The steps to migrate the Working Folder can be viewed [How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location). diff --git a/docs/kb/auditor/how-to-configure-monitoring-of-local-accounts.md b/docs/kb/auditor/how-to-configure-monitoring-of-local-accounts.md index dac8335baf..c5e5c873cb 100644 --- a/docs/kb/auditor/how-to-configure-monitoring-of-local-accounts.md +++ b/docs/kb/auditor/how-to-configure-monitoring-of-local-accounts.md @@ -29,6 +29,9 @@ Netwrix Account Lockout Examiner can be set to monitor local machine event logs 5. In the next dialog box, select the **Domain Controller** radio button and enter the the name of workstation local events of which you want to monitor 6. Press the **OK** button. Press the **OK** button again. -[![User-added image](images/ka04u000000HcWP_0EM700000004wxl.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAbY&feoid=00N700000032Pj2&refid=0EM700000004wxl) +[![User-added image](./images/ka04u000000HcWP_0EM700000004wxl.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAbY&feoid=00N700000032Pj2&refid=0EM700000004wxl) **Note:** Make sure that the account used to run the Account Lockout Examiner service has administrative access to the machine you are adding. + + + diff --git a/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md b/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md index 2fc3ff43a6..8fd1bbe7de 100644 --- a/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md +++ b/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md @@ -36,7 +36,7 @@ Refer to the following steps to configure Netwrix Auditor in failover mode: > **NOTE:** If Netwrix Auditor is already installed on a physical machine, consider migrating it to a virtual box. Some vendors support "physical to VM" migration." -2. Configure the Long-Term Archive (LTA) to be stored on a remote location, such as a shared iSCSI volume. Refer to the following Netwrix knowledge base article for instructions on how to move LTA to a new location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) +2. Configure the Long-Term Archive (LTA) to be stored on a remote location, such as a shared iSCSI volume. Refer to the following Netwrix knowledge base article for instructions on how to move LTA to a new location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) 3. For setting up backup and failover, ensure that the volume under LTA and Working Folder is redundant enough to survive failure. @@ -60,4 +60,8 @@ For alternative backup and failover options, refer to the steps below. ## Related Articles -- How to Move Long-Term Archive to a New Location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) +- How to Move Long-Term Archive to a New Location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) + + + + diff --git a/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md b/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md index 942bfc4211..72ac19f3c5 100644 --- a/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md +++ b/docs/kb/auditor/how-to-control-the-size-of-netwrixsqlcraudit-databases-on-sql-instances-and-what-it-is-needed-for.md @@ -31,4 +31,4 @@ If you enable the **Audit data changes** option as part of SQL Server audit, Net 1. Disable the **Audit data changes** option if you are not interested in content changes, and delete the `NetwrixSQLCRAudit` database(s) from the SQL Server(s). 2. Shrink the `NetwrixSQLCRAudit` database(s) via MSSQL Management Studio. -For additional information about how Netwrix Auditor for SQL Server works, please refer to the following KB: [How Netwrix Auditor for SQL Server Collects Data](/docs/kb/auditor/how-netwrix-auditor-for-sql-server-collects-data.md) +For additional information about how Netwrix Auditor for SQL Server works, please refer to the following KB: [How Netwrix Auditor for SQL Server Collects Data](/docs/kb/auditor/how-netwrix-auditor-for-sql-server-collects-data) diff --git a/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md b/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md index d0bed15c93..febd9975d8 100644 --- a/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md +++ b/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md @@ -60,3 +60,6 @@ $userMailboxes.count 3. The displayed number represents how many mailbox accounts you need to purchase licenses for. Original KB Article 2082 + + + diff --git a/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md b/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md index d53f4ac1fb..788ed25788 100644 --- a/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md +++ b/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md @@ -25,6 +25,7 @@ knowledge_article_id: kA00g000000H9SnCAK The licensing **does not depend** on your Syslog forwarding configuration. In the example below, Netwrix Auditor collects audit data from five devices, one of them (6) also serving as a relay: -![User-added](images/servlet_image_3823966b1661.png) +![User-added](./images/servlet_image_3823966b1661.png) The computer (5) does not send any data, so it does not count for a licensed object. Therefore, for this example configuration, purchase Netwrix Auditor license for five network devices.   Original KB Article 2122 + diff --git a/docs/kb/auditor/how-to-create-the-full-dump-of-a-process.md b/docs/kb/auditor/how-to-create-the-full-dump-of-a-process.md index b6e5524bbf..f658811bb3 100644 --- a/docs/kb/auditor/how-to-create-the-full-dump-of-a-process.md +++ b/docs/kb/auditor/how-to-create-the-full-dump-of-a-process.md @@ -31,6 +31,7 @@ Netwrix technical support may ask you to create a dump of a particular process ( 5. Specify location to save the dump file. 6. Provide the dump file to the technical support. -![User-added image](images/ka0Qk000000DRwr_0EM7000000051zm.png) +![User-added image](./images/ka0Qk000000DRwr_0EM7000000051zm.png) **NOTE:** If you receive Access Denied error during the process, please check the ["Debug Programs" Computer Policy](https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/debug-programs). Consider adding the account that you use to the list of allowed users or use an Account which has this permission (e.g. local administrator account)" + diff --git a/docs/kb/auditor/how-to-customize-email-notification-template.md b/docs/kb/auditor/how-to-customize-email-notification-template.md index 504589f277..82aaf5f93a 100644 --- a/docs/kb/auditor/how-to-customize-email-notification-template.md +++ b/docs/kb/auditor/how-to-customize-email-notification-template.md @@ -52,4 +52,5 @@ You can modify the template in the following ways: - ` %Link%` - shows the link to the web portal. ## Example -[![User-added image](images/ka04u000000HcWM_0EM700000004wyA.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAdA&feoid=00N700000032Pj2&refid=0EM700000004wyA) +[![User-added image](./images/ka04u000000HcWM_0EM700000004wyA.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAdA&feoid=00N700000032Pj2&refid=0EM700000004wyA) + diff --git a/docs/kb/auditor/how-to-delete-old-entries-from-the-account-list.md b/docs/kb/auditor/how-to-delete-old-entries-from-the-account-list.md index 58342fdce6..d48cc58882 100644 --- a/docs/kb/auditor/how-to-delete-old-entries-from-the-account-list.md +++ b/docs/kb/auditor/how-to-delete-old-entries-from-the-account-list.md @@ -31,4 +31,5 @@ The account list is stored in the `alinfo.xml` file and you can manually delete 4. Save the `alinfo.xml` file. 5. Start the Netwrix Auditor service. -![User-added image](images/ka04u000000HcNX_0EM700000004wxg.png) +![User-added image](./images/ka04u000000HcNX_0EM700000004wxg.png) + diff --git a/docs/kb/auditor/how-to-enable-ocr-for-non-english-images.md b/docs/kb/auditor/how-to-enable-ocr-for-non-english-images.md index c64de34ea1..eb6e269694 100644 --- a/docs/kb/auditor/how-to-enable-ocr-for-non-english-images.md +++ b/docs/kb/auditor/how-to-enable-ocr-for-non-english-images.md @@ -30,7 +30,7 @@ How can I enable OCR for non-English images? ## Answer -The steps below explain how to deploy additional **OCR language pack(s)** and how to identify which **files** should be processed via the installed **pack(s)**. This assumes that you have enabled **OCR** correctly. More details can be found in the following KB article: [Process Document Images results in no extracted text or invalid text](/docs/kb/auditor/process-document-images-results-in-no-extracted-text-or-invalid-text.md). +The steps below explain how to deploy additional **OCR language pack(s)** and how to identify which **files** should be processed via the installed **pack(s)**. This assumes that you have enabled **OCR** correctly. More details can be found in the following KB article: [Process Document Images results in no extracted text or invalid text](/docs/kb/auditor/process-document-images-results-in-no-extracted-text-or-invalid-text). Select the language you wish to use from the list below to download the corresponding language pack: diff --git a/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md b/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md index fa206f8698..f2152a9437 100644 --- a/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md +++ b/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md @@ -51,8 +51,9 @@ To exclude domain controllers from monitoring, refer to the following steps: MYDC.MYDOMAIN.LOCAL ``` - ![User-added image](images/ka0Qk0000003W1l_0EMQk000003oywv.png) + ![User-added image](./images/ka0Qk0000003W1l_0EMQk000003oywv.png) 3. Save the changes. Inactive User Tracker will exclude this domain controller. Refer to the following article for additional information: Monitoring Plans — User Activity Monitoring Scope — v10.6. + diff --git a/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md b/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md index 9376987eaf..f96f50276e 100644 --- a/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md +++ b/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md @@ -39,13 +39,13 @@ You can exclude specific users and objects from your monitoring scope using the 2. Select the relevant monitoring plan, select the data source and click **Edit**. 3. Select the data source and click **Edit data source**. - ![bM2zhsogPP.png](images/ka04u000000Qmg4_0EM4u000007cgGr.png) + ![bM2zhsogPP.png](./images/ka04u000000Qmg4_0EM4u000007cgGr.png) 4. In the left pane, select **Users**. Check the **Exclude these users:** checkbox and click **Add** to add users to be excluded from the monitoring plan. Once all the users are added, click **Save & Close** in the bottom left corner. - ![UwJqLVpUZx.png](images/ka04u000000Qmg4_0EM4u000007cgOC.png) + ![UwJqLVpUZx.png](./images/ka04u000000Qmg4_0EM4u000007cgOC.png) 5. For objects, select the **Objects** tab in the left pane, check the **Exclude these objects** checkbox and click **Add** to exclude objects from the monitoring scope. Once you've added the objects, click **Save & Close**. - ![RmVD0BXEc0.png](images/ka04u000000Qmg4_0EM4u000007cgPy.png) + ![RmVD0BXEc0.png](./images/ka04u000000Qmg4_0EM4u000007cgPy.png) The following examples explain how the exclusion rules work for **Objects**. Same logic applies to the inclusion rules: @@ -54,3 +54,4 @@ The following examples explain how the exclusion rules work for **Objects**. Sam - `dc11.local/OU*` will exclude the OU itself, all objects within it, and also all objects whose path begins with `dc11.local/OU` (like `dc11.local/OU_HQ`). For additional information on omit lists and excluding data sources, refer to the following article: [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists) + diff --git a/docs/kb/auditor/how-to-figure-out-the-ip-address-used-for-a-failed-logon-attempt.md b/docs/kb/auditor/how-to-figure-out-the-ip-address-used-for-a-failed-logon-attempt.md index a2a60f687b..1f624ab9ea 100644 --- a/docs/kb/auditor/how-to-figure-out-the-ip-address-used-for-a-failed-logon-attempt.md +++ b/docs/kb/auditor/how-to-figure-out-the-ip-address-used-for-a-failed-logon-attempt.md @@ -33,7 +33,7 @@ However there are 2 ways you can figure out the IP address: 1. Note the **Computer** **name** and the timestamp of the particular failed logon attempt. - ![Image 1](images/ka04u000000HcPz_0EM700000004y2I.png) + ![Image 1](./images/ka04u000000HcPz_0EM700000004y2I.png) 2. Go to **Start / All Programs / Netwrix Auditor / Event Log Manager / Advanced Tools / Viewer** 3. In the **Viewer** tool: @@ -42,42 +42,42 @@ However there are 2 ways you can figure out the IP address: - select **Event Log** as **Security** - specify dates **From** and **To**, use date from the timestamp that you have noticed on step 1 - ![Image 2](images/ka04u000000HcPz_0EM700000004y2N.png) + ![Image 2](./images/ka04u000000HcPz_0EM700000004y2N.png) 4. Click the **View** button, and specify the location of the evt-file and click **OK**. The newly saved event log will be opened in **Event Viewer** automatically. 5. To convert the evt-file to evtx format, in the left hand panel, right click the saved log and select **Save All Events As**, specify the location of the evtx-file and click **OK**. Open the saved file via **Event Viewer**. - ![Image 3](images/ka04u000000HcPz_0EM700000004y2S.png) + ![Image 3](./images/ka04u000000HcPz_0EM700000004y2S.png) 6. When the evtx-file is opened, click **Filter Current Log** in the **Actions** pane. 7. In the **Filter Current Log** dialog box, specify `Event ID` as `4625,529-537,539` (failed logon attempts IDs), and then click **Logged** drop-down list and select **Custom range**. - ![Image 4](images/ka04u000000HcPz_0EM700000004y2X.png) + ![Image 4](./images/ka04u000000HcPz_0EM700000004y2X.png) 8. Specify date range around the timestamp that you have noticed on step 1 and click **OK**. Click **OK** - ![Image 5](images/ka04u000000HcPz_0EM700000004y2c.png) + ![Image 5](./images/ka04u000000HcPz_0EM700000004y2c.png) 9. Find the corresponding event in the filtered log and double-click it. 10. The **IP Address** is displayed in the **Network Information** section of the event description. - ![Image 6](images/ka04u000000HcPz_0EM700000004y2h.png) + ![Image 6](./images/ka04u000000HcPz_0EM700000004y2h.png) ## Procedure 2: 1. Note the **Computer name** and the timestamp of the particular failed logon attempt. - ![Image 1-1](images/ka04u000000HcPz_0EM700000004y31.png) + ![Image 1-1](./images/ka04u000000HcPz_0EM700000004y31.png) 2. In the **Netwrix Auditor Management Console**, go to **Managed Objects / <Your Mananaged Object> / Event Log Manager** node. 3. Enable the "**Write event descriptions into the database**" check box (if it is already selected, continue from **step 6**). Close console. - ![Image 1-2](images/ka04u000000HcPz_0EM700000004y3B.png) + ![Image 1-2](./images/ka04u000000HcPz_0EM700000004y3B.png) 4. Go to **Start / All Programs / Netwrix Auditor / Event Log Manager / Advanced Tools / DB Importer** 5. Select your managed object from the drop-down list and specify the date range that includes the date of the event. Click **Import**. - ![Image 1-3](images/ka04u000000HcPz_0EM700000004y3G.png) + ![Image 1-3](./images/ka04u000000HcPz_0EM700000004y3G.png) 6. Start **Netwrix Auditor Management Console**, go to **Managed Objects / <Your Mananaged Object> / Event Log Manager / Reports / General Reports / All Events by Computer** report. 7. In the filters: @@ -86,18 +86,19 @@ However there are 2 ways you can figure out the IP address: - specify **Event ID** as **%5%** - specify **Event Log** as **Security** - !" ![Image](images/servlet_image_3823966b1661.png) + !" ![Image](./images/servlet_image_3823966b1661.png) 8. Click the **View Report** button. 9. Find the corresponding event in the filtered log and click the blue link in the **Date** field. - ![Image 1-5](images/ka04u000000HcPz_0EM700000004y3V.png) + ![Image 1-5](./images/ka04u000000HcPz_0EM700000004y3V.png) 10. The page with **Event Details** will be displayed. - ![Image 1-6](images/ka04u000000HcPz_0EM700000004y3k.png) + ![Image 1-6](./images/ka04u000000HcPz_0EM700000004y3k.png) NOTE: - The **IP address** is not always available in the description of the **Failed logon attempt** events. - If you are looking for full description for another event, the described steps are similar except the specified **Event IDs** will be different. + diff --git a/docs/kb/auditor/how-to-filter-out-certain-users-from-reports.md b/docs/kb/auditor/how-to-filter-out-certain-users-from-reports.md index 2849b755a9..f58971542a 100644 --- a/docs/kb/auditor/how-to-filter-out-certain-users-from-reports.md +++ b/docs/kb/auditor/how-to-filter-out-certain-users-from-reports.md @@ -38,8 +38,9 @@ How do I filter out certain users from mailbox access reports? ## Image -![User-added image](images/ka04u000000HcPk_0EM7000000054Bf.png) +![User-added image](./images/ka04u000000HcPk_0EM7000000054Bf.png) ## Note **NOTE.** The `userstoexclude.txt` file contains a list of users who must be excluded from reports if they perform non-owner access to mailboxes. But the audit data for these users will still be stored in the snapshots, so if a user is removed from this list, the information on the user actions can be viewed with the **Report Viewer**. + diff --git a/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md b/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md index 8d8abcb944..3dc9a27bda 100644 --- a/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md +++ b/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md @@ -44,4 +44,4 @@ To find the actual source of failed logons, enable NTLM auditing temporarily. Fo ## Related Articles: -- [Why Do I Have Incomplete Information on Failed Logons?](/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons.md) +- [Why Do I Have Incomplete Information on Failed Logons?](/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons) diff --git a/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md b/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md index 3b4f2618a5..56bc64fe03 100644 --- a/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md +++ b/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md @@ -34,4 +34,5 @@ To establish the version and build of your Netwrix Auditor instance, refer to th 2. In the left pane, select **About Netwrix Auditor**. 3. Your current version and build will be available in the right section. -![About Netwrix Auditor dialog showing version and build](images/ka04u00000116gG_0EM4u000008LXT9.png) +![About Netwrix Auditor dialog showing version and build](./images/ka04u00000116gG_0EM4u000008LXT9.png) + diff --git a/docs/kb/auditor/how-to-force-netwrix-auditor-to-collect-a-specific-applications-and-services-event-log.md b/docs/kb/auditor/how-to-force-netwrix-auditor-to-collect-a-specific-applications-and-services-event-log.md index 3fffe0f731..0266eadc91 100644 --- a/docs/kb/auditor/how-to-force-netwrix-auditor-to-collect-a-specific-applications-and-services-event-log.md +++ b/docs/kb/auditor/how-to-force-netwrix-auditor-to-collect-a-specific-applications-and-services-event-log.md @@ -30,8 +30,9 @@ When creating a new filter for **Event Log Manager**, you can select the log nam 2. Right click on it and select **Log Properties**. 3. On the **Properties** window, copy **Full Name** of the event log. -![EventViewer - select desired log](images/ka04u000000HcPp_0EM700000005DIQ.png) +![EventViewer - select desired log](./images/ka04u000000HcPp_0EM700000005DIQ.png) 4. Paste that name to the **Event Log** field of the filter: -![image.png](images/ka04u000000HcPp_0EM4u000007qsVK.png) +![image.png](./images/ka04u000000HcPp_0EM4u000007qsVK.png) + diff --git a/docs/kb/auditor/how-to-get-full-netwrix-auditor-version.md b/docs/kb/auditor/how-to-get-full-netwrix-auditor-version.md index de67b969b1..bc6eb2c047 100644 --- a/docs/kb/auditor/how-to-get-full-netwrix-auditor-version.md +++ b/docs/kb/auditor/how-to-get-full-netwrix-auditor-version.md @@ -34,4 +34,4 @@ A trial version and a full version of Netwrix Auditor are the same version of th - In case you already have Netwrix Auditor installed, apply you new license to the existing Auditor instance. -Refer to the following article for additional information on applying a license to your Netwrix Auditor instance: [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md). +Refer to the following article for additional information on applying a license to your Netwrix Auditor instance: [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license). diff --git a/docs/kb/auditor/how-to-identify-whether-auditor-server-can-receive-data-from-meraki-api.md b/docs/kb/auditor/how-to-identify-whether-auditor-server-can-receive-data-from-meraki-api.md index c6e102682f..70a79ce277 100644 --- a/docs/kb/auditor/how-to-identify-whether-auditor-server-can-receive-data-from-meraki-api.md +++ b/docs/kb/auditor/how-to-identify-whether-auditor-server-can-receive-data-from-meraki-api.md @@ -53,6 +53,7 @@ curl https://api.meraki.com/api/v1 > 1.html This is an example of a response when the product cannot access the Meraki API: -![User-added image](images/ka0Qk0000002jaX_0EMQk0000045bUT.png) +![User-added image](./images/ka0Qk0000002jaX_0EMQk0000045bUT.png) In this case, check the ports required to audit the Meraki dashboard source and your internal firewall. Learn more about required ports and protocols in this article: Data Source Configuration — Network Devices — Network Devices Ports — v10.6 https://docs.netwrix.com/docs/auditor/10_8). + diff --git a/docs/kb/auditor/how-to-install-access-reviews.md b/docs/kb/auditor/how-to-install-access-reviews.md index fbc3761a9d..5829d0a57e 100644 --- a/docs/kb/auditor/how-to-install-access-reviews.md +++ b/docs/kb/auditor/how-to-install-access-reviews.md @@ -35,4 +35,7 @@ In case you're planning the on-premise deployment, click **On-premises Deploymen For the VM deployment, proceed with the **Virtual Appliance** option and select the suitable package. Netwrix Auditor Access Reviews will come preinstalled for the VM of your choice. -![pI1UIaaJkT.png](images/ka04u00000116Ju_0EM4u000008LKrz.png) +![pI1UIaaJkT.png](./images/ka04u00000116Ju_0EM4u000008LKrz.png) + + + diff --git a/docs/kb/auditor/how-to-install-and-use-netwrix-account-lockout-examiner.md b/docs/kb/auditor/how-to-install-and-use-netwrix-account-lockout-examiner.md index b8ffb044c4..2bdb5a2605 100644 --- a/docs/kb/auditor/how-to-install-and-use-netwrix-account-lockout-examiner.md +++ b/docs/kb/auditor/how-to-install-and-use-netwrix-account-lockout-examiner.md @@ -32,7 +32,7 @@ Once you've downloaded ALE, open the folder. Here you will find the following it 1. Right click the `Netwrix_Account_Lockout_Examiner.exe` and click **Run as Administrator**. 2. A window will appear with a License Agreement and EULA. Please read the contents carefully and then choose to **Accept**. -![User-added image](images/ka04u000000HdES_0EM4u000002CO3k.png) +![User-added image](./images/ka04u000000HdES_0EM4u000002CO3k.png) ## Operating Netwrix Account Lockout Examiner The next page that appears the the starting page for ALE. Here is a brief description of the options available to you. @@ -46,3 +46,4 @@ The next page that appears the the starting page for ALE. Here is a brief descri Once the fields above are satisfied, click the **Examine** button to begin an examination. For continued use of ALE, save the executable to a location such as the desktop. If at anytime you wish to begin a new examination, simply re-run the executable. + diff --git a/docs/kb/auditor/how-to-investigate-compression-services-errors.md b/docs/kb/auditor/how-to-investigate-compression-services-errors.md index ab5c142c93..f573bef5f8 100644 --- a/docs/kb/auditor/how-to-investigate-compression-services-errors.md +++ b/docs/kb/auditor/how-to-investigate-compression-services-errors.md @@ -37,9 +37,9 @@ In the Netwrix Auditor health log, some error events mention issues with the com **Note:** Pay attention to which collector you're going to adjust permissions. 3. Test the ports required for the problematic monitoring plan: - [Protocols and Ports](https://docs.netwrix.com/docs/auditor/10_8/requirements/ports) - - [Check TCP and UDP Ports Required](/docs/kb/auditor/check-tcp-and-udp-ports-required.md) + - [Check TCP and UDP Ports Required](/docs/kb/auditor/check-tcp-and-udp-ports-required) 4. Check Remote Registry and Windows Management Instrumentation Services: - [Enable Remote Registry and Windows Management Instrumentation Services for Windows Server](https://docs.netwrix.com/docs/auditor/10_8/configuration/windowsserver/remoteregistry) - [Enable Remote Registry Services for File Server](https://docs.netwrix.com/docs/auditor/10_8/configuration/fileservers/windows/remoteregistryservice) 5. Add antivirus exclusions on the Netwrix and target servers for folders: - - [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) + - [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) diff --git a/docs/kb/auditor/how-to-manually-remove-compression-services-from-audited-servers.md b/docs/kb/auditor/how-to-manually-remove-compression-services-from-audited-servers.md index aa0c0ffbe4..f20de76674 100644 --- a/docs/kb/auditor/how-to-manually-remove-compression-services-from-audited-servers.md +++ b/docs/kb/auditor/how-to-manually-remove-compression-services-from-audited-servers.md @@ -93,8 +93,9 @@ Do make sure to replace `*PATH TO FILESHARE*` with a relevant path. If you'd like to remove Compression Service from a single server, replace `@"*PATH TO FILESHARE*\serverlist.txt"` with `\Servername`. Refer to the following screenshot for the output reference: -![Output reference](images/ka04u00000116iG_0EM4u000004bz9T.png) +![Output reference](./images/ka04u00000116iG_0EM4u000004bz9T.png) The script calls upon the functions in the msi to upgrade the Compression Service to the version of .msi installer and then to remove said Compression Service, since it only can execute remove command on a Compression Service of the same version. > NOTE: If the script reads only the first symbol of the serverlist.txt file, you will need to use Notepad++ or any similar tool to change the file encoding to ANSI. + diff --git a/docs/kb/auditor/how-to-migrate-account-lockout-examiner.md b/docs/kb/auditor/how-to-migrate-account-lockout-examiner.md index 405e94d89e..00ebe4f035 100644 --- a/docs/kb/auditor/how-to-migrate-account-lockout-examiner.md +++ b/docs/kb/auditor/how-to-migrate-account-lockout-examiner.md @@ -43,4 +43,5 @@ To migrate NetWrix Account Lockout Examiner to a different server, perform the f 5. Start the NetWrix Account Lockout Examiner service on the new server. 6. If you are using the NetWrix Account Lockout Examiner Web Help-Desk Portal, install it on the new server. -![User-added image](images/ka04u000000HcNT_0EM700000004wyK.png) +![User-added image](./images/ka04u000000HcNT_0EM700000004wyK.png) + diff --git a/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md b/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md index 76eb0e7889..3c75446460 100644 --- a/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md +++ b/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md @@ -50,16 +50,16 @@ Yes, you are able to migrate audit databases to another Microsoft SQL Server ins 3. Under the **Source** section, select the **Device** option, and click **...** to browse for databases. 4. In the **Specify Backup Devices** window, click **Add** and select the backup database file. Click **OK**. 5. Specify the database name and check the **Restore** checkbox under the **Backup sets to restore** section. -5. Deploy the new Report Database. For more information, see [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +5. Deploy the new Report Database. For more information, see [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) 6. Stop the old **SQL Server (%instance_name%)** service. 7. Start `Netwrix Auditor Archive Service` and `Netwrix Auditor Management Service`. 8. In the main Netwrix Auditor menu, select **Settings** > **Audit Database** tab, and specify the new SQL Server and Reporting Service settings. > **NOTE:** If you receive the following pop-up message, click **Yes** to proceed with modifying the Audit Database settings: -> ![Audit Database modification prompt](images/servlet_image_3823966b1661.png) +> ![Audit Database modification prompt](./images/servlet_image_3823966b1661.png) 9. Click **Yes** when the following message appears: - ![Confirmation dialog: Data will become unavailable until the new database is configured](images/servlet_image_3823966b1661.png) + ![Confirmation dialog: Data will become unavailable until the new database is configured](./images/servlet_image_3823966b1661.png) 10. In the main Netwrix Auditor menu, select **Settings** > **Investigations** tab. Click **Modify** to specify the new SQL Server settings. 11. Run a search with the filter **When | Equals | Last 7 days**. If you see the relevant data, the databases were migrated successfully and the new SQL Server is being used. 12. **Optional:** Start the old SQL Server instance if it is used for any other tasks. @@ -68,5 +68,6 @@ Yes, you are able to migrate audit databases to another Microsoft SQL Server ins - [How to Assign db_owner Permissions](docs/kb/auditor/how-to-assign-db-owner-permissions.md) - [SQL Server Reporting Services](https://docs.netwrix.com/docs/auditor/10_8/requirements/overview) -- [How to Prepare the Netwrix Server for a SQL Upgrade](/docs/kb/auditor/how-to-prepare-the-netwrix-server-for-a-sql-upgrade.md) -- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +- [How to Prepare the Netwrix Server for a SQL Upgrade](/docs/kb/auditor/how-to-prepare-the-netwrix-server-for-a-sql-upgrade) +- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) + diff --git a/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md b/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md index deb9fcd7bb..d1603ef107 100644 --- a/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md +++ b/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md @@ -34,13 +34,13 @@ The size of your Working Folder may grow significantly (up to 1 TB) depending on > > - Long-Term Archive, a repository of collected audit data stored in proprietary Netwrix format (activity records). Audit data is kept in the Long-Term Archive for 10 years as per default settings. The default Long-Term Archive location is ` %ProgramData%\Netwrix Auditor\Data`. For more information on setting Long-Term Archive up, refer to the following article: [Long-Term Archive](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/longtermarchive) > -> If you would like to move Long-Term Archive to another location, refer to the following article: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md). +> If you would like to move Long-Term Archive to another location, refer to the following article: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location). > > - Working Folder, a repository for Netwrix Auditor to store operational information (configuration files for product components, log files, and other data). To ensure the audit trail continuity, Netwrix Auditor also caches some audit data locally in the Working Folder prior to placing it to the Long-Term Archive or any audit database. Audit data is kept in the Working Folder for a shorter period of up to several weeks. The default Working Folder location is ` %ProgramData%\Netwrix Auditor\`. ### Planning and preparation -1. To track your current Working Folder capacity and estimate the disk space you will need on the new target drive, use the **Working Folder** widget of the Health Status dashboard. Refer to the following articles for additional information: [Netwrix Auditor Operations and Health − Health Status Dashboard](https://docs.netwrix.com/docs/auditor/10_8/admin/healthstatus/dashboard/overview) and [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md). +1. To track your current Working Folder capacity and estimate the disk space you will need on the new target drive, use the **Working Folder** widget of the Health Status dashboard. Refer to the following articles for additional information: [Netwrix Auditor Operations and Health − Health Status Dashboard](https://docs.netwrix.com/docs/auditor/10_8/admin/healthstatus/dashboard/overview) and [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status). 2. The Working Folder can be stored only locally on the Netwrix server — prepare a local folder for the migration process. Make sure the target folder location differs from the Long-Term Archive location. > **NOTE:** Network shares are not supported. @@ -51,19 +51,19 @@ The size of your Working Folder may grow significantly (up to 1 TB) depending on 1. Navigate to ` %Netwrix Auditor installation folder%\Audit Intelligence` and launch the `WorkingFolderMigration.exe` utility. 2. Specify the target folder in the **Specify new destination** field. - ![User-added image](images/ka0Qk0000002slt_0EM0g000002BkO9.png) + ![User-added image](./images/ka0Qk0000002slt_0EM0g000002BkO9.png) > **IMPORTANT:** Network shares are not supported − make sure the new Working Folder destination is a local folder. 3. Click **Migrate**. All temporary data from ` %ProgramData%\Netwrix Auditor\` will be copied to the specified target folder. 4. Wait for the migration process to complete. Your final screen should look like the following screenshot in case the migration process was completed correctly: - ![wf_migration.png](images/ka0Qk0000002slt_0EM4u000007chgj.png) + ![wf_migration.png](./images/ka0Qk0000002slt_0EM4u000007chgj.png) If the migration process was completed successfully, proceed to steps described in **Scenario A**. In case any error occurs during the migration process, the Working Folder contents will remain in the original location. The final screen might look like the following screenshot: -![User-added image](images/ka0Qk0000002slt_0EM0g000002BkNM.png) +![User-added image](./images/ka0Qk0000002slt_0EM0g000002BkNM.png) In case the migration process was not completed successfully, follow the steps described in **Scenario B**. @@ -94,7 +94,8 @@ If migration was completed with any errors, refer to the following steps: ## Related articles and links - [Long-Term Archive](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/longtermarchive) -- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) +- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) - [Netwrix Auditor Operations and Health − Health Status Dashboard](https://docs.netwrix.com/docs/auditor/10_8/admin/healthstatus/dashboard/overview) -- [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status.md) +- [How to Check the Netwrix Auditor Health Status](/docs/kb/auditor/how-to-check-the-netwrix-auditor-health-status) - [Open a Ticket · Netwrix 🧭](https://www.netwrix.com/tickets.html#/open-a-ticket) + diff --git a/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md b/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md index 0328f982a7..a1367373e2 100644 --- a/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md +++ b/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md @@ -30,7 +30,8 @@ On Netwrix Auditor Versions 9.0 and Newer, Inactive Users Tracker is installed a 2. Copy the following files to the same location on the new server: - Contents of `C:\ProgramData\Netwrix Auditor\Inactive Users Tracker` - Screenshot all four tabs of the Inactive Users Tracker interface for configuration - ![User-added image](images/ka04u000000HcNW_0EM4u000002QzDA.png) + ![User-added image](./images/ka04u000000HcNW_0EM4u000002QzDA.png) 3. Paste the contents of original `C:\ProgramData\Netwrix Auditor\Inactive Users Tracker` folder to the `C:\ProgramData\Netwrix Auditor\Inactive Users Tracker` folder on the new server 4. Reconfigure Inactive Users Tracker using the screenshots you captured 5. Apply your Netwrix Auditor License to the new instance of Netwrix Auditor. + diff --git a/docs/kb/auditor/how-to-modify-the-account-lockout-examiner-service-account.md b/docs/kb/auditor/how-to-modify-the-account-lockout-examiner-service-account.md index 12454e9bad..6b395d9e30 100644 --- a/docs/kb/auditor/how-to-modify-the-account-lockout-examiner-service-account.md +++ b/docs/kb/auditor/how-to-modify-the-account-lockout-examiner-service-account.md @@ -31,4 +31,5 @@ The Netwrix Account Lockout Examiner service account you entered during installa 4. Change the account, click **OK**. 5. Restart the **Account Lockout Examiner** service. -![User-added](images/servlet_image_3823966b1661.png) +![User-added](./images/servlet_image_3823966b1661.png) + diff --git a/docs/kb/auditor/how-to-monitor-print-service-activity.md b/docs/kb/auditor/how-to-monitor-print-service-activity.md index 11ec43c3d1..4e1ff381d4 100644 --- a/docs/kb/auditor/how-to-monitor-print-service-activity.md +++ b/docs/kb/auditor/how-to-monitor-print-service-activity.md @@ -31,22 +31,22 @@ You can enable the print event logging by following the steps below: 1. Enable logging for the print service of the print server — open **Event Viewer** > **Applications and Services Logs** > **Microsoft** > **Windows** > **PrintService**. 2. Right-click the **Operational** item to select **Properties**. - ![1.png](images/ka04u000000HdPU_0EM4u0000084ozs.png) + ![1.png](./images/ka04u000000HdPU_0EM4u0000084ozs.png) 3. Check the **Enable logging** checkbox — print service events will now be logged. Click **OK** to save changes. - ![2.png](images/ka04u000000HdPU_0EM4u0000084ozx.png) + ![2.png](./images/ka04u000000HdPU_0EM4u0000084ozx.png) Create an inclusive filter in Netwrix Auditor Event Log Manager: 1. Create a new monitoring plan by clicking **Add** or select the preexisting monitoring plan and click **Edit**. 2. Click the **Configure** button for Audit archiving filters. - ![1.png](images/ka04u000000HdPU_0EM4u0000084p07.png) + ![1.png](./images/ka04u000000HdPU_0EM4u0000084p07.png) 3. Click **Add** for Inclusive Filters. - ![2.png](images/ka04u000000HdPU_0EM4u0000084p0C.png) + ![2.png](./images/ka04u000000HdPU_0EM4u0000084p0C.png) 4. Fill in the filter name and description with the **Event Log** field to contain the following line: @@ -56,7 +56,7 @@ Create an inclusive filter in Netwrix Auditor Event Log Manager: Verify the location for the print server event logs via Event Viewer — the Log Name should correspond with the actual event logs location. - ![3.png](images/ka04u000000HdPU_0EM4u0000084p0D.png) + ![3.png](./images/ka04u000000HdPU_0EM4u0000084p0D.png) 5. You can specify Event IDs in the **Event Fields** tab to filter the events (e.g. Event ID 307 for **Printing a document**). Additionally you can filter the events via **Insertion Strings**, refer to the index numbers specified in event details (e.g. Param1 stands for Index 1 with "Job #" value). @@ -65,7 +65,7 @@ Download the **Printed Documents RDL.zip** archive provided below and extract th 1. Open the Reports Server URL in your browser and navigate to the folder you'd like to upload the report to (e.g. **Home** > **Netwrix Auditor** > **Netwrix Auditor for Event Log** > **Change Reports**). 2. Click **Upload** to upload the report to the folder. - ![1.png](images/ka04u000000HdPU_0EM4u0000084p0b.png) + ![1.png](./images/ka04u000000HdPU_0EM4u0000084p0b.png) Configure the report to use the `Netwrix_Auditor_EventLog` database: @@ -79,14 +79,15 @@ Configure the report to use the `Netwrix_Auditor_EventLog` database: NOTE: `SQLINSTANCE` should be replaced with the name of your SQL Server instance. - ![2.png](images/ka04u000000HdPU_0EM4u0000084p0l.png) + ![2.png](./images/ka04u000000HdPU_0EM4u0000084p0l.png) 4. Input your credentials, test the connection and save the changes. - ![3.png](images/ka04u000000HdPU_0EM4u0000084p0q.png) + ![3.png](./images/ka04u000000HdPU_0EM4u0000084p0q.png) 5. The report is now available via the web interface of your Report Server. It will not appear under Reports in the Netwrix Auditor console. - ![4.png](images/ka04u000000HdPU_0EM4u0000084p15.png) + ![4.png](./images/ka04u000000HdPU_0EM4u0000084p15.png) Printed Documents RDL: https://www.netwrix.com/download/Printed-Documents-RDL.zip + diff --git a/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md b/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md index 4daf596d93..ce6962dda5 100644 --- a/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md +++ b/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md @@ -37,7 +37,7 @@ For a clean installation of Netwrix Auditor 8.5 or newer, follow these steps: - Navigate to **Start** > **All Programs** > **Task Scheduler** > **Task Scheduler Library** and locate the tasks named Netwrix Auditor with descriptions mentioning the Netwrix Password Reset, Inactive User Tracker, or Event Log Manager applications. - Select these tasks (if any) and click **Disable** in the right pane. - ![lta_mig_1.png](images/ka04u00000117ad_0EM4u000008LFeu.png) + ![lta_mig_1.png](./images/ka04u00000117ad_0EM4u000008LFeu.png) 2. Copy all files from the old Long-Term-Archive folder into the new Long-Term-Archive folder except for the `ActivityRecords` folder. @@ -51,3 +51,4 @@ For a clean installation of Netwrix Auditor 8.5 or newer, follow these steps: 5. Start the other services and tasks you previously disabled. 6. Copy the rest of the files from the old `ActivityRecords` folder to the new one. If you are prompted to overwrite any files, skip those files instead. + diff --git a/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md b/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md index 09bb1559d1..fe2e1dc743 100644 --- a/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md +++ b/docs/kb/auditor/how-to-move-netwrix-auditor-to-the-cloud.md @@ -32,7 +32,7 @@ Consider it to simply be an installation on another network. Netwrix recommends 1. Spin up a new Windows Server VM in your cloud environment, provision it based on the Auditor Requirements: [Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/overview) -2. After that, migrate your old instance according to the following article: Migrating Netwrix Auditor to New Server: [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md). +2. After that, migrate your old instance according to the following article: Migrating Netwrix Auditor to New Server: [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server). > **NOTE:** When you go to migrate, both the old and new instances of Netwrix Auditor must be exactly the same version and build. In Netwrix Auditor, navigate to **Settings** -> **About Netwrix Auditor** and check the build number. diff --git a/docs/kb/auditor/how-to-prepare-for-printing-ssrs-based-reports.md b/docs/kb/auditor/how-to-prepare-for-printing-ssrs-based-reports.md index f0c117ac18..ee29280a88 100644 --- a/docs/kb/auditor/how-to-prepare-for-printing-ssrs-based-reports.md +++ b/docs/kb/auditor/how-to-prepare-for-printing-ssrs-based-reports.md @@ -36,10 +36,11 @@ Take the following steps: - **Script ActiveX controls marked safe for scripting** - **Download signed ActiveX controls** -![User-added image](images/ka04u000000HcZ6_0EM4u000002P6Cl.png) +![User-added image](./images/ka04u000000HcZ6_0EM4u000002P6Cl.png) 6. Click **OK**. 7. Open any SSRS-based report using Internet Explorer and click **Print**. 8. Internet Explorer will prompt for installation of the additional components it needs for printing. Click **Yes**. The ActiveX Control automatically downloads and installs. Then you will be able to print the reports from Internet Explorer and Netwrix Auditor UI. + diff --git a/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md b/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md index ae27fdcde8..850aee93a0 100644 --- a/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md +++ b/docs/kb/auditor/how-to-prepare-netwrix-server-for-os-upgrade.md @@ -33,7 +33,7 @@ This article provides preparation steps for upgrading an operating system (Windo Taking a snapshot or creating a backup of the Netwrix Auditor Server is recommended for data protection and recovery. The method to be used depends on the approach used for Auditor installation, whether it's on a virtual or physical machine. -> **TIP:** You can configure Netwrix Auditor in the failover mode. To learn about failover and backup scenarios, read [How to Configure Netwrix Auditor in Failover Mode](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md) +> **TIP:** You can configure Netwrix Auditor in the failover mode. To learn about failover and backup scenarios, read [How to Configure Netwrix Auditor in Failover Mode](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode) Stop all Netwrix services running in your server − run the following line in elevated PowerShell: @@ -55,4 +55,4 @@ After the upgrade, you might notice warnings in the Health log. These warnings o ## Related articles -- [How to Configure Netwrix Auditor in Failover Mode](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode.md) +- [How to Configure Netwrix Auditor in Failover Mode](/docs/kb/auditor/how-to-configure-netwrix-auditor-in-failover-mode) diff --git a/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md b/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md index 8cceebc283..8b23ea002b 100644 --- a/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md +++ b/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md @@ -34,8 +34,8 @@ You can deal with this issue in one of the following ways: 1. Modify Long-Term Archive retention period. For that: - In Netwrix Auditor, navigate to **Settings**. - Select the **Long-Term Archive** page and modify the archive retention settings – provide the value in months. -2. Move the archive to another drive. Learn more in the following article: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) -3. Exclude Data from the Auditing Scope. For additional information, refer to the following article: [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md) +2. Move the archive to another drive. Learn more in the following article: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) +3. Exclude Data from the Auditing Scope. For additional information, refer to the following article: [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui) You can also fine tune your monitoring scope via omit lists — this allows you to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on available omit lists, review the corresponding article applicable to your target system. For example, for Active Directory omit lists, refer to the following article: [Active Directory Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/activedirectory/scope) diff --git a/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md b/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md index c15e850d6e..9700df0a29 100644 --- a/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md +++ b/docs/kb/auditor/how-to-properly-remove-auditor-components-prior-to-further-clear-installation.md @@ -53,4 +53,8 @@ In most cases, yes it does. However, for the proper uninstallation of all compre ### Related Article -- [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server.md) +- [Migrating Auditor to New Server](/docs/kb/auditor/migrating-auditor-to-new-server) + + + + diff --git a/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md b/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md index 90d4c67525..5352a9fd67 100644 --- a/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md +++ b/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md @@ -38,7 +38,7 @@ You can configure the audit database retention settings by following the next st 2. In the left pane, select the **Audit Database** tab. 3. Click **Modify** under the **Database Retention** section and input the retention period in days. - ![User-added image](images/ka04u00000117bz_0EM0g000000hGVv.png) + ![User-added image](./images/ka04u00000117bz_0EM0g000000hGVv.png) - **Tip:** Longer retention periods results in larger audit databases. @@ -51,7 +51,7 @@ Data that exceeds the new retention period will be removed during the next colle 1. In Windows Services Manager on your Netwrix host, stop both **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service**. 2. Run your SQL Management Studio instance and navigate to ` %SQL_Server_database_name% > Databases` to select the database you are going to delete. - ![User-added image](images/ka04u00000117bz_0EM70000000QIPr.png) + ![User-added image](./images/ka04u00000117bz_0EM70000000QIPr.png) 3. In the Delete Object window, check both option checkboxes: 1. Delete backup and restore history information for databases. @@ -66,7 +66,7 @@ The audit database has now been successfully deleted. Refer to the **Rebuilding 2. In the left pane, select the **Audit Database** tab. Review the database name and update it if necessary. Netwrix Auditor allows you to specify settings for each monitoring plan individually, so you'll have to rebuild the database for each monitoring plan separately. - ![User-added image](images/ka04u00000117bz_0EM0g000000hGWo.png) + ![User-added image](./images/ka04u00000117bz_0EM0g000000hGWo.png) 3. Refresh or reopen the SQL Management Studio to ensure the audit database was rebuilt. @@ -76,7 +76,7 @@ The audit database has now been successfully deleted. Refer to the **Rebuilding 2. Run your SQL Management Studio instance and navigate to ` %SQL_Server_database_name% > Databases` to select the database you are going to rename. 3. Right-click the selected database and select **Rename**. - ![Screenshot_1.png](images/ka04u00000117bz_0EM4u000004dCnj.png) + ![Screenshot_1.png](./images/ka04u00000117bz_0EM4u000004dCnj.png) 4. Add **_old** or another word to the end of the database name to differentiate it from other databases. 5. Once the database has been renamed, restart **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service**. @@ -89,13 +89,14 @@ The audit database has now been successfully renamed. Refer to the **Rebuilding > **NOTE:** In order to correctly set the retention period, you have to estimate your audit database growth. If you are using Netwrix Auditor 9.6 or newer, this can be done by monitoring **Health Status** > **Database statistics**. -![db_stats.png](images/ka04u00000117bz_0EM4u000008LKwz.png) +![db_stats.png](./images/ka04u00000117bz_0EM4u000008LKwz.png) 1. Run your SQL Management Studio instance and navigate to ` %SQL_Server_database_name% > Databases` to locate the required database. 2. Right-click it and select **Properties**. - ![User-added image](images/ka04u00000117bz_0EM70000000QIQN.png) + ![User-added image](./images/ka04u00000117bz_0EM70000000QIQN.png) 3. Review **Size** and **Space Available** parameters. > **NOTE:** This should be done over the course of several days to get the best estimate of growth. + diff --git a/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md b/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md index 4db814d712..3f545c6222 100644 --- a/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md +++ b/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md @@ -33,11 +33,11 @@ How to repair a Netwrix Auditor installation in our environment? > Stop-Service -Displayname Netwrix* > ``` -1. Establish the Netwrix Auditor version and build you're currently running in your environment. Refer to the following article for additional information: [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md). +1. Establish the Netwrix Auditor version and build you're currently running in your environment. Refer to the following article for additional information: [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version). 2. Proceed to your **My Products** page to download the executable for the corresponding version. Refer to the following link: [Netwrix — My Products](https://www.netwrix.com/my_products.html). 3. Run the downloaded executable. Once the files are extracted, a setup screen will be prompted. - ![Install Netwrix Auditor setup screen](images/ka04u00000117fh_0EM4u000008MBTP.png) + ![Install Netwrix Auditor setup screen](./images/ka04u00000117fh_0EM4u000008MBTP.png) 4. Select **Install** under **Install Netwrix Auditor**. 5. Click **Next**, and select **Repair**. @@ -47,4 +47,7 @@ How to repair a Netwrix Auditor installation in our environment? ## Related articles -- [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md) +- [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version) + + + diff --git a/docs/kb/auditor/how-to-restrict-access-to-the-help-desk-portal-and-the-administrative-console.md b/docs/kb/auditor/how-to-restrict-access-to-the-help-desk-portal-and-the-administrative-console.md index e067fa0ba6..6221713ac7 100644 --- a/docs/kb/auditor/how-to-restrict-access-to-the-help-desk-portal-and-the-administrative-console.md +++ b/docs/kb/auditor/how-to-restrict-access-to-the-help-desk-portal-and-the-administrative-console.md @@ -39,4 +39,5 @@ By default, the **Administrator** role includes users belonging to the local `Ad 2. Click the **Modify** button next to the group that you want to edit. 3. In the dialog that opens, click **Add** to add a member to the selected security role, or select a user and click **Remove** to exclude them. -[![User-added image](images/ka04u000000HcVz_0EM700000004wyU.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAd1&feoid=00N700000032Pj2&refid=0EM700000004wyU) +[![User-added image](./images/ka04u000000HcVz_0EM700000004wyU.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAd1&feoid=00N700000032Pj2&refid=0EM700000004wyU) + diff --git a/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md b/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md index 182ec33d59..01f5a176e2 100644 --- a/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md +++ b/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md @@ -44,12 +44,12 @@ The exported System Health event log will appear on your Desktop. 1. Open **Event Viewer**. 2. Expand the **Applications and Services Logs** folder. - ![Netwrix Auditor System Health Logs](images/ka04u00000117Ay_0EM70000000tnyM.png) + ![Netwrix Auditor System Health Logs](./images/ka04u00000117Ay_0EM70000000tnyM.png) 3. Right-click the **Netwrix Auditor System Health** log file and select **Save All Events As...**. 4. Name the file and click **Save**. - ![Save All Events As](images/ka04u00000117Ay_0EM70000000tnyW.png) + ![Save All Events As](./images/ka04u00000117Ay_0EM70000000tnyW.png) 5. Select the option to **Display information for these languages**, check the **English (United States)** checkbox, and click **OK**. 6. Once the file is saved, right-click it and zip the file. @@ -57,3 +57,4 @@ The exported System Health event log will appear on your Desktop. ### Sending Netwrix Auditor logs Your Technical Support Engineer may request you to attach Netwrix Auditor logs. Refer to the following article for additional information: https://kb.netwrix.com/4645 (How to Send Netwrix Auditor Logs). + diff --git a/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md b/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md index 2efb2e89c4..823df3c91f 100644 --- a/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md +++ b/docs/kb/auditor/how-to-send-netwrix-auditor-logs.md @@ -34,7 +34,7 @@ knowledge_article_id: kA00g000000H9efCAC Netwrix Technical Support might request a collection of your Netwrix Auditor logs for troubleshooting purposes. Make sure you gather the following items to help your Technical Support Engineer resolve your issue. -- **Netwrix Auditor System Health event log**. Refer to the following article for additional information on exporting the System Health event log: [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md) +- **Netwrix Auditor System Health event log**. Refer to the following article for additional information on exporting the System Health event log: [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log) - **Netwrix Auditor configuration files**. Navigate to ` %Working Folder%\AuditCore\ConfigServer ` and copy the **ConfigServer** folder. The default location of the **ConfigServer** folder is `C:\ProgramData\Netwrix Auditor\AuditCore\ConfigServer`. @@ -71,12 +71,13 @@ Netwrix Technical Support might request a collection of your Netwrix Auditor log > **NOTE:** Once you have opened the **Open Tickets** page and identified the corresponding ticket (with a matching ticket #), you can attach the logs via one of the following ways: > > - Click the **Add attachments** button located under the **Actions** column of the ticket. -> ![Customer Portal Attachments 1](images/ka0Qk000000Bei5_00N0g000004CA0p_0EMQk000008M3Qr.png) +> ![Customer Portal Attachments 1](./images/ka0Qk000000Bei5_00N0g000004CA0p_0EMQk000008M3Qr.png) > > - Expand the ticket details by clicking the **down carat (▼)** button and click the **plus (+)** button next to **Attachments**. -> ![Customer Portal Attachments 2](images/ka0Qk000000Bei5_00N0g000004CA0p_0EMQk000008M3U5.png) +> ![Customer Portal Attachments 2](./images/ka0Qk000000Bei5_00N0g000004CA0p_0EMQk000008M3U5.png) ## Related links -- [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log.md) +- [How to Save and Zip Netwrix Auditor System Health Event Log](/docs/kb/auditor/how-to-save-and-zip-netwrix-auditor-system-health-event-log) - [Netwrix Customer Portal](https://www.netwrix.com/tickets.html#/tickets/open) + diff --git a/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md b/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md index 9ebc87e02f..b9ec3c0d88 100644 --- a/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md +++ b/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md @@ -40,7 +40,7 @@ How to update Netwrix Auditor? ### Netwrix Auditor v.9.95 and earlier Older versions of Netwrix Auditor must be upgraded incrementally. You must wait 24 hours in between each incremental upgrade. -> **NOTE:** For additional information on upgrade increments, refer to the following article: [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md) +> **NOTE:** For additional information on upgrade increments, refer to the following article: [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor) If you are upgrading from a version earlier than 9.96, view the additional steps under **Post Upgrade** > **Legacy Steps** further in this article. @@ -64,9 +64,10 @@ Upon completion, Netwrix Auditor will launch. To confirm integrity, run the foll - **Legacy Steps:** On version 8.5 and lower, you will need to launch the Netwrix Auditor Administrator Console and manually upgrade the Audit Databases in SQL. - Click **Audit Database** and then click **Upgrade**. - ![8.0-Upgrade-6-1.png](images/ka0Qk000000Csfl_0EM4u0000084TwA.png) + ![8.0-Upgrade-6-1.png](./images/ka0Qk000000Csfl_0EM4u0000084TwA.png) ## Related articles - [Upgrading to the Latest Version](https://docs.netwrix.com/docs/auditor/10_8/install/upgrade) -- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md) +- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor) + diff --git a/docs/kb/auditor/how-to-use-wildcards-in-netwrix-auditor-reports.md b/docs/kb/auditor/how-to-use-wildcards-in-netwrix-auditor-reports.md index 936e5b6f7e..5b33280e3d 100644 --- a/docs/kb/auditor/how-to-use-wildcards-in-netwrix-auditor-reports.md +++ b/docs/kb/auditor/how-to-use-wildcards-in-netwrix-auditor-reports.md @@ -72,4 +72,5 @@ Netwrix Auditor reports are based on SQL Server Reporting Services — the same - `AOE` - Not `ABE`, `ACE`, `AAE`, `ADE`. -![Wildcards image](images/ka04u00000117UP_0EM4u000008M7Sw.png) +![Wildcards image](./images/ka04u00000117UP_0EM4u000008M7Sw.png) + diff --git a/docs/kb/auditor/how-to-view-custom-sensitive-file-categories-in-netwrix-auditor.md b/docs/kb/auditor/how-to-view-custom-sensitive-file-categories-in-netwrix-auditor.md index 2018eb5d34..216b66e298 100644 --- a/docs/kb/auditor/how-to-view-custom-sensitive-file-categories-in-netwrix-auditor.md +++ b/docs/kb/auditor/how-to-view-custom-sensitive-file-categories-in-netwrix-auditor.md @@ -50,7 +50,8 @@ Refer to the following steps: > **NOTE:** To delete parent terms, first delete the children terms. 3. Once the built-in terms are cleared, create a new child term under the root taxonomy term. Right-click the root term and click **Add Child Term(s)**. Then, insert the new clues to the child term. - ![User-added image](images/ka0Qk0000002kpx_0EMQk000003xxWz.png) + ![User-added image](./images/ka0Qk0000002kpx_0EMQk000003xxWz.png) 4. Set up your sources to include target files for the modified taxonomy. Wait for the files to be crawled and classified. The corresponding Netwrix Auditor report will include the used taxonomy and file owner. + diff --git a/docs/kb/auditor/hyperlinks-in-custom-branding.md b/docs/kb/auditor/hyperlinks-in-custom-branding.md index 42c09ea27b..2b04a7a115 100644 --- a/docs/kb/auditor/hyperlinks-in-custom-branding.md +++ b/docs/kb/auditor/hyperlinks-in-custom-branding.md @@ -37,4 +37,5 @@ This can be done by using html tags. 3. Modify the URL (`https://netwrix.com/`) and caption (`Support link`) as needed -![User-added image](images/ka04u000000HcNU_0EM700000004xUL.png) +![User-added image](./images/ka04u000000HcNU_0EM700000004xUL.png) + diff --git a/docs/kb/auditor/illegible-notification-contents-and-characters-in-password-expiration-notifier.md b/docs/kb/auditor/illegible-notification-contents-and-characters-in-password-expiration-notifier.md index 662a5d626d..3253cb962a 100644 --- a/docs/kb/auditor/illegible-notification-contents-and-characters-in-password-expiration-notifier.md +++ b/docs/kb/auditor/illegible-notification-contents-and-characters-in-password-expiration-notifier.md @@ -26,7 +26,7 @@ knowledge_article_id: kA0Qk0000000Q8zKAE When previewing or viewing notifications sent by Netwrix Auditor Netwrix Password Reset (PEN), the contents are illegible. The text and particular characters do not correspond to the intended language. -![IllegibleCharacters](images/ka0Qk0000001Zjh_0EMQk000002jqCb.png) +![IllegibleCharacters](./images/ka0Qk0000001Zjh_0EMQk000002jqCb.png) ## Cause @@ -37,3 +37,4 @@ The email client or environment used to preview the notification does not suppor Review the character encoding settings in your email client or affected environment − make sure the `UTF-8 (Unicode)` encoding is enabled. > **NOTE:** It is recommended to set up the explicit `UTF-8 (Unicode)` encoding support instead of available automatic detection methods. + diff --git a/docs/kb/auditor/images-are-not-shown.md b/docs/kb/auditor/images-are-not-shown.md index c36d77e990..dd697210bf 100644 --- a/docs/kb/auditor/images-are-not-shown.md +++ b/docs/kb/auditor/images-are-not-shown.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9YHCA0 ## Question Web Portal shows no images just red boxes. Whats the case? -![User-added image](images/ka04u00000117dv_0EM7000000050pb.png) +![User-added image](./images/ka04u00000117dv_0EM7000000050pb.png) ## Answer The issue occurs because IIS cannot display images because of configuration. @@ -41,3 +41,4 @@ To address the issue, enable the **Static content** feature within IIS. 1. Navigate to **Server Manager - Roles - Web server**, find the Role services in the right pane, click **Add role services**. 2. Enable **Static content** under **Common HTTP Features**. + diff --git a/docs/kb/auditor/impossible-to-export-a-report.md b/docs/kb/auditor/impossible-to-export-a-report.md index e3461b30c9..f18359a0f9 100644 --- a/docs/kb/auditor/impossible-to-export-a-report.md +++ b/docs/kb/auditor/impossible-to-export-a-report.md @@ -49,9 +49,10 @@ Refer to the following options to save the report: 1. In Netwrix Auditor, navigate to the **Reports** menu and run a report. 2. Click the **Print** icon, select the appropriate format, and click **Print**. - ![Print dialog or options](images/ka0Qk000000CoU5_0EM4u0000084Tco.png) + ![Print dialog or options](./images/ka0Qk000000CoU5_0EM4u0000084Tco.png) 3. Proceed with the further steps to save the report. ## Related Articles - https://docs.netwrix.com/docs/auditor/10_8/requirements/overview + diff --git a/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md b/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md index 3c6594c66e..446acc91d1 100644 --- a/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md +++ b/docs/kb/auditor/invalid-character-value-for-cast-specification-error-occurs-when-trying-to-store-audit-data.md @@ -67,4 +67,4 @@ The source of the issue was resolved in newer versions, and since you are on 9.9 After the database retention period passes, you will be able to remove the old database from the SQL Server completely and will not need this empty plan anymore (stale data would be cleared according to database retention settings, and all the current data will be in the new database). -**IMPORTANT:** If, after these workarounds, you will have the *Archive Service is busy processing activity records* error, refer to the following article: [Archive Service is Busy Processing Activity Records](/docs/kb/auditor/archive-service-is-busy-processing-activity-records.md). +**IMPORTANT:** If, after these workarounds, you will have the *Archive Service is busy processing activity records* error, refer to the following article: [Archive Service is Busy Processing Activity Records](/docs/kb/auditor/archive-service-is-busy-processing-activity-records). diff --git a/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md b/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md index 0837b5736a..fbc0320292 100644 --- a/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md +++ b/docs/kb/auditor/is-it-possible-to-have-ndc-sql-database-and-auditor-databases-on-the-same-sql-server.md @@ -32,4 +32,4 @@ Is it possible to have both: Netwrix Data Classification (NDC) SQL database and Netwrix strongly recommends **do not keep** these databases on the same SQL Server. This may lead to significant performance loss. -If, for some reasons, you need to migrate your Netwrix Data Classification (NDC) SQL database to another server, refer to the following article for additional information: [How to Migrate the Netwrix Data Classification Database](/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md). +If, for some reasons, you need to migrate your Netwrix Data Classification (NDC) SQL database to another server, refer to the following article for additional information: [How to Migrate the Netwrix Data Classification Database](/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database). diff --git a/docs/kb/auditor/kds-removal-tool-for-adv-2023-003-failed-to-load-configuration-file.md b/docs/kb/auditor/kds-removal-tool-for-adv-2023-003-failed-to-load-configuration-file.md index c079bba044..7986afe08c 100644 --- a/docs/kb/auditor/kds-removal-tool-for-adv-2023-003-failed-to-load-configuration-file.md +++ b/docs/kb/auditor/kds-removal-tool-for-adv-2023-003-failed-to-load-configuration-file.md @@ -32,7 +32,7 @@ Failed to load configuration file. Could not find a part of the path ``` -![Error dialog image](images/ka04u00000117HW_0EM4u000008LwaA.png) +![Error dialog image](./images/ka04u00000117HW_0EM4u000008LwaA.png) ## Cause @@ -69,3 +69,4 @@ Change it to a full path (example): 3. Save changes and run the tool again. In case these steps did not help, contact Netwrix Technical Support: https://www.netwrix.com/open_a_ticket.html. + diff --git a/docs/kb/auditor/lockouts-are-not-tracked.md b/docs/kb/auditor/lockouts-are-not-tracked.md index c7640dc7df..34a45f9a98 100644 --- a/docs/kb/auditor/lockouts-are-not-tracked.md +++ b/docs/kb/auditor/lockouts-are-not-tracked.md @@ -36,8 +36,9 @@ First, make sure the Windows security log on your DC is reachable: connect via * 4. Create a new DWORD named `UseWatcher` and set its value to `1`. 5. Restart the Netwrix Account Lockout Examiner service via the Services snap-in. -[![User-added image](images/ka04u000000HcWD_0EM700000004udF.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAcl&feoid=00N700000032Pj2&refid=0EM700000004udF) +[![User-added image](./images/ka04u000000HcWD_0EM700000004udF.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAcl&feoid=00N700000032Pj2&refid=0EM700000004udF) If the above doesn't help, try to change the value of the `UseWMI` registry key to `0`. -[![User-added image](images/ka04u000000HcWD_0EM700000004wzc.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAcl&feoid=00N700000032Pj2&refid=0EM700000004wzc) +[![User-added image](./images/ka04u000000HcWD_0EM700000004wzc.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAcl&feoid=00N700000032Pj2&refid=0EM700000004wzc) + diff --git a/docs/kb/auditor/log-overwrites-warnings.md b/docs/kb/auditor/log-overwrites-warnings.md index 3c7b924f74..aab0a680ce 100644 --- a/docs/kb/auditor/log-overwrites-warnings.md +++ b/docs/kb/auditor/log-overwrites-warnings.md @@ -56,14 +56,14 @@ NOTE: for **Security** and **System** event logs, you can figure out who cleared IMPORTANT: Before changing `Maximum log size`, make sure that the system drive has enough free space to store the event log of the maximum size. If not, the event log will grow and fill up all free space on the system drive and the system will stop responding. 4. Make sure the **Overwrite events as needed** option is selected and click **Apply**. -![Configuring maximum log size](images/ka04u000000HcXR_0EM700000004vPE.png) +![Configuring maximum log size](./images/ka04u000000HcXR_0EM700000004vPE.png) ## Procedure 2: Increase `Maximum log size` via Group Policy Object 1. Go to **Start** / **Administrative Tools** / **Group Policy Management**. 2. In the window displayed, go to **Group Policy Management** / **Forest Name** / **Domains** / **Group Policy Objects** / right-click the appropriate policy (or create new) and select **Edit**. **Group Policy Management Editor** starts. -![Group Policy Management](images/ka04u000000HcXR_0EM700000004vPJ.png) +![Group Policy Management](./images/ka04u000000HcXR_0EM700000004vPJ.png) 3. In the left pane, go to **Computer Configuration** / **Policies** / **Windows Settings** / **Security Settings** / **Event Log**. Right-click **Retention method for ``**, choose **Properties**. 4. In the **Security Policy Setting** tab, check the **Define this policy setting** box and select **Do not overwrite events (clear log manually)**. Click OK. @@ -71,7 +71,7 @@ NOTE: for **Security** and **System** event logs, you can figure out who cleared 6. In the **Security Policy Setting** tab, check the **Define this policy setting** box and set the size to `4194240` Kb as recommended by Microsoft: http://support.microsoft.com/kb/957662 IMPORTANT: The affected machines must have enough free space on their system drives for storing the event log of the maximum size. If not, the event log will grow and fill up all free space on the system drive and the system will stop responding. -![Group Policy Management Editor](images/ka04u000000HcXR_0EM700000004vPO.png) +![Group Policy Management Editor](./images/ka04u000000HcXR_0EM700000004vPO.png) 7. Close **Group Policy Object Editor** and link the configured GPO to the required OUs and containers in **Group Policy Management**. 8. OPTIONAL: Upgrade the group policies on the problematic servers by performing the following command: @@ -85,7 +85,7 @@ NOTE: for **Security** and **System** event logs, you can figure out who cleared 2. When the **Resultant Set of Policy** is processed, expand **Computer Configuration** / **Windows Setting** / **Security Settings** / **Event Log**. 3. Make sure that the **Retention method for ``** policy setting has the **Not Defined** or **Manually** value set. If not, change this setting using **Group Policy Management Editor** as described in **Procedure 2**. -![RSOP Results](images/ka04u000000HcXR_0EM700000004vPT.png) +![RSOP Results](./images/ka04u000000HcXR_0EM700000004vPT.png) 4. Perform the following steps: - Click **Start** / **Run**, type `eventvwr.msc` and press **Enter**. The **Event Viewer** window will be displayed. @@ -94,7 +94,7 @@ NOTE: for **Security** and **System** event logs, you can figure out who cleared - Select the **Archive the log when full, do not overwrite events** radio button. - Click the **Clear Log** button. Click the **Apply** button. -![Event Viewer Settings on Windows 2008](images/ka04u000000HcXR_0EM700000004vPn.png) +![Event Viewer Settings on Windows 2008](./images/ka04u000000HcXR_0EM700000004vPn.png) NOTE: These maximum sizes are recommended by Microsoft: http://support.microsoft.com/kb/957662 IMPORTANT: Before you change `Maximum log size` and enable the **Archive events when full** option, make sure that the system drive has enough free space to store the event log and log's backup files of the maximum size. If not, the event log will grow and fill up all free space on the system drive and the system will stop responding. @@ -110,4 +110,5 @@ IMPORTANT: Before you change `Maximum log size` and enable the **Archive events - `ProcessBackupLogs` set to `1` - `CleanAutoBackupLogs` set to `X` (if you want the archives to be removed when all events in them are older than `X` hours, for example: `24` hours). -![Event Log Manager Registry Settings](images/ka04u000000HcXR_0EM700000004vPs.png) +![Event Log Manager Registry Settings](./images/ka04u000000HcXR_0EM700000004vPs.png) + diff --git a/docs/kb/auditor/logon-failed-for-unattended-execution-account-running-netwrix-auditor-reports.md b/docs/kb/auditor/logon-failed-for-unattended-execution-account-running-netwrix-auditor-reports.md index ac3cc0faeb..ba0cccfb92 100644 --- a/docs/kb/auditor/logon-failed-for-unattended-execution-account-running-netwrix-auditor-reports.md +++ b/docs/kb/auditor/logon-failed-for-unattended-execution-account-running-netwrix-auditor-reports.md @@ -64,6 +64,7 @@ If no credentials are visible in Report Server Configuration Manager, follow the 2. Open the `rsreportserver.config` file in a text editor, and locate the `` node. - ![UnattendedExecutionAccount node](images/ka04u00000117zS_0EM4u000008MT4S.png) + ![UnattendedExecutionAccount node](./images/ka04u00000117zS_0EM4u000008MT4S.png) 3. Delete the credentials specified in ``, ``, and `` fields. + diff --git a/docs/kb/auditor/long-data-collection-improving-the-performance.md b/docs/kb/auditor/long-data-collection-improving-the-performance.md index 68ea7bc5bc..e6ed3c217b 100644 --- a/docs/kb/auditor/long-data-collection-improving-the-performance.md +++ b/docs/kb/auditor/long-data-collection-improving-the-performance.md @@ -60,7 +60,7 @@ Depending on your environment and needs, the Audit Database retention period can ### Exclude Netwrix-related folders from antivirus scans -As Netwrix Auditor creates and writes audit data in smaller portions, your antivirus suite will attempt to check every new or edited file to complete the threat check. Full file reads might take extra time to complete, hindering the writing capability of Netwrix Auditor, in some cases leading to timeouts and additional RAM and CPU loads. Refer to the following article for additional information on folders to be excluded from regular antivirus checks: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +As Netwrix Auditor creates and writes audit data in smaller portions, your antivirus suite will attempt to check every new or edited file to complete the threat check. Full file reads might take extra time to complete, hindering the writing capability of Netwrix Auditor, in some cases leading to timeouts and additional RAM and CPU loads. Refer to the following article for additional information on folders to be excluded from regular antivirus checks: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) ### Set up data collection for State-in-Time reports @@ -89,7 +89,7 @@ In case you have an Event Log Manager plan set up, make sure it doesn't monitor ### Omit lists -You can limit the monitoring scope in your environment via omit lists — this allows to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on how to exclude users and objects via Netwrix Auditor UI, refer to the following article: [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md). For additional information on how to use omit lists, refer to the following article: [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists) +You can limit the monitoring scope in your environment via omit lists — this allows to proactively decrease the DB loads as changes for omitted items are not recorded. For additional information on how to exclude users and objects via Netwrix Auditor UI, refer to the following article: [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui). For additional information on how to use omit lists, refer to the following article: [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists) ### Related articles @@ -97,7 +97,7 @@ You can limit the monitoring scope in your environment via omit lists — this a - [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console) - [Settings for Data Collection](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/create#settings-for-data-collection) - [Configure Database Retention](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/auditdatabase#configure-database-retention) -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) - [Manage Data Sources](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/datasources) -- [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui.md) +- [How to Exclude Users and Objects from Monitoring Scope in Netwrix Auditor UI](/docs/kb/auditor/how-to-exclude-users-and-objects-from-monitoring-scope-in-netwrix-auditor-ui) - [How to Use Omit Lists](https://docs.netwrix.com/docs/kb/auditor/how-to-use-omit-lists) diff --git a/docs/kb/auditor/malformed-control-request.md b/docs/kb/auditor/malformed-control-request.md index 609a14c191..f5207e5b9e 100644 --- a/docs/kb/auditor/malformed-control-request.md +++ b/docs/kb/auditor/malformed-control-request.md @@ -34,7 +34,7 @@ It should be a reply to lockout notification and shall have the code specified a For example: -![User-added image](images/ka04u000000HcT2_0EM700000005kEC.png) +![User-added image](./images/ka04u000000HcT2_0EM700000005kEC.png) --- @@ -43,3 +43,4 @@ Make sure that: 2. `UNLOCK:` keyword is specified 3. the quoted e-mail was not changed 4. you reply in UTF-8 encoding. + diff --git a/docs/kb/auditor/manually-update-user-activity-core-service.md b/docs/kb/auditor/manually-update-user-activity-core-service.md index 8873727be3..d3090db07b 100644 --- a/docs/kb/auditor/manually-update-user-activity-core-service.md +++ b/docs/kb/auditor/manually-update-user-activity-core-service.md @@ -29,7 +29,7 @@ The Netwrix Auditor User Activity Core Service version in a target server does n ## Answer -> **NOTE:** Refer to the following article for additional information on establishing the version of your Auditor server: [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md) +> **NOTE:** Refer to the following article for additional information on establishing the version of your Auditor server: [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version) > **IMPORTANT:** It is recommended to stop User Activity services in the Netwrix server before making changes to installed Core Services in targets. Run the following command in elevated PowerShell to stop User Activity Core Service and Audit Service: > @@ -117,5 +117,5 @@ User Activity Core Service is designed to be deployed automatically when adding ## Related links -- [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version.md) +- [How to Find Out My Netwrix Auditor Version](/docs/kb/auditor/how-to-find-out-my-netwrix-auditor-version) - [Uninstall Netwrix Product](https://www.netwrix.com/download/products/KnowledgeBase/Uninstall-NetwrixProduct.ps1) diff --git a/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md b/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md index 12a27019fa..3c66662603 100644 --- a/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md +++ b/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md @@ -35,7 +35,7 @@ In Netwrix Auditor versions 9.0 and newer, Netwrix Password Reset is installed a 2. Copy the following data from the old server to the new server: - Templates folder from `C:\Program Files (x86)\Netwrix Auditor\Password Expiration Alerting\Templates`. - Screenshot all four tabs of the Netwrix Password Reset interface for configuration details. - ![tIfrvbFLMt.png](images/ka04u00000117hE_0EM4u000007ccaS.png) + ![tIfrvbFLMt.png](./images/ka04u00000117hE_0EM4u000007ccaS.png) 3. Reconfigure Netwrix Password Reset according to the screenshots you captured. 4. Apply your Netwrix Auditor License to the new instance of Netwrix Auditor. @@ -43,4 +43,5 @@ In Netwrix Auditor versions 9.0 and newer, Netwrix Password Reset is installed a Message templates customized via the Netwrix Password Reset UI should be transferred manually — make sure to copy the contents of the **Actions** tab reports highlighted in the screenshot. -![CslItbePFg.png](images/ka04u00000117hE_0EM4u000007ccac.png) +![CslItbePFg.png](./images/ka04u00000117hE_0EM4u000007ccac.png) + diff --git a/docs/kb/auditor/migrating-auditor-to-new-server.md b/docs/kb/auditor/migrating-auditor-to-new-server.md index 1363013f25..696e2a6bfd 100644 --- a/docs/kb/auditor/migrating-auditor-to-new-server.md +++ b/docs/kb/auditor/migrating-auditor-to-new-server.md @@ -73,12 +73,12 @@ By default, Long-Term Archive is located at `C:\ProgramData\Netwrix Auditor\Data Navigate to your Long-Term Archive location and copy the entire folder. Proceed by transferring Long-Term Archive to the new Netwrix Auditor server. While you can migrate it to the default location, it is recommended to keep Long-Term Archive on a separate drive. This will prevent rapid storage consumption on the C drive. Take note of where you have placed Long-Term Archive on the new Netwrix Auditor server. -> **NOTE:** You can split the Long-Term Archive migration into two steps if the size of your ActivityRecords folder doesn't allow for a quick migration. For additional information, refer to the following article: How to Move Long-Term Archive to a New Location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) +> **NOTE:** You can split the Long-Term Archive migration into two steps if the size of your ActivityRecords folder doesn't allow for a quick migration. For additional information, refer to the following article: How to Move Long-Term Archive to a New Location: [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) ### SQL Databases -It is important to decide on migration of your SQL databases or keeping them in your current SQL Server instance during the Netwrix Auditor migration. In case you'd like to migrate your SQL Server databases, refer to the following article for additional information:[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md) -Once SQL migration is complete, refer to the following article for additional information on Report Server Database deployment:[Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +It is important to decide on migration of your SQL databases or keeping them in your current SQL Server instance during the Netwrix Auditor migration. In case you'd like to migrate your SQL Server databases, refer to the following article for additional information:[How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance) +Once SQL migration is complete, refer to the following article for additional information on Report Server Database deployment:[Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) ### Final Steps @@ -110,16 +110,16 @@ Start-Service -Displayname Netwrix* 3. In Netwrix Auditor **Settings** menu, select **Audit Databse** in the left pane and click **Modify** under **Audit database settings**. 4. Specify the SQL Server instance name and credentials of the account used to write data to SQL databases. Refer to the following articles for additional information on SQL permissions and report server database deployment: - [Requirements for SQL Server to Store Audit Data](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver) - - [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) + - [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) ### Important Notes Post-Migration -- If you've previously had any omit lists configured, you will have to either copy the contents of these omit lists or copy the files to the new server. For additional information on omit lists and their locations, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md) +- If you've previously had any omit lists configured, you will have to either copy the contents of these omit lists or copy the files to the new server. For additional information on omit lists and their locations, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists) - You cannot migrate Event Log Manager or its configuration files. Remember to manually copy the configuration over to the new server. Event Log Manager data will be migrated in case you've migrated SQL databases. - Netwrix Password Expiration Notifier and Netwrix Inactive Users Tracker do not store any data — their reports are sent daily via email. For more information on how to migrate these Netwrix tools, refer to the following articles: - - [Migrate PEN to a Different Server](/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md) - - How to migrate Netwrix Inactive Users Tracker to other servers: [How to Migrate Netwrix Inactive Users Tracker to Other Servers](/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md) -- User Activity data will not be collected until the Core Service is redeployed after migration. For more information on how to reset Netwrix Auditor User Activity Core Service to allow the monitoring plan to redeploy with the new configuration settings and registry keys, review the following article: [Uninstalling User Activity Monitoring Agents](/docs/kb/auditor/uninstalling-user-activity-monitoring-agents.md) + - [Migrate PEN to a Different Server](/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server) + - How to migrate Netwrix Inactive Users Tracker to other servers: [How to Migrate Netwrix Inactive Users Tracker to Other Servers](/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers) +- User Activity data will not be collected until the Core Service is redeployed after migration. For more information on how to reset Netwrix Auditor User Activity Core Service to allow the monitoring plan to redeploy with the new configuration settings and registry keys, review the following article: [Uninstalling User Activity Monitoring Agents](/docs/kb/auditor/uninstalling-user-activity-monitoring-agents) ### Validation Checklist @@ -128,7 +128,7 @@ Run the following checks for your migrated Netwrix Auditor instance: - Run a search with blank parameters (an open search). - Run a report on a data source you are auditing. - Confirm your monitoring plans have carried over. -- Apply the Auditor license. Refer to the following article for additional information:[How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md) +- Apply the Auditor license. Refer to the following article for additional information:[How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license) > **IMPORTANT:** The SSL certificate previously used for Integration API will be missing from the certificate store in your new Netwrix Auditor server. Generate a new SSL certificate for Netwrix Auditor Integration API − refer to the following article for additional information: [Integration API](https://docs.netwrix.com/docs/auditor/10_8/api/overview) @@ -138,12 +138,12 @@ Monitor the system over the next few days to confirm the migration has been comp - [Software Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/software) - [Hardware Requirements](https://docs.netwrix.com/docs/auditor/10_8/requirements/console) -- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) -- [How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance.md) -- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +- [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) +- [How to Migrate Netwrix Auditor Databases to Another SQL Server Instance](/docs/kb/auditor/how-to-migrate-netwrix-auditor-databases-to-another-sql-server-instance) +- [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) - [Requirements for SQL Server to Store Audit Data](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserver) [Integration API](https://docs.netwrix.com/docs/auditor/10_8/api/overview) -- [Specified Logon Session Does Not Exist Error in Netwrix Auditor](/docs/kb/auditor/specified-logon-session-does-not-exist-error-in-netwrix-auditor.md) -- [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license.md) -- [Migrate PEN to a Different Server](/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server.md) -- [How to Migrate Netwrix Inactive Users Tracker to Other Servers](/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers.md) +- [Specified Logon Session Does Not Exist Error in Netwrix Auditor](/docs/kb/auditor/specified-logon-session-does-not-exist-error-in-netwrix-auditor) +- [How to Apply Netwrix Auditor License](/docs/kb/auditor/how-to-apply-netwrix-auditor-license) +- [Migrate PEN to a Different Server](/docs/kb/auditor/migrate-netwrix-password-expiration-notifier-to-a-different-server) +- [How to Migrate Netwrix Inactive Users Tracker to Other Servers](/docs/kb/auditor/how-to-migrate-netwrix-inactive-users-tracker-to-other-servers) diff --git a/docs/kb/auditor/netwrix-auditor-configuration-server-service-fails-to-start-too-many-methods-to-fire-events-from.md b/docs/kb/auditor/netwrix-auditor-configuration-server-service-fails-to-start-too-many-methods-to-fire-events-from.md index ec14190603..1af621e19d 100644 --- a/docs/kb/auditor/netwrix-auditor-configuration-server-service-fails-to-start-too-many-methods-to-fire-events-from.md +++ b/docs/kb/auditor/netwrix-auditor-configuration-server-service-fails-to-start-too-many-methods-to-fire-events-from.md @@ -32,11 +32,11 @@ Windows could not start the Netwrix Auditor Configuration Server Service service Error 0x80040209: An interface has too many methods to fire events from. ``` -![Screenshot 1](images/ka04u00000117L8_0EM4u000008LCum.png) +![Screenshot 1](./images/ka04u00000117L8_0EM4u000008LCum.png) Other services are running as expected. -![Screenshot 2](images/ka04u00000117L8_0EM4u000008LCuw.png) +![Screenshot 2](./images/ka04u00000117L8_0EM4u000008LCuw.png) - The following error is prompted in the main Netwrix Auditor screen: @@ -45,7 +45,7 @@ Connection failed Access is denied ``` -![Screenshot 3](images/ka04u00000117L8_0EM4u000008M2Tz.png) +![Screenshot 3](./images/ka04u00000117L8_0EM4u000008M2Tz.png) Upon checking Services running, Netwrix Auditor Configuration Server Service appears to have stopped. When attempting to restart the service, the same error is prompted. @@ -64,7 +64,7 @@ Refer to the following steps to troubleshoot the issue: 1. Back up the ConfigServer folder located in ` %Working Folder%\AuditCore\ConfigServer`. 2. Delete all files in the original ConfigServer folder except for the StorageBackups folder and the Configuration.xml file. -![ConfigServer folder contents](images/ka04u00000117L8_0EM4u000008LCv1.png) +![ConfigServer folder contents](./images/ka04u00000117L8_0EM4u000008LCv1.png) 3. Restart Netwrix Auditor Configuration Server Service. 4. Make sure the following services are running (including all the monitoring plan-related services): @@ -77,11 +77,11 @@ In case the aforementioned steps did not help, refer to the following steps to t 1. Back up the ConfigServer folder located in ` %Working Folder%\AuditCore\ConfigServer`. 2. Delete all files in the original ConfigServer folder except for the StorageBackups folder. It is located in ` %Working Folder%\AuditCore\ConfigServer`. -![ConfigServer StorageBackups folder](images/ka04u00000117L8_0EM4u000008LCvL.png) +![ConfigServer StorageBackups folder](./images/ka04u00000117L8_0EM4u000008LCvL.png) 3. Copy the Configuration.xml file from the latest **BACKUP_%DATE%**\%GUID% folder. -![Backup folder selection](images/ka04u00000117L8_0EM4u000008LCvk.png) +![Backup folder selection](./images/ka04u00000117L8_0EM4u000008LCvk.png) 4. Paste the copied Configuration.xml file to ` %Working Folder%\AuditCore\ConfigServer`. 5. Restart Netwrix Auditor Configuration Server Service. @@ -92,6 +92,7 @@ In case the aforementioned steps did not help, refer to the following steps to t > **NOTE:** If these steps did not help, try using the Configuration.xml file from the second to the last **BACKUP_%DATE%**\%GUID% folder. Paste the file to ` %Working Folder%\AuditCore\ConfigServer` and restart Netwrix Auditor services. -![Configuration restored](images/ka04u00000117L8_0EM4u000008LCwE.png) +![Configuration restored](./images/ka04u00000117L8_0EM4u000008LCwE.png) > **NOTE:** If the issue reoccurs after some time, contact [Netwrix Technical Support](https://www.netwrix.com/open_a_ticket.html). + diff --git a/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md b/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md index cc94f8e9c7..edeebacf8c 100644 --- a/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md +++ b/docs/kb/auditor/netwrix-auditor-consumes-disk-space-recommendations.md @@ -42,18 +42,18 @@ The following recommendations will allow you to reduce disk space consumption: Follow these Knowledge Base articles for additional information: - - [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location.md) - - [How to Prevent Long-Term Archive Overflow](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow.md) + - [How to Move Long-Term Archive to a New Location](/docs/kb/auditor/how-to-move-long-term-archive-to-a-new-location) + - [How to Prevent Long-Term Archive Overflow](/docs/kb/auditor/how-to-prevent-long-term-archive-overflow) 3. Migrate Working Folder to a new location. The size of your Working Folder may grow significantly (normally, up to `10 – 20GB`) depending on the workload, especially during activity peaks. If your system drive capacity is limited, you might want to keep the temporary files and trace logs on another drive, i.e. change the Working Folder default location. - For additional information on how to move the Working Folder, refer to the following article: [How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location.md). + For additional information on how to move the Working Folder, refer to the following article: [How to Migrate Netwrix Auditor Working Folder to a New Location](/docs/kb/auditor/how-to-migrate-netwrix-auditor-working-folder-to-a-new-location). 4. Remove the **Netwrix Backup** folder. Netwrix strongly recommends keeping the backups for supported product versions. - For additional information about the Backup folder, refer to the following article: [Backups Folder in Netwrix Auditor](/docs/kb/auditor/backups-folder-in-netwrix-auditor.md). + For additional information about the Backup folder, refer to the following article: [Backups Folder in Netwrix Auditor](/docs/kb/auditor/backups-folder-in-netwrix-auditor). 5. Additional space might be consumed by the **Local DB** in the **ShortTerm** folder; this can occur when the SQL communication is not working properly or the DB files getting corrupted. Follow the resolution steps in the article: [Netwrix Auditor System Health Log Contains EventID 2002](https://docs.netwrix.com/docs/kb/auditor/netwrix-auditor-health-log-contains-eventid-2002). @@ -73,7 +73,7 @@ The following recommendations will allow you to reduce disk space consumption: ## Related Articles -- [Error: Netwrix Auditor for File Servers Audit Service Terminated Unexpectedly](/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly.md) -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) -- [How to Add Additional Space to Long-Term Archive](/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive.md) +- [Error: Netwrix Auditor for File Servers Audit Service Terminated Unexpectedly](/docs/kb/auditor/error-netwrix-auditor-for-file-servers-audit-service-terminated-unexpectedly) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) +- [How to Add Additional Space to Long-Term Archive](/docs/kb/auditor/how-to-add-additional-space-to-long-term-archive) - [Netwrix Auditor System Health Log Contains EventID 2002](https://docs.netwrix.com/docs/kb/auditor/netwrix-auditor-health-log-contains-eventid-2002) diff --git a/docs/kb/auditor/netwrix-auditor-event-log-manager-shows-smtp-authentication-errors-while-configuring-a-monitoring-pl.md b/docs/kb/auditor/netwrix-auditor-event-log-manager-shows-smtp-authentication-errors-while-configuring-a-monitoring-pl.md index 8efc6ea37e..7081906138 100644 --- a/docs/kb/auditor/netwrix-auditor-event-log-manager-shows-smtp-authentication-errors-while-configuring-a-monitoring-pl.md +++ b/docs/kb/auditor/netwrix-auditor-event-log-manager-shows-smtp-authentication-errors-while-configuring-a-monitoring-pl.md @@ -26,7 +26,7 @@ knowledge_article_id: kA04u00000110xFCAQ ## Symptom 1. Netwrix Auditor Event Log Manager does not collect logs and shows the following error while trying to 'verify' if the messages were being sent in the Event Log Manager monitoring plan. - ![User-added image](images/ka04u00000116xf_0EM4u000008Ljuv.png) + ![User-added image](./images/ka04u00000116xf_0EM4u000008Ljuv.png) 2. When providing credentials for the Netwrix Auditor Event Log Manager monitoring plan, the following dialog appears: @@ -59,3 +59,4 @@ Follow the steps below to resolve the issue: - `HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\DefaultSecureProtocols = (DWORD): 0xAA0` 5. Restart both: Netwrix Auditor and the target server(s). + diff --git a/docs/kb/auditor/netwrix-auditor-licensing-faqs.md b/docs/kb/auditor/netwrix-auditor-licensing-faqs.md index 536af1ffee..2b3823d4f2 100644 --- a/docs/kb/auditor/netwrix-auditor-licensing-faqs.md +++ b/docs/kb/auditor/netwrix-auditor-licensing-faqs.md @@ -59,7 +59,7 @@ Per server | | Netwrix Auditor for MS Teams | Per enabled Microsoft Entra ID user | ## How Can I Count Enabled AD Users? -To count the number of licenses, you should provide the number of `enabled AD user accounts`, that is, calculate the number of your Active Directory user accounts in the Enabled state. Follow the instructions provided in this Netwrix Auditor Knowledge Base article: [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts.md). Then round up the calculation result to reserve some space for growth and to prevent scalability issues. For example: +To count the number of licenses, you should provide the number of `enabled AD user accounts`, that is, calculate the number of your Active Directory user accounts in the Enabled state. Follow the instructions provided in this Netwrix Auditor Knowledge Base article: [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts). Then round up the calculation result to reserve some space for growth and to prevent scalability issues. For example: - If the calculation script returns 214, round up this value to 220 when applying for the license. - If the calculation script returns 1841, round up this value to 2000 when applying for the license. @@ -67,10 +67,10 @@ To count the number of licenses, you should provide the number of `enabled AD us > **IMPORTANT:** > - Service accounts are also counted. The accounts under which the services run in your infrastructure are included in the license count and, eventually, in the cost of a license. > - Deleted, disabled, group, or computer accounts are not included in the license count. -> - You can use either `Omitallowedpathlist` omit list to reduce user count by omitting certain OUs from being audited or specify omitted OUs in the Netwrix Auditor UI. You will not gain any information from these OUs; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md). For additional information on omit lists, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md). +> - You can use either `Omitallowedpathlist` omit list to reduce user count by omitting certain OUs from being audited or specify omitted OUs in the Netwrix Auditor UI. You will not gain any information from these OUs; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts). For additional information on omit lists, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists). ## What Should I Provide for Netwrix Auditor for Network Devices Licensing? -You should provide the number of `source IP addresses` of your network devices. This count is used to estimate the number of licenses required to audit the Network Devices data source. To learn more, read the How to Count the Number of Your Network Devices in Your Configuration article: [How to count the number of your network devices in your configuration?](/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md). +You should provide the number of `source IP addresses` of your network devices. This count is used to estimate the number of licenses required to audit the Network Devices data source. To learn more, read the How to Count the Number of Your Network Devices in Your Configuration article: [How to count the number of your network devices in your configuration?](/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration). > **IMPORTANT:** You should count all physical devices regardless of your forwarding configuration. ## What Should I Provide for Netwrix Auditor for Oracle Database Licensing? @@ -89,7 +89,7 @@ For per-server licensing, count and provide the total number of the servers (phy ## What Should I Provide for Netwrix Auditor for Microsoft Entra ID Licensing? You should provide the number of `enabled Microsoft Entra ID user accounts`. Starting from version 9.96, guest/external users are not included in the license count. Follow the instructions outlined in the How to Determine the Count of Enabled Microsoft Entra ID Accounts article: /docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts. -You can use `omitUPNlist.txt` omit list to reduce user count by omitting certain user UPNs from being audited. You will not gain any information on these users; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md). For additional information on omit lists, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md). +You can use `omitUPNlist.txt` omit list to reduce user count by omitting certain user UPNs from being audited. You will not gain any information on these users; however, the amount of licenses will be reduced. For additional information on reducing the user count via Netwrix Auditor UI, refer to the following article: [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts). For additional information on omit lists, refer to the following article: [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists). ## What Should I Provide for Netwrix Auditor for Exchange Licensing? For the Exchange data source, Netwrix Auditor offers a convenient hybrid pricing model specifically designed for prospects with a hybrid Exchange (on-premises Exchange Server and Exchange Online) deployment. You can also have an on-premises-only or a cloud-only Exchange environment. @@ -97,7 +97,7 @@ To get a hybrid Exchange license, you need to provide the `total number of user For example, if you have 200 online mailboxes and 300 on-premises Exchange mailboxes, you need to purchase a license for 500 mailboxes. -To calculate the number of user mailboxes used in your Microsoft Office 365 tenants, refer to the guidelines presented in the article titled How to Count Number of Licenses Required for Auditing a Microsoft Office 365 Tenant: [How to count number of licenses required for auditing a Microsoft Office 365 tenant?](/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md). +To calculate the number of user mailboxes used in your Microsoft Office 365 tenants, refer to the guidelines presented in the article titled How to Count Number of Licenses Required for Auditing a Microsoft Office 365 Tenant: [How to count number of licenses required for auditing a Microsoft Office 365 tenant?](/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant). > **IMPORTANT:** A **user mailbox** can be a personal mailbox, an Online Archive mailbox, or both. Shared and resource mailboxes do not count. For example, if an Exchange Online user has one personal mailbox and one Online Archive mailbox, this user will be counted as a single licensed object. If a user has no Online Archive mailbox but three personal mailboxes, this will be counted as three licensed objects. @@ -126,7 +126,7 @@ To request more licensing information, please contact licensing@netwrix.com. You can use the **Licenses** window to review the status of your current licenses, update them, and add new licenses. On the Netwrix Auditor main screen, click the **Settings** tile and then select **Licenses**. The window will look as shown below. -![Licenses window in Auditor UI showing license status and counts](images/ka0Qk000000DbzR_0EM4u000002PbUM.png) +![Licenses window in Auditor UI showing license status and counts](./images/ka0Qk000000DbzR_0EM4u000002PbUM.png) Here: @@ -139,11 +139,12 @@ Here: You may choose to no longer audit a data source, and thus not renew the license for the corresponding application. Unused licenses do not need to be removed from Netwrix Auditor, with the exception of one special case. This case is upgrading a Netwrix Auditor installation that has some expired licenses. Most recent (9.95 and up) versions of Netwrix Auditor allow you to remove a license directly from the user interface. If you have an older version of Netwrix Auditor and need to remove an expired license as it blocks your upgrade, contact Netwrix Technical Support. ## Related Articles -- [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts.md) -- [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md) -- [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists.md) -- [How to count the number of your network devices in your configuration?](/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration.md) +- [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts) +- [Reducing the Used Active Directory and Entra ID License Counts](/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts) +- [How to Use Omit Lists](/docs/kb/auditor/how-to-use-omit-lists) +- [How to count the number of your network devices in your configuration?](/docs/kb/auditor/how-to-count-the-number-of-your-network-devices-in-your-configuration) - [Oracle Processor Core Factor Table](http://www.oracle.com/us/corporate/contracts/processor-core-factor-table-070634.pdf) - [How to Count Number of CPU Cores on Your Oracle Database Deployment](https://docs.netwrix.com/docs/kb/auditor/how-to-count-number-of-cpu-cores-on-your-oracle-database-deployment) - [How to Determine the Count of Enabled Microsoft Entra ID Accounts](https://docs.netwrix.com/docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts#instructions) -- [How to count number of licenses required for auditing a Microsoft Office 365 tenant?](/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant.md) +- [How to count number of licenses required for auditing a Microsoft Office 365 tenant?](/docs/kb/auditor/how-to-count-number-of-licenses-required-for-auditing-a-microsoft-office-365-tenant) + diff --git a/docs/kb/auditor/netwrix-auditor-stops-working-after-upgrading-host-server-windows.md b/docs/kb/auditor/netwrix-auditor-stops-working-after-upgrading-host-server-windows.md index 48604783d7..142c5ac083 100644 --- a/docs/kb/auditor/netwrix-auditor-stops-working-after-upgrading-host-server-windows.md +++ b/docs/kb/auditor/netwrix-auditor-stops-working-after-upgrading-host-server-windows.md @@ -29,7 +29,7 @@ knowledge_article_id: kA04u000000PoKECA0 - Netwrix Auditor stops working after the Windows version on the Netwrix host server was upgraded. - Monitoring plans are disabled. - License status for a product states **Unavailable**. - ![1.png](images/ka04u00000116G7_0EM4u000007ceka.png) + ![1.png](./images/ka04u00000116G7_0EM4u000007ceka.png) ## Cause @@ -42,10 +42,11 @@ Windows Setup suite overwrites license-related settings of Netwrix Auditor durin Re-apply your license: 1. In the main Netwrix Auditor screen, go to **Settings** > **Licenses** and click **Update**. - ![2.png](images/ka04u00000116G7_0EM4u000007cekk.png) + ![2.png](./images/ka04u00000116G7_0EM4u000007cekk.png) 2. Navigate to your `.lic` file and select the file. 3. Click **Open**. ### For Netwrix Auditor Free Community Edition Reinstall your Netwrix Auditor instance. For additional information on the Auditor uninstallation process, refer to the following article: https://docs.netwrix.com/docs/auditor/10_8 + diff --git a/docs/kb/auditor/netwrix-auditor-upgrade-process-taking-too-long.md b/docs/kb/auditor/netwrix-auditor-upgrade-process-taking-too-long.md index aa6401eac5..a402241821 100644 --- a/docs/kb/auditor/netwrix-auditor-upgrade-process-taking-too-long.md +++ b/docs/kb/auditor/netwrix-auditor-upgrade-process-taking-too-long.md @@ -33,7 +33,7 @@ Depending on the version you're upgrading from and to, there could be major chan Refer to the following steps in case your upgrade process takes over 20 hours to complete: -- Add corresponding exclusions to the monitoring scope of your antivirus suite — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +- Add corresponding exclusions to the monitoring scope of your antivirus suite — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). - Clear the temporary folder: diff --git a/docs/kb/auditor/netwrix_auditor_data_collection_service_crashes_after_upgrade_to_v10.7.13707.md b/docs/kb/auditor/netwrix_auditor_data_collection_service_crashes_after_upgrade_to_v10.7.13707.md index fb7aadc7d1..b6b49a0d57 100644 --- a/docs/kb/auditor/netwrix_auditor_data_collection_service_crashes_after_upgrade_to_v10.7.13707.md +++ b/docs/kb/auditor/netwrix_auditor_data_collection_service_crashes_after_upgrade_to_v10.7.13707.md @@ -41,4 +41,4 @@ Upgrade your Auditor instance to v10.7.13710 or later. Download the executable i ## Related Articles - [My Products · Netwrix](https://www.netwrix.com/my_products.html) -- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md) \ No newline at end of file +- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor) \ No newline at end of file diff --git a/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md b/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md index f35dcbe2e5..c8d60368b6 100644 --- a/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md +++ b/docs/kb/auditor/no-monitoring-plans-found-in-netwrix-auditor.md @@ -30,7 +30,7 @@ When attempting to view a report, the **Monitoring Plan** dropdown list reads as NO MONITORING PLANS FOUND ``` -![Monitoring Plan dropdown showing NO MONITORING PLANS FOUND](images/ka04u00000117TM_0EM4u000008M6Wx.png) +![Monitoring Plan dropdown showing NO MONITORING PLANS FOUND](./images/ka04u00000117TM_0EM4u000008M6Wx.png) ## Causes @@ -95,8 +95,9 @@ NO MONITORING PLANS FOUND > > - The account specified in **Audit database settings** for Report Server should have local admin permissions, as well as permissions to create folders, and upload folders. > - Any folder/report access permissions set up in Report Manager directly instead of monitoring plans delegation will have to be reconfigured. Alternatively, you can delete a particular affected report instead of deleting the entire **Netwrix Auditor** reports folder. -> - In case you've previously added a custom report, you will have to manually set it up again. This could apply to the report provided in the following article: [How to Monitor Print Service Activity](/docs/kb/auditor/how-to-monitor-print-service-activity.md). +> - In case you've previously added a custom report, you will have to manually set it up again. This could apply to the report provided in the following article: [How to Monitor Print Service Activity](/docs/kb/auditor/how-to-monitor-print-service-activity). ## Related articles - [Monitoring Plans](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/overview) + diff --git a/docs/kb/auditor/not-all-changes-are-included-in-reports-for-database-content-audit.md b/docs/kb/auditor/not-all-changes-are-included-in-reports-for-database-content-audit.md index 78ae0265ef..4abe7ffb3e 100644 --- a/docs/kb/auditor/not-all-changes-are-included-in-reports-for-database-content-audit.md +++ b/docs/kb/auditor/not-all-changes-are-included-in-reports-for-database-content-audit.md @@ -29,4 +29,5 @@ When you perform bulk inserts, not all modified rows are reported. How do you ch In the **SQL Server data source settings** there is a value that defines the number of data changes per SQL transaction to be included in a report. By default it is set to `10`. -![sql_transactions_9](images/ka04u00000116R6_0EM0g000000hUdK.png) +![sql_transactions_9](./images/ka04u00000116R6_0EM0g000000hUdK.png) + diff --git a/docs/kb/auditor/notifications-are-not-sent-to-distribution-groups.md b/docs/kb/auditor/notifications-are-not-sent-to-distribution-groups.md index 9d89489252..f4a62999b0 100644 --- a/docs/kb/auditor/notifications-are-not-sent-to-distribution-groups.md +++ b/docs/kb/auditor/notifications-are-not-sent-to-distribution-groups.md @@ -39,7 +39,7 @@ There are two solutions: 1. Configure SMTP authentication in the settings of the **Netwrix Auditor** management console - ![SMTP authentication settings in Netwrix Auditor](images/ka04u000000HcSG_0EM700000005pJq.png) + ![SMTP authentication settings in Netwrix Auditor](./images/ka04u000000HcSG_0EM700000005pJq.png) 2. Disable the "require authentication" option in distribution group options as follows @@ -47,16 +47,16 @@ There are two solutions: 2. Navigate to **MS Exchange - Recipient configuration - Distribution groups** 3. Select the required distribution group and open its **Properties** - ![User-added image](images/ka04u000000HcSG_0EM7000000054Pc.png) + ![User-added image](./images/ka04u000000HcSG_0EM7000000054Pc.png) 4. Go to **Mail Flow Setting** tab 5. Select **Message Delivery Restrictions** from the list and open its **Properties** - ![User-added image](images/ka04u000000HcSG_0EM7000000054Ph.png) + ![User-added image](./images/ka04u000000HcSG_0EM7000000054Ph.png) 6. Uncheck **Require that all senders are authenticated** and click **OK** - ![User-added image](images/ka04u000000HcSG_0EM7000000054Pm.png) + ![User-added image](./images/ka04u000000HcSG_0EM7000000054Pm.png) Alternatively, you can run the following command via Exchange Management Shell: @@ -65,3 +65,4 @@ There are two solutions: ``` where ` %group% ` is like `dynamic.group@example.com` + diff --git a/docs/kb/auditor/nwx-executables-removed-and-readded-to-domain-controllers.md b/docs/kb/auditor/nwx-executables-removed-and-readded-to-domain-controllers.md index 11f370c6ab..166953875b 100644 --- a/docs/kb/auditor/nwx-executables-removed-and-readded-to-domain-controllers.md +++ b/docs/kb/auditor/nwx-executables-removed-and-readded-to-domain-controllers.md @@ -30,6 +30,6 @@ The same Netwrix Auditor-related executable files are being regularly removed an ## Answer -Yes, this behavior is to be expected — these executable files represent the network traffic compression service running on domain controllers. The use of the up-to-date version of compression service executables is ensured when copying these files on every data collection. The compression service collects and pre-filters data to send it to your Netwrix Auditor server in a highly compressed format. For additional information on network traffic compression service, refer to the following article: [How the Network Traffic Compression Service Works](/docs/kb/auditor/how-the-network-traffic-compression-service-works.md). +Yes, this behavior is to be expected — these executable files represent the network traffic compression service running on domain controllers. The use of the up-to-date version of compression service executables is ensured when copying these files on every data collection. The compression service collects and pre-filters data to send it to your Netwrix Auditor server in a highly compressed format. For additional information on network traffic compression service, refer to the following article: [How the Network Traffic Compression Service Works](/docs/kb/auditor/how-the-network-traffic-compression-service-works). > **IMPORTANT:** While not recommended, you can disable the compression service. Refer to the following article for additional information on monitoring plan setup: Monitoring Plans — Create a New Plan. diff --git a/docs/kb/auditor/object-type-and-what-changed-columns-are-empty.md b/docs/kb/auditor/object-type-and-what-changed-columns-are-empty.md index f7c79b354f..f68c515ddc 100644 --- a/docs/kb/auditor/object-type-and-what-changed-columns-are-empty.md +++ b/docs/kb/auditor/object-type-and-what-changed-columns-are-empty.md @@ -22,7 +22,7 @@ knowledge_article_id: kA00g000000H9ZpCAK # Object type" and "What Changed" columns are empty -![User-added](images/servlet_image_3823966b1661.png) +![User-added](./images/servlet_image_3823966b1661.png) --- @@ -31,3 +31,4 @@ This is a typical report from a target server with a disabled/unavailable Remote --- Check if Remote Registry service is running on the target server and is accessible from Netwrix host machine. + diff --git a/docs/kb/auditor/parallel-redo-events-in-sql-server-event-log.md b/docs/kb/auditor/parallel-redo-events-in-sql-server-event-log.md index 97c79144b3..d9477838a7 100644 --- a/docs/kb/auditor/parallel-redo-events-in-sql-server-event-log.md +++ b/docs/kb/auditor/parallel-redo-events-in-sql-server-event-log.md @@ -60,7 +60,7 @@ Disable the AUTO_CLOSE option for the affected database: 3. Right-click the affected database and select **Properties**. 4. In the left pane, select the **Options** tab, locate the **Auto Close** option under the **Automatic** section, and select the **False** option from the drop-down list. -![Auto Close option screenshot](images/ka04u00000118GJ_0EM4u000008MgWU.png) +![Auto Close option screenshot](./images/ka04u00000118GJ_0EM4u000008MgWU.png) 5. Click **OK** to save changes. @@ -68,3 +68,4 @@ Disable the AUTO_CLOSE option for the affected database: - Set the AUTO_CLOSE Database Option to OFF ⸱ Microsoft 🤝 https://learn.microsoft.com/en-us/sql/relational-databases/policy-based-management/set-the-auto-close-database-option-to-off?view=sql-server-ver16#for-more-information + diff --git a/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md b/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md index 8a2588edee..6f0388be87 100644 --- a/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md +++ b/docs/kb/auditor/password-expiration-notifier-email-header-and-footer-reset-after-upgrade.md @@ -26,7 +26,7 @@ knowledge_article_id: kA04u000001116CCAQ ## Symptoms -- The Netwrix Password Expiration Notifier (PEN) email header and footer were reset after the recent upgrade. [Hide and Disable Header and Footer in PEN Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md). +- The Netwrix Password Expiration Notifier (PEN) email header and footer were reset after the recent upgrade. [Hide and Disable Header and Footer in PEN Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails). - The **HideEmailAdditionalInfo** key in `HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\Password Expiration Notifier` is still present. ## Resolution @@ -42,4 +42,4 @@ knowledge_article_id: kA04u000001116CCAQ ## Related articles -- [Hide and Disable Header and Footer in PEN Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails.md) +- [Hide and Disable Header and Footer in PEN Emails](/docs/kb/auditor/hide-and-disable-header-and-footer-in-password-expiration-notifier-emails) diff --git a/docs/kb/auditor/password-expiration-notifier-stopped-showing-results.md b/docs/kb/auditor/password-expiration-notifier-stopped-showing-results.md index 032bfc1167..b79b651572 100644 --- a/docs/kb/auditor/password-expiration-notifier-stopped-showing-results.md +++ b/docs/kb/auditor/password-expiration-notifier-stopped-showing-results.md @@ -30,4 +30,5 @@ A possible cause is blank lines accidentally added at the beginning, in the midd 2. Remove any blank lines at the beginning, middle, or end of the file. 3. Save the file. -![image.png](images/ka04u000000HdDR_0EM4u0000084XpS.png) +![image.png](./images/ka04u000000HdDR_0EM4u0000084XpS.png) + diff --git a/docs/kb/auditor/permission-denied-error-code-2146828218.md b/docs/kb/auditor/permission-denied-error-code-2146828218.md index 829f255949..ba5cf90bef 100644 --- a/docs/kb/auditor/permission-denied-error-code-2146828218.md +++ b/docs/kb/auditor/permission-denied-error-code-2146828218.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9cCCAS When trying to access the Help-Desk portal, a non-admin user gets a "You do not have a Helpdesk operator permissions" message or "Permission denied" error (error code -2146828218) -![User-added image](images/ka04u000000HcUx_0EM700000004wyo.png) +![User-added image](./images/ka04u000000HcUx_0EM700000004wyo.png) --- @@ -44,7 +44,7 @@ To grant a user access to the Help-Desk portal, add this user to the Help Desk O 2. In the **Help-Desk Operators** section, click the **Modify** button. 3. In the dialog that opens, click the **Add** button and specify user(s) that you want to add to this role. -![User-added image](images/ka04u000000HcUx_0EM700000004wyy.png) +![User-added image](./images/ka04u000000HcUx_0EM700000004wyy.png) If the issue persists, check that Authentication options are configured properly in IIS: @@ -52,4 +52,5 @@ If the issue persists, check that Authentication options are configured properly 5. Select this folder by left-clicking on it and look for the **Authentication** feature under the IIS block in the central pane. Double-click on it. 6. Make sure that `"Anonymous Authentication"` is disabled. -![User-added image](images/ka04u000000HcUx_0EM700000004wyt.png) +![User-added image](./images/ka04u000000HcUx_0EM700000004wyt.png) + diff --git a/docs/kb/auditor/permission_manifests_for_auditing_office_365_and_microsoft_entra_id_(auditor_v10.0_and_older).md b/docs/kb/auditor/permission_manifests_for_auditing_office_365_and_microsoft_entra_id_(auditor_v10.0_and_older).md index 444069ed64..a7a0415060 100644 --- a/docs/kb/auditor/permission_manifests_for_auditing_office_365_and_microsoft_entra_id_(auditor_v10.0_and_older).md +++ b/docs/kb/auditor/permission_manifests_for_auditing_office_365_and_microsoft_entra_id_(auditor_v10.0_and_older).md @@ -193,4 +193,6 @@ You can use the following screenshots for permissions reference: - [Microsoft 365 — Permissions for Exchange Online Auditing ⸱ v10.6](https://docs.netwrix.com/docs/auditor/10_8/configuration/microsoft365/exchangeonline/permissions) - [Microsoft 365 — Permissions for SharePoint Online Auditing ⸱ v10.6](https://docs.netwrix.com/docs/auditor/10_8/configuration/microsoft365/sharepointonline/permissions) - [Microsoft 365 — Permissions for Teams Auditing ⸱ v10.6](https://docs.netwrix.com/docs/auditor/10_8/configuration/microsoft365/teams/permissions) -- [Microsoft Entra Admin Center ⸱ Microsoft 🡥](https://entra.microsoft.com) \ No newline at end of file +- [Microsoft Entra Admin Center ⸱ Microsoft 🡥](https://entra.microsoft.com) + + diff --git a/docs/kb/auditor/reading-log-status.md b/docs/kb/auditor/reading-log-status.md index 00f77f8f03..a7d303e40b 100644 --- a/docs/kb/auditor/reading-log-status.md +++ b/docs/kb/auditor/reading-log-status.md @@ -26,7 +26,7 @@ knowledge_article_id: kA00g000000H9TZCA0 In NetWrix Account Lockout Examiner Console, a domain controller has a yellow exclamation mark in front of the **DC Name** column of the **Monitored Domain Controllers** grid. Connection status is shown **Reading log**. Lockout events from this domain controller cannot be read by the program as well. -![User-added image](images/ka04u000000HcNK_0EM700000004x01.png) +![User-added image](./images/ka04u000000HcNK_0EM700000004x01.png) --- @@ -43,4 +43,5 @@ To fix the issue, do the following: 3. In the right pane, double-click `readLog`, specify `0` in the Value data field and click **OK**. 4. In NetWrix Account Lockout Examiner Console main menu bar, navigate to **File - Settings** and click **OK** to apply registry changes. -![User-added image](images/ka04u000000HcNK_0EM700000004wzw.png) +![User-added image](./images/ka04u000000HcNK_0EM700000004wzw.png) + diff --git a/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md b/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md index d55031d5f0..4fb1b28af0 100644 --- a/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md +++ b/docs/kb/auditor/reducing-the-used-active-directory-and-entra-id-license-counts.md @@ -22,7 +22,7 @@ knowledge_article_id: kA04u000000PoL7CAK # Reducing the Used Active Directory and Entra ID License Counts -> **IMPORTANT:** Netwrix Auditor is licensed per enabled Active Directory (AD) and Entra ID user object. For additional information on determining the number of enabled users, refer to the following articles: [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts.md) — [Determining the Number of Enabled Microsoft Entra ID Accounts](/docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts.md). Netwrix Auditor only collects data from objects that are not excluded (omitted), which means that any objects that are omitted will not be monitored. +> **IMPORTANT:** Netwrix Auditor is licensed per enabled Active Directory (AD) and Entra ID user object. For additional information on determining the number of enabled users, refer to the following articles: [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts) — [Determining the Number of Enabled Microsoft Entra ID Accounts](/docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts). Netwrix Auditor only collects data from objects that are not excluded (omitted), which means that any objects that are omitted will not be monitored. ## Question @@ -95,7 +95,7 @@ To exclude specific Entra ID users from the license count, populate the `omitUPN ## Related Links -- [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts.md) -- [Determining the Number of Enabled Microsoft Entra ID Accounts](/docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts.md) +- [Determining the Number of Enabled Active Directory User Accounts](/docs/kb/auditor/determining-the-number-of-enabled-active-directory-user-accounts) +- [Determining the Number of Enabled Microsoft Entra ID Accounts](/docs/kb/auditor/determining-the-number-of-enabled-microsoft-entra-id-accounts) - [Active Directory Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8) - [Microsoft Entra ID Monitoring Scope](https://docs.netwrix.com/docs/auditor/10_8) diff --git "a/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md" "b/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md" index 184bd3a0f6..2ce524ddaf 100644 --- "a/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md" +++ "b/docs/kb/auditor/remote_certificate_is_invalid_according_to_validation_procedure_\342\200\224_subscriptions_error_in_netwrix_aud.md" @@ -36,7 +36,7 @@ Error: The remote certificate is invalid according to the validation procedure. If enforced certificate validation is intended, refer to the following steps to troubleshoot the issue: - Ensure your SSL certificate is still valid. Netwrix Auditor stops generating reports once your certificate expires. In case you’re using a self-signed certificate in your environment, you can reboot your Netwrix Auditor server to reissue the certificate. -- If you would like to set up a secure connection between your Netwrix Auditor instance and SQL Server Reporting Services, refer to the following article for additional information: [Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md). +- If you would like to set up a secure connection between your Netwrix Auditor instance and SQL Server Reporting Services, refer to the following article for additional information: [Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel). - Make sure the FQDN of your SMTP server is stated instead of the IP address in **Netwrix Auditor settings** > **Notifications**. If certificate validation was not intended, refer to the following steps: @@ -47,4 +47,4 @@ If certificate validation was not intended, refer to the following steps: ### Related Articles -[Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md) \ No newline at end of file +[Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel) \ No newline at end of file diff --git a/docs/kb/auditor/reports-generation-takes-a-while-and-completes-with-errors.md b/docs/kb/auditor/reports-generation-takes-a-while-and-completes-with-errors.md index 531658cfe4..a8447164c5 100644 --- a/docs/kb/auditor/reports-generation-takes-a-while-and-completes-with-errors.md +++ b/docs/kb/auditor/reports-generation-takes-a-while-and-completes-with-errors.md @@ -51,7 +51,7 @@ To resolve the issue, do one of the following: - On your SQL Server host, restart the **SQL Server (Instance name)** windows service. -- Follow the recommendations to improve the overall Netwrix Auditor performance. Learn more in [Long Data Collection — Improving the Performance](/docs/kb/auditor/long-data-collection-improving-the-performance.md). +- Follow the recommendations to improve the overall Netwrix Auditor performance. Learn more in [Long Data Collection — Improving the Performance](/docs/kb/auditor/long-data-collection-improving-the-performance). - Disable the report generating timeout by following these steps: 1. Open the **ReportManager URL** and click the **Site Settings** link in the top-right corner. @@ -64,4 +64,4 @@ To resolve the issue, do one of the following: ### Related Articles -- [Long Data Collection — Improving the Performance](/docs/kb/auditor/long-data-collection-improving-the-performance.md) +- [Long Data Collection — Improving the Performance](/docs/kb/auditor/long-data-collection-improving-the-performance) diff --git a/docs/kb/auditor/request-is-not-supported-windows-server-auditing.md b/docs/kb/auditor/request-is-not-supported-windows-server-auditing.md index f98d94cf34..bc1ab5e0ec 100644 --- a/docs/kb/auditor/request-is-not-supported-windows-server-auditing.md +++ b/docs/kb/auditor/request-is-not-supported-windows-server-auditing.md @@ -51,7 +51,7 @@ The request is not supported. (Exception from HRESULT: 0x80070032) - Refer to the list of protocols and ports required for Netwrix Auditor for Windows Server: Protocols and Ports — Windows Server. - Refer to the list of inbound connection rules to be configured: Windows Servers — Windows Firewall Inbound Connection Rules. -- Review the recommended antivirus exclusions — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +- Review the recommended antivirus exclusions — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). - Review the gMSA configuration — refer to the following article for additional information: Data Collection Account — Group Managed Service Account (gMSA). diff --git a/docs/kb/auditor/rif-document-is-not-compatible-with-this-code-version.md b/docs/kb/auditor/rif-document-is-not-compatible-with-this-code-version.md index a6789f53c4..9f32351ef2 100644 --- a/docs/kb/auditor/rif-document-is-not-compatible-with-this-code-version.md +++ b/docs/kb/auditor/rif-document-is-not-compatible-with-this-code-version.md @@ -23,7 +23,7 @@ knowledge_article_id: kA00g000000H9Z2CAK You receive the following pop-up related to Reporting: -![User-added image](images/ka04u000000HcS3_0EM700000005HCR.png) +![User-added image](./images/ka04u000000HcS3_0EM700000005HCR.png) --- @@ -34,3 +34,4 @@ SQL Server Reporting Services is not up to date. This is a known issue in SQL Server 2012 Reporting Services. The fix was first introduced in CU2 for SQL Server 2012 SP1. You can get the CU2 for SQL Server 2012 SP1 or a later update from the following blog: http://blogs.msdn.com/b/sqlreleaseservices/ + diff --git a/docs/kb/auditor/service-did-not-respond-to-the-start-or-control-request-error-in-user-activity-service.md b/docs/kb/auditor/service-did-not-respond-to-the-start-or-control-request-error-in-user-activity-service.md index abdbef1549..7069d8f464 100644 --- a/docs/kb/auditor/service-did-not-respond-to-the-start-or-control-request-error-in-user-activity-service.md +++ b/docs/kb/auditor/service-did-not-respond-to-the-start-or-control-request-error-in-user-activity-service.md @@ -48,12 +48,12 @@ Refer to the following possible causes for the symptoms: Depending on the cause, implement the corresponding resolution to address the issue: -1. Exclude Netwrix Auditor-related folders from the monitoring scope of your antivirus solution. Refer to the following article to learn more about recommended antivirus exclusions: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +1. Exclude Netwrix Auditor-related folders from the monitoring scope of your antivirus solution. Refer to the following article to learn more about recommended antivirus exclusions: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). 2. Verify the open ports in both the target and Netwrix Auditor servers. Refer to the following article to learn more about the ports required for correct User Activity operation: Data Source Configuration − User Activity Ports · v10.6. 3. Verify that the .NET Framework v4.8 is installed on both the target and Netwrix Auditor servers. Refer to the following article to learn more about software requirements in Netwrix Auditor v10.6: Requirements − Software Requirements · v10.6. ## Related Articles -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) - Data Source Configuration − User Activity Ports · v10.6 - Requirements − Software Requirements · v10.6 diff --git a/docs/kb/auditor/set-up-direct-send-for-netwrix-auditor-and-netwrix-data-classification.md b/docs/kb/auditor/set-up-direct-send-for-netwrix-auditor-and-netwrix-data-classification.md index c25ad717be..e604813b4a 100644 --- a/docs/kb/auditor/set-up-direct-send-for-netwrix-auditor-and-netwrix-data-classification.md +++ b/docs/kb/auditor/set-up-direct-send-for-netwrix-auditor-and-netwrix-data-classification.md @@ -44,7 +44,7 @@ In the main Netwrix Auditor menu, click **Settings**. In the left pane, select t - Specify any email address for one of your Microsoft 365 or Office 365 accepted domains in the **Sender address** field. This email does not need to have a mailbox. - The use of SSL/TLS is optional. -![Netwrix Auditor SMTP settings](images/ka04u00000116zv_0EM4u000008Ll2v.png) +![Netwrix Auditor SMTP settings](./images/ka04u00000116zv_0EM4u000008Ll2v.png) > **NOTE:** When sending messages from a static IP, add the IP to your SPF record in your domain registrar's DNS settings to avoid having messages flagged as spam: > @@ -61,8 +61,9 @@ In the main Netwrix Data Classification screen, click **Settings**. In the left - Specify any email address for one of your Microsoft 365 or Office 365 accepted domains in the **Sender address** field. This email does not need to have a mailbox. - The use of SSL is optional. -![Netwrix Data Classification Email Server settings](images/ka04u00000116zv_0EM4u000008LlzE.png) +![Netwrix Data Classification Email Server settings](./images/ka04u00000116zv_0EM4u000008LlzE.png) > **NOTE:** Direct send does not support SMTP AUTH. You can enter any SMTP credentials to proceed. Learn more on direct send in [Send Email Using Microsoft 365 or Office 365 ⸱ Microsoft 🡥](https://learn.microsoft.com/en-us/Exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365?redirectSourcePath=%252fen-gb%252farticle%252fhow-to-set-up-a-multifunction-device-or-application-to-send-email-using-office-365-69f58e99-c550-4274-ad18-c805d654b4c4#option-2-send-mail-directly-from-your-printer-or-application-to-microsoft-365-or-office-365-direct-send). + diff --git a/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md b/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md index b3e0a8def4..ea0108a555 100644 --- a/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md +++ b/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md @@ -31,7 +31,7 @@ Netwrix Auditor uses SQL Server Reporting Services (SSRS) to generate reports. I 2. In the left pane, select **Web Service URL**. 3. In the **HTTPS Certificate** dropdown list, select the certificate you installed previously. Both **HTTPS Port** and **Report Server Web Services URL** fields will fill in automatically. - > **NOTE:** For additional information on installing and using self-signed and authority-issued certificates, refer to the following articles: [Use Certificate Authority-issued Certificates in SSRS](/docs/kb/auditor/use-certificate-authority-issued-certificates-in-ssrs.md), [Generate Self-signed SSL Certificate for SSRS](/docs/kb/auditor/generate-self-signed-ssl-certificate-for-ssrs.md). + > **NOTE:** For additional information on installing and using self-signed and authority-issued certificates, refer to the following articles: [Use Certificate Authority-issued Certificates in SSRS](/docs/kb/auditor/use-certificate-authority-issued-certificates-in-ssrs), [Generate Self-signed SSL Certificate for SSRS](/docs/kb/auditor/generate-self-signed-ssl-certificate-for-ssrs). 4. Click **Apply**. 5. Select the **Web Portal URL** tab in the left pane—the **Virtual Directory** field should fill in automatically. @@ -64,5 +64,5 @@ The traffic between Auditor and SSRS is now encrypted. It is recommended to upda ## Related Articles -- [Use Certificate Authority-issued Certificates in SSRS](/docs/kb/auditor/use-certificate-authority-issued-certificates-in-ssrs.md) -- [Generate Self-signed SSL Certificate for SSRS](/docs/kb/auditor/generate-self-signed-ssl-certificate-for-ssrs.md) \ No newline at end of file +- [Use Certificate Authority-issued Certificates in SSRS](/docs/kb/auditor/use-certificate-authority-issued-certificates-in-ssrs) +- [Generate Self-signed SSL Certificate for SSRS](/docs/kb/auditor/generate-self-signed-ssl-certificate-for-ssrs) \ No newline at end of file diff --git a/docs/kb/auditor/setting-up-account-lockout-alert.md b/docs/kb/auditor/setting-up-account-lockout-alert.md index 47aaf81020..3844f4696b 100644 --- a/docs/kb/auditor/setting-up-account-lockout-alert.md +++ b/docs/kb/auditor/setting-up-account-lockout-alert.md @@ -28,18 +28,19 @@ This article explains how to set up an account lockout alert in Netwrix Auditor ## Steps 1. Select **New Real-Time Alert** by clicking on **Real-Time Alert** and then right-clicking on **Real-Time Alert** - ![User-added image](images/ka04u000000HcRf_0EM70000000xMZN.png) + ![User-added image](./images/ka04u000000HcRf_0EM70000000xMZN.png) 2. Name the alert, then click **Next**. Click **Add** to add the alert filters needed. - ![User-added image](images/ka04u000000HcRf_0EM70000000xMZS.png) + ![User-added image](./images/ka04u000000HcRf_0EM70000000xMZS.png) 3. Here, if you would like to see lockouts for a specific OU, select the highlighted box. This can also be left as `*` for a wildcard to monitor all user account lockouts. - ![User-added image](images/ka04u000000HcRf_0EM70000000xMZc.png) + ![User-added image](./images/ka04u000000HcRf_0EM70000000xMZc.png) 4. Select the existing attribute filter that is added by default and select **Edit**. - ![User-added image](images/ka04u000000HcRf_0EM70000000xMZr.png) + ![User-added image](./images/ka04u000000HcRf_0EM70000000xMZr.png) 5. Place in the following attribute filters to see all account lockouts. - ![User-added image](images/ka04u000000HcRf_0EM70000000xMZw.png) + ![User-added image](./images/ka04u000000HcRf_0EM70000000xMZw.png) 6. Hit **OK** and follow the rest of the prompts for filling in the specified e-mail address the alert will go to. + diff --git a/docs/kb/auditor/sharepoint-application-deployment-for-ndc.md b/docs/kb/auditor/sharepoint-application-deployment-for-ndc.md index c65a250c89..070eb2d2f3 100644 --- a/docs/kb/auditor/sharepoint-application-deployment-for-ndc.md +++ b/docs/kb/auditor/sharepoint-application-deployment-for-ndc.md @@ -31,18 +31,21 @@ To enable the app you will need to add the app to the **App Catalog** then deplo 1. Navigate to the **App Catalog** → **Site Contents** and ensure you are using the classic experience. 2. Click **Add an app** and select `conceptClassifierApp`. -![User-added image](images/ka04u000000HcXd_0EM4u000002D96q.png) +![User-added image](./images/ka04u000000HcXd_0EM4u000002D96q.png) 3. Click **Trust It** to accept the app permissions and allow the app to be installed into the App Catalog. - ![User-added image](images/ka04u000000HcXd_0EM4u000002D975.png) + ![User-added image](./images/ka04u000000HcXd_0EM4u000002D975.png) 4. Once the app has been added to the App Catalog, configure the deployment by hovering over the app then clicking on the ellipsis in the top right corner of the app and clicking **Deployment**. - ![User-added image](images/ka04u000000HcXd_0EM4u000002D97U.png) + ![User-added image](./images/ka04u000000HcXd_0EM4u000002D97U.png) 5. Select how to deploy the app to a combination of specific Sire Collections, by pats, and by a template. Click **OK**. **Note:** The default order of the page is to show the newest app first, so you should see the app as one of the first options (if you do not you can search for “conceptClassifierApp”): 6. The app will then be scheduled for deployment to the chosen Site Collections. This can take a few minutes and on completion, `conceptClassifierApp` will appear in the Site Contents of these Site Collections. -![User-added image](images/ka04u000000HcXd_0EM4u000002D97j.png) +![User-added image](./images/ka04u000000HcXd_0EM4u000002D97j.png) 7. To complete the setup, navigate to the **Site Collection** → **Site Contents** and select `conceptClassifierApp`. This will complete the installation of the app on the Site Collection and allow you to configure the writing of classifications (if licensed). + + + diff --git a/docs/kb/auditor/sharepoint-application-installation-for-netwrix-data-classification.md b/docs/kb/auditor/sharepoint-application-installation-for-netwrix-data-classification.md index b5cb2cc1db..9b2967a7f7 100644 --- a/docs/kb/auditor/sharepoint-application-installation-for-netwrix-data-classification.md +++ b/docs/kb/auditor/sharepoint-application-installation-for-netwrix-data-classification.md @@ -32,22 +32,22 @@ The `conceptClassifierAppInstaller.exe` can be used to install or upgrade the `c Extract the files and run `conceptClassifierAppInstaller.exe`. -![User-added image](images/ka04u000000HcXh_0EM4u000002Qx7U.png) +![User-added image](./images/ka04u000000HcXh_0EM4u000002Qx7U.png) 1. Click *next* after reading the wizard introduction and recommendations. Read and confirm that you accept the EULA and click *next*. -![User-added image](images/ka04u000000HcXh_0EM4u000002Qx7Z.png) +![User-added image](./images/ka04u000000HcXh_0EM4u000002Qx7Z.png) Specify connection details for your organization's app catalog (you may have more than one of these if you are working across multiple web applications; if so, you will need to run the installer once per app catalog). -![User-added image](images/ka04u000000HcXh_0EM4u000002Qx7t.png) +![User-added image](./images/ka04u000000HcXh_0EM4u000002Qx7t.png) Enter the location of the conceptSearching server (which must be installed onto a secure server with a secure (HTTPS) endpoint): in the case of SharePoint Online, the certificate used must be externally verifiable (from a trusted source). Select the **Use SharePoint Online Login** checkbox if you want to use the new authentication method. -![User-added image](images/ka04u000000HcXh_0EM4u000002Qx8I.png) +![User-added image](./images/ka04u000000HcXh_0EM4u000002Qx8I.png) Please also note, the HTTPS binding in IIS should have the host header specified — in the case of the above example the host header would be `secure.conceptsearching.com`. To do this please follow these steps: @@ -122,3 +122,6 @@ Please complete the necessary fields. If you are an Office 365 customer you will ### If you would like to continue with the deployment of the SharePoint Application: [Follow this article](https://kb.netwrix.com/5505) + + + diff --git a/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md b/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md index c1e2e51260..76819839c5 100644 --- a/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md +++ b/docs/kb/auditor/some-accounts-were-not-moved-or-deleted-in-inactive-user-tracker-report.md @@ -28,16 +28,17 @@ Your report states some accounts were not moved or deleted. Why were they not af ## Answer -Since Inactive User Tracker (IUT) in Netwrix Auditor has the ability to make actual changes within your Active Directory, it has requirements to meet to introduce these changes. IUT requires all DCs to be operating, otherwise it cannot verify that a user is truly inactive. In case there are non-operable or decommissioned domain controllers in your network, you can omit them — refer to the following article for additional information: [How to Exclude Non-operable Domain Controllers from Monitoring in Netwrix Auditor](/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor.md). +Since Inactive User Tracker (IUT) in Netwrix Auditor has the ability to make actual changes within your Active Directory, it has requirements to meet to introduce these changes. IUT requires all DCs to be operating, otherwise it cannot verify that a user is truly inactive. In case there are non-operable or decommissioned domain controllers in your network, you can omit them — refer to the following article for additional information: [How to Exclude Non-operable Domain Controllers from Monitoring in Netwrix Auditor](/docs/kb/auditor/how-to-exclude-non-operable-domain-controllers-from-monitoring-in-netwrix-auditor). If you still encounter reports showing the `Cannot delete the account` status for accounts after omitting the inoperable DCs, refer to the following steps: - This error might appear if the targeted computer account is not an end object but a container for other objects. IUT won't be able to remove those accounts unless the **Delete account with all its subnodes** checkbox is checked. - ![Delete account with all its subnodes checkbox](images/ka04u000001179H_0EM4u000008Lt2y.png) + ![Delete account with all its subnodes checkbox](./images/ka04u000001179H_0EM4u000008Lt2y.png) > **IMPORTANT:** This will lead to the deletion of the entire container considered as inactive by IUT. - The data collection account used by IUT does not have sufficient rights and permissions. Refer to the following article for additional information on roles, rights, and permissions required for Inactive User Tracker data collection account: Monitoring Plans — Data Collecting Account. - The account has the **Protect object from accidental deletion** checkbox checked in **Properties** > **Object**. This is a Windows Active Directory feature to prevent the deletion and moving of flagged objects without admin intervention. IUT cannot override this feature; you must manually edit the flag. + diff --git a/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md b/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md index 3ce7a40e95..23187c92fa 100644 --- a/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md +++ b/docs/kb/auditor/specify-custom-sql-server-port-for-netwrix-auditor-audit-database.md @@ -35,4 +35,5 @@ How to specify a custom port for Netwrix Auditor to communicate with the SQL Ser SERVER-SQL\TEST-SQL,14337 ``` -![Specify custom SQL Server port image](images/ka04u00000117sv_0EM4u000008LXSz.png) +![Specify custom SQL Server port image](./images/ka04u00000117sv_0EM4u000008LXSz.png) + diff --git a/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md b/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md index 0a95b11eb2..86bd14b8c2 100644 --- a/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md +++ b/docs/kb/auditor/sql-server-express-database-size-reached-10gb.md @@ -68,10 +68,11 @@ While it is highly recommended to implement either a SQL Server Standard or Ente - Split items in multiple monitoring plans to decrease the amount of data written to a single database. -- Decrease the database retention period. Refer to the following article for additional information: [How to Reduce Audit Database Size for Netwrix Auditor](/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md) +- Decrease the database retention period. Refer to the following article for additional information: [How to Reduce Audit Database Size for Netwrix Auditor](/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor) ## Related Articles - [Investigations](https://docs.netwrix.com/docs/auditor/10_8/admin/settings/investigations) -- [How to Reduce Audit Database Size for Netwrix Auditor](/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor.md) -- [Could Not Allocate Space for Object (ObjectName) in Database (DatabaseName)](/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename.md) +- [How to Reduce Audit Database Size for Netwrix Auditor](/docs/kb/auditor/how-to-reduce-audit-database-size-for-netwrix-auditor) +- [Could Not Allocate Space for Object (ObjectName) in Database (DatabaseName)](/docs/kb/auditor/could-not-allocate-space-for-object-objectname-in-database-databasename) + diff --git a/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md b/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md index e2a6c519c4..9a5fefb87f 100644 --- a/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md +++ b/docs/kb/auditor/ssl-exception-failed-to-deliver-netwrix-auditor-health-summary-email.md @@ -36,4 +36,4 @@ Your TLS\SSL certificate has expired — Netwrix Auditor stops generating report ## Resolution -To establish whether your certificate has expired, check the Microsoft Management Console (MMC) Certificates Snap-in (your certificate store). For additional information on setting up the SSL\TLS channel communication, refer to the following article: [Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel.md) +To establish whether your certificate has expired, check the Microsoft Management Console (MMC) Certificates Snap-in (your certificate store). For additional information on setting up the SSL\TLS channel communication, refer to the following article: [Set Up Secure Connection Between Auditor and SSRS via SSL/TLS Channel](/docs/kb/auditor/set_up_secure_connection_between_auditor_and_ssrs_via_ssltls_channel) diff --git a/docs/kb/auditor/support-for-fine-grained-password-policies-in-netwrix-password-expiration-notifier.md b/docs/kb/auditor/support-for-fine-grained-password-policies-in-netwrix-password-expiration-notifier.md index 3ecb923c5b..bf3dc79cb5 100644 --- a/docs/kb/auditor/support-for-fine-grained-password-policies-in-netwrix-password-expiration-notifier.md +++ b/docs/kb/auditor/support-for-fine-grained-password-policies-in-netwrix-password-expiration-notifier.md @@ -33,5 +33,6 @@ Yes, PEN supports Fine-Grained Password Policies. To configure PEN to work only 2. Select or create a **Monitoring Plan** that will apply Fine-Grained Password Policies. 3. Click the **Advanced Tab**. 4. At the bottom of the Advanced Options window, select the **Only report on users with Fine-Grained Password Policies** applied box. - ![Fine-grained password policies applied](images/ka0Qk0000006sTx_0EMQk000008Iaq1.png) + ![Fine-grained password policies applied](./images/ka0Qk0000006sTx_0EMQk000008Iaq1.png) 5. Click **Save**. + diff --git a/docs/kb/auditor/symbolic-link-cannot-be-followed-error-in-file-server-monitoring-plan.md b/docs/kb/auditor/symbolic-link-cannot-be-followed-error-in-file-server-monitoring-plan.md index 93ac510024..d6909b7429 100644 --- a/docs/kb/auditor/symbolic-link-cannot-be-followed-error-in-file-server-monitoring-plan.md +++ b/docs/kb/auditor/symbolic-link-cannot-be-followed-error-in-file-server-monitoring-plan.md @@ -52,7 +52,7 @@ Enable all symbolic link types. Once executed, you'll see the settings for symbolic links (enabled or disabled). - ![SymlinkEvaluation output](images/servlet_image_3823966b1661.png) + ![SymlinkEvaluation output](./images/servlet_image_3823966b1661.png) 2. To enable a symlink type, run the following command: @@ -63,3 +63,6 @@ Enable all symbolic link types. The `R2L:1` stands for remote-to-local enabled. You can change `R` to `L` and vice versa to enable the disabled symlink. Learn more about fsutil syntax in the Microsoft documentation: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-behavior (fsutil behavior ⸱ Microsoft) + + + diff --git a/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan.md b/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan.md index 47b363dcfe..becc032b30 100644 --- a/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan.md +++ b/docs/kb/auditor/system-cannot-find-the-path-specified-in-logon-activity-monitoring-plan.md @@ -44,10 +44,10 @@ Netwrix Auditor Logon Activity Audit Service is corrupted or cannot be found. - Upgrade your Netwrix Auditor instance to the latest version to repair the corrupted service. Refer to the following article for additional information: Installation — Upgrade to the Latest Version ⸱ v10.6. -- If the latest Netwrix Auditor version is installed in your environment, you can repair your Netwrix Auditor instance. Refer to the following article for additional information: [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md). +- If the latest Netwrix Auditor version is installed in your environment, you can repair your Netwrix Auditor instance. Refer to the following article for additional information: [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation). ### Related articles - Installation — Upgrade to the Latest Version ⸱ v10.6 -- [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation.md) +- [How to Repair Netwrix Auditor Installation](/docs/kb/auditor/how-to-repair-netwrix-auditor-installation) diff --git a/docs/kb/auditor/target-computer-cannot-be-identified-in-user-activity-monitoring-plan.md b/docs/kb/auditor/target-computer-cannot-be-identified-in-user-activity-monitoring-plan.md index 76a4fd9e0d..bd08043c20 100644 --- a/docs/kb/auditor/target-computer-cannot-be-identified-in-user-activity-monitoring-plan.md +++ b/docs/kb/auditor/target-computer-cannot-be-identified-in-user-activity-monitoring-plan.md @@ -47,15 +47,15 @@ Make sure that it is online and reachable, Remote Registry service is enabled. - Enable the Remote Registry service in the affected client — refer to the following article for additional information: Windows File Servers − Enable Remote Registry Service ⸱ v10.6. - Review the allowed connections in the affected server in accordance with the following article guidelines: User Activity − User Activity Ports ⸱ v10.6. -- Exclude the Netwrix-related folders from the monitoring scope of your antivirus suite — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +- Exclude the Netwrix-related folders from the monitoring scope of your antivirus suite — refer to the following article for additional information: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). - Enable the SMB v2/v3 protocol in both the client and server — learn more in [Detect, Enable and Disable SMBv1, SMBv2, and SMBv3 ⸱ Windows Learn](https://learn.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3?tabs=server#how-to-detect-status-enable-and-disable-smb-protocols). -- Review the list of apps installed in the affected server. If User Activity Core Service is either missing or is outdated, refer to the following articles for additional information: Installation − Install for User Activity Core Service · v10.6 and [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service.md). +- Review the list of apps installed in the affected server. If User Activity Core Service is either missing or is outdated, refer to the following articles for additional information: Installation − Install for User Activity Core Service · v10.6 and [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service). ## Related articles - Windows File Servers − Enable Remote Registry Service ⸱ v10.6 - User Activity − User Activity Ports ⸱ v10.6 -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) - [Detect, Enable and Disable SMBv1, SMBv2, and SMBv3 ⸱ Windows Learn](https://learn.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3?tabs=server#how-to-detect-status-enable-and-disable-smb-protocols) - Installation − Install for User Activity Core Service · v10.6 -- [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service.md) +- [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service) diff --git a/docs/kb/auditor/the-account-lockout-examiner-service-account.md b/docs/kb/auditor/the-account-lockout-examiner-service-account.md index 8dd4e35631..3ec925216e 100644 --- a/docs/kb/auditor/the-account-lockout-examiner-service-account.md +++ b/docs/kb/auditor/the-account-lockout-examiner-service-account.md @@ -35,7 +35,7 @@ On any Domain Controller that has Group Policy Management: 5. Double-click the **Manage auditing and security log** policy 6. Click **Add user or group**, specify the Account Lockout Examiner **service account**, and click **OK** -[![User-added image](images/ka04u000000HcW3_0EM700000004wqQ.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqQ) +[![User-added image](./images/ka04u000000HcW3_0EM700000004wqQ.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqQ) ## Step 2. Add the service account to the required security groups 1. Run **Active Directory Users and Computers** @@ -44,7 +44,7 @@ On any Domain Controller that has Group Policy Management: 4. Go to the **Members** tab and add the user account you want to use for the Account Lockout Examiner service to the list 5. For **Windows 2008 and above** Domain Controllers, add the service account to the **Event Log Readers** group -[![User-added image](images/ka04u000000HcW3_0EM700000004wqL.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqL) +[![User-added image](./images/ka04u000000HcW3_0EM700000004wqL.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqL) ## Step 3. On every monitored Domain Controller, enable WMI access 1. Run **Computer Management** (Start -> Administrative Tools -> Computer Management) @@ -55,7 +55,7 @@ On any Domain Controller that has Group Policy Management: 6. Add the user account you want to use for the Account Lockout Examiner service to the list 7. Grant it the **Remote Enable** permission (put a check in the **Allow** checkbox) -[![User-added image](images/ka04u000000HcW3_0EM700000004wqV.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqV) +[![User-added image](./images/ka04u000000HcW3_0EM700000004wqV.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqV) ## Step 4. Configure DCOM settings 1. Open **Component Services** (Start -> Programs -> Administrative Tools -> Component Services) @@ -65,7 +65,7 @@ On any Domain Controller that has Group Policy Management: 5. Add the user account you want to use for the Account Lockout Examiner service to the top window 6. Set the **Allow** checkbox for the **Remote Activation** option -[![User-added image](images/ka04u000000HcW3_0EM700000004wqa.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqa) +[![User-added image](./images/ka04u000000HcW3_0EM700000004wqa.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqa) **NOTE:** Steps 3 and 4 might require a reboot to apply the new settings. @@ -75,8 +75,9 @@ On any Domain Controller that has Group Policy Management: 3. Right-click the **Administrators** group and select **Add to group** 4. Click **Add** and specify the service account. Click **OK** -[![User-added image](images/ka04u000000HcW3_0EM700000004wqf.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqf) +[![User-added image](./images/ka04u000000HcW3_0EM700000004wqf.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsb&feoid=00N700000032Pj2&refid=0EM700000004wqf) ## Step 6. On all machines that need to be examined by Account Lockout Examiner, grant local administrator rights to the service account - Grant local administrator rights either manually or by Group Policy. - Local admin rights are also necessary to find the root process causing invalid logons. + diff --git a/docs/kb/auditor/the-domain-param-parameter-is-missing-a-value.md b/docs/kb/auditor/the-domain-param-parameter-is-missing-a-value.md index 8d0b4a9cd5..dae4456b30 100644 --- a/docs/kb/auditor/the-domain-param-parameter-is-missing-a-value.md +++ b/docs/kb/auditor/the-domain-param-parameter-is-missing-a-value.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9bECAS You are getting the following warning during AD snapshot report generation: -![User-added image](images/ka04u000000HcTz_0EM700000005AFx.png) +![User-added image](./images/ka04u000000HcTz_0EM700000005AFx.png) --- @@ -36,3 +36,4 @@ It can happen if the snapshot reporting feature is disabled and/or no AD snapsho In order to fix this issue please open the Netwrix Auditor and make sure that snapshot reporting feature is enabled under **Active Directory | Reports | Snapshot Reports (State-in-Time Reports)** tab. Otherwise, on the same page you can import the snapshot you want to report on to the database. In order to do this, transfer the snapshot from the **"All available snapshots"** to the **"SNapshots available for reporting"** column and then click the **"Apply"** button. + diff --git a/docs/kb/auditor/the-email-address-column-in-the-enrollment-report.md b/docs/kb/auditor/the-email-address-column-in-the-enrollment-report.md index 32babb6c7b..2004d19488 100644 --- a/docs/kb/auditor/the-email-address-column-in-the-enrollment-report.md +++ b/docs/kb/auditor/the-email-address-column-in-the-enrollment-report.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9U3CAK When you run the Enrollment report, the Email Address column fields are blank for all user accounts. What should this column show and what can you do to make this work? -![User-added image](images/ka04u000000HcNo_0EM700000004xIo.png) +![User-added image](./images/ka04u000000HcNo_0EM700000004xIo.png) --- @@ -33,10 +33,11 @@ The **Email Address** column returns the email address used for **Additional aut An email with a unique link to the password reset page is sent to this address after the user answers secret questions. The user then should follow the link to complete password reset. The Email Address field contains data for the enrolled users only, because this email is specified during the enrollment procedure if the Authentication policy feature is enabled. -![User-added image](images/ka04u000000HcNo_0EM700000004xIy.png) +![User-added image](./images/ka04u000000HcNo_0EM700000004xIy.png) To enable this feature: 1. On the **Administrative portal - Settings - Authentication Policy** tab, select the **Additional authentication using the user email** check box. -![User-added image](images/ka04u000000HcNo_0EM700000004xIt.png) +![User-added image](./images/ka04u000000HcNo_0EM700000004xIt.png) + diff --git a/docs/kb/auditor/the-event-logs-reports-for-windows-server-does-not-contain-any-data.md b/docs/kb/auditor/the-event-logs-reports-for-windows-server-does-not-contain-any-data.md index 416098f773..8779387354 100644 --- a/docs/kb/auditor/the-event-logs-reports-for-windows-server-does-not-contain-any-data.md +++ b/docs/kb/auditor/the-event-logs-reports-for-windows-server-does-not-contain-any-data.md @@ -36,6 +36,7 @@ To review your data in these reports, you should configure a monitoring plan for 1. On the computer that hosts Netwrix Auditor Server, run Netwrix Auditor Event Log Manager. 2. Navigate to Audit Archiving filters and configure them as described in Configure Audit Archiving Filters for Event Log. - ![User-added image](images/ka04u0000011776_0EM4u000008Ls7s.png) + ![User-added image](./images/ka04u0000011776_0EM4u000008Ls7s.png) 3. Perform any test changes, for example, log in to a server for which you want to review data in reports. 4. Wait for 10 - 15 minutes for changes to take effect and run reports. + diff --git a/docs/kb/auditor/the-name-of-the-process-that-caused-an-account-lockout-does-not-appear-in-examination-results.md b/docs/kb/auditor/the-name-of-the-process-that-caused-an-account-lockout-does-not-appear-in-examination-results.md index 6a46acc5ea..a11b618be3 100644 --- a/docs/kb/auditor/the-name-of-the-process-that-caused-an-account-lockout-does-not-appear-in-examination-results.md +++ b/docs/kb/auditor/the-name-of-the-process-that-caused-an-account-lockout-does-not-appear-in-examination-results.md @@ -27,7 +27,7 @@ Netwrix Account Lockout Examiner relies on the Windows audit system. The name of the process is logged in the invalid logon event (`4625` in Windows Vista/2008/7/2008R2, events `529-539` in older versions). -[![User-added image](images/ka04u000000HcW6_0EM700000004wzN.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAcv&feoid=00N700000032Pj2&refid=0EM700000004wzN) +[![User-added image](./images/ka04u000000HcW6_0EM700000004wzN.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000kAcv&feoid=00N700000032Pj2&refid=0EM700000004wzN) **Account Lockout Examiner** will not show the name of the process if either there is no corresponding invalid logon event or the name of the process is not tracked by Windows Audit. @@ -38,3 +38,4 @@ This can occur due to several reasons, for example: 3. Events logged due to entering invalid credentials in an RDP client window normally do not contain the name of the process that caused this event. There are a lot of other situations when the name of a process can be not logged. The easiest way to make sure that **Account Lockout Examiner** reflects all information correctly is to manually check the invalid logon event in the Security log. + diff --git a/docs/kb/auditor/the-order-in-which-domains-appear-in-the-managed-domains-list.md b/docs/kb/auditor/the-order-in-which-domains-appear-in-the-managed-domains-list.md index 59c544a3e3..b4f54d5246 100644 --- a/docs/kb/auditor/the-order-in-which-domains-appear-in-the-managed-domains-list.md +++ b/docs/kb/auditor/the-order-in-which-domains-appear-in-the-managed-domains-list.md @@ -26,4 +26,5 @@ The list of managed domains shown on the **Self-Service Portal** is sorted alpha To sort domains, specify the domain name you want at the top in capital letters in the **Domains** section of the **Administrative Portal**. -[![User-added image](images/ka04u000000HcWF_0EM700000004xUV.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsq&feoid=00N700000032Pj2&refid=0EM700000004xUV) +[![User-added image](./images/ka04u000000HcWF_0EM700000004xUV.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g000000Xdsq&feoid=00N700000032Pj2&refid=0EM700000004xUV) + diff --git a/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md b/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md index 929554cb15..c0f49f8a61 100644 --- a/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md +++ b/docs/kb/auditor/the-remote-procedure-call-failed-error-when-collecting-logs.md @@ -48,4 +48,4 @@ Review the possible resolutions depending on you cause: - For cause 2. Make sure you assigned all required rights and permissions to the account used for data collection. For additional information on the data collecting account configuration, refer to the following article: [Data Collecting Account](https://docs.netwrix.com/docs/auditor/10_8/admin/monitoringplans/dataaccounts) -- For cause 3. For additional information on the data collecting account configuration, refer to the following article: [Error 0x800706BA − RPC Server Is Unavailable](/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable.md) +- For cause 3. For additional information on the data collecting account configuration, refer to the following article: [Error 0x800706BA − RPC Server Is Unavailable](/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable) diff --git a/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md b/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md index caece417a3..9872e6d1b7 100644 --- a/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md +++ b/docs/kb/auditor/troubleshoot_sharepoint_serveron-premise_errors.md @@ -21,39 +21,43 @@ This is a reference list of articles on troubleshooting errors in SharePoint Ser ### Related Articles -- [SharePoint Core Service Deployment Failed](/docs/kb/auditor/sharepoint-core-service-deployment-failed.md) -- [Timeout Expired Error on SharePoint Core Service D](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment.md) -- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log.md) -- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log.md) -- [Error: Event ID 1206 in Health Log](/docs/kb/auditor/error-event-id-1206-in-health-log.md) -- [Event ID 1208 in Health Log](/docs/kb/auditor/event-id-1208-in-health-log.md) -- [Event ID 1209 in Health Log](/docs/kb/auditor/event-id-1209-in-health-log.md) -- [Event ID 1210 in Health Log](/docs/kb/auditor/event-id-1210-in-health-log.md) -- [Event ID 1214 in Health Log](/docs/kb/auditor/event-id-1214-in-health-log.md) -- [Event ID 1223 in Health Log](/docs/kb/auditor/event-id-1223-in-health-log.md) -- [Event ID 1225 in Health Log](/docs/kb/auditor/event-id-1225-in-health-log.md) -- [Event ID 1236 in Health Log](/docs/kb/auditor/event-id-1236-in-health-log.md) -- [Event ID 1237/1238 in Health Log](/docs/kb/auditor/event_id_12371238_in_health_log.md) -- [Event ID 1239 in Health Log](/docs/kb/auditor/event-id-1239-in-health-log.md) -- [Event ID 1240 in Health Log](/docs/kb/auditor/event-id-1240-in-health-log.md) -- [Event ID 1241 in Health Log](/docs/kb/auditor/event-id-1241-in-health-log.md) -- [Event ID 1242 in Health Log](/docs/kb/auditor/event-id-1242-in-health-log.md) -- [Event ID 1243 in Health Log](/docs/kb/auditor/event-id-1243-in-health-log.md) -- [Event ID 1244 in Health Log](/docs/kb/auditor/event-id-1244-in-health-log.md) -- [Event ID 1245 in Health Log](/docs/kb/auditor/event-id-1245-in-health-log.md) -- [Event ID 1249 in Health Log](/docs/kb/auditor/event-id-1249-in-health-log.md) -- [Event ID 1250 in Health Log](/docs/kb/auditor/event-id-1250-in-health-log.md) -- [Event ID 1251 - 1254, 1256 - 1258 in Health Log](/docs/kb/auditor/event-id-1251-1254-1256-1258-in-health-log.md) -- [Event ID 1255 in Health Log](/docs/kb/auditor/event-id-1255-in-health-log.md) -- [Event ID 1259 in Health Log](/docs/kb/auditor/event-id-1259-in-health-log.md) -- [Event ID 1260 − 1266 in Health Log](/docs/kb/auditor/event-id-1260-1266-in-health-log.md) -- [Event ID 1267 − 1273 in Health Log](/docs/kb/auditor/event-id-1267-1273-in-health-log.md) -- [Event ID 1274 in Health Log](/docs/kb/auditor/event-id-1274-in-health-log.md) -- [Event ID 1275 in Health Log](/docs/kb/auditor/event-id-1275-in-health-log.md) -- [Event ID 1276 in Health Log](/docs/kb/auditor/event-id-1276-in-health-log.md) -- [Event ID 1280 in Health Log](/docs/kb/auditor/event-id-1280-in-health-log.md) -- [Event ID 1285 in Health Log](/docs/kb/auditor/event-id-1285-in-health-log.md) -- [Event ID 1286 in Health Log](/docs/kb/auditor/event-id-1286-in-health-log.md) -- [Event ID 1287 in Health Log](/docs/kb/auditor/event-id-1287-in-health-log.md) -- [Event ID 1288 in Health Log](/docs/kb/auditor/event-id-1288-in-health-log.md) -- [Event ID 1289 in Health Log](/docs/kb/auditor/event-id-1289-in-health-log.md) \ No newline at end of file +- [SharePoint Core Service Deployment Failed](/docs/kb/auditor/sharepoint-core-service-deployment-failed) +- [Timeout Expired Error on SharePoint Core Service D](/docs/kb/auditor/timeout-expired-error-on-sharepoint-core-service-deployment) +- [Event ID 1204 in Health Log](/docs/kb/auditor/event-id-1204-in-health-log) +- [Event ID 1205 in Health Log](/docs/kb/auditor/event-id-1205-in-health-log) +- [Error: Event ID 1206 in Health Log](/docs/kb/auditor/error-event-id-1206-in-health-log) +- [Event ID 1208 in Health Log](/docs/kb/auditor/event-id-1208-in-health-log) +- [Event ID 1209 in Health Log](/docs/kb/auditor/event-id-1209-in-health-log) +- [Event ID 1210 in Health Log](/docs/kb/auditor/event-id-1210-in-health-log) +- [Event ID 1214 in Health Log](/docs/kb/auditor/event-id-1214-in-health-log) +- [Event ID 1223 in Health Log](/docs/kb/auditor/event-id-1223-in-health-log) +- [Event ID 1225 in Health Log](/docs/kb/auditor/event-id-1225-in-health-log) +- [Event ID 1236 in Health Log](/docs/kb/auditor/event-id-1236-in-health-log) +- [Event ID 1237/1238 in Health Log](/docs/kb/auditor/event_id_12371238_in_health_log) +- [Event ID 1239 in Health Log](/docs/kb/auditor/event-id-1239-in-health-log) +- [Event ID 1240 in Health Log](/docs/kb/auditor/event-id-1240-in-health-log) +- [Event ID 1241 in Health Log](/docs/kb/auditor/event-id-1241-in-health-log) +- [Event ID 1242 in Health Log](/docs/kb/auditor/event-id-1242-in-health-log) +- [Event ID 1243 in Health Log](/docs/kb/auditor/event-id-1243-in-health-log) +- [Event ID 1244 in Health Log](/docs/kb/auditor/event-id-1244-in-health-log) +- [Event ID 1245 in Health Log](/docs/kb/auditor/event-id-1245-in-health-log) +- [Event ID 1249 in Health Log](/docs/kb/auditor/event-id-1249-in-health-log) +- [Event ID 1250 in Health Log](/docs/kb/auditor/event-id-1250-in-health-log) +- [Event ID 1251 - 1254, 1256 - 1258 in Health Log](/docs/kb/auditor/event-id-1251-1254-1256-1258-in-health-log) +- [Event ID 1255 in Health Log](/docs/kb/auditor/event-id-1255-in-health-log) +- [Event ID 1259 in Health Log](/docs/kb/auditor/event-id-1259-in-health-log) +- [Event ID 1260 − 1266 in Health Log](/docs/kb/auditor/event-id-1260-1266-in-health-log) +- [Event ID 1267 − 1273 in Health Log](/docs/kb/auditor/event-id-1267-1273-in-health-log) +- [Event ID 1274 in Health Log](/docs/kb/auditor/event-id-1274-in-health-log) +- [Event ID 1275 in Health Log](/docs/kb/auditor/event-id-1275-in-health-log) +- [Event ID 1276 in Health Log](/docs/kb/auditor/event-id-1276-in-health-log) +- [Event ID 1280 in Health Log](/docs/kb/auditor/event-id-1280-in-health-log) +- [Event ID 1285 in Health Log](/docs/kb/auditor/event-id-1285-in-health-log) +- [Event ID 1286 in Health Log](/docs/kb/auditor/event-id-1286-in-health-log) +- [Event ID 1287 in Health Log](/docs/kb/auditor/event-id-1287-in-health-log) +- [Event ID 1288 in Health Log](/docs/kb/auditor/event-id-1288-in-health-log) +- [Event ID 1289 in Health Log](/docs/kb/auditor/event-id-1289-in-health-log) + + + + diff --git a/docs/kb/auditor/troubleshooting-connection-issues-for-the-error-connection-failed-0x800706ba-the-rpc-server-is.md b/docs/kb/auditor/troubleshooting-connection-issues-for-the-error-connection-failed-0x800706ba-the-rpc-server-is.md new file mode 100644 index 0000000000..e56c07cec7 --- /dev/null +++ b/docs/kb/auditor/troubleshooting-connection-issues-for-the-error-connection-failed-0x800706ba-the-rpc-server-is.md @@ -0,0 +1,116 @@ +--- +description: > + Troubleshooting guide for resolving "RPC Server Unavailable (0x800706BA)" connection issues in Netwrix Auditor, covering network stability, antivirus interference, and resource limitations. +keywords: + - RPC server unavailable + - 0x800706BA + - Netwrix Auditor + - compression service + - connection issues + - antivirus exclusions + - network instability + - insufficient resources +products: + - auditor +sidebar_label: Troubleshooting Connection Issues - RPC Server Unavailable +title: Troubleshooting Connection Issues - RPC Server Unavailable (0x800706BA) +knowledge_article_id: kA0Qk000000XXXXKAA +--- + +# Troubleshooting Connection Issues - RPC Server Unavailable (0x800706BA) + +> **IMPORTANT:** This error, especially when it occurs infrequently, does not result in audit data loss. The collector continues gathering data from where it was last interrupted. Verify data timeliness in reports to determine whether this impacts the delivery of audit data by the collector. + +## Overview + +This error occurs when the Netwrix Auditor File Server collector cannot establish or maintain a connection with the RPC server. Common causes include network instability, antivirus interference, or insufficient system resources. The following sections provide steps to identify and resolve these issues. + +## Instructions + +### 1. Connection Dropping with Compression Service During Data Collection + +When collecting data from the target audited server, it is essential to maintain a stable and reliable connection with the **Compression service**. Network instability can interrupt data transmission and cause connection drops. + +To resolve this issue: + +- Inspect and configure network equipment to ensure a consistent connection. +- Verify bandwidth stability and latency thresholds. +- Test network reliability between the **Auditor Server** and **target audited server**. + +Maintaining a stable network connection helps the data collection process complete without interruption. + +### 2. Unstable Connection During Large-Scale Audits + +During large-scale audits, unstable connections may interrupt or halt the audit process. To reduce connection load and improve performance: + +- Divide large audit scopes into smaller, manageable items. + - For example, instead of adding the entire target audited server with all shares as a single item, add each share separately. +- Segment the audit into phases to reduce network load and improve reliability. + +> **IMPORTANT:** Apply this recommendation to critical audit objects only. For example, if a file server includes many shared folders but not all need auditing, exclude the unnecessary folders using **Excludes**. The collector will then focus on necessary data only. Use the **Resource Estimation Tool (RET)** to calculate your audit scope and estimate server resources: [Resource Estimation Tool](https://releases.netwrix.com/products/auditor/10.7/auditor-resource-estimation-tool-1.2.39.zip) + +### 3. Antivirus Interference on the Auditor Server or Target Audited Server + +Antivirus software is essential for system protection but can sometimes interfere with Netwrix Auditor or its **Compression service** by blocking or delaying connections. + +Common interference causes include: + +- **Connection blocking:** Legitimate network connections may be flagged as threats and blocked. +- **Traffic scanning:** Continuous scanning may delay or disrupt communication. +- **False positives:** Antivirus may isolate or delete Auditor or Compression service files. + +To prevent this interference, add the following exclusions to your antivirus configuration. + +#### Netwrix Auditor Server + +**Paths:** + +- `C:\ProgramData\Netwrix Auditor` + +> **NOTE:** If the default data location has changed, verify the current path in the registry key: +> `HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Netwrix Auditor\DataPathOverride` + +**Processes:** + +- `NwFileStorageSvc (NwCoreSvc.exe)` + +#### Target Audited Server (if Compression Service Is Enabled) + +**Paths:** + +- `C:\Windows\SysWOW64\NwxExeSvc` + +**Processes:** + +- `NwxExeSvc.exe` +- `NwxFsAgent.exe` +- `NwxEventCollectorAgent.exe` +- `NwxSaclTunerAgent.exe` + +For a complete list of antivirus exclusions, see [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). + +### 4. Insufficient Disk Space on the Target Audited Server + +Low disk space on the agent’s system drive can cause the **Compression service** to malfunction or fail. + +To resolve: + +- Free up disk space by removing unnecessary files or logs. +- Move large data files to secondary storage. +- Extend the disk volume if necessary. + +Ensure that sufficient free space exists for both system operations and Netwrix Auditor processes. + +### 5. Insufficient System Resources (CPU or RAM) for the Compression Service + +If the target audited server lacks sufficient CPU or RAM resources to handle large audit volumes, the **Compression service** may fail or slow down significantly. + +Recommended actions: + +- Segment or limit the audit scope to reduce processing demand. +- Exclude unnecessary targets from the audit. +- Increase available CPU and memory resources on the target server. + +## Related Links + +- [Error: 0x800706BA - RPC Server Is Unavailable](/docs/kb/auditor/error-0x800706ba-rpc-server-is-unavailable) diff --git a/docs/kb/auditor/unable-to-connect-to-remote-server.md b/docs/kb/auditor/unable-to-connect-to-remote-server.md index ee54ee4e66..bc690a366c 100644 --- a/docs/kb/auditor/unable-to-connect-to-remote-server.md +++ b/docs/kb/auditor/unable-to-connect-to-remote-server.md @@ -48,11 +48,11 @@ In case the **SQL Server Reporting Services** service has stopped − enable the In case of the failed SQL Server upgrade, repair your SQL Server installation. Learn more in [Repair a Failed SQL Server Installation · Microsoft 🤝](https://learn.microsoft.com/en-us/sql/database-engine/install-windows/repair-a-failed-sql-server-installation?view=sql-server-ver16). -For additional information on expired evaluation license in SSRS, refer to the following article: [Error 503 − Reports and Subscriptions Not Working](/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md). +For additional information on expired evaluation license in SSRS, refer to the following article: [Error 503 − Reports and Subscriptions Not Working](/docs/kb/auditor/error-503-reports-and-subscriptions-not-working). ## Related articles -- [Error 503 − Reports and Subscriptions Not Working](/docs/kb/auditor/error-503-reports-and-subscriptions-not-working.md) +- [Error 503 − Reports and Subscriptions Not Working](/docs/kb/auditor/error-503-reports-and-subscriptions-not-working) - [Start and Stop the Report Server Service · Microsoft 🤝](https://learn.microsoft.com/en-us/sql/reporting-services/report-server/start-and-stop-the-report-server-service?view=sql-server-ver16) - [Setting Time-out Values for Report and Shared Dataset Processing (SSRS) · Microsoft 🤝](https://learn.microsoft.com/en-us/sql/reporting-services/report-server/setting-time-out-values-for-report-and-shared-dataset-processing-ssrs?view=sql-server-ver16) - [Repair a Failed SQL Server Installation · Microsoft 🤝](https://learn.microsoft.com/en-us/sql/database-engine/install-windows/repair-a-failed-sql-server-installation?view=sql-server-ver16) diff --git a/docs/kb/auditor/unable-to-create-real-time-alerts.md b/docs/kb/auditor/unable-to-create-real-time-alerts.md index 018a3f0eb5..70d13f55dd 100644 --- a/docs/kb/auditor/unable-to-create-real-time-alerts.md +++ b/docs/kb/auditor/unable-to-create-real-time-alerts.md @@ -26,9 +26,9 @@ knowledge_article_id: kA00g000000H9btCAC The first time you create a real-time alert, you see the following errors: -![Error 1](images/ka04u000000HcUe_0EM7000000050xL.png) +![Error 1](./images/ka04u000000HcUe_0EM7000000050xL.png) -![Error 2](images/ka04u000000HcUe_0EM7000000050xQ.png) +![Error 2](./images/ka04u000000HcUe_0EM7000000050xQ.png) Also in the event viewer System log you can find events like this: @@ -59,3 +59,4 @@ To do this, follow these steps: 5. Double-click `MaxPacketSize`, type `1` in the **Value data** box, click to select the **Decimal** option, and then click **OK**. 6. Quit Registry Editor. 7. Restart your computer. + diff --git a/docs/kb/auditor/unable-to-launch-netwrix-auditor-user-activity-core-service.md b/docs/kb/auditor/unable-to-launch-netwrix-auditor-user-activity-core-service.md index 20858bdd1b..7cb7b8d8de 100644 --- a/docs/kb/auditor/unable-to-launch-netwrix-auditor-user-activity-core-service.md +++ b/docs/kb/auditor/unable-to-launch-netwrix-auditor-user-activity-core-service.md @@ -62,13 +62,14 @@ where `yourservername` is the name of your SMTP server in the FQDN format and `9 3. Follow the installation prompts up to the **Specify User Activity Video Reporter server and TCP port** step. 4. On this step, provide your SMTP server name in the FQDN format in the **Host server** field and provide the port number **9004**. -![User-added image](images/ka0Qk0000001S2H_0EMQk000001wr0A.png) +![User-added image](./images/ka0Qk0000001S2H_0EMQk000001wr0A.png) 5. Complete the installation. -> NOTE: In case User Activity Core Service is installed in target servers, make sure to check the Core Service version in **Apps & Features**. In case of version mismatch, refer to the following article for additional information: [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service.md). +> NOTE: In case User Activity Core Service is installed in target servers, make sure to check the Core Service version in **Apps & Features**. In case of version mismatch, refer to the following article for additional information: [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service). ### Related articles - Configuration — User Activity — User Activity Ports — v10.6 -- [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service.md) +- [Manually Update User Activity Core Service](/docs/kb/auditor/manually-update-user-activity-core-service) + diff --git a/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md b/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md index 72dceca070..a001bcf52f 100644 --- a/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md +++ b/docs/kb/auditor/unable-to-process-item-error-when-using-gmsa-in-netwrix-auditor.md @@ -41,4 +41,4 @@ In Netwrix Auditor version 9.96 group managed service accounts can be used inste ## Solution -For the pre-10.5.11041 Netwrix Auditor version, make sure to update your Netwrix Auditor instance — refer to the following articles for additional information: [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md) and [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md) +For the pre-10.5.11041 Netwrix Auditor version, make sure to update your Netwrix Auditor instance — refer to the following articles for additional information: [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor) and [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor) diff --git a/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md b/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md index 529aec7189..4dbe138bde 100644 --- a/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md +++ b/docs/kb/auditor/unable-to-run-reports-system-cannot-find-the-file-specified.md @@ -49,6 +49,6 @@ A report server database is missing. Refer to the following steps to resolve the issue: 1. In your Netwrix Auditor server, disable **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service** via **Services**. -2. Deploy the report server database — refer to the following article for in-depth instructions: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database.md) +2. Deploy the report server database — refer to the following article for in-depth instructions: [Deploying the Report Server Database](/docs/kb/auditor/deploying-the-report-server-database) 3. Once you've configured the report server database, grant the roles to the SSRS service account the roles required. Refer to the following article for additional information: [Configure SSRS account](https://docs.netwrix.com/docs/auditor/10_8/requirements/sqlserverreportingservice) and [How to Assign db_owner Permissions](docs\kb\auditor\how-to-assign-db-owner-permissions.md) 4. Restart **Netwrix Auditor Archive Service** and **Netwrix Auditor Management Service** on your Netwrix Auditor server via **Services**. diff --git a/docs/kb/auditor/unable-to-update-netwrix-auditor-due-to-contract-or-subscription-expiration.md b/docs/kb/auditor/unable-to-update-netwrix-auditor-due-to-contract-or-subscription-expiration.md index e22efa0333..c88ffe6699 100644 --- a/docs/kb/auditor/unable-to-update-netwrix-auditor-due-to-contract-or-subscription-expiration.md +++ b/docs/kb/auditor/unable-to-update-netwrix-auditor-due-to-contract-or-subscription-expiration.md @@ -33,7 +33,7 @@ To be able to download and install the new version, renew your maintenance contr Your subscription plan for Netwrix Auditor has expired ``` -![AboutNetwrixAuditor.png](images/ka0Qk0000002uxN_0EM4u000008LHag.png) +![AboutNetwrixAuditor.png](./images/ka0Qk0000002uxN_0EM4u000008LHag.png) ## Cause @@ -47,9 +47,10 @@ Even if you have valid support and maintenance licenses, you might still have so 2. In the left pane, select **Licenses**. 3. Select any expired licenses and click **Remove**. -If you would like to upgrade to the latest product version from a version that is no longer supported, refer to the following incremental upgrade guide: [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md). +If you would like to upgrade to the latest product version from a version that is no longer supported, refer to the following incremental upgrade guide: [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor). ## Related articles - Installation — Upgrade to the Latest Version ⸱ v10.6 -- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md) +- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor) + diff --git a/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md b/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md index 55346a6961..f74f434f00 100644 --- a/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md +++ b/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md @@ -1,14 +1,14 @@ --- description: >- Describes the approved incremental upgrade paths for Netwrix Auditor up to - version 10.5 and provides recommendations and prerequisites for successful + version 10.8 and provides recommendations and prerequisites for successful upgrades. keywords: - Netwrix Auditor - upgrade - incremental upgrade - database upgrade - - 10.5 + - 10.8 - 9.9 - license products: @@ -23,7 +23,7 @@ knowledge_article_id: kA00g000000H9eJCAS ## Overview -When upgrading from old versions of Netwrix Auditor, you must do that **incrementally**. Below is the list of approved upgrade paths up to the version 10.5. +When upgrading from old versions of Netwrix Auditor, you must do that **incrementally**. Below is the list of approved upgrade paths up to the version 10.8. ## Before you start @@ -67,7 +67,7 @@ This will stop all Netwrix Services and prevent complications during the upgrade | 8.5 / 9.0 | 9.5 | Not recommended! | | 9.5 | 9.7 | [Download](https://www.netwrix.com/my_products.html) | | 9.7 / 9.8 | 9.9 | [Download](https://www.netwrix.com/my_products.html) | -| 9.9 | 9.96 | [Download](https://www.netwrix.com/my_products.html)
Refer to the following article for additional information:
[Upgrade from 9.9 to 9.96 with Your Netwrix Auditor Version Cannot Be Upgraded Error](/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md)| +| 9.9 | 9.96 | [Download](https://www.netwrix.com/my_products.html)
Refer to the following article for additional information:
[Upgrade from 9.9 to 9.96 with Your Netwrix Auditor Version Cannot Be Upgraded Error](/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error)| | 9.96 / 10.0 | 10.5 | [Download](https://www.netwrix.com/my_products.html) | | 10 / 10.5 | 10.6 | [Download](https://www.netwrix.com/my_products.html) | | 10.5 / 10.6 | 10.7 | [Download](https://www.netwrix.com/my_products.html) | @@ -75,4 +75,4 @@ This will stop all Netwrix Services and prevent complications during the upgrade ### Related articles -[How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md) +[How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor) diff --git a/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md b/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md index a3a2a45579..1158fdf167 100644 --- a/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md +++ b/docs/kb/auditor/upgrade_from_9.9_to_9.96_with_your_netwrix_auditor_version_cannot_be_upgraded_error.md @@ -35,5 +35,5 @@ To upgrade to v9.96, contact Technical Support for download links for the latest ## Related Articles -- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor.md) -- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor.md) \ No newline at end of file +- [Upgrade Increments for Netwrix Auditor](/docs/kb/auditor/upgrade-increments-for-netwrix-auditor) +- [How to Upgrade Netwrix Auditor](/docs/kb/auditor/how-to-upgrade-netwrix-auditor) \ No newline at end of file diff --git a/docs/kb/auditor/volume-shadow-copy-service-support-in-netwrix-auditor-for-file-servers.md b/docs/kb/auditor/volume-shadow-copy-service-support-in-netwrix-auditor-for-file-servers.md index 3197a34604..98fb46a650 100644 --- a/docs/kb/auditor/volume-shadow-copy-service-support-in-netwrix-auditor-for-file-servers.md +++ b/docs/kb/auditor/volume-shadow-copy-service-support-in-netwrix-auditor-for-file-servers.md @@ -32,8 +32,11 @@ The **Volume Shadow Copy Service** (hereafter **VSS**) can be enabled via **Netw 1. Navigate to **Managed Objects -> your_File_Servers_Managed_Object_name -> File Servers.** 2. Click **Configure** next to **Advanced Settings** and select the **Enable file versioning and rollback capabilities (based on Volume Shadow Copy).** -![User-added image](images/ka04u000000HcNV_0EM700000007LkF.png) +![User-added image](./images/ka04u000000HcNV_0EM700000007LkF.png) ## Where Shadow Copy data is stored The **Shadow Copy** data is stored on the audited file server. **VSS** is a built-in **Windows** service, and when you enable the VSS support, **Netwrix Auditor** just triggers creation of a snapshot. If you have not configured **VSS**, you may want to turn it off (especially if you do not have enough space on that server). To know precisely where the **Shadow Copy** data is stored, refer to the **Shadow Copy** information on the drive volume. + + + diff --git a/docs/kb/auditor/vserver-api-missing-vserver-parameter-error-when-auditing-netapp-cluster.md b/docs/kb/auditor/vserver-api-missing-vserver-parameter-error-when-auditing-netapp-cluster.md index c7f36a8699..e32bb9f66e 100644 --- a/docs/kb/auditor/vserver-api-missing-vserver-parameter-error-when-auditing-netapp-cluster.md +++ b/docs/kb/auditor/vserver-api-missing-vserver-parameter-error-when-auditing-netapp-cluster.md @@ -36,7 +36,7 @@ The specified management interface is not the management interface of the CIFS S 2. Find the interface that has **Management Access** enabled and is assigned to the SVM you are trying to audit. 3. Remember its IP address and specify it in the properties of the NetApp item in Netwrix Auditor in the **ONTAPI** node. -![Management_Interface_NetApp](images/ka04u000000HcZ5_0EM0g000002CGLg.png) +![Management_Interface_NetApp](./images/ka04u000000HcZ5_0EM0g000002CGLg.png) Also make sure the account used to collect to ONTAPI is assigned a custom role on the SVM that has the following capabilities with access query levels: @@ -49,3 +49,4 @@ Also make sure the account used to collect to ONTAPI is assigned a custom role o | vserver cifs | readonly | See [Creating Role on NetApp Clustered Data ONTAP 8 or ONTAP 9 and Enabling AD User Access](https://docs.netwrix.com/docs/auditor/10_8). + diff --git a/docs/kb/auditor/what-is-sessionid-in-netwrix-auditor-for-file-servers.md b/docs/kb/auditor/what-is-sessionid-in-netwrix-auditor-for-file-servers.md index 024cc54f99..687909607f 100644 --- a/docs/kb/auditor/what-is-sessionid-in-netwrix-auditor-for-file-servers.md +++ b/docs/kb/auditor/what-is-sessionid-in-netwrix-auditor-for-file-servers.md @@ -33,7 +33,7 @@ This attribute is based on the user’s logon ID within the current session. Bei Session IDs are used to identify changes made by users with unique logon ID's. Session IDs are a combination of both the logon ID itself and the current session associated with this logon ID, to help identifying who made the change. Thus, session ID can be changed due to the fact that Netwrix would count that as a separate activity record too. -![User-added image](images/ka0Qk0000001OrV_0EMQk000002Tph8.png) +![User-added image](./images/ka0Qk0000001OrV_0EMQk000002Tph8.png) In addition, Netwrix Auditor generates the following attribute besides Session ID, associated with the object and reserved for internal use: @@ -43,4 +43,7 @@ Since the product associates Session IDs with the current session of the user, t ### Related Article -- [How Does Merging Logon Activity Events Work?](/docs/kb/auditor/how-does-merging-logon-activity-events-work.md) +- [How Does Merging Logon Activity Events Work?](/docs/kb/auditor/how-does-merging-logon-activity-events-work) + + + diff --git a/docs/kb/auditor/why-a-registry-key-is-missing-in-both-gpmc-and-local.md b/docs/kb/auditor/why-a-registry-key-is-missing-in-both-gpmc-and-local.md index 7e07bc06af..f9bdf9fe93 100644 --- a/docs/kb/auditor/why-a-registry-key-is-missing-in-both-gpmc-and-local.md +++ b/docs/kb/auditor/why-a-registry-key-is-missing-in-both-gpmc-and-local.md @@ -39,6 +39,7 @@ Registry audit settings are required for some data sources, for example, for Log 5. On this screen that pops up, add the required permissions. 6. On the next screen, you’ll be prompted to configure the key, then how you want the settings to be applied; or not allow permission to be replaced. 7. Manually add the path to the Registry Key in the **Selected Key** dialog. - ![User-added image](images/ka0Qk0000001VD3_0EMQk000002dT5q.png) + ![User-added image](./images/ka0Qk0000001VD3_0EMQk000002dT5q.png) This will apply the key settings to the GPO, and all computers affected by the GPO. + diff --git a/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons.md b/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons.md index df2b80587c..fa0499ab04 100644 --- a/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons.md +++ b/docs/kb/auditor/why-do-i-have-incomplete-information-on-failed-logons.md @@ -40,4 +40,4 @@ If you would like to have information on how to investigate Failed Logons, check - [Investigating Failed Logons](https://kb.netwrix.com/5198) - [How to detect the root cause of multiple failed logons](https://kb.netwrix.com/3553) -- [How to Find Destination of Failed NTLM Logons?](/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons.md) +- [How to Find Destination of Failed NTLM Logons?](/docs/kb/auditor/how-to-find-destination-of-failed-ntlm-logons) diff --git a/docs/kb/auditor/wmi-classes-data-provider-failed-to-get-the-information-on-win32-printer-error.md b/docs/kb/auditor/wmi-classes-data-provider-failed-to-get-the-information-on-win32-printer-error.md index c73a5e1f1d..bd10b91554 100644 --- a/docs/kb/auditor/wmi-classes-data-provider-failed-to-get-the-information-on-win32-printer-error.md +++ b/docs/kb/auditor/wmi-classes-data-provider-failed-to-get-the-information-on-win32-printer-error.md @@ -42,7 +42,7 @@ The Print Spooler service is stopped or disabled on the monitored server. 4. In the **General** tab, review the **Startup type** value − switch it to **Automatic** and click **Start**. 5. Click **Apply**. -![User-added image](images/ka0Qk0000001f7Z_0EM4u000002CQsV.png) +![User-added image](./images/ka0Qk0000001f7Z_0EM4u000002CQsV.png) --- @@ -78,3 +78,4 @@ monitoring plan name, server name,*The WMI Classes data provider failed to get i - https://docs.netwrix.com/docs/auditor/10_8/configuration/windowsserver/overview - https://docs.netwrix.com/docs/auditor/10_8/configuration/windowsserver/overview + diff --git a/docs/kb/auditor/workstation-name-is-not-shown.md b/docs/kb/auditor/workstation-name-is-not-shown.md index 4c14f4eb4c..aed193f8ae 100644 --- a/docs/kb/auditor/workstation-name-is-not-shown.md +++ b/docs/kb/auditor/workstation-name-is-not-shown.md @@ -30,6 +30,7 @@ Netwrix Account Lockout Examiner shows no data in the **Workstation** field, whi Because Netwrix Account Lockout Examiner processes Windows security logs, it only gets the data that is present in those logs. This issue means that the Account locked out event (ID `644` for Windows XP/2003, ID `4740` for the later versions of Windows) contains an empty **Caller Machine Name** field. Here is an example of the Account locked out event `644` with the empty **Caller Machine Name** field: -[![User-added image](images/ka04u00000118ES_0EM700000004udP.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g0000004KSJ&feoid=00N700000032Pj2&refid=0EM700000004udP) +[![User-added image](./images/ka04u00000118ES_0EM700000004udP.png)](https://netwrix.secure.force.com/kb/servlet/rtaImage?eid=ka40g0000004KSJ&feoid=00N700000032Pj2&refid=0EM700000004udP) The field can be empty for events where a local computer account was locked out due to a local policy or as a result of computer synchronization with a mobile device. + diff --git a/docs/kb/auditor/workstations-cloned-with-windows-server-auditing-service-pre-installed.md b/docs/kb/auditor/workstations-cloned-with-windows-server-auditing-service-pre-installed.md index 5671a9ef6f..25d87efd04 100644 --- a/docs/kb/auditor/workstations-cloned-with-windows-server-auditing-service-pre-installed.md +++ b/docs/kb/auditor/workstations-cloned-with-windows-server-auditing-service-pre-installed.md @@ -46,7 +46,7 @@ To establish the affected servers, refer to the following steps: Copy the **AgentID** value. - ![Registry AgentID screenshot](images/ka04u000001177u_0EM4u000008Lr6o.png) + ![Registry AgentID screenshot](./images/ka04u000001177u_0EM4u000008Lr6o.png) 2. In your Netwrix Auditor host, navigate to the `C:\ProgramData\Netwrix Auditor\ShortTerm\WSA\Agents\` folder. Look for a folder named after **AgentID** (e.g.,52656fc3-d325-424d-9bef-fb68d14bc919). The **RemoteAgentState.xml** file contains a list of affected servers. @@ -158,3 +158,4 @@ To establish the affected servers, refer to the following steps: 1. Open the folder `C:\Program Files (x86)\Netwrix Auditor\User Activity Video Recording` in the Netwrix server. 2. Copy the **UACoreSvcSetup.msi** file to each cloned server. 3. Install it manually. + diff --git "a/docs/kb/auditor/\321\201onnection_issue_when_tls_1.2_is_required.md" "b/docs/kb/auditor/\321\201onnection_issue_when_tls_1.2_is_required.md" index 67b02b206d..510ed82fee 100644 --- "a/docs/kb/auditor/\321\201onnection_issue_when_tls_1.2_is_required.md" +++ "b/docs/kb/auditor/\321\201onnection_issue_when_tls_1.2_is_required.md" @@ -23,7 +23,7 @@ How to set up connections between the internal environment and Microsoft (Office ### Option 1: For Up-to-Date Environments -For up-to-date environments, refer to the following KB article for additional information: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md). You can also use this registry key to achieve the same results: [TLS Registry Key](https://netwrix.com/download/products/KnowledgeBase/TLSRegkey.reg). +For up-to-date environments, refer to the following KB article for additional information: [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm). You can also use this registry key to achieve the same results: [TLS Registry Key](https://netwrix.com/download/products/KnowledgeBase/TLSRegkey.reg). ### Option 2: For Pre-Windows Server 2019 Environments and Earlier @@ -108,7 +108,7 @@ For 32-bit applications that are running on 64-bit OSs, update the following sub ### Related Articles -- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm.md) +- [Client and Server Cannot Communicate, Because They Do Not Possess a Common Algorithm](/docs/kb/auditor/client-and-server-cannot-communicate-because-they-do-not-possess-a-common-algorithm) - [How to enable TLS 1.2 on clients ⸱ Microsoft 🡥](https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client) diff --git a/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md b/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md index ffb9aab01a..1778b6ab0a 100644 --- a/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md +++ b/docs/kb/dataclassification/antivirus-exclusions-for-netwrix-data-classification.md @@ -47,4 +47,4 @@ During data collection, a collector uses a specific to store copies of the files ## Related articles -- [How to back up the Netwrix Data Classification Index](/docs/kb/dataclassification/how-to-back-up-the-ndc-index.md) +- [How to back up the Netwrix Data Classification Index](/docs/kb/dataclassification/how-to-back-up-the-ndc-index) diff --git a/docs/kb/dataclassification/classification-troubleshooting.md b/docs/kb/dataclassification/classification-troubleshooting.md index 8f97fc7137..2f1fd95db0 100644 --- a/docs/kb/dataclassification/classification-troubleshooting.md +++ b/docs/kb/dataclassification/classification-troubleshooting.md @@ -35,7 +35,7 @@ Identify a document with incorrect classifications: Go to the workflow logs (`https://[YourNDCServerName]/NDC/Workflows/Logs`) on your Netwrix Data Classification server and check the status: - If it's **negative**, then there was an error. Enable collector tracing and reindex the file, then view the event logs for details of the issue. You will usually see either the `PageID`, `PageURL`, or both in the logs to know which errors are related. -- If it's less than 400, it means that it is not classified and needs to finish processing first. Verify codes in the [NDC Page Status Codes](/docs/kb/auditor/ndc-page-status-codes.md) article. +- If it's less than 400, it means that it is not classified and needs to finish processing first. Verify codes in the [NDC Page Status Codes](/docs/kb/auditor/ndc-page-status-codes) article. - If the status is **Classified (400)** and the **ReindexStatus** is 3, then it means it hasn't been reindexed or reclassified. This means that a change was detected or the user manually requested reprocessing. Give Netwrix Data Classification time to reprocess the document. - If the status is 400 and the reindex status is 0, check the **Text** and **Metadata** tabs. This is an easy way to confirm issues where Optical Character Recognition (OCR) has failed to extract the text you're looking for or if there was an issue processing text extraction for the document. If it doesn't match, enable collector tracing and reindex the document for details in the logs. diff --git a/docs/kb/dataclassification/documents-are-crawled-successfully-with-no-text-extracted.md b/docs/kb/dataclassification/documents-are-crawled-successfully-with-no-text-extracted.md index 471c77e247..bb0c9006ca 100644 --- a/docs/kb/dataclassification/documents-are-crawled-successfully-with-no-text-extracted.md +++ b/docs/kb/dataclassification/documents-are-crawled-successfully-with-no-text-extracted.md @@ -31,7 +31,7 @@ Why is Netwrix Data Classification (NDC) crawling your documents successfully, b Issues with text extraction can have a range of causes. You can find a summary of text extraction errors in the **Stats** dashboard. Click **Details** to view a breakdown by type of error. -![thumbnail_image.png](images/ka0Qk000000309x_0EMQk000004P1LC.png) +![thumbnail_image.png](./images/ka0Qk000000309x_0EMQk000004P1LC.png) ### Steps to Diagnose Text Extraction Failure diff --git a/docs/kb/dataclassification/error-end-encrypted-private-key-not-found.md b/docs/kb/dataclassification/error-end-encrypted-private-key-not-found.md index c96fa68ba3..6869cf4173 100644 --- a/docs/kb/dataclassification/error-end-encrypted-private-key-not-found.md +++ b/docs/kb/dataclassification/error-end-encrypted-private-key-not-found.md @@ -38,7 +38,7 @@ System.IO.IOException: The formatting of the private key in the JSON file is incorrect. Refer to the following example: -![private key example](images/ka0Qk0000005chN_0EMQk000007eSHh.png) +![private key example](./images/ka0Qk0000005chN_0EMQk000007eSHh.png) The private key contains multiple `\n` entries that represent line breaks. diff --git a/docs/kb/dataclassification/error-failed-to-load-classifier-data-cache.md b/docs/kb/dataclassification/error-failed-to-load-classifier-data-cache.md index cfc23cc290..fe8f9f2165 100644 --- a/docs/kb/dataclassification/error-failed-to-load-classifier-data-cache.md +++ b/docs/kb/dataclassification/error-failed-to-load-classifier-data-cache.md @@ -29,7 +29,7 @@ The Netwrix Data Classification: Service Viewer displays the following error mes `Failed-to-load-Classifier-data-cache` -![User-added image](images/ka04u000000HdG2_0EM4u000001rDFG.png) +![User-added image](./images/ka04u000000HdG2_0EM4u000001rDFG.png) ## Solution diff --git a/docs/kb/dataclassification/export-not-available-for-dsar-searches.md b/docs/kb/dataclassification/export-not-available-for-dsar-searches.md index 905413ee35..8b5789dbdb 100644 --- a/docs/kb/dataclassification/export-not-available-for-dsar-searches.md +++ b/docs/kb/dataclassification/export-not-available-for-dsar-searches.md @@ -36,4 +36,4 @@ Exporting DSAR reports requires that you specify an output location. Refer to the following article for additional information on DSAR settings: DSAR Settings. -![DSAR Settings screenshot](images/ka04u000001170U_0EM4u000008LceH.png) +![DSAR Settings screenshot](./images/ka04u000001170U_0EM4u000008LceH.png) diff --git a/docs/kb/dataclassification/export-term-sets-to-an-xml-file-using-concepttermstoremanager.md b/docs/kb/dataclassification/export-term-sets-to-an-xml-file-using-concepttermstoremanager.md index 4a9858c356..b57e4a0b2d 100644 --- a/docs/kb/dataclassification/export-term-sets-to-an-xml-file-using-concepttermstoremanager.md +++ b/docs/kb/dataclassification/export-term-sets-to-an-xml-file-using-concepttermstoremanager.md @@ -31,17 +31,17 @@ Export a term set structure to an XML file via the conceptTermStoreManager using 1. Navigate to `C:\inetpub\wwwroot\conceptQS\bin\conceptTermStoreManager.exe` 2. Run the `conceptTermStoreManager.exe` and observe the following screen: - ![User-added image](images/ka04u000000HdFy_0EM4u000001rAT5.png) + ![User-added image](./images/ka04u000000HdFy_0EM4u000001rAT5.png) 3. Click the **Export** box to export a term set structure to an XML file. 4. On the **Export Term Sets** page, enter the details of the site collection where the Term Store can be accessed using the credentials supplied. - ![User-added image](images/ka04u000000HdFy_0EM4u000001rAV6.png) + ![User-added image](./images/ka04u000000HdFy_0EM4u000001rAV6.png) 5. Click **Next**. 6. Select the term sets you wish to export by using the checkboxes on the right-hand side. - ![User-added image](images/ka04u000000HdFy_0EM4u000001rAVB.png) + ![User-added image](./images/ka04u000000HdFy_0EM4u000001rAVB.png) 7. Click either the **Selected** button to export the checked items or the **All** button to export all term sets found in the term store. 8. Name and save the XML file when the **Save As** window appears. diff --git a/docs/kb/dataclassification/how-to-configure-granular-permissions-for-a-service-account.md b/docs/kb/dataclassification/how-to-configure-granular-permissions-for-a-service-account.md index f2e22713c4..433b49107f 100644 --- a/docs/kb/dataclassification/how-to-configure-granular-permissions-for-a-service-account.md +++ b/docs/kb/dataclassification/how-to-configure-granular-permissions-for-a-service-account.md @@ -42,6 +42,6 @@ To configure granular permissions for a Service Account: 3. Add Write permissions to the index files' location (NTFS Permissions). The index files' location can be looked up in `conceptConfig.exe` in `C:\inetpub\wwwroot\NDC\bin`: - ![index_files_location.png](images/ka0Qk0000005NaH_0EM4u000008LGlJ.png) + ![index_files_location.png](./images/ka0Qk0000005NaH_0EM4u000008LGlJ.png) > **TIP:** In some instances, the Netwrix Data Classification Service Viewer Utility won't work correctly if the service account is not a member of the Local Administrators group on the Netwrix Data Classification server. In this case, you should use the **Service Viewer** built into the web UI. diff --git a/docs/kb/dataclassification/how-to-crawl-a-website-that-does-not-require-credentials.md b/docs/kb/dataclassification/how-to-crawl-a-website-that-does-not-require-credentials.md index 5753ed7991..6812bfe905 100644 --- a/docs/kb/dataclassification/how-to-crawl-a-website-that-does-not-require-credentials.md +++ b/docs/kb/dataclassification/how-to-crawl-a-website-that-does-not-require-credentials.md @@ -84,4 +84,4 @@ This error is gone after adding a specific line in the **Collector Using Agent** Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Sa ``` -![User-added image](images/ka0Qk000000DiGA_0EM4u000008pbhE.png) +![User-added image](./images/ka0Qk000000DiGA_0EM4u000008pbhE.png) diff --git a/docs/kb/dataclassification/how-to-migrate-netwrix-data-classification-to-another-server.md b/docs/kb/dataclassification/how-to-migrate-netwrix-data-classification-to-another-server.md index 9b531f5650..aa0165e274 100644 --- a/docs/kb/dataclassification/how-to-migrate-netwrix-data-classification-to-another-server.md +++ b/docs/kb/dataclassification/how-to-migrate-netwrix-data-classification-to-another-server.md @@ -31,7 +31,7 @@ This article describes how to change or replace the server on which Netwrix Data 1. Stop/disable **all NDC services** on the application server (**conceptClassifier, conceptIndexer, conceptCollector**). - ![User-added image](images/ka0Qk0000007H0v_0EM4u000002Qwyh.png) + ![User-added image](./images/ka0Qk0000007H0v_0EM4u000002Qwyh.png) > **NOTE:** You can also disable the NDC services using the **Service Viewer** located at: `C:\Program Files\ConceptSearching\ServiceViewer` (by default). diff --git a/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md b/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md index eac05700f5..040a420a39 100644 --- a/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md +++ b/docs/kb/dataclassification/how-to-migrate-the-netwrix-data-classification-database.md @@ -65,7 +65,7 @@ Follow these steps to migrate the Netwrix Data Classification database: > **IMPORTANT:** If you are using the Windows Authentication method, verify that the user has the `db_owner` role assigned in the Netwrix Data Classification database. Alternatively, run `conceptConfig.exe` using the service account. - ![conceptConfig.exe configuration window with database server and credentials fields visible](images/ka0Qk0000005157_0EMQk000006Wq6T.png) + ![conceptConfig.exe configuration window with database server and credentials fields visible](./images/ka0Qk0000005157_0EMQk000006Wq6T.png) 5. Open the **Service Viewer** and start all three Netwrix Data Classification services. The default path is: diff --git a/docs/kb/dataclassification/how-to-set-up-single-sign-on-via-microsoft-entra-id-authentication.md b/docs/kb/dataclassification/how-to-set-up-single-sign-on-via-microsoft-entra-id-authentication.md index 960fb9dccd..2cdad08331 100644 --- a/docs/kb/dataclassification/how-to-set-up-single-sign-on-via-microsoft-entra-id-authentication.md +++ b/docs/kb/dataclassification/how-to-set-up-single-sign-on-via-microsoft-entra-id-authentication.md @@ -41,7 +41,7 @@ How can you set up single sign-on (SSO) for Netwrix Data Classification (NDC) vi > **NOTE:** Make sure to check the **Superuser** checkbox. - ![Add user Superuser screenshot](images/ka0Qk0000004LM1_0EMQk000005O4sP.png) + ![Add user Superuser screenshot](./images/ka0Qk0000004LM1_0EMQk000005O4sP.png) 4. Visit the App registrations menu in your Microsoft Azure Portal to register an application: https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps @@ -51,7 +51,7 @@ How can you set up single sign-on (SSO) for Netwrix Data Classification (NDC) vi 4. Copy the **Application (Client) ID** of the newly created application. 5. Select your application and open the **Authentication** tab in the left pane. - ![Authentication tab screenshot](images/ka0Qk0000004LM1_0EMQk000005O4u1.png) + ![Authentication tab screenshot](./images/ka0Qk0000004LM1_0EMQk000005O4u1.png) 6. Check the **ID tokens (used for implicit and hybrid flows)** checkbox and click **Save**. @@ -64,7 +64,7 @@ How can you set up single sign-on (SSO) for Netwrix Data Classification (NDC) vi ``` -![web.config snippet screenshot](images/ka0Qk0000004LM1_0EMQk000005O4qo.png) +![web.config snippet screenshot](./images/ka0Qk0000004LM1_0EMQk000005O4qo.png) > **NOTE:** Replace the **Application (Client) ID** with the one copied previously and the `tenantname.onmicrosoft.com` with your tenant's name. diff --git a/docs/kb/dataclassification/how-to-update-service-account-password.md b/docs/kb/dataclassification/how-to-update-service-account-password.md index dd5a3edf87..67944ebb17 100644 --- a/docs/kb/dataclassification/how-to-update-service-account-password.md +++ b/docs/kb/dataclassification/how-to-update-service-account-password.md @@ -50,7 +50,7 @@ Check for the current Netwrix Data Classification version on any of the Netwrix 3. Right click a service with the **Running** status and select **Stop**. > TIP: you can change startup type to **Manual**, so then they don’t startup on their own: - > ![User-added image](images/ka0Qk000000Codl_0EM4u000008Liup.png) + > ![User-added image](./images/ka0Qk000000Codl_0EM4u000008Liup.png) 3. In the **Services** window, scroll down to find the following services: - NDC Classifier @@ -58,7 +58,7 @@ Check for the current Netwrix Data Classification version on any of the Netwrix - NDC Indexer 4. For each service, do the following: - ![Picture2.png](images/ka0Qk000000Codl_0EM4u000008LhoR.png) + ![Picture2.png](./images/ka0Qk000000Codl_0EM4u000008LhoR.png) 1. Right click a service name, select **Properties** and go to the **Log on** tab. 2. Enter new password. 3. Click on **Apply**. @@ -73,24 +73,24 @@ Check for the current Netwrix Data Classification version on any of the Netwrix > **Fresh install of v5.7.x.x**: NDCAppPool 3. Click on the application and then on the right pane, click on **Advanced Settings**. - ![Picture3.png](images/ka0Qk000000Codl_0EM4u000008LhrQ.png) + ![Picture3.png](./images/ka0Qk000000Codl_0EM4u000008LhrQ.png) 6. Once you are in the **Advanced Settings**, go to **Process Model** > **Identity** > **...** - ![Picture4.png](images/ka0Qk000000Codl_0EM4u000008Lhog.png) + ![Picture4.png](./images/ka0Qk000000Codl_0EM4u000008Lhog.png) 7. In the **Application Pool Identity** window do the following: 1. Click on **Set**. 2. Enter new credentials (always enter your domain before the user as not doing so can cause problems later). 3. Click on **OK**. - ![Picture5.png](images/ka0Qk000000Codl_0EM4u000008Lhol.png) + ![Picture5.png](./images/ka0Qk000000Codl_0EM4u000008Lhol.png) 8. Since you are in the IIS, head into your Netwrix Data Classification webpage by doing the following: 1. Expand the **Sites** folder. 2. Expand **Default Web Site** then click on **NDC2** or **ConceptQS**. 3. Click on **Browse** on the right pane. - ![Picture6.png](images/ka0Qk000000Codl_0EM4u000008LhrV.png) + ![Picture6.png](./images/ka0Qk000000Codl_0EM4u000008LhrV.png) Result: the Netwrix Data Classification's **System Dashboard** section appears: - ![Picture7.png](images/ka0Qk000000Codl_0EM4u000008Lhrk.png) + ![Picture7.png](./images/ka0Qk000000Codl_0EM4u000008Lhrk.png) > IMPORTANT: follow the steps below if only you have setup the same Service Account for more than just the services such as SQL Access or SQL Server Instance Services @@ -102,12 +102,12 @@ Check for the current Netwrix Data Classification version on any of the Netwrix 1. Open the `conceptindexer` folder. 2. To sort documents, click **Type** once. 3. Open the `ConceptConfig.exe` file. - ![Picture8.png](images/ka0Qk000000Codl_0EM4u000008Lhp0.png) + ![Picture8.png](./images/ka0Qk000000Codl_0EM4u000008Lhp0.png) 11. In the **Netwrix Data Classification: Database Configuration** window, proceed as follows: 1. Change user password. 2. Click on **Test Connection** to have Netwrix Data Classification try to connect with your new credentials. - ![Picture9.png](images/ka0Qk000000Codl_0EM4u000008LhpP.png) + ![Picture9.png](./images/ka0Qk000000Codl_0EM4u000008LhpP.png) Result: a dialog window with the **Connection Test Succeeded** message appears. 12. Repeat for the other service folder. diff --git a/docs/kb/dataclassification/import-terms-sets-from-an-xml-file-using-concepttermstoremanager.md b/docs/kb/dataclassification/import-terms-sets-from-an-xml-file-using-concepttermstoremanager.md index e9e209b85d..733ff44323 100644 --- a/docs/kb/dataclassification/import-terms-sets-from-an-xml-file-using-concepttermstoremanager.md +++ b/docs/kb/dataclassification/import-terms-sets-from-an-xml-file-using-concepttermstoremanager.md @@ -30,19 +30,19 @@ Import a term set structure from an XML file via the `conceptTermStoreManager` u 1. Navigate to `C:\inetpub\wwwroot\conceptQS\bin\conceptTermStoreManager.exe`. 2. Run the `conceptTermStoreManager.exe` and observe the following screen: - ![User-added image](images/ka04u000000HdFz_0EM4u000001rATU.png) + ![User-added image](./images/ka04u000000HdFz_0EM4u000001rATU.png) 3. Click the **Import** button to import a term set structure from an XML file. 4. Enter the location of the XML file and the destination term store: - ![User-added image](images/ka04u000000HdFz_0EM4u000001rAU8.png) + ![User-added image](./images/ka04u000000HdFz_0EM4u000001rAU8.png) - This example uses an Office 365 destination. 5. Click **Next**. 6. Check the boxes of the term sets you wish to import. 7. For each term set, use the drop down list to select a desired **Action**: - ![User-added image](images/ka04u000000HdFz_0EM4u000001rAUS.png) + ![User-added image](./images/ka04u000000HdFz_0EM4u000001rAUS.png) - In this example, the **Regions** term set will be merged with the existing term set in the **Taxonomies** term group. 8. Click **Next**. 9. Review the summary on the final page: - ![User-added image](images/ka04u000000HdFz_0EM4u000001rAVQ.png) + ![User-added image](./images/ka04u000000HdFz_0EM4u000001rAVQ.png) - If you wish to ensure terms not found in the source are removed from the destination (`Matching GUID`), check the **Process Deletions** box. - If you wish to prevent any changes from occurring in the destination, check the **Report Only** box. - Any changes that would have been made to term sets will be logged to the individual term sets logs, which are visible by clicking the **View Log File** link. diff --git a/docs/kb/dataclassification/netwrix-data-classification-collector-indexer-and-classifier-threads.md b/docs/kb/dataclassification/netwrix-data-classification-collector-indexer-and-classifier-threads.md index 8a108f8c0f..8427f8b80f 100644 --- a/docs/kb/dataclassification/netwrix-data-classification-collector-indexer-and-classifier-threads.md +++ b/docs/kb/dataclassification/netwrix-data-classification-collector-indexer-and-classifier-threads.md @@ -41,7 +41,7 @@ The **Collector Threads** slider allows you to set the number of concurrent thre You can set the Collector Threads value in the **NDC Management Web Console** at `http://localhost/conceptQS/Configuration`. -![Collector Threads slider in the NDC Management Web Console configuration page](images/ka0Qk000000FgmvIAC.jpeg) +![Collector Threads slider in the NDC Management Web Console configuration page](./images/ka0Qk000000FgmvIAC.jpeg) > **NOTE:** If you notice a decrease in processing capacity, set the **Collector Threads** slider to `0` to enable dynamic allocation. diff --git a/docs/kb/dataclassification/service-account-password-reset-for-netwrix-data-classification.md b/docs/kb/dataclassification/service-account-password-reset-for-netwrix-data-classification.md index b8d8595ee3..16da0fa323 100644 --- a/docs/kb/dataclassification/service-account-password-reset-for-netwrix-data-classification.md +++ b/docs/kb/dataclassification/service-account-password-reset-for-netwrix-data-classification.md @@ -28,7 +28,7 @@ After resetting the service account password for Netwrix Data Classification the ## Services -![User-added image](images/ka0Qk000000455x_0EM4u000001rDFz.png) +![User-added image](./images/ka0Qk000000455x_0EM4u000001rDFz.png) Update the **Logon As** value for each of the services listed above to reflect the password change. @@ -46,7 +46,7 @@ Open IIS and click **Application Pools** on the left-hand pane. Right-click on t Find the **Identity** and update the password to match the new password for the account, then restart the application pool. -![User-added image](images/ka0Qk000000455x_0EM4u000001rDGn.png) +![User-added image](./images/ka0Qk000000455x_0EM4u000001rDGn.png) ## Taxonomy Global Settings diff --git a/docs/kb/dataclassification/synchronizing-term-sets-using-the-concepttermstoragemanager.md b/docs/kb/dataclassification/synchronizing-term-sets-using-the-concepttermstoragemanager.md index 22a1d5af27..6dbcf0ea64 100644 --- a/docs/kb/dataclassification/synchronizing-term-sets-using-the-concepttermstoragemanager.md +++ b/docs/kb/dataclassification/synchronizing-term-sets-using-the-concepttermstoragemanager.md @@ -31,18 +31,18 @@ Synchronize term set structures between two SharePoint instances via the concept 1. Navigate to `C:\inetpub\wwwroot\conceptQS\bin\conceptTermStoreManager.exe` 2. Run the `conceptTermStoreManager.exe` and observe the following screen: - - ![User-added image](images/ka04u000000HdG0_0EM4u000001rAVf.png) + - ![User-added image](./images/ka04u000000HdG0_0EM4u000001rAVf.png) 3. Click the **Synchronise** box 4. Enter the **Source SharePoint farm** and **Destination SharePoint farm** URLs 5. Provide credentials that have access to the Term Store 6. Click **Next** 7. Check the boxes for each desired term set 8. Use the drop down box to select an action - - ![User-added image](images/ka04u000000HdG0_0EM4u000001rAVp.png) + - ![User-added image](./images/ka04u000000HdG0_0EM4u000001rAVp.png) - In this example, the **Regions** term set will be merged into the existing term sets in the **Taxonomies** term group 9. Click **Next** 10. Review the summary on the final page - - ![User-added image](images/ka04u000000HdG0_0EM4u000001rAW9.png) + - ![User-added image](./images/ka04u000000HdG0_0EM4u000001rAW9.png) - If you wish to ensure terms not found in the source are removed from the destination (Matching GUID), check the **Process Deletions** box - If you wish to prevent any changes from occurring in the destination, check the **Report Only** box - Any changes that would have been made to term sets will be logged to the individual term sets logs, which are visible by clicking the **View Log File** link. diff --git a/docs/kb/dataclassification/using-sharepoint-modern-authentication.md b/docs/kb/dataclassification/using-sharepoint-modern-authentication.md index d2c3b587b1..cbffc8244b 100644 --- a/docs/kb/dataclassification/using-sharepoint-modern-authentication.md +++ b/docs/kb/dataclassification/using-sharepoint-modern-authentication.md @@ -44,11 +44,11 @@ To register a new application, do the following: 2. Search for and select the **Microsoft Entra admin center**. 3. Under the Azure Directory select the **App registrations** section. 4. Select **New registration**. - ![Picture1.png](images/ka0Qk0000000wyT_0EM4u000004dBat.png) + ![Picture1.png](./images/ka0Qk0000000wyT_0EM4u000004dBat.png) 5. In the **Name** field, enter the application name. 6. In the **Supported account types** select who can use this application – use the **Accounts in this organizational directory only** option. 7. Click the **Register** button. - ![Picture2.png](images/ka0Qk0000000wyT_0EM4u000004dBay.png) + ![Picture2.png](./images/ka0Qk0000000wyT_0EM4u000004dBay.png) **NOTE**: Application redirect URL is optional; you can leave it blank on this step. 8. Copy your application ID from the **Overview** section to a safe location. @@ -74,7 +74,7 @@ Do the following: When found, click on the entry and proceed with adding the nec - `Sites.FullControl.All` (Crawling) - `TermStore.ReadWrite.All` (Term Set access) **NOTE**: For taxonomy manager to fully operate you must also make the user `app@sharepoint` a taxonomy admin (or group admin) - ![Picture3.png](images/ka0Qk0000000wyT_0EM4u000004dBb3.png) + ![Picture3.png](./images/ka0Qk0000000wyT_0EM4u000004dBb3.png) 5. Click **Add permissions**. ## Step 4: Configuring Certificates & Secrets diff --git a/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md b/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md index cb97eaaee8..35ef1ad34f 100644 --- a/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md +++ b/docs/kb/dataclassification/workflow-isn-t-running-or-is-running-unexpectedly.md @@ -36,7 +36,7 @@ This article offers step-by-step guidance for resolving common workflow issues. - **Failed to run the workflow** – A basic error message will be displayed that may assist you with troubleshooting the issue. If it doesn't give enough details, then enable workflow trace logging and reclassify the document. Check the Windows Event Logs for details of any issues. - - **No attempts to run the workflow** – Check that the conditions are configured correctly for the workflow and workflow rule. If the workflow and workflow rules are configured correctly, then check the classifications of the document. If the classifications aren't as expected, then please reference the following documentation for the troubleshooting steps: [Classification Troubleshooting](/docs/kb/dataclassification/classification-troubleshooting.md) + - **No attempts to run the workflow** – Check that the conditions are configured correctly for the workflow and workflow rule. If the workflow and workflow rules are configured correctly, then check the classifications of the document. If the classifications aren't as expected, then please reference the following documentation for the troubleshooting steps: [Classification Troubleshooting](/docs/kb/dataclassification/classification-troubleshooting) 3. Filter the workflow logs and check if there are other workflows being run for the document. Workflows run in a priority order. If there is more than one migration action, then the second migration will fail as the document has already been moved. @@ -46,4 +46,4 @@ This typically means that the document has a classification that isn't expected 1. Check the workflow rule conditions. Pay attention to the parameters. Learn more about rule configuration and description of classification rules: https://docs.netwrix.com/docs/dataclassification/5_7 (Configure a Workflow using Advanced dialog ⸱ v5.7) -2. Check the document's classifications. If there is a classification that is not intended, then reference the following documentation for troubleshooting steps: [Classification Troubleshooting](/docs/kb/dataclassification/classification-troubleshooting.md) +2. Check the document's classifications. If there is a classification that is not intended, then reference the following documentation for troubleshooting steps: [Classification Troubleshooting](/docs/kb/dataclassification/classification-troubleshooting) diff --git a/docs/kb/directorymanager/add-active-directory-attribute-to-replication-schema.md b/docs/kb/directorymanager/add-active-directory-attribute-to-replication-schema.md index 6b22122b40..5dc47404dd 100644 --- a/docs/kb/directorymanager/add-active-directory-attribute-to-replication-schema.md +++ b/docs/kb/directorymanager/add-active-directory-attribute-to-replication-schema.md @@ -43,11 +43,11 @@ Add new or custom Active Directory (AD) attributes to the Netwrix Directory Mana 1. Identify the custom or existing AD attribute that is missing from roles, filters, or Smart Group criteria in Netwrix Directory Manager. 2. Log in to the Netwrix Directory Manager Admin Centre. 3. In the navigation pane, select the **Identity Stores** tab. Click the three-dot icon next to the required identity store, and select **Edit**. - ![Options menu for Identity Store in Directory Manager 11](images/ka0Qk000000EMa9_0EMQk00000BZenT.png) + ![Options menu for Identity Store in Directory Manager 11](./images/ka0Qk000000EMa9_0EMQk00000BZenT.png) 4. In the **Settings** pane, locate **Schedules**. Find the **Schema Replication** schedule, click the three-dot icon and select **Run**. - ![Running the Schema Replication schedule in Directory Manager 11](images/ka0Qk000000EMa9_0EMQk00000BZfd5.png) + ![Running the Schema Replication schedule in Directory Manager 11](./images/ka0Qk000000EMa9_0EMQk00000BZfd5.png) 5. Wait five to ten minutes for the schema replication to complete. 6. In the **Settings** pane, select the **Replication** tab. Click **Add Replication Attributes**. - ![Add Replication Attributes in Replication Settings in Directory Manager 11](images/ka0Qk000000EMa9_0EMQk00000BZgCY.png) + ![Add Replication Attributes in Replication Settings in Directory Manager 11](./images/ka0Qk000000EMa9_0EMQk00000BZgCY.png) 7. In the prompt, search for the new or missing attribute, select it, and click **Save**. - ![Searching for attributes in Replication Settings in Directory Manager 11](images/ka0Qk000000EMa9_0EMQk00000BZgUI.png) + ![Searching for attributes in Replication Settings in Directory Manager 11](./images/ka0Qk000000EMa9_0EMQk00000BZgUI.png) diff --git a/docs/kb/directorymanager/adjust-heap-size-for-elasticsearch-service.md b/docs/kb/directorymanager/adjust-heap-size-for-elasticsearch-service.md index efc002a0dd..af8b82ac42 100644 --- a/docs/kb/directorymanager/adjust-heap-size-for-elasticsearch-service.md +++ b/docs/kb/directorymanager/adjust-heap-size-for-elasticsearch-service.md @@ -50,7 +50,7 @@ It is recommended to set both values to the same amount to maintain performance > **NOTE:** Make sure both `Xms` and `Xmx` values are the same. -5. ![Registry Editor showing Xms and Xmx heap size parameters for Elasticsearch](images/ka0Qk000000Dv0T_0EMQk00000BSBWr.png) +5. ![Registry Editor showing Xms and Xmx heap size parameters for Elasticsearch](./images/ka0Qk000000Dv0T_0EMQk00000BSBWr.png) 6. Close the **Registry Editor** after saving the changes. 7. Restart the **GroupIDElasticSearchService11** service for the changes to take effect. diff --git a/docs/kb/directorymanager/asset-export-utility-configuration.md b/docs/kb/directorymanager/asset-export-utility-configuration.md index d439e0be80..a368149e62 100644 --- a/docs/kb/directorymanager/asset-export-utility-configuration.md +++ b/docs/kb/directorymanager/asset-export-utility-configuration.md @@ -41,27 +41,27 @@ This article provides step-by-step instructions for migrating schedules and sync 3. Select the schedules and synchronize jobs to export. 4. Click **Export** and select a folder to save the exported assets. -![Asset Export utility main screen on Directory Manager 10](images/ka0Qk0000004nIH_0EMQk000004nICn.png) ![Selecting schedules and synchronize jobs for export](images/ka0Qk0000004nIH_0EMQk000004nICo.png) ![Export folder selection dialog](images/ka0Qk0000004nIH_0EMQk000004nICp.png) +![Asset Export utility main screen on Directory Manager 10](./images/ka0Qk0000004nIH_0EMQk000004nICn.png) ![Selecting schedules and synchronize jobs for export](./images/ka0Qk0000004nIH_0EMQk000004nICo.png) ![Export folder selection dialog](./images/ka0Qk0000004nIH_0EMQk000004nICp.png) ### Provide the Encryption Key 1. When prompted, enter the encryption key (passphrase) used for database encryption in Directory Manager 10. The key must match the one used in Directory Manager 10 SR 2. -![Encryption key entry screen in Asset Export utility](images/ka0Qk0000004nIH_0EMQk000004nICq.png) +![Encryption key entry screen in Asset Export utility](./images/ka0Qk0000004nIH_0EMQk000004nICq.png) ### Copy Required Folders to Directory Manager 11 Server - Copy the default installation folder of Directory Manager 10 to the Directory Manager 11 server. -![Default installation folder location for Directory Manager 10](images/ka0Qk0000004nIH_0EMQk000004nICr.png) +![Default installation folder location for Directory Manager 10](./images/ka0Qk0000004nIH_0EMQk000004nICr.png) - Copy the `ProgramData` location to the Directory Manager 11 server for synchronize jobs. -![ProgramData folder for synchronize jobs](images/ka0Qk0000004nIH_0EMQk000004nICs.png) +![ProgramData folder for synchronize jobs](./images/ka0Qk0000004nIH_0EMQk000004nICs.png) - Copy the `Reports` folder in ProgramData to the Directory Manager 11 server. -![Reports folder in ProgramData on Directory Manager 11 server](images/ka0Qk0000004nIH_0EMQk000004nICt.png) +![Reports folder in ProgramData on Directory Manager 11 server](./images/ka0Qk0000004nIH_0EMQk000004nICt.png) > **NOTE:** The `schedules` and `synchronize job` folders should be empty (the Asset Export utility will import these files). However, for the `Reports` folder, copy reports from the Directory Manager 10 server for the respective schedules upgrade. @@ -73,7 +73,7 @@ This article provides step-by-step instructions for migrating schedules and sync 4. The schedules and synchronize jobs will be imported into the respective folders on the Directory Manager 11 server. 5. After import, run the upgrade on the Directory Manager 11 server. -![Asset Export utility import screen on Directory Manager 11](images/ka0Qk0000004nIH_0EMQk000004nICu.png) ![Import progress screen](images/ka0Qk0000004nIH_0EMQk000004nICv.png) ![Imported schedules and synchronize jobs in Directory Manager 11](images/ka0Qk0000004nIH_0EMQk000004nICw.png) ![Upgrade process on Directory Manager 11 server](images/ka0Qk0000004nIH_0EMQk000004nICx.png) +![Asset Export utility import screen on Directory Manager 11](./images/ka0Qk0000004nIH_0EMQk000004nICu.png) ![Import progress screen](./images/ka0Qk0000004nIH_0EMQk000004nICv.png) ![Imported schedules and synchronize jobs in Directory Manager 11](./images/ka0Qk0000004nIH_0EMQk000004nICw.png) ![Upgrade process on Directory Manager 11 server](./images/ka0Qk0000004nIH_0EMQk000004nICx.png) ## Related Links diff --git a/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md b/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md index 19504baa34..13517adea4 100644 --- a/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md +++ b/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md @@ -81,17 +81,17 @@ These practices make use of workflows, access controls, and alerts to offer fool ### Related Articles: -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) -- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md) +- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group) -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) -- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md) +- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage) - [Directory Manager Workflows](https://docs.netwrix.com/docs/directorymanager/11_0/signin/workflow/overview) diff --git a/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md b/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md index 2ca14d6791..46f9a2b160 100644 --- a/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md +++ b/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md @@ -37,14 +37,14 @@ Netwrix Directory Manager uses an RBAC model through which you can define Securi For more information on how to set up a limit on the search scope for a particular Security Role, visit the following KB article: -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) ### Using Security Roles to Specify Specific Area Where Groups Can be Created or Have a Fixed and Hidden Path. In Netwrix Directory Manager, you can apply policies to security roles so that role members use Netwrix Directory Manager in keeping with the policy restrictions. Netwrix Directory Manager’s New Object policy enables you to restrict role members to create new groups in a specific OU only. For more information on how to set up a New Object policy for specific security roles, visit the following KB article: -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) ### Importing Membership via Netwrix Directory Manager Bulk Membership Import Feature for Groups Many times, organizations create groups (Security and Distribution) in advance, i.e., before the actual usage of groups. To avoid any critical information being leaked out, it is recommended that such groups be created without populating membership upon creation. @@ -53,21 +53,21 @@ Instead, you can use the **Bulk Import Membership** feature of Netwrix Directory In Netwrix Directory Manager, bulk import of memberships is possible using the Import Wizard available in the Netwrix Directory Manager Portal. The following KB article provides step-by-step instructions to bulk import members into a group: -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) ### Creating Smart Group Without Updating Memberships Another way to ensure that the group memberships do not update beforehand, if a group has been created in advance, is by just previewing the query results of a Smart group without updating the group memberships. A query-based dynamic *smart group* is one whose membership is determined by the supplied criteria. The results can be previewed but not acted upon until needed. Keeping out of the update schedule ensures that membership updates only occur when you manually trigger them. -![User-added image](images/ka0Qk000000Dg6H_0EMQk000001iOqr.png) +![User-added image](./images/ka0Qk000000Dg6H_0EMQk000001iOqr.png) ### Keep Group Hidden from GAL Until it is Ready to be Used Keeping a group and its membership hidden from discoverability by external tools like Outlook can also help you comply with organizational policies for ensuring secrecy. Using the Netwrix Directory Manager Portal, if a mail-enabled group is created, you can hide the group and its membership from the Address Book and GAL in the following way: -![User-added image](images/ka0Qk000000Dg6H_0EMQk000001iOsT.png) +![User-added image](./images/ka0Qk000000Dg6H_0EMQk000001iOsT.png) ### Selecting Appropriate Security Type for Groups During the creation of a group via the Netwrix Directory Manager Portal, you can designate the security type as Private, Semi-Private, or Public. This classification, serving as a pseudo attribute within Netwrix Directory Manager, governs the permission levels for joining the group. It is always recommended to choose Private as the Security Type for sensitive groups. @@ -81,7 +81,7 @@ It is always recommended to ensure/limit the inflow of email messages received b To set Delivery Restrictions via the Netwrix Directory Manager portal, simply search for the group and navigate to the **Delivery Restriction** tab in **Group Properties**. -![User-added image](images/ka0Qk000000Dg6H_0EMQk000001iOu5.png) +![User-added image](./images/ka0Qk000000Dg6H_0EMQk000001iOu5.png) ### Setting up Approver Workflows for the Creation of New Groups One of the most efficient methods to effectively manage the number and quality of groups being created by end users is the implementation of a continuous monitoring process where admins can approve the group being created. @@ -97,17 +97,17 @@ Another way to ensure that no unauthorized message is sent to critical groups is For more information on customization to the portal, visit the following KB article: -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) ### Other Best Practices to Improve Compliance. In addition to the above-mentioned best practices for making sure the production environment is secure and compliant with company policy, visit the following KB article to learn about best practices for controlling changes to group memberships after creation: -- [Best Practices for Controlling Changes to Group Membership](/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership.md) +- [Best Practices for Controlling Changes to Group Membership](/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership) ## Related Articles: -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) -- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md) -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) +- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) diff --git a/docs/kb/directorymanager/bulk-export-and-sort-all-smart-groups-and-dynasties.md b/docs/kb/directorymanager/bulk-export-and-sort-all-smart-groups-and-dynasties.md index f301b8ce4e..0ead9a8ab0 100644 --- a/docs/kb/directorymanager/bulk-export-and-sort-all-smart-groups-and-dynasties.md +++ b/docs/kb/directorymanager/bulk-export-and-sort-all-smart-groups-and-dynasties.md @@ -54,8 +54,8 @@ Get-SmartGroup | select DisplayName, ManagedGroupType | Sort-Object ManagedGroup > **NOTE:** You can change the export directory by updating the file path in the cmdlet (for example, `D:\exports\list.csv`). -![Exported CSV file example](images/ka0Qk000000DvA9_0EMQk00000BSFdi.png) -![Directory Manager Management Shell output](images/ka0Qk000000DvA9_0EMQk00000BSG3V.png) +![Exported CSV file example](./images/ka0Qk000000DvA9_0EMQk00000BSFdi.png) +![Directory Manager Management Shell output](./images/ka0Qk000000DvA9_0EMQk00000BSG3V.png) 5. To retrieve additional details, you can append more attributes to the cmdlet. Example attributes include: - `smartGroupType` diff --git a/docs/kb/directorymanager/bulk-update-smart-group-object-types.md b/docs/kb/directorymanager/bulk-update-smart-group-object-types.md index 90efad2371..c2733e0ea1 100644 --- a/docs/kb/directorymanager/bulk-update-smart-group-object-types.md +++ b/docs/kb/directorymanager/bulk-update-smart-group-object-types.md @@ -37,7 +37,7 @@ Use the Directory Manager Management Shell in Netwrix Directory Manager to bulk Get-SmartGroup -SearchContainer "Distinguished Name of Organizational Unit" -SmartFilter "(IMSGManagedGroupType=2)" | Set-SmartGroup -ObjectTypes "1","2","3" ``` -![PowerShell command to update Smart Group object types in Netwrix Directory Manager Management Shell](images/ka0Qk000000EZ5x_0EMQk00000Bu2Dh.png) +![PowerShell command to update Smart Group object types in Netwrix Directory Manager Management Shell](./images/ka0Qk000000EZ5x_0EMQk00000Bu2Dh.png) 4. This command updates all Smart Groups in the specified OU to include the following object types: - Users with Mailboxes diff --git a/docs/kb/directorymanager/change-log-level-from-error-to-debug-v11.md b/docs/kb/directorymanager/change-log-level-from-error-to-debug-v11.md index 005d6f700a..10f32d987c 100644 --- a/docs/kb/directorymanager/change-log-level-from-error-to-debug-v11.md +++ b/docs/kb/directorymanager/change-log-level-from-error-to-debug-v11.md @@ -38,7 +38,7 @@ By default, Netwrix Directory Manager records only critical errors in its logs. 5. Select **Logging**. 6. Set both **File Logging** and **Windows Logging** to **Debug** using the dropdown lists. 7. Click **Save** to apply the changes. - ![Logging settings in Netwrix Directory Manager application](images/ka0Qk000000EPRZ_0EMQk00000BbJji.png) + ![Logging settings in Netwrix Directory Manager application](./images/ka0Qk000000EPRZ_0EMQk00000BbJji.png) 8. Repeat these steps for each of the following applications: - Replication Service - Admin Center @@ -48,6 +48,6 @@ By default, Netwrix Directory Manager records only critical errors in its logs. - Mobile Service - Scheduler Service -![List of Netwrix Directory Manager services for log configuration](images/ka0Qk000000EPRZ_0EMQk00000BbINr.png) +![List of Netwrix Directory Manager services for log configuration](./images/ka0Qk000000EPRZ_0EMQk00000BbINr.png) 9. Once complete, Netwrix Directory Manager will capture detailed logs for better system monitoring and troubleshooting. diff --git a/docs/kb/directorymanager/change-self-service-portal-url-in-workflow-email-notifications.md b/docs/kb/directorymanager/change-self-service-portal-url-in-workflow-email-notifications.md index e8f1dbe622..e9102a7315 100644 --- a/docs/kb/directorymanager/change-self-service-portal-url-in-workflow-email-notifications.md +++ b/docs/kb/directorymanager/change-self-service-portal-url-in-workflow-email-notifications.md @@ -37,7 +37,7 @@ If you change the hostname for the Netwrix Directory Manager (formerly GroupID) 2. On the **Identity Stores** tab, click the three-dot icon next to the relevant identity store and select **Edit**. 3. Click the **Workflows** tab. Select the workflow for which you want to change the portal URL and click **Edit**. To change the URL in email notifications that alert group owners to approve or deny membership requests, select **Workflow to Join a Group**. - ![Editing a workflow in Directory Manager 11](images/ka0Qk000000EMbl_0EMQk00000Ba629.png) + ![Editing a workflow in Directory Manager 11](./images/ka0Qk000000EMbl_0EMQk00000Ba629.png) 4. In the **Portal URL** box, select the portal URL you want to use. - ![Selecting the Portal URL in Directory Manager 11](images/ka0Qk000000EMbl_0EMQk00000Ba65N.png) + ![Selecting the Portal URL in Directory Manager 11](./images/ka0Qk000000EMbl_0EMQk00000Ba65N.png) 5. Click **Update Workflow** and save your changes. The email notifications for this workflow will now include the specified portal URL. Repeat these steps for each workflow as needed. diff --git a/docs/kb/directorymanager/change-the-default-dynasty-operator.md b/docs/kb/directorymanager/change-the-default-dynasty-operator.md index 884881ae3d..d0f5f1bda7 100644 --- a/docs/kb/directorymanager/change-the-default-dynasty-operator.md +++ b/docs/kb/directorymanager/change-the-default-dynasty-operator.md @@ -63,15 +63,15 @@ You can update the default Dynasty grouping behavior when creating a new Dynasty 1. When creating a new Dynasty, continue through the wizard until you reach the **Dynasty Options** window. 2. Select the attribute you want to group by and click **Edit**. In the **GroupBy settings** dialog, click **Filter**. - ![Dynasty Options in Dynasty Creation Wizard - Netwrix Directory Manager 10](images/ka0Qk000000DUI2_0EMQk000009t78Z.png) + ![Dynasty Options in Dynasty Creation Wizard - Netwrix Directory Manager 10](./images/ka0Qk000000DUI2_0EMQk000009t78Z.png) - ![Dynasty Options in Dynasty Creation Wizard - Netwrix Directory Manager 11](images/ka0Qk000000DUI2_0EMQk000009tEWb.png) + ![Dynasty Options in Dynasty Creation Wizard - Netwrix Directory Manager 11](./images/ka0Qk000000DUI2_0EMQk000009tEWb.png) 3. To change the default operator, choose **Left** and enter the desired number of characters if using **Starts with**. Choose **Right** to switch to **Ends with**. - ![Filter Options in Netwrix Directory Manager 10](images/ka0Qk000000DUI2_0EMQk000009tETN.png) + ![Filter Options in Netwrix Directory Manager 10](./images/ka0Qk000000DUI2_0EMQk000009tETN.png) - ![Filter Options in Netwrix Directory Manager 11](images/ka0Qk000000DUI2_0EMQk000009tEUz.png) + ![Filter Options in Netwrix Directory Manager 11](./images/ka0Qk000000DUI2_0EMQk000009tEUz.png) 4. After saving your changes, the Dynasty will reflect the updated grouping behavior. @@ -81,10 +81,10 @@ You can update the default Dynasty grouping behavior when creating a new Dynasty 2. Navigate to the **Netwrix Directory Manager** tab and click **Options**. 3. Follow steps 2 and 3 in the **Creating a New Dynasty** section above to configure and apply the GroupBy filter. - ![Dynasty Option in an existing parent dynasty in Netwrix Directory Manager 10](images/ka0Qk000000DUI2_0EMQk000009t4Na.png) + ![Dynasty Option in an existing parent dynasty in Netwrix Directory Manager 10](./images/ka0Qk000000DUI2_0EMQk000009t4Na.png) - ![Dynasty Option in an existing parent dynasty in Netwrix Directory Manager 11](images/ka0Qk000000DUI2_0EMQk000009tEI7.png) + ![Dynasty Option in an existing parent dynasty in Netwrix Directory Manager 11](./images/ka0Qk000000DUI2_0EMQk000009tEI7.png) 4. After saving your changes, the Dynasty will reflect the updated grouping behavior. - ![Modified Attribute Filter Example](images/ka0Qk000000DUI2_0EMQk000009tEYD.png) + ![Modified Attribute Filter Example](./images/ka0Qk000000DUI2_0EMQk000009tEYD.png) diff --git a/docs/kb/directorymanager/change-the-default-sort-attribute-for-search-results.md b/docs/kb/directorymanager/change-the-default-sort-attribute-for-search-results.md index c4b4e7847b..708fa199fc 100644 --- a/docs/kb/directorymanager/change-the-default-sort-attribute-for-search-results.md +++ b/docs/kb/directorymanager/change-the-default-sort-attribute-for-search-results.md @@ -30,11 +30,11 @@ This article explains how to configure the default sort attribute for search res ## Instructions 1. In the Netwrix Directory Manager Admin Center, go to **Applications**. For the application or portal where you want to change the setting, click the three dots and select **Settings**. - ![Accessing portal settings in Directory Manager Admin Center](images/ka0Qk000000DvQH_0EMQk00000BSXab.png) + ![Accessing portal settings in Directory Manager Admin Center](./images/ka0Qk000000DvQH_0EMQk00000BSXab.png) 2. Click **Advanced Settings**. In the right pane, find the **Sort Search** option and select your desired sort attribute from the drop-down menu. - ![Selecting the default sort attribute in Advanced Settings](images/ka0Qk000000DvQH_0EMQk00000BSXfR.png) + ![Selecting the default sort attribute in Advanced Settings](./images/ka0Qk000000DvQH_0EMQk00000BSXfR.png) 3. Scroll down and click **Save** to apply your changes. diff --git a/docs/kb/directorymanager/change-the-header-and-footer-logo-in-notifications.md b/docs/kb/directorymanager/change-the-header-and-footer-logo-in-notifications.md index 03c32cc42e..728b6cf3b1 100644 --- a/docs/kb/directorymanager/change-the-header-and-footer-logo-in-notifications.md +++ b/docs/kb/directorymanager/change-the-header-and-footer-logo-in-notifications.md @@ -29,7 +29,7 @@ knowledge_article_id: kA0Qk00000015iPKAQ Can you change the logo in the header and footer of Netwrix Directory Manager notifications? -![Notification Logo Screenshot](images/ka0Qk000000DSOH_0EMQk000004nEE1.png) +![Notification Logo Screenshot](./images/ka0Qk000000DSOH_0EMQk000004nEE1.png) ## Answer diff --git a/docs/kb/directorymanager/collecting-all-log-files-in-v11.md b/docs/kb/directorymanager/collecting-all-log-files-in-v11.md index 255cd72787..f6d95c1bbe 100644 --- a/docs/kb/directorymanager/collecting-all-log-files-in-v11.md +++ b/docs/kb/directorymanager/collecting-all-log-files-in-v11.md @@ -46,4 +46,4 @@ Follow the steps below to use the **Logs Download** feature to collect and save 5. Click **Download**. 6. A zipped file containing the logs will be downloaded to your server's Downloads folder. -![Logs Download screen in Directory Manager Admin Center](images/ka0Qk000000DvID_0EMQk00000BSOM1.png) +![Logs Download screen in Directory Manager Admin Center](./images/ka0Qk000000DvID_0EMQk00000BSOM1.png) diff --git a/docs/kb/directorymanager/configure-email-notifications-for-an-identity-store.md b/docs/kb/directorymanager/configure-email-notifications-for-an-identity-store.md index 8b79d4bbab..38d6c07ecd 100644 --- a/docs/kb/directorymanager/configure-email-notifications-for-an-identity-store.md +++ b/docs/kb/directorymanager/configure-email-notifications-for-an-identity-store.md @@ -34,13 +34,13 @@ Email notifications in Netwrix Directory Manager (formerly GroupID) inform users 2. On the **Identity Stores** tab, double-click the required identity store to open its properties. 3. Select the **Configurations** tab, then click **Notification** in the left pane. -![Notification configuration tab in Directory Manager identity store properties](images/ka0Qk000000EZCP_0EMQk00000BuMPJ.png) +![Notification configuration tab in Directory Manager identity store properties](./images/ka0Qk000000EZCP_0EMQk00000BuMPJ.png) 4. Configure the following notification settings: - **SMTP server:** Enter the IP address or FQDN of the SMTP server that will route notifications. - **From email address:** Enter the sender address for notification emails (for example, `no-reply@domain.com` or `notification@demo.com`). - ![From email address field in notification settings](images/ka0Qk000000EZCP_0EMQk00000BuMNh.png) + ![From email address field in notification settings](./images/ka0Qk000000EZCP_0EMQk00000BuMNh.png) - **Port:** Enter the port number for the SMTP server. - **Test:** After entering the email address and port, click **Test** to verify the server settings. Enter a destination address to send a test notification. If successful, a confirmation message appears and a test email is sent. - **Use SMTP User Authentication:** By default, the credentials of the logged-in user are used. To use a different account, select **Use SMTP User Authentication** and enter the **Username** and **Password** for an authorized account. diff --git a/docs/kb/directorymanager/convert-between-smart-groups-and-static-groups.md b/docs/kb/directorymanager/convert-between-smart-groups-and-static-groups.md index cd3230c275..8a901bd3d6 100644 --- a/docs/kb/directorymanager/convert-between-smart-groups-and-static-groups.md +++ b/docs/kb/directorymanager/convert-between-smart-groups-and-static-groups.md @@ -36,7 +36,7 @@ In Netwrix Directory Manager, you can convert a Smart Group to a static group by 4. Click the **Clear** button next to the Smart Group query. 5. When prompted, click **Clear query text** to confirm. The group will be converted to a static group, and the current membership will remain unchanged. -![Clearing Smart Group query in Directory Manager](images/ka0Qk000000EYrR_0EMQk00000BpDeP.png) +![Clearing Smart Group query in Directory Manager](./images/ka0Qk000000EYrR_0EMQk00000BpDeP.png) ### Convert a Static Group to a Smart Group 1. Log in to the application portal of Netwrix Directory Manager. @@ -45,4 +45,4 @@ In Netwrix Directory Manager, you can convert a Smart Group to a static group by 4. When prompted, confirm the action. The query designer will open, allowing you to specify the LDAP query as required. 5. After confirming the query, the group will be converted to a Smart Group. -![Upgrading a static group to a Smart Group in Directory Manager](images/ka0Qk000000EYrR_0EMQk00000BpDcn.png) +![Upgrading a static group to a Smart Group in Directory Manager](./images/ka0Qk000000EYrR_0EMQk00000BpDcn.png) diff --git a/docs/kb/directorymanager/copy-smart-group-query-criteria-using-import-and-export.md b/docs/kb/directorymanager/copy-smart-group-query-criteria-using-import-and-export.md index d51b9f52f9..74c5615921 100644 --- a/docs/kb/directorymanager/copy-smart-group-query-criteria-using-import-and-export.md +++ b/docs/kb/directorymanager/copy-smart-group-query-criteria-using-import-and-export.md @@ -36,10 +36,10 @@ Netwrix Directory Manager supports exporting and importing Smart Group query def 2. Open the properties of the Smart Group whose criteria you want to copy. 3. Navigate to the **Smart Group** tab and open **Query Designer**. 4. In the Query Designer window, click the three-dot icon and select **Export query**. The JSON file will be downloaded to your default download location. - ![Exporting a Smart Group query in Directory Manager Query Designer](images/ka0Qk000000EYwH_0EMQk00000BpDrJ.png) + ![Exporting a Smart Group query in Directory Manager Query Designer](./images/ka0Qk000000EYwH_0EMQk00000BpDrJ.png) 5. Open the properties of the Smart Group where you want to apply the copied criteria. 6. Navigate to the **Smart Group** tab and open **Query Designer**. 7. In the Query Designer window, click the three-dot icon and select **Import query** to upload the previously exported JSON file. - ![Importing a Smart Group query in Directory Manager Query Designer](images/ka0Qk000000EYwH_0EMQk00000BpBfq.png) + ![Importing a Smart Group query in Directory Manager Query Designer](./images/ka0Qk000000EYwH_0EMQk00000BpBfq.png) 8. Click **Preview** to confirm that the query returns the expected results. 9. Complete the remaining steps of the Smart Group wizard to save your changes. diff --git a/docs/kb/directorymanager/creating-and-managing-dynasties.md b/docs/kb/directorymanager/creating-and-managing-dynasties.md index 229959ddf7..c58698a964 100644 --- a/docs/kb/directorymanager/creating-and-managing-dynasties.md +++ b/docs/kb/directorymanager/creating-and-managing-dynasties.md @@ -52,17 +52,17 @@ The three templates are configurable, whereas the custom Dynasty can fulfill num ### Creating an Organizational Dynasty 1. In Netwrix Directory Manager Portal, select **Create New** > **Organizational Dynasty** template and click **Next**. - ![Selecting Organizational Dynasty template](images/ka0Qk000000Du4P_0EMQk00000BS5BL.png) + ![Selecting Organizational Dynasty template](./images/ka0Qk000000Du4P_0EMQk00000BS5BL.png) 2. On the **Group Options** page, enter the group name, select the container where the group will be created, and specify the group type, scope, and security settings. - ![Group Options page](images/ka0Qk000000Du4P_0EMQk00000BS8nW.png) + ![Group Options page](./images/ka0Qk000000Du4P_0EMQk00000BS8nW.png) 3. On the **Dynasty Options** page, review and modify the attributes that will be used to create child groups. For example, you can remove *Title* and add *Office* as needed. - ![Dynasty Options page](images/ka0Qk000000Du4P_0EMQk00000BS9zh.png) + ![Dynasty Options page](./images/ka0Qk000000Du4P_0EMQk00000BS9zh.png) 4. On the **Query Options** page, review the current configuration of your Dynasty. You can click **Query Designer** to launch the Query Designer, where you can modify the query to filter the objects for group membership. For example, you may filter out disabled users or get a specific employee type. - ![Query Options page](images/ka0Qk000000Du4P_0EMQk00000BRwsy.png) + ![Query Options page](./images/ka0Qk000000Du4P_0EMQk00000BRwsy.png) 5. Once your query is complete, proceed to the **Update Options** page. The Dynasty can be updated manually or via an automated schedule. - ![Update Options page](images/ka0Qk000000Du4P_0EMQk00000BS4Gs.png) + ![Update Options page](./images/ka0Qk000000Du4P_0EMQk00000BS4Gs.png) 6. On the **Owners** page, you can specify additional owners for the group. By default, Netwrix Directory Manager sets the logged-in user as the primary owner. The primary owner will be inherited by all child groups. You can add additional owners by clicking the **Add** button. Users, contacts, and even security groups can be set as additional owners. - ![Owners page](images/ka0Qk000000Du4P_0EMQk00000BS48q.png) + ![Owners page](./images/ka0Qk000000Du4P_0EMQk00000BS48q.png) 7. The **Completion** page gives a summary of the selected settings. Click **Finish**. 8. If you selected **Now** for your update options, a parent Dynasty will be created with the name provided on the **Group Options** page, and child groups will be created according to the configured template. diff --git a/docs/kb/directorymanager/display-groups-with-additional-ownership-in-the-my-groups-tab.md b/docs/kb/directorymanager/display-groups-with-additional-ownership-in-the-my-groups-tab.md index e8b3d4b7e8..c40e5e1153 100644 --- a/docs/kb/directorymanager/display-groups-with-additional-ownership-in-the-my-groups-tab.md +++ b/docs/kb/directorymanager/display-groups-with-additional-ownership-in-the-my-groups-tab.md @@ -30,15 +30,15 @@ Use these steps to configure the **My Groups** tab in Netwrix Directory Manager 1. From the Admin portal, navigate to **Applications** > **your application portal**. 2. Click the three-dot icon and select **Settings**. - ![Admin portal navigation to application portal settings](images/ka0Qk000000EZ4L_0EMQk00000Bsr2b.png) + ![Admin portal navigation to application portal settings](./images/ka0Qk000000EZ4L_0EMQk00000Bsr2b.png) 3. In the settings menu, go to **Advanced Settings** > **Listing Displays**. - ![Advanced settings and listing displays in admin portal](images/ka0Qk000000EZ4L_0EMQk00000Bsr4D.png) + ![Advanced settings and listing displays in admin portal](./images/ka0Qk000000EZ4L_0EMQk00000Bsr4D.png) 4. Find the option for **Display Groups in My Groups** and toggle it to include groups where the user is an additional owner. - ![Toggle for Display Groups in My Groups setting](images/ka0Qk000000EZ4L_0EMQk00000Bsr0z.png) + ![Toggle for Display Groups in My Groups setting](./images/ka0Qk000000EZ4L_0EMQk00000Bsr0z.png) 5. Click **Save** and then **OK** to apply the changes. 6. Log in to the application portal. The **My Groups** page will now display groups for which the logged-in user is an additional owner. 7. Individual users can adjust their own settings in the application portal to view groups they own as both primary and additional owner. After changing this setting, remember to click **Save**. - ![User-level setting to display groups as primary and additional owner](images/ka0Qk000000EZ4L_0EMQk00000Bsr5p.png) + ![User-level setting to display groups as primary and additional owner](./images/ka0Qk000000EZ4L_0EMQk00000Bsr5p.png) diff --git a/docs/kb/directorymanager/displaying-moderators-for-exchange-distribution-lists-in-the-portal.md b/docs/kb/directorymanager/displaying-moderators-for-exchange-distribution-lists-in-the-portal.md index 782fd667b0..6f8bb88b28 100644 --- a/docs/kb/directorymanager/displaying-moderators-for-exchange-distribution-lists-in-the-portal.md +++ b/docs/kb/directorymanager/displaying-moderators-for-exchange-distribution-lists-in-the-portal.md @@ -47,44 +47,44 @@ Follow the instructions below to configure the Netwrix Directory Manager Portal: 2. On the **Replication** tab, click **Add Replication Attributes** and add the required attributes. - ![Replication attribute screenshot](images/ka0Qk000000E76T_0EMQk00000BdPOP.png) + ![Replication attribute screenshot](./images/ka0Qk000000E76T_0EMQk00000BdPOP.png) 3. Click **Settings**. A new page will appear. - ![Portal settings screenshot](images/ka0Qk000000E76T_0EMQk00000BdNHn.png) + ![Portal settings screenshot](./images/ka0Qk000000E76T_0EMQk00000BdNHn.png) 4. Select the appropriate **Identity Store**. - ![Identity Store selection screenshot](images/ka0Qk000000E76T_0EMQk00000BdPHx.png) + ![Identity Store selection screenshot](./images/ka0Qk000000E76T_0EMQk00000BdPHx.png) 5. Under the **Properties** tab, select **Group** from the **Select Directory Object** list. 6. Select **Advanced** in the **Name** list and click the **Pencil** icon. - ![Advanced group design](images/ka0Qk000000E76T_0EMQk00000BdPRd.png) + ![Advanced group design](./images/ka0Qk000000E76T_0EMQk00000BdPRd.png) 7. On the Edit Design Category dialog box, click **Add Field**. - ![Add Field screenshot](images/ka0Qk000000E76T_0EMQk00000BdPJZ.png) + ![Add Field screenshot](./images/ka0Qk000000E76T_0EMQk00000BdPJZ.png) 8. Select `mxExchEnableModeration` from the **Field** list, enter the display name as **Is Moderation Enabled** and set the display type to **Check**. 9. Click **OK** and then click **Add Fields** again. - ![ModeratedByLink field screenshot](images/ka0Qk000000E76T_0EMQk00000BdPLB.png) + ![ModeratedByLink field screenshot](./images/ka0Qk000000E76T_0EMQk00000BdPLB.png) 10. Select `mxExchModeratedByLink`, enter the display name as **Moderators**, and set the display type to **DNs**. 11. Click **OK** and then click **Add Fields** again. - ![A screenshot of adding attribute.](images/ka0Qk000000E76T_0EMQk00000BdDrv.png) + ![A screenshot of adding attribute.](./images/ka0Qk000000E76T_0EMQk00000BdDrv.png) 12. Select `mxExchBypassModerationLink`, enter the display name as **Bypass Moderation**, and set the display type to **DNs**. 13. Click **OK** and then click the **Save** icon at the top of the page. - ![Bypass moderators field screenshot](images/ka0Qk000000E76T_0EMQk00000BdPMn.png) + ![Bypass moderators field screenshot](./images/ka0Qk000000E76T_0EMQk00000BdPMn.png) 14. Launch the **Netwrix Directory Manager Portal**. The new attributes should appear under the **Groups** tab under **Advanced**. - ![Final portal attributes screenshot](images/ka0Qk000000E76T_0EMQk00000BdPQ1.png) + ![Final portal attributes screenshot](./images/ka0Qk000000E76T_0EMQk00000BdPQ1.png) diff --git a/docs/kb/directorymanager/enable-and-configure-workflow-approver-acceleration.md b/docs/kb/directorymanager/enable-and-configure-workflow-approver-acceleration.md index d2fe6e52c7..15dc24cb02 100644 --- a/docs/kb/directorymanager/enable-and-configure-workflow-approver-acceleration.md +++ b/docs/kb/directorymanager/enable-and-configure-workflow-approver-acceleration.md @@ -36,9 +36,9 @@ To address this, Netwrix Directory Manager includes workflow approver accelerati 1. In the Netwrix Directory Manager Management Console, click the **Identity Stores** node. 2. On the **Identity Stores** tab, double-click an identity store to open its properties. 3. On the **Workflow** tab, click the **Advanced Options** link. - ![Workflows tab in Netwrix Directory Manager 10 Identity Properties](images/ka0Qk000000DunZ_0EMQk00000BZ9rj.png) + ![Workflows tab in Netwrix Directory Manager 10 Identity Properties](./images/ka0Qk000000DunZ_0EMQk00000BZ9rj.png) 4. Select the **Enable Approver Acceleration** checkbox to apply the settings and rules to all workflow routes defined for the identity store. - ![Workflow Approver Acceleration in Workflow Options](images/ka0Qk000000DunZ_0EMQk00000BZFvX.png) + ![Workflow Approver Acceleration in Workflow Options](./images/ka0Qk000000DunZ_0EMQk00000BZFvX.png) 5. To disable approver acceleration for a route, see the "Disable Approver Acceleration for a Workflow Route" section. 6. In the **Maximum Levels** box, specify the maximum number of escalation levels (for example, `2`). Requests not approved or denied at the maximum level are routed to the default approver, as specified in group life cycle settings for the identity store. 7. In the **Repeat every days** box, specify the number of days (for example, `5`). If an approver does not act within this period, the request is escalated to the next approver in the chain. @@ -46,9 +46,9 @@ To address this, Netwrix Directory Manager includes workflow approver accelerati ### Enable Workflow Approver Acceleration for an Identity Store in Netwrix Directory Manager 11 1. Log in to the Netwrix Directory Manager Admin Center, click the **Identity Stores** tab, and then edit the required identity store. - ![Identity Stores tab in Netwrix Directory Manager 11 Admin Center](images/ka0Qk000000DunZ_0EMQk00000BZdBR.png) + ![Identity Stores tab in Netwrix Directory Manager 11 Admin Center](./images/ka0Qk000000DunZ_0EMQk00000BZdBR.png) 2. From the Settings pane, select **Workflows**, then select **Advanced Workflow Settings** on the card menu on the right. - ![Advanced Workflow Settings in Netwrix Directory Manager 11](images/ka0Qk000000DunZ_0EMQk00000BZbJK.png) + ![Advanced Workflow Settings in Netwrix Directory Manager 11](./images/ka0Qk000000DunZ_0EMQk00000BZbJK.png) 3. Toggle **Approver Acceleration** and configure the options as needed. Click **Save** at the bottom right of the screen. > **NOTE:** Approver acceleration requires that an SMTP server is configured for the identity store. @@ -68,7 +68,7 @@ Follow the steps below for Netwrix Directory Manager 11: 1. Log in to the Netwrix Directory Manager Admin Center, then navigate to the **Identity Stores** tab from the navigation pane. 2. Click the options (three dots) for the required identity store and select **Edit**. 3. Click **Workflows** from the Settings tab. In the list of workflows, click the options (three dots) for the workflow you want to update, then select **Edit**. - ![Disable Approver Acceleration - Workflow Edit Menu - Netwrix Directory Manager 11](images/ka0Qk000000DunZ_0EMQk00000BZUPv.png) + ![Disable Approver Acceleration - Workflow Edit Menu - Netwrix Directory Manager 11](./images/ka0Qk000000DunZ_0EMQk00000BZUPv.png) 4. Clear the **Approver Acceleration** option and click **Update Workflow**. Then scroll down and click **Save**. 5. This will exempt the workflow from approver acceleration. diff --git a/docs/kb/directorymanager/enable-group-owner-suggestion-for-orphan-groups.md b/docs/kb/directorymanager/enable-group-owner-suggestion-for-orphan-groups.md index 560d992bd1..54af87d3d6 100644 --- a/docs/kb/directorymanager/enable-group-owner-suggestion-for-orphan-groups.md +++ b/docs/kb/directorymanager/enable-group-owner-suggestion-for-orphan-groups.md @@ -40,13 +40,13 @@ There are two ways to address Orphan Groups: 4. Netwrix Directory Manager will suggest a primary owner for an orphan group on the **Owner** tab in group properties. The suggestion is based on group membership. Netwrix Directory Manager checks the managers of group members and suggests the user who appears most frequently as a manager, even if that user is not a group member. 5. Click the **Save** icon on the toolbar. -![Suggest Owner/Manager setting in Directory Manager portal settings](images/ka0Qk000000EWsr_0EMQk00000Bo2pu.png) +![Suggest Owner/Manager setting in Directory Manager portal settings](./images/ka0Qk000000EWsr_0EMQk00000Bo2pu.png) ## Use Owner Suggestion in the Portal 1. Log in to the Netwrix Directory Manager portal. 2. Go to the properties page of an orphan group and click the **Owner** tab. -![Owner tab in group properties showing suggested owner](images/ka0Qk000000EWsr_0EMQk00000BoBA3.png) +![Owner tab in group properties showing suggested owner](./images/ka0Qk000000EWsr_0EMQk00000BoBA3.png) 3. Netwrix Directory Manager will display a suggested owner for the group. 4. Click **Make Owner** to set the suggested user as the group's primary owner. diff --git a/docs/kb/directorymanager/entraid-application-proxy-configuration.md b/docs/kb/directorymanager/entraid-application-proxy-configuration.md index 130a279f69..a4d493dbe5 100644 --- a/docs/kb/directorymanager/entraid-application-proxy-configuration.md +++ b/docs/kb/directorymanager/entraid-application-proxy-configuration.md @@ -34,17 +34,17 @@ This article provides step-by-step instructions for configuring Entra Tenant App ### Configure Entra Tenant Application Proxy -![Entra Tenant Application Proxy configuration screen with key fields visible](images/ka0Qk000000DUWX_0EMQk000004n3iR.png) +![Entra Tenant Application Proxy configuration screen with key fields visible](./images/ka0Qk000000DUWX_0EMQk000004n3iR.png) ### Install Outbound Connector on Directory Manager Machine -![Outbound connector installation window on Directory Manager machine](images/ka0Qk000000DUWX_0EMQk000004n3iS.png) +![Outbound connector installation window on Directory Manager machine](./images/ka0Qk000000DUWX_0EMQk000004n3iS.png) ### Configure Outbound Proxy -![Outbound proxy configuration screen](images/ka0Qk000000DUWX_0EMQk000004n3iT.png) +![Outbound proxy configuration screen](./images/ka0Qk000000DUWX_0EMQk000004n3iT.png) -![Additional outbound proxy configuration options](images/ka0Qk000000DUWX_0EMQk000004n3iU.png) +![Additional outbound proxy configuration options](./images/ka0Qk000000DUWX_0EMQk000004n3iU.png) ### Configure the Application @@ -60,31 +60,31 @@ This article provides step-by-step instructions for configuring Entra Tenant App - Internal URL: `https://onenexx2:4443/` - Link: https://onenexx2:4443/ - ![Application proxy configuration with internal and external URLs](images/ka0Qk000000DUWX_0EMQk000004n3iV.png) + ![Application proxy configuration with internal and external URLs](./images/ka0Qk000000DUWX_0EMQk000004n3iV.png) ### Register the Application and Assign Users 1. Go to **App Registration** and open **All Applications**. - ![App Registration screen showing all applications](images/ka0Qk000000DUWX_0EMQk000004n3iW.png) + ![App Registration screen showing all applications](./images/ka0Qk000000DUWX_0EMQk000004n3iW.png) 2. Assign users to this application. - ![Assigning users to the application in App Registration](images/ka0Qk000000DUWX_0EMQk000004n3iX.png) + ![Assigning users to the application in App Registration](./images/ka0Qk000000DUWX_0EMQk000004n3iX.png) ### Create and Upload an SSL Certificate 1. Create an SSL certificate. - ![SSL certificate creation window](images/ka0Qk000000DUWX_0EMQk000004n3iY.png) + ![SSL certificate creation window](./images/ka0Qk000000DUWX_0EMQk000004n3iY.png) - ![SSL certificate details screen](images/ka0Qk000000DUWX_0EMQk000004n3iZ.png) + ![SSL certificate details screen](./images/ka0Qk000000DUWX_0EMQk000004n3iZ.png) - ![SSL certificate management interface](images/ka0Qk000000DUWX_0EMQk000004n3ia.png) + ![SSL certificate management interface](./images/ka0Qk000000DUWX_0EMQk000004n3ia.png) 2. Upload the certificate. - ![Upload certificate screen](images/ka0Qk000000DUWX_0EMQk000004n3ib.png) + ![Upload certificate screen](./images/ka0Qk000000DUWX_0EMQk000004n3ib.png) > **NOTE:** Self-signed certificates will not work. Add a public certificate instead. You can turn off SSL in the application proxy to test the configuration. @@ -92,7 +92,7 @@ This article provides step-by-step instructions for configuring Entra Tenant App 1. Change the portal URLs to use the external URLs provided by the application proxy. - ![Portal URL configuration screen](images/ka0Qk000000DUWX_0EMQk000004n3ic.png) + ![Portal URL configuration screen](./images/ka0Qk000000DUWX_0EMQk000004n3ic.png) 2. Verify that the changes are reflected in the `svc.client` table and `web.config` file. @@ -101,17 +101,17 @@ This article provides step-by-step instructions for configuring Entra Tenant App - External URL (visible): `https://GroupID10SSP-5l607h.msappproxy.net/GroupID/` - External URL (HREF/target provided by portal): `https://GroupID10SSP-5l607h.msappproxy.net/Directory Manager/` - ![web.config file showing updated external URL](images/ka0Qk000000DUWX_0EMQk000004n3id.png) + ![web.config file showing updated external URL](./images/ka0Qk000000DUWX_0EMQk000004n3id.png) 3. Edit the **Issuer** and **Realm** URLs as needed: - ![Issuer and Realm URL configuration screen](images/ka0Qk000000DUWX_0EMQk000004n3ie.png) + ![Issuer and Realm URL configuration screen](./images/ka0Qk000000DUWX_0EMQk000004n3ie.png) 4. Update the `svc.client` table in the database with the return, error, and realm URLs. > **NOTE:** Paste all URLs with a forward slash at the end. For example: `https://groupid10ssp-5l607h.msappproxy.net/Directory Manager/` -![svc.client table showing updated URLs](images/ka0Qk000000DUWX_0EMQk000004n3if.png) +![svc.client table showing updated URLs](./images/ka0Qk000000DUWX_0EMQk000004n3if.png) ## Related Links diff --git a/docs/kb/directorymanager/export-enrolled-user-reports-with-additional-fields.md b/docs/kb/directorymanager/export-enrolled-user-reports-with-additional-fields.md index 4a679d8bcd..54186f8ba2 100644 --- a/docs/kb/directorymanager/export-enrolled-user-reports-with-additional-fields.md +++ b/docs/kb/directorymanager/export-enrolled-user-reports-with-additional-fields.md @@ -35,7 +35,7 @@ By default, the Netwrix Directory Manager (formerly GroupID) Password Center Hel - Password Expires On - Enrolled With -![Default enrolled users export fields in Directory Manager 10](images/ka0Qk000000EWo1_0EMQk00000Bh5ni.png) +![Default enrolled users export fields in Directory Manager 10](./images/ka0Qk000000EWo1_0EMQk00000Bh5ni.png) However, you cannot add additional fields to the exported file using the Password Center interface, as the design node is not available in the MMC for design changes. As a workaround, you can use the Netwrix Directory Manager management shell to export user data with additional fields such as `SamAccountName` and `Email Address`. diff --git a/docs/kb/directorymanager/export-owners-and-additional-owners-for-groups-using-management-shell.md b/docs/kb/directorymanager/export-owners-and-additional-owners-for-groups-using-management-shell.md index 473cbc9edb..616037debf 100644 --- a/docs/kb/directorymanager/export-owners-and-additional-owners-for-groups-using-management-shell.md +++ b/docs/kb/directorymanager/export-owners-and-additional-owners-for-groups-using-management-shell.md @@ -38,7 +38,7 @@ Get-SmartGroup | Select Name, @{Name="Owner"; Expression={ (Get-User -Identity $ > **NOTE:** To change the directory, replace `C:\smartgroups.csv` with the desired directory path. -![Exporting Smart Group owners and additional owners in Directory Manager Management Shell](images/ka0Qk000000EZ7Z_0EMQk00000BuCxp.png) +![Exporting Smart Group owners and additional owners in Directory Manager Management Shell](./images/ka0Qk000000EZ7Z_0EMQk00000BuCxp.png) 4. To export the owner and additional owner list for all types of groups (managed and unmanaged), run the command below. This cmdlet will provide the owner and additional owner information for all types of groups. diff --git a/docs/kb/directorymanager/generate-a-report-of-all-groups-in-the-domain.md b/docs/kb/directorymanager/generate-a-report-of-all-groups-in-the-domain.md index 693d7dc9d2..4b55e76419 100644 --- a/docs/kb/directorymanager/generate-a-report-of-all-groups-in-the-domain.md +++ b/docs/kb/directorymanager/generate-a-report-of-all-groups-in-the-domain.md @@ -35,21 +35,21 @@ Use the reporting feature in Netwrix Directory Manager to create a list of all g ### Steps to Generate a Report of All Groups 1. Open the Netwrix Directory Manager portal and go to the **Reports** options. - ![Reports options in Directory Manager portal](images/ka0Qk000000EMWv_0EMQk00000BX3X5.png) + ![Reports options in Directory Manager portal](./images/ka0Qk000000EMWv_0EMQk00000BX3X5.png) 2. Select **Group Reports** > **All Groups in the Domain**. 3. Click **Create Report**. This launches the **Create Report** wizard. - ![Create Report wizard in Directory Manager](images/ka0Qk000000EMWv_0EMQk00000BX9nl.png) + ![Create Report wizard in Directory Manager](./images/ka0Qk000000EMWv_0EMQk00000BX9nl.png) 4. On the first page, enter a custom title for your report in the **Report Name** box. The default title is **All Groups in Domain**. 5. Click **Browse** to open the **Select Container** dialog box and select the required source container. The default selection is the Global Catalog. 6. Select the **Include sub-folders** check box to include sub-folders for the selected container in the report. 7. In the **Filter Criteria** section, modify the default LDAP filter as required. This filter is used to select items from the container to display in the report. To add additional filters, click **Add More Filters**. 8. Click **Next**. - ![Filter Criteria section in Create Report wizard](images/ka0Qk000000EMWv_0EMQk00000BXA77.png) + ![Filter Criteria section in Create Report wizard](./images/ka0Qk000000EMWv_0EMQk00000BXA77.png) 9. The **Fields** section displays the fields that will be included in the report. You can add or remove fields from the list, and you can move fields to change their order. 10. From the **Sort By** drop-down list, select the field by which you want to sort the results in the report. 11. From the **Schedule** drop-down list, select the schedule for the report. If you select a schedule, the report will run automatically at the specified time. 12. Click **Finish**. - ![Report results in Directory Manager](images/ka0Qk000000EMWv_0EMQk00000BXAK1.png) + ![Report results in Directory Manager](./images/ka0Qk000000EMWv_0EMQk00000BXAK1.png) 13. The report is displayed based on the settings you configured in the portal. The report includes the following information: - Connected identity store name - Selected container diff --git a/docs/kb/directorymanager/generating-a-report-on-users-who-never-logged-on.md b/docs/kb/directorymanager/generating-a-report-on-users-who-never-logged-on.md index 5f29c15005..3c97e2091b 100644 --- a/docs/kb/directorymanager/generating-a-report-on-users-who-never-logged-on.md +++ b/docs/kb/directorymanager/generating-a-report-on-users-who-never-logged-on.md @@ -29,16 +29,16 @@ This article provides step-by-step instructions for generating a report on users ## Instructions 1. Navigate to the **Application Portal** and click **Reports**. - ![Reports section in the Application Portal](images/ka0Qk000000Dtxx_0EMQk00000BSNt0.png) + ![Reports section in the Application Portal](./images/ka0Qk000000Dtxx_0EMQk00000BSNt0.png) 2. In the new tab that opens, click **User Reports**. - ![User Reports section](images/ka0Qk000000Dtxx_0EMQk00000BSOST.png) + ![User Reports section](./images/ka0Qk000000Dtxx_0EMQk00000BSOST.png) 3. Sort the reports by clicking the **Title** column. Locate the report titled **Users Who Never Logged On** on the second page and click it. - ![Sorting and selecting the Users Who Never Logged On report](images/ka0Qk000000Dtxx_0EMQk00000BSOU5.png) + ![Sorting and selecting the Users Who Never Logged On report](./images/ka0Qk000000Dtxx_0EMQk00000BSOU5.png) 4. Click **Create Report**. - ![Create Report button](images/ka0Qk000000Dtxx_0EMQk00000BSOQr.png) + ![Create Report button](./images/ka0Qk000000Dtxx_0EMQk00000BSOQr.png) 5. On the **Create Report** page, configure the following settings: - **Report Name:** Enter a descriptive name, such as "Users Who Never Logged On."" @@ -50,7 +50,7 @@ This article provides step-by-step instructions for generating a report on users - `lastLogonTimeStamp` – Not Present: Captures accounts that have never logged in. Use the **Add More Filters** option for additional criteria. - ![Create Report configuration page](images/ka0Qk000000Dtxx_0EMQk00000BSLmM.png) + ![Create Report configuration page](./images/ka0Qk000000Dtxx_0EMQk00000BSLmM.png) 6. Customize the report output by selecting the fields to display: - Use the **Add Field** button to add or remove fields. @@ -66,11 +66,11 @@ This article provides step-by-step instructions for generating a report on users 8. Optionally, schedule the report generation by selecting a predefined job from the dropdown menu in the **Scheduled Job** section. 9. Click **Finish** to complete the report generation process. - ![Finish button to complete report generation](images/ka0Qk000000Dtxx_0EMQk00000BSKYY.png) + ![Finish button to complete report generation](./images/ka0Qk000000Dtxx_0EMQk00000BSKYY.png) ## Viewing and Managing the Report After clicking **Finish**, the report results will display all users who have never logged into their accounts. -![Report results showing users who never logged on](images/ka0Qk000000Dtxx_0EMQk00000BSLMa.png) +![Report results showing users who never logged on](./images/ka0Qk000000Dtxx_0EMQk00000BSLMa.png) Additional actions you can perform include: - Pin Report: Pin the report for quick access on the dashboard. diff --git a/docs/kb/directorymanager/hide-distribution-lists-from-end-users-in-portal.md b/docs/kb/directorymanager/hide-distribution-lists-from-end-users-in-portal.md index f0b3c6568b..7dad781157 100644 --- a/docs/kb/directorymanager/hide-distribution-lists-from-end-users-in-portal.md +++ b/docs/kb/directorymanager/hide-distribution-lists-from-end-users-in-portal.md @@ -41,6 +41,6 @@ In some environments, it may be necessary to prevent end users from viewing dist 5. Save the settings in the security roles. 6. Sign out of the Netwrix Directory Manager portal and sign in again with an account that is part of the user security role to verify the change. -![LDAP filter settings in Netwrix Directory Manager security role](images/ka0Qk000000EYmb_0EMQk00000BoN3A.png) +![LDAP filter settings in Netwrix Directory Manager security role](./images/ka0Qk000000EYmb_0EMQk00000BoN3A.png) > **NOTE:** For Universal and Global distribution groups, the `sAMAccountType` value is **268435457**. For Domain local distribution groups, the value is **536870913**. diff --git a/docs/kb/directorymanager/hide-reports-entitlements-and-synchronize-tabs-in-the-user-portal.md b/docs/kb/directorymanager/hide-reports-entitlements-and-synchronize-tabs-in-the-user-portal.md index 6a01853cce..428f047e1b 100644 --- a/docs/kb/directorymanager/hide-reports-entitlements-and-synchronize-tabs-in-the-user-portal.md +++ b/docs/kb/directorymanager/hide-reports-entitlements-and-synchronize-tabs-in-the-user-portal.md @@ -29,7 +29,7 @@ Netwrix Directory Manager 11 ## Overview By default, the **Synchronize**, **Reports**, and **Entitlements** tabs appear on the navigation bar in the Netwrix Directory Manager User Portal. You can control which users see these tabs by adjusting their access level settings. Restricting access ensures that only users with the appropriate roles can view or use these options. -![Navigation bar in Directory Manager User Portal showing Synchronize, Reports, and Entitlements tabs](images/ka0Qk000000EMez_0EMQk00000BbHoM.png) +![Navigation bar in Directory Manager User Portal showing Synchronize, Reports, and Entitlements tabs](./images/ka0Qk000000EMez_0EMQk00000BbHoM.png) ## Instructions @@ -37,21 +37,21 @@ By default, the **Synchronize**, **Reports**, and **Entitlements** tabs appear o 1. Go to the **Admin Center**. 2. Navigate to **Applications**. 3. Open the **Settings** for the portal you want to apply the changes to. - ![Portal settings in Directory Manager Admin Center](images/ka0Qk000000EMez_0EMQk00000BbBHX.png) + ![Portal settings in Directory Manager Admin Center](./images/ka0Qk000000EMez_0EMQk00000BbBHX.png) 4. Go to **Design Settings** and expand **Identity Store**. 5. Select **Navigation Bar**. 6. Click the **Dropdown List** and select **External Links**. - ![External Links dropdown in Navigation Bar settings](images/ka0Qk000000EMez_0EMQk00000BbIFm.png) + ![External Links dropdown in Navigation Bar settings](./images/ka0Qk000000EMez_0EMQk00000BbIFm.png) 7. Edit **Entitlements**. 8. In the **Access Level** list, select a security role: - The **Entitlements** link will be visible to users of this role and any roles with a higher priority. - To hide the link from all users, select **Never**. - To allow only **Administrators** to see it, select **Administrator** (users in roles below Administrator will not have access). - ![Access Level settings for Entitlements tab](images/ka0Qk000000EMez_0EMQk00000BbH6o.png) + ![Access Level settings for Entitlements tab](./images/ka0Qk000000EMez_0EMQk00000BbH6o.png) 9. Click **OK** to save the changes. 10. Log in to the **Netwrix Directory Manager Portal** to verify the changes. - ![Portal view after hiding tabs](images/ka0Qk000000EMez_0EMQk00000BbJN7.png) + ![Portal view after hiding tabs](./images/ka0Qk000000EMez_0EMQk00000BbJN7.png) 11. Repeat these steps for the **Reports** and **Synchronize** tabs. Edit each tab individually and set the **Access Level** as required. 12. Once configured, users without the required access level will no longer see the **Reports**, **Entitlements**, and **Synchronize** tabs in the portal. -![Portal navigation bar with hidden tabs](images/ka0Qk000000EMez_0EMQk00000BbJYP.png) +![Portal navigation bar with hidden tabs](./images/ka0Qk000000EMez_0EMQk00000BbJYP.png) diff --git a/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md b/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md index 0afb794c2b..432830725e 100644 --- a/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md +++ b/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md @@ -53,7 +53,7 @@ Follow the below-provided instructions to customize the portal: 1. In the **Netwrix Directory Manager Admin Center Portal**, select **Self-Service** **GroupID Portals** **[required portal]** **Triple Dot button** **Settings**. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001gaph.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001gaph.png) 2. Under the **Design Settings** tab, select the **Identity Store** you want to customize in the portal. @@ -61,33 +61,33 @@ Follow the below-provided instructions to customize the portal: 4. Select **Advanced** in the **Name** list and click **Edit**. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001garJ.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001garJ.png) 5. On the **Edit Design Category** dialog box, click **Add Field**. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001gasv.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001gasv.png) 6. Select the `mxExchEnableModeration` attribute in the **Field** list, enter the display name as **Is Moderator Enabled** and set the display type to **Check**. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001gauX.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001gauX.png) 7. Click **Add** on the dialog boxes and then click **Add Field** again on the **Edit Design Category**. 8. Select the `mxExchModeratedByLink` attribute in the **Field** list, enter the display name as **Moderators**, and set the display type to **DNs**. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001gaxl.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001gaxl.png) 9. Click **Add** on the dialog boxes and then click **Add Fields** again on the **Edit Design Category**. 10. Select the `mxExchBypassModerationLink` attribute in the **Field** list, enter the display name as **Bypass Moderators**, and set the display type to **DNs**. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001gazN.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001gazN.png) 11. Click **Add** on the dialog boxes and then click the **Save** button to save the settings. 12. Launch the **Netwrix Directory Manager** portal. You should be able to see the newly added attributes in the **Group’s Properties** under the **Advanced** tab. - ![User-added image](images/ka0Qk000000D2Dh_0EMQk000001gb0z.png) + ![User-added image](./images/ka0Qk000000D2Dh_0EMQk000001gb0z.png) @@ -96,14 +96,14 @@ Follow the below-provided instructions to customize the portal: ## Related Articles: - [Customize Properties Pages](https://docs.netwrix.com/docs/directorymanager/11_0/signin/service/mobileservice/design/objectproperties) -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) -- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md) +- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group) - [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices) -- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md) +- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage) diff --git a/docs/kb/directorymanager/how-to-allow-users-to-create-specific-objects-in-user-portal.md b/docs/kb/directorymanager/how-to-allow-users-to-create-specific-objects-in-user-portal.md index dbaccfcfcd..7227e6d816 100644 --- a/docs/kb/directorymanager/how-to-allow-users-to-create-specific-objects-in-user-portal.md +++ b/docs/kb/directorymanager/how-to-allow-users-to-create-specific-objects-in-user-portal.md @@ -34,21 +34,21 @@ To grant or deny permission to create specific objects in the Netwrix Directory 1. Open the Netwrix Directory Manager Admin Portal at `https://servername/AdminCenter/`. Navigate to **Identity Stores**. Under an identity store's name, click the three dots (**...**) to edit it. - ![Identity Stores list with edit option highlighted in Directory Manager Admin Portal](images/ka0Qk000000CuJN_0EMQk00000BSXU9.png) + ![Identity Stores list with edit option highlighted in Directory Manager Admin Portal](./images/ka0Qk000000CuJN_0EMQk00000BSXU9.png) 2. In the identity store's properties, click the **Security Roles** tab. Select the role you want to modify and click **Edit**. - ![Security Roles tab and Edit button in Directory Manager Admin Portal](images/ka0Qk000000CuJN_0EMQk00000BSXPJ.png) + ![Security Roles tab and Edit button in Directory Manager Admin Portal](./images/ka0Qk000000CuJN_0EMQk00000BSXPJ.png) 3. On the **Role Properties** page, click the **Permissions** tab. - ![Permissions tab in Role Properties in Directory Manager Admin Portal](images/ka0Qk000000CuJN_0EMQk00000BSXNh.png) + ![Permissions tab in Role Properties in Directory Manager Admin Portal](./images/ka0Qk000000CuJN_0EMQk00000BSXNh.png) 4. The **Create** permissions for the User portal are shown in the following images: - ![Create permissions for object types in Directory Manager User portal](images/ka0Qk000000CuJN_0EMQk00000BSXQv.png) + ![Create permissions for object types in Directory Manager User portal](./images/ka0Qk000000CuJN_0EMQk00000BSXQv.png) - ![Additional create permissions for object types in Directory Manager User portal](images/ka0Qk000000CuJN_0EMQk00000BSXVl.png) + ![Additional create permissions for object types in Directory Manager User portal](./images/ka0Qk000000CuJN_0EMQk00000BSXVl.png) 5. Select the **Allow** option for **Group** and **Contact** object types to permit creation. Select the **Deny** option for all other object types to restrict creation. @@ -56,4 +56,4 @@ To grant or deny permission to create specific objects in the Netwrix Directory When you allow the role to create *groups* and *contacts* using the portal, the result will look like this: -![User portal showing only group and contact creation options](images/ka0Qk000000CuJN_0EMQk00000BSXSX.png) +![User portal showing only group and contact creation options](./images/ka0Qk000000CuJN_0EMQk00000BSXSX.png) diff --git a/docs/kb/directorymanager/how-to-allow-users-to-only-create-distribution-groups.md b/docs/kb/directorymanager/how-to-allow-users-to-only-create-distribution-groups.md index d27facdd64..3b2c3532f2 100644 --- a/docs/kb/directorymanager/how-to-allow-users-to-only-create-distribution-groups.md +++ b/docs/kb/directorymanager/how-to-allow-users-to-only-create-distribution-groups.md @@ -32,20 +32,20 @@ By default, users can create both distribution and security groups using the Net ## Steps: 1. In the NDM Admin Center, select **Applications >** Under **Netwrix Directory Manager Portal**, select the **three dots** button on your portal > Click **Settings**. - ![NDM Admin Center - Portal Settings](images/ka0Qk000000EECn_0EMQk00000CtNBZ.png) + ![NDM Admin Center - Portal Settings](./images/ka0Qk000000EECn_0EMQk00000CtNBZ.png) 2. On the **Server Settings** tab, under **Design Settings**, select your identity store. 3. Click the **Create Object** tab > Under **Select Directory Object**, select **Group**. In the **Name** list, select **General** and click **Edit**. - ![Create Object - Group General](images/ka0Qk000000EECn_0EMQk00000CtNDB.png) + ![Create Object - Group General](./images/ka0Qk000000EECn_0EMQk00000CtNDB.png) 4. On the **Edit Category** dialog box, select **Group Type** in the **Fields** area and click **Edit**. - ![Edit Category - Group Type](images/ka0Qk000000EECn_0EMQk00000CtN9x.png) + ![Edit Category - Group Type](./images/ka0Qk000000EECn_0EMQk00000CtN9x.png) 5. On the **Edit Field** dialog box, click **Advanced options**. 6. Make sure that under **Default Value**, nothing is selected. If there is already a value, clear it out. - ![Edit Field - Advanced Options and Default Value](images/ka0Qk000000EECn_0EMQk00000CtN8L.png) + ![Edit Field - Advanced Options and Default Value](./images/ka0Qk000000EECn_0EMQk00000CtN8L.png) 7. Also, make sure that the checkbox named **Is Read Only** is unchecked / not selected > Click **OK** > Scroll down and **Save** your changes. @@ -54,13 +54,13 @@ By default, users can create both distribution and security groups using the Net 9. On the **Server Settings** tab, under **Design Settings**, select your portal. 10. Select **Custom Display Types** > Then under **Custom Display Types**, select **groupType** from the list and click the **Edit** button. - ![Custom Display Types - groupType](images/ka0Qk000000EECn_0EMQk00000CtNEn.png) + ![Custom Display Types - groupType](./images/ka0Qk000000EECn_0EMQk00000CtNEn.png) 11. A new dialog box named **Edit Radio Display Type** will open. - ![Edit Radio Display Type dialog](images/ka0Qk000000EECn_0EMQk00000CtNGP.png) + ![Edit Radio Display Type dialog](./images/ka0Qk000000EECn_0EMQk00000CtNGP.png) 12. Under the **Edit Radio Display Type** dialog box, edit the option named **Security** > Change its **Visibility** to **Administrator** > Then edit the option named **Distribution** and make sure its **Visibility** is set to **User** (this will be the default value here). - ![Edit Radio Display Type - Visibility Settings](images/ka0Qk000000EECn_0EMQk00000CtLOI.png) + ![Edit Radio Display Type - Visibility Settings](./images/ka0Qk000000EECn_0EMQk00000CtLOI.png) 13. If you see any other option in this mini window besides **Security** and **Distribution**, edit them and set their **Visibility** to **Never**. Scroll down and **Save** your changes. diff --git a/docs/kb/directorymanager/how-to-apply-real-time-data-validation.md b/docs/kb/directorymanager/how-to-apply-real-time-data-validation.md index 43fc97dff2..80ebf73156 100644 --- a/docs/kb/directorymanager/how-to-apply-real-time-data-validation.md +++ b/docs/kb/directorymanager/how-to-apply-real-time-data-validation.md @@ -42,7 +42,7 @@ Netwrix Directory Manager validates data according to rules for uniqueness and s 5. Enter a name for the display type in the **Name** box. 6. From the **Type** list, select *Textbox* and click **OK**. -![Creating a textbox display type with real-time validation in Netwrix Directory Manager](images/ka0Qk000000FE97_0EMQk00000BxDMI.png) +![Creating a textbox display type with real-time validation in Netwrix Directory Manager](./images/ka0Qk000000FE97_0EMQk00000BxDMI.png) 7. Enter a value in the **Default Value** box to set it as the default for the text box. Users can modify this value in the portal. 8. In the **Regular Expression** box, type a regular expression to validate data entered in the text box. Leave this box blank if you do not want to apply a validation rule. diff --git a/docs/kb/directorymanager/how-to-change-a-user-s-membership-type.md b/docs/kb/directorymanager/how-to-change-a-user-s-membership-type.md index 6dc9774103..cc6f05793a 100644 --- a/docs/kb/directorymanager/how-to-change-a-user-s-membership-type.md +++ b/docs/kb/directorymanager/how-to-change-a-user-s-membership-type.md @@ -45,6 +45,6 @@ Netwrix Directory Manager allows you to add users to Active Directory groups as 2. Select the group on the **Search Results** page and click **Properties** on the toolbar. The **Members** tab in group properties lists the group members. 3. To change a member's membership type, click anywhere in the respective row to make it editable. Select **Temporary Member** from the **Membership** column then specify the membership period using the **Beginning** and **Ending** fields. Other membership options are described in the table above. -![Editing membership type and period for a group member in Directory Manager](images/ka0Qk000000FGZ7_0EMQk00000C65MH.png) +![Editing membership type and period for a group member in Directory Manager](./images/ka0Qk000000FGZ7_0EMQk00000C65MH.png) 4. Save the changes. diff --git a/docs/kb/directorymanager/how-to-change-the-user-session-timeout-for-portals.md b/docs/kb/directorymanager/how-to-change-the-user-session-timeout-for-portals.md index 535b0f31c3..4840eb1647 100644 --- a/docs/kb/directorymanager/how-to-change-the-user-session-timeout-for-portals.md +++ b/docs/kb/directorymanager/how-to-change-the-user-session-timeout-for-portals.md @@ -48,4 +48,4 @@ The file is available at the following locations for the respective portals: ``` 3. Set the value in minutes as needed. If the key does not exist, add the line and save the changes. -![web.config file showing sessiontimeout key under appSettings section](images/ka0Qk000000CsUT_0EMQk00000BP4Jp.png) +![web.config file showing sessiontimeout key under appSettings section](./images/ka0Qk000000CsUT_0EMQk00000BP4Jp.png) diff --git a/docs/kb/directorymanager/how-to-copy-the-design-of-portal-via-sql-query.md b/docs/kb/directorymanager/how-to-copy-the-design-of-portal-via-sql-query.md index 68445a3319..703d65deda 100644 --- a/docs/kb/directorymanager/how-to-copy-the-design-of-portal-via-sql-query.md +++ b/docs/kb/directorymanager/how-to-copy-the-design-of-portal-via-sql-query.md @@ -33,7 +33,7 @@ This article provides step-by-step instructions for copying a portal design betw 1. Go to the database used with the test server. 2. Select the database and create a new query. - ![SQL Server Management Studio new query window with database selected](images/ka0Qk000000DSzN_0EMQk000004n9O2.png) + ![SQL Server Management Studio new query window with database selected](./images/ka0Qk000000DSzN_0EMQk000004n9O2.png) 3. Enter the following query: ```sql @@ -48,13 +48,13 @@ WHERE ClientId = @toClient AND IdentityStoreId = @tostore ``` 4. In `@fromClient`, enter the Client ID of the portal you want to copy. For example, to copy the design of Portal 1, use Client ID 11. - ![PortalDesigns table showing Client ID and Identity Store ID values](images/ka0Qk000000DSzN_0EMQk000004nLdh.png) + ![PortalDesigns table showing Client ID and Identity Store ID values](./images/ka0Qk000000DSzN_0EMQk000004nLdh.png) 5. In `@fromStore`, enter the Identity Store ID. For example, use 2. - ![Identity Store ID value in PortalDesigns table](images/ka0Qk000000DSzN_0EMQk000004nH3t.png) + ![Identity Store ID value in PortalDesigns table](./images/ka0Qk000000DSzN_0EMQk000004nH3t.png) 6. In `@toClient` and `@toStore`, enter the Client ID and Identity Store ID for the target portal. For example, Client ID 13 and Store ID 2. 7. Run the query. 8. The following screenshot shows the executed query: - ![Screenshot of executed SQL query](images/ka0Qk000000DSzN_0EMQk000004nLfJ.png) + ![Screenshot of executed SQL query](./images/ka0Qk000000DSzN_0EMQk000004nLfJ.png) ### Copy the Design with the Same SQL Server and Different Databases @@ -76,11 +76,11 @@ WHERE ClientId = @toClient AND IdentityStoreId = @tostore 3. In `@fromClient`, `@fromStore`, `@toClient`, and `@toStore`, enter the appropriate Client ID and Store ID values as described above. 4. In `[toDB]`, enter the database name of the production portal. - ![Screenshot of SQL query for copying design between databases](images/ka0Qk000000DSzN_0EMQk000004nLgv.png) + ![Screenshot of SQL query for copying design between databases](./images/ka0Qk000000DSzN_0EMQk000004nLgv.png) 5. In `[fromDB]`, enter the database name of the test portal. 6. Run the query. 7. The following screenshot shows the executed query: - ![Screenshot of executed SQL query for different databases](images/ka0Qk000000DSzN_0EMQk000004nLiX.png) + ![Screenshot of executed SQL query for different databases](./images/ka0Qk000000DSzN_0EMQk000004nLiX.png) ### Copy the Design with Different SQL Servers and Databases @@ -91,17 +91,17 @@ Environment: Test server configured with **DB1**, production server configured w 3. Create a new linked server. 4. In the **New Linked Server** window, enter the name of the server you want to link. 5. Select **Server type** as **SQL Server**. - ![Linked server properties window](images/ka0Qk000000DSzN_0EMQk000004nIXn.png) + ![Linked server properties window](./images/ka0Qk000000DSzN_0EMQk000004nIXn.png) 6. Select **Security** from the left pane, choose the appropriate login option, and enter the server credentials. 7. Click **OK**. The linked server will appear in the list. - ![Linked server security settings](images/ka0Qk000000DSzN_0EMQk000004nIXo.png) + ![Linked server security settings](./images/ka0Qk000000DSzN_0EMQk000004nIXo.png) -![Linked server shown in SQL Server Management Studio](images/ka0Qk000000DSzN_0EMQk000004nIXp.png) +![Linked server shown in SQL Server Management Studio](./images/ka0Qk000000DSzN_0EMQk000004nIXp.png) 8. Go to the Netwrix Directory Manager portal of the test server and make the required changes to the portal design. 9. Return to SQL Server. 10. Right-click the server and select **New Query**. - ![SQL Server Management Studio new query window for linked server](images/ka0Qk000000DSzN_0EMQk000004nIXq.png) + ![SQL Server Management Studio new query window for linked server](./images/ka0Qk000000DSzN_0EMQk000004nIXq.png) 11. Enter the following query: ```sql @@ -120,9 +120,9 @@ WHERE ClientId = @toClient AND IdentityStoreId = @tostore 12. In `@fromClient`, `@fromStore`, `@toClient`, and `@toStore`, enter the appropriate Client ID and Store ID values as described above. 13. In `[toSourceServer]`, enter the server name of the production server. - ![Linked server name entry in SQL query](images/ka0Qk000000DSzN_0EMQk000004nIXr.png) + ![Linked server name entry in SQL query](./images/ka0Qk000000DSzN_0EMQk000004nIXr.png) 14. In `[fromSourceServer]`, enter the server name of the test server. 15. In `[fromDB]` and `[toDB]`, enter the database names as described above. 16. Execute the query. -![Screenshot of executed SQL query for linked server](images/ka0Qk000000DSzN_0EMQk000004nIXs.png) +![Screenshot of executed SQL query for linked server](./images/ka0Qk000000DSzN_0EMQk000004nIXs.png) diff --git a/docs/kb/directorymanager/how-to-delegate-password-reset-privileges-in-self-service-portal.md b/docs/kb/directorymanager/how-to-delegate-password-reset-privileges-in-self-service-portal.md index 28b84f8011..8cb9807ceb 100644 --- a/docs/kb/directorymanager/how-to-delegate-password-reset-privileges-in-self-service-portal.md +++ b/docs/kb/directorymanager/how-to-delegate-password-reset-privileges-in-self-service-portal.md @@ -35,7 +35,7 @@ This article explains how to delegate the password reset function to users in th 4. Click the **Navigation bar** tab. 5. In the **Tab** list, select *Users* and click **Edit**. 6. On the **Edit Tab** dialog box, select **Reset Password** in the **Links** section and click **Edit**. - ![Edit Tab dialog with Reset Password link highlighted](images/ka0Qk000000DtrV_0EMQk00000BSBJx.png) + ![Edit Tab dialog with Reset Password link highlighted](./images/ka0Qk000000DtrV_0EMQk00000BSBJx.png) 7. From the **Access Level** list on the **Edit Link** dialog box, select a security role. This role and any roles with a higher priority value can reset the passwords of other users through the Self-Service portal. 8. Click **OK** to close the dialog boxes and then save the changes. diff --git a/docs/kb/directorymanager/how-to-display-nested-group-ownership-in-the-my-groups-page.md b/docs/kb/directorymanager/how-to-display-nested-group-ownership-in-the-my-groups-page.md index 6158fa1575..7d20fb4d3b 100644 --- a/docs/kb/directorymanager/how-to-display-nested-group-ownership-in-the-my-groups-page.md +++ b/docs/kb/directorymanager/how-to-display-nested-group-ownership-in-the-my-groups-page.md @@ -34,12 +34,12 @@ Some groups in Active Directory are owned by a security group. You may want memb ## Instructions 1. In the Directory Manager Admin Center, select **Applications**. Under **Directory Manager Portal**, select the **three dots** button for your portal, then click **Settings**. - ![Directory Manager Admin Center with Settings option highlighted under Directory Manager Portal](images/ka0Qk000000Dxjp_0EMQk00000BYF1V.png) + ![Directory Manager Admin Center with Settings option highlighted under Directory Manager Portal](./images/ka0Qk000000Dxjp_0EMQk00000BYF1V.png) 2. On the **Server Settings** tab, click **Advanced Settings**. Select **Listings Display**, then enable the **Display Nested Ownership** option. - ![Advanced Settings in Server Settings tab with Display Nested Ownership option enabled](images/ka0Qk000000Dxjp_0EMQk00000BYEzt.png) + ![Advanced Settings in Server Settings tab with Display Nested Ownership option enabled](./images/ka0Qk000000Dxjp_0EMQk00000BYEzt.png) 3. Scroll to the bottom of the page and click **Save** to apply your changes. - ![Save button at the bottom of the settings page in Directory Manager Admin Center](images/ka0Qk000000Dxjp_0EMQk00000BYEyH.png) + ![Save button at the bottom of the settings page in Directory Manager Admin Center](./images/ka0Qk000000Dxjp_0EMQk00000BYEyH.png) diff --git a/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v10.md b/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v10.md index e2e6936687..3598ae0844 100644 --- a/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v10.md +++ b/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v10.md @@ -31,9 +31,9 @@ This article explains how you can enforce the Group Type as `Distribution` in th ## Instructions 1. In the Directory Manager Admin Center, go to **Applications** > **Directory Manager Portals** and locate the required portal. 2. Once you have chosen the required portal, click the three-dot icon on the portal then click **Settings**. - ![Steps 1-2](images/ka0Qk000000DusP_0EMQk00000C19C1.png) + ![Steps 1-2](./images/ka0Qk000000DusP_0EMQk00000C19C1.png) 3. Under **Application Settings**, select an identity store from the **Design Settings** section. - ![Step 3](images/ka0Qk000000DusP_0EMQk00000C13Mk.png) + ![Step 3](./images/ka0Qk000000DusP_0EMQk00000C13Mk.png) 4. Click the **Create Object** tab. 5. In the **Select Directory Object** list, choose **Group**. 6. In the **Name** list, select **General** and click **Edit**. diff --git a/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v11.md b/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v11.md index 1d23d09fa7..7651fd1713 100644 --- a/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v11.md +++ b/docs/kb/directorymanager/how-to-enforce-group-type-as-distribution-or-security-v11.md @@ -45,7 +45,7 @@ Netwrix Directory Manager allows you to customize the Create wizard for director - Select the **Is Read Only** checkbox. - Or set the **Visibility Role** to `Never`. - ![Set Group Type as Distribution and restrict editing](images/ka0Qk000000Duu1_0EMQk00000BS90Q.png) + ![Set Group Type as Distribution and restrict editing](./images/ka0Qk000000Duu1_0EMQk00000BS90Q.png) 11. To enforce the `Distribution` group type for a specific role (for example, Role C), set the visibility level to a role with a higher priority than Role C. Only users with the selected role or higher can modify the group type. Users with Role C or lower will not be able to change the default selection. 12. Click **OK** to close the dialog boxes and save your changes. @@ -53,4 +53,4 @@ Netwrix Directory Manager allows you to customize the Create wizard for director ## Expected Results In the Create Group wizard in the Directory Manager portal, the **Group Type** field will be set to `Distribution` by default. Users will not be able to change the group type, so all new groups will be created as distribution lists only. -![Create Group wizard with Group Type set to Distribution](images/ka0Qk000000Duu1_0EMQk00000BS31S.png) +![Create Group wizard with Group Type set to Distribution](./images/ka0Qk000000Duu1_0EMQk00000BS31S.png) diff --git a/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md b/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md index c26aa794fc..44b5270bbd 100644 --- a/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md +++ b/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md @@ -43,9 +43,9 @@ Netwrix Directory Manager’s **New Object** policy enables you to restrict role The selected OU appears below the **Groups** option. - ![User-added image](images/ka0Qk000000Dg4f_0EMQk000001f3Kk.png) + ![User-added image](./images/ka0Qk000000Dg4f_0EMQk000001f3Kk.png) - ![User-added image](images/ka0Qk000000Dg4f_0EMQk000001f68v.png) + ![User-added image](./images/ka0Qk000000Dg4f_0EMQk000001f68v.png) 7. Click **OK**. 8. Click **Update Security Role** and then **Save**. @@ -53,10 +53,10 @@ Now when members of the security role try to create groups, they will be created ## Related Articles: -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) -- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md) -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) +- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) - [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) -- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) +- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage) diff --git a/docs/kb/directorymanager/how-to-generate-a-report-on-all-groups-with-report-to-originator-set-to-false-or-true.md b/docs/kb/directorymanager/how-to-generate-a-report-on-all-groups-with-report-to-originator-set-to-false-or-true.md index 8cb8fc9ecd..c710c11511 100644 --- a/docs/kb/directorymanager/how-to-generate-a-report-on-all-groups-with-report-to-originator-set-to-false-or-true.md +++ b/docs/kb/directorymanager/how-to-generate-a-report-on-all-groups-with-report-to-originator-set-to-false-or-true.md @@ -37,16 +37,16 @@ Netwrix Directory Manager (formerly GroupID) allows you to generate reports on a ### Generate a Report for All Groups with Report to Originator Set to False 1. Open the Netwrix Directory Manager Portal and go to the **Reports** options. 2. Select **Group Reports** > **All groups with report to originator set to False**. - ![Group Reports section in Directory Manager Reports module](images/ka0Qk000000FXID_0EMQk00000BxOMY.png) + ![Group Reports section in Directory Manager Reports module](./images/ka0Qk000000FXID_0EMQk00000BxOMY.png) 3. Click **Create Report** to launch the **Create Report** wizard. 4. On the first page, specify a custom title for your report in the **Report Name** box if desired. The default title is **All Groups with Report to Originator Set to False**. - ![Create Report wizard in Directory Manager](images/ka0Qk000000FXID_0EMQk00000BxQsz.png) + ![Create Report wizard in Directory Manager](./images/ka0Qk000000FXID_0EMQk00000BxQsz.png) 5. Click **Browse** to open the **Select Container** dialog box and select the required source container. The default selection is the **Global Catalog**. 6. Select the **Include sub containers** check box to include sub-containers for the selected container. 7. In the **Filter Criteria** section, modify the default LDAP filter as required. To add additional filters, click **Add More Filters**. 8. Click **Next**. 9. In the **Fields** section, add or remove fields as needed and adjust their order. - ![Fields section in Create Report wizard](images/ka0Qk000000FXID_0EMQk00000BxIu1.png) + ![Fields section in Create Report wizard](./images/ka0Qk000000FXID_0EMQk00000BxIu1.png) 10. From the **Sort By** drop-down list, select the field by which to sort the report results. 11. From the **Schedule** drop-down list, select a schedule for the report if desired. The report will run automatically at the specified time. 12. Click **Finish**. @@ -57,7 +57,7 @@ Netwrix Directory Manager (formerly GroupID) allows you to generate reports on a - Date the report was created - Filter applied - List of report results - ![Sample report output in Directory Manager](images/ka0Qk000000FXID_0EMQk00000BxR5t.png) + ![Sample report output in Directory Manager](./images/ka0Qk000000FXID_0EMQk00000BxR5t.png) 14. The report is listed in the template's page. You can create multiple reports from the same template. 15. To download the report, click **Download** and select the format (PDF, Excel, or HTML). 16. You can also pin the report to the Dashboard by clicking **Pin Report**. @@ -65,16 +65,16 @@ Netwrix Directory Manager (formerly GroupID) allows you to generate reports on a ### Generate a Report for All Groups with Report to Originator Set to True 1. Open the Netwrix Directory Manager Portal and go to the **Reports** options. 2. Select **Group Reports** > **All groups with report to originator set to True**. - ![Group Reports section for report to originator set to True](images/ka0Qk000000FXID_0EMQk00000BxHL4.png) + ![Group Reports section for report to originator set to True](./images/ka0Qk000000FXID_0EMQk00000BxHL4.png) 3. Click **Create Report** to launch the **Create Report** wizard. 4. On the first page, specify a custom title for your report in the **Report Name** box if desired. The default title is **All Groups with Report to Originator Set to True**. - ![Create Report wizard for report to originator set to True](images/ka0Qk000000FXID_0EMQk00000BxMhJ.png) + ![Create Report wizard for report to originator set to True](./images/ka0Qk000000FXID_0EMQk00000BxMhJ.png) 5. Click **Browse** to open the **Select Container** dialog box and select the required source container. The default selection is the **Global Catalog**. 6. Select the **Include sub containers** check box to include sub-containers for the selected container. 7. In the **Filter Criteria** section, modify the default LDAP filter as required. To add additional filters, click **Add More Filters**. 8. Click **Next**. 9. In the **Fields** section, add or remove fields as needed and adjust their order. - ![Fields section in Create Report wizard for report to originator set to True](images/ka0Qk000000FXID_0EMQk00000BxMpN.png) + ![Fields section in Create Report wizard for report to originator set to True](./images/ka0Qk000000FXID_0EMQk00000BxMpN.png) 10. From the **Sort By** drop-down list, select the field by which to sort the report results. 11. From the **Schedule** drop-down list, select a schedule for the report if desired. The report will run automatically at the specified time. 12. Click **Finish**. @@ -85,7 +85,7 @@ Netwrix Directory Manager (formerly GroupID) allows you to generate reports on a - Date the report was created - Filter applied - List of report results - ![Sample report output for report to originator set to True](images/ka0Qk000000FXID_0EMQk00000BxMuD.png) + ![Sample report output for report to originator set to True](./images/ka0Qk000000FXID_0EMQk00000BxMuD.png) 14. The report is listed in the template's page. You can create multiple reports from the same template. 15. To download the report, click **Download** and select the format (PDF, Excel, or HTML). 16. You can also pin the report to the Dashboard by clicking **Pin Report**. diff --git a/docs/kb/directorymanager/how-to-identify-groups-without-owners.md b/docs/kb/directorymanager/how-to-identify-groups-without-owners.md index 7c7cdda613..a80be1c2d8 100644 --- a/docs/kb/directorymanager/how-to-identify-groups-without-owners.md +++ b/docs/kb/directorymanager/how-to-identify-groups-without-owners.md @@ -30,22 +30,22 @@ This article shows how to use the Reports module in Netwrix Directory Manager 11 1. In the Directory Manager application portal, click the **Reports** tab on the left side of the dashboard page. - ![Directory Manager application portal with Reports tab highlighted on the dashboard](images/ka0Qk000000Dxof_0EMQk00000BSZAz.png) + ![Directory Manager application portal with Reports tab highlighted on the dashboard](./images/ka0Qk000000Dxof_0EMQk00000BSZAz.png) 2. When the Reports module opens, click the **Group Reports** tab on the left side of the page. - ![Group Reports tab selected in the Reports module](images/ka0Qk000000Dxof_0EMQk00000BSZ69.png) + ![Group Reports tab selected in the Reports module](./images/ka0Qk000000Dxof_0EMQk00000BSZ69.png) 3. To find groups without a primary owner, run the report titled **Groups with no owner**. - ![Groups with no owner report selected in Group Reports](images/ka0Qk000000Dxof_0EMQk00000BSZ9N.png) + ![Groups with no owner report selected in Group Reports](./images/ka0Qk000000Dxof_0EMQk00000BSZ9N.png) 4. To find groups without additional owners, run the report titled **Groups without additional owners**. - ![Groups without additional owners report selected in Group Reports](images/ka0Qk000000Dxof_0EMQk00000BSZ7l.png) + ![Groups without additional owners report selected in Group Reports](./images/ka0Qk000000Dxof_0EMQk00000BSZ7l.png) 5. To find groups without both primary and additional owners, run either of the above reports. In the **Report Generation** wizard, replace the LDAP query with your custom query as needed. - ![Report Generation wizard with LDAP query field](images/ka0Qk000000Dxof_0EMQk00000BSXh5.png) + ![Report Generation wizard with LDAP query field](./images/ka0Qk000000Dxof_0EMQk00000BSXh5.png) 6. Complete the wizard. The generated report will show groups that do not have a primary owner or additional owners. diff --git a/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md b/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md index 0c00bfd5b3..adae271afb 100644 --- a/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md +++ b/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md @@ -39,7 +39,7 @@ The process to import members is discussed in these steps: 1. Launch the Netwrix Directory Manager portal and search for the Group you would like to import members into. 2. Navigate to the **Members** tab and click on the **Import** button to launch the Import Wizard. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fbhN.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fbhN.png) 3. On the **Membership Lifecycle** page, specify whether the imported members will remain in the group permanently or temporarily. Provide the following information and click **Next**. @@ -56,26 +56,26 @@ The process to import members is discussed in these steps: Members are added to the group on the date in the From box. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fbkb.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fbkb.png) 4. On the **Data Source** page, select and configure the data source that contains the objects to import to the group. You can choose between a **Local File** such as TXT, CSV, XLS, XLSX, and XML or an **External Data Source** such as SQL DB, ODBC, SCIM providers, etc. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fYTO.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fYTO.png) - For an **External Data Source**, provide LDAP Criteria and an External Source in the Query Designer. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fbpR.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fbpR.png) Click on the **Query Designer** button and provide the Data Source from where you would like to import the Membership. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fc5Z.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fc5Z.png) - For the **Local File**, simply upload the relevant file. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fc8n.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fc8n.png) 5. Click **Next**. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fcDd.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fcDd.png) 6. On the **Import Options** step, select the search option and map the data source fields to the corresponding Active Directory fields. The wizard matches the values of the mapped fields to determine the objects to import. @@ -86,15 +86,15 @@ The process to import members is discussed in these steps: 8. Click **Next** to preview the objects returned for adding as group members. - ![User-added image](images/ka0Qk000000Dfzp_0EMQk000001fVfD.png) + ![User-added image](./images/ka0Qk000000Dfzp_0EMQk000001fVfD.png) 9. Click **Finish**. ### Related Articles: -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) -- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md) -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) +- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) - [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) -- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) +- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage) diff --git a/docs/kb/directorymanager/how-to-limit-searchable-object-types-in-user-portals.md b/docs/kb/directorymanager/how-to-limit-searchable-object-types-in-user-portals.md index 4191e1e0c8..b38d9e5865 100644 --- a/docs/kb/directorymanager/how-to-limit-searchable-object-types-in-user-portals.md +++ b/docs/kb/directorymanager/how-to-limit-searchable-object-types-in-user-portals.md @@ -32,19 +32,19 @@ By default, the **Find** dialog box in Netwrix Directory Manager 11 portals allo ## Instructions 1. In the **Netwrix Directory Manager Admin Center**, go to **Applications**. For the application or portal where you want to implement this setting, click the three dots (**...**) and select **Settings**. - ![Applications page in Netwrix Directory Manager Admin Center with settings option highlighted](images/ka0Qk000000CzVx_0EMQk00000BYFKr.png) + ![Applications page in Netwrix Directory Manager Admin Center with settings option highlighted](./images/ka0Qk000000CzVx_0EMQk00000BYFKr.png) 2. On the next page, click **Advanced Settings**. Under the **Portal & Search** tab on the right, find the option named **Find Dialogue / Look For**. Uncheck **Groups** and **Contacts** to limit searches to user objects only. - ![Advanced Settings with Find Dialogue / Look For options in Netwrix Directory Manager](images/ka0Qk000000CzVx_0EMQk00000BYFJF.png) + ![Advanced Settings with Find Dialogue / Look For options in Netwrix Directory Manager](./images/ka0Qk000000CzVx_0EMQk00000BYFJF.png) 3. Scroll down and click the **Save** button to apply your changes. ## Impact Before making this change, the **Find** dialog box allows searches for *Users*, *Contacts*, and *Groups*: -![Find dialog box showing all object types: Users, Contacts, and Groups](images/ka0Qk000000CzVx_0EMQk00000BYFMT.png) +![Find dialog box showing all object types: Users, Contacts, and Groups](./images/ka0Qk000000CzVx_0EMQk00000BYFMT.png) After updating the settings to allow only **Users**, the **Find** dialog box will display only the *User* object type in searches: -![Find dialog box showing only User object type](images/ka0Qk000000CzVx_0EMQk00000BYFHd.png) +![Find dialog box showing only User object type](./images/ka0Qk000000CzVx_0EMQk00000BYFHd.png) diff --git a/docs/kb/directorymanager/how-to-limit-users-to-search-only-for-user-objects.md b/docs/kb/directorymanager/how-to-limit-users-to-search-only-for-user-objects.md index 8340eb061d..9b7294a24d 100644 --- a/docs/kb/directorymanager/how-to-limit-users-to-search-only-for-user-objects.md +++ b/docs/kb/directorymanager/how-to-limit-users-to-search-only-for-user-objects.md @@ -31,11 +31,11 @@ By default, the **Find** dialog box allows users to search for all object types, 1. In the **Directory Manager Admin Center**, go to **Applications**. Locate the desired application/portal and click the three-dot icon to select **Settings**. - ![Accessing application settings in Netwrix Directory Manager Admin Center](images/ka0Qk000000FGyv_0EMQk00000CAMWb.png) + ![Accessing application settings in Netwrix Directory Manager Admin Center](./images/ka0Qk000000FGyv_0EMQk00000CAMWb.png) 2. Click **Advanced Settings**. Under the **Portal & Search** tab on the right, locate the **Find Dialogue / Look For** option. Uncheck **Groups** and **Contacts** to limit searches to User objects only. - ![Configuring Find Dialogue object types in Advanced Settings](images/ka0Qk000000FGyv_0EMQk00000CAMYD.png) + ![Configuring Find Dialogue object types in Advanced Settings](./images/ka0Qk000000FGyv_0EMQk00000CAMYD.png) 3. Scroll down and click **Save** to apply your changes. @@ -43,8 +43,8 @@ By default, the **Find** dialog box allows users to search for all object types, By default, the **Find** dialog box allows searches for *Users*, *Contacts*, and *Groups*. -![Default Find dialog box showing all object types](images/ka0Qk000000FGyv_0EMQk00000CAMUz.png) +![Default Find dialog box showing all object types](./images/ka0Qk000000FGyv_0EMQk00000CAMUz.png) After applying the configuration, the **Find** dialog box will display only the **User** object type in searches. -![Find dialog box limited to User object type](images/ka0Qk000000FGyv_0EMQk00000CALUk.png) +![Find dialog box limited to User object type](./images/ka0Qk000000FGyv_0EMQk00000CALUk.png) diff --git a/docs/kb/directorymanager/how-to-modify-expiring-group-email-template.md b/docs/kb/directorymanager/how-to-modify-expiring-group-email-template.md index d5fe5433ff..325ea66b52 100644 --- a/docs/kb/directorymanager/how-to-modify-expiring-group-email-template.md +++ b/docs/kb/directorymanager/how-to-modify-expiring-group-email-template.md @@ -31,17 +31,17 @@ By default, the Group Lifecycle notification email in Netwrix Directory Manager ## Instructions 1. In the Netwrix Directory Manager Admin Center, select **Notifications** then **Notification Editor**. - ![Notification Editor in Directory Manager Admin Center](images/ka0Qk000000D8m9_0EMQk00000BpGZ3.png) + ![Notification Editor in Directory Manager Admin Center](./images/ka0Qk000000D8m9_0EMQk00000BpGZ3.png) 2. On the next page, you will see a list of all notifications in Netwrix Directory Manager. Search for the notification named `GLMExpiredNotify`. Under **Actions**, click **Edit**. - ![List of notifications with Edit option in Directory Manager](images/ka0Qk000000D8m9_0EMQk00000BpGXR.png) + ![List of notifications with Edit option in Directory Manager](./images/ka0Qk000000D8m9_0EMQk00000BpGXR.png) 3. Select the **Source Code** tab and go to line 44. This line contains the consequence of not renewing a group. Edit the text as needed to include your custom message. - ![Source Code tab with editable email body in Directory Manager](images/ka0Qk000000D8m9_0EMQk00000BpGaf.png) + ![Source Code tab with editable email body in Directory Manager](./images/ka0Qk000000D8m9_0EMQk00000BpGaf.png) 4. After making your changes, go to the **Interactive** tab to preview the results in a clean, easy-to-read format. - ![Interactive tab showing email preview in Directory Manager](images/ka0Qk000000D8m9_0EMQk00000BpGcH.png) + ![Interactive tab showing email preview in Directory Manager](./images/ka0Qk000000D8m9_0EMQk00000BpGcH.png) 5. If you are satisfied with the output, return to the **Source Code** tab and click **Save**. Confirm your changes by clicking **Save** again. - ![Save button in Source Code tab in Directory Manager](images/ka0Qk000000D8m9_0EMQk00000BpCs2.png) - ![Confirmation of saved changes in Directory Manager](images/ka0Qk000000D8m9_0EMQk00000BpGdt.png) + ![Save button in Source Code tab in Directory Manager](./images/ka0Qk000000D8m9_0EMQk00000BpCs2.png) + ![Confirmation of saved changes in Directory Manager](./images/ka0Qk000000D8m9_0EMQk00000BpGdt.png) diff --git a/docs/kb/directorymanager/how-to-notify-objects-when-a-profile-is-modified.md b/docs/kb/directorymanager/how-to-notify-objects-when-a-profile-is-modified.md index 76a957cde4..67e7396d65 100644 --- a/docs/kb/directorymanager/how-to-notify-objects-when-a-profile-is-modified.md +++ b/docs/kb/directorymanager/how-to-notify-objects-when-a-profile-is-modified.md @@ -41,17 +41,17 @@ Notifications are generated for events such as group renewal, expiry policy chan ## Instructions 1. In Netwrix Directory Manager Admin Center, select **Identity Stores**. For your identity store, click the three dots (**...**) and select **Edit**. - ![Identity Stores list with edit option highlighted in Directory Manager Admin Center](images/ka0Qk000000D8kX_0EMQk00000BpFwM.png) + ![Identity Stores list with edit option highlighted in Directory Manager Admin Center](./images/ka0Qk000000D8kX_0EMQk00000BpFwM.png) 2. On the next page, click **Configurations**. - ![Configurations button in Directory Manager Admin Center](images/ka0Qk000000D8kX_0EMQk00000BpG9G.png) + ![Configurations button in Directory Manager Admin Center](./images/ka0Qk000000D8kX_0EMQk00000BpG9G.png) 3. Click **Notifications**. - ![Notifications button in Directory Manager Admin Center](images/ka0Qk000000D8kX_0EMQk00000BpGCT.png) + ![Notifications button in Directory Manager Admin Center](./images/ka0Qk000000D8kX_0EMQk00000BpGCT.png) 4. Under the **Also Notify** option, select the checkbox for **Object being modified**. - ![Also Notify option with Object being modified checkbox selected](images/ka0Qk000000D8kX_0EMQk00000BpG9H.png) + ![Also Notify option with Object being modified checkbox selected](./images/ka0Qk000000D8kX_0EMQk00000BpG9H.png) 5. Scroll down and click the **Save** button. ## Impact For example, if an administrator changes the **Notes** field of a user account in Active Directory, the user whose account was modified will receive an email notification about the change. -![Sample email notification sent to user after profile modification in Directory Manager](images/ka0Qk000000D8kX_0EMQk00000BpGAr.png) +![Sample email notification sent to user after profile modification in Directory Manager](./images/ka0Qk000000D8kX_0EMQk00000BpGAr.png) diff --git a/docs/kb/directorymanager/how-to-replace-logo-on-landing-page.md b/docs/kb/directorymanager/how-to-replace-logo-on-landing-page.md index 2197f1305d..6a76cec76e 100644 --- a/docs/kb/directorymanager/how-to-replace-logo-on-landing-page.md +++ b/docs/kb/directorymanager/how-to-replace-logo-on-landing-page.md @@ -30,7 +30,7 @@ Netwrix Directory Manager 11 – Directory Manager Portal Can you replace the logo and picture on the landing page of the Netwrix Directory Manager portal? -![Directory Manager portal landing page with default logo and image](images/ka0Qk000000De4T_0EMQk00000BO0Jt.png) +![Directory Manager portal landing page with default logo and image](./images/ka0Qk000000De4T_0EMQk00000BO0Jt.png) ## Answer @@ -43,7 +43,7 @@ Yes, you are able to replace the logo and picture. This can be acheived by follo 2. Replace the file named `imanami-logos-master-1@3x.webp`. **IMPORTANT:** The new file must have the same name, size, and extension as the original. -![Directory showing imanami-logos-master-1@3x.webp file](images/ka0Qk000000De4T_0EMQk00000BNz9K.png) +![Directory showing imanami-logos-master-1@3x.webp file](./images/ka0Qk000000De4T_0EMQk00000BNz9K.png) > **IMPORTANT:** Take a backup of the original file before replacing it. @@ -54,7 +54,7 @@ Yes, you are able to replace the logo and picture. This can be acheived by follo 2. Replace the file named `groupid-3x.webp`. **IMPORTANT:** The new file must have the same name, size, and extension as the original. -![Directory showing groupid-3x.webp file](images/ka0Qk000000De4T_0EMQk00000BO3JN.png) +![Directory showing groupid-3x.webp file](./images/ka0Qk000000De4T_0EMQk00000BO3JN.png) > **IMPORTANT:** Take a backup of the original file before replacing it. @@ -62,4 +62,4 @@ Yes, you are able to replace the logo and picture. This can be acheived by follo 1. Open the landing page of the Directory Manager portal in incognito mode to verify that the logo and image have been updated. -![Directory Manager portal landing page with updated logo and image](images/ka0Qk000000De4T_0EMQk00000BNzAx.png) +![Directory Manager portal landing page with updated logo and image](./images/ka0Qk000000De4T_0EMQk00000BNzAx.png) diff --git a/docs/kb/directorymanager/how-to-replace-logo-on-sign-in-page.md b/docs/kb/directorymanager/how-to-replace-logo-on-sign-in-page.md index 96d0b1d8a8..42e04a140d 100644 --- a/docs/kb/directorymanager/how-to-replace-logo-on-sign-in-page.md +++ b/docs/kb/directorymanager/how-to-replace-logo-on-sign-in-page.md @@ -24,7 +24,7 @@ knowledge_article_id: kA0Qk00000015yXKAQ Can you replace the logo on the sign-in page of the Netwrix Directory Manager (formerly Netwrix GroupID) portal? -![Sign-in Page Screenshot](images/ka0Qk000000DGa1_0EMQk000004nK9l.png) +![Sign-in Page Screenshot](./images/ka0Qk000000DGa1_0EMQk000004nK9l.png) ## Answer @@ -33,8 +33,8 @@ Yes, this can be done by replacing the image file in the Netwrix Directory Manag 1. Navigate to `C:\Program Files\Imanami\GroupID 11.0\GroupIDSecurityService\Inetpub\GroupIDSecurityService\Web\wwwroot\Content\Images` 2. Replace the image file named `vector-smart-object.png`, ensuring the file name, size, and extension remain the same. -![Replacement Image Screenshot](images/ka0Qk000000DGa1_0EMQk000004nK9m.png) +![Replacement Image Screenshot](./images/ka0Qk000000DGa1_0EMQk000004nK9m.png) > **NOTE:** Take a backup of the original file. -![Final Result Screenshot](images/ka0Qk000000DGa1_0EMQk000004nK9n.png) +![Final Result Screenshot](./images/ka0Qk000000DGa1_0EMQk000004nK9n.png) diff --git a/docs/kb/directorymanager/how-to-replace-the-password-center-portal-logo.md b/docs/kb/directorymanager/how-to-replace-the-password-center-portal-logo.md index e78caab65f..bd8e780894 100644 --- a/docs/kb/directorymanager/how-to-replace-the-password-center-portal-logo.md +++ b/docs/kb/directorymanager/how-to-replace-the-password-center-portal-logo.md @@ -29,7 +29,7 @@ Netwrix Directory Manager 11.1 – Directory Manager Portal ## Question Can you replace the logo on the Password Center portal in Netwrix Directory Manager (formerly GroupID)? -![Password Center portal with default logo](images/ka0Qk000000CapJ_0EMQk00000Az6M6.png) +![Password Center portal with default logo](./images/ka0Qk000000CapJ_0EMQk00000Az6M6.png) ## Answer Yes, you can replace the Password Center logo. Follow the steps below. @@ -39,13 +39,13 @@ Yes, you can replace the Password Center logo. Follow the steps below. `C:\Program Files\Imanami\GroupID 11.0\GroupIDPortal\Inetpub\\Web\wwwroot\Content\Images\vector` 2. Locate the file named `PCFullLogoTransaprent.svg`. This file is used to render the logo on the portal. - ![Directory showing PCFullLogoTransaprent.svg file](images/ka0Qk000000CapJ_0EMQk00000AzEMr.png) + ![Directory showing PCFullLogoTransaprent.svg file](./images/ka0Qk000000CapJ_0EMQk00000AzEMr.png) 3. Convert your logo to the `.svg` format and copy it to the same directory. 4. Rename the existing `PCFullLogoTransaprent.svg` file to `PCFullLogoTransaprentbackup.svg` for backup purposes. 5. Rename your new logo file to `PCFullLogoTransaprent.svg`. 6. Open the Password Center portal in incognito mode to verify that the new logo appears. -![Password Center portal with updated logo](images/ka0Qk000000CapJ_0EMQk00000Az8kU.png) +![Password Center portal with updated logo](./images/ka0Qk000000CapJ_0EMQk00000Az8kU.png) > **NOTE:** Adjust the dimensions of your logo as needed to fit the portal layout. diff --git a/docs/kb/directorymanager/how-to-replace-the-security-service-certificate.md b/docs/kb/directorymanager/how-to-replace-the-security-service-certificate.md index a56ca7abff..dd5c67d0cc 100644 --- a/docs/kb/directorymanager/how-to-replace-the-security-service-certificate.md +++ b/docs/kb/directorymanager/how-to-replace-the-security-service-certificate.md @@ -41,31 +41,31 @@ Follow the steps below to replace the Security Service certificate: 2. Select Version as `10.2` and download patch #`370874`, but DO NOT apply it yet. 3. If you do not have the Directory Manager Updates tool, you can download it from https://www.netwrix.com/my_products.html. -![](images/ka0Qk000000DSRV_0EMQk00000A0EV5.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A0EV5.png) -![](images/ka0Qk000000DSRV_0EMQk00000A2mh7.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A2mh7.png) -![](images/ka0Qk000000DSRV_0EMQk00000A0P5V.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A0P5V.png) 4. Once downloaded, navigate to the patch download folder. Rename the file `370874.gpb` to `370874.zip`. 5. Once renamed, right-click the zip file and click **Properties**. In the **General** tab, uncheck **Unblock** and apply the changes. -![](images/ka0Qk000000DSRV_0EMQk00000A0IX3.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A0IX3.png) 6. After the zip file is unblocked, extract the contents of the ZIP file to access the utility. Run the `GroupIDSecurityServiceCertificateUpdate.exe` as an **Administrator**. -![](images/ka0Qk000000DSRV_0EMQk00000A0ISD.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A0ISD.png) 7. Verify that the **DataService** path and **Service Account** are correct. 8. Enter the information for the **Service Account** (e.g., Domain\Account_Name). 9. Click **Replace Security Service**. This action assigns the necessary permissions to the new certificate, replaces the existing one, and updates the thumbprints across all integrated applications. -![](images/ka0Qk000000DSRV_0EMQk00000A0ITp.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A0ITp.png) 10. Perform an `IISRESET` by launching Windows PowerShell/Command Prompt as an Administrator and typing `IISRESET`. 11. Verify the expiry date for the Security Service certificate by launching **IIS Manager Home** then clicking **Server Certificates**. The new expiration date should show **1/13/2045**. -![](images/ka0Qk000000DSRV_0EMQk00000A0IYf.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A0IYf.png) ### Update or Recreate Scheduled Jobs @@ -77,16 +77,16 @@ Once the Directory Manager Security Service Certificate has been updated, you ha 1. Create a backup of the Directory Manager Scheduled Job task files located at `\Program Files\Imanami\GroupID 10.0\Schedules`. 2. Create a new scheduled job in the Directory Manager Management Console. Any job type is acceptable, but the SmartGroup Update Job is recommended. -![](images/ka0Qk000000DSRV_0EMQk00000A2A0j.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A2A0j.png) 3. Navigate to `\Program Files\Imanami\GroupID 10.0\Schedules` and open the newly created task file. Sort by **Modified Date** to identify it. 4. Open the task file in Notepad. 5. Click at the beginning of the first line and press **CTRL + F**. 6. Search for `<#!#>`. On the second occurrence, copy everything afterward to the end of the file. -![](images/ka0Qk000000DSRV_0EMQk00000A25Yw.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A25Yw.png) -![](images/ka0Qk000000DSRV_0EMQk00000A21Os.png) +![](./images/ka0Qk000000DSRV_0EMQk00000A21Os.png) 7. Open another Notepad file and save the copied information. You will use this in the next step. 8. Open each remaining task file in the same directory and replace the content after the second occurrence of `<#!#>` with the copied token. diff --git a/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v10.md b/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v10.md index 268926639f..b0f850abff 100644 --- a/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v10.md +++ b/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v10.md @@ -38,22 +38,22 @@ By default, users can select from multiple security types when creating a group 3. In the **Name** list, select **General** and click **Edit**. 4. In the **Edit Design Category** dialog box, select **Security** and click **Edit**. - ![Edit Design Category dialog box with Security field selected](images/ka0Qk000000CsRF_0EMQk00000BP1x3.png) + ![Edit Design Category dialog box with Security field selected](./images/ka0Qk000000CsRF_0EMQk00000BP1x3.png) 5. In the **Edit Field** dialog box, click the **Advanced options** link. - ![Edit Field dialog box with Advanced options link](images/ka0Qk000000CsRF_0EMQk00000BP23V.png) + ![Edit Field dialog box with Advanced options link](./images/ka0Qk000000CsRF_0EMQk00000BP23V.png) 6. Select `Semi Private: Owner Must Approve` from the **Default Value** drop-down list. - ![Default Value drop-down list with Semi Private selected](images/ka0Qk000000CsRF_0EMQk00000BP21t.png) + ![Default Value drop-down list with Semi Private selected](./images/ka0Qk000000CsRF_0EMQk00000BP21t.png) 7. Optional: To enforce the semi-private security type, select the **Is Read-Only** check box. This will disable the **Security** drop-down list in the **Create Group** wizard, displaying only the default value. - ![Is Read-Only check box selected in Edit Field dialog box](images/ka0Qk000000CsRF_0EMQk00000BP1yf.png) + ![Is Read-Only check box selected in Edit Field dialog box](./images/ka0Qk000000CsRF_0EMQk00000BP1yf.png) 8. Optional: To hide the **Security** drop-down list from a specific role, select the desired role (such as **Administrator** or **Helpdesk**) from the **Visibility Role** drop-down list. The **Security** drop-down list will be visible to users of the selected role and roles with a higher priority value, and hidden from all roles with a lower priority value. - ![Visibility Role drop-down list in Edit Field dialog box](images/ka0Qk000000CsRF_0EMQk00000BP20H.png) + ![Visibility Role drop-down list in Edit Field dialog box](./images/ka0Qk000000CsRF_0EMQk00000BP20H.png) 9. Click **OK** to close the dialog boxes and save your changes. diff --git a/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v11.md b/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v11.md index 110098088a..e2ed4b4593 100644 --- a/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v11.md +++ b/docs/kb/directorymanager/how-to-set-semi-private-as-the-default-security-type-in-v11.md @@ -30,33 +30,33 @@ By default, users can choose from several security types when creating a group i ## Instructions 1. Open the Directory Manager Admin Portal at `https://servername/AdminCenter/`. Navigate to **Applications**, select your desired portal, and click the three dots (**...**) to edit it. - ![Applications page in Netwrix Directory Manager Admin Portal with edit option highlighted](images/ka0Qk000000CsSr_0EMQk00000BP3cH.png) + ![Applications page in Netwrix Directory Manager Admin Portal with edit option highlighted](./images/ka0Qk000000CsSr_0EMQk00000BP3cH.png) 2. Click **Settings**. - ![Settings option in Netwrix Directory Manager Admin Portal](images/ka0Qk000000CsSr_0EMQk00000BP3fV.png) + ![Settings option in Netwrix Directory Manager Admin Portal](./images/ka0Qk000000CsSr_0EMQk00000BP3fV.png) 3. Under **Design Settings**, click your identity store’s name. - ![Design Settings section in Netwrix Directory Manager Admin Portal](images/ka0Qk000000CsSr_0EMQk00000BP3af.png) + ![Design Settings section in Netwrix Directory Manager Admin Portal](./images/ka0Qk000000CsSr_0EMQk00000BP3af.png) 4. On the **Create Object** tab, select **Group** from the **Select Directory Object** drop-down list. - ![Create Object tab with Group selected](images/ka0Qk000000CsSr_0EMQk00000BP3dt.png) + ![Create Object tab with Group selected](./images/ka0Qk000000CsSr_0EMQk00000BP3dt.png) 5. In the **Name** list, select *General* and click **Edit**. 6. In the **Edit Design Category** dialog box, select **Security** and click **Edit**. - ![Edit Design Category dialog box with Security field selected](images/ka0Qk000000CsSr_0EMQk00000BP3kL.png) + ![Edit Design Category dialog box with Security field selected](./images/ka0Qk000000CsSr_0EMQk00000BP3kL.png) 7. In the **Edit Field** dialog box, click the **Advanced options** link. - ![Edit Field dialog box with Advanced options link](images/ka0Qk000000CsSr_0EMQk00000BP3lx.png) + ![Edit Field dialog box with Advanced options link](./images/ka0Qk000000CsSr_0EMQk00000BP3lx.png) 8. Select `Semi_Private` from the **Default Value** drop-down list. - ![Default Value drop-down list with Semi_Private selected](images/ka0Qk000000CsSr_0EMQk00000BP3nZ.png) + ![Default Value drop-down list with Semi_Private selected](./images/ka0Qk000000CsSr_0EMQk00000BP3nZ.png) 9. Optional: To enforce the semi-private security type, select the **Is Read-Only** check box. This action disables the **Security** drop-down list in the **Create Group** wizard and displays only the default value. - ![Is Read-Only check box selected in Edit Field dialog box](images/ka0Qk000000CsSr_0EMQk00000BP3ij.png) - ![Create Group wizard with Security drop-down list disabled](images/ka0Qk000000CsSr_0EMQk00000BP3qn.png) + ![Is Read-Only check box selected in Edit Field dialog box](./images/ka0Qk000000CsSr_0EMQk00000BP3ij.png) + ![Create Group wizard with Security drop-down list disabled](./images/ka0Qk000000CsSr_0EMQk00000BP3qn.png) 10. Optional: To hide the **Security** drop-down list from a specific role, select the desired role (such as **Administrator** or **Helpdesk**) from the **Visibility Role** drop-down list. The **Security** drop-down list is visible to users of the selected role and to roles with a higher priority value, but hidden from all roles with a lower priority value. - ![Visibility Role drop-down list in Edit Field dialog box](images/ka0Qk000000CsSr_0EMQk00000BP3pB.png) + ![Visibility Role drop-down list in Edit Field dialog box](./images/ka0Qk000000CsSr_0EMQk00000BP3pB.png) 11. Click **OK** to close the dialog boxes then save your changes. diff --git a/docs/kb/directorymanager/how-to-trigger-a-workflow-when-a-user-creates-a-group.md b/docs/kb/directorymanager/how-to-trigger-a-workflow-when-a-user-creates-a-group.md index 859a36f57b..1b803ca744 100644 --- a/docs/kb/directorymanager/how-to-trigger-a-workflow-when-a-user-creates-a-group.md +++ b/docs/kb/directorymanager/how-to-trigger-a-workflow-when-a-user-creates-a-group.md @@ -46,9 +46,9 @@ If the workflow conditions are met, a request is generated and sent to the appro 1. In the **Netwrix Directory Manager Admin Center**, click the **Identity Stores** node from the Navigation Bar. 2. On the **Identity Stores** tab, click the three-dot icon and click the **Edit** button of an identity store to open its properties. - ![Identity Store Edit Screenshot](images/ka0Qk000000DGYP_0EMQk00000BdOqX.png) + ![Identity Store Edit Screenshot](./images/ka0Qk000000DGYP_0EMQk00000BdOqX.png) 3. Click the **Workflow** tab. - ![Workflow Tab Screenshot](images/ka0Qk000000DGYP_0EMQk00000BdOs9.png) + ![Workflow Tab Screenshot](./images/ka0Qk000000DGYP_0EMQk00000BdOs9.png) 4. Click **Add Workflow**. 5. In the **Object(s)** list, select *Group*. 6. Enter a name for the workflow in the **Name** box. For example, `Group Creation`. @@ -58,7 +58,7 @@ If the workflow conditions are met, a request is generated and sent to the appro 10. The **Enable approver acceleration** check box applies if approver acceleration has been enabled for the identity store. To exempt this workflow route from approver acceleration, clear this check box. 11. In the **Description** box, enter a brief description of the workflow. For example, `This workflow tracks creation of groups by people from User Security Role.` 12. In the **Portal URL** drop-down list, select a Self-Service portal URL to include in the workflow email notifications. The URL would redirect the recipients to the portal for acting on the respective request, such as approve or deny it. - ![Add Workflow Screenshot](images/ka0Qk000000DGYP_0EMQk00000BdOtl.png) + ![Add Workflow Screenshot](./images/ka0Qk000000DGYP_0EMQk00000BdOtl.png) 13. Use the **Filters** area to define a condition that must be met for the workflow to trigger. Leave the filter blank to apply the workflow to all users. If a condition is set and not met, the workflow will not initiate. For example, the following filter targets users in the User security role: | Field | Condition | Value | @@ -67,7 +67,7 @@ If the workflow conditions are met, a request is generated and sent to the appro With this filter, when a user from the User role creates a group via the Self-Service portal, the workflow is triggered and the changes are held for approval. Users outside this role can create groups without triggering the workflow. 14. In the **Approvers** area, click **Add**. - ![Add Approver Screenshot](images/ka0Qk000000DGYP_0EMQk00000BdOov.png) + ![Add Approver Screenshot](./images/ka0Qk000000DGYP_0EMQk00000BdOov.png) 15. Select the user or group responsible for approving requests generated by this workflow. For best results, assign an administrator or helpdesk member rather than group owners. 16. Click **OK** to save the approver configuration. 17. Click **OK** on the **Workflow Route** dialog box and then on the **Workflow** tab to finalize the configuration. diff --git a/docs/kb/directorymanager/how-to-uninstall-directory-manager.md b/docs/kb/directorymanager/how-to-uninstall-directory-manager.md index a85f0c27a3..3d1889d8db 100644 --- a/docs/kb/directorymanager/how-to-uninstall-directory-manager.md +++ b/docs/kb/directorymanager/how-to-uninstall-directory-manager.md @@ -36,7 +36,7 @@ The steps below guide you through uninstalling Netwrix Directory Manager for an ### Uninstall Netwrix Directory Manager to Upgrade to a Newer Version 1. Double-click the **setup.exe** file in the Directory Manager installation package to launch the Directory Manager Installer. - ![Directory Manager Installer main screen with Uninstall Directory Manager option](images/ka0Qk0000006YdJ_0EMQk000004nD8J.png) + ![Directory Manager Installer main screen with Uninstall Directory Manager option](./images/ka0Qk0000006YdJ_0EMQk000004nD8J.png) 2. Click **Uninstall Directory Manager** to remove the application files via **Programs & Features** in Control Panel. 3. Proceed with the upgrade to the newer version of Directory Manager. 4. Click the **Install Directory Manager** link on the Directory Manager Installer to install the latest version. @@ -98,7 +98,7 @@ HKEY_LOCAL_MACHINE\SOFTWARE\Imanami\GroupID\Version 11.0 1. Open the Internet Information Services (IIS) console by typing `inetmgr` in the Windows **Run** dialog box. 2. Expand the **\** node in the console tree and click **Application Pools**. 3. On the Application Pools page, delete **Directory Manager App Pool 11** and all other pools that start with **GroupID11_GroupIDSite11** prefixes. - ![IIS Application Pools page with Directory Manager App Pool 11 selected](images/ka0Qk0000006YdJ_0EMQk000004nD8S.png) + ![IIS Application Pools page with Directory Manager App Pool 11 selected](./images/ka0Qk0000006YdJ_0EMQk000004nD8S.png) ### Remove Directory Manager Certificates diff --git a/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v10.md b/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v10.md index 2e8bd1ff57..f4c8beb882 100644 --- a/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v10.md +++ b/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v10.md @@ -42,10 +42,10 @@ You can check a user's security role assignment for the following Netwrix Direct 1. In the Netwrix Directory Manager Management Console, click the **Identity Stores** node. 2. On the **Identity Stores** tab, double-click an identity store to open its properties. 3. On the **Security Roles** tab, click **Get Security Roles** to view the roles assigned to a user in the selected Netwrix Directory Manager client. - ![Security Roles tab in Identity Store properties](images/ka0Qk000000Du9F_0EMQk00000BQXBk.png) + ![Security Roles tab in Identity Store properties](./images/ka0Qk000000Du9F_0EMQk00000BQXBk.png) 4. Click the **Find User** button to specify the user you want to check the role for. 5. The **Find** dialog box is displayed, where you can search for and select the required user. You can use the **Delete** icon to remove the selected user and specify another one. - ![Find dialog box for selecting a user](images/ka0Qk000000Du9F_0EMQk00000BQZYT.png) + ![Find dialog box for selecting a user](./images/ka0Qk000000Du9F_0EMQk00000BQZYT.png) 6. In the **Client Name** list, select a Netwrix Directory Manager client to view the user’s role for that client. To see the user’s role in a specific portal, select the relevant Self-Service portal. To view the user’s highest privileged role in Netwrix Directory Manager, select `None`. - ![Client Name list for selecting Directory Manager client](images/ka0Qk000000Du9F_0EMQk00000BQZmz.png) + ![Client Name list for selecting Directory Manager client](./images/ka0Qk000000Du9F_0EMQk00000BQZmz.png) 7. Click the **Get Role** button. The **Applied Role** area shows the user role for the selected client along with role priority. For `None`, the highest privileged role of the user is displayed, regardless of any client. diff --git a/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v11.md b/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v11.md index c66bf95495..8a167e431e 100644 --- a/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v11.md +++ b/docs/kb/directorymanager/how-to-view-roles-assigned-to-a-user-v11.md @@ -44,15 +44,15 @@ These roles can be customized or extended with additional custom roles as needed 1. Log in to the **Netwrix Directory Admin Center**. 2. Click **Identity Stores** in the left pane. 3. Click the three-dot icon next to the relevant identity store and select **Edit**. - ![Three-dot icon and Edit option for identity store](images/ka0Qk000000Du7d_0EMQk00000BN8mX.png) + ![Three-dot icon and Edit option for identity store](./images/ka0Qk000000Du7d_0EMQk00000BN8mX.png) 4. Click **Security Roles** under the **Settings** section. - ![Security Roles option in identity store settings](images/ka0Qk000000Du7d_0EMQk00000BN8pl.png) + ![Security Roles option in identity store settings](./images/ka0Qk000000Du7d_0EMQk00000BN8pl.png) 5. Click **Check Security Roles** and the dialog box opens. - ![Check Security Roles button in Security Roles section](images/ka0Qk000000Du7d_0EMQk00000BN8ub.png) + ![Check Security Roles button in Security Roles section](./images/ka0Qk000000Du7d_0EMQk00000BN8ub.png) 6. From the **Client name** drop-down list, select one of the following Netwrix Directory Manager clients: - Select a deployed client (e.g., portal) to view the user's role in that client. - Select **None** to view the user's highest privileged role across the entire identity store. - ![Client name drop-down and user search in Check Security Roles dialog](images/ka0Qk000000Du7d_0EMQk00000BN8zR.png) + ![Client name drop-down and user search in Check Security Roles dialog](./images/ka0Qk000000Du7d_0EMQk00000BN8zR.png) 7. Search for a user using one of the following methods: - Enter a search string and press **Enter** to filter users by username. - Click **Advanced** to search by additional fields such as name, department, company, or email. Click **Search** and select the desired user. diff --git "a/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md" "b/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md" index 77a8880005..262658d1c0 100644 --- "a/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md" +++ "b/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_\321\201reates_a_group.md" @@ -85,9 +85,9 @@ Admin Center — Workflows — Overview — v11.0 ### Related Articles -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) -- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) +- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage) diff --git a/docs/kb/directorymanager/identify-similar-groups-in-the-directory.md b/docs/kb/directorymanager/identify-similar-groups-in-the-directory.md index 89599250da..9275441337 100644 --- a/docs/kb/directorymanager/identify-similar-groups-in-the-directory.md +++ b/docs/kb/directorymanager/identify-similar-groups-in-the-directory.md @@ -46,9 +46,9 @@ For example, if you have a distribution group (Group A) with three members (A1, > **NOTE:** Netwrix Directory Manager only displays up to six similar groups, even if more exist in the directory. The similarity ranking is based on group type and the number of shared members. -![Similar Groups tab in Directory Manager group properties page](images/ka0Qk000000EMTh_0EMQk00000BWvT4.png) +![Similar Groups tab in Directory Manager group properties page](./images/ka0Qk000000EMTh_0EMQk00000BWvT4.png) 6. Click a bar for a group to view similarity details. 7. The **Similarity Details** dialog box displays the common type and common members that both groups have. -![Similarity Details dialog box showing common type and members](images/ka0Qk000000EMTh_0EMQk00000BX24j.png) +![Similarity Details dialog box showing common type and members](./images/ka0Qk000000EMTh_0EMQk00000BX24j.png) diff --git a/docs/kb/directorymanager/limit-users-to-create-new-objects-in-specified-containers.md b/docs/kb/directorymanager/limit-users-to-create-new-objects-in-specified-containers.md index a6f0624068..741813bd08 100644 --- a/docs/kb/directorymanager/limit-users-to-create-new-objects-in-specified-containers.md +++ b/docs/kb/directorymanager/limit-users-to-create-new-objects-in-specified-containers.md @@ -49,7 +49,7 @@ This article explains how to limit users to creating new objects only in specifi 6. Click **Apply** and then **OK** on the **New Object** page. -![New Object policy configuration in Directory Manager](images/ka0Qk000000EZFd_0EMQk00000BuMdp.png) +![New Object policy configuration in Directory Manager](./images/ka0Qk000000EZFd_0EMQk00000BuMdp.png) > **NOTE:** Removing all containers for an object type means the New Object policy no longer applies to that object type, and users can create the object in any OU in the identity store. @@ -60,12 +60,12 @@ With the New Object policy applied, role members can create new objects only in ### In Automate - On the **Group Options** page of the **New Group** wizard, users can view and select only the specified OUs for new group creation. - ![OU selection in Automate New Group wizard](images/ka0Qk000000EZFd_0EMQk00000BuMYz.png) + ![OU selection in Automate New Group wizard](./images/ka0Qk000000EZFd_0EMQk00000BuMYz.png) ### In the Self-Service portal - On the **General** page of the **Create Group** wizard, users can view and select only the specified OUs for new group creation. - ![OU selection in Self-Service Create Group wizard](images/ka0Qk000000EZFd_0EMQk00000BuMab.png) + ![OU selection in Self-Service Create Group wizard](./images/ka0Qk000000EZFd_0EMQk00000BuMab.png) - On the **Account** page of the **Create Contact** wizard, users can view and select only the specified OUs for new contact creation. - ![OU selection in Self-Service Create Contact wizard](images/ka0Qk000000EZFd_0EMQk00000BuMcD.png) + ![OU selection in Self-Service Create Contact wizard](./images/ka0Qk000000EZFd_0EMQk00000BuMcD.png) diff --git a/docs/kb/directorymanager/linking-directory-manager-processes-with-microsoft-flow.md b/docs/kb/directorymanager/linking-directory-manager-processes-with-microsoft-flow.md index 4d894e0ff5..ac4d65571e 100644 --- a/docs/kb/directorymanager/linking-directory-manager-processes-with-microsoft-flow.md +++ b/docs/kb/directorymanager/linking-directory-manager-processes-with-microsoft-flow.md @@ -48,7 +48,7 @@ Refer to the official Microsoft documentation to create a custom connector in MS During setup, you must enter the **Client ID** and **Client Secret** and import the `GroupIDConnector.swagger.json` file. -![Security page showing fields for Client ID and Client Secret](images/ka0Qk000000DS6X_0EMQk000004nFgL.png) +![Security page showing fields for Client ID and Client Secret](./images/ka0Qk000000DS6X_0EMQk000004nFgL.png) ### Step 2: Retrieve the Client ID, Secret, and Swagger File @@ -56,7 +56,7 @@ During setup, you must enter the **Client ID** and **Client Secret** and import 2. On the **Identity Stores** tab, double-click the identity store you want to link to MS Flow. 3. On the **Workflow** tab in identity store properties, click the **MS Flow** link. -![Workflow tab showing Microsoft Flow link](images/ka0Qk000000DS6X_0EMQk000004nFgM.png) +![Workflow tab showing Microsoft Flow link](./images/ka0Qk000000DS6X_0EMQk000004nFgM.png) 4. Click the copy button next to **MS Flow Client ID** to copy the client ID to the clipboard, then paste the ID in the **Client ID** box in MS Flow. 5. Click the copy button next to **MS Flow Client Secret** to copy the client secret (password) to the clipboard, then paste this password in the **Client Secret** box in MS Flow. diff --git a/docs/kb/directorymanager/manage-elastic-repository-on-a-separate-instance-with-v11.md b/docs/kb/directorymanager/manage-elastic-repository-on-a-separate-instance-with-v11.md index 848e5308e3..47fcd97496 100644 --- a/docs/kb/directorymanager/manage-elastic-repository-on-a-separate-instance-with-v11.md +++ b/docs/kb/directorymanager/manage-elastic-repository-on-a-separate-instance-with-v11.md @@ -40,7 +40,7 @@ Yes, this is possible. To improve performance and manageability, you can install 1. Install Elasticsearch on a separate machine by downloading the latest version from the official website. 2. Extract the package and open CMD. 3. Navigate to the `bin` directory and run `elasticsearch.bat`. - ![Steps 1-3 in CMD](images/ka0Qk000000DSPt_0EMQk00000C0zmA.png) + ![Steps 1-3 in CMD](./images/ka0Qk000000DSPt_0EMQk00000C0zmA.png) 4. Take note of the **username** and **password** provided upon successful installation. You may keep the password provided, but if you would like to reset the password, run the command below: ```bat @@ -62,7 +62,7 @@ in CMD. Let the installation complete. 3. Verify Elasticsearch is running by navigating to the service URL in your browser. 4. On the Netwrix Directory Manager server, open the **Netwrix Directory Manager Configuration Tool**. When prompted, select **I will install and manage Elastic myself**. 5. Enter the **URL** and **credentials** for the separate Elasticsearch machine. - ![GroupID Config Tool](images/ka0Qk000000DSPt_0EMQk00000C15Bd.png) + ![GroupID Config Tool](./images/ka0Qk000000DSPt_0EMQk00000C15Bd.png) 6. Complete the remaining configuration steps to finalize the setup. Once completed, Netwrix Directory Manager 11 will be successfully configured to use an external Elasticsearch instance for its repository. diff --git a/docs/kb/directorymanager/notify-logged-in-users-about-changes-made-to-directory-objects.md b/docs/kb/directorymanager/notify-logged-in-users-about-changes-made-to-directory-objects.md index 98ebec5d44..99395bc0a7 100644 --- a/docs/kb/directorymanager/notify-logged-in-users-about-changes-made-to-directory-objects.md +++ b/docs/kb/directorymanager/notify-logged-in-users-about-changes-made-to-directory-objects.md @@ -31,13 +31,13 @@ You can configure Netwrix Directory Manager 11 (formerly GroupID) to send users ## Instructions 1. In Directory Manager Admin Center, click the **Identity Stores** node. 2. For your identity store, click the three dots (**...**) button and select **Edit**. - ![Identity Stores list with edit option highlighted in Directory Manager Admin Center](images/ka0Qk000000D8iv_0EMQk00000BpFrV.png) + ![Identity Stores list with edit option highlighted in Directory Manager Admin Center](./images/ka0Qk000000D8iv_0EMQk00000BpFrV.png) 3. On the next page, click the **Configurations** button. - ![Configurations button in Directory Manager Admin Center](images/ka0Qk000000D8iv_0EMQk00000BpFoH.png) + ![Configurations button in Directory Manager Admin Center](./images/ka0Qk000000D8iv_0EMQk00000BpFoH.png) 4. Click the **Notifications** button. - ![Notifications button in Directory Manager Admin Center](images/ka0Qk000000D8iv_0EMQk00000BpFmf.png) + ![Notifications button in Directory Manager Admin Center](./images/ka0Qk000000D8iv_0EMQk00000BpFmf.png) 5. Under the **Also Notify** option, select the checkbox labeled **Logged in users for their actions**. - ![Also Notify option with Logged in users for their actions checkbox selected](images/ka0Qk000000D8iv_0EMQk00000BpFuj.png) + ![Also Notify option with Logged in users for their actions checkbox selected](./images/ka0Qk000000D8iv_0EMQk00000BpFuj.png) 6. Scroll down and click the **Save** button. With this notification setting enabled, email notifications will be sent to the logged-in user for changes they make to directory objects using the portal. @@ -47,8 +47,8 @@ With this notification setting enabled, email notifications will be sent to the ## Impact In the example below, an end user changes the **Description** field of a group. -![User editing the Description field of a group in Directory Manager user portal](images/ka0Qk000000D8iv_0EMQk00000BpFt7.png) +![User editing the Description field of a group in Directory Manager user portal](./images/ka0Qk000000D8iv_0EMQk00000BpFt7.png) The user will receive an email notification for the changes they made. -![Sample email notification sent to user after making changes in Directory Manager user portal](images/ka0Qk000000D8iv_0EMQk00000BpFpt.png) +![Sample email notification sent to user after making changes in Directory Manager user portal](./images/ka0Qk000000D8iv_0EMQk00000BpFpt.png) diff --git a/docs/kb/directorymanager/phoneid-authentication-option-discontinued.md b/docs/kb/directorymanager/phoneid-authentication-option-discontinued.md index 82ca82c95f..01f4055737 100644 --- a/docs/kb/directorymanager/phoneid-authentication-option-discontinued.md +++ b/docs/kb/directorymanager/phoneid-authentication-option-discontinued.md @@ -44,39 +44,39 @@ Netwrix recommends using Netwrix Directory Manager in conjunction with a FIDO2-b 1. Enable YubiKey support in the configuration, even if you do not plan on using YubiKey hardware tokens. - ![A screenshot of a computerDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAgZi.png) + ![A screenshot of a computerDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAgZi.png) - ![A screenshot of a phoneDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAfKI.png) + ![A screenshot of a phoneDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAfKI.png) - ![A screenshot of a phoneDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAfow.png) + ![A screenshot of a phoneDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAfow.png) - ![A screenshot of a computer screenDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAl4j.png) + ![A screenshot of a computer screenDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAl4j.png) 2. From the user portal, users should enroll their account and select YubiKey from the available options. - ![A screenshot of a phoneDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAkS2.png) + ![A screenshot of a phoneDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAkS2.png) - ![A screenshot of a computer screenDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAl7x.png) + ![A screenshot of a computer screenDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAl7x.png) 3. Give your passkey-enabled device an appropriate name. - ![A screenshot of a computerDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAl9Z.png) + ![A screenshot of a computerDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAl9Z.png) 4. You will be prompted to choose a location to save your passkey. - ![A screenshot of a computerDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAlBB.png) + ![A screenshot of a computerDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAlBB.png) 5. You will receive a notification on your device or be prompted to insert a USB token, depending on the chosen method. - ![A screenshot of a computer error messageDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAlEP.png) + ![A screenshot of a computer error messageDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAlEP.png) 6. If using a mobile phone, you should be prompted to create a key for the web portal enrollment. - ![A screenshot of a phoneDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAlO5.png) + ![A screenshot of a phoneDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAlO5.png) 7. After completion, you will receive confirmation on both the mobile device and the portal. - ![A white sign with black textDescription automatically generated](images/ka0Qk000000Bt1B_0EMQk00000AAlUX.png) + ![A white sign with black textDescription automatically generated](./images/ka0Qk000000Bt1B_0EMQk00000AAlUX.png) ## What is a Passkey, and why do we recommend using it? diff --git a/docs/kb/directorymanager/remove-the-displayname-requirement-for-groups-created-in-active-directory.md b/docs/kb/directorymanager/remove-the-displayname-requirement-for-groups-created-in-active-directory.md index 4397f8ef16..61c7d6b446 100644 --- a/docs/kb/directorymanager/remove-the-displayname-requirement-for-groups-created-in-active-directory.md +++ b/docs/kb/directorymanager/remove-the-displayname-requirement-for-groups-created-in-active-directory.md @@ -31,32 +31,32 @@ Netwrix Directory Manager, however, requires the **displayName** attribute becau This article describes a workaround that allows you to save changes to these groups by making the **displayName** attribute optional in the portal design. -![Error message displayed in Self-Service Portal when displayName is missing](images/ka0Qk000000DvbZ_0EMQk00000BSYlB.png) ![Error details dialog showing missing displayName attribute](images/ka0Qk000000DvbZ_0EMQk00000BSWjO.png) +![Error message displayed in Self-Service Portal when displayName is missing](./images/ka0Qk000000DvbZ_0EMQk00000BSYlB.png) ![Error details dialog showing missing displayName attribute](./images/ka0Qk000000DvbZ_0EMQk00000BSWjO.png) ## Instructions 1. In the Netwrix Directory Manager Admin Center, go to the **Applications** tab. Open the settings for the application where you want to remove the **displayName** requirement by clicking the **Settings** button (top right corner of the application card). - ![Open application settings in Directory Manager Admin Center](images/ka0Qk000000DvbZ_0EMQk00000BSYmn.png) + ![Open application settings in Directory Manager Admin Center](./images/ka0Qk000000DvbZ_0EMQk00000BSYmn.png) 2. Under **Design Settings**, click the domain name. - ![Select domain under Design Settings](images/ka0Qk000000DvbZ_0EMQk00000BSYoP.png) + ![Select domain under Design Settings](./images/ka0Qk000000DvbZ_0EMQk00000BSYoP.png) 3. Go to the **Properties** tab and set the **Directory Object** to **Groups**. - ![Set Directory Object to Groups](images/ka0Qk000000DvbZ_0EMQk00000BSYq1.png) + ![Set Directory Object to Groups](./images/ka0Qk000000DvbZ_0EMQk00000BSYq1.png) 4. Edit the **General** field by clicking the pencil icon. - ![Edit General field](images/ka0Qk000000DvbZ_0EMQk00000BSYrd.png) + ![Edit General field](./images/ka0Qk000000DvbZ_0EMQk00000BSYrd.png) 5. Edit the **DisplayName** field by clicking the pencil icon in the Design category window. - ![Edit DisplayName field](images/ka0Qk000000DvbZ_0EMQk00000BSYtF.png) + ![Edit DisplayName field](./images/ka0Qk000000DvbZ_0EMQk00000BSYtF.png) 6. Expand **Advanced Options** and uncheck the **Is Required** box. - ![Uncheck Is Required for DisplayName](images/ka0Qk000000DvbZ_0EMQk00000BSYwT.png) + ![Uncheck Is Required for DisplayName](./images/ka0Qk000000DvbZ_0EMQk00000BSYwT.png) 7. Click all **OK** buttons to save your changes, then log in to your portal. You should now be able to save changes to a group even if the **displayName** attribute is not populated. diff --git a/docs/kb/directorymanager/replicating-custom-ad-attributes-to-elasticsearch.md b/docs/kb/directorymanager/replicating-custom-ad-attributes-to-elasticsearch.md index 5ac9f062f4..8679bc39a5 100644 --- a/docs/kb/directorymanager/replicating-custom-ad-attributes-to-elasticsearch.md +++ b/docs/kb/directorymanager/replicating-custom-ad-attributes-to-elasticsearch.md @@ -32,20 +32,20 @@ Netwrix Directory Manager 10 allows you to replicate custom Active Directory (AD 1. Create the custom attribute in the Active Directory schema. For example, to add `campusName` for users, define the attribute in the AD schema and assign it to user objects. Once completed, the attribute will appear in the attribute list for users in AD. 2. On the Netwrix Directory Manager machine, open **Task Scheduler** and run the task named **Schema Replication**. - ![Task Scheduler with Schema Replication task highlighted](images/ka0Qk000000CtIT_0EMQk00000BQYMJ.png) + ![Task Scheduler with Schema Replication task highlighted](./images/ka0Qk000000CtIT_0EMQk00000BQYMJ.png) 3. After the **Schema Replication** task completes, open the Netwrix Directory Manager Management Console and click the **Identity Stores** node. 4. On the **Identity Stores** tab, double-click the required identity store to open its properties. 5. On the **Replication** tab, add the custom attribute you created. - ![Replication tab in Identity Store properties with custom attribute added](images/ka0Qk000000CtIT_0EMQk00000BQZgZ.png) + ![Replication tab in Identity Store properties with custom attribute added](./images/ka0Qk000000CtIT_0EMQk00000BQZgZ.png) 6. Once complete, open **Services** and restart the **Elasticsearch** service and the **Netwrix Replication** service. 7. Open `regedit.msc` and navigate to `HKEY_LOCAL_MACHINE\SOFTWARE\Imanami\GroupID\Version 10.0\Replication`. 8. Expand the **Replication** registry key to view your identity stores. Select your domain’s identity store, and in the `users` value, delete the existing value data. Click **OK** to save your changes. This action forces a full replication of user objects, ensuring the new attribute is included in Elasticsearch. - ![Registry editor showing Replication key and users value](images/ka0Qk000000CtIT_0EMQk00000BQXA7.png) + ![Registry editor showing Replication key and users value](./images/ka0Qk000000CtIT_0EMQk00000BQXA7.png) 9. In the Netwrix Directory Manager Management Console, go to the **Replication** tab for the identity store and click **Replicate Now** in the Replication Service area. This starts users-only replication for your domain. Once complete, your custom attribute will be included in Elasticsearch. diff --git a/docs/kb/directorymanager/require-unique-group-display-names-in-portal.md b/docs/kb/directorymanager/require-unique-group-display-names-in-portal.md index 2a4ca1405d..33e3bf9eea 100644 --- a/docs/kb/directorymanager/require-unique-group-display-names-in-portal.md +++ b/docs/kb/directorymanager/require-unique-group-display-names-in-portal.md @@ -32,15 +32,15 @@ To prevent duplicate group names, you can configure Netwrix Directory Manager to ### Configure the Portal to Require Unique Group Display Names 1. In the Netwrix Directory Manager Admin Center, navigate to **Applications > [Your Portal] > Settings**. - ![Portal settings in Directory Manager Admin Center](images/ka0Qk000000EYoD_0EMQk00000BpDHp.png) + ![Portal settings in Directory Manager Admin Center](./images/ka0Qk000000EYoD_0EMQk00000BpDHp.png) 2. Click the identity store name under the **Design Settings** section. - ![Identity store selection in Design Settings](images/ka0Qk000000EYoD_0EMQk00000BpDEb.png) + ![Identity store selection in Design Settings](./images/ka0Qk000000EYoD_0EMQk00000BpDEb.png) 3. On the **Properties** tab, select **Group** as the directory object then select **General** and click **Edit**. - ![Editing group properties in Directory Manager](images/ka0Qk000000EYoD_0EMQk00000BpDGD.png) + ![Editing group properties in Directory Manager](./images/ka0Qk000000EYoD_0EMQk00000BpDGD.png) 4. In the **Edit Design Category** box, select **Display name** and click **Edit**. - ![Edit Design Category dialog in Directory Manager](images/ka0Qk000000EYoD_0EMQk00000BpDL3.png) + ![Edit Design Category dialog in Directory Manager](./images/ka0Qk000000EYoD_0EMQk00000BpDL3.png) 5. In the **Edit Field** dialog box, ensure `displayName` is selected in the **Field** box. For **Display Type**, select `UniqueText`. - ![Edit Field dialog in Directory Manager](images/ka0Qk000000EYoD_0EMQk00000BpDJR.png) + ![Edit Field dialog in Directory Manager](./images/ka0Qk000000EYoD_0EMQk00000BpDJR.png) 6. Click **OK** then click **Save** in the outer window. 7. If you want to apply this setting to Smart Groups, select **Smart Group** as the directory object in step 3 and repeat the same steps. 8. After this configuration, when a user tries to create a group from the Self-Service portal with a display name that already exists, the portal will not allow it. diff --git a/docs/kb/directorymanager/restricting-expiration-policy-options-by-role.md b/docs/kb/directorymanager/restricting-expiration-policy-options-by-role.md index 1fde6e9102..1b0be73119 100644 --- a/docs/kb/directorymanager/restricting-expiration-policy-options-by-role.md +++ b/docs/kb/directorymanager/restricting-expiration-policy-options-by-role.md @@ -33,25 +33,25 @@ By default, all expiration policy options are available in the **Expiration Poli ### Show Specific Options in the Expiration Policy List 1. In Netwrix Directory Manager Admin Center, go to **Applications**. Under **Directory Manager Portal**, click the three dots (**...**) next to your portal and select **Settings**. - ![Applications page in Directory Manager Admin Center with settings option highlighted](images/ka0Qk000000DvYL_0EMQk00000Br3EL.png) + ![Applications page in Directory Manager Admin Center with settings option highlighted](./images/ka0Qk000000DvYL_0EMQk00000Br3EL.png) 2. On the **Server Settings** tab, under **Design Settings**, select your portal. - ![Design Settings section in Directory Manager Admin Center](images/ka0Qk000000DvYL_0EMQk00000Br3B7.png) + ![Design Settings section in Directory Manager Admin Center](./images/ka0Qk000000DvYL_0EMQk00000Br3B7.png) 3. On the **Custom Display Types** tab, select `lstExpirationPolicy` and click **Edit**. - ![Custom Display Types tab with lstExpirationPolicy selected](images/ka0Qk000000DvYL_0EMQk00000Br3Fx.png) + ![Custom Display Types tab with lstExpirationPolicy selected](./images/ka0Qk000000DvYL_0EMQk00000Br3Fx.png) 4. In the **Edit Dropdown List Display Type** window, select a value in the **Values** area and click **Edit**. The **Values** area displays all values defined for the Expiration Policy drop-down list. - ![Edit Dropdown List Display Type window in Directory Manager](images/ka0Qk000000DvYL_0EMQk00000Br2be.png) + ![Edit Dropdown List Display Type window in Directory Manager](./images/ka0Qk000000DvYL_0EMQk00000Br2be.png) 5. In the **Combo Value** dialog box, select a visibility level for the value: - Select a role to make the value visible to users of that role and roles with a higher priority value. - Select `Never` to hide the value from all users. - ![Combo Value dialog box for setting visibility in Directory Manager](images/ka0Qk000000DvYL_0EMQk00000Br3Cj.png) + ![Combo Value dialog box for setting visibility in Directory Manager](./images/ka0Qk000000DvYL_0EMQk00000Br3Cj.png) 6. Click **OK** to close the **Combo Value** and **Edit Design Type** dialog boxes. Then click the **Save** icon at the bottom to save your changes. @@ -59,30 +59,30 @@ You can set the visibility level for all required values in the **Expiration Pol By default, or if no visibility settings are configured, all expiry options are available in the **Expiration Policy** drop-down list: -![Expiration Policy drop-down list showing all options](images/ka0Qk000000DvYL_0EMQk00000Br3Sr.png) +![Expiration Policy drop-down list showing all options](./images/ka0Qk000000DvYL_0EMQk00000Br3Sr.png) After applying visibility settings, only the selected values will be available. For example, if you set `Never` for all but two values, only those two will appear in the list: -![Expiration Policy drop-down list showing limited options](images/ka0Qk000000DvYL_0EMQk00000Br3RF.png) +![Expiration Policy drop-down list showing limited options](./images/ka0Qk000000DvYL_0EMQk00000Br3RF.png) > **NOTE:** You can also completely hide the **Expiration Policy** drop-down list or make it read-only. ### Make the Expiration Policy Drop-Down List Read-Only 1. In Netwrix Directory Manager Admin Center, go to **Applications**. Under **Directory Manager Portal**, click the three dots (**...**) next to your portal and select **Settings**. - ![Applications page in Directory Manager Admin Center with settings option highlighted](images/ka0Qk000000DvYL_0EMQk00000Br3MP.png) + ![Applications page in Directory Manager Admin Center with settings option highlighted](./images/ka0Qk000000DvYL_0EMQk00000Br3MP.png) 2. On the **Server Settings** tab, under **Design Settings**, select your portal. - ![Design Settings section in Directory Manager Admin Center](images/ka0Qk000000DvYL_0EMQk00000Br3JB.png) + ![Design Settings section in Directory Manager Admin Center](./images/ka0Qk000000DvYL_0EMQk00000Br3JB.png) 3. On the **Properties** tab, select `Group` in the **Select Directory Object** list. Then select the **General** option and click **Edit**. - ![Properties tab with Group selected in Directory Manager](images/ka0Qk000000DvYL_0EMQk00000Br3O1.png) + ![Properties tab with Group selected in Directory Manager](./images/ka0Qk000000DvYL_0EMQk00000Br3O1.png) 4. In the **Edit Design Category** dialog box, select the **Expiration Policy** option in the **Fields** section and click **Edit**. - ![Edit Design Category dialog box with Expiration Policy field selected](images/ka0Qk000000DvYL_0EMQk00000Br3UT.png) + ![Edit Design Category dialog box with Expiration Policy field selected](./images/ka0Qk000000DvYL_0EMQk00000Br3UT.png) 5. In the **Edit Field** dialog box, select a role in the **Access Role** list. The access level determines whether a user can change the value in the **Expiration Policy** drop-down list. - Select a role to allow users of that role and roles with a higher priority value to change the value. @@ -93,4 +93,4 @@ After applying visibility settings, only the selected values will be available. The disabled **Expiration Policy** drop-down list will be displayed in the portal as shown below. The **Expiration Date** field is also read-only and displays the group's expiry date, as calculated based on the expiry policy. -![Expiration Policy drop-down list and Expiration Date field shown as read-only](images/ka0Qk000000DvYL_0EMQk00000Br3Pd.png) +![Expiration Policy drop-down list and Expiration Date field shown as read-only](./images/ka0Qk000000DvYL_0EMQk00000Br3Pd.png) diff --git a/docs/kb/directorymanager/search-history-by-specific-user-through-password-center-helpdesk-portal-returns-no-results.md b/docs/kb/directorymanager/search-history-by-specific-user-through-password-center-helpdesk-portal-returns-no-results.md index 005ed5afb6..41a64b770b 100644 --- a/docs/kb/directorymanager/search-history-by-specific-user-through-password-center-helpdesk-portal-returns-no-results.md +++ b/docs/kb/directorymanager/search-history-by-specific-user-through-password-center-helpdesk-portal-returns-no-results.md @@ -36,4 +36,4 @@ The default setting for the **Performed By** field is `Any` instead of `End User 1. Select `End User` in the **Performed By** field. 2. Search for the user by typing their display name in the **User Name** field. -![User-added image](images/ka0Qk0000001Q0T_0EMQk000002TgcF.png) +![User-added image](./images/ka0Qk0000001Q0T_0EMQk000002TgcF.png) diff --git a/docs/kb/directorymanager/triggering-microsoft-flow-from-directory-manager-workflows.md b/docs/kb/directorymanager/triggering-microsoft-flow-from-directory-manager-workflows.md index bc3c4d2c64..df18bdd39f 100644 --- a/docs/kb/directorymanager/triggering-microsoft-flow-from-directory-manager-workflows.md +++ b/docs/kb/directorymanager/triggering-microsoft-flow-from-directory-manager-workflows.md @@ -34,7 +34,7 @@ By integrating Directory Manager workflows with MS Flow, you ensure that when a The Directory Manager application in Azure must have the following permissions for MS Flow: -![Directory Manager Azure permissions screenshot](images/ka0Qk000000DSL3_0EMQk000004nGNu.png) +![Directory Manager Azure permissions screenshot](./images/ka0Qk000000DSL3_0EMQk000004nGNu.png) ## Instructions @@ -50,12 +50,12 @@ Follow the steps below to link a MS Flow to a Directory Manager Workflow: 4. Click **OK** to save changes. 5. Log into the MS Flow portal and open the flow you want to link. 6. Generate a request URL for the MS Flow. - ![Generate request URL screenshot](images/ka0Qk000000DSL3_0EMQk00000C1KQo.png) + ![Generate request URL screenshot](./images/ka0Qk000000DSL3_0EMQk00000C1KQo.png) 7. In the Directory Manager Console, go back to the **Workflow** tab of the identity store properties. 8. Select the workflow to link (e.g., **Create User**) and click **Edit**. 9. In the **Edit Workflow Route** dialog box, paste the MS Flow request URL into the **Microsoft Flow Request URL** field. 10. Click **Authenticate** and provide identity store credentials. - ![Authenticate screenshot](images/ka0Qk000000DSL3_0EMQk00000C1M61.png) + ![Authenticate screenshot](./images/ka0Qk000000DSL3_0EMQk00000C1M61.png) > **NOTE:** To quickly define a flow in MS Flow, click **Create Temp** to create a basic template and connect it. diff --git a/docs/kb/directorymanager/unable-to-sort-groups-by-displayname.md b/docs/kb/directorymanager/unable-to-sort-groups-by-displayname.md index d6d0d71be1..2d24e02a58 100644 --- a/docs/kb/directorymanager/unable-to-sort-groups-by-displayname.md +++ b/docs/kb/directorymanager/unable-to-sort-groups-by-displayname.md @@ -30,7 +30,7 @@ Netwrix Directory Manager 11 ## Symptom When you attempt to sort the **My Groups** listing in Netwrix Directory Manager (formerly GroupID) by the **Display Name** attribute, the groups do not sort in ascending (alphabetical) order as expected. The screen may display a “Loading” message, but the system fails to sort the listing. -![Group listing in Directory Manager portal with Display Name column sorted in ascending order](images/ka0Qk000000EZ2j_0EMQk00000BoBWe.png) +![Group listing in Directory Manager portal with Display Name column sorted in ascending order](./images/ka0Qk000000EZ2j_0EMQk00000BoBWe.png) ## Causes - The **Display Name** attribute is not mandatory for groups created directly in Active Directory, so some groups may not have this attribute populated. diff --git a/docs/kb/directorymanager/uninstall-or-fully-remove-directory-manager.md b/docs/kb/directorymanager/uninstall-or-fully-remove-directory-manager.md index 76ac7338cf..be0256d540 100644 --- a/docs/kb/directorymanager/uninstall-or-fully-remove-directory-manager.md +++ b/docs/kb/directorymanager/uninstall-or-fully-remove-directory-manager.md @@ -38,7 +38,7 @@ This article explains how to uninstall Netwrix Directory Manager (formerly Group ### Uninstall Directory Manager to Upgrade to a Newer Version 1. Double-click the **`setup.exe`** file in the Directory Manager installation package to launch the installer. - ![Directory Manager installer main screen](images/ka0Qk000000EZIr_0EMQk00000BuNWf.png) + ![Directory Manager installer main screen](./images/ka0Qk000000EZIr_0EMQk00000BuNWf.png) 2. Click **Uninstall Directory Manager**. This removes the application files from **Programs & Features** in the **Control Panel**. ### Upgrade to a newer version diff --git a/docs/kb/directorymanager/update-support-email-address-for-contact-link.md b/docs/kb/directorymanager/update-support-email-address-for-contact-link.md index 6224ee147e..c627029b7f 100644 --- a/docs/kb/directorymanager/update-support-email-address-for-contact-link.md +++ b/docs/kb/directorymanager/update-support-email-address-for-contact-link.md @@ -27,15 +27,15 @@ Netwrix Directory Manager 11 ## Overview The Netwrix Directory Manager application portal includes a **Contact** link at the bottom of each page. This link opens your default email application with a pre-filled support email address, allowing users to contact the admin or helpdesk for inquiries, support requests, or feedback. You may need to change this email address so users can contact your local IT team for portal-related issues. -![Contact link at the bottom of Directory Manager portal page](images/ka0Qk000000EMdN_0EMQk00000Ba6Gf.png) +![Contact link at the bottom of Directory Manager portal page](./images/ka0Qk000000EMdN_0EMQk00000Ba6Gf.png) ## Instructions ### Change the Support Email Address for the Contact Link 1. In the Directory Manager Admin Center, select **Application** > your required portal > **Settings**. - ![Portal settings in Directory Manager Admin Center](images/ka0Qk000000EMdN_0EMQk00000Ba6Jt.png) + ![Portal settings in Directory Manager Admin Center](./images/ka0Qk000000EMdN_0EMQk00000Ba6Jt.png) 2. Click the **Directory Manager Support** tab. 3. In the **Support group/administrator's email address** box, enter the email address for the group, user, or contact who will respond to requests or inquiries from portal users. - ![Support group/administrator's email address field in Directory Manager](images/ka0Qk000000EMdN_0EMQk00000Ba6IH.png) + ![Support group/administrator's email address field in Directory Manager](./images/ka0Qk000000EMdN_0EMQk00000Ba6IH.png) 4. Click **Save**. 5. Click the **Contact** link in the portal to verify that your specified email address appears in the 'To' box of your default email application. diff --git a/docs/kb/directorymanager/view-and-manage-your-group-memberships.md b/docs/kb/directorymanager/view-and-manage-your-group-memberships.md index d99674a2ff..62057dd517 100644 --- a/docs/kb/directorymanager/view-and-manage-your-group-memberships.md +++ b/docs/kb/directorymanager/view-and-manage-your-group-memberships.md @@ -37,7 +37,7 @@ End users typically do not have direct access to directory services, such as Act 1. Log in to the Netwrix Directory Manager portal. 2. In the left pane, click **Groups > My Groups** then select the **My Memberships** tab. -![My](images/servlet_image_761bfdbbeba6.png) +![My](./images/servlet_image_761bfdbbeba6.png) 3. This page lists all groups that the logged-in user is a member of. Click the display name of a group to view its properties. 4. The actions you can perform for a group depend on your rights and privileges in Netwrix Directory Manager. For example, your rights determine whether you can edit group properties or leave the group. diff --git a/docs/kb/directorymanager/viewing-and-managing-licenses.md b/docs/kb/directorymanager/viewing-and-managing-licenses.md index d12eb85f0d..0562d7513d 100644 --- a/docs/kb/directorymanager/viewing-and-managing-licenses.md +++ b/docs/kb/directorymanager/viewing-and-managing-licenses.md @@ -48,7 +48,7 @@ This article outlines the licensing model for Netwrix Directory Manager, includi ### Entering License Information 1. During installation, on the **License** page of the Configuration Tool, enter a valid license number and license key. - ![Config Tool](images/ka0Qk000000DSHp_0EMQk00000C1NoU.png) + ![Config Tool](./images/ka0Qk000000DSHp_0EMQk00000C1NoU.png) 2. If the **Next** button remains disabled, retype your entry for accuracy. 3. If using module-based licensing, enter any one module license during setup. 4. To add more licenses later: @@ -59,10 +59,10 @@ This article outlines the licensing model for Netwrix Directory Manager, includi 1. Contact Netwrix Sales to obtain a full or module license number and key. 2. In the **Netwrix Directory Manager Admin Center**, click the **Settings** node. - ![Settings](images/ka0Qk000000DSHp_0EMQk00000C1GiC.png) + ![Settings](./images/ka0Qk000000DSHp_0EMQk00000C1GiC.png) 3. In the **Licensing Settings** dialog box, click **Edit**. 4. Enter the new license number and key provided by Netwrix. - ![Edit in License Settings](images/ka0Qk000000DSHp_0EMQk00000C1Nq7.png) + ![Edit in License Settings](./images/ka0Qk000000DSHp_0EMQk00000C1Nq7.png) 5. Click **Update** and relaunch Netwrix Directory Manager. ### Viewing License Information diff --git a/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md b/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md index fd7df4b1de..5736d16123 100644 --- a/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md +++ b/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md @@ -50,19 +50,19 @@ By default, or in the absence of this policy, any search performed by role membe 1. In Netwrix Directory Manager Admin Center, click the **Identity Stores** node. 2. On the **Identity Stores** tab, click on the **Triple Dot** button, and then click on the **Edit** button to go to the properties of the required identity store. - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001eu1K.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001eu1K.png) 3. On the **Security Roles** tab, select a role to define a search policy for it, and click **Edit**. - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001f0gD.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001f0gD.png) 4. On the **Role Properties** page, click the **Policies** tab and then click **Search** in the left pane. - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001ezqc.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001ezqc.png) 5. Click the **Plus** button and select a container. A search performed by role members would return objects that reside in this container. - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001f0pt.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001f0pt.png) ### Choose a Search Filter: When you apply an LDAP filter, a search performed by role members only shows objects that match the specified criterion. @@ -71,7 +71,7 @@ When you apply an LDAP filter, a search performed by role members only shows obj 2. Select an operator from the second drop-down list (for example, *Is Exactly*). 3. Enter a value concerning the selected schema attribute in the third box. - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001ezDu.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001ezDu.png) You can define multiple queries by clicking on the **+Add More Filters** and using the **AND** or **OR** operator to group all rows that make up a query. @@ -86,23 +86,23 @@ A down arrow appears in the applied operator's icon. Click it to display the con ## Some Useful Examples: - To limit searches to mail-enabled distribution groups and all users: - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001exAU.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001exAU.png) - Limit searches to all global security groups and all users: - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001evqG.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001evqG.png) - Limit searches to mail-enabled groups and mail-enabled users: - ![User-added image](images/ka0Qk000000Dg1R_0EMQk000001f1KX.png) + ![User-added image](./images/ka0Qk000000Dg1R_0EMQk000001f1KX.png) ### Related Articles: -- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results.md) -- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard.md) -- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group.md) -- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal.md) +- [Walkthrough Search Policy - Define Scope and Filter Results](/docs/kb/directorymanager/walkthrough-search-policy-define-scope-and-filter-results) +- [How To Import Members to a Group Using Self-Service Import Wizard](/docs/kb/directorymanager/how-to-import-members-to-a-group-using-self-service-import-wizard) +- [How to Trigger a workflow When a User Сreates a Group](/docs/kb/directorymanager/how_to_trigger_a_workflow_when_a_user_сreates_a_group) +- [How To Add Message Approvers in Group Properties in Netwrix Directory Manager Portal](/docs/kb/directorymanager/how-to-add-message-approvers-in-group-properties-in-groupid-portal) - [Best Practices for Controlling Changes to Group Membership](https://docs.netwrix.com/docs/kb/directorymanager/best-practices-for-controlling-changes-to-group-membership#netwrix-directory-manager-best-practices) -- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou.md) -- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage.md) +- [How To Enforce Users to Create Groups in a Specific OU](/docs/kb/directorymanager/how-to-enforce-users-to-create-groups-in-a-specific-ou) +- [Best Practices for Preventing Accidental Data Leakage](/docs/kb/directorymanager/best-practices-for-preventing-accidental-data-leakage) diff --git a/docs/kb/endpointprotector/blocking-easylock-folder-access-on-machines-without-the-endpoint-protector-agent.md b/docs/kb/endpointprotector/blocking-easylock-folder-access-on-machines-without-the-endpoint-protector-agent.md index ef196efc1c..44571000ee 100644 --- a/docs/kb/endpointprotector/blocking-easylock-folder-access-on-machines-without-the-endpoint-protector-agent.md +++ b/docs/kb/endpointprotector/blocking-easylock-folder-access-on-machines-without-the-endpoint-protector-agent.md @@ -30,4 +30,4 @@ This article explains how you can prevent access to EasyLock-protected folders f 1. Go to **Device Control** > **Global Settings** > **EasyLock Settings**. 2. Enable the **Endpoint Protector Client presence required** option. 3. Save the changes. - ![Endpoint](images/servlet_image_3f1c3b331cfe.png) + ![Endpoint](./images/servlet_image_3f1c3b331cfe.png) diff --git a/docs/kb/endpointprotector/can-optical-character-recognition-be-enabled-for-file-inspection.md b/docs/kb/endpointprotector/can-optical-character-recognition-be-enabled-for-file-inspection.md index 1a4bf87792..5ccdc5c208 100644 --- a/docs/kb/endpointprotector/can-optical-character-recognition-be-enabled-for-file-inspection.md +++ b/docs/kb/endpointprotector/can-optical-character-recognition-be-enabled-for-file-inspection.md @@ -30,6 +30,6 @@ Yes, OCR is the process that converts an image of text into a machine-readable t You can enable OCR at the global, computer, user, or group level from the following location in the Endpoint Protector console: -![OCR enablement settings page in the EPP console](images/ka0Qk000000DzFN_0EMQk00000C8zgv.png) +![OCR enablement settings page in the EPP console](./images/ka0Qk000000DzFN_0EMQk00000C8zgv.png) Once enabled, the Endpoint Protector client can inspect the content of **JPEG**, **PNG**, **GIF**, **BMP**, and **TIFF** file types. Enabling this option will also update the global MIME Type Allowlists. diff --git a/docs/kb/endpointprotector/create_a_system_backup_v2.md b/docs/kb/endpointprotector/create_a_system_backup_v2.md index 4c6851fad8..304f185b0e 100644 --- a/docs/kb/endpointprotector/create_a_system_backup_v2.md +++ b/docs/kb/endpointprotector/create_a_system_backup_v2.md @@ -30,4 +30,4 @@ This article outlines how to create a backup of all settings, rights, policies, ## Related Links - [System Backup V2](https://docs.netwrix.com/docs/endpointprotector/5_9_4_2/admin/systemmaintenance/backup) -- [How to Perform a Backup Restore](/docs/kb/endpointprotector/how_to_perform_a_backup_restore.md) \ No newline at end of file +- [How to Perform a Backup Restore](/docs/kb/endpointprotector/how_to_perform_a_backup_restore) \ No newline at end of file diff --git a/docs/kb/endpointprotector/enable-deep-packet-inspection-for-instant-messaging-applications.md b/docs/kb/endpointprotector/enable-deep-packet-inspection-for-instant-messaging-applications.md index d2a56661f0..37d918f1ac 100644 --- a/docs/kb/endpointprotector/enable-deep-packet-inspection-for-instant-messaging-applications.md +++ b/docs/kb/endpointprotector/enable-deep-packet-inspection-for-instant-messaging-applications.md @@ -33,7 +33,7 @@ The Netwrix Endpoint Protector (EPP) Client can inspect text written in instant 2. Enable **Deep Packet Inspection**. 3. Save the setting. -![Global Settings page with Deep Packet Inspection option highlighted](images/ka0Qk000000DzDl_0EMQk00000BuWJp.png) +![Global Settings page with Deep Packet Inspection option highlighted](./images/ka0Qk000000DzDl_0EMQk00000BuWJp.png) ### Enable Text Inspection @@ -41,7 +41,7 @@ The Netwrix Endpoint Protector (EPP) Client can inspect text written in instant 2. Enable **Text inspection**. 3. Save the setting. -![Deep Packet Inspection settings with Text inspection enabled](images/ka0Qk000000DzDl_0EMQk00000BuWDN.png) +![Deep Packet Inspection settings with Text inspection enabled](./images/ka0Qk000000DzDl_0EMQk00000BuWDN.png) ### Enable DPI for Instant Messaging Applications @@ -50,7 +50,7 @@ The Netwrix Endpoint Protector (EPP) Client can inspect text written in instant 3. Filter for the instant messaging applications you want to use with text inspection. Supported apps include Teams, Skype, Slack, Mattermost, and Google Chat. 4. Click the **Actions** button and select **Enable DPI** for each application. -![Deep Packet Inspection Applications list with Enable DPI action](images/ka0Qk000000DzDl_0EMQk00000BuWGb.png) +![Deep Packet Inspection Applications list with Enable DPI action](./images/ka0Qk000000DzDl_0EMQk00000BuWGb.png) > **NOTE:** You must enable DPI for each application on every operating system where the EPP Client is installed (Windows, macOS, Linux). @@ -61,4 +61,4 @@ The Netwrix Endpoint Protector (EPP) Client can inspect text written in instant 3. Select the instant messaging applications you want to monitor. 4. Save the policy. -![Content Aware Policies configuration with instant messaging apps selected](images/ka0Qk000000DzDl_0EMQk00000BuWID.png) +![Content Aware Policies configuration with instant messaging apps selected](./images/ka0Qk000000DzDl_0EMQk00000BuWID.png) diff --git a/docs/kb/endpointprotector/enabling-advanced-printer-and-mtp-scanning.md b/docs/kb/endpointprotector/enabling-advanced-printer-and-mtp-scanning.md index 34aae443e5..c5a992617b 100644 --- a/docs/kb/endpointprotector/enabling-advanced-printer-and-mtp-scanning.md +++ b/docs/kb/endpointprotector/enabling-advanced-printer-and-mtp-scanning.md @@ -32,7 +32,7 @@ Netwrix Endpoint Protector includes an improved method for Printer and MTP Conte 1. In the Netwrix Endpoint Protector Console, navigate to **Device Control** > **Global Settings**, **Groups**, or **Computers** > **Manage Settings** > **File Tracing and Shadowing**. 2. Toggle the switch to enable **Advanced Printer and MTP Scanning**. 3. Click **Save** within the **File Tracing and Shadowing** section. - ![File Tracing and Shadowing settings with Advanced Printer and MTP Scanning option enabled](images/ka0Qk000000DsH7_0EMQk00000CB1Rh.png) + ![File Tracing and Shadowing settings with Advanced Printer and MTP Scanning option enabled](./images/ka0Qk000000DsH7_0EMQk00000CB1Rh.png) 4. Save your changes and ensure the updated settings are deployed to Netwrix Endpoint Protector Clients by waiting for the clients to update their policies. 5. Restart the machines protected by Netwrix Endpoint Protector. diff --git a/docs/kb/endpointprotector/greyed-out-computer-in-the-client-software-upgrade.md b/docs/kb/endpointprotector/greyed-out-computer-in-the-client-software-upgrade.md index 5fa60687ec..528264b512 100644 --- a/docs/kb/endpointprotector/greyed-out-computer-in-the-client-software-upgrade.md +++ b/docs/kb/endpointprotector/greyed-out-computer-in-the-client-software-upgrade.md @@ -28,7 +28,7 @@ knowledge_article_id: kA0Qk0000002B5pKAE The affected computer is displayed as greyed out and cannot be selected in the Netwrix Endpoint Protector client software upgrade or update interface. -![Example](images/servlet_image_3f1c3b331cfe.png) +![Example](./images/servlet_image_3f1c3b331cfe.png) ## Cause diff --git a/docs/kb/endpointprotector/how-to-block-whatsapp-application-from-launching.md b/docs/kb/endpointprotector/how-to-block-whatsapp-application-from-launching.md index 080915f108..e8e23f5123 100644 --- a/docs/kb/endpointprotector/how-to-block-whatsapp-application-from-launching.md +++ b/docs/kb/endpointprotector/how-to-block-whatsapp-application-from-launching.md @@ -34,17 +34,17 @@ This article explains how to block and prevent the WhatsApp application from ope 2. In the **Parameters** box, enter `*`. 3. Click **Add to Content**. 4. Verify that `WhatsApp.exe *` appears in the **List of Application & CLI Command** box on the right. - ![Applications Denylist configuration for WhatsApp.exe on Windows](images/ka0Qk000000Dzor_0EMQk00000CAfxR.png) + ![Applications Denylist configuration for WhatsApp.exe on Windows](./images/ka0Qk000000Dzor_0EMQk00000CAfxR.png) 3. For macOS operating systems: 1. In the **Application & CLI Command** box, enter `WhatsAppDesktop`. 2. In the **Parameters** box, enter `*`. 3. Click **Add to Content**. 4. Verify that `WhatsAppDesktop *` appears in the **List of Application & CLI Command** box on the right. - ![Applications Denylist configuration for WhatsAppDesktop on macOS](images/ka0Qk000000Dzor_0EMQk00000CAfxR.png) + ![Applications Denylist configuration for WhatsAppDesktop on macOS](./images/ka0Qk000000Dzor_0EMQk00000CAfxR.png) 4. Select all entries by checking their checkboxes, then click **Generate**. 5. The final result should display the denylist entries as shown below. - ![Final Applications Denylist with WhatsApp entries](images/ka0Qk000000Dzor_0EMQk00000CAag4.png) + ![Final Applications Denylist with WhatsApp entries](./images/ka0Qk000000Dzor_0EMQk00000CAag4.png) 6. Under **Policy Denylists** > **Applications** in the Content Aware Protection policy, select the application list you created. 7. Save the policy and update the policies on the endpoint computers. Ensure you assign the policy to the target computers. - ![Assigning the Applications Denylist policy to target computers](images/ka0Qk000000Dzor_0EMQk00000CAgof.png) + ![Assigning the Applications Denylist policy to target computers](./images/ka0Qk000000Dzor_0EMQk00000CAgof.png) 8. Attempt to open the WhatsApp Desktop application to confirm it is blocked. diff --git a/docs/kb/endpointprotector/how-to-check-the-client-to-server-connection-status.md b/docs/kb/endpointprotector/how-to-check-the-client-to-server-connection-status.md index 43af4e8d72..16959c0b55 100644 --- a/docs/kb/endpointprotector/how-to-check-the-client-to-server-connection-status.md +++ b/docs/kb/endpointprotector/how-to-check-the-client-to-server-connection-status.md @@ -41,4 +41,4 @@ This article explains how to check the connection status between the Netwrix End - The connection status - The time and date when the policies were last received - ![Netwrix Endpoint Protector Client Settings tab showing server connection status details](images/ka0Qk000000Dzs5_0EMQk00000CAOoZ.png) + ![Netwrix Endpoint Protector Client Settings tab showing server connection status details](./images/ka0Qk000000Dzs5_0EMQk00000CAOoZ.png) diff --git a/docs/kb/endpointprotector/how-to-check-the-history-and-email-status-of-alerts.md b/docs/kb/endpointprotector/how-to-check-the-history-and-email-status-of-alerts.md index 42873dc092..f68ce846f2 100644 --- a/docs/kb/endpointprotector/how-to-check-the-history-and-email-status-of-alerts.md +++ b/docs/kb/endpointprotector/how-to-check-the-history-and-email-status-of-alerts.md @@ -30,8 +30,8 @@ This article explains how to check the alert history, log details, and the statu 1. Navigate to the desired alert category, such as **System Alerts**, **Device Control Alerts**, **Content Aware Alerts**, or **EasyLock Alerts**. 2. Click **View History** to see the list of generated alerts. The alerts are listed under **Alerts History**. Each alert listed in **Alerts History** is also sent via email. - ![Alerts History page showing list of generated alerts](images/ka0Qk000000Dzth_0EMQk00000CJ9iD.png) + ![Alerts History page showing list of generated alerts](./images/ka0Qk000000Dzth_0EMQk00000CJ9iD.png) 3. In the **Actions** column for the desired alert, click the three-line menu, and then click **View**. - ![Actions column with View option highlighted](images/ka0Qk000000Dzth_0EMQk00000CJ1Co.png) + ![Actions column with View option highlighted](./images/ka0Qk000000Dzth_0EMQk00000CJ1Co.png) 4. The **Log Details** and **Alert Details** will be displayed, along with the **E-mail Status**. Here, you can see if the email was sent successfully from the Netwrix Endpoint Protector Server. - ![Log Details and E-mail Status section showing email delivery status](images/ka0Qk000000Dzth_0EMQk00000CJA4n.png) + ![Log Details and E-mail Status section showing email delivery status](./images/ka0Qk000000Dzth_0EMQk00000CJA4n.png) diff --git a/docs/kb/endpointprotector/how-to-deploy-the-windows-endpoint-protector-agent.md b/docs/kb/endpointprotector/how-to-deploy-the-windows-endpoint-protector-agent.md index 5cec0304ad..2ea5cb78cc 100644 --- a/docs/kb/endpointprotector/how-to-deploy-the-windows-endpoint-protector-agent.md +++ b/docs/kb/endpointprotector/how-to-deploy-the-windows-endpoint-protector-agent.md @@ -75,11 +75,11 @@ Deploying the agent via Group Policy requires editing the MSI either directly or 1. Download the Orca MSI (or your preferred MSI editing software; these instructions use Orca). 1. Orca can be installed from the Windows SDK and selecting the MSI options. - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lsoU.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lsoU.png) 2. Right-click on the `EPPClientSetup` MSI and select **Edit with Orca**. - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lrve.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lrve.png) 3. Click on **Transform** > **New Transform**. 4. Add the required properties to the Property Table. @@ -89,9 +89,9 @@ Deploying the agent via Group Policy requires editing the MSI either directly or 4. Click **Ok**. 5. Optional: If there are more properties that need changing or adding, such as not using the default department code, refer to the Appendix for the list of properties and change them all in the Properties table. - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005ls6y.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005ls6y.png) - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lxoA.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lxoA.png) 5. Generate the Transform. 1. Click on **Transform**. @@ -99,7 +99,7 @@ Deploying the agent via Group Policy requires editing the MSI either directly or 3. In the open box, save your transform. 4. Ensure the packages are placed on a network share that is accessible to all clients that need to install it. - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m3Ov.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m3Ov.png) 6. Deploy the MSI with the Transform file via Group Policy. 1. Open Group Policy Management Console. @@ -115,11 +115,11 @@ Deploying the agent via Group Policy requires editing the MSI either directly or 11. Select the transform file and click **Ok**. 12. Click **Ok**. - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m3VN.png) - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lwId.png) - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m3gf.png) - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m13n.png) - ![image.png](images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lzGU.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m3VN.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lwId.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m3gf.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005m13n.png) + ![image.png](./images/ka0Qk0000004Rkn_00N0g000004CA0p_0EMQk000005lzGU.png) ## Appendix diff --git a/docs/kb/endpointprotector/how-to-monitor-webmail-for-gmail-outlook-and-yahoo.md b/docs/kb/endpointprotector/how-to-monitor-webmail-for-gmail-outlook-and-yahoo.md index ea88306dcf..09311c6f39 100644 --- a/docs/kb/endpointprotector/how-to-monitor-webmail-for-gmail-outlook-and-yahoo.md +++ b/docs/kb/endpointprotector/how-to-monitor-webmail-for-gmail-outlook-and-yahoo.md @@ -33,4 +33,4 @@ This article explains how you can enable the **Monitor webmail** setting in Netw When you enable this setting, it allows monitoring of the subject and body fields for Gmail, Outlook, and Yahoo webmail accessed through browsers. -![Deep Packet Inspection settings page with Monitor webmail option highlighted](images/ka0Qk000000Drsv_0EMQk00000CB41O.png) +![Deep Packet Inspection settings page with Monitor webmail option highlighted](./images/ka0Qk000000Drsv_0EMQk00000CB41O.png) diff --git a/docs/kb/endpointprotector/how-to-set-fqdn-in-server-certificate-subject.md b/docs/kb/endpointprotector/how-to-set-fqdn-in-server-certificate-subject.md index b604c8f83f..ab86062bf0 100644 --- a/docs/kb/endpointprotector/how-to-set-fqdn-in-server-certificate-subject.md +++ b/docs/kb/endpointprotector/how-to-set-fqdn-in-server-certificate-subject.md @@ -40,7 +40,7 @@ Yes, this is possible. Follow these steps to set the FQDN in the server certific 8. A green banner will appear at the top of the screen stating that the server certificate will be regenerated in a few minutes. You will be logged out from the user interface and will need to log in again. 9. Wait a few minutes until the certificate is regenerated. -![Server Certificate Stack configuration page with FQDN field highlighted](images/ka0Qk000000Dynx_0EMQk00000CKudS.png) +![Server Certificate Stack configuration page with FQDN field highlighted](./images/ka0Qk000000Dynx_0EMQk00000CKudS.png) ### Important Notes diff --git a/docs/kb/endpointprotector/how-to-use-easylock-without-endpoint-protector-software.md b/docs/kb/endpointprotector/how-to-use-easylock-without-endpoint-protector-software.md index 958cdf13f7..fe6f878619 100644 --- a/docs/kb/endpointprotector/how-to-use-easylock-without-endpoint-protector-software.md +++ b/docs/kb/endpointprotector/how-to-use-easylock-without-endpoint-protector-software.md @@ -33,4 +33,4 @@ When the EasyLock software is used on a computer without Netwrix Endpoint Protec After you open EasyLock, the application will prompt you for a password. Any data you copy into the application will be encrypted using 256-bit AES software encryption. Only users with the correct password can access the encrypted data. -![EasyLock password prompt on launch](images/ka0Qk000000DeHN_0EMQk00000CJ50H.png) +![EasyLock password prompt on launch](./images/ka0Qk000000DeHN_0EMQk00000CJ50H.png) diff --git a/docs/kb/endpointprotector/how_to_add_specific_devices_to_the_allow_list.md b/docs/kb/endpointprotector/how_to_add_specific_devices_to_the_allow_list.md index 0b1fbb8714..56bfb7c699 100644 --- a/docs/kb/endpointprotector/how_to_add_specific_devices_to_the_allow_list.md +++ b/docs/kb/endpointprotector/how_to_add_specific_devices_to_the_allow_list.md @@ -33,4 +33,4 @@ This article explains how to add specific devices to the allow list using the we ## Related Links -- [Set Rights for a Specific Device](/docs/kb/endpointprotector/set-rights-for-a-specific-device.md) \ No newline at end of file +- [Set Rights for a Specific Device](/docs/kb/endpointprotector/set-rights-for-a-specific-device) \ No newline at end of file diff --git a/docs/kb/endpointprotector/how_to_perform_a_backup_restore.md b/docs/kb/endpointprotector/how_to_perform_a_backup_restore.md index e126f9e42c..cda42b07eb 100644 --- a/docs/kb/endpointprotector/how_to_perform_a_backup_restore.md +++ b/docs/kb/endpointprotector/how_to_perform_a_backup_restore.md @@ -50,4 +50,4 @@ By following these steps, you can successfully perform a backup and restore for ## Related Links - [System Backup V2](https://docs.netwrix.com/docs/endpointprotector/5_9_4_2/admin/systemmaintenance/backup) -- [Create a System Backup V2](/docs/kb/endpointprotector/create_a_system_backup_v2.md) \ No newline at end of file +- [Create a System Backup V2](/docs/kb/endpointprotector/create_a_system_backup_v2) \ No newline at end of file diff --git a/docs/kb/endpointprotector/installing-the-agent-with-proxy-settings-on-macos.md b/docs/kb/endpointprotector/installing-the-agent-with-proxy-settings-on-macos.md index e4389413e0..08ba663574 100644 --- a/docs/kb/endpointprotector/installing-the-agent-with-proxy-settings-on-macos.md +++ b/docs/kb/endpointprotector/installing-the-agent-with-proxy-settings-on-macos.md @@ -36,6 +36,6 @@ Follow the steps below to install the EPP agent with proxy settings on macOS: 4. If your proxy requires authentication, enter valid credentials in the appropriate fields. 5. You can enter a proxy IP address, DNS name, or fully qualified domain name (FQDN) in the proxy IP field. -![ ](images/ka0Qk000000Dein_0EMQk00000CV0zJ.png) +![ ](./images/ka0Qk000000Dein_0EMQk00000CV0zJ.png) 6. After installation is complete, wait a few minutes for processing. Then, verify that the computer appears in the **Device Control** > **Computers** section of the **Netwrix Endpoint Protector Web Console**. diff --git a/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md b/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md index 74d705e23a..b3432a8006 100644 --- a/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md +++ b/docs/kb/endpointprotector/troubleshoot_two-factor_authentication_issues.md @@ -26,11 +26,11 @@ To troubleshoot issues with 2FA, try one or more of the following steps: 1. Ensure that the **Endpoint Protector** server date/time matches exactly with the date/time on the phone used to scan the QR code. This can be checked by following these steps: 1. In the **Endpoint Protector** console, go to **Appliance** > **Server Maintenance** and click **Synchronize time**. 2. Check the date and time on the phone. -2. Disable Two-Factor Authentication (2FA) in **Endpoint Protector**, then re-enable it. For detailed steps on enabling or disabling 2FA, see [Enable Two-Factor Authentication for System Admins with Google Authenticator App](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app.md). +2. Disable Two-Factor Authentication (2FA) in **Endpoint Protector**, then re-enable it. For detailed steps on enabling or disabling 2FA, see [Enable Two-Factor Authentication for System Admins with Google Authenticator App](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app). 3. Instead of scanning the QR code, manually enter the code in the **Google Authenticator** app. ## Related Links -- [Enable Two-Factor Authentication for System Admins with Google Authenticator App](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app.md) -- [Managing System Administrators and Administrator Groups](/docs/kb/endpointprotector/managing-system-administrators-and-administrator-groups.md) +- [Enable Two-Factor Authentication for System Admins with Google Authenticator App](/docs/kb/endpointprotector/enable_two-factor_authentication_for_system_admins_with_google_authenticator_app) +- [Managing System Administrators and Administrator Groups](/docs/kb/endpointprotector/managing-system-administrators-and-administrator-groups) - [Two-Factor Authentication](https://docs.netwrix.com/docs/endpointprotector/admin/systemconfiguration/adminandaccess#two-factor-authentication) diff --git a/docs/kb/endpointprotector/understanding-the-rights-hierarchy-for-devices.md b/docs/kb/endpointprotector/understanding-the-rights-hierarchy-for-devices.md index 20bad5687b..93d48d4ae8 100644 --- a/docs/kb/endpointprotector/understanding-the-rights-hierarchy-for-devices.md +++ b/docs/kb/endpointprotector/understanding-the-rights-hierarchy-for-devices.md @@ -38,6 +38,6 @@ The rights hierarchy for devices, from lowest to highest, is as follows: ## Instructions 1. To set precedence between **Computer Rights** and **User Rights**, go to **System Configuration > System Settings** and select the desired option. - ![System Settings page showing precedence configuration for Computer or User Rights](images/ka0Qk000000DzNR_0EMQk00000BmNLl.png) + ![System Settings page showing precedence configuration for Computer or User Rights](./images/ka0Qk000000DzNR_0EMQk00000BmNLl.png) 2. **Custom Classes** have the highest priority and override all other rights. Use Custom Classes to globally set rights for a device or class of devices identified by VID, PID, and Serial Number. diff --git a/docs/kb/endpointprotector/user_remediation_reporting.md b/docs/kb/endpointprotector/user_remediation_reporting.md index 6230aec904..eb6b6ab8a8 100644 --- a/docs/kb/endpointprotector/user_remediation_reporting.md +++ b/docs/kb/endpointprotector/user_remediation_reporting.md @@ -30,5 +30,5 @@ This article explains how to locate and review logs of end user responses to **U ## Related Links -- [How to Configure User Remediation for Device Contr](/docs/kb/endpointprotector/how-to-configure-user-remediation-for-device-control.md) -- [Enabling User Remediation in Content Aware Protection Policies](/docs/kb/endpointprotector/enabling-user-remediation-in-content-aware-protection-policies.md) \ No newline at end of file +- [How to Configure User Remediation for Device Contr](/docs/kb/endpointprotector/how-to-configure-user-remediation-for-device-control) +- [Enabling User Remediation in Content Aware Protection Policies](/docs/kb/endpointprotector/enabling-user-remediation-in-content-aware-protection-policies) \ No newline at end of file diff --git a/docs/kb/general/dmz-installation-portals-never-load.md b/docs/kb/general/dmz-installation-portals-never-load.md index dc08bc3533..2ed0fc8598 100644 --- a/docs/kb/general/dmz-installation-portals-never-load.md +++ b/docs/kb/general/dmz-installation-portals-never-load.md @@ -26,7 +26,7 @@ knowledge_article_id: kA00g000000H9afCAC I installed Password Manager portals on a server in a DMZ and configured as per Administrator's guide, but I cannot get to any portal. All 3 of them keep loading and do not show anything. -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) --- diff --git a/docs/kb/general/netwrix-auditor-health-log-error-event-id-6103-suggests-contacting-netwrix-technical-support.md b/docs/kb/general/netwrix-auditor-health-log-error-event-id-6103-suggests-contacting-netwrix-technical-support.md index d7ff8678d4..9f2924adfd 100644 --- a/docs/kb/general/netwrix-auditor-health-log-error-event-id-6103-suggests-contacting-netwrix-technical-support.md +++ b/docs/kb/general/netwrix-auditor-health-log-error-event-id-6103-suggests-contacting-netwrix-technical-support.md @@ -46,8 +46,8 @@ An antivirus or EDR/XDR solution in your environment affects the operation of yo ## Resolution -Add antivirus exclusions to both your Netwrix Auditor monitoring plan and to targets by referring to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md). +Add antivirus exclusions to both your Netwrix Auditor monitoring plan and to targets by referring to the following article: [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor). ## Related Articles -- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor.md) +- [Antivirus Exclusions for Netwrix Auditor](/docs/kb/auditor/antivirus-exclusions-for-netwrix-auditor) diff --git a/docs/kb/general/password-requirements-link.md b/docs/kb/general/password-requirements-link.md index d69dc87e82..01e50bd30a 100644 --- a/docs/kb/general/password-requirements-link.md +++ b/docs/kb/general/password-requirements-link.md @@ -22,12 +22,12 @@ knowledge_article_id: kA00g000000H9dWCAS There is an option to specify **Password requirements URL** in the **Branding** settings on the **Administrative portal**. -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) When you specify a link in this field, it will not appear on the **Self-Service portal** itself. The **Password requirements URL** is shown on an error screen that occurs if a specified password does not meet the password policy. -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) Please [contact Netwrix support](https://www.netwrix.com/support_ticket.html) if you want to change this behavior. diff --git a/docs/kb/general/report-download-permissions-denied.md b/docs/kb/general/report-download-permissions-denied.md index 96f929b549..d08e0269bb 100644 --- a/docs/kb/general/report-download-permissions-denied.md +++ b/docs/kb/general/report-download-permissions-denied.md @@ -24,7 +24,7 @@ knowledge_article_id: kA00g000000H9aWCAS You receive `Error: Permissions denied` or `Can't create the file: Permission denied` when trying to download any report from the Helpdesk portal -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) --- @@ -44,4 +44,4 @@ To grant permission: 3. **Add** the account and enable **Write** Allow checkbox 4. Click **Ok**, then **Ok** again -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) diff --git a/docs/kb/general/this-portal-is-temporarily-unavailable-please-contact-your-it-help-desk.md b/docs/kb/general/this-portal-is-temporarily-unavailable-please-contact-your-it-help-desk.md index 17d222b161..4fae758682 100644 --- a/docs/kb/general/this-portal-is-temporarily-unavailable-please-contact-your-it-help-desk.md +++ b/docs/kb/general/this-portal-is-temporarily-unavailable-please-contact-your-it-help-desk.md @@ -28,7 +28,7 @@ knowledge_article_id: kA00g000000H9ZECA0 Self-Service portal of Password Manager shows the following message: **`This portal is temporarily unavailable, please contact your IT help desk.`** -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) --- @@ -39,7 +39,7 @@ Password Manager allows you to select options that are available on the Self-Ser If all options are disabled, then the portal shows the **"This portal is temporarily unavailable, please contact your IT help desk."** message. This configuration is done on the **Administrative portal**, in **Settings - User options** tab. -![User-added](images/servlet_image_6d5dba18caac.png) +![User-added](./images/servlet_image_6d5dba18caac.png) --- @@ -48,10 +48,10 @@ This configuration is done on the **Administrative portal**, in **Settings - Use To resolve this, enable at least one option for the Self-Service portal. 1. Navigate to the **Administrative portal**, and go to **Settings** - ![User-added](images/servlet_image_6d5dba18caac.png) + ![User-added](./images/servlet_image_6d5dba18caac.png) 2. Then select the **User options** tab and enable options you need - ![User-added](images/servlet_image_6d5dba18caac.png) + ![User-added](./images/servlet_image_6d5dba18caac.png) 3. Click **Apply** diff --git a/docs/kb/general/welcome-to-documentation-and-knowledge-base-help-center.md b/docs/kb/general/welcome-to-documentation-and-knowledge-base-help-center.md index bdc55871bf..9a69921b6c 100644 --- a/docs/kb/general/welcome-to-documentation-and-knowledge-base-help-center.md +++ b/docs/kb/general/welcome-to-documentation-and-knowledge-base-help-center.md @@ -40,7 +40,7 @@ Help us improve contents by providing feedback via the form which is available o > **IMPORTANT:** It is highly recommended to register and login to the Help Center in order to get access to all the content. Check these options in the top-right corner: > -> ![Group 142.png](images/servlet_image_6d5dba18caac.png) +> ![Group 142.png](./images/servlet_image_6d5dba18caac.png) 1. Select the Knowledge base filter. To do this, use one of the following options: - Open a [search page with the selected **Knowledge Base** filter](/docs/kb/ or diff --git a/docs/kb/passwordreset/cannot-login-the-helpdesk-and-admin-portal.md b/docs/kb/passwordreset/cannot-login-the-helpdesk-and-admin-portal.md index 678da9f23a..fe297060cd 100644 --- a/docs/kb/passwordreset/cannot-login-the-helpdesk-and-admin-portal.md +++ b/docs/kb/passwordreset/cannot-login-the-helpdesk-and-admin-portal.md @@ -25,7 +25,7 @@ knowledge_article_id: kA00g000000H9aeCAC When trying to access the Admin or Helpdesk portal, in both cases you receive an IIS login prompt that you are unable to get past. -![User-added](images/ka04u00000116eiAAA_1.png) +![User-added](./images/ka04u00000116eiAAA_1.png) You have verified that username and password are correct. @@ -53,7 +53,7 @@ To resolve the issue please verify the following: 3. In the **Properties** dialog, open the **Directory Security** tab, and select **Edit** for **Authentication and Access Control**. 4. In the **Authentication Methods** dialog, select either the **Integrated Windows authentication** box or **Basic authentication** (password is sent in clear text), and clear all other authentication options for Authentication access. -![User-added](images/ka04u00000116eiAAA_2.png) +![User-added](./images/ka04u00000116eiAAA_2.png) To ensure the required settings are enabled in **IIS7**, do the following: @@ -63,7 +63,7 @@ b) In the Manager central pane, double-click the **Authentication** option. c) In the Authentication list, enable either the **Windows Authentication** option or **Basic Authentication**, and disable all other authentication options. -![User-added](images/ka04u00000116eiAAA_3.png) +![User-added](./images/ka04u00000116eiAAA_3.png) 3. The account you are using has READ access to the physical directory of the Web-portal (by default `C:Program Files (x86)Netwrix Password Manager`). @@ -72,4 +72,4 @@ c) In the Authentication list, enable either the **Windows Authentication** opti 2. In the **Internet Properties** dialog, open the **Connections** tab and click the **LAN settings** button. 3. Make sure the **Use a proxy server for your LAN** option is not enabled. Otherwise, make sure the **Bypass proxy server for local addresses** option is enabled too; in this case the Help-Desk portal must be a member of the **Local intranet zone**, or specified as an exception. -![User-added](images/ka04u00000116eiAAA_4.png) +![User-added](./images/ka04u00000116eiAAA_4.png) diff --git a/docs/kb/privilegesecure/active-directory-ad-users-groups-or-computers-not-available-to-add-to-sbpam.md b/docs/kb/privilegesecure/active-directory-ad-users-groups-or-computers-not-available-to-add-to-sbpam.md index 6100619aa4..c2cc0acd64 100644 --- a/docs/kb/privilegesecure/active-directory-ad-users-groups-or-computers-not-available-to-add-to-sbpam.md +++ b/docs/kb/privilegesecure/active-directory-ad-users-groups-or-computers-not-available-to-add-to-sbpam.md @@ -38,6 +38,6 @@ Recently created Active Directory (AD) users, groups, or computers may not be im 4. Confirm the **Last Synchronized** date and time. - If it is not recent, click **Synchronize Now** to immediately run a domain sync. -![A domain resource as displayed in Netwrix Privilege Secure's web application.](images/ka04u000000HdF1_00N0g000004CA0p_0EM4u000004biML.png) +![A domain resource as displayed in Netwrix Privilege Secure's web application.](./images/ka04u000000HdF1_00N0g000004CA0p_0EM4u000004biML.png) Upon successful domain sync, the **Last Synchronized** field for the domain will update. All users, groups, and computers in the domain will now be available to be onboarded to Netwrix Privilege Secure. diff --git a/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-openid-connect.md b/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-openid-connect.md index 3f87a364d7..a3a18a8ebe 100644 --- a/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-openid-connect.md +++ b/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-openid-connect.md @@ -35,31 +35,31 @@ This article outlines the process of adding Active Directory Federation Services 1. Launch **AD FS Management** on the AD FS server: - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUfU.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUfU.png) 2. Right-click on **Application Groups** and select **Add Application Group…** - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUfd.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUfd.png) 3. Select **Native application accessing a web API** and enter "SbPAM (OIDC)" as the **Name**, then click **Next**. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUfn.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUfn.png) 4. Copy the **Client Identifier** value; you will need that when configuring Netwrix Privilege Secure. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUfi.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUfi.png) 5. For the **Redirect URI**, use the Netwrix Privilege Secure server's URL followed by `/callback`. For example: `https://:6500/callback`. Click **Add**, then **Next**. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUfs.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUfs.png) 6. For the **Identifier** of the Web API, use the Netwrix Privilege Secure server's URL. Click **Add**, then click **Next**. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUfx.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUfx.png) 7. For **Apply Access Control Policy**, leave all defaults and then click **Next**. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUg2.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUg2.png) 8. For **Configure Application Permissions**, enable the following and then click **Next**: @@ -67,17 +67,17 @@ This article outlines the process of adding Active Directory Federation Services - `openid` - `profile` - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgC.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgC.png) 9. Review the Summary, then click **Finish**. 10. Double-click on the newly created Application Group, then double-click on the Web API application, then navigate to the **Issuance Transform Rules** tab. Click **Add Rule...** - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgH.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgH.png) 11. From the dropdown, select **Send Claims Using a Custom Rule** and click **Next**. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgM.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgM.png) 12. Name the rule "Send attributes", and add the following custom rule: @@ -86,7 +86,7 @@ This article outlines the process of adding Active Directory Federation Services => issue(claim = x); ``` - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgR.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgR.png) Click **Finish**, **Apply**, **OK**, then **OK** again. You can now close **AD FS**. @@ -109,7 +109,7 @@ Once the *Steps for AD FS* have been completed, take the following steps in Netw 2. Give the new connector a name, description (optional), and a Connector Type of "OpenID Connect". - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgW.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgW.png) 3. Click on **Configuration Wizard**. @@ -120,7 +120,7 @@ Once the *Steps for AD FS* have been completed, take the following steps in Netw - **Callback Address:** `https://:6500/callback` - **CORS:** `https://:6500` - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgb.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgb.png) 5. Click **Test Connection**. If brought to a log-in page, click **Back** in your web browser and then **Next** in the Netwrix Privilege Secure wizard. If the page refreshes and brings you back to the Netwrix Privilege Secure wizard, you should also click **Next** to proceed. @@ -128,14 +128,14 @@ Once the *Steps for AD FS* have been completed, take the following steps in Netw 7. Click **Get User Data**. Locate a mapping you would like to use when users sign in to Netwrix Privilege Secure using AD FS, such as an email address or UPN. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgq.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgq.png) Click on the mapping, click **Select**, select the matching Active Directory mapping from the displayed dropdown, then click **Finish**. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgg.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgg.png) 8. The last step is to navigate to specific users in Netwrix Privilege Secure's **Users & Groups** menu, and assign the AD FS OIDC authenticator. - ![User-added image](images/ka04u000000HcZn_0EM4u000004bUgl.png) + ![User-added image](./images/ka04u000000HcZn_0EM4u000004bUgl.png) When using the OIDC log-in option, the user will be redirected to log in to AD FS. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their now logged-in user. diff --git a/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-saml.md b/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-saml.md index 1b9eaf3abd..6761f3b809 100644 --- a/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-saml.md +++ b/docs/kb/privilegesecure/add-active-directory-federation-services-ad-fs-as-an-authentication-connector-saml.md @@ -30,40 +30,40 @@ This article outlines the process of adding Active Directory Federation Services ### Steps for Active Directory Federation Services (AD FS) 1. Launch **AD FS Management** on the AD FS server: - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUhA.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUhA.png) 2. Right-click on **Application Groups** and select **Add Application Group…** - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUhK.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUhK.png) 3. Select **Native application accessing a web API** and enter "SbPAM (SAML)" as the **Name**, then click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUhP.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUhP.png) 4. Copy the **Client Identifier** value; you will need that when configuring Netwrix Privilege Secure. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUhU.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUhU.png) 5. For the **Redirect URI**, use the following URI with the hostname of the SbPAM server customized to match your environment. For example: `https://:6500/samlSigninCallback`. Click **Add**, then **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUhZ.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUhZ.png) 6. For the **Identifier** of the Web API, enter `sbpamsaml.stealthbits.com`, click **Add**, then click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUiD.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUiD.png) 7. For **Apply Access Control Policy**, leave all defaults and then click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUiI.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUiI.png) 8. For **Configure Application Permissions**, enable the following and then click **Next**: - `allatclaims` - `email` - `openid` - `profile` - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUi8.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUi8.png) 9. Click **Next** on the remaining pages until the wizard completes. 10. In the left sidebar of **AD FS**, click on the **Relying Party Trusts** folder. In the right sidebar, click **Add Relying Party Trust...** - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUho.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUho.png) 11. Select **Claims aware** and click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUhy.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUhy.png) 12. For **Select Data Source**, select **Enter data about the relying party manually** and click **Next**. @@ -72,26 +72,26 @@ This article outlines the process of adding Active Directory Federation Services 14. For **Configure Certificate**, leave the default values and click **Next**. 15. For **Configure URL**, check **Enable support for the SAML 2.0 WebSSO protocol** and enter your AD FS server's FQDN followed by `/adfs/ls`. For example: `https://adfs-server.domain.com/adfs/ls`. Click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUiN.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUiN.png) 16. For **Configure Identifiers**, use the value `sbpamsaml.stealthbits.com`, click **Add**, then click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUiS.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUiS.png) 17. Leave **Choose Access Control Policy** as default values and click **Next**, then click **Next** through the remaining pages to finish the wizard. 18. When the wizard closes, a window for **Issuance Transform Rules** will automatically open. Click **Add Rule...**. 19. Select **Send LDAP Attributes as Claims**, and click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUiX.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUiX.png) 20. Name the rule "Send attributes", select "Active Directory" as the **Attribute store**, map the following **LDAP Attributes** to **Outgoing Claim Types**, click **Finish**, then click **Apply** and **OK**: - `SAM-Account-Name` → `Name` - `User-Principal-Name` → `UPN` - `E-Mail-Addresses` → `E-Mail Address` - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUic.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUic.png) 21. Double-click on the **Relying Party Trust** created in the previous steps (named "SbPAM (SAML)"), and navigate to the **Endpoints** tab. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUih.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUih.png) Add the following endpoints (click **Add SAML...**): @@ -99,14 +99,14 @@ This article outlines the process of adding Active Directory Federation Services Binding: POST Index: 0 Trusted URL: `https://:6500/samlSigninCallback` - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUim.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUim.png) - Endpoint type: SAML Logout Binding: POST Index: 0 Trusted URL: `https://.domain.com/adfs/ls/?wa=wsignout1.0&wreply=https://:6500` Response URL: `https://:6500/login` - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUir.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUir.png) Click **OK**, **Apply**, then **OK**. @@ -119,7 +119,7 @@ Once the *Steps for AD FS* have been completed, take the following steps in Netw 1. As a Netwrix Privilege Secure admin, navigate in Netwrix Privilege Secure to **Configuration > Authentication**, and click the green **"+"** button to add a new Authentication Connector. 2. Give the new connector a name, description (optional), and a Connector Type of "SAML". - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUiw.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUiw.png) 3. Click on **Configuration Wizard**. @@ -127,29 +127,29 @@ Once the *Steps for AD FS* have been completed, take the following steps in Netw - Signin URI: `https://.domain.com/adfs/ls` - Callback Address: `https://:6500/samlSigninCallback` - CORS: `https://:6500` - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUj1.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUj1.png) Click **Test Connection**. If brought to a log-in page, click **Back** in your web browser and then **Next** in the Netwrix Privilege Secure wizard. If the page refreshes and brings you back to the Netwrix Privilege Secure wizard, click **Next** to proceed. 5. Select "Unspecified" for the **Name ID Policy**, and add a certificate if required. Then, click **Login** and sign in to AD FS using Active Directory credentials. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUj6.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUj6.png) When redirected back to this page after signing in to AD FS, if the message at the bottom reads "Login was successful" then click **Next**. 6. Locate a mapping you would like to use when users sign in to Netwrix Privilege Secure using AD FS, such as an email address or UPN. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUjB.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUjB.png) Click on the mapping, click **Select**, select the matching Active Directory mapping from the displayed dropdown, then click **Next**. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUjG.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUjG.png) 7. For the **Signout URI** and **Signout Callback URI**, use the following values: - Signout URI: `https://.domain.com/adfs/ls/?wa=wsignout1.0&wreply=` - Signout Callback URI: `https://:6500` - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUjL.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUjL.png) Click **Test Log Out**, then **Finish** to complete the wizard. AD FS has now been added to Netwrix Privilege Secure (via SAML) as an Authentication Connector. 8. The last step is to navigate to specific users in Netwrix Privilege Secure's **Users & Groups** menu, and assign the AD FS SAML authenticator. - ![User-added image](images/ka04u000000wwIE_0EM4u000004bUjQ.png) + ![User-added image](./images/ka04u000000wwIE_0EM4u000004bUjQ.png) When using the SAML log-in option, the user will be redirected to sign in to AD FS. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their now signed-in user. diff --git a/docs/kb/privilegesecure/add-cache-settings-for-javascript-files-to-improve-nps-page-load-performance.md b/docs/kb/privilegesecure/add-cache-settings-for-javascript-files-to-improve-nps-page-load-performance.md index 66dea6b084..fb9567777b 100644 --- a/docs/kb/privilegesecure/add-cache-settings-for-javascript-files-to-improve-nps-page-load-performance.md +++ b/docs/kb/privilegesecure/add-cache-settings-for-javascript-files-to-improve-nps-page-load-performance.md @@ -69,10 +69,10 @@ To address this issue, you can create an IIS configuration setting that will upd 8. Open your NPS web page and look at the `Network` tab in the developer tools Window. 9. See the page download: - ![001.png](images/ka0Qk0000000zjR_0EM4u000008M2O1.png) + ![001.png](./images/ka0Qk0000000zjR_0EM4u000008M2O1.png) 10. Reload the page, see it is loaded from the cache: - ![002.png](images/ka0Qk0000000zjR_0EM4u000008M2O6.png) + ![002.png](./images/ka0Qk0000000zjR_0EM4u000008M2O6.png) 11. Copy the updated `web.config` to `C:\Program Files\Stealthbits\PAM\Web\web.config.rewrite`, you will need this for future upgrades. diff --git a/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-openid-connect.md b/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-openid-connect.md index 54712cc934..bdc19d9e1a 100644 --- a/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-openid-connect.md +++ b/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-openid-connect.md @@ -42,7 +42,7 @@ Perform the following steps in Microsoft Entra ID as an administrator to prepare https://your-sbpam-server-hostname:6500/callback ``` - ![App registration page with Redirect URI field highlighted](images/ka0Qk000000DtGP_0EM4u000004bUjf.png) + ![App registration page with Redirect URI field highlighted](./images/ka0Qk000000DtGP_0EM4u000004bUjf.png) 4. Click **Register**. After registration completes, you will be redirected to the new app's **Overview** page. 5. In the left sidebar, click **Authentication**. Scroll down and enter the same **Callback Address** from Step 3 in the **Front-channel logout URL** field. @@ -50,7 +50,7 @@ Perform the following steps in Microsoft Entra ID as an administrator to prepare - **Access tokens (used for implicit flows)** - **ID tokens (used for implicit and hybrid flows)** - ![Authentication settings with token options enabled](images/ka0Qk000000DtGP_0EM4u000004bUjk.png) + ![Authentication settings with token options enabled](./images/ka0Qk000000DtGP_0EM4u000004bUjk.png) 6. Click **Save** at the top of the page, then return to the app's **Overview** page. 7. Click **Endpoints** near the top of the page. Copy the **OpenID Connect metadata document** URL and open it in a new browser tab. @@ -71,19 +71,19 @@ After completing the **Steps for Microsoft Entra ID**, perform the following ste 1. As a Netwrix Privilege Secure administrator, navigate to **Configuration > Authentication** and click the green **+** button to add a new Authentication Connector. 2. Enter a name and (optionally) a description for the new connector. Set the **Connector Type** to **OpenID Connect**. - ![Authentication Connector creation dialog with OpenID Connect selected](images/ka0Qk000000DtGP_0EM4u000004bUjp.png) + ![Authentication Connector creation dialog with OpenID Connect selected](./images/ka0Qk000000DtGP_0EM4u000004bUjp.png) 3. Click **Configuration Wizard**. 4. On the wizard's **Configure Client** page, enter the **Issuer** and **Client ID** (from the **Steps for Microsoft Entra ID**) in the respective fields. - ![Configure Client page with Issuer and Client ID fields](images/ka0Qk000000DtGP_0EM4u000004bUju.png) + ![Configure Client page with Issuer and Client ID fields](./images/ka0Qk000000DtGP_0EM4u000004bUju.png) 5. Click **Test Connection**. On the Microsoft Entra ID sign-in page that loads, **do not sign in**. Once you have verified that the sign-in page loaded properly, click the back button in your browser to return to Netwrix Privilege Secure. The connection test is successful if Microsoft Entra ID did not display an error. 6. Click **Next** to advance in the Authentication Connector Configuration Wizard. You will now be on the **Test Login** page. 7. Click **Login** and sign in as any Microsoft Entra ID user (this does not need to be an administrator). You will be prompted to accept the app's requested permissions. Check **Consent on behalf of your organization** and click **Accept**. - ![Microsoft Entra ID permissions consent dialog](images/ka0Qk000000DtGP_0EM4u000004bUjz.png) + ![Microsoft Entra ID permissions consent dialog](./images/ka0Qk000000DtGP_0EM4u000004bUjz.png) 8. Click **Next** in the wizard. You will now be on the **Configure Id Mapping** page. 9. Click **Get User Data**. @@ -95,21 +95,21 @@ After completing the **Steps for Microsoft Entra ID**, perform the following ste > **IMPORTANT:** Make sure to use a field that has an `ID TOKEN` source, rather than `ACCESS TOKEN`. - ![User data mapping table with ID Token source highlighted](images/ka0Qk000000DtGP_0EM4u000004bUk9.png) + ![User data mapping table with ID Token source highlighted](./images/ka0Qk000000DtGP_0EM4u000004bUk9.png) Once the desired field has been found, click on it and then click **Select**. 10. You will now be back in the Authentication Connector Configuration Wizard, on the **Configure Id Mapping** page. Make sure the **Login Format** dropdown matches the ID Token field selected from Microsoft Entra ID in the previous step. For example, if you chose **Email** for the field in the previous step, then this dropdown should also be **Email Address**. - ![Login Format dropdown with Email Address selected](images/ka0Qk000000DtGP_0EM4u000004bUkE.png) + ![Login Format dropdown with Email Address selected](./images/ka0Qk000000DtGP_0EM4u000004bUkE.png) 11. Click **Finish** on the summary modal, and then **Save** for the authentication connector. 12. You can now assign this authentication connector to a user via the **Authentication Connector** tab for a user accessed in Netwrix Privilege Secure's **Users & Groups** page. - ![Authentication Connector assignment in Users & Groups page](images/ka0Qk000000DtGP_0EM4u000004bUkJ.png) + ![Authentication Connector assignment in Users & Groups page](./images/ka0Qk000000DtGP_0EM4u000004bUkJ.png) Users with this authentication connector assignment can now use this authentication connector option on the Netwrix Privilege Secure log-in screen. - ![Netwrix Privilege Secure login screen with OpenID Connect option](images/ka0Qk000000DtGP_0EM4u000004bUkO.png) + ![Netwrix Privilege Secure login screen with OpenID Connect option](./images/ka0Qk000000DtGP_0EM4u000004bUkO.png) When using the OpenID Connect log-in option, the user will be redirected to sign in to Microsoft Entra ID. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their signed-in user. diff --git a/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-saml.md b/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-saml.md index 31d4840517..2039723522 100644 --- a/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-saml.md +++ b/docs/kb/privilegesecure/add-microsoft-entra-id-as-an-authentication-connector-saml.md @@ -38,13 +38,13 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A Give the app any name, and set the radio button to **Integrate any other application you don't find in the gallery (Non-gallery)**. Click **Create**. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUkT.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUkT.png) 4. You’ll be redirected to the new app’s **Overview** page. In the left sidebar, select **Single sign-on**, then select **SAML**. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUkY.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUkY.png) 5. For Step 1 in this wizard (**Basic SAML Configuration**), click **Edit**. @@ -56,17 +56,17 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A https://:6500/samlSigninCallback ``` - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUh1.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUh1.png) Click **Save** after making changes, and then close the editor for **Basic SAML Configuration**. 6. Scroll down to section 3, and download the **Certificate (Base64)**. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUkd.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUkd.png) 7. Scroll down to section 4, and copy the **Login URL** for later use. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUki.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUki.png) 8. In the left sidebar, click on **Users and Groups**. Add a Microsoft Entra ID user to this page (**Add user/group** button near the top). @@ -87,12 +87,12 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A 1. As a Netwrix Privilege Secure admin, navigate in Netwrix Privilege Secure to **Configuration > Authentication**, and click the green **"+"** button to add a new Authentication Connector. 2. Give the new connector a name, description (optional), and a Connector Type of "SAML". - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUkn.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUkn.png) 3. Click on **Configuration Wizard**. 4. On the **Configure Client** page of that wizard, use the **Login URL** in the **Signin URI** field (the **Login URL** was obtained in the Steps for Microsoft Entra ID). All fields should now be filled in. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUks.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUks.png) 5. Click **Test Connection**. @@ -112,7 +112,7 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A In simple terms, there needs to be a property for each user in on-prem Active Directory and Microsoft Entra ID that matches. Often, this is an email address. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUkx.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUkx.png) Once the desired field has been found, click on it and then click **Select** (you may need to scroll down in the modal to see this button). @@ -120,7 +120,7 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A For example, if you chose **Email** for the field in the previous step then this dropdown should also be **Email Address**. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUl2.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUl2.png) 11. Click **Next**. On the next page, enter the following for the **Signout URI**: @@ -130,14 +130,14 @@ This article outlines the process of adding Microsoft Entra ID (formerly Azure A Click **Test Log Out** to sign out of the SAML provider. If the log out was performed correctly, click **Finish** then **Okay**, otherwise confirm the settings and try again. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUl7.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUl7.png) 12. You can now assign this authentication connector to a user via the **Authentication Connector** tab for a user accessed in Netwrix Privilege Secure's **Users & Groups** page. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUlC.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUlC.png) Users with this authentication connector assignment can now use this authentication connector option on the Netwrix Privilege Secure log-in screen. - ![User-added image](images/ka0Qk0000003IQD_0EM4u000004bUlH.png) + ![User-added image](./images/ka0Qk0000003IQD_0EM4u000004bUlH.png) When using the SAML log-in option, the user will be redirected to sign in to Microsoft Entra ID. Upon successful authentication, the user will be redirected to the Netwrix Privilege Secure UI as their now signed-in user. diff --git a/docs/kb/privilegesecure/add-vmware-vcenter-website-to-browser-extension.md b/docs/kb/privilegesecure/add-vmware-vcenter-website-to-browser-extension.md index 4b5c52ab41..a5d6e6e4a2 100644 --- a/docs/kb/privilegesecure/add-vmware-vcenter-website-to-browser-extension.md +++ b/docs/kb/privilegesecure/add-vmware-vcenter-website-to-browser-extension.md @@ -33,14 +33,14 @@ This article outlines the process of adding a VMware vCenter web application (we 1. **Create a VMware vCenter website Activity** (be sure to enter the URL normally used to log-in to vCenter, and any Active Directory (AD) group that would give the account permission to log-in). Note that this example is for an **Activity Token**, however **Managed Account** and **Requester** workflows are also supported. - ![User-added image](images/ka04u000000HcZr_0EM4u000004bUlM.png) + ![User-added image](./images/ka04u000000HcZr_0EM4u000004bUlM.png) 2. **Create a Website Resource**. Enter the URL for vCenter, and also (if possible) choose a resource that is in the same AD domain as the vSphere host. This is to ensure that when an account is created and group permissions are granted to it, it will happen on a Domain Controller (DC) close to where vSphere would normally authenticate to. This prevents needing to wait for permissions to replicate when logging-in to vSphere. - ![User-added image](images/ka04u000000HcZr_0EM4u000004bUlR.png) + ![User-added image](./images/ka04u000000HcZr_0EM4u000004bUlR.png) 3. **Create an Access Policy** that links a user to the vSphere Activity and the Website Resource. - ![User-added image](images/ka04u000000HcZr_0EM4u000004bUlW.png) + ![User-added image](./images/ka04u000000HcZr_0EM4u000004bUlW.png) 4. There should now be a vSphere activity in the Netwrix Privilege Secure Browser Extension, with the ability to select it to create a session (click once) and then launch vSphere (click again). diff --git a/docs/kb/privilegesecure/apply-a-new-license.md b/docs/kb/privilegesecure/apply-a-new-license.md index 02beb13caf..7e408a7ce1 100644 --- a/docs/kb/privilegesecure/apply-a-new-license.md +++ b/docs/kb/privilegesecure/apply-a-new-license.md @@ -36,13 +36,13 @@ Netwrix Privilege Secure Access Management comes with a 30-day trial license. On 2. In the upper-right of the page, click your account name, and then click **About Netwrix Privilege Secure Access Management**. - ![The user settings dropdown menu in Netwrix Privilege Secure Access Management.](images/ka0Qk000000DgJB_0EM4u000004biJb.png) + ![The user settings dropdown menu in Netwrix Privilege Secure Access Management.](./images/ka0Qk000000DgJB_0EM4u000004biJb.png) The **About Netwrix Privilege Secure Access Management** page will be displayed, including an **Import License** button that you can use to update the product's license. **_IMPORTANT:_** _If a new license key file is needed, please contact your Netwrix or Netwrix Account Manager._ - ![The About page in Netwrix Privilege Secure Access Management's web application interface.](images/ka0Qk000000DgJB_0EM4u000004biJg.png) + ![The About page in Netwrix Privilege Secure Access Management's web application interface.](./images/ka0Qk000000DgJB_0EM4u000004biJg.png) 3. Click **Import License**. A Windows file dialog will open. Navigate to the location of the new license key file, select it, and click **Open**. The license will be imported, and the displayed license information will be updated. diff --git a/docs/kb/privilegesecure/configuring-a-custom-radius-authentication-connector.md b/docs/kb/privilegesecure/configuring-a-custom-radius-authentication-connector.md index 70e4ebbfc3..772663e317 100644 --- a/docs/kb/privilegesecure/configuring-a-custom-radius-authentication-connector.md +++ b/docs/kb/privilegesecure/configuring-a-custom-radius-authentication-connector.md @@ -33,9 +33,9 @@ Ensure that you have a RADIUS server installed and configured in your environmen ## Instructions 1. In Netwrix Privilege Secure (NPS), navigate to **Configuration > Authentication**. Select the **green plus sign** to create a new Authentication Connector. 2. Provide a name for the Connector and select the **MFA** Connector Type. - ![rtaImage.jpg](images/ka0Qk000000B1aH_0EMQk000008j38P.png) + ![rtaImage.jpg](./images/ka0Qk000000B1aH_0EMQk000008j38P.png) 3. Click **Save**, and then configure the connector with the appropriate values for your RADIUS server. - ![rtaImage 2.jpg](images/ka0Qk000000B1aH_0EMQk000008j3Bd.png) + ![rtaImage 2.jpg](./images/ka0Qk000000B1aH_0EMQk000008j3Bd.png) 4. Open the **appsettings.json** file. On a default installation, it will be located in the following path: ``` diff --git a/docs/kb/privilegesecure/configuring-the-netwrix-privilege-secure-rds-web-app-launcher.md b/docs/kb/privilegesecure/configuring-the-netwrix-privilege-secure-rds-web-app-launcher.md index 2af79b8c32..8111439a1e 100644 --- a/docs/kb/privilegesecure/configuring-the-netwrix-privilege-secure-rds-web-app-launcher.md +++ b/docs/kb/privilegesecure/configuring-the-netwrix-privilege-secure-rds-web-app-launcher.md @@ -33,7 +33,7 @@ The Web App Launcher can be downloaded from [this link](https://dl.netwrix.com/a On the RDS server, extract the files to a directory of your choosing. For the examples in this article, `C:\webapp-launcher\` will be used. -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tL01.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tL01.png) ## Configuration @@ -48,23 +48,23 @@ There are configurable runtime settings that you can apply to the Web App Launch In order to configure these settings, open `appsettings.json` in your Web App Launcher directory. The `ChromeOptions` section contains the above settings. Change the values as required, and save the file. -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tH7k.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tH7k.png) Note that these settings affect all websites launched from this Web App Launcher. If it is necessary to have multiple sets of settings, create another Web App Launcher directory with a different `appsettings.json` configuration, and use the appropriate one in NPS. ### API Settings In order to use the Web App Launcher, an Application User must be created in NPS. Once this is done, supply the username and API Key into the `AppUser` and `AppSecret` fields, respectively. The certificate should be placed in the Web App Launcher directory, with the directory indicated in the `AppCert` field as indicated: -:::warning -Any backslashes (\\) in the app secret must be escaped with a preceeding backslash (\\\) +:::warning +Any backslashes (\\) in the app secret must be escaped with a preceding backslash (\\\\) ::: -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tPOb.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tPOb.png) ### Web App Launcher Directories Ensure that the indicated paths correspond to the chosen Web App Launcher directory. -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tlXC.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tlXC.png) ## Launch Options and Examples @@ -83,7 +83,7 @@ Example: launch-website.exe https://website.com jsmith Password123 ``` -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tMXD.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tMXD.png) Note that the login account in this example connects to the RDS session running the web app launcher as a remote app. The web app launcher will launch the website under the context of the user and password supplied as command line arguments. @@ -102,7 +102,7 @@ Example: launch-website.exe https://website.com %token% %sessionid% ``` -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tOSX.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tOSX.png) Note that the login account in this example both connects to the RDS session running the web app launcher as a remote app, and is used as the credential to be passed to the website. @@ -126,6 +126,6 @@ Example: launch-website.exe https://website.com lab\jsmith ``` -![image.png](images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tLo2.png) +![image.png](./images/ka0Qk0000001EP7_00N0g000004CA0p_0EMQk000001tLo2.png) Note that the login account in this example connects to the RDS session running the web app launcher as a remote app. The web app launcher will launch the website under the context of the username provided on the command line. The web app launcher will call the API to get the managed password of the user, and will enter it into the password field of the website. diff --git a/docs/kb/privilegesecure/creating-a-custom-platform-for-ssh-activity-sessions.md b/docs/kb/privilegesecure/creating-a-custom-platform-for-ssh-activity-sessions.md index 1349d0fe1c..8941a00891 100644 --- a/docs/kb/privilegesecure/creating-a-custom-platform-for-ssh-activity-sessions.md +++ b/docs/kb/privilegesecure/creating-a-custom-platform-for-ssh-activity-sessions.md @@ -31,19 +31,19 @@ Platforms in SbPAM can be customized to meet specific SSH Activity Session workf 1. As an SbPAM admin user, navigate to the **Policy > Platforms** page. Locate the Linux Platform, duplicate it, and name it as desired. In this case, we will name the new Platform "Palo Alto". - ![User-added image](images/ka04u000000HcaJ_0EM4u000004cJVQ.png) + ![User-added image](./images/ka04u000000HcaJ_0EM4u000004cJVQ.png) 2. Navigate to the **Configuration > Service Accounts** page and add a domain-level account as the Palo Alto service account. - ![User-added image](images/ka04u000000HcaJ_0EM4u000004cJVz.png) + ![User-added image](./images/ka04u000000HcaJ_0EM4u000004cJVz.png) 3. Navigate to the **Resources** page and manually add the Palo Alto resource by IP or DNS name (using the Service Account created above). In this step, it's expected for the Host Scan to fail. Simply close the Host Scan window and proceed to the next step. - ![User-added image](images/ka04u000000HcaJ_0EM4u000004cJWE.png) + ![User-added image](./images/ka04u000000HcaJ_0EM4u000004cJWE.png) 4. Navigate to the **Activities** page and create a new Activity. For **Login Account**, "Activity Token", "Managed Account", or "Requester" can be used. For the Login Account Template, remove the domain element (ex. ` %targetdomain%`) or use ` %domain%` instead of ` %targetdomain%`. - ![User-added image](images/ka04u000000HcaJ_0EM4u000004cJWJ.png) + ![User-added image](./images/ka04u000000HcaJ_0EM4u000004cJWJ.png) 5. Navigate to the **Access Policy** page, create a new resource-based Access Policy that includes SbPAM users, the new Activity created above, and the new Resource manually added above. diff --git a/docs/kb/privilegesecure/enable-session-extension-countdown-tab-display-for-sbpam-ssh-sessions-in-mobaxterm.md b/docs/kb/privilegesecure/enable-session-extension-countdown-tab-display-for-sbpam-ssh-sessions-in-mobaxterm.md index 4922a0d886..6a7498d482 100644 --- a/docs/kb/privilegesecure/enable-session-extension-countdown-tab-display-for-sbpam-ssh-sessions-in-mobaxterm.md +++ b/docs/kb/privilegesecure/enable-session-extension-countdown-tab-display-for-sbpam-ssh-sessions-in-mobaxterm.md @@ -37,8 +37,8 @@ As shown in the screenshot below, the SSH session’s **"Lock terminal title"** 3. Navigate to **Bookmark Settings**. 4. Disable the **"Lock terminal title"** setting. -![User-added image](images/ka04u000000HcZt_0EM4u000004bUnw.png) +![User-added image](./images/ka04u000000HcZt_0EM4u000004bUnw.png) If configured correctly, the session tab displays session expiration countdown messages per the settings in the Netwrix Privilege Secure Connection Profile assigned to the Access Profile granting the user the right to use the SSH Activity. -![User-added image](images/ka04u000000HcZt_0EM4u000004bUo1.png) +![User-added image](./images/ka04u000000HcZt_0EM4u000004bUo1.png) diff --git a/docs/kb/privilegesecure/exporting-the-activity-log-as-a-csv.md b/docs/kb/privilegesecure/exporting-the-activity-log-as-a-csv.md index 7251af2f77..8b2308d2a1 100644 --- a/docs/kb/privilegesecure/exporting-the-activity-log-as-a-csv.md +++ b/docs/kb/privilegesecure/exporting-the-activity-log-as-a-csv.md @@ -31,7 +31,7 @@ Exporting the "Activity Log" report is a common auditing and compliance use case 1. On your Netwrix Privilege Secure server, ensure that PowerShell 7.1 is installed. It can be obtained from the official PowerShell github repository: https://github.com/PowerShell/PowerShell/releases/tag/v7.1.7. _Note: This specific version of PowerShell is a necessary prerequisite to running the SbPAM API. Do not install PowerShell 7.2+._ 2. Locate the "Extras" folder, which was packaged alongside your Netwrix Privilege Secure installer. Run the `SbPAMPowerShellModules` installer. - ![User-added image](images/ka04u000000HdD5_0EM4u000005yZ7y.png) + ![User-added image](./images/ka04u000000HdD5_0EM4u000005yZ7y.png) 3. In your preferred text editor, paste the following PowerShell script. Save it as `ActivityReport.ps1`. @@ -124,7 +124,7 @@ Write-Host "Export complete found $($Data.Length) records" ``` 5. You will be prompted for a Netwrix Privilege Secure administrator username and password, your Netwrix Privilege Secure URL, and an MFA code (if applicable). - ![User-added image](images/ka04u000000HdD5_0EM4u000005yZ83.png) + ![User-added image](./images/ka04u000000HdD5_0EM4u000005yZ83.png) 6. Your activity data will then be output to a file called `out.csv`. - ![User-added image](images/ka04u000000HdD5_0EM4u000005yZ88.png) + ![User-added image](./images/ka04u000000HdD5_0EM4u000005yZ88.png) diff --git a/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md b/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md index fa05fc7fe8..0f1c26ff29 100644 --- a/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md +++ b/docs/kb/privilegesecure/how-to-configure-a-multi-server-nps-environment-with-a-shared-database-server.md @@ -29,7 +29,7 @@ knowledge_article_id: kA04u0000000JyXCAU This article will guide the user through the process of setting up a deployment with multiple Netwrix Privilege Secure servers communicating with a single Postgres server. Instructions are included for configuring TLS for all network traffic to the Postgres server. Optional migration steps are included for users who wish to use a Postgres database from an existing Netwrix Privilege Secure deployment. This diagram illustrates the desired network architecture. -![nps_diagram.png](images/ka0Qk0000009L21_0EMQk000006FKxR.png) +![nps_diagram.png](./images/ka0Qk0000009L21_0EMQk000006FKxR.png) ## Instructions diff --git a/docs/kb/privilegesecure/how-to-configure-local-administrator-password-solution-laps-integration.md b/docs/kb/privilegesecure/how-to-configure-local-administrator-password-solution-laps-integration.md index 28b3fd3408..051eb4f26d 100644 --- a/docs/kb/privilegesecure/how-to-configure-local-administrator-password-solution-laps-integration.md +++ b/docs/kb/privilegesecure/how-to-configure-local-administrator-password-solution-laps-integration.md @@ -66,7 +66,7 @@ This article outlines how to integrate Netwrix Privilege Secure activities with - Select the service account that has read and reset permissions for the LAPS OU(s) from the **ServiceAccount** dropdown. - Add the domain name (for example, `lab.local`) in **DomainName** and click **Save**. - ![Screenshot demonstrating LAPS connector configuration in SbPAM's web application interface.](images/ka04u000000Hca2_0EM4u000004bnRk.png) + ![Screenshot demonstrating LAPS connector configuration in SbPAM's web application interface.](./images/ka04u000000Hca2_0EM4u000004bnRk.png) 4. Create an activity that uses the LAPS connector - Navigate to **Activities** to create an activity that provides the built-in Administrator access to a Windows resource managed by LAPS. @@ -75,7 +75,7 @@ This article outlines how to integrate Netwrix Privilege Secure activities with - Set **Platform** to **Windows**. - Ensure the **Login Account Template** matches the expected built-in admin account name (in most cases this is the default value `Administrator`). - ![Screenshot demonstrating an SbPAM activity definition that's configured to use a LAPS connector.](images/ka04u000000Hca2_0EM4u000004bnS4.png) + ![Screenshot demonstrating an SbPAM activity definition that's configured to use a LAPS connector.](./images/ka04u000000Hca2_0EM4u000004bnS4.png) - Add any other desired actions to the activity. diff --git a/docs/kb/privilegesecure/how-to-configure-windows-remote-assistance-integration.md b/docs/kb/privilegesecure/how-to-configure-windows-remote-assistance-integration.md index 9614f3af2c..b6a963713e 100644 --- a/docs/kb/privilegesecure/how-to-configure-windows-remote-assistance-integration.md +++ b/docs/kb/privilegesecure/how-to-configure-windows-remote-assistance-integration.md @@ -48,11 +48,11 @@ Enable **Configure Offer Remote Assistance** policy. Policies > Administrative Templates > System > Remote Assistance > Configure Offer Remote Assistance ``` -![User-added image](images/ka04u000000HcZw_0EM4u000004bWI7.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWI7.png) Enable the policy and assign a domain group to control access. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIC.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIC.png) ### Activity Setup @@ -60,30 +60,30 @@ Create an Interactive App Launch Activity making note of the highlighted areas b **NOTE:** The Domain groups for Group Policy and RDS server local admin will have been created in the previous steps. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIH.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIH.png) ### Use Case Via Netwrix Privilege Secure UI or DirectConnect, the helpdesk admin selects the Remote Assistance Activity and chooses the resource to which remote assistance is to be provided. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIM.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIM.png) When the Activity has been provisioned, the session is launched, and the target users’ desktop displays a message asking permission for the helpdesk admin to connect. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIR.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIR.png) The helpdesk admin can now view the target users’ desktop and can establish a chat session. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIW.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIW.png) If the helpdesk admin needs to take control of the remote system, they select **Request Control** and the end user is prompted for permission. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIb.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIb.png) Once shared, control can be terminated at any time by the helpdesk admin or the end user. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIg.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIg.png) The live session may be viewed via the Netwrix Privilege Secure administrator dashboard or reviewed later as a recording at any time. -![User-added image](images/ka04u000000HcZw_0EM4u000004bWIl.png) +![User-added image](./images/ka04u000000HcZw_0EM4u000004bWIl.png) diff --git a/docs/kb/privilegesecure/how-to-import-a-custom-action-step-for-single-object-replication.md b/docs/kb/privilegesecure/how-to-import-a-custom-action-step-for-single-object-replication.md index a78b9eab16..1ce42538c3 100644 --- a/docs/kb/privilegesecure/how-to-import-a-custom-action-step-for-single-object-replication.md +++ b/docs/kb/privilegesecure/how-to-import-a-custom-action-step-for-single-object-replication.md @@ -35,14 +35,14 @@ It can be necessary in certain Active Directory environments to force replicatio https://www.netwrix.com/download/SingleObjReplication.Addon.zip 2. Extract the archive, which contains a README file, an ActionTemplates directory, and an `Install-Addon.ps1` script file. Right-click `Install-Addon.ps1` and select **Run with PowerShell**. - ![Untitled.png](images/ka04u000000HdDb_0EM4u000005f3zs.png) + ![Untitled.png](./images/ka04u000000HdDb_0EM4u000005f3zs.png) 3. When prompted, select "Y" to proceed. - ![Untitled2.png](images/ka04u000000HdDb_0EM4u000005f3zZ.png) + ![Untitled2.png](./images/ka04u000000HdDb_0EM4u000005f3zZ.png) 4. The PowerShell window should quickly execute the script and close. 5. Log in to the Netwrix Privilege Secure console. (If Netwrix Privilege Secure was already open, be sure to refresh the console.) 6. In Netwrix Privilege Secure, navigate to **Activities**, select an Activity, and click the green plus sign in either the **Pre-Session** or **Post-Session**. Note that the **Run AD Replication for User** activity step is now available. - ![Untitled3.png](images/ka04u000000HdDb_0EM4u000005f40R.png) + ![Untitled3.png](./images/ka04u000000HdDb_0EM4u000005f40R.png) diff --git a/docs/kb/privilegesecure/how-to-integrate-activities-with-remote-desktop-services-rds.md b/docs/kb/privilegesecure/how-to-integrate-activities-with-remote-desktop-services-rds.md index 2d4b06f9ff..ee0c191bb3 100644 --- a/docs/kb/privilegesecure/how-to-integrate-activities-with-remote-desktop-services-rds.md +++ b/docs/kb/privilegesecure/how-to-integrate-activities-with-remote-desktop-services-rds.md @@ -38,78 +38,78 @@ Remote Desktop Services will run without a license for a period determined by Mi 1. On the Remote Desktop Services / Terminal Services (RemoteApp) server launch **Server Manager**, click on the **Manager** tab and select **Add Roles and Features**. 2. Follow the wizard, select **Remote Desktop Services installation**, and click **Next**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkob.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkob.png) 3. Select either **Standard Deployment** (as in this guide) or **Quick Start** if you intend to install all RDS role services on the same server. Click **Next**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkog.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkog.png) 4. Select **Session-based desktop deployment**, and click **Next**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkol.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkol.png) 5. Follow the wizard without making any changes until you get to the **RD Connection Broker** tab. Specify the server intended for the RD Connection Broker server and click **Next**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkov.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkov.png) 6. Specify the server intended for the **RD Web Access server** and click **Next**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkp0.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkp0.png) 7. Specify the server intended for the **RD Session Host server(s)** and click **Next**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkp5.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkp5.png) 8. Review RDS role server selection, check the **Restart the destination server automatically if required** box, and click **Deploy**. -![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](images/ka0Qk0000005qSb_0EM4u000004bkpF.png) +![Screenshot of Windows Server Add Roles and Features Wizard, demonstrating a Remote Desktop Services installation.](./images/ka0Qk0000005qSb_0EM4u000004bkpF.png) The RD role services installation begins, and about halfway through the server will automatically reboot. Once the server has rebooted, log in with the same account used when the installation was first started, open **Server Manager**, and the installation dialogue window will resume. 9. After completion of RDS role services installation, launch **Server Manager**, navigate to the RDS overview window, and click on **3 Create session collections**. -![Screenshot of Windows Server Manager's Remote Desktop Services overview user interface.](images/ka0Qk0000005qSb_0EM4u000004bkyW.png) +![Screenshot of Windows Server Manager's Remote Desktop Services overview user interface.](./images/ka0Qk0000005qSb_0EM4u000004bkyW.png) 10. Follow the wizard until you get to the **Collection Name** tab. Enter a name, such as "NPS Applications", and click **Next**. -![Screenshot of Windows Remote Desktop Service's Create Collection wizard.](images/ka0Qk0000005qSb_0EM4u000004bkyb.png) +![Screenshot of Windows Remote Desktop Service's Create Collection wizard.](./images/ka0Qk0000005qSb_0EM4u000004bkyb.png) 11. Specify the RD Session Host server (the server you specified earlier during installation of the RD Session Host role) and click **Next**. 12. Add the user groups who will access RemoteApps in the session collection. Click **Next**. -![Screenshot of Windows Remote Desktop Service's Create Collection wizard.](images/ka0Qk0000005qSb_0EM4u000004bkyl.png) +![Screenshot of Windows Remote Desktop Service's Create Collection wizard.](./images/ka0Qk0000005qSb_0EM4u000004bkyl.png) 13. Optionally specify and enable user profile disks (not used in the test environment for this guide). Review the defined session collection parameters and click **Create**. Once the session collection is created, close the **Create Collection** wizard. 14. In **Server Manager** navigate to the **Remote Desktop Services Overview** and note the new session collection created under the RD Session Host icon. -![Screenshot of Windows Remote Desktop Services Overview in Server Manager, demonstrating an added RD Session Host.](images/ka0Qk0000005qSb_0EM4u000004bkyq.png) +![Screenshot of Windows Remote Desktop Services Overview in Server Manager, demonstrating an added RD Session Host.](./images/ka0Qk0000005qSb_0EM4u000004bkyq.png) 15. Publish RemoteApps by navigating to the **Collections** tab of **Server Manager** and selecting **Publish RemoteApp Programs** from the **Task** menu. -![Screenshot demonstrating Publish RemoteApp Programs in a Windows Remote Desktop Services Session Collection.](images/ka0Qk0000005qSb_0EM4u000004bkz0.png) +![Screenshot demonstrating Publish RemoteApp Programs in a Windows Remote Desktop Services Session Collection.](./images/ka0Qk0000005qSb_0EM4u000004bkz0.png) 16. If the required application is listed, select it. For applications such as ADUC (Active Directory Users and Computers) you will need to specify the executable name and path. Click **Add**. -![Screenshot of the Publish RemoteApp Program wizard for Windows Remote Desktop Services, demonstrating how to add a RemoteApp to the list of programs.](images/ka0Qk0000005qSb_0EM4u000004bkz5.png) +![Screenshot of the Publish RemoteApp Program wizard for Windows Remote Desktop Services, demonstrating how to add a RemoteApp to the list of programs.](./images/ka0Qk0000005qSb_0EM4u000004bkz5.png) 17. For ADUC, add **MMC (\\c$\Windows\System32\mmc.exe)**. -![Screenshot of Windows Explorer, being used to add mmc.exe as a RemoteApp Program for Windows Remote Desktop Services.](images/ka0Qk0000005qSb_0EM4u000004bkzF.png) +![Screenshot of Windows Explorer, being used to add mmc.exe as a RemoteApp Program for Windows Remote Desktop Services.](./images/ka0Qk0000005qSb_0EM4u000004bkzF.png) 18. After adding all desired programs, click **Next**, click **Publish**, and then click **Close**. 19. Rename the RemoteApp and specify a parameter to launch ADUC. For additional security, you can assign groups of users to RemoteApps. For example, assign the ADUC RemoteApp to an AD group called `RAUsers_ADUC`. 20. Right-click the **RemoteApp** and select **Edit Properties**. -![Screenshot of editing the Properties of a published RemoteApp in Windows Remote Desktop Services.](images/ka0Qk0000005qSb_0EM4u000004bkzZ.png) +![Screenshot of editing the Properties of a published RemoteApp in Windows Remote Desktop Services.](./images/ka0Qk0000005qSb_0EM4u000004bkzZ.png) 21. Edit the RemoteApp name and set it to "ADUC", then click the **Parameters** tab in the left sidebar. -![Screenshot of editing the name of a published RemoteApp in Windows Remote Desktop Services.](images/ka0Qk0000005qSb_0EM4u000004bkzj.png) +![Screenshot of editing the name of a published RemoteApp in Windows Remote Desktop Services.](./images/ka0Qk0000005qSb_0EM4u000004bkzj.png) 22. On the **Parameters** tab, select the **Always use the following command-line parameters** radio button. For the path use: `dsa.msc` 23. Click the **User Assignment** tab in the left sidebar. Select the user access control group for the RemoteApp. In this case, specify that users must be a member of the `RAUsers_ADUC` group to run the ADUC RemoteApp. -![Screenshot of defining which Active Directory group(s) can access a published RemoteApp in Windows Remote Desktop Services.](images/ka0Qk0000005qSb_0EM4u000004bl0D.png) +![Screenshot of defining which Active Directory group(s) can access a published RemoteApp in Windows Remote Desktop Services.](./images/ka0Qk0000005qSb_0EM4u000004bl0D.png) 24. Click **OK**. Configuration of ADUC as a RemoteApp that can be accessed via a Netwrix Privilege Secure activity is now complete. Next, perform the necessary setup in a Netwrix Privilege Secure activity. @@ -120,14 +120,14 @@ For example: ***IMPORTANT:*** Double check that the Application to Launch field exactly matches the application and parameter you published with the RemoteApp. Note that for the application value you should always use implicit drive/folder names, i.e., use `C:\Windows\` and NOT relative identifiers such as `%SYSTEMROOT%`. -![User-added image](images/ka0Qk0000005qSb_0EM4u000004ch3A.png) +![User-added image](./images/ka0Qk0000005qSb_0EM4u000004ch3A.png) 26. For this example, add the Login Account to the `RAUsers_ADUC` domain group specified for the RemoteApp by adding an **Add User to Domain Group** action to the activity's pre-session. -![Screenshot of adding a Add User to Domain Group action step for Active Directory group RAUsers_ADUC to a Netwrix Privilege Secure activity's pre-session.](images/ka0Qk0000005qSb_0EM4u000004bl0h.png) +![Screenshot of adding a Add User to Domain Group action step for Active Directory group RAUsers_ADUC to a Netwrix Privilege Secure activity's pre-session.](./images/ka0Qk0000005qSb_0EM4u000004bl0h.png) 27. For temporary privilege elevation, you may also want to add a step to add the Login Account to `Domain Admins`. 28. Create an access policy in Netwrix Privilege Secure that contains the recently created activity, the users who should have access to use it, and the Remote Desktop Services server resource. You can now provision this activity to any user granted privilege to use it. 29. When you connect to the Remote Desktop Services server, you will only have access to the published RemoteApp (in this case, ADUC). The RDP session does not offer a full desktop environment, since this is an Interactive App Launch for a specified program. -![Screenshot of a Netwrix Privilege Secure Interactive App Launch demonstrating an RDP session that opened the ADUC program on the target Remote Desktop Services server.](images/ka0Qk0000005qSb_0EM4u000004bl1a.png) +![Screenshot of a Netwrix Privilege Secure Interactive App Launch demonstrating an RDP session that opened the ADUC program on the target Remote Desktop Services server.](./images/ka0Qk0000005qSb_0EM4u000004bl1a.png) diff --git a/docs/kb/privilegesecure/index-was-outside-the-bounds-of-array-error.md b/docs/kb/privilegesecure/index-was-outside-the-bounds-of-array-error.md index 9376e95fcb..b1cbcaf8f9 100644 --- a/docs/kb/privilegesecure/index-was-outside-the-bounds-of-array-error.md +++ b/docs/kb/privilegesecure/index-was-outside-the-bounds-of-array-error.md @@ -39,7 +39,7 @@ The HA Configuration tool expects a port value at the end of the NPS Rest URL. I > 1. On the main Privilege Secure screen, click the **Configuration** tab. > 2. In the left pane, select **Services**. The page will include the **NPS Rest URL** field. To learn more about the **Services** page in Netwrix Privilege Secure, refer to the following article: System Settings Pages − Services Page · v4.0. > -> ![Services page screenshot](images/ka0Qk0000002ijJ_0EMQk000003vpYj.png) +> ![Services page screenshot](./images/ka0Qk0000002ijJ_0EMQk000003vpYj.png) ## Resolution diff --git a/docs/kb/privilegesecure/invalid-multi-factor-authentication-code-error.md b/docs/kb/privilegesecure/invalid-multi-factor-authentication-code-error.md index 43ba9bf576..34c25c029d 100644 --- a/docs/kb/privilegesecure/invalid-multi-factor-authentication-code-error.md +++ b/docs/kb/privilegesecure/invalid-multi-factor-authentication-code-error.md @@ -44,4 +44,4 @@ Review the system time in both NPS server and clients in your environment. ## Reference -![Capture.png](images/ka04u000000wvuC_0EM4u000008pS5A.png) +![Capture.png](./images/ka04u000000wvuC_0EM4u000008pS5A.png) diff --git a/docs/kb/privilegesecure/logs-location.md b/docs/kb/privilegesecure/logs-location.md index de62924225..0b48e5384d 100644 --- a/docs/kb/privilegesecure/logs-location.md +++ b/docs/kb/privilegesecure/logs-location.md @@ -38,7 +38,7 @@ echo %PROGRAMDATA% Netwrix Privilege Secure logs can also be viewed, and downloaded, via the Netwrix Privilege Secure web interface by navigating to **Audit & Reporting > Log Files**. -![Image of Netwrix Privilege Secure web application's log files page, listing log files and displaying contents.](images/ka04u000000HdEt_0EM4u000004bh8h.png) +![Image of Netwrix Privilege Secure web application's log files page, listing log files and displaying contents.](./images/ka04u000000HdEt_0EM4u000004bh8h.png) ## Log Descriptions diff --git a/docs/kb/privilegesecure/managing-non-domain-joined-windows-computers-with-privilege-secure.md b/docs/kb/privilegesecure/managing-non-domain-joined-windows-computers-with-privilege-secure.md index d87c50eb61..479c3a05a6 100644 --- a/docs/kb/privilegesecure/managing-non-domain-joined-windows-computers-with-privilege-secure.md +++ b/docs/kb/privilegesecure/managing-non-domain-joined-windows-computers-with-privilege-secure.md @@ -50,7 +50,7 @@ Make sure that you have the following: 7. Vault Connecter (``) 4. Click **Save** -![User-added image](images/ka04u000000ww6m_0EM4u0000052ZhJ.png) +![User-added image](./images/ka04u000000ww6m_0EM4u0000052ZhJ.png) ### Adding the Computer to Netwrix Privilege Secure @@ -65,7 +65,7 @@ Make sure that you have the following: This will start the scanning step, you can close the dialog or wait for the scan to complete. If there are failures during the scan you can review the logs by navigating to the resource page. -![User-added image](images/ka04u000000ww6m_0EM4u0000052ZhE.png) +![User-added image](./images/ka04u000000ww6m_0EM4u0000052ZhE.png) ### Troubleshooting a Failed Scan @@ -77,7 +77,7 @@ If the scan fails, you can troubleshoot it by viewing the scan logs on the **Res 3. Click on the **History** tab 4. Select the last scan event and click **View Logs** -![User-added image](images/ka04u000000ww6m_0EM4u0000052Zh9.png) +![User-added image](./images/ka04u000000ww6m_0EM4u0000052Zh9.png) ### Additional Troubleshooting: "Access Denied"" @@ -89,4 +89,4 @@ After going through this process, you can use this computer's resource in Activi To configure a local Activity Token/Managed Account activity, when creating the activity remove the “%targetdomain%\” portion of the default Login Account Format. Make sure to use the **Windows** Platform as well. -![User-added image](images/ka04u000000ww6m_0EM4u0000052Zh4.png) +![User-added image](./images/ka04u000000ww6m_0EM4u0000052Zh4.png) diff --git a/docs/kb/privilegesecure/netwrix-privilege-secure-performing-an-in-place-postgres-upgrade.md b/docs/kb/privilegesecure/netwrix-privilege-secure-performing-an-in-place-postgres-upgrade.md index d8061ecfc8..4ad4d19530 100644 --- a/docs/kb/privilegesecure/netwrix-privilege-secure-performing-an-in-place-postgres-upgrade.md +++ b/docs/kb/privilegesecure/netwrix-privilege-secure-performing-an-in-place-postgres-upgrade.md @@ -47,11 +47,11 @@ cd 'C:\Program Files\Stealthbits\Postgres12\bin\' 5. On the **Select Components** page, select only **PostgreSQL Server** and **Command Line Tools** to install/upgrade: -![Postgres Select Components](images/ka0Qk000000CGIj_0EM4u000005feFD.png) +![Postgres Select Components](./images/ka0Qk000000CGIj_0EM4u000005feFD.png) 6. Proceed through the prompts until you see the **Pre-Installation Summary** window and confirm that it matches your server's settings: -![Postgres Pre-Installation Summary](images/ka0Qk000000CGIj_0EM4u000005feFN.png) +![Postgres Pre-Installation Summary](./images/ka0Qk000000CGIj_0EM4u000005feFN.png) 7. Once satisfied with the **Pre-Installation Summary** window, click **Next** two more times to proceed with the installation. diff --git a/docs/kb/privilegesecure/onboarding-mac-devices-for-vnc-via-rds-remote-desktop-services.md b/docs/kb/privilegesecure/onboarding-mac-devices-for-vnc-via-rds-remote-desktop-services.md index 5aa3376cfc..55f19b52ed 100644 --- a/docs/kb/privilegesecure/onboarding-mac-devices-for-vnc-via-rds-remote-desktop-services.md +++ b/docs/kb/privilegesecure/onboarding-mac-devices-for-vnc-via-rds-remote-desktop-services.md @@ -42,44 +42,44 @@ Ensure that VNC access to the target host works. [This documentation](https://su 1. In Netwrix Privilege Secure, navigate to **Policy > Platforms**. 2. Select the **Windows** platform, and click the **Copy** icon. - ![001.png](images/ka0Qk0000006Ukz_0EMQk000002d1vx.png) + ![001.png](./images/ka0Qk0000006Ukz_0EMQk000002d1vx.png) 3. Change the name of the new platform to **macOS**. Ensure that the schedules are all set to ``. Then click **Save**. - ![002.png](images/ka0Qk0000006Ukz_0EMQk000002czm7.png) + ![002.png](./images/ka0Qk0000006Ukz_0EMQk000002czm7.png) ### Creating Service Accounts 1. On the **Configuration > Service Accounts** page, click the **+** icon and create a **macOS** service account. Note that the username and password do not matter - the macOS devices cannot be scanned, but a service account must be supplied to onboard the macOS resources. - ![003.png](images/ka0Qk0000006Ukz_0EMQk000002d2NN.png) + ![003.png](./images/ka0Qk0000006Ukz_0EMQk000002d2NN.png) ### Onboarding macOS Resources 1. Navigate to **Resources**. Click the **Add** button, and click **New Server**. On the **Add Resources** page, click the **Import from CSV** radio button, and click the **Download CSV Template** button. This will download a CSV template, which you can then populate with macOS resources, as in this example - - ![004.png](images/ka0Qk0000006Ukz_0EMQk000002d2iL.png) + ![004.png](./images/ka0Qk0000006Ukz_0EMQk000002d2iL.png) 2. Note that it is crucial that the **Platform** exactly matches the Platform configured earlier, and that the **Credential** exactly matches the Service Account name configured earlier. The **Operating System** value is for informational purposes only, and will not be matched to any other values. 3. Return to the **Add Resources** page in step 1 of this section. Click the **Import CSV** button and upload the CSV file that was just configured. The resources will be displayed on the Add Resources page. - ![005.png](images/ka0Qk0000006Ukz_0EMQk000002d3BN.png) + ![005.png](./images/ka0Qk0000006Ukz_0EMQk000002d3BN.png) 4. Select the desired resources (the **Select All** checkbox may be used) and click **Add**. 5. The dialogue will show that a scan is **Pending** on all of the resources - this scan will end in an **Error**. This is expected as macOS cannot be scanned by NPS, and this error will only occur during initial onboarding. - ![006.png](images/ka0Qk0000006Ukz_0EMQk000002clZS.png) + ![006.png](./images/ka0Qk0000006Ukz_0EMQk000002clZS.png) 6. Navigate to the **Resources** page and observe that the onboarded macOS resources are present. - ![007.png](images/ka0Qk0000006Ukz_0EMQk000002d3mT.png) + ![007.png](./images/ka0Qk0000006Ukz_0EMQk000002d3mT.png) ### Registering the nps_realvnc RemoteApp 1. Copy the `nps_realvnc.zip` file to the desktop of the RDS host where the RemoteApp will be published. Copy the contents to a folder where they can be accessed, for example `C:\npslaunchers`. - ![Picture8.png](images/ka0Qk0000006Ukz_0EMQk000002d4aT.png) + ![Picture8.png](./images/ka0Qk0000006Ukz_0EMQk000002d4aT.png) 2. Edit the `appsettings.json` file and specify the address(es) of your NPS App Server(s). - ![Picture9.png](images/ka0Qk0000006Ukz_0EMQk000002d4yf.png) + ![Picture9.png](./images/ka0Qk0000006Ukz_0EMQk000002d4yf.png) 3. Open **Server Manager** on the RDS host where the RemoteApp will be published and select the **Publish RemoteApp Programs** option as indicated. - ![Picture10.png](images/ka0Qk0000006Ukz_0EMQk000002d494.png) + ![Picture10.png](./images/ka0Qk0000006Ukz_0EMQk000002d494.png) 4. Select the indicated option to **Add a RemoteApp program**. - ![Picture11.png](images/ka0Qk0000006Ukz_0EMQk000002d53V.png) + ![Picture11.png](./images/ka0Qk0000006Ukz_0EMQk000002d53V.png) 5. Navigate to the location where the `nps_realvnc` launcher was installed, and publish the RemoteApp. - ![Picture12.png](images/ka0Qk0000006Ukz_0EMQk000002d5BZ.png) + ![Picture12.png](./images/ka0Qk0000006Ukz_0EMQk000002d5BZ.png) 6. In Server Manager, right-click the published RemoteApp and select **Edit Properties**. - ![Picture13.png](images/ka0Qk0000006Ukz_0EMQk000002d5GP.png) + ![Picture13.png](./images/ka0Qk0000006Ukz_0EMQk000002d5GP.png) 7. Select **Parameters** and choose **Allow any command-line parameters**. The RemoteApp will be published. - ![Picture14.png](images/ka0Qk0000006Ukz_0EMQk000002d39m.png) + ![Picture14.png](./images/ka0Qk0000006Ukz_0EMQk000002d39m.png) ### Creating an Activity for VNC Access @@ -94,16 +94,16 @@ C:\npslaunchers\nps_realvnc.exe %token% %sessionid% ``` 3. If the above steps have been followed, your activity configuration should resemble the following: - ![Picture15.png](images/ka0Qk0000006Ukz_0EMQk000002d6M9.png) + ![Picture15.png](./images/ka0Qk0000006Ukz_0EMQk000002d6M9.png) ### Running the Activity 1. Once your Activity is created and added to an access policy containing your onboarded macOS resources, you can provision a session as normal. - ![Picture16.png](images/ka0Qk0000006Ukz_0EMQk000002d6UD.png) - ![Picture17.png](images/ka0Qk0000006Ukz_0EMQk000002d6Vp.png) + ![Picture16.png](./images/ka0Qk0000006Ukz_0EMQk000002d6UD.png) + ![Picture17.png](./images/ka0Qk0000006Ukz_0EMQk000002d6Vp.png) 2. Depending on whether you have installed VNC Connect on the MAC device, you may get a warning similar to the following: - ![Picture18.png](images/ka0Qk0000006Ukz_0EMQk000002d0NF.png) + ![Picture18.png](./images/ka0Qk0000006Ukz_0EMQk000002d0NF.png) 3. Enter your credentials when prompted. - ![Picture20.png](images/ka0Qk0000006Ukz_0EMQk000002d6As.png) + ![Picture20.png](./images/ka0Qk0000006Ukz_0EMQk000002d6As.png) 4. A VNC connection will now be established to the resource, and the session will be recorded by the NPS proxy service. - ![Picture21.png](images/ka0Qk0000006Ukz_0EMQk000002d6ij.png) + ![Picture21.png](./images/ka0Qk0000006Ukz_0EMQk000002d6ij.png) diff --git a/docs/kb/privilegesecure/onboarding-network-devices-using-tacacs-access-control.md b/docs/kb/privilegesecure/onboarding-network-devices-using-tacacs-access-control.md index e39f009e33..2942c96f81 100644 --- a/docs/kb/privilegesecure/onboarding-network-devices-using-tacacs-access-control.md +++ b/docs/kb/privilegesecure/onboarding-network-devices-using-tacacs-access-control.md @@ -30,34 +30,34 @@ This article provides instructions on how to onboard TACACS-enabled network devi ### Creating a Platform 1. Navigate to the **Policy > Platforms** page. Select the **Linux** platform, and click on the **Copy** icon. - ![image.png](images/ka0Qk00000013dN_0EMQk000001xuyT.png) + ![image.png](./images/ka0Qk00000013dN_0EMQk000001xuyT.png) 2. Rename the `Linux Copy` platform that was just created. The name should reflect the device you intend to onboard, in this case `Fortinet`. Set the **Password Complexity Policy** to `Default` and all change policies to ``. ### Creating a Service Account 1. Navigate to the **Configuration > Service Accounts** page. Click the **+** icon and create a new Service Account whose name corresponds to the device you intend to onboard (again, `Fortinet` in this example). - ![image.png](images/ka0Qk00000013dN_0EMQk000001xvGD.png) + ![image.png](./images/ka0Qk00000013dN_0EMQk000001xvGD.png) Note that this service account will not be used to scan the target device since it is not a supported Platform, so any username/password can be provided. ### Onboarding the Network Devices 1. Create a CSV file with the following columns: `DNS Host Name`, `Operating System`, `IP Address`, `Platform`, `Credential`. 2. Populate the CSV file with information for all devices that will be onboarded. Note: Ensure that the `Platform` exactly matches the custom Platform you have configured in Netwrix Privilege Secure (NPS). Ensure that the `Credential` exactly matches the service account you have configured in Netwrix Privilege Secure (NPS). - ![image.png](images/ka0Qk00000013dN_0EMQk000001xvXx.png) + ![image.png](./images/ka0Qk00000013dN_0EMQk000001xvXx.png) 3. Navigate to the **Resources** page. Click the **+Add** button, and select **New Server**. On the **Add Resources** page, select **Import from CSV**, and select the CSV file you have created. Note that there is a 50-resource batch size limit for CSV import. - ![image.png](images/ka0Qk00000013dN_0EMQk000001xmPq.png) + ![image.png](./images/ka0Qk00000013dN_0EMQk000001xmPq.png) 4. Your resources should be displayed. Click **Add**. - ![image.png](images/ka0Qk00000013dN_0EMQk000001xr4Z.png) + ![image.png](./images/ka0Qk00000013dN_0EMQk000001xr4Z.png) 5. The resources will be added and a host scan will be attempted for each one. This host scan will fail - this is expected for unsupported platforms during initial onboarding. - ![image.png](images/ka0Qk00000013dN_0EMQk000001xtUY.png) + ![image.png](./images/ka0Qk00000013dN_0EMQk000001xtUY.png) Your resources should now be visible on the **Resources** page. ### Notes for Creating an Activity When creating an Activity that uses domain credentials, it is important not to use the `%targetdomain%` variable in the **Login Account Template**. Rather, use the name of the domain, as indicated. -![image.png](images/ka0Qk00000013dN_0EMQk000001xula.png) +![image.png](./images/ka0Qk00000013dN_0EMQk000001xula.png) Note that group membership add/remove operations will be needed if access control groups are used for the target devices. Once the activity is configured, it can be added to an access policy in the usual manner, and used to run an activity. -![image.png](images/ka0Qk00000013dN_0EMQk000001xx6j.png) -![image.png](images/ka0Qk00000013dN_0EMQk000001xx9x.png) +![image.png](./images/ka0Qk00000013dN_0EMQk000001xx6j.png) +![image.png](./images/ka0Qk00000013dN_0EMQk000001xx9x.png) diff --git a/docs/kb/privilegesecure/renewing-the-jwt-signing-certificate.md b/docs/kb/privilegesecure/renewing-the-jwt-signing-certificate.md index a4b8e78373..56dc441dff 100644 --- a/docs/kb/privilegesecure/renewing-the-jwt-signing-certificate.md +++ b/docs/kb/privilegesecure/renewing-the-jwt-signing-certificate.md @@ -70,6 +70,6 @@ Start-Service w3svc 8. Log in to the Privilege Secure web application as an Admin, and re-register services by clicking the logged-in user's name in the upper-right, clicking **Settings**, and then clicking **Register Services**. -![The SbPAM web application interface's user settings menu dropdown.](images/ka04u000000wvts_0EM4u000004bjDZ.png) +![The SbPAM web application interface's user settings menu dropdown.](./images/ka04u000000wvts_0EM4u000004bjDZ.png) -![The SbPAM web application interface's settings page, displaying the Register Services button.](images/ka04u000000wvts_0EM4u000004bjDe.png) +![The SbPAM web application interface's settings page, displaying the Register Services button.](./images/ka04u000000wvts_0EM4u000004bjDe.png) diff --git a/docs/kb/privilegesecure/rescheduling-iis-app-pool-recycling.md b/docs/kb/privilegesecure/rescheduling-iis-app-pool-recycling.md index 4807cb91f3..880e2b0f9b 100644 --- a/docs/kb/privilegesecure/rescheduling-iis-app-pool-recycling.md +++ b/docs/kb/privilegesecure/rescheduling-iis-app-pool-recycling.md @@ -29,9 +29,9 @@ Periodic app pool recycling is a necessary IIS process, and as such the Netwrix ## Instructions 1. On the server hosting Netwrix Privilege Secure, launch IIS Manager (`inetmgr.exe`). 2. In the left-hand menu, select **Application Pools**, and in the main window, select **SbPAMAppPool** - ![image.png](images/ka0Qk0000000zl3_0EM4u000008Lyes.png) + ![image.png](./images/ka0Qk0000000zl3_0EM4u000008Lyes.png) 3. On the right-hand menu, select **Recycling** to open the Recycling settings. - ![image.png](images/ka0Qk0000000zl3_0EM4u000008LyfH.png) + ![image.png](./images/ka0Qk0000000zl3_0EM4u000008LyfH.png) 4. You can change the default value of `1740 minutes (29 hours)` to **Specific time(s)** in order to recycle the application pool either less frequently, and/or to recycle the application pool during off-peak hours. Click **Next**. 5. Click **Finish** to save your new app pool recycling schedule. - ![image.png](images/ka0Qk0000000zl3_0EM4u000008LyfW.png) + ![image.png](./images/ka0Qk0000000zl3_0EM4u000008LyfW.png) diff --git a/docs/kb/privilegesecure/resolving-errconnect-security-nego-connect-failed-for-windows-rdp-sessions.md b/docs/kb/privilegesecure/resolving-errconnect-security-nego-connect-failed-for-windows-rdp-sessions.md index 9816a4ff0f..22e7b76be9 100644 --- a/docs/kb/privilegesecure/resolving-errconnect-security-nego-connect-failed-for-windows-rdp-sessions.md +++ b/docs/kb/privilegesecure/resolving-errconnect-security-nego-connect-failed-for-windows-rdp-sessions.md @@ -33,7 +33,7 @@ Failed to connect to target server The connection failed at negotiating security settings ``` -![User-added image](images/ka04u000000HcZu_0EM4u000004bUoG.png) +![User-added image](./images/ka04u000000HcZu_0EM4u000004bUoG.png) ## Instructions @@ -47,7 +47,7 @@ Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\W If the output for **SecurityLayer** is `0`, then this condition has been met. -![User-added image](images/ka04u000000HcZu_0EM4u000004bUoL.png) +![User-added image](./images/ka04u000000HcZu_0EM4u000004bUoL.png) 2. **Network Level Authentication (NLA)** has been disabled for RDP. @@ -61,7 +61,7 @@ In the menu that opens, navigate to the Remote tab. The control **Allow connecti If this control is disabled, then this condition has been met. -![User-added image](images/ka04u000000HcZu_0EM4u000004bUoQ.png) +![User-added image](./images/ka04u000000HcZu_0EM4u000004bUoQ.png) There are two ways to resolve the error, depending on the desired security settings for your environment: @@ -73,7 +73,7 @@ Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\W 2. Enable **Network Level Authentication (NLA)** while leaving RDP's **SecurityLayer** value at `0`: -![User-added image](images/ka04u000000HcZu_0EM4u000004bUoV.png) +![User-added image](./images/ka04u000000HcZu_0EM4u000004bUoV.png) IMPORTANT: For optimal security, it's recommended to have RDP's **SecurityLayer** value set to `2` while enabling **Network Level Authentication (NLA)**. diff --git a/docs/kb/privilegesecure/resolving-failed-actions-on-a-windows-resource-due-to-error-the-ws-management-service-cannot-process.md b/docs/kb/privilegesecure/resolving-failed-actions-on-a-windows-resource-due-to-error-the-ws-management-service-cannot-process.md index 0c73fc98e3..dedb89ab79 100644 --- a/docs/kb/privilegesecure/resolving-failed-actions-on-a-windows-resource-due-to-error-the-ws-management-service-cannot-process.md +++ b/docs/kb/privilegesecure/resolving-failed-actions-on-a-windows-resource-due-to-error-the-ws-management-service-cannot-process.md @@ -34,11 +34,11 @@ If remote shell access is disabled on a Windows resource, Netwrix Privilege Secu Unable to connect using PowerShell remoting to with user \: Connecting to remote server failed with the following error message : The WS-Management service cannot process the request. The service is configured to not accept any remote shell requests. ``` -![User-added image](images/ka04u000000HcZv_0EM4u000004bUoa.png) +![User-added image](./images/ka04u000000HcZv_0EM4u000004bUoa.png) This is caused by a Group Policy, configured at the local or domain level, that disables remote shell access on the resources the GPO targets: -![User-added image](images/ka04u000000HcZv_0EM4u000004bUof.png) +![User-added image](./images/ka04u000000HcZv_0EM4u000004bUof.png) ## Instructions @@ -48,7 +48,7 @@ You can verify this GPO in the Group Policy Editor on the target resource (or in Computer Configuration > Administrative Templates > Windows Components > Windows Remote Shell > Allow Remote Shell Access ``` -![User-added image](images/ka04u000000HcZv_0EM4u000004bUok.png) +![User-added image](./images/ka04u000000HcZv_0EM4u000004bUok.png) You can also verify the setting in PowerShell, but the GPO must first have been **Enabled** or **Disabled** so the correct registry key exists: @@ -59,6 +59,6 @@ Get-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\WinRM\Service\ - If the value is set to **0**, then remote shell access is **Disabled**. - If the value is set to **1**, then remote shell access is **Enabled**. -![User-added image](images/ka04u000000HcZv_0EM4u000004bUop.png) +![User-added image](./images/ka04u000000HcZv_0EM4u000004bUop.png) To resolve the error, set this GPO to either **Enabled** or **Not Configured**. In a domain environment, you should make this change via a domain-configured GPO rather than manually modifying the registry key on the target resource. diff --git a/docs/kb/privilegesecure/resolving-invalid-connection-string-for-directconnect-in-mremoteng.md b/docs/kb/privilegesecure/resolving-invalid-connection-string-for-directconnect-in-mremoteng.md index 1d8bb869f5..ec08d22416 100644 --- a/docs/kb/privilegesecure/resolving-invalid-connection-string-for-directconnect-in-mremoteng.md +++ b/docs/kb/privilegesecure/resolving-invalid-connection-string-for-directconnect-in-mremoteng.md @@ -25,12 +25,12 @@ knowledge_article_id: kA04u0000000HdXCAU ## Summary In a specific scenario, valid Netwrix Privilege Secure `DirectConnect` strings used in mRemoteNG will result in an invalid connection string error, stating the connection string is empty. -![Screenshot of Netwrix Privilege Secure DirectConnect error, stating the connection string is invalid (empty).](images/ka04u000000Hca3_0EM4u000004bv9Z.png) +![Screenshot of Netwrix Privilege Secure DirectConnect error, stating the connection string is invalid (empty).](./images/ka04u000000Hca3_0EM4u000004bv9Z.png) ## Instructions This error is caused by having credentials saved for the Netwrix Privilege Secure server (for example, the Netwrix Privilege Secure Proxy Server) in the Windows built-in RDP client, **Remote Desktop Connection**, on the same host that is running mRemoteNG. -![Screenshot of a credential saved in Remote Desktop Connection, the built-in Windows RDP client, for the Netwrix Privilege Secure Proxy Server.](images/ka04u000000Hca3_0EM4u000004bv9t.png) +![Screenshot of a credential saved in Remote Desktop Connection, the built-in Windows RDP client, for the Netwrix Privilege Secure Proxy Server.](./images/ka04u000000Hca3_0EM4u000004bv9t.png) To resolve the issue, you have two options: diff --git a/docs/kb/privilegesecure/slack-integration-send-approvals-to-slack.md b/docs/kb/privilegesecure/slack-integration-send-approvals-to-slack.md index d6c68b6881..dc52d54636 100644 --- a/docs/kb/privilegesecure/slack-integration-send-approvals-to-slack.md +++ b/docs/kb/privilegesecure/slack-integration-send-approvals-to-slack.md @@ -27,7 +27,7 @@ This article describes the process for setting up an Approval workflow in which ## Instructions 1. In Slack, inspect the channel you wish to message. The **Integrations** pane will have a **Send emails to this channel** setting. Copy the email address. 2. In Netwrix Privilege Secure, navigate to the Users and Groups page. Click the **Add** button and create a new **Local user**. **Note: this user will not need to log in to Netwrix Privilege Secure.** - ![image.png](images/ka0Qk0000000zeb_0EMQk000001oz7l.png) + ![image.png](./images/ka0Qk0000000zeb_0EMQk000001oz7l.png) 3. Set the local user's email address to the Slack channel's email address from step 1: - ![image.png](images/ka0Qk0000000zeb_0EMQk000001ozUL.png) + ![image.png](./images/ka0Qk0000000zeb_0EMQk000001ozUL.png) 4. You may now add this local account as an additional approver in any approval workflow. It will not be used for approvals, but its email address value will allow the configured Slack channel to receive approval messages. diff --git a/docs/kb/privilegesecure/slack-integration-send-slack-message.md b/docs/kb/privilegesecure/slack-integration-send-slack-message.md index 1f1d646151..a198c16245 100644 --- a/docs/kb/privilegesecure/slack-integration-send-slack-message.md +++ b/docs/kb/privilegesecure/slack-integration-send-slack-message.md @@ -59,9 +59,9 @@ settings: 1. Download the Send-SlackMessage.zip archive to the SbPAM server: https://dl.netwrix.com/additional/Send-SlackMessage.Addon.zip 2. Extract the archive, which contains a README file, an ActionTemplates directory, and an `Install-Addon.ps1` script file. Right-click `Install-Addon.ps1` and select **Run with PowerShell**. 3. When prompted, select `Y` to proceed. -![image.png](images/ka0Qk0000001ELt_0EMQk000001pkUr.png) +![image.png](./images/ka0Qk0000001ELt_0EMQk000001pkUr.png) 4. The PowerShell window should quickly execute the script and close. 5. Log in to the SbPAM console. (If SbPAM was already open, be sure to refresh the console.) 6. In SbPAM, navigate to **Activities**, select an **Activity**, and click the green plus sign in either the **Pre-Session** or **Post-Session**. Note that the **Send Message to Slack** activity step is now available. 7. Provide the URL from step 6 of Preparing Your Slack App when configuring the action step. -![image.png](images/ka0Qk0000001ELt_0EMQk000001ovYn.png) +![image.png](./images/ka0Qk0000001ELt_0EMQk000001ovYn.png) diff --git a/docs/kb/privilegesecure/speeding-up-crl-checks-on-sbpam-servers-without-internet-connectivity.md b/docs/kb/privilegesecure/speeding-up-crl-checks-on-sbpam-servers-without-internet-connectivity.md index ca096940b6..ce53540212 100644 --- a/docs/kb/privilegesecure/speeding-up-crl-checks-on-sbpam-servers-without-internet-connectivity.md +++ b/docs/kb/privilegesecure/speeding-up-crl-checks-on-sbpam-servers-without-internet-connectivity.md @@ -38,9 +38,9 @@ This timeout setting is governed by a Group Policy. The following steps allow yo 1. Open Group Policy Editor: `gpedit.msc` 2. Navigate to `Computer Configuration > Windows Settings > Security Settings > Public Key Policies` - ![User-added image](images/ka04u000000HdFp_0EM4u0000052lrQ.png) + ![User-added image](./images/ka04u000000HdFp_0EM4u0000052lrQ.png) 3. Double-click on **Certificate Path Validation Settings** and go to the **Network Retrieval** tab. - ![User-added image](images/ka04u000000HdFp_0EM4u0000052lrf.png) + ![User-added image](./images/ka04u000000HdFp_0EM4u0000052lrf.png) 4. Check the **Define these policy settings** box, and reduce both **Default retrieval timeout settings** to `1`. - ![User-added image](images/ka04u000000HdFp_0EM4u0000052lrk.png) + ![User-added image](./images/ka04u000000HdFp_0EM4u0000052lrk.png) 5. Click **Apply** to save the configuration. diff --git a/docs/kb/privilegesecure/task-automation-write-to-file-on-target-resource.md b/docs/kb/privilegesecure/task-automation-write-to-file-on-target-resource.md index 92182dd78f..3637c27c1b 100644 --- a/docs/kb/privilegesecure/task-automation-write-to-file-on-target-resource.md +++ b/docs/kb/privilegesecure/task-automation-write-to-file-on-target-resource.md @@ -27,7 +27,7 @@ This article provides an example of a Task Automation script that can be used to ## Summary 1. In Netwrix Privilege Secure, navigate to the **Activities** page and create an Activity with the **Task Automation** Activity Type. The activity should be configured to provide sufficient privilege to remotely execute scripts on the target resource, and the **Login Account**, **Requester Login Format**, and **Pre- and Post-Session** action steps should reflect this. - ![image.png](images/ka0Qk0000003etl_0EMQk000004iG8P.png) + ![image.png](./images/ka0Qk0000003etl_0EMQk000004iG8P.png) 2. In the **Session** of the Activity, click the **+** button and add a **Run Custom Powershell Script** action step. diff --git a/docs/kb/privilegesecure/troubleshooting-a-user-id-mismatch-error-during-login.md b/docs/kb/privilegesecure/troubleshooting-a-user-id-mismatch-error-during-login.md index d3a7a3033c..b095404cf2 100644 --- a/docs/kb/privilegesecure/troubleshooting-a-user-id-mismatch-error-during-login.md +++ b/docs/kb/privilegesecure/troubleshooting-a-user-id-mismatch-error-during-login.md @@ -26,7 +26,7 @@ knowledge_article_id: kA04u000000LLjtCAG When logging into the Netwrix Privilege Secure console, you may receive a "User Id Mismatch" response that prevents login. This is caused when there is a mismatch between a Netwrix Privilege Secure user stored in a cookie, and the user attempting login. Generally this is caused when multiple sessions are being launched from the same browser using different users. -![image.png](images/ka04u000000HdEG_0EM4u000005gCr9.png) +![image.png](./images/ka04u000000HdEG_0EM4u000005gCr9.png) ## Instructions diff --git a/docs/kb/privilegesecure/using-the-database-configuration-tool-to-change-the-postgres-db-password.md b/docs/kb/privilegesecure/using-the-database-configuration-tool-to-change-the-postgres-db-password.md index d14d2dc27e..63421a56bd 100644 --- a/docs/kb/privilegesecure/using-the-database-configuration-tool-to-change-the-postgres-db-password.md +++ b/docs/kb/privilegesecure/using-the-database-configuration-tool-to-change-the-postgres-db-password.md @@ -31,25 +31,25 @@ While it is essential that remote access to the Netwrix Privilege Secure (NPS) s ## Instructions 1. On the Netwrix Privilege Secure (NPS) server, navigate to the "Extras" folder in the NPS installer download directory. The Database Configuration tool installer (`DbCfg.msi`) is included in this directory. Launch the installer, and select **Next**. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxNl.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxNl.png) 2. Review and accept the EULA. Select **Next**. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxOZ.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxOZ.png) 3. Choose an installation path. The default installation path is `C:\Program Files\Stealthbits\PAM\`. Select **Next**. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxOj.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxOj.png) 4. Select **Install**, and confirm any UAC prompt that occurs. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxOo.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxOo.png) 5. The installation will complete shortly. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxOt.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxOt.png) 6. Navigate to the installation directory and launch `DbCfg.exe` from your chosen installation directory. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxOy.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxOy.png) 7. You can click **Test** to confirm your connection to the Postgres DB. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxP3.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxP3.png) 8. Set a new password in the Password field and hit **Save** to change the Postgres password. If your Test connection from step 7 was successful, you should receive a "Configuration saved successfully" response, which indicates a successful password change. This change will propagate to any NPS service that needs to use the database password. - ![image.png](images/ka04u00000117Sx_0EM4u000008LxP8.png) + ![image.png](./images/ka04u00000117Sx_0EM4u000008LxP8.png) diff --git a/docs/kb/threatmanager/agent-blocked-from-hooking-into-lsass.md b/docs/kb/threatmanager/agent-blocked-from-hooking-into-lsass.md index bf2b705fd3..81c080dce0 100644 --- a/docs/kb/threatmanager/agent-blocked-from-hooking-into-lsass.md +++ b/docs/kb/threatmanager/agent-blocked-from-hooking-into-lsass.md @@ -45,7 +45,7 @@ To resolve this issue, follow the steps provided in the first resolution. If the 1. To verify this setting, review the **AD Agent** column in the interface: - ![AD](images/servlet_image_6a2f3ac990a0.png)

+ ![AD](./images/servlet_image_6a2f3ac990a0.png)

2. Enable or disable this setting using the **Agent Update Settings** option. Navigate to: https://docs.netwrix.com/docs/threatprevention/7_5 (Set Options Window). 3. Access the settings via the following path: **Netwrix Threat Manager v7.3 > Administration > Policy Center > Agents Interface > Agents Interface Right-Click Menu > Update Agent Settings**. For details, see: https://docs.netwrix.com/docs/threatprevention/7_5 (Update Agent Settings). diff --git a/docs/kb/threatmanager/dashboard-stalls-at-initial-loading-screen-in-microsoft-edge.md b/docs/kb/threatmanager/dashboard-stalls-at-initial-loading-screen-in-microsoft-edge.md index f075750c7d..6b53d38158 100644 --- a/docs/kb/threatmanager/dashboard-stalls-at-initial-loading-screen-in-microsoft-edge.md +++ b/docs/kb/threatmanager/dashboard-stalls-at-initial-loading-screen-in-microsoft-edge.md @@ -22,9 +22,9 @@ knowledge_article_id: kA0Qk0000001xvhKAA - The Netwrix Threat Manager Dashboard in Microsoft Edge stalls at the loading screen and does not proceed to the login screen. - The following error is present in the Developer Tools **Console** panel. To access the panel, navigate to **Settings (...) > More tools > Developer tools** (or press `CTRL + SHIFT + I`) > **Console** tab: -![Screenshot 1](images/ka0Qk000000E7Cv_0EMQk00000C80X1.png) +![Screenshot 1](./images/ka0Qk000000E7Cv_0EMQk00000C80X1.png) -![Screenshot 2](images/ka0Qk000000E7Cv_0EMQk00000AzSUg.png) +![Screenshot 2](./images/ka0Qk000000E7Cv_0EMQk00000AzSUg.png) ## Cause diff --git a/docs/kb/threatmanager/file-systems-events-not-appearing-in-netwrix-threat-manager-from-the-netwrix-activity-monitor-agent-.md b/docs/kb/threatmanager/file-systems-events-not-appearing-in-netwrix-threat-manager-from-the-netwrix-activity-monitor-agent-.md index 00ca6bb012..daf53db9d7 100644 --- a/docs/kb/threatmanager/file-systems-events-not-appearing-in-netwrix-threat-manager-from-the-netwrix-activity-monitor-agent-.md +++ b/docs/kb/threatmanager/file-systems-events-not-appearing-in-netwrix-threat-manager-from-the-netwrix-activity-monitor-agent-.md @@ -26,24 +26,24 @@ You may see that Netwrix Threat Manager (NTM) is not receiving events from Netwr The incorrect **Syslog** message template of **LEEF** was selected. -![](images/ka0Qk000000CpYD_0EMQk00000BJq9S.png) +![](./images/ka0Qk000000CpYD_0EMQk00000BJq9S.png) ## Resolution To resolve this issue, change the Syslog message template from **LEEF** to **Netwrix Threat Prevention** as per the steps below: 1. Within the NAM console, click **Monitored Hosts** to select the needed host output for the **Syslog** item and Select **Edit**. - ![](images/ka0Qk000000CpYD_0EMQk00000BJoNm.png) + ![](./images/ka0Qk000000CpYD_0EMQk00000BJoNm.png) 2. Confirm the server and port needed for NTM. 3. Click the ellipsis to open the Message Template window, select the **Netwrix Threat Manager (Netwrix Threat Prevention)** Template, and click **OK**. - ![](images/ka0Qk000000CpYD_0EMQk00000BJssn.png) + ![](./images/ka0Qk000000CpYD_0EMQk00000BJssn.png) 4. Click **Test** to verify the template setting and click **OK**. > **NOTE:** This is UDP, so there is no true confirmation that a connection is/was made. -> ![](images/ka0Qk000000CpYD_0EMQk00000BJrGo.png) +> ![](./images/ka0Qk000000CpYD_0EMQk00000BJrGo.png) 5. Return to the NTM Web console and check for new events once posted. diff --git a/docs/kb/threatmanager/how-to-change-threat-manager-s-inactivity-timer.md b/docs/kb/threatmanager/how-to-change-threat-manager-s-inactivity-timer.md index 745f721cfc..96f3d3f173 100644 --- a/docs/kb/threatmanager/how-to-change-threat-manager-s-inactivity-timer.md +++ b/docs/kb/threatmanager/how-to-change-threat-manager-s-inactivity-timer.md @@ -27,4 +27,4 @@ It can be annoying for users when their Netwrix Threat Manager console times out 4. Click into **User Access** then select the **Token Expiration** tab 5. Adjust timer from the drop down -![Graphical user interface, text, application Description automatically generated](images/ka0Qk000000DmBh_0EM4u000004d64Y.png) \ No newline at end of file +![Graphical user interface, text, application Description automatically generated](./images/ka0Qk000000DmBh_0EM4u000004d64Y.png) \ No newline at end of file diff --git a/docs/kb/threatmanager/how-to-customize-event-service-listening-port-s.md b/docs/kb/threatmanager/how-to-customize-event-service-listening-port-s.md index ca4ae577dd..5c1691dc14 100644 --- a/docs/kb/threatmanager/how-to-customize-event-service-listening-port-s.md +++ b/docs/kb/threatmanager/how-to-customize-event-service-listening-port-s.md @@ -38,7 +38,7 @@ Alter the default Netwrix Threat Prevention Event Service listening port(s) via ``` For example, change the FS port to `514` and click **OK**: -![port512.png](images/ka0Qk000000DkZh_0EM4u000008LC2a.png) +![port512.png](./images/ka0Qk000000DkZh_0EM4u000008LC2a.png) 6. In the window below click the **Save Data Changes** icon. 7. Restart the Netwrix Threat Prevention Event Service. \ No newline at end of file diff --git a/docs/kb/threatmanager/netwrix-threat-manager-licensing-error-license-activation-error-2.md b/docs/kb/threatmanager/netwrix-threat-manager-licensing-error-license-activation-error-2.md index 692f44e29e..a5300e68e4 100644 --- a/docs/kb/threatmanager/netwrix-threat-manager-licensing-error-license-activation-error-2.md +++ b/docs/kb/threatmanager/netwrix-threat-manager-licensing-error-license-activation-error-2.md @@ -17,7 +17,7 @@ After navigating to the **Licensing** page when attempting to update the license License activation error 2. ``` -![Licensing error screenshot](images/ka0Qk000000CDMT_0EMQk00000Asaf3.png) +![Licensing error screenshot](./images/ka0Qk000000CDMT_0EMQk00000Asaf3.png) ## Cause diff --git a/docs/kb/threatmanager/test-connection-in-active-directory-sync-integration-fails.md b/docs/kb/threatmanager/test-connection-in-active-directory-sync-integration-fails.md index 001f6f989c..a5f554f26f 100644 --- a/docs/kb/threatmanager/test-connection-in-active-directory-sync-integration-fails.md +++ b/docs/kb/threatmanager/test-connection-in-active-directory-sync-integration-fails.md @@ -64,4 +64,4 @@ Edit the Active Directory Service configuration to implement the HTTPS protocol. Refer to the following example of the `appsettings.json` file: -![appsettings.json example](images/ka0Qk0000005sxR_0EMQk000007sh3x.png) \ No newline at end of file +![appsettings.json example](./images/ka0Qk0000005sxR_0EMQk000007sh3x.png) \ No newline at end of file diff --git a/docs/kb/threatprevention/enabling-debug-logging-on-the-steathintercept-windows-agent.md b/docs/kb/threatprevention/enabling-debug-logging-on-the-steathintercept-windows-agent.md index 0c606b8ea8..7290cc3c4e 100644 --- a/docs/kb/threatprevention/enabling-debug-logging-on-the-steathintercept-windows-agent.md +++ b/docs/kb/threatprevention/enabling-debug-logging-on-the-steathintercept-windows-agent.md @@ -37,7 +37,7 @@ There are two options. 3. Edit the file named `SIWindowsAgent.log.config` in your favorite text editor. 4. Change `WARN` to `DEBUG` in the appropriate portion of that file: - ![LogConfig.png](images/ka0Qk000000DmDJ_0EM4u000004d1hf.png) + ![LogConfig.png](./images/ka0Qk000000DmDJ_0EM4u000004d1hf.png) 5. Save the `.log.config` file and restart the `SIWindowsAgent` service. diff --git a/docs/kb/threatprevention/pwnd-passwords-database-downloader-for-netwrix-threat-prevention.md b/docs/kb/threatprevention/pwnd-passwords-database-downloader-for-netwrix-threat-prevention.md index 51a3f27ecd..121a42b526 100644 --- a/docs/kb/threatprevention/pwnd-passwords-database-downloader-for-netwrix-threat-prevention.md +++ b/docs/kb/threatprevention/pwnd-passwords-database-downloader-for-netwrix-threat-prevention.md @@ -47,7 +47,7 @@ knowledge_article_id: kA04u000000HDkaCAG dotnet tool install --global haveibeenpwned-downloader ``` -![User-added image](images/ka0Qk000000DZHh_0EM4u0000084oo1.png) +![User-added image](./images/ka0Qk000000DZHh_0EM4u0000084oo1.png) ### Step 3. Update an already installed Pwnd Passwords Downloader @@ -58,7 +58,7 @@ dotnet tool install --global haveibeenpwned-downloader dotnet tool update --global haveibeenpwned-downloader ``` -![User-added image](images/ka0Qk000000DZHh_0EM4u0000084oo6.png) +![User-added image](./images/ka0Qk000000DZHh_0EM4u0000084oo6.png) ### Usage of Pwnd Passwords Downloader @@ -71,7 +71,7 @@ To download NTLM hashes: haveibeenpwned-downloader.exe -n pwnedpasswords ``` -![User-added image](images/ka0Qk000000DZHh_0EM4u0000084ooB.png) +![User-added image](./images/ka0Qk000000DZHh_0EM4u0000084ooB.png) ### Step 4. Prepare Pwned DB for SI @@ -81,4 +81,4 @@ haveibeenpwned-downloader.exe -n pwnedpasswords 4. Click **Select File** and choose downloaded txt file. 5. Click the **Update** button. -![User-added image](images/ka0Qk000000DZHh_0EM4u0000084ooG.png) +![User-added image](./images/ka0Qk000000DZHh_0EM4u0000084ooG.png) diff --git a/docs/kb/threatprevention/set-up-eset-hips-rules-to-allow-threat-prevention-si-agent-hook.md b/docs/kb/threatprevention/set-up-eset-hips-rules-to-allow-threat-prevention-si-agent-hook.md index def6c342d2..a7df867365 100644 --- a/docs/kb/threatprevention/set-up-eset-hips-rules-to-allow-threat-prevention-si-agent-hook.md +++ b/docs/kb/threatprevention/set-up-eset-hips-rules-to-allow-threat-prevention-si-agent-hook.md @@ -30,12 +30,12 @@ How to set up ESET HIPS rules to allow Threat Prevention SI Agent hook? 1. In the left pane of your **ESET PROTECT Web Console**, select **Policies**. Select the **Detection Engine** tab > **HIPS**. 2. Under the **Rules** section, click **Edit**. - ![Step 2](images/ka0Qk000000DZET_0EM4u000008M9O8.png) + ![Step 2](./images/ka0Qk000000DZET_0EM4u000008M9O8.png) 3. In the **HIPS Rules** window, click **Add**. 4. Specify the **Rule name**, select **Allow** for the **Action** type, and proceed by clicking **Next**. - ![Steps 3-4](images/ka0Qk000000DZET_0EM4u000008M9OD.png) + ![Steps 3-4](./images/ka0Qk000000DZET_0EM4u000008M9OD.png) 5. Select **Specific applications** in the dropdown list, and click **Add** to add the path to `SIWindowsAgent.exe`. Refer to the following code block for a default path: @@ -45,19 +45,19 @@ How to set up ESET HIPS rules to allow Threat Prevention SI Agent hook? Proceed to the next step by clicking **Next**. - ![Step 5](images/ka0Qk000000DZET_0EM4u000008M9OI.png) + ![Step 5](./images/ka0Qk000000DZET_0EM4u000008M9OI.png) 6. Switch the **All file operations** switch to the on position, and proceed by clicking **Next**. Click **OK** to save changes. - ![Step 6](images/ka0Qk000000DZET_0EM4u000008M9OS.png) + ![Step 6](./images/ka0Qk000000DZET_0EM4u000008M9OS.png) 7. Once the configuration steps are completed, proceed to the **Assign** tab. Assign the new rule to corresponding systems. - ![Step 7](images/ka0Qk000000DZET_0EM4u000008M9OX.png) + ![Step 7](./images/ka0Qk000000DZET_0EM4u000008M9OX.png) 8. The rule should become visible in your ESET host. Refer to the **Advanced Setup** menu > **HIPS** tab > **Basic** section > **Rules** tab. - ![Step 8](images/ka0Qk000000DZET_0EM4u000008M9Oc.png) + ![Step 8](./images/ka0Qk000000DZET_0EM4u000008M9Oc.png) > **NOTE:** Once the rule is applied, SI Agent should be restarted. diff --git a/docs/kb/threatprevention/updating-the-have-i-been-pwnd-ntml-hash-list.md b/docs/kb/threatprevention/updating-the-have-i-been-pwnd-ntml-hash-list.md index a0b3644e9d..432390db54 100644 --- a/docs/kb/threatprevention/updating-the-have-i-been-pwnd-ntml-hash-list.md +++ b/docs/kb/threatprevention/updating-the-have-i-been-pwnd-ntml-hash-list.md @@ -47,7 +47,7 @@ Follow the steps to install the Pwnd Passwords Downloader. dotnet tool install --global haveibeenpwned-downloader ``` -![A screenshot of a computer Description automatically generated with medium confidence](images/ka0Qk000000Dk3S_0EM4u000008L8RW.png) +![A screenshot of a computer Description automatically generated with medium confidence](./images/ka0Qk000000Dk3S_0EM4u000008L8RW.png) 3. Close the command prompt. @@ -61,7 +61,7 @@ Follow the steps to update an installed Pwnd Passwords Downloader. dotnet tool update --global haveibeenpwned-downloader ``` -![A picture containing text, screenshot, font Description automatically generated](images/ka0Qk000000Dk3S_0EM4u000008L8RX.png) +![A picture containing text, screenshot, font Description automatically generated](./images/ka0Qk000000Dk3S_0EM4u000008L8RX.png) ### Download NTML Hashes with the Pwnd Passwords Downloader Follow the steps to download NTLM hashes (for Netwrix Password Policy Enforcer v10.1 and up): @@ -75,7 +75,7 @@ Run: haveibeenpwned-downloader.exe -n pwnedpasswords_ntlm ``` -![A picture containing text, screenshot, font Description automatically generated](images/ka0Qk000000Dk3S_0EM4u000008L8RY.png) +![A picture containing text, screenshot, font Description automatically generated](./images/ka0Qk000000Dk3S_0EM4u000008L8RY.png) This screenshot shows the completed download. diff --git a/docs/partner/msp/index.md b/docs/partner/msp/index.md index 4ad9602a72..c40b44be4f 100644 --- a/docs/partner/msp/index.md +++ b/docs/partner/msp/index.md @@ -3,10 +3,9 @@ title: MSP Engineer Certification Learning Paths sidebar_position: 1870 tags: [certification, partners, msp] keywords: [training, course, certification, partners, msp] -description: "Learn about the Netwrix MSP Engineer ceritifcation options" +description: "Learn about the Netwrix MSP Engineer certification options" --- -The following learning paths provide Partner certification for MSP Engineers: +The following learning path provides Partner certification for MSP Engineers: -* [Netwrix 1Secure Data Security Posture Management MSPs Sales Professional](../sales/1secure-dspm.md) -* [Netwrix Auditor & Data Classification MSP Engineer](./auditor.md) \ No newline at end of file +* [Netwrix Auditor & Data Classification MSP Engineer](./auditor.md) diff --git a/docs/partner/presales/1secure-core.md b/docs/partner/presales/1secure-core.md new file mode 100644 index 0000000000..12c07b93a9 --- /dev/null +++ b/docs/partner/presales/1secure-core.md @@ -0,0 +1,46 @@ +--- +title: Netwrix 1Secure Core Presales Engineer +sidebar_position: 1340 +tags: [certification, partners, presales, 1secure] +keywords: [training, course, certification, partners, presales, 1secure] +description: "Become a certified Presales Engineer for Netwrix 1Secure" +--- + +import { N1SValue, N1SConcepts, N1SIntroGS, N1SIntroMO, N1SIntroConf, N1SIntroData, N1SIntroReport, N1SIntroAlertRisk, N1SDemoCore, N1SAdditional } from '@site/src/training/1secure'; +import { Company, N1S } from '@site/src/training/products'; + + +Estimated length: 3 hours + +This learning path grants certification as a Presales Engineer for this product. It contains the following courses: + + +* 1600 – Valuable Features +* 2600 – Components & Architecture +* 3600.1 Introduction to – Getting Started +* 3600.2 Introduction to – Manage Organizations +* 3600.3 Introduction to – Configuration +* 3600.4 Introduction to – Data Sources +* 3600.5 Introduction to – Reports +* 3600.6 Introduction to – Alerts & Risk Assessment +* 5600.1 – Demo the Basic Use Cases + + + + + + + + + + + + + + + + + + + + diff --git a/docs/partner/presales/identity-threat-detection-and-response.md b/docs/partner/presales/identity-threat-detection-and-response.md index ac9f7331f2..8f5e874450 100644 --- a/docs/partner/presales/identity-threat-detection-and-response.md +++ b/docs/partner/presales/identity-threat-detection-and-response.md @@ -6,6 +6,7 @@ keywords: [training, course, certification, partners, presales, access analyzer, description: "Become a certified Presales Engineer for Netwrix Identity Threat Detection & Response" --- +import { ITDRIntro } from '@site/src/training/identity-threat-detection-response'; import { NAADemo } from '@site/src/training/access-analyzer'; import { NPCDemo } from '@site/src/training/pingcastle'; import { NRADDemo } from '@site/src/training/recovery-for-ad'; @@ -20,6 +21,7 @@ Prerequisite: Identity Threat Detection & Response Solution Sales Pr This learning path grants certification as a Presales Engineer for this solution. It contains the following courses: +* 1984 Introduction to Identity Threat Detection & Response Solution * 5000 – Demo the Basic Use Cases * 5680 – Demo the Basic Use Cases * 5400 – Demo the Basic Use Cases @@ -27,6 +29,8 @@ This learning path grants certification as a Presales Engineer for t * 5560 – Demo the Basic Use Cases * 5984 Identity Threat Detection & Response Solution – Demo the Basic Use Cases + + diff --git a/docs/partner/presales/index.md b/docs/partner/presales/index.md index 5b24aef04b..be516e7957 100644 --- a/docs/partner/presales/index.md +++ b/docs/partner/presales/index.md @@ -3,7 +3,7 @@ title: Presales Engineer Certification Learning Paths sidebar_position: 1330 tags: [certification, partners, presales] keywords: [training, course, certification, partners, presales] -description: "Learn about the Netwrix Presales Engineer ceritifcation options" +description: "Learn about the Netwrix Presales Engineer certification options" --- The following learning paths provide Partner certification for Presales Engineers: @@ -22,17 +22,18 @@ The following learning paths provide Partner certification for Presales Engineer * [Netwrix Endpoint Protector Presales Engineer](./endpoint-protector.md) * Identity Management Solution * [Netwrix Identity Manager Presales Engineer](./identity-manager.md) + * [Netwrix Platform Governance for NetSuite Presales Engineer](./platform-governance-for-netsuite.md) + * [Netwrix Platform Governance for Salesforce Presales Engineer](./platform-governance-for-salesforce.md) * Identity Threat Detection & Response Solution * [Netwrix Access Analyzer Presales Engineer](./access-analyzer.md) * [Netwrix PingCastle Presales Engineer](./pingcastle.md) * [Netwrix Recovery for Active Directory Presales Engineer](./recovery-for-ad.md) * [Netwrix Threat Prevention Presales Engineer](./threat-prevention.md) * [Netwrix Threat Manager Presales Engineer](./threat-manager.md) - * [Netwrix Identity Threat Detection & Response Solution Presales Enagineer](identity-threat-detection-and-response.md) + * [Netwrix Identity Threat Detection & Response Solution Presales Engineer](identity-threat-detection-and-response.md) * Privilege Access Management Solution * [Netwrix Endpoint Policy Manager Presales Engineer](./endpoint-policy-manager.md) * [Netwrix Password Secure Presales Engineer](./password-secure.md) * [Netwrix Privileged Secure Presales Engineer](./privilege-secure.md) -* Additional Products - * [Netwrix Platform Governance for NetSuite Presales Engineer](./platform-governance-for-netsuite.md) - * [Netwrix Platform Governance for Salesforce Presales Engineer](./platform-governance-for-salesforce.md) +* Additional Product + * [Netwrix 1Secure Core Presales Engineer](./1secure-core.md) diff --git a/docs/partner/sales/1secure-dspm.md b/docs/partner/sales/1secure-dspm.md index b20ee4bdbc..d46de7393e 100644 --- a/docs/partner/sales/1secure-dspm.md +++ b/docs/partner/sales/1secure-dspm.md @@ -1,9 +1,9 @@ --- -title: Netwrix 1Secure Data Security Posture Management MSPs Sales Professional +title: Netwrix 1Secure Sales Professional sidebar_position: 1050 tags: [certification, partners, sales, 1secure, data-security-posture-management] keywords: [training, course, certification, partners, sales, 1secure, data security posture management] -description: "Become a certified Sales Professional for Netwrix 1Secure Data Security Posture Management" +description: "Become a certified Sales Professional for Netwrix 1Secure" --- import { Company, N1S } from '@site/src/training/products'; diff --git a/docs/partner/sales/change-tracker.md b/docs/partner/sales/change-tracker.md new file mode 100644 index 0000000000..86c8c94388 --- /dev/null +++ b/docs/partner/sales/change-tracker.md @@ -0,0 +1,20 @@ +--- +title: Netwrix Change Tracker Sales Professional +sidebar_position: 1120 +tags: [certification, partners, sales, change-tracker] +keywords: [training, course, certification, partners, sales, change tracker] +description: "Become a certified Sales Professional for Netwrix Change Tracker" +--- + +import { Company, NCT } from '@site/src/training/products'; + + +This learning path grants certification as a Sales Professional for this product. It contains the following course: + +* Introduction to for Sales + +## Introduction to for Sales + +This course will introduce you to the basics of , one of our newest products, explain what problems it solves, tell you which customers are going to be interested in learning more and explain how to engage with them successfully. + +Estimated Time: 1 hour diff --git a/docs/partner/sales/data-security-posture-management.md b/docs/partner/sales/data-security-posture-management.md index b9e1a1b5b5..2a651b92e6 100644 --- a/docs/partner/sales/data-security-posture-management.md +++ b/docs/partner/sales/data-security-posture-management.md @@ -6,6 +6,7 @@ keywords: [training, course, certification, partners, sales, access analyzer, au description: "Become a certified Sales Professional for Netwrix Data Security Posture Management" --- +import { DSPMIntro } from '@site/src/training/data-security-posture-management'; import { Company, NAA, NA, NDC, NEP } from '@site/src/training/products'; @@ -16,10 +17,13 @@ This learning path grants certification as a Sales Professional for * * -It contains the following course: +It contains the following courses: +* 1980 Introduction to Data Security Posture Management Solution * Introduction to the Netwrix Solution for Data Security Posture Management (DSPM) + + ## Introduction to the Netwrix Solution for Data Security Posture Management (DSPM) This course is all about giving sellers the know-how to confidently pitch the Data Security Posture Management suite. diff --git a/docs/partner/sales/directory-management.md b/docs/partner/sales/directory-management.md index 35f5b842bb..f4efdbff4e 100644 --- a/docs/partner/sales/directory-management.md +++ b/docs/partner/sales/directory-management.md @@ -6,6 +6,7 @@ keywords: [training, course, certification, partners, sales, auditor, directory description: "Become a certified Sales Professional for Netwrix Directory Management" --- +import { DMIntro } from '@site/src/training/directory-management'; import { Company, NA, NDM, NPPE } from '@site/src/training/products'; @@ -17,15 +18,18 @@ This learning path grants certification as a Sales Professional for It contains the following course: -* Introduction to the Netwrix Solution for Directory Management +* 1981 Introduction to Directory Management Solution +* Introduction to the Solution for Directory Management -## Introduction to the Netwrix Solution for Directory Management + -This course, designed for sellers of Netwrix products, focuses on the Directory Management Solution. +## Introduction to the Solution for Directory Management + +This course, designed for sellers of products, focuses on the Directory Management Solution. Upon completion of this module, sellers will be able to: * Understand the business impacts of poorly managed directories (such as Active Directory and Entra ID) * Uncover the issues addressed by directory management * Recognize the potential targets for directory management -* Deliver the value proposition of the Netwrix Directory Management Solution +* Deliver the value proposition of the Directory Management Solution diff --git a/docs/partner/sales/endpoint-management.md b/docs/partner/sales/endpoint-management.md new file mode 100644 index 0000000000..0726d7132d --- /dev/null +++ b/docs/partner/sales/endpoint-management.md @@ -0,0 +1,36 @@ +--- +title: Netwrix Endpoint Management Solution Sales Professional +sidebar_position: 1290 +tags: [certification, partners, sales, change-tracker, endpoint-policy-manager, endpoint-protector, endpoint-management] +keywords: [training, course, certification, partners, sales, change tracker, endpoint policy manager, endpoint protector, endpoint management] +description: "Become a certified Sales Professional for Netwrix Endpoint Management" +--- + +import { EMIntro } from '@site/src/training/endpoint-management'; +import { Company, NCT, NEPM, NEP } from '@site/src/training/products'; + + +This learning path grants certification as a Sales Professional for this solution. The following products comprise this solution: + +* +* +* + +It contains the following courses: + +* 1982 Introduction to Endpoint Management Solution +* Introduction to the Solution for Endpoint Management + + + +## Introduction to the Solution for Endpoint Management + +Endpoints are the laptops and desktop computers employees use every day, and are inherently unsecured, difficult to manage, and often out of compliance. They’re also the entry point for most cyberattacks and a frequent source of data loss, whether from external threats like ransomware or internal risks like accidental or malicious insiders. + +You’ll learn what’s driving the need to rethink endpoint management, the hidden risks customers face on their laptops and desktops, and how the Netwrix Endpoint Management Solution helps enforce security, streamline operations, and ensure compliance, without ripping and replacing what they already use. + +Key topics include: +* The endpoint-specific challenges this solution solves, and why they matter now +* A breakdown of who’s involved in endpoint buying decisions +* High-probability use cases and discovery questions that expose gaps +* How to clearly position the value of the Endpoint Management Solution diff --git a/docs/partner/sales/identity-threat-detection-response.md b/docs/partner/sales/identity-threat-detection-response.md index 37eb57070e..fd6768b39f 100644 --- a/docs/partner/sales/identity-threat-detection-response.md +++ b/docs/partner/sales/identity-threat-detection-response.md @@ -6,6 +6,7 @@ keywords: [training, course, certification, partners, sales, identity threat det description: "Become a certified Sales Professional for Netwrix Identity Threat Detection & Response" --- +import { ITDRIntro } from '@site/src/training/identity-threat-detection-response'; import { Company, NAA, NPC, NRAD, NTM, NTP } from '@site/src/training/products'; @@ -17,10 +18,13 @@ This learning path grants certification as a Sales Professional for * * -It contains the following course: +It contains the following courses: +* 1984 Introduction to Identity Threat Detection & Response Solution * Introduction to the Solution for Identity Threat Detection & Response (ITDR) + + ## Introduction to the Solution for Identity Threat Detection & Response (ITDR) Upon completion, sellers will be able to: diff --git a/docs/partner/sales/index.md b/docs/partner/sales/index.md index 1087b520f1..cb0179faf6 100644 --- a/docs/partner/sales/index.md +++ b/docs/partner/sales/index.md @@ -3,23 +3,27 @@ title: Sales Professional Certification Learning Paths sidebar_position: 1030 tags: [certification, partners, sales] keywords: [training, course, certification, partners, sales] -description: "Learn about the Netwrix Sales Professional ceritifcation options" +description: "Learn about the Netwrix Sales Professional certification options" --- The following learning paths provide Partner certification for Sales Professionals: * Netwrix 1Secure Editions - * [Netwrix 1Secure Data Security Posture Management MSPs Sales Professional](./1secure-dspm.md) + * [Netwrix 1Secure Sales Professional](./1secure-dspm.md) * Data Security Posture Management Solution * [Netwrix Endpoint Protector Sales Professional](./endpoint-protector.md) * [Netwrix Data Security Posture Management Solution Sales Professional](./data-security-posture-management.md) * Directory Management Solution * [Netwrix Directory Management Solution Sales Professional](./directory-management.md) * Endpoint Management Solution + * [Netwrix Change Tracker Sales Professional](./change-tracker.md) * [Netwrix Endpoint Policy Manager Sales Professional](./endpoint-policy-manager.md) * [Netwrix Endpoint Protector Sales Professional](./endpoint-protector.md) + * [Netwrix Endpoint Management Solution Sales Professional](endpoint-management.md) * Identity Management Solution * [Netwrix Identity Manager Sales Professional](./identity-manager.md) + * [Netwrix Platform Governance for NetSuite Sales Professional](./platform-governance-netsuite.md) + * [Netwrix Platform Governance for Salesforce Sales Professional](./platform-governance-salesforce.md) * Identity Threat Detection & Response Solution * [Netwrix PingCastle Sales Professional](./pingcastle.md) * [Netwrix Identity Threat Detection & Response Solution Sales Professional](./identity-threat-detection-response.md) @@ -27,6 +31,3 @@ The following learning paths provide Partner certification for Sales Professiona * [Netwrix Endpoint Policy Manager Sales Professional](./endpoint-policy-manager.md) * [Netwrix Password Secure Sales Professional](./password-secure.md) * [Netwrix Privileged Access Management Solution Sales Professional](./privileged-access-management.md) -* Additional Products - * [Netwrix Platform Governance for NetSuite Sales Professional](./platform-governance-netsuite.md) - * [Netwrix Platform Governance for Salesforce Sales Professional](./platform-governance-salesforce.md) \ No newline at end of file diff --git a/docs/partner/sales/privileged-access-management.md b/docs/partner/sales/privileged-access-management.md index 0af0a415f9..b20c58e0b8 100644 --- a/docs/partner/sales/privileged-access-management.md +++ b/docs/partner/sales/privileged-access-management.md @@ -6,20 +6,23 @@ keywords: [training, course, certification, partners, sales, endpoint policy man description: "Become a certified Sales Professional for Netwrix Privileged Access Management" --- -import { Company, NEPM, NPWS, NPS } from '@site/src/training/products'; +import { PAMIntro } from '@site/src/training/privileged-access-management'; +import { Company, NPWS, NPS } from '@site/src/training/products'; This learning path grants certification as a Sales Professional for this solution. The following products comprise this solution: -* * * It contains the following course:  -* Introduction to the Netwrix Solution for Privileged Access Management (PAM) +* 1985 Introduction to Privileged Access Management Solution +* Introduction to the Solution for Privileged Access Management (PAM) -## Introduction to the Netwrix Solution for Privileged Access Management (PAM) + + +## Introduction to the Solution for Privileged Access Management (PAM) This course will cover the Privileged Access Management (PAM) solution — a unified, powerful approach to securing privileged accounts, credentials, and endpoints across your organization. diff --git a/docs/passwordsecure/9.3/configuration/_category_.json b/docs/passwordsecure/9.3/configuration/_category_.json new file mode 100644 index 0000000000..9843cc2a8e --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Configuration", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "configuration" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/_category_.json new file mode 100644 index 0000000000..09f5c3ea34 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "Advanced View", + "position": 20, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/_category_.json new file mode 100644 index 0000000000..32dfd95a1c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Client Module", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "client_module" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/_category_.json new file mode 100644 index 0000000000..ae7e02e7ab --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Applications", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "applications" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/applications.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/applications.md new file mode 100644 index 0000000000..8465dc9cdd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/applications.md @@ -0,0 +1,110 @@ +--- +title: "Applications" +description: "Applications" +sidebar_position: 80 +--- + +# Applications + +## What are applications? + +Applications can be used to configure automated logins to various systems. Especially when combined +with various protective mechanisms, the company benefits in terms of security because complex +passwords are automated and entered in the login masks in concealed form. Various types are +available, such as Remote Desktop (**RDP**), Secure Shell (**SSH**), general applications (**SSO**) +and web applications. The Single Sign On Engine offers countless configuration options to enable +automatic logon to almost any kind of software. + +![applications module](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_1-en.webp) + +- Automatic logins to websites are covered by the + [Autofill Add-on](/docs/passwordsecure/9.3/configuration/autofilladdon/autofill_add-on.md). + +## The four types of applications + +Netwrix Password Secure varies between four different types of applications: RDP, SSH, SSO and web +applications. + +![new application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_2-en.webp) + +In terms of how they are handled, **RDP and SSH** applications can be covered together. Both types +of application can be (optionally) "embedded" in Netwrix Password Secure. The relevant session then +opens in its own tab in the [Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md). +All other forms of automatic logins are summarized in the **SSO applications** and **web +applications** categories. How exactly these logins are created and used is covered in the next +section and in the web applications chapter. They include all forms of Windows login masks and also +applications for websites. In contrast to RDP and SSH applications, they cannot be started embedded +in Netwrix Password Secure but are instead opened as usual in their own window. These SSO +applications need to be defined in advance. In Netwrix Password Secure, this is also described as +[Learning the applications](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/learning_the_applications.md). In contrast, +RDP and SSH can be both completely defined and also started within Netwrix Password Secure. + +## RDP and SSH + +A new RDP/SSH application can be created via the ribbon or also the context menu that is accessed +using the right mouse button. A corresponding form opens in each case where the variables for a +connection can be defined. + +![new application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_3-en.webp) + +These variables also correspond precisely to those (using the example of RDP here) that can be +configured when creating an RDP connection via “mstsc”. Whether the connections should be started in +a tab, full screen mode or in a window can be defined in the field **"window mode"**. + +## Working with RDP and SSH applications + +If you have created e.g. an RDP connection, this can now also be directly started via the ribbon. +The connection to the desired session can be established via the icon **Establish RDP connection**. + +![estabish RDP](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_4-en.webp) + +Netwrix Password Secure now attempts to log in to the target system with the information available. +Data that are not saved in the form will be directly requested when opening the session. It is thus +also possible to only enter the IP address and/or the password after starting the Netwrix Password +Secure application. If all data has been retrieved, the RDP session will open in a tab – if so +defined (Window mode field in the application): + +![RDP session](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_5-en.webp) + +## Logging in via SSH certificates + +It is also possible to complete the authentication process using SSH certificates. For this purpose, +the certificate is saved as a document in .ppk format. (It may be necessary to firstly approve this +file ending in the settings). The document is then linked to the record via the footer. The record +does not need to have a password. However, it is necessary for the record to be linked to a SSH +application. + +## Linking records and applications + +The application defines the requirements for the desired connection and also optionally for the +target system. By linking records with applications, the complete login process can be automated. If +the record now also supplies the user name and password, all of the information required for the +login is available. Applications and records are linked via the "Start" tab in the ribbon. If this +link to a record is established, a 1-click login to the target system is possible. + +![linking RDP](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_6-en.webp) + +The following example illustrates this process using an RDP connection: + +![RDP Connection](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_7-en.webp) + +A record can also be linked to multiple target systems in this manner. The user name and record are +supplied by the record, while all other information necessary for the login is supplied by the +different applications. In the following example, a record (user name and password) is linked to +multiple access points. + +![multiple access points](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_8-en.webp) + +This is generally a very common scenario. Nevertheless, it should be noted that accessing multiple +servers with one single password is questionable from a security standpoint. It is generally +recommended that a unique password is issued for every server/access point. + +NOTE: It is possible to leave the **IP address** field empty in the application. If an **IP +address** field exists in the linked record then this address will be used. If there is also no IP +address in the record, a popup window will appear in which the desired IP address can be entered +manually. + +Alternatively, it is possible to connect several records with one RDP connection. In this way, you +can combine different users with an RDP connection and register them straightforward. + +![connect RDP sessions](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_9-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/_category_.json new file mode 100644 index 0000000000..c7ac80dfd9 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Example Applications", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "example_applications" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/example_applications.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/example_applications.md new file mode 100644 index 0000000000..80db8b01ba --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/example_applications.md @@ -0,0 +1,11 @@ +--- +title: "Example Applications" +description: "Example Applications" +sidebar_position: 40 +--- + +# Example Applications + +In this section you'll find examples for applications. + +- [SAP GUI logon - SSO Application](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/sap_gui_logon_-_sso_application.md) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/sap_gui_logon_-_sso_application.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/sap_gui_logon_-_sso_application.md new file mode 100644 index 0000000000..f145ce0241 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/exampleapplications/sap_gui_logon_-_sso_application.md @@ -0,0 +1,42 @@ +--- +title: "SAP GUI logon - SSO Application" +description: "SAP GUI logon - SSO Application" +sidebar_position: 10 +--- + +# SAP GUI logon - SSO Application + +## Fundamental information + +Logging into SAP can be achieved via the usage of +[Start Parameter](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/start_parameter.md). The +prerequisite here is for the login process to be carried out via the "SAPshortcut". All available +parameters are listed in the [SAP-Wiki](https://wiki.scn.sap.com/wiki/display/NWTech/SAPshortcut). + +Form Firstly, a [Forms](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/forms.md) should be created with the required fields. This +could look like this: + +![SAP form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/examples/sap/sap_gui_logon_1-en.webp) + +## Record + +A corresponding record is then created via the form: + +![SAP record](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/examples/sap/sap_gui_logon_2-en.webp) + +## Application + +A corresponding SSO application now needs to be created. + +![SAP Application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/examples/sap/sap_gui_logon_3-en.webp) + +## Link + +The record now needs to be linked with the application. To do this, open the context menu by right +clicking on the record. The previously created application can then be selected here via +**Applications** and **Connect application**. + +![link record/application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/examples/sap/sap_gui_logon_4-en.webp) + +The link is then displayed in the ribbon. Clicking on the link will now open SAP, whereby the +parameters for logging in to the application are directly transferred. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/_category_.json new file mode 100644 index 0000000000..542da12aad --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Learning the applications", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "learning_the_applications" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/learning_the_applications.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/learning_the_applications.md new file mode 100644 index 0000000000..9acaa59f9e --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/learning_the_applications.md @@ -0,0 +1,89 @@ +--- +title: "Learning the applications" +description: "Learning the applications" +sidebar_position: 10 +--- + +# Learning the applications + +## Which applications need to be learned? + +As already indicated in the previous section, RDP and SSH applications are completely embedded in +Netwrix Password Secure. These applications thus do not need to be specially learned. All other +applications in Windows need to be learned once. + +## What does learning mean? + +The record contains the user name and password. Learning involves defining the steps required. The +result is equivalent to a script that defines where precisely the login data should be entered. In +Netwrix Password Secure, the completed instructions themselves are also known as an "application". + +## Relevant rights + +The following options are required. + +### User right + +- Can add new RDP applications +- Can add new SSH applications +- Can add new SSO applications +- Can add new web applications + +## Configuration + +First, a new SSO application is created via the ribbon. + +![new sso application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_1-en.webp) + +Various properties for the application can now be defined in the tab that opens. The fields **Window +title**, **Application** and **Application path** are not manually filled. This is done via the +**Create application** button in the ribbon: + +![new sso application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_2-en.webp) + +A crosshair cursor now appears. It enables the actual "mapping" or assignment of the target fields. +You can see the field assignment for the user name below using a login to an SQL server as an +example. All of the other fields that should be automatically entered are assigned in the same way. +The process is always the same. You select the field that needs to be automatically filled and then +decide which information should be used to fill it. + +![mapping fields](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_3-en.webp) + +In parallel to the previous step, all of the already assigned fields will be displayed on the right +edge of the screen. In this example, the VMware vSphere Client has a total of 4 assigned fields: IP, +user name, password and clicking the button to subsequently confirm the login. + +![connected fields](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_4-en.webp) + +NOTE: "Graphical recognition:" The graphical recognition function provides additional protection. It +can be used to define other factors for the SSO. An area is defined that then serves as the output +for the comparison (e.g. for login masks with an image). In order to activate the graphical +recognition function, click on the eye at the top right after assigning the fields! The area that +will serve as the output point is then marked. + +Once you have assigned all of the fields, you can exit the application process using the enter +button. The fields "Window title", "Application" and "Application path" mentioned at the beginning +are now automatically filled. + +![filled fields](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_5-en.webp) + +As you can see, the .exe file is directly referenced. If the application is saved to the same +storage location for all users, it can then also be accessed by all other users. + +## Linking records with applications + +In the [Passwords](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md), the newly created application can now be directly +linked. To do this, mark the record to be linked and open the "Connect application" menu in the +"Start" tab via the ribbon. This will open a list of all the available applications. It is now +possible here to link to the previously created application "VMware". + +![connect application with record](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_6-en.webp) + +When the link has been established, this application can then be directly started via the ribbon in +future. Pressing the button directly opens the linked application. + +![start application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/learning_the_applications_7-en.webp) + +**CAUTION:** With respect to permissions, applications are subject to the same rules as for +passwords, roles or documents. It is possible to separately define which group of users is permitted +to use each application. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/start_parameter.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/start_parameter.md new file mode 100644 index 0000000000..ee8140d3f6 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/learningtheapplications/start_parameter.md @@ -0,0 +1,77 @@ +--- +title: "Start Parameter" +description: "Start Parameter" +sidebar_position: 10 +--- + +# Start Parameter + +## Start parameters for SSO applications⚓︎ + +Start parameters can be defined when creating or editing an SSO application. These parameters are +immediately transferred when starting the application. This is done, for example, to directly start +the program with various basic settings. The corresponding parameters should be requested from the +manufacturer of the software or taken from the documentation. + +## Configuration of the parameters⚓︎ + +The parameters can be directly entered in the application in the corresponding field. Alternatively, +a configuration window is also available for this purpose. + +![parameters applications](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/start_parameter/start_parameter_1-en.webp) + +The required elements can be moved here from the right side to the left side by drag & drop. + +![edit parameters](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/start_parameter/start_parameter_2-en.webp) + +Different categories are available here: + +In the **Parameter** category, only the parameter descriptions **Field name** or **Parameter** are +available. These then need to be manually supplemented. The parameters in the **Field name** +category can directly address the fields, meaning directly transfer the field names. Example In this +example, the following start parameter have been defined for the Salamander application: + +- **L** (for folder path in the left column) +- **R** (for folder path in the right column) + +For both parameters, the password fields with the names "Left Path" and "Right Path" are then +transferred in each case. + +![enter parameter](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/start_parameter/start_parameter_3-en.webp) + +The application is then linked with the following password: + +![linked password parameter](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/learning_the_applications/start_parameter/start_parameter_4-en.webp) + +When the Salamander application is started, the placeholder is replaced by the field names. +Therefore, instead of + +**-L `{field:Left Path}` -R `{field:Right Path}`** + +the following start parameters are transferred: + +**-L "C:\Projekte\" -R "C:\Ablage\Projekte"** + +## Placeholder for fields⚓︎ + +Fields can be added via certain placeholders based on their type or their name. The easiest way to +do this is using the configuration window described above. + +| Field type | Placeholder | +| ----------------------- | ----------------- | +| Text | `{Text}` | +| Password | `{Password}` | +| Date | `{Date}` | +| Check | `{Check}` | +| URL | `{Url}` | +| Email | `{Email}` | +| Phone | `{Phone}` | +| ​List | `{List}` | +| Header | `{Header}` | +| Multiline text | ​`{Memo}` | +| Multiline password text | ​`{PasswordMemo}` | +| Integer | `{Int}` | +| Floating-point number | `{Decimal}` | +| User name | `{UserName}` | +| ​IP address | `{Ip}` | +| Enter field name | `{field:name}` | diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/_category_.json new file mode 100644 index 0000000000..82ef1e3691 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "RDP and SSH Applications", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "rdp_and_ssh_applications" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/rdp_and_ssh_applications.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/rdp_and_ssh_applications.md new file mode 100644 index 0000000000..b90b6ac47a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/rdp_and_ssh_applications.md @@ -0,0 +1,49 @@ +--- +title: "RDP and SSH Applications" +description: "RDP and SSH Applications" +sidebar_position: 20 +--- + +# RDP and SSH Applications + +**RDP and SSH applications** can be used "embedded" inside Netwrix Password Secure. Starting one of +those applications opens a new tab inside Netwrix Password Secure. + +## Creating RDP and SSH Applications + +A new RDP or SSH application can be created via the ribbon or the context menu. The corresponding +form appears in which you define the variables for a connection. + +![new rdp application](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/rdp_and_ssh_applications_1-en.webp) + +These variables correspond exactly to those that can be configured (here using the RDP example) when +creating an RDP connection via "mstsc". The window mode defines whether the connection should be +started in a tab, in full screen mode or in a separate window. + +## Working with RDP and SSH Applications + +For example, if you have created an RDP application, you can start it directly from the ribbon. With +the icon "Establish RDP connection" the connection to the desired session will be established. + +![establish RDP](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/applications_4-en.webp) + +Netwrix Password Secure now tries to log in to the target system with the available information. All +missing information will be requested directly after the connection is established. It is therefore +also possible to enter the IP address and/or password after starting the application. + +![RDP connection](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/rdp_and_ssh_applications_3-en.webp) + +## Login via SSH certificates + +It is also possible to use SSH-certificates for authentication. For this purpose, the certificate is +stored as a document in .ppk format. The document is then linked to the data record via the footer. +The data record does not have to contain a password, but it must be linked to an SSH application. + +NOTE: The file extension may first have to be enabled via the settings. + +## Keyboard shortcuts + +Netwrix Password Secure supports various +[Keyboard shortcuts](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/keyboard_shortcuts.md). For +example transferring user name and password to the corresponding application. However, it should be +noted that this only works if the application is opened directly from Netwrix Password Secure diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/recording_a_session.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/recording_a_session.md new file mode 100644 index 0000000000..1813418aab --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/rdpandsshapplications/recording_a_session.md @@ -0,0 +1,77 @@ +--- +title: "Recording a session" +description: "Recording a session" +sidebar_position: 10 +--- + +# Recording a session + +## What is session recording? + +Session recording can be used to make a visual recording of RDP and SSH sessions. These recordings +can then be subsequently viewed and evaluated. In this context, it is also possible to limit this +functionality so that only the user themselves or an assigned person e.g. security officer can view +and evaluate these recordings. + +![notifications modul](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/notifications_1-en.webp) + +## Relevant rights + +The following options are required to manage sessions for an application. + +### User right + +- Can manage recordings for an application + +NOTE: Please note that session recording uses disk space in the database. Although the way the +recordings are saved is efficient in terms of resources, the required amount of disk space varies +greatly depending on the content. The more that is done during the recorded session, the higher the +disk space usage. + +Session recording firstly needs to be activated for the relevant RDP or SSH application before it +can take place. + +RDP + +![activating session recording](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/recording_a_session_2-en.webp) + +SSH + +![activating session recording](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/recording_a_session_3-en.webp) + +If the setting has been activated, the recording will start automatically the next time a connection +is established. + +NOTE: The recordings are already streamed to the server and saved into the database during the +recording process. Therefore, no recordings are lost even if the connection is terminated. They are +immediately saved until the connection is terminated or until the end of the session. + +## Viewing the session recordings + +If recordings exist for an application, these can be called up and viewed in the Applications +module. + +![viewing session recording](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/recording_a_session_4-en.webp) + +It is possible to search the session recordings using the filter as usual. It is also possible here +to limit the search results based on the date and user. In the section on the right, it is also +possible to further filter the searched list based on all column contents. + +![session records](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/recording_a_session_5-en.webp) + +Once a session recording has been selected, a new tab will open in which you can view the recording. +The function "Skip inactivity" can be activated via the ribbon so that a recording can be +effectively and quickly viewed so as only to see the relevant actions. + +![viewing a session recording](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/recording_a_session_6-en.webp) + +When are indicators set? + +- Mouse click +- Keyboard command + +## Automatic deletion of old recordings + +If desired, recordings can be automatically cleaned up. This option can be configured on the +**Server Manager**. Further information can be found in the section +[Managing databases](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md)s. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/client_module.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/client_module.md new file mode 100644 index 0000000000..a91528d405 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/client_module.md @@ -0,0 +1,46 @@ +--- +title: "Client Module" +description: "Client Module" +sidebar_position: 20 +--- + +# Client Module + +## What are modules? + +Netwrix Password Secure can be customized according to the needs of the users. This requirement can +be applied by the user, and can also be applied by administrative users. This means that everyone +gets only those functionalities that are necessary for his special work. The amount of features +required by an administrator differs significantly from those of a normal user. The **modular +structure** of Netwrix Password Secure supports this approach by showing only those specific areas +that should actually be used by the respective user. + +![modules](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/client_modules_1-en.webp) + +## Visibility of modules + +The modules are the gateway to various features of version 9. Similarly to the features, not all +modules have to be made available to all user layers. The **Visibility of modules** can be defined +individually within the user rights. + +![user settings](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/client_modules_2-en.webp) + +NOTE: The visibility of modules can always be adapted to the needs of individual user groups + +## Sorting modules + +You can access the “Navigation options” via the three dots found at the bottom right end of the +module displayed in the client. You can also find those modules displayed there that you have +permissions to see in accordance with the visibility settings explained previously but which are +hidden e.g. due to the scaling of the size of the client (Application and Password Reset in the +example). + +![sorting modules](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/client_modules_3-en.webp) + +The navigation options enable you to define the maximum number of visible elements and also how they +are sorted. + +![sorting modules](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/client_modules_4-en.webp) + +NOTE: The previously described visibility of the modules is a basic requirement for viewing and +sorting them in the navigation options diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/_category_.json new file mode 100644 index 0000000000..9cf6aada7f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Discovery Service", + "position": 100, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "discovery_service" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/configuration_1.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/configuration_1.md new file mode 100644 index 0000000000..47befb4adc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/configuration_1.md @@ -0,0 +1,109 @@ +--- +title: "Configuration" +description: "Configuration" +sidebar_position: 20 +--- + +# Configuration + +## The Discovery Service module + +When this module is opened in Netwrix Password Secure, **there are no entries displayed in the +Discovery Service** module at the beginning. The entries need to be generated using a +[System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md). + +![discovery service entries](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/configuration/configuration_ds-1-en.webp) + +Once a **System Task** has been completed, the data discovered during the search is listed in a +table: + +![discovery service entries](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/configuration/configuration_ds-2-en.webp) + +NOTE: The information can be grouped together using the column editor. + +## Network Scan + +A **Discovery Service Task** is used to add a new [Discovery Service](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovery_service.md) and +is then correspondingly configured for a **Network Scan**. Depending on the configuration of the +**Network Scan**, the following types are discovered: + +- Service accounts +- Active Directory users +- User accounts + +## Configuration of a Discovery Service Task + +To collect data for the **Discovery Service**, the **Discovery Service Task** needs to be +correspondingly configured for a **Network Scan**. + +### General and overview + +The following image shows a newly added **Discovery Service Task**. + +![new discovery task](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/configuration/configuration_ds-3-en.webp) + +1. Shows information about the **Discovery Service Task**. +2. In the **General** section, the name of the **Discovery Service Task** is entered (optionally + with a description). The Status is always set to **Activated** by default but it can also be set + to **Deactivated** in the configuration. +3. The **Overview** shows the activities of the **Discovery Service Task**: Last run: shows the date + it was last run. Next run: shows the date of the next run. + +## Task settings + +Password: + +1. User name field: Type +2. Password field: Type Multiple password field —> field 1. is used. + +This section is used for special entries for the **Discovery Service Task**. After it has been +finished, the **Network Scan** scans the **network** according to these guidelines. + +![task settings](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/configuration/configuration_ds-4-en.webp) + +1. **Password** and **Computer scan variants**: The required password must already have been issued + and it requires corresponding rights for the domain. Active Directory computer: Only those + computers that are in Active Directory are scanned (there is also the option of using it + individually or pinging the network). Ping network: A network filter for the configuration of the + network is displayed. +2. **Network filter**: This defines the network to be scanned: either using an IP range or an IP + network address. Range: The start IP address and end IP address for the range on the network are + entered here Network: The network address and corresponding subnet mask for the network are + entered here +3. **Domain**: The domain to be used for the **network scan** is entered here. In addition, you can + select that only computers in the entered domain are scanned. A name resolution should work for + this purpose. +4. **Scan configuration**: The Network Scan for the configuration of Active Directory is defined + here. Select from either **Active Directory user of services** or **Active Directory user**. The + second section defines the scan configuration for the local computer. Select from either Local + user of services or _Local user_. + +**CAUTION:** The system executing the scan – on which the Server Manager is installed – is not +scanned! + +## Interval / Executing server / Tags + +This section is used to enter information about the start of the task and other additional +information. + +![Interval / Executing server / Tags](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/configuration/configuration_ds-5-en.webp) + +1. **Interval**: The interval at which the **Discovery Service Task** should be executed is defined + here. The default setting is hourly, one year after adding the **Discovery Service Task**. The + interval can be adjusted in minutes or set to be executed only once (optionally with an end + date). +2. **Executing server (optional)**: Servers with an Server Manager can be entered here that will be + used to execute the Discovery Service Task if the main server crashes. The Discovery Service Task + is then automatically taken over and executed by the accessible servers on the list. The list is + searched from top to bottom to find an accessible server. +3. **Tags**: The use of tags is described in more detail in the section + [Tag manager](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/tag_manager.md). A special tag can be + entered here for the **Discovery Service Task**. + +After the **Discovery Service Task** has been configured, a connection test is performed when the +configuration is saved. The system then indicates whether the configuration is correct or faulty. +Depending on the message, the **Discovery Service Task** may need to be amended. + +**CAUTION:** The **default setting** for the **Discovery Service Task** after it has been saved is +**Activated!** It will **immediately actively** scan the network for data. This data is **read** but +not amended! diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/converting_entries.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/converting_entries.md new file mode 100644 index 0000000000..7643e359de --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/converting_entries.md @@ -0,0 +1,163 @@ +--- +title: "Converting entries" +description: "Converting entries" +sidebar_position: 40 +--- + +# Converting entries + +An important element for the **Discovery Service** is the **Conversion Wizard**. It processes the +discovered **entries** and then creates corresponding **passwords** and **Password Resets**. + +The **Conversion Wizard** is started in the Start ribbon and it is also possible to switch here to +the **System Tasks**. + +![ribbon](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_1-en.webp) + +After the **Discovery Service Task** has been successfully executed, the entries are available in +the **Discovery Service**. Further processing of the entries is then carried out using the +**Conversion Wizard**. For processing in the **Conversion Wizard**, the network is scanned for the +following types: + +1. Discovered type: Service +2. Discovered type: Active Directory user +3. Discovered type: User account + +!! hint Only those **services are recorded** to which at least one **AD user** or **user account** +can be assigned! Only **AD users** and **user accounts** to which **at least one service** can be +assigned are recorded. + +## Execution + +In the **Discovery Service** table, the user selects the entries for which he wants to add a +**Password Reset** or **password**. The user then clicks on the **Conversion Wizard** and the +**Discovery Service Conversion Wizard** opens for further editing. + +![data selection](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_2-en.webp) + +1. A **Discovery Service Task** first needs to be selected. This determines the context in which the + new data will be created (for a new **Password Reset**, the **password for the domain + administrator** for the task will be used as the executing user. In addition, only those + **Discovery Service Task entries** that are also discovered by the entered **Discovery Service + Task** will be used for the conversion). +2. The discovered entries will be displayed in this column with the **services** for which the user + has been entered. +3. This column shows the **discovered type** for the entry. +4. This column shows already existing passwords in Netwrix Password Secure that match the discovered + **Active Directory user** or **user account**. It is possible to select here which password can + be used when creating a **Password Reset** (it is then used as the only password linked to the + Password Reset). Alternatively, these passwords can also be newly created. + +NOTE: Logically, **every root node** corresponds to **one user** and all of its associated data +(e.g. services). A **Password Reset** is created later for **every user** and its associated data. + +The following image shows the options **add new password** or retain **existing password**. + +![associated password](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_3-en.webp) + +In addition, the **organisational unit** in which the existing password is located is displayed. + +## Settings + +The **Password Reset** is configured in the **Settings Ribbon**. + +![reset setting](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_4-en.webp) + +The **settings** will be described in more detail below: + +1. The organisational unit in which the **Password Reset** should be created is entered here. In + addition, a template for the rights inheritance can be entered here. +2. The **responsible user** for the **password** is entered here. A special tag can be set here. +3. Adding a **Password Reset** Option 1: **Do you also want to add a Password Reset?** Adds a + **Password Reset** If **option 1** is not selected, the following options are not displayed. +4. Setting for executing a **Password Reset** Option 2: **(Execute Password Resets immediately after + they are created)** means that the **Password Reset** will be executed as soon as you click on + **Finish**. +5. The **responsible user for the Password Reset** is entered here. +6. Various **triggers for the Password Reset** can be selected here. + +**CAUTION:** After clicking on **Finish**, the **Password Resets** will be **immediately executed** +and the **passwords changed!**. This also applies to **Windows passwords!** + +If option 1: **Do you also want to add a Password Reset?** is not selected, \*steps 4, 5 and 6 are +not displayed for configuration. + +![password reset option](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_5-en.webp) + +NOTE: After clicking on **Finish**, one or more **passwords will be created** but **no corresponding +Password Resets will be created!** + +## Assignment (Active Directory user) + +In the **Assignment (Active Directory user)** Ribbon, the discovered data for the **Discovery +Service entries** is transferred to a password form. + +The following images shows the **Assignment (Active Directory user)** Ribbon + +![Assignment (Active Directory user)](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_6-en.webp) + +### Description + +1. An **Existing form** can be selected or a **New form** with names can be added +2. The **discovered properties** are displayed here +3. The **properties** are \*assigned to the form fields here + +### "Existing form" selected + +![Assignment of the form field](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_7-en.webp) + +### Procedure + +1. An **Existing form** is selected here +2. The **assignment** to the fields is carried out here Important assignments are **Type: General** + and **Type: Password Reset**. An amendment can be carried out here + +### "New form" selected + +![New Form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_8-en.webp) + +### Converting Procedure + +1. A name for the **New form** needs to be entered here +2. The discovered entries are **automatically** assigned as standard Important assignments are + **Type: General** and **Type: Password Reset**. An amendment can be carried out here + +### Summary + +A brief overview of the actions that will be carried out with the added configuration is displayed +in the **Summary** Ribbon. These actions will then be carried out if you click on **Finish**. + +![summary](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_9-en.webp) + +## Confirmation prompt + +An important aspect of Netwrix Password Secure V8 is the **security** of passwords on systems. In +the **Discovery Service**, a **security measures** is thus triggered at the **last step** for +creating **Password Resets**. If the option **Execute Password Resets immediately after they are +created** is used in the configuration, the **selected passwords** are immediately changed after +clicking on **Finish**. + +**CAUTION:** **If you are not paying careful attention, this could have inconvenient consequences.** + +**Security level 1:** An **Important note** is displayed in the **Summary** after clicking on +**Finish**. + +**CAUTION:** **Please observe the note and read it through carefully!** + +An **Overview** of which actions will be carried out is displayed for the user together with this +note. The user can then still decide to **Cancel** the process. If you click on **OK**, an +**additional confirmation warning** will be displayed. + +![important note](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_10-en.webp) + +**Security level 2:** + +Another **confirmation prompt** highlights that it is important to understand what you are about to +do. It will no longer be possible to reverse the actions afterwards! + +**CAUTION:** **Last chance to cancel the execution!** + +![securtiy warning](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/converting_entries/converting_entries_11-en.webp) + +After **entering the displayed number** and **confirming with OK**, the process is **executed +immediately** and the **Password Resets** are carried out and the **associated passwords changed**. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/created_passwords.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/created_passwords.md new file mode 100644 index 0000000000..5cb0fb12aa --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/created_passwords.md @@ -0,0 +1,40 @@ +--- +title: "Created passwords" +description: "Created passwords" +sidebar_position: 50 +--- + +# Created passwords + +After clicking on **Finish**, the **passwords** and the **Password Resets** (in accordance with the +selected options) are created for the entries. A **password** and a **Password Reset** are explained +in the following example. + +## Password + +![password list](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/created_password/created_passwords_1-en.webp) + +1. The name of the created password +2. General data about the password +3. Data about the password created from the form (existing or new) + +## Password Reset + +Another password is created in the **Password Reset module** and is required for an associated +**Password Reset**. + +![password reset list](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/created_password/created_passwords_2-en.webp) + +Points 1-7 are described below: + +1. The name of the Password Reset +2. Overview of the password +3. General +4. The data for the trigger are displayed here +5. The scripts for the passwords to be changed are displayed here +6. The associated password that will be reset using the Password Reset +7. The validity is shown here (if one has been entered) + +This data can then be used to create a **Password Reset** for the user for the discovered +**Discovery Service entry**. The **Password Reset** is activated via the corresponding trigger that +has been set. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/deleting_entries.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/deleting_entries.md new file mode 100644 index 0000000000..a05b5d4992 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/deleting_entries.md @@ -0,0 +1,51 @@ +--- +title: "Deleting entries" +description: "Deleting entries" +sidebar_position: 60 +--- + +# Deleting entries + +After creating an automatic **Password Reset** via the **Conversion Wizard**, the data is no longer +required and can be deleted. The discovered entries have a **link** to the relevant **Discovery +Service Task** that was executed and can be found and displayed using the filter function. + +## Deletion process + +The discovered data in the **Discovery Service** cannot simply be deleted and removed from the +**Discovery Service entries**. As the entries have a **link to the Discovery Service Task**, it is +necessary to delete the discovered entries via the **Discovery Service Task** that was created. If +entries were discovered using a joint **Discovery Service Task**, it is not possible to simply +delete them. This is the case if two different users have carried out a scan on the same area. If +you delete one of the two **Discovery Service Task**, only the entries that had a single link to +this **Discovery Service Task** will be deleted. The entries for the other **Discovery Service +Task** will be retained and must be deleted via the associated **Discovery Service Task**. You can +find out which **Discovery Service Task** found a particular entry by selecting the entry via the +**Conversion Wizard**. + +![Conversion Wizard.](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/deleting_entries/deleting_entries_1-en.webp) + +## Deleting entries by changing the settings in the System Task + +If the IP range for an existing **Discovery Service Task** is changed and the **Discovery Service +Task** is then executed for this new IP range, the previously discovered entries from the previous +executed **Discovery Service Task** will be deleted from the **Discovery Service**. If you want to +carry out a **Discovery Service Task** for a different IP range, you should create a new **Discovery +Service Task**. This will prevent any already discovered entries from being deleted. However, if the +existing entries are no longer required, you can delete them by using the same **Discovery Service +Task** with a different IP range. + +1. Task B only scans the IP address: 192.168.150.1 +2. Only the entries for the IP address 192.168.150.1 are discovered +3. Task A is changed and now scans the IP address:192.168.150.2 +4. Result: +5. Only the entries from the IP address 192.168.150.2 are discovered +6. Entries for IP address 192.168.150.1 are deleted +7. Exception: +8. Task B scans the IP address: 192.168.150.1 +9. The same entries for IP address 192.168.150.1 are discovered as for 1. +10. A new scan using Task A with a different IP address 192.168.150.2 will not delete the data from + Task B + +NOTE: The **Password Resets** and **passwords** created using the **Conversion Wizard** are not +deleted when the **Discovery Service Tasks** are deleted. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovered_entries.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovered_entries.md new file mode 100644 index 0000000000..d56f9fb6f3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovered_entries.md @@ -0,0 +1,85 @@ +--- +title: "Discovered entries" +description: "Discovered entries" +sidebar_position: 30 +--- + +# Discovered entries + +The entries for the **Discovery Service** are discovered using a **Discovery Service Task**. It can +take some time for all the data on the systems for the entered IP network to be collected. This can +be easily recognized by the **blue arrow** symbol on the **Discovery Service Task** and a +corresponding message is also shown in the General display. Once the **Discovery Service Task** has +been completed, the data will be shown in the **Discovery Service module**. + +![new discovery service task](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/discovered_entries/discovered_entries_1-en.webp) + +The **Discovery Service Task** needs to be carefully configured. The configurable sections are +described below. + +1. **Discovery Service Task**: Display of the status: this can be updated in the preview and logbook + using the F5 button. Red hand: Deactivated Blue arrow: Activated and being executed Boxes: + Corresponds to the assigned tag +2. **General**: The latest information about the **Discovery Service Task** is shown here. A + **message** will be shown to indicate an active **Discovery Service Task**. +3. **Overview**: Current data for the **Discovery Service Task** about its progress and subsequent + executions are shown here. +4. **Logbook**: The **logbook** can be found in the **footer** of the **Discovery Service Task**. + The latest activities carried out by the **Discovery Service Task** are shown here. + +NOTE: The **data** is **not kept up-to-date while the task is being executed** and does not always +show the latest status. Therefore, the data should be regularly **updated** using the **F5 button**! + +## Using the Discovery Service entries + +The successful execution of a **Discovery Service Task** is a requirement for the **Discovery +Service entries**. The discovered data is listed in table form in the **Discovery Service module** +and can be correspondingly organized using the **Discovery Service System Task** filter. + +![discovery service entries](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/discovered_entries/discovered_entries_2-en.webp) + +In this section, the **Discovery Service entries** that were discovered by the **Discovery Service +Task** and selected for the **Conversion Wizard** are displayed. + +## Multiple selection of Discovery Service entries + +If multiple entries are selected for a **Password Reset**, a corresponding number of **passwords** +and **Password Resets** need to be added in the **Conversion Wizard**. Depending on the entries +selected (service, Active Directory user, user account), it is necessary to carry out corresponding +**assignments** in the **Conversion Wizard** for the **passwords**. + +![Discovery service conversion wizard ](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/discovered_entries/discovered_entries_3-en.webp) + +Every line must be connected to a **password** in the end. Therefore, it is necessary to carry out +an assignment process in the **Conversion Wizard** for every entry. + +![Discovery service conversion wizard ](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/discovered_entries/discovered_entries_4-en.webp) + +For **Active Directory users**, it is possible to assign an existing **password**. + +NOTE: The subsequent process is carried out in the same way as when only one **Discovery Service +entry** is selected. + +## Filter settings + +A good filter is required for processing the discovered data. A **filter that has been adapted for +this purpose** is available for processing the entries in the **Discovery Service module**. The +options in the **filter** are described below: + +![Filter for discovered data](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/discovered_entries/discovered_entries_5-en.webp) + +Description of the **filter with the special options for the Discovery Service entries**: + +1. **Discovered type**: The discovered entries can be filtered here according to their type. +2. **Discovered system is resettable**: Indicates whether a Password Reset can be created from the + discovered data. +3. **Relevance**: Grading the importance of the discovered system. A high relevance means that + multiple services have been discovered for an Active Directory user or user account. Less + important: Exactly one service was found Important: Two to nine services were found Very + important: 10 or more services were found If a Password Reset has already been created, the + relevance is downgraded to less important. +4. **Transferred as password**: Indicates whether a password can be created via the Conversion + Wizard +5. **Transferred as Password Reset**: Indicates whether a Password Reset can be created via the + Conversion Wizard +6. **Discovery service system tasks**: The entries are filtered here based on the System Task. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovery_service.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovery_service.md new file mode 100644 index 0000000000..d9dc37f534 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/discovery_service.md @@ -0,0 +1,37 @@ +--- +title: "Discovery Service" +description: "Discovery Service" +sidebar_position: 100 +--- + +# Discovery Service + +## The problem + +**Service accounts** are used on most networks. These accounts are used, for example, to carry out +certain services. It is not uncommon for **one and the same password** to be used here for multiple +accounts. Manually changing these passwords is extremely time consuming. Therefore, this process is +often ignored for reasons of convenience. + +The result is that the same outdated passwords are often used for many **security-critical access +points**. This naturally represents a **severe security risk** and leaves the door wide open for any +attacker who gains access to just one of the passwords! + +## The solution + +Netwrix Password Secure offers the solution to this problem: The security of the network can be +significantly increased using a combination of **Discovery Service** and **Password Reset**. The +complete network can be scanned with the aid of **Discovery Service**. This process searches for +both local user accounts and also Active Directory users. In addition, Password Resets are also +established via which the passwords for the accounts discovered during the search can be reset. + +## Functionality + +The **Discovery Service** process can be split into three logical steps: + +- A **Discovery Service Task** is added that searches for data on the network. This can be executed + once or cyclically and runs in the background. +- After the task has been executed successfully, the data discovered during the search is displayed + in the **Discovery Service module** (e.g. Windows users, services, etc.). +- **Passwords** or **Password Resets** can then be generated from the data discovered during the + search. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/logbook_1.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/logbook_1.md new file mode 100644 index 0000000000..4b3f96ed0d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/logbook_1.md @@ -0,0 +1,44 @@ +--- +title: "Logbook" +description: "Logbook" +sidebar_position: 70 +--- + +# Logbook + +The logbook in the footer of the **Discovery Service Task** is extremely helpful for checking the +**Discovery Service Task**. Information about the progress of the **Discovery Service Task** is +displayed here. The data is displayed both in the **footer** and also in the **logbook module** +(although in more detail here). To display the footer, the user requires the **user right**: Global +settings in the [User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md) in the category: +"Footer area" - "Show logbook in the footer area (activated)" + +## Show in footer + +![logbook in footer](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/logbook/logbook_ds-1-en.webp) + +The following **events** are displayed in the **logbook for the footer** and in the **logbook +module**: + +1. New +2. Change +3. Execute +4. Execution completed +5. Error during execution + +If an error occurs during the execution of the **Discovery Service Task**, this is also shown n the +**logbook for the footer** with **additional information** about the error. + +![ logbook for the footer](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/logbook/logbook_ds-2-en.webp) + +## Display in the logbook + +In general, the **logbook module** displays more detailed information about the **Discovery Service +Task**. The [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md) can be used to select which data +is displayed. The same **events** as for the footer for the **Discovery Service Task** are also used +here. + +![logbook entries](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/discoveryservice/logbook/logbook_ds-3-en.webp) + +The column editor can be used to arrange and display the data in the table according to their +importance. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/requirements.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/requirements.md new file mode 100644 index 0000000000..bcb85dff67 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/discoveryservice/requirements.md @@ -0,0 +1,65 @@ +--- +title: "Requirements" +description: "Requirements" +sidebar_position: 10 +--- + +# Requirements + +## Relevant rights + +The following options are required to use the discovery service: + +### User rights + +- Show discovery service module +- Can manage discovery service system tasks + +## Discovery Service Requirements + +One requirement for the **Discovery Service** is data about **Active Directory users**, **user +accounts** and **service accounts**. A **Network Scan** is used to scan the network and collect this +data. Before configuring the **Network Scan**, a password needs to be issued that provides +**access** to the corresponding **server/client** and **services on a network** for collecting the +data. This user should be a member of admin for the corresponding group of domains. Otherwise, you +can use a domain administrator. + +**CAUTION:** A corresponding **password** with **rights** for the **domains** must exist before +adding a **Network Scan**! + +### Password + +- Required for the **authentication** process with the **Active Directory computer**. +- Required for the **authentication** process with the **WMI (Windows Management Instrumentation)** + on the computer to be scanned. + +### Requirements for the network infrastructure + +- The computer to be scanned and AD controller must be accessible via the network. +- The service: “Windows Management Instrumentation” must have been started on the computer to be + scanned (carried out by Windows as standard). +- Help section for starting the service: + [Microsoft Website](https://msdn.microsoft.com/de-de/library/aa826517(v=vs.85).aspx) +- The firewall must not block WMI requests (not blocked as standard). +- Help section for configuring the firewall: + [Microsoft Website](https://msdn.microsoft.com/de-de/library/aa822854(v=vs.85).aspx) + +NOTE: Only **IPv4 addresses** can currently be scanned. + +### Open ports for the scan (necessary) + +LDAP: Port 389(TCP,UDP) RPC/WMI: Port 135(TCP) (Windows Server 2008, Windows Vista and higher +versions) – port 49152-65535 (TCP) or a static WMI port (Windows 2000, Windows XP and Windows +Server 2003) – port 1025-5000 (TCP) or a static WMI port + +### Computer name (Hostname) + +1. IP address: Indicates the IP address for the element discovered during the scan – meaning where + it was found (the IP address of the domain controller in the case of an Active Directory user). +2. Computer name and associated IP address: The computer name is first requested on the **DNS + server** for the domain. The computer name returned by the server also contains the domain names + as a postfix (e.g. Client01.domain.local). If there is no entry on the domain for the requested + IP address, the computer name is determined via **NetBIOS**. The domain name is not displayed on + the computer (e.g. Client01). In Netwrix Password Secure V8, the **DNS request** is the preferred + function for determining the computer name. If no result is delivered, a request via **NetBIOS** + is made. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/documents.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/documents.md new file mode 100644 index 0000000000..e16062b535 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/documents.md @@ -0,0 +1,67 @@ +--- +title: "Documents" +description: "Documents" +sidebar_position: 20 +--- + +# Documents + +## What are documents? + +Security-critical data does not necessarily need to be in the form of passwords. To enable the +uniform and secure storage of data other than passwords, Netwrix Password Secure version 9 offers +effective tools for the professional handling of sensitive documents and files. The ability to share +documents with others according to their permissions gives you access to the current status of a +document and helps avoid redundancies. The documents module is complemented by a sophisticated +version management system, which records all versions of a document that were saved in the past and +thus enables you to revert back to historical versions. The configuration of visibility is explained +in a similar way to the other modules in one place.. + +![Document modul](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/documents/documents_1-en.webp) + +## Relevant rights + +The following option is required to add new documents. + +## User right + +- Can add new documents + +## Adding documents + +There are two ways to manage documents and files in Netwrix Password Secure v8: + +- **Creating a link**: In this case, only a file that is located locally or on a network drive will + be linked. The file itself is not stored in the database. Neither version management nor the + traceability of changes in the history are possible. +- **Storing the document in the database**: The file becomes part of the encrypted database. It is + saved within the database and can be made available selectively to employees for further + processing in the future based on their permissions. + +![New document](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/documents/documents_2-en.webp) + +## Document selection + +When selecting the file to be uploaded, you can either browse your file system via the Explorer view +or add objects by drag & drop. The latter gives you the possibility to directly import several +documents in one step. + +![searching document](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/documents/documents_3-en.webp) + +## Versioning + +The heart of each document management system is the ability to capture and archive changes to +documents or files. All versions of a document can be compared with each other and historical +versions can be restored if necessary. Netwrix Password Secure provides this functionality via the +history in the ribbon, as well as in the footer area for ​​the detailed view of a document. This can +be used in the same way as the [History](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/history.md). The interplay between the +document-specific event logbook and the history provides a complete list of all information that is +relevant to the handling of sensitive data. Version management can be used to restore any historical +versions of a document. + +NOTE: The file size for a **linked document** can only be updated if the document was opened using +Netwrix Password Secure. + +NOTE: If desired, the document history can be automatically cleaned up. This option can be +configured on the **Server Manager**. Further information can be found in the section Managing +databases. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/_category_.json new file mode 100644 index 0000000000..3b8a4fc8f6 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Forms", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "forms" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/change_form.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/change_form.md new file mode 100644 index 0000000000..045899a013 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/change_form.md @@ -0,0 +1,73 @@ +--- +title: "Change form" +description: "Change form" +sidebar_position: 10 +--- + +# Change form + +## Changing forms + +It is necessary in some cases to change the form for a record. In these cases, this is mostly to +consolidate existing data or to adapt the form to match changes in the data structure. These +functionalities are available under "Extras/Settings" in the ribbon. + +![change form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/change_form_1-en.webp) + +In the following screenshot, you can see the dialogue for "mapping" the form fields from the +previously used form to the new form. In this example, a record that previously belonged to the +"Website" form is being "mapped" to the "Password" form (right). + +![change form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/change_form_2-en.webp) + +The drop-down menu allows you to select the target form. The comparison of current and new form +fields is shown in the lower section. + +- Fields **marked in green** have already been assigned to the new form +- Fields **marked in red** indicate fields that have not been assigned + +### Relevant rights + +The following options are required to change forms. + +### User right + +- Can change form for a password + +**CAUTION:** Please note that information could be lost during this process! In the example, this +applies to the fields "Website" and "Information". + +## The effects of changes to forms on existing records + +In general, changes to forms do not effect existing records. This means that a record that was +created with a certain form will not itself be changed after this form has been adapted/changed. It +remains in its original state. However, there are methods by which changes to forms could be adopted +by existing records. There are two possibilities in this context: + +### How to change forms + +If you press the "Change form" button (as mentioned in the previous section), the already existing +form will be used by default. If this form has been changed in the meantime, the new form field will +be directly shown and adopted after it is saved. + +![New Form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/change_form_3-en.webp) + +### Apply form changes to passwords + +The setting "Apply form changes to passwords" makes it possible to force the change to the form to +be adopted. This becomes effective when editing the record! It is immaterial here whether changes +are being made to the record. Simply re-editing and saving the record will cause the adjustment to +the form. + +### The following permissions/configuration must exist + +- The user that wants to make the change requires the read right to the form +- The "read", "write" and authorize" rights for the record (and the form to be edited) are required. +- Sealed and masked records remain unaffected + +## Conclusion + +A common feature of both variants is that adjustments to forms cannot be automatically triggered. +Already existing records are thus not automatically adjusted. The adjustment thus needs to be +carried out manually. In the first case, the manual step is to use the function "Change form". In +the second case, it is sufficient to simply edit and save the record. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/forms.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/forms.md new file mode 100644 index 0000000000..e151e9c718 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/forms.md @@ -0,0 +1,116 @@ +--- +title: "Forms" +description: "Forms" +sidebar_position: 60 +--- + +# Forms + +## What are forms? + +When creating a new data record, it is always indispensable to query all relevant data for the +intended application. In this context, **Forms** represent templates for the information which have +to be stored. The manageability of existing forms primarily ensures the completeness of the data +which have to be stored. Nevertheless, their use as an effective filter criterion is not to be +ignored! Forms have a lasting impact on working withNetwrix Password Secure v8 and must be managed +and maintained with the necessary care by the administration. + +![form module](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_1-en.webp) + +## Relevant rights + +The following options are required to add new forms. + +### User right + +- Can add new forms +- Display form module + +## Standard forms + +Netwrix Password Secure is supplied with a series of standard forms – these should generally cover +all standard requirements. Naturally, it is still possible to adapt the standard forms to your +individual requirements. + +![forms](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_2-em.webp) + +The associated preview for the form selected in +[List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) appears in the +[Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md). Both the field name and also +the field type are visible. + +## Creating new forms + +The wizard for creating new forms can be started via the ribbon, the keyboard shortcut "Ctrl + N" or +also the context menu that is accessed using the right mouse button. The same mechanisms can now be +used to create new form fields within the wizard. Depending on the selected field type, other +options are available in the **field settings** section. This will be clearly explained below using +the example of the field type "Password". The sequence in which form fields are requested when +creating new records corresponds to the sequence within the form. This can be adapted using the +relevant buttons in the ribbon. + +![Creating new forms](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_3-en.webp) + +The following field settings thus appear for the field type "Password": "Mandatory field, reveal +only with reason, check only generated passwords and password policy". These can now be defined as +desired. (**Note**: It is possible to select +[Password rules](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md) within the field settings; +they are defined as part of the options in the main menu) + +**CAUTION:** If a form has been created, it can then be selected for use when creating new records. +The prerequisite is that the logged-in user has at least read rights to the form. + +## Permissions for forms + +In the same way as for other objects (records, roles, documents,…), permissions can also be granted +for forms. On the one hand, this ensures that not everyone can edit existing forms, while on the +other hand, it allows you to make forms available to selective groups. This ensures that clarity is +maintained and that users are not confronted with information that is irrelevant to them. The form +"Credit cards" may be relevant within the accounting department but administrators do not generally +need to use it. + +## Configuring the info field + +Every record displays other information underneath the obligatory name of the record in list view. +In the following example, the user name is also displayed in addition to the name of the password. +The name of the form is displayed in between in a blue font. + +![Configuring the info field](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_4-en.webp) + +The name of the record (192.168.150.236) and the form (password) cannot be adjusted – these are +always displayed. The user (Administrator) that is still saved for the record is currently +displayed. This can be configured in the info field for the form. It is thus possible to separately +define for each form what information for a record can be directly seen in list view. In the form +module, the info field is configured by opening the form which has to be edited in editing mode by +double clicking on it and then pressing the \*Configure info field” button in the ribbon. + +![Configuring the info field](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_5-en.webp) + +This will open a separate tab that enables you to design the info section via drag & drop. The +fields that are available on the right can be "dragged" onto the configuration window on the left. +In the following example, "Start RDP session2 will be made visible in the info section, whereby only +the word "RDP" is assigned a function – namely to start the RDP manager. A preview is shown in the +top section. + +![preview form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_6-en.webp) + +The info field for the form is now updated. It is now possible to start the RDP session directly in +the RDP session. + +![updated form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_7-en.webp) + +NOTE: The **forms module** is based on the +[Web Application](/docs/passwordsecure/9.3/configuration/webapplication/web_application.md) module of the same name. Both modules +have a different scope and design but are almost identical to use. + +## Standard form + +There are two possible ways to define a standard form. + +### Via the “standard form” user setting + +![settings form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_8-en.webp) + +### Via the form selection + +![default form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/forms/forms_9-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/logbook.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/logbook.md new file mode 100644 index 0000000000..d6dfecac31 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/logbook.md @@ -0,0 +1,58 @@ +--- +title: "Logbook" +description: "Logbook" +sidebar_position: 70 +--- + +# Logbook + +## What is a logbook? + +Netwrix Password Secure logs all user interactions. These entries can be viewed and filtered via the +logbook. The logbook records which user has made exactly what changes. This module is +(theoretically) classified as uncritical. This is because the employee only has access to those +logbook entries to which he is actually entitled. + +![Logbook module](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/logbook/logbook_1-en.webp) + +## Relevant rights + +The following options are required: + +### User right + +- Display logbook module + +## Use of the filter in the logbook + +You can also use the filter in the logbook. This enables you to limit the number of displayed +elements based on the defined criteria. In the following example, the user is searching for logbook +entries relating to the object type “Password” that also match the event criteria "Change". In +short: The entries are being filtered based on changes to passwords. + +![Logbook filter](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/logbook/logbook_2-en.webp) + +## Grouping in the logbook + +This list can also be grouped together by dragging and dropping column headers – see the following +grouping of the columns for **computer user**. The filtered results now show all changes to +passwords carried out by the computer user "administrator". + +![Logbook entries](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/logbook/logbook_3-en.webp) + +## Revision-safe archiving + +In Netwrix Password Secure, an uncompromising method is used when handling the logbook: Every change +of state is recorded and saved in the MSSQL database. There are no plans to allow triggers for +logbook entries to be selectively defined. It is only by using this process that changes are +completed in a traceable and audit-proof manner to prevent falsification. + +NOTE: If desired, the logbook can be automatically cleaned up. This option can be configured on the +Server Manager. Further information can be found in the section +[Managing databases](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md). + +## Transferring to a Syslog server + +The logbook can also be completely transferred to a +[Syslog](/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/syslog.md) server. Further information on this +subject can be found in the section Syslog. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/notifications.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/notifications.md new file mode 100644 index 0000000000..a19c8e7946 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/notifications.md @@ -0,0 +1,78 @@ +--- +title: "Notifications" +description: "Notifications" +sidebar_position: 30 +--- + +# Notifications + +## What are notifications? + +With the notification system, you are always up-to-date on all events that you consider important. +Almost all modules allow users to configure notifications. All configured messages are only created +for the currently registered Netwrix Password Secure user. It is not possible to create a +notification for another user. Each user can and should define himself which passwords, which +triggers as well as changes are important and informative for him. The configuration of visibility +is explained in a similar way to the other modules in one place +[Visibility](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/visibility.md) + +![Notifications modul](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/applications/rdp_and_ssh_applications/recording_a_session/notifications_1-en.webp) + +NOTE: The reading pane is deactivated in this module by default. It can be activated in the +"Display" tab in the ribbon. + +## Module-specific ribbon functions + +There are also some ribbon functionalities that are exclusively available for the notification +module. In particular, the function **Forward important notifications to email addresses** enables +administrators and users to maintain control and transparency independent of the location. + +![Ribbon notifications](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/notifications/notifications_2-en.webp) + +### Mark notifications as read + +The two buttons on the ribbon enable you to mark notifications as read/unread. In particular, the +filter criterion available in this context (see following screenshot) enables fast sorting according +to current and also historical notifications. + +![filter notifications](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/notifications/notifications_3-en.webp) + +It is possible to mark the notifications as read/unread via the ribbon and also via the context menu +that is accessed using the right mouse button. If the corresponding setting has been activated, +opening a notification will also mean that it is marked as read. + +## Manual configuration of notifications + +Irrespective of the selected module, permissions can be configured manually for objects. The +following dialogue can be opened via the ribbon in the "Actions" tab: + +![Manual configuration of notifications](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/notifications/notifications_5-en.webp) + +- **Notification**: Definition for the trigger +- **Value**: Defines whether a notification should be created for the previously defined trigger. In + the example for the "Apple" record, this only occurs when the record is edited. +- **Event type**: The event type for the generated notifications can be either "Info", "Warning" or + "Error". This information can also be used e.g. as an additional filter criterion. + +In contrast to previous editions, it is best to configure the notifications manually. This ensures +that a notification is really only triggered for relevant events. + +## Other triggers for notifications + +As well as manually configurable notifications, there are other triggers in Netwrix Password Secure +which will result in notifications. + +- [Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md): Requests + to release sealed records are handled via the notification system +- [System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md)s: If reports are automatically + created via the system tasks, these are also made available in the form of a notification. If this + type of notification is selected, it can be directly opened via the corresponding button that + appears on the ribbon. + +![Ribbon functions notifications](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/notifications/notifications_6-en.webp) + +## Automatic deletion of old notifications + +If desired, notifications can be automatically cleaned up. This option can be configured on the +**Server Manager**. Further information can be found in the section +[Managing databases](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md). diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/_category_.json new file mode 100644 index 0000000000..7f4d6b5f64 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Organisational structure", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "organisational_structure" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/_category_.json new file mode 100644 index 0000000000..5efafacf63 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Directory services", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "directory_services" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/_category_.json new file mode 100644 index 0000000000..74abd1d2fd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Active Directory link", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "active_directory_link" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md new file mode 100644 index 0000000000..2af4c8d6d2 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md @@ -0,0 +1,75 @@ +--- +title: "Active Directory link" +description: "Active Directory link" +sidebar_position: 10 +--- + +# Active Directory link + +## What are active directory profiles? + +The connection to Active Directory (AD) is established via so-called AD profiles. These profiles +contain all of the information relevant for establishing a connection to AD and enable +imports/synchronization of users, organisational units or roles. To connect to various different +ADs, it is naturally also possible to create multiple AD profiles. + +## Two import modes in comparison + +When importing from Active Directory, Netwrix Password Secure distinguishes between two modes, which +differ significantly and are explained in separate sections. + +- End-to-end encryption +- Master Key mode + +In principle, the two variants differ by the presence of the encryption mentioned above. In the +solution with active end-to-end encryption (**E2EE**), the process may be less convenient (see +table) but there is a huge benefit in terms of security. In Master Key mode, a master key is created +on the server that has full permissions for all users, organisational units and roles. This +represents an additional attack vector, which does not exist in end-to-end mode. In return, however, +in Master Key mode, users can be updated via synchronization with the Active Directory. Memberships +of organisational units and roles are also imported. In the more secure end-to-end mode, this +synchronization of the changes must be carried out manually. + +NOTE: It is technically possible to create several profiles with different modes. However, this is +not recommended for the sake of clarity. + +| Comparison of the modes | End-to-end mode | Master key mode | +| ---------------------------------------------------------- | --------------- | --------------- | +| End-to-end encryption\* | + | - | +| Importing user information | + | + | +| Importing assigned roles | - | + | +| Importing roles to organisational units | - | + | +| Synchronizing user information | - | + | +| Synchronizing assigned roles | - | + | +| Synchronizing roles with organisational units | - | + | +| User can be edited in Netwrix Password Secure | + | - | +| Organization unit can be edited in Netwrix Password Secure | + | - | +| Roles can be edited in Netwrix Password Secure | + | - | +| Password can be edited in Netwrix Password Secure | + | - | +| Login with domain password | - | + | +| Netwrix Password Secure is the leading system | + | - | +| Active Directory is the leading system | - | + | +| Autologin | + | + | + +As can be seen **E2EE offers the highest level of security**. The aim is merely to import users, +organisational units and roles. Those must be administered and configured in Netwrix Password +Secure. In contrast, a connection in **Master Key mode offers the highest level of convenience**. It +imports not only users, organisational units and roles but also their links and assignments. +Synchronization with Active Directory is possible – **The AD is used as the leading system**. + +## Users, groups and roles + +When importing or synchronizing from Active Directory, users are also added as users in Netwrix +Password Secure. Netwrix Password Secure also uses the organisational units as such. + +In order for Netwrix Password Secure to be quickly integrated into the given infrastructure, roles +can also be directly imported from the Active Directory. Namely Active Directory Groups are used to +password-safe roles. + +NOTE: Groups in groups Memberships, which may be present in the Active Directory, will not be +displayed within Netwrix Password Secure. Both groups are imported as roles, but independent and not +linked in any way. + +**CAUTION:** If Master Key mode has been selected for the Active Directory profile, the AD is the +leading system. In this mode, roles that have been imported cannot be changed locally in Netwrix +Password Secure. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/end-to-end_encryption.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/end-to-end_encryption.md new file mode 100644 index 0000000000..46b707af1d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/end-to-end_encryption.md @@ -0,0 +1,160 @@ +--- +title: "End-to-end encryption" +description: "End-to-end encryption" +sidebar_position: 10 +--- + +# End-to-end encryption + +## Maximum encryption + +[Active Directory link](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md) with active end-to-end encryption currently offers +**maximum security**. Only users, organisational units and roles are imported. The permissions and +the hierarchical relationship between the individual objects needs to be separately configured in +Netwrix Password Secure. The advantage offered by end-to-end encryption is that Active Directory is +“defused” as a possible insecure gateway. In Master Key mode, users who control Active Directory +receive de facto complete access to all passwords because resetting a Windows user name enables +users to log in under another person’s name. Active Directory is thus the leading system. **Using an +active E2EE connection, users require their own password for Netwrix Password Secure**. There is +thus no access to users’ data via Active Directory. + +## Relevant rights + +The following options are required to add new profiles. + +### User right + +- Can add new Active Directory profiles +- Display organisational structure module +- Display role module + +## Creating profiles + +The process for creating a new profile is started via the icon "manage profiles" on the ribbon. + +![New AD profile](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_1-en.webp) + +NOTE: "End-to-end" needs to be set in the "Encryption" field + +A **user** is required to access the AD. The user should be formatted as follows: Domain\user. It +must have access to the AD. + +- The relevant **user password** (domain password) is required for the user mentioned above +- **Direct search** is recommended for very large domain trees. The representation of the tree + structure is omitted, elements can only be found and selected via the search. +- The **filter** can be used to directly specify an AD path as an entry point via an LDAP query. +- Various security options – so-called AuthenticationTypes Enumeration – can be selected for the + connection of the AD to Netwrix Password Secure: + - Secure + - SecureSocketsLayer + - ReadOnlyServer + - Signing + - Sealing + +## Import + +The import is started directly in the ribbon. A wizard guides the user through the entire operation. + +![Import icon](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_2-en.webp) + +## Organisational structure + +First, an organisational unit is selected for the import. If there are no organisational units in +the database yet, as in this example, the data is imported into the **main organisational unit**. + +![Import wizard/organisational structure](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_3-en.webp) + +## Active Directory objects + +In the next step, select the relevant profile that should be used for the import. Then, select the +organisational units and/or users for the import. A search is available for this purpose. + +![Import wizard/AD objects](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_4-en.webp) + +It can be seen that the organisational units **Jupiter** and **Contoso** contain items to be +imported. The organisational units themselves will not be imported. The check next to the group +**Accounting** indicates that the group itself will be imported along with some of its sub-elements. + +There are different symbols which indicate the elements to be imported. + +- The element itself and all possible sub-elements will be imported +- The element itself and some of its sub-elements will be imported +- The element will not be imported; however, it contains elements that will be imported + +A context menu that is accessed using the right mouse button is available within the list that +provides helpful functions for selecting the individual elements. + +![context menu](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_5-en.webp) + +- Select sub-objects selects all sub-objects that are located directly below the current object +- Deselect sub-objects removes tags from all sub-objects that are located directly below the current + object +- Reset all items removes all previously set tags +- Display element details lists all information that is available for the current element + +In the lower area you can specify whether the users just selected for import should be created as +**Light** or **Advanced User (View)**s. + +NOTE: If individual users, organisational units, or roles cannot be selected for import, they have +already been imported via another profile + +## Summary + +The last page summarizes which objects will be edited and in what form. It specifies the names of +the elements along with their descriptions. The **Status** column specifies whether the object is +added, updated, or disabled. The last column specifies the organisational unit into which the +element is imported. The number of objects is added together at the bottom. + +![Import wizard/Summary](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_6-en.webp) + +NOTE: Depending on the amount of data, it may take several minutes to create the summary. + +## Importing + +The import itself is carried out by the server in the background. The individual elements then +appear in the list one by one. This may take some time, depending on the amount of import data. If +the import is terminated, you will receive a confirmation. + +![confirmation](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_7-en.webp) + +NOTE: As end-to-end encryption is retained in this mode, the server does not receive a key to match +already imported users with the AD. There is thus no synchronization with the AD. Similarly, no +memberships can be imported. After the import, users must be manually assigned to the appropriate +organisational units and roles. + +## Imported users and organisational units + +In end-to-end mode, the imported users behave like local users. The users can/must be edited +manually in Netwrix Password Secure. The affiliations to organisational units and/or roles must be +adapted manually. + +## Rights + +The rights will be issued as follows during the import or synchronization. + +### New objects + +| | User | Groups | Roles | +| --------------------------------- | ------------------------------------------------- | --------------------------- | ------------------------------------------------- | +| Are rights inherited from the OU? | If no preset has been saved | If no preset has been saved | No | +| Are rights applied from a preset? | If a preset has been saved | If a preset has been saved | No | +| Is the "add" right issued? | No | Yes | No | +| Who receives the rights key? | Imported users and all with the "authorize" right | All | Imported roles and all with the "authorize" right | + +### Changed objects + +| | User | Groups | Roles | +| --------------------------------- | ---- | ------ | ----- | +| Are rights inherited from the OU? | No | No | No | +| Are rights applied from a preset? | No | No | No | +| Is the "add" right issued? | No | No | No | +| Who receives the rights key? | None | None | None | + +NOTE: In end-to-end mode, **no role affiliations** are issued during the import or synchronization. + +## Logging into Netwrix Password Secure + +Users imported in this mode can not login with the domain password. Rather, a password is generated +during import. This password is sent to the users by e-mail. If a user has not entered an e-mail +address, the user name is entered as the password. The initial password can be changed by the +administrator or the user himself at the first login. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/masterkey_mode.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/masterkey_mode.md new file mode 100644 index 0000000000..605f4b622b --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/masterkey_mode.md @@ -0,0 +1,249 @@ +--- +title: "Masterkey mode" +description: "Masterkey mode" +sidebar_position: 20 +--- + +# Masterkey mode + +## Maximum convenience + +In contrast to [End-to-end encryption](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/end-to-end_encryption.md), which places the main focus on +security, Masterkey mode provides the maximum level of convenience. It not only imports users, +organisational units and roles but also their links and affiliations. It can be synchronized to +update the information and affiliations. **In this scenario, Active Directory is used as a leading +system**. + +## Relevant rights + +The following options are required to add new profiles. + +### User right + +- Can add new Active Directory profiles +- Display organisational structure module +- Display role module + +## Creating profiles + +Profile management is started via the icon of the same name on the ribbon. + +![AD profile](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/masterkey_mode_1-en.webp) + +The following information must be provided in the profile: + +- **Profile name** +- An optional **description** +- Masterkey mode is selected for the **encryption** + +NOTE: In the case of already created profiles, the encryption can no longer be changed. + +- The **domain** field is used to define which domain is to be read. The value entered here will + also be used for authentication if no alternative spellings have been saved under **Other domain + names**. +- A **local user** (for example, the administrator) or an already imported user must be specified. + The data will be imported under that user’s name. +- A **user** is required to access the AD. The user should be formatted as follows: Domain\User. It + must have access to the AD. +- Corresponding **user password** (domain password) for the user. +- \*_Direct search_ is recommended for very large domain trees. The tree structure is omitted, + elements can then only be found and selected via the search. +- By activating the checkbox **Restrict user import to role members only**, a simplified mode is + activated. In this mode, only AD users who are members of at least one role are imported. As soon + as they are no longer a member of at least one role, they are deleted from Netwrix Password + Secure. +- By activating the checkbox **Force update on next synchronization**, **ALL** records will be + updated on the next synchronization, regardless of whether the record has changed in the Active + Directory or not. (This checkbox is automatically activated when you have edited the other + responsible users and is deactivated again after the next synchronization). +- The **LDAP filter** can be used to directly specify an AD path as an entry point via an LDAP + query. +- Various security options – so-called AuthenticationTypes Enumeration (**Flags**) – can be selected + for the connection of the AD to Netwrix Password Secure: + - Secure + - SecureSocketsLayer + - ReadOnlyServer + - Signing + - Sealing + +NOTE: The first two options are already activated by default when configuring a new profile. If a +connection is not possible, deactivate SecureSocketsLayer and try again. + +- **Other responsible users or roles** can be used to define who is permitted to carry out the + synchronization with the AD. +- The option **Other domain names** can be used to save alternative spellings of the login domain. + These must correspond to the spelling entered in the login window. For example, if a connection is + being established to the domain **jupiter.local** or an IP address, the login can only be carried + out with **jupiter\user** if **jupiter** has been saved here. + +**CAUTION:** The master key is added in form of a certificate. It is **essential to back up** the +generated certificate! If the database is being moved to another server, the certificate also needs +to be transferred! Further information can be found in the section +[Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md). + +NOTE: You can now use the option to integrate a RADIUS server. Read more in +[RADIUS authentication](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/radius_authentication.md). + +## Import + +You can start the import directly in the ribbon. A wizard guides the user through the entire +operation. + +![import icon](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_2-en.webp) + +## Organisational structure + +First, an organisational unit is selected for the import. If there are no organisational units in +the database yet, as in this example, the data is imported into the **main organisational unit**. + +![import wizard / organisational structure](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_3-en.webp) + +### Active Directory objects + +In the next step, select the profile you will use to import the data. Then, select organisational +units and/or users for the import. A search is available for this purpose. + +![import wizard / AD objects](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_4-en.webp) + +As you can see, the organisational units **Jupiter** and **Contoso** contain items to be imported. +The organisational units themselves will not be imported. The group **1099 Contractor** is imported +including all sub-elements. The check next to the group **Accounting** indicates that the group +itself will be imported along with some of its sub-elements. The ticks in the last column ensure +that the elements are observed in future synchronization sequences. + +There are different symbols which indicate the elements to be imported. + +The element itself and all possible sub-elements will be imported The element itself and some of its +sub-elements will be imported The element will not be imported; however, it contains elements that +will be imported + +Right-clicking in the list will launch a context menu. It provides helpful functions for the +selection of the individual elements. + +![select subjects](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_5-en.webp) + +NOTE: If individual users cannot be selected for import, they have already been imported via an +end-to-end encrypted profile. + +In the lower area you can specify whether the users just selected for import should be created as +**Light** or **Advanced User (View)**s. + +## Summary + +The last page summarizes which objects will be edited and in what form. It specifies the names of +the elements along with their descriptions. The **Status** column specifies whether the object is +added, updated, or disabled. The last column specifies the organisational unit into which the +element is imported. The number of objects can be seen at the bottom. + +![import wizard / summary](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_6-en.webp) + +## Importing + +The server imports data in the background. The individual elements then appear in the list one by +one. This may take some time, depending on the amount of import data. If the import was terminated, +this is symbolized by a hint. + +![Notification](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/end_to_end_encryption_7-en.webp) + +## Imported users and organisational units + +The users and organisational units imported in Masterkey mode cannot be edited in Netwrix Password +Secure. Therefore, any changes must be made in AD and synchronized. AD thus becomes the leading +system. Affiliations to roles are also synchronized and must be set in the AD. In organisational +units or roles created in Netwrix Password Secure, the users can be included directly in Netwrix +Password Secure. + +## Rights + +The rights will be issued as follows during the import or synchronization. + +### New objects + +| | User | Groups | Roles | +| --------------------------------- | ------------------------------------------------- | --------------------------- | ------------------------------ | +| Are rights inherited from the OU? | If no preset has been saved | If no preset has been saved | No | +| Are rights applied from a preset? | If a preset has been saved | If a preset has been saved | No | +| Is the "add" right issued? | No | Yes | No | +| Who receives the rights key? | Imported users and all with the "authorize" right | All | All with the "authorize" right | + +### Changed objects + +| | User | Groups | Roles | +| --------------------------------- | ------------------------------ | ------ | ------------------------------ | +| Are rights inherited from the OU? | If no preset has been saved | No | No | +| Are rights applied from a preset? | If a preset has been saved | No | No | +| Is the "add" right issued? | No | No | No | +| Who receives the rights key? | All with the "authorize" right | None | All with the "authorize" right | + +NOTE: If a user is imported, he will be given those roles that he also had in AD insofar as these +roles already exist in Netwrix Password Secure or have also been imported. + +## Logging into Netwrix Password Secure + +Users who are imported using this mode can log in with the domain password. Please note that no +domain needs to be specified when logging in. Of course, the login process can also be supplemented +with +[Multifactor Authentication](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md). + +NOTE: Logging on using Kerberos works "automatically". As long as the corresponding Kerberos server +is accessible, the users in the domain authenticate themselves via Kerberos using their domain +password. If the logon via Kerberos does not work – e.g. due to incorrect configuration of the +domain controller – the logon via the NTLM protocol is attempted. However, these are all settings +that have to be made on the domain controller and have nothing to do with Netwrix Password Secure. + +**CAUTION:** Logging on to Netwrix Password Secure using SSO via Kerberos is currently not possible. + +## Permissions to imported objects + +The rights to be issued to imported users are explained in the following example: + +![Permission MKM User](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/masterkey_mode_7-en.webp) + +1. In Master Key mode, **all** users will be issued with the **read** right. +2. The **responsible user** will be issued with all rights and the key. This ensures that he can + also synchronize or change the user in the future +3. **Other responsible users** are issued with the same rights as the **responsible user** +4. The **Master Key** for the **Active Directory** profile will also be issued with all rights and + keys as it will be used for the synchronization +5. Finally, users will be issued with the rights for themselves + +NOTE: All users and roles issued with **rights** to the imported object also receive its rights key. + +## Synchronization + +During synchronization, all relevant information for users, organisational units and roles (names, +email, etc.) is updated. Changed affiliations for roles are adjusted. Likewise, users are activated +or deactivated according to the settings in the AD. If the membership of organisational units is to +be changed, this can be done by **Drag & Drop**. New users and correspondingly defined roles are +imported. + +NOTE: If the tick was not set in the Synchronization column when a user is imported, no changes are +made. + +### Manual synchronization + +The synchronization can be started manually at any time via the corresponding button in the ribbon. + +![manual synchronization](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/masterkey_mode_8-en.webp) + +Select the required profile and start the synchronization. As is the case with the initial import, +the synchronization runs in the background. A hint indicates that the process has been completed. + +### Synchronization via system tasks + +The synchronization can also be carried out automatically. This is made possible via the +[System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md). + +### Deleting or removing users + +If a user is deleted in Active Directory, it is also deleted in Netwrix Password Secure during the +next synchronization. For this purpose, it is necessary for the user to be imported as a +**synchronizable** user. + +If the user is only deleted from Netwrix Password Secure but retained in Active Directory, a +synchronization needs to be carried out to delete it from the database. For this purpose, the wizard +is called up via **import**. The first step is to select an organisational unit. This has no effect +when simply deleting a user. The second step is to search for the user. Both ticks are removed. + +After checking the summary, the process is concluded. The synchronization is completed and the user +is deleted from the database. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/radius_authentication.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/radius_authentication.md new file mode 100644 index 0000000000..9f6b032355 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/radius_authentication.md @@ -0,0 +1,38 @@ +--- +title: "RADIUS authentication" +description: "RADIUS authentication" +sidebar_position: 30 +--- + +# RADIUS authentication + +## What is the RADIUS authentication? + +RADIUS (Remote Authentication Dial-In User Service) is a client-server protocol used primarily for +authentication and authorization of users during dial-up connections in corporate networks. Netwrix +Password Secure can also benefit from the advantages of a RADIUS server. In particular, multi-factor +authentication should be mentioned here. But all other RADIUS-typical functions can also be used. +Further information can be found for example at **Wikipedia**. + +## Requirements + +In order for Netwrix Password Secure to address a RADIUS server, the following requirements must be +met: + +- A RADIUS server must be available and accessible via the network. +- Access to the Netwrix Password Secure Server Manager must be set up on the RADIUS server. +- A corresponding Secret must be configured for access. +- In Netwrix Password Secure, users must have been imported from the AD in Masterkey mode. + +## Configuration + +The actual connection of the RADIUS server is simple: + +![radius integration](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/activedirectorylink/radius_authentication_1-en.webp) + +- **Use RADIUS** - First, the usage is activated. +- **Host Address** - The address of the RADIUS server is stored here. +- **Secret** - Refers to the secret stored for the Netwrix Password Secure Server Manager. +- **AUTH Port** - The so-called AUTH port of the RADIUS server is specified here. +- **ACT Port** - The ACCT port of the RADIUS server can also be stored; if required. +- **Timeout** - The time the RADIUS server has to react; can also be configured. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/directory_services.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/directory_services.md new file mode 100644 index 0000000000..4b48867a6c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/directory_services.md @@ -0,0 +1,16 @@ +--- +title: "Directory services" +description: "Directory services" +sidebar_position: 30 +--- + +# Directory services + +It is possible to use existing user and group structures from external directories with Netwrix +Password Secure. + +Choose your preferred integration method: + +- [Microsoft Entra ID connection](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/entra_id_connection.md) + +- [Active Directory link](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/_category_.json new file mode 100644 index 0000000000..9604774739 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Microsoft Entra ID connection", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "entra_id_connection" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/entra_id_connection.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/entra_id_connection.md new file mode 100644 index 0000000000..f2975dd9af --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/entra_id_connection.md @@ -0,0 +1,170 @@ +--- +title: "Microsoft Entra ID connection" +description: "Microsoft Entra ID connection" +sidebar_position: 20 +--- + +# Microsoft Entra ID connection + +More and more companies use cloud services. Therefore, also the management of users is outsourced. +Instead of a classic Active Directory via LDAP, an Entra ID is used more often. Netwrix Password +Secure integrates the possibility to bring in users and roles from Azure. To use users and roles +from multiple Entra IDs, you can create multiple profiles. + +## Introduction + +## Why Entra ID? + +More and more companies use cloud services. Therefore, also the management of users is outsourced. +Instead of a classic Active Directory via LDAP, an Entra ID is used more often. Netwrix Password +Secure integrates the possibility to bring in users and roles from Azure. To use users and roles +from multiple Entra IDs, you can create multiple profiles. + +Remember, In order to use Azure login with the windows application, +[WebView2](https://developer.microsoft.com/de-de/microsoft-edge/webview2/) from Microsoft must be +installed on the client device. + +### Differences to the LDAP connection + +The connection to the Entra ID differs in one special point from the connection to a conventional +Active Directory. While Netwrix Password Secure queries the users, groups, and roles actively from +the conventional AD, the Entra ID is pushing them automatically to our server. For this a so-called +[SCIM service](https://en.wikipedia.org/wiki/System_for_Cross-domain_Identity_Management) is used. + +To login to Netwrix Password Secure, after entering the username a popup opens for the +authentication with the entered Microsoft account. Here, a possible configured second factor is also +requested. The authentication is handled via the +[Open ID Connect protocol](https://openid.net/connect/). + +### Linking Entra ID + +Below you will find instructions on how to connect Entra ID to Netwrix Password Secure. In the Azure +portal, go to the management page of your Microsoft Entra ID. Use an account with administrative +permissions for this. During this, login to Netwrix Password Secure with an account that has the +user right "Display organisational structure module", "Can manage Entra ID profiles", and "Can +create new Entra ID profiles" enabled. + +## Setup + +### New enterprise application + +Login to the [Azure portal](https://portal.azure.com/#azure-portal) and go to the management page of +your Microsoft Entra ID. + +NOTE: You need an account with administrative permissions + +- Write down your "Tenant ID" shown in the Azure console or by using PowerShell: + + +``` +Connect-AzureAD + +``` + +- Navigate in your Entra ID to "Enterprise applications" +- Add an own application, that is not listed in the Azure Gallery – in our example, we name it + "Netwrix Password Secure" + +NOTE: A key feature of Netwrix Password Secure is, that it is self-hosted by our customers. However, +to be listed in Azure Gallery, a SaaS model is required. Therefore, Netwrix Password Secure is not +available in the Azure Gallery. + +- When the application was created successfully, you are redirected to it automatically +- Write down the "Application ID" +- In the navigation, click "Users and groups" +- Add the Users and groups that should be available to Netwrix Password Secure + +**CAUTION:** The import of Azure groups as Netwrix Password Secure roles is only possible if you +have booked the Azure package Entra ID Premium P1! + +- Navigate to the "Provisioning" page +- Configure the Provisioning Mode to "Automatic" + +### Netwrix Password Secure Entra ID configuration + +NOTE: Your Netwrix Password Secure user need the following permissions: + + +``` +- Display organisational structure module +- Can manage Azure AD profiles +- Can create new Azure AD profiles + +``` + +- Navigate to the module "Organisational structure" +- In the toolbar, click on "Manage profiles" in the category "Entra ID" +- Create the profile with your information +- Insert the `Tenant ID` and the `Application ID` +- As soon as the profile has been saved, a popup opens for generating a token +- Choose a desired expiration date (max. 10 years) and click "Generate token" +- Write down the values of the fields "Tenant URL" and "Secret Token" + +### Azure provisioning configuration + +Fill the fields "Tenant URL" and "Secret Token" with the information provided by Netwrix Password +Secure Click "Test Connection" When the test has been successful, click on "Save" at the top of the +page Back on the "Provisioning" page, click "Start provisioning" In the settings of the +provisioning, check if "Provisioning Status" is set to "On" All allocated users and groups are +created in Netwrix Password Secure now + +NOTE: Azure´s default provisioning interval is 40 Minutes. So it may some time until the users and +roles are shown in Netwrix Password Secure. + +**CAUTION:** Please note that Azure establishes the connection to Netwrix Password Secure. For this, +the client URL must be accessible from an external network / provisioning agent and any used SSL +certificate must be valid! If the users are not created in Netwrix Password Secure, consult the +Azure Enterprise Application Provisioning log for more information. + +### Azure login configuration + +To enable the Azure login for your users, a few more steps are required: + +- Navigate to the Overview page of your Entra ID +- Navigate to "App registrations" +- If no application is displayed, click "All applications" +- Click on "Netwrix Netwrix Password Secure" and navigate to "Authentication" +- Click on "Add a platform", select "Web" and configure the required URIs: + +| Client | URI | +| ------------------------ | ------------------------------------------------------------------------- | +| Web Application | `https://`Web Application_URL`/authentication/login-via-oidc` | +| Advanced view & Autofill | `https://login.microsoftonline.com/common/oauth2/nativeclient` | +| Google Chrome Extension | `https://bpjfchmapbmjeklgmlkabfepflgfckip.chromiumapp.org` | +| Microsoft Edge Extension | `https://ahdfobpkkckhdhbmnpjehdkepaddfhek.chromiumapp.org` | +| Firefox Extension | `https://28c91153e2d5b36394cfb1543c897e447d0f1017.extensions.allizom.org` | + +![web_configuration_entra_id](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/entra_id/web_configuration_entra_id.webp) + +Click on "Add a platform", select "Mobile & desktop applications" and configure the required +mobile-app URI: + +| Client | URI | +| ------------- | ------------------ | +| iOS & Android | `psrmobile://auth` | + +![mobile_and_desktop_applications](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/entra_id/mobile_and_desktop_applications.webp) + +#### Create client secret + +Navigate to your Netwrix Netwrix Password Secure App registration -> Certificates & secrets -> +Client secret + +Create a client secret: + +![certificates-secrets-en_1544x311](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/entra_id/certificates-secrets-en_1544x311.webp) + +Copy it over to the Netwrix Password Secure Entra ID profile: + +![entra_id_client_secret](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/directoryservices/entra_id/entra_id_client_secret.webp) + +#### Set API permissions + +Finally, the API permissions for the Azure API have to be set, so the login to can be performed +successfully. + +1. Navigate to "API permissions" and click "Add a permission" +2. Select "Microsoft Graph" and then "Delegated permissions" +3. Set the checkboxes for "openid" and "profile" just under "OpenId permissions" +4. Click on "Add permissions" +5. Click on "Grant admin consent for YOUR_AD_NAME" diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/microsoft_entra_id_faq.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/microsoft_entra_id_faq.md new file mode 100644 index 0000000000..8825ca490e --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/entraidconnection/microsoft_entra_id_faq.md @@ -0,0 +1,57 @@ +--- +title: "Microsoft Entra ID Services FAQ" +description: "Microsoft Entra ID Services FAQ" +sidebar_position: 10 +--- + +# Microsoft Entra ID Services FAQ + +## Is it possible to migrate from LDAP to Entra ID? + +Currently, an automated migration from LDAP users (E2E as well as MasterKey) to Entra ID users is +not possible! + +## Which port is used for the SCIM endpoint for provisioning users/groups from Entra ID to the Application Server? + +11015 is the port that will be used for the communication from Entra ID to Netwrix Password Secure. + +## Does the Entra ID connection support nested groups? + +Due to Azure based technical limitations, Netwrix Password Secure does not support nested groups. + +## Does Entra ID work on servers that are only available internally? + +An integration on servers, that are not accessible from external sources, the integration of Entra +ID is also possible. For this, you can use the +[Entra ID on-premises application provisioning to SCIM-enabled apps](https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/on-premises-scim-provisioning). +This can be installed on all or only one application server. It must be noted that the IP or DNS +name of the "Tenent URL" specified in the subsequently created enterprise application is present in +the alternative application names in the server certificate. Tip: `https://127.0.0.1:11015/scim` can +also be specified as the "Tenent URL", in which case 127.0.0.1 must again be present in the +alternative application names in the server certificate. + +- Download the Provisioning Agent +- Install the Provisioning Agent on the server with the Netwrix Password Secure Server +- Start "AAD Connect Provisioning Agent Wizard" +- Select "On-premises application provisioning Entra ID to application", click next +- Click "Authenticate" and authenticate with a user.This user should be a Hybrid administrator or a + global administrator. +- Click "Confirm" +- Wait for the application to finish the registration in Azure +- Switch to the Azure Portal +- Click "Microsoft Entra ID" +- Click "Enterprise applications" +- Click "New application" +- Search for "On-premises SCIM app" +- Click "On-premises SCIM app" +- Adjust the name +- Click "Create" +- Wait for the operation to end +- Click the created application in the overview of "Enterprise applications" +- Click "Provisioning" +- Click "Get started" +- Set provisioning mode "Automatic" +- Unhide "On-Premises Connectivity" +- Assign the just installed agent to this application by selecting it and click "Assign Agent(s)" +- It takes about 20 minutes until the agent is correctly connected to your application and you can + proceed. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/first_factor.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/first_factor.md new file mode 100644 index 0000000000..97fa927875 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/first_factor.md @@ -0,0 +1,64 @@ +--- +title: "First factor" +description: "First factor" +sidebar_position: 40 +--- + +# First factor + +## What is meant by first factor? + +It is a process that regulates access to our system. + +## Requirements + +With the user setting **Edit first factor** you have the possibility to define another factor for +authentication than the standard password. + +![Edit first factor](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/firstfactor/first_factor_1-en.webp) + +## Factors + +### Smartcard (only on Advanced view) + +The configuration is done via the user setting **First factor**. + +![Smartcard 1st factor](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/firstfactor/first_factor_2-en.webp) + +NOTE: This option is only valid for users in master key mode + +**CAUTION:** Be Aware" The smartcard logon tries to determine whether the certificate belongs to the +user to be logged on based on the applicant in the smartcard certificate. This is done using regex, +the default regex `^{username}[.@\\/-_:]({domain})$` or `^({domain})[.@\\/-_:]({username})$` is +applied to the applicant. In this case, `{username}` is replaced with the user to be registered and +`{domain}` is replaced with the domain in the AD profile in the regex and if the regex query is +positive, the user is registered. If the format of your applicant in your certificates is not +compatible with these two regex queries, you must set a custom regex query in the Server Manager. +Please note that `{username}` for username and `{domain}` for the AD domain SHOULD be present in the +regex query. If the domain must be explicitly specified, it must be written in capital letters. + +In addition, the smartcard certificate must of course also be valid on the server! + +## Fido2 (only at the Web Application) + +## Requirement + +For Fido2 it is mandatory that +SMTP ([Advanced settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md)) is configured. +In addition, an e-mail address must be stored for the AD users. + +Furthermore, the URL of the Web Application must be stored in the Server Manager: + +![Edit WebClient URL](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/firstfactor/first_factor_3-en.webp) + +### Configuration + +The configuration is done via the user setting **First Factor**. + +![FIDO2](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/firstfactor/first_factor_4-en.webp) + +As soon as an AD user logs on to the Web Application, he gets the following prompt + +![prompt](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/firstfactor/first_factor_5-en.webp) + +After clicking on **Setup Fido2 access** in the mail, Fido2 is configured. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/_category_.json new file mode 100644 index 0000000000..5ab4bd9aa4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Managing users", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "managing_users" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/managing_users.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/managing_users.md new file mode 100644 index 0000000000..1cbe829669 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/managing_users.md @@ -0,0 +1,86 @@ +--- +title: "Managing users" +description: "Managing users" +sidebar_position: 10 +--- + +# Managing users + +## How are users managed in Netwrix Password Secure? + +The way in which users are managed is highly dependent on whether Active Directory is connected or +not. In Master Key mode, Active Directory remains the leading system. Accordingly, users are then +also managed in the AD. If Netwrix Password Secure is the leading system, e.g. in end-to-end mode, +users are managed in the organisational structures module. More details are provided in the relevant +sections. + +## Relevant rights + +The following options are required to add local users. + +### User rights + +Can add new users -Display organisational structure module + +## Adding local users + +In general, new users are added in the same way as creating a local organisational unit. Therefore, +only the differences will be covered below. + +### Creating users + +![create user](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/create-user-wc.webp) + +- **Allocated roles**: New users can directly be allocated one or more rolls when they are created +- **Change password on next login**: The user will be requested to change their user password on the + next login (obligatory) +- **Account is deactivated**: The user is created with the status "deactivated". The account is thus + not useable. The write rights for a user can be set/removed with this option. In editing mode, the + account can also be deactivated during ongoing operation. +- **Restricted user**: Controlling entities exist in many companies that are only tasked with + checking the integrity and hierarchies of various pieces of information with one another but are + not required to productively work with the information themselves. This could be a data protection + officer or also an administrator in some cases. This would be the case if an administrator was + responsible for issuing permissions to other people but should not be able to view the data + themselves. The property **restricted user** is used to limit the visibility of the password + field. It thus deals with purely administrative users or controlling entities. + +NOTE: Restricted users cannot view any passwords + +### Configuring rights + +The second tab of the wizard allows you to define the permissions for the newly created user. If an +allocated organisational unit or a rights template group was defined in the first tab, the new user +will inherit its permissions. Here, these permissions can be adapted if desired. + +### Configuring user rights + +Users always receive their user rights via role, which is either user-specific or global (see user +rights). If no role is defined in the first tab "Create user", the third tab will thus contain +globally defined user rights. + +## Importing users + +Importing from Active Directory can be carried out in two ways that are described in a separate +section. + +## User licenses + +There are two different types of licenses, **Advanced view** and **Basic view** licenses. In all +other editions you can only purchase Advanced view licenses. Please note that licensed Basic view +users are not able to use the Advanced view. However, Advanced view Users can also switch to the +Basic view. + +**CAUTION:** For licensing reasons, it is not intended to switch from a Advanced view user to a +Basic view user! + +Our sales team will be happy to answer any questions you may have about licensing. + +Display data to which the user is authorized In order to display the data to which a user is +authorized, you must right-click on the corresponding user in the organisational structure. In the +context menu that opens, you will find the following options under **displaying data records**: + +Password -Documents -Forms -Rolls -Uses -Password Reset -System Tasks -Seal templates + +NOTE: All authorizations for a data record are taken into account, regardless of whether you are +authorized by a role or the user. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/user_passwords_logging_in.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/user_passwords_logging_in.md new file mode 100644 index 0000000000..67a274545d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/user_passwords_logging_in.md @@ -0,0 +1,91 @@ +--- +title: "User passwords / logging in to client" +description: "User passwords / logging in to client" +sidebar_position: 10 +--- + +# User passwords / logging in to client + +## User passwords + +Depending on the type of user, they will either be allocated their password in Netwrix Password +Secure or the login will be carried out using access data for the domain. How the user logs in also +differs according to the type of user. + +### Differences between users and passwords + +- **Local users** Local users are those users that were directly created in Netwrix Password Secure. + These users must be directly assigned a password when they are created. If local users are + migrated from older versions, they receive a randomly generated password that is sent to them via + email. +- **AD users in end-to-end mode** These users must also be assigned a password in Netwrix Password + Secure. A new password will also be issued via email for these users in the case of a possible + migration. +- **AD users in Master Key mode** These users log in directly with access data for the domain. It is + thus not necessary to assign them a password. As these users directly authenticate themselves via + Active Directory, the currently saved password in Active Directory is thus always valid. These + users can still directly log in using the existing password even after a migration + +### Required rights + +Various rights are required in order to issue or change user passwords. One prerequisite is the user +right **Can display organisational structure module**. **Read** and **write** rights for the user +are also required. Finally, membership of the user is required. Normally, the user themselves and +the user who created or imported the user have the right to change their password. + +![Permission for user](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/user_passwords_1-en.webp) + +### Assigning and changing passwords + +As already explained, local users are directly assigned their initial password when the user is +created. The situation is different for users that are imported in end-to-end mode. They do not +possess a password directly after the import and can thus not log in. It is thus necessary to assign +passwords after the import. + +The passwords can be directly assigned or changed via the ribbon. Naturally, it is also possible to +select multiple users if e.g. several imported users should be assigned the same password. + +![change password](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/user_passwords_2-en.webp) + +### Change password on next login + +Even if several users receive the same initial password, it is sensible to force them to change it +to an individual password. There is a corresponding option for this purpose. In the case of **local +users**, this can be activated during the creation of the user. In the case of **users in end-to-end +mode**, this option is directly activated during import for security reasons. This option is +automatically deactivated after the user has successfully logged in and changed the password. + +![change password next login](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/user_passwords_3-en.webp) + +### Security of passwords + +To guarantee that passwords are sufficiently strong, it is recommended that corresponding +[Password rules](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md) are created. It is +especially important to ensure here that user names are excluded. The password rule then still needs +to be defined as a user password rule. + +## Logging in to the database + +The process for logging into the database differs depending on the type of user. + +### Local user + +Local users simply log in using their user name and the assigned password. + +![login username](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/user_passwords_4-en_415x238.webp) + +![login password](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/user_passwords_5-en.webp) + +## AD user + +If only one domain has been configured, the users from AD can also log in with their user name and +password the same as local users. If multiple domains have been configured or there is a local user +with the same name, the name of the domain must be entered in front of the user name + +The name of the domain must be entered as it is configured in the AD profile under **Domains**. The +option **Other domain names** can be used to save other forms of the domain name. + +![AD User](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/managingusers/user_passwords_6-en.webp) + +NOTE: The logon to the client is automatically forwarded to the Autofill Add-on and other clients on +the same computer. The same applies to logging on to the Autofill Add-on. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/_category_.json new file mode 100644 index 0000000000..6af5368eaf --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Multifactor authentication", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "multifactor_authentication" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/multifactor_authentication.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/multifactor_authentication.md new file mode 100644 index 0000000000..e5eaca1d41 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/multifactor_authentication.md @@ -0,0 +1,93 @@ +--- +title: "Multifactor authentication" +description: "Multifactor authentication" +sidebar_position: 50 +--- + +# Multifactor authentication + +## What is multifactor authentication? + +By means of multifactor authentication, you can save the login – in addition to the password – with +a further factor. Setting up a multifactor authentication can be done by either the administrator or +the user. + +## Requirements + +To use multifactor authentication on a database, it must firstly have been activated on the Server +Manager. In the database module, open the settings for the selected database via the ribbon. + +![database settings](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/multifactor_authentication_1-en.webp) + +It is possible to separately define in the settings whether it is permitted to use each interface on +the database. + +![multifactor authentication](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/multifactor_authentication_2-en.webp) + +### Other settings + +In the user settings, it is also possible to define the "Length of validity of a multifactor +authentication token" in minutes. + +NOTE: In order for a user (administrator) to be able to **configure** multifactor authentication for +other users, the user must have the rights **read**, **write**, **delete** and **authorize**. It is +important that these rights exist before Multifactor Authentication is set up. + +## Configuration of multifactor authentication + +In the [Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md) module, you select the user and +the interface "Multifactor authentication" in the ribbon. + +![TOTP](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/multifactor_authentication_3-en.webp) + +The desired type of authentication is selected and given a title. This name is also displayed to the +user when logging in. The subsequent process differs depending on the desired authentication type. + +### Google authenticator + +The prerequisite for this is that the relevant app has been started on a smartphone. After the name +has been assigned for the authentication, you generate a new secret via the corresponding button. A +QR code is displayed, which must be scanned using the Google Authenticator app on a smartphone. + +![google authenticator](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/multifactor_authentication_4-en.webp) + +Once the Google Authenticator app has detected the QR code, it will return a 6-digit PIN. You must +then enter it in the appropriate field. Finally, click on **Create** in the ribbon. + +## RSA SecurID Token + +To set up multifactor authentication using RSA SecurID, simply enter the RSA user name and click +**Create** directly in the ribbon. + +![RSA SecurID Token](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/multifactor_authentication_5-en.webp) + +NOTE: The prerequisite for the use of RSA SecurID token is that the access data has been stored in +the Database settings on the Server Manager. + +## Public key infrastructure + +For PKI setup, the **Select** button is used to open the menu for selecting the desired certificate. +All eligible certificates are displayed. + +![Public key infrastructure](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/multifactor_authentication_7-en.webp) + +Now just select the desired certificate from the list to confirm the process. + +## Yubico One Time Password + +The configuration of multifactor authentication using Yubico One Time Password is described +in[Multifactor Authentication](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md). + +## Delete Multifactor Authentication (MFA) + +The multifactor authentication can be deleted by the user himself or by another user with sufficient +authorization. The rights **Read**, **Write**, **Authorize** and **Delete** are required for another +user to perform the deletion. + +In order to delete a file, you should go to the main menu. Under **Account** you will find the item +**Multifactor Authentication**. An alternative way is to enter the management of multifactor +authentication via the organisational structure. To do so, select the corresponding user and click +on the **Multifactor Authentication** ribbon. + +In the administration of the multi-factor authentication you will then find in the ribbon the +possibility to delete the stored MFA. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/otp_(one-time-password).md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/otp_(one-time-password).md new file mode 100644 index 0000000000..b675535af4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/otp_(one-time-password).md @@ -0,0 +1,55 @@ +--- +title: "OTP (One-Time-Password)" +description: "OTP (One-Time-Password)" +sidebar_position: 20 +--- + +# OTP (One-Time-Password) + +## Using OTP in Netwrix Password Secure + +A one-time password is a password that is valid once and can be used for authentication or +transactions. Accordingly, each additional authentication or authorization requires a new one-time +password. + +## Establishment + +To set up OTP in Netwrix Password Secure, proceed as follows. + +- **Create form with OTP field** + +Create a new form or add an OTP field to an existing form: + +- **Create password** + +You assign the new or customized form to existing passwords and edit them or create a new password +with the new or customized form. + +Next, the OTP field must be configured. For this purpose the key (secret) of the desired +website/application is stored in Netwrix Password Secure. + +As soon as the secret has been deposited and the password saved, the setup is complete. + +## OTP in HTML WebViewer and Emergency WebViewer + +##### OTP in HTML WebViewer + +1. Set up OTP +2. Create + [HTML WebViewer export](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/html_webviewer_export.md) +3. Open the created HTML WebViewer + +How to use the HTML WebViewer can be read in the chapter with the same name. + +##### OTP in Emergency WebViewer + +NOTE: The special feature of the Emergency WebViewer is that the stored OTP secret is also +displayed. + +In order to use the One-Time-Password in the +[EmergencyWebViewer](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/emergency_webviewer.md) +you have to proceed as follows: + +1. Set up OTP +2. Emergency HTML WebViewer Export Task Create +3. Open the created emergency WebViewer diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/yubicoyubikey.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/yubicoyubikey.md new file mode 100644 index 0000000000..e9dbc85a30 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/yubicoyubikey.md @@ -0,0 +1,82 @@ +--- +title: "Yubico / Yubikey" +description: "Yubico / Yubikey" +sidebar_position: 10 +--- + +# Yubico / Yubikey + +## Setting up multifactor authentication + +### Requirements + +The following firewall release must be granted: + +- [https://api.yubico.com/wsapi/2.0/verify](https://api.yubico.com/wsapi/2.0/verify) + +### Requesting the Yubico API key + +An API key must be requested for configuration. For this purpose, use the following link and enter +an e-mail address: [Yubico Website](https://upgrade.yubico.com/getapikey/) + +![yubico setup](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_1-en.webp) + +Yubikey will then generate a **One Time Password**. The Yubikey used must only be touched in the +right place. + +![yubico stick](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_2-en.webp) + +The **One Time Password** is entered directly into the corresponding field. + +![yubico OTP](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_3-en.webp) + +Once the general terms and conditions have been approved, the API Key can be requested. + +![yubico key](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_4-en.webp) + +### Configuring the Yubikey API + +The actual setting up of the multifactor authentication is carried out on the Server Manager in the +**Database** module. First select the required data base; then open the "Features" in the ribbon. +The **Yubico Client ID** and the **Yubico Secret Key** must then be entered and saved. + +![Configuration yubico](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_5-en.webp) + +The interface is now ready and can be used. + +NOTE: The HTTPS endpoint [Yubico Verify](https://api.yubico.com/wsapi/2.0/verify) is used for +communication with Yubico. Please make sure that the Netwrix Password Secure Server can connect to +this endpoint. + +## Configuring multifactor authentication for users + +Multifactor authentication can be configured in the Netwrix Password Secure client. It can be done +by the user themselves in **Backstage** in the [Account](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md) +menu. In order to configure the Yubikey, simply select **Yubico OTP**. + +![setup second factor](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_6-en.webp) + +Now click in the field for the token and create a token using the Yubikey. For **Yubikey NEO**, you +only need to touch the touch panel. The same applies to **Yubikey Nano**. + +![yubico stick](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_2-en.webp) + +The token is entered directly into the corresponding field. The multifactor authentication is +configured once you’ve clicked on configure. + +![Configuration yubico](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_8-en.webp) + +## Logging in with the Yubikey + +To login with Multifactor Authentication, the database is first selected and then **User Name** and +**Password** are entered and confirmed. + +After the first password authentication, another window for the **Yubico Key** is displayed. + +![Login yubico](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_10-en.webp) + +Click on the field to highlight it, and enter the **Yubico Key** by touching the Yubikeys. + +![yubico stick](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/multifactorauthentication/yubico/yubico_yubikey_2-en.webp) + +The user is now logged on. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md new file mode 100644 index 0000000000..5b197a5b0f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md @@ -0,0 +1,113 @@ +--- +title: "Organisational structure" +description: "Organisational structure" +sidebar_position: 40 +--- + +# Organisational structure + +## What are organisational structures? + +The storage of passwords or documents always takes place according to the defined organisational +structures. The module enables complex structures to be defined, which later form the basis for the +systematic storage of data. It is often possible to define them on the basis of already existing +organization diagrams for the company or department. It is also possible to use other criteria, such +as the function / activity performed, as the basis for creating hierarchies. It is always up to the +customer themselves to decide which structure is most useful for the purpose of the application. + +![Organizational structure modul](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/organizational_structures_1-en.webp) + +## Relevant rights + +The following options are required for adding new organisational structures. + +### User rights + +- Can add new organisational units +- Display organisational structure module + +## Module-specific ribbon functions + +The operation of the ribbon differs fundamentally in a couple of aspects to how it works in other +modules. The following section will focus on only those elements of the ribbon that differ. The +remaining actions have already be explained for the password module. + +![create new user/organisational unit](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/organizational_structures_2-en.webp) + +- **New organisational unit/user**: New organisational units or new users can be added via the + ribbon, the keyboard shortcut "CTRL + N" or also the context menu that is accessed using the right + mouse button. Due to its complexity, there is a separate section for this function: + [User management](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/user_management.md) +- **Drag & Drop**: If this option has been activated, it is possible to move users or organisational + units in list view via drag & drop +- **Permissions**: The configuration of permissions within the organisational structure is important + both for the administration of the structure and also as the basis for the permissions in + accordance with + [Inheritance from organisational structures](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/inheritance_from_organizational.md). + The benefits of + [Predefining rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md) are + explained in a separate section. +- **Settings**: The settings can be configured for both users and also organisational units. More + information on [User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md)… +- **Active Directory**: The connection to Active Directory is explained in a dedicated section + [Active Directory link](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md) +- **Microsoft Entra ID**: The connection to Microsoft Entra ID is explained in a dedicated section +- **Multi Factor authentication**: Additional security during login is provided through positive + authentication based on another factor. More on this subject… +- **Reset password**: Administrators can reset the passwords with which users log in to Netwrix + Password Secure to a defined value. Naturally, this is only possible if the connection to Active + Directory is configured + via[End-to-end encryption](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/end-to-end_encryption.md). In the + alternative [Masterkey mode](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/masterkey_mode.md), the + authentication is linked to the correct entry of the AD password. + +NOTE: To reset a user password, membership for the user is a prerequisite. + +The example below shows the configuration of a user where only the user themselves is a member. + +![permission for user](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/organizational_structures_3-en.webp) + +This configuration means that the user password cannot be reset by administrators. The disadvantage +is that if the password is lost there is no technical solution for "resetting" the password in the +system. + +**CAUTION:** It is not recommended to configure the permissions so that only the user themselves has +membership. No other interventions can be made if the password is then lost. + +## Adding local organisational units + +Both users and also organisational units themselves can be added as usual via the ribbon +(alternatively via Ctrl + N or via the context menu). These processes are supported by various +wizards. The example below shows the creation of a new organisational unit: + +### Create organisational unit + +![Add new organisational unit](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/organizational_structures_4-en.webp) + +- **Allocated organisational unit**: If the new object is defined as a **main organisational unit**, + it is not allocated to an existing organisational unit +- **Rights template group**: If an already existing organisational unit was selected under + "allocated organisational unit", you can select one of the existing rights template groups. + +NOTE: The organisational unit marked in list view will be used as a default. This applies to the +fields "allocated organisational unit" and also "rights template". + +### Create role + +![Create role](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/organizational_structures_5-en.webp) + +When creating a new organisational unit, the second tab in the wizard enables you to directly create +a new role. This role will not only be created but also given "read permission" to the newly created +organisational unit. + +### Configuring rights + +![Configuring rights](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/organizational_structures_6-en.webp) + +The third tab of the wizard allows you to define the permissions for the newly created +organisational unit. If an allocated organisational unit or a rights template group was defined in +the first tab, the new organisational unit will inherit its permissions. These permissions can be +adapted if desired. + +NOTE: The **organisational structure** module is based on the Web Application module of the same +name. Both modules have a different scope and design but are almost identical to use. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/_category_.json new file mode 100644 index 0000000000..d844547bfe --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Permissions for organisational structures", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "permissions_for_organisational" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/inheriting_permissions.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/inheriting_permissions.md new file mode 100644 index 0000000000..0d090cc864 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/inheriting_permissions.md @@ -0,0 +1,38 @@ +--- +title: "Inheriting permissions" +description: "Inheriting permissions" +sidebar_position: 10 +--- + +# Inheriting permissions + +## What is inherited in organisational structures? + +If you open the permissions for an organisational structure, the currently configured permissions +will be visible. In the following example, there are a total of four roles with varying permissions +for the organisational structure. + +![inheriting permission](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/permissionsous/inheriting_permissions_1-en.webp) + +## Relevant rights + +The following options are required to view "**inherit**" and "**overwrite**" icons. + +### User right + +- Can overwrite permissions +- Can inherit permissions + +The two highlighted options are now available on the ribbon. + +- **Inherit**: This means that all of the configurations defined in the current permissions mask are + inherited by underlying organisational structures when it is saved. The permissions are added to + existing ones +- **Overwrite**: This means that all of the configurations defined are applied to underlying + organisational structures when it is saved. The previous permissions are lost. + +Both mechanisms are protected by a confirmation prompt. If both "inherit" and also "overwrite" are +selected, "overwrite" is considered the overriding function. + +**CAUTION:** Both mechanisms are not protected by user rights. The **authorize** right for the +organisational structure is required to activate the inheritance or overwrite functions. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/permissions_for_organisational.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/permissions_for_organisational.md new file mode 100644 index 0000000000..ff72a34ad7 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/permissions_for_organisational.md @@ -0,0 +1,62 @@ +--- +title: "Permissions for organisational structures" +description: "Permissions for organisational structures" +sidebar_position: 20 +--- + +# Permissions for organisational structures + +## Relevance + +These permissions primarily define which users/roles have what form of permissions for +organisational structures. In addition, there are **two mechanisms** that directly build on the +permissions for organisational structures. + +1. **Limiting visibility**: It was already explained in the section on + [Visibility](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/visibility.md) + that selectively withholding information is a very effective + [Protective mechanisms](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/protective_mechanisms.md). + Configuration of the visibility is carried out directly when issuing permissions to + organisational structures. +2. **Inheriting permissions for records**: + [Inheritance from organisational structures](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/inheritance_from_organizational.md) + is defined as a system standard. This means that there is no difference between the permissions + for an organisational structure and the permissions for data that is stored in these + organisational structures. + +The way in which permissions for organisational structures are designed thus effects the subsequent +work with Netwrix Password Secure in many ways. The following diagram describes the above-mentioned +interfaces. + +![Permissions for organizational structures](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/permissionsous/permissions_for_organizational_structures_1-en.webp) + +## Permissions + +The visibility and also inheritance mechanisms are not considered below. This section exclusively +deals with permissions for the actual organisational structure. It deals with which users and roles +have what form of permissions for a given organisational structure. Permissions for organisational +structures can be defined via the ribbon or also the context menu that is accessed using the right +mouse button. A permissions tab appears: + +![Permissions for OU](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/organisationalstructures/permissionsous/permissions_for_organizational_structures_2-en.webp) + +NOTE: The basic mechanisms for setting permissions is described in detail in the Authorization +concept. + +**CAUTION:** It is important that the permissions displayed here are interpreted correctly! The +example above shows the permissions for the "organisational structure IT". + +The user Max Muster possesses all rights to the organisational structure IT and can thus edit, +delete and also grant permissions for this structure. + +## The add right + +The "add" right holds a special position amongst the available rights because it does not refer to +the organisational unit itself but rather to data that will be created within it. In general, it is +fair to say that to add objects in an organisational unit requires the add right. If a user wants to +add a new record to an organisational unit, the user requires the above-mentioned right. In the +example above, only the administrator has the required permissions for adding new records. Even the +IT manager – who possess all other rights to the organisational structure "IT" – does not have the +right to add records. + +**CAUTION:** The add right merely describes the right to create objects in an organisational unit. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/_category_.json new file mode 100644 index 0000000000..a3d9a19b3d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Password Reset", + "position": 90, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "password_reset" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/configuration_2.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/configuration_2.md new file mode 100644 index 0000000000..c5ad12aed1 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/configuration_2.md @@ -0,0 +1,69 @@ +--- +title: "Configuration" +description: "Configuration" +sidebar_position: 20 +--- + +# Configuration + +## Creating a Password Reset + +New Password Resets can be directly added via the ribbon or the keyboard shortcut "Ctrl + N" in the +Password Reset module. With regards to setting permissions, a Password Reset behaves in precisely +the same way as every other object. It is thus possible to precisely control which users can view +and use which Password Resets. + +## Configuration Guide + +The configuration of a new Password Reset comprises four steps. All of the necessary conditions and +variables for the configuration are defined in the following areas: "General", "Trigger", "Scripts" +and "Linked passwords". + +![configuration password reset](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/configuration/configuration_1-en.webp) + +### General + +- **Name**: Designation for the Password Reset +- **Responsible user**: All completed Password Resets are also recorded within Netwrix Password + Secure (logbook,…). To ensure these steps can be allocated to a user, a user who is registered in + Netwrix Password Secure is selected in the field "Responsible user". + +### Trigger + +Triggers describe the conditions that need to be fulfilled so that a Password Reset is carried out. +There are a total of three possible triggers available: + +- Reset the password x minutes after the password has been viewed +- Reset the password when it has not been changed for x days +- Reset the password when it has been expired for x days + +At least one trigger must be activated so that the Password Reset is activated. Deactivating all +triggers is equivalent to deactivating the Password Reset. All three triggers can be activated and +deactivated independently of one another. Only one selection can be made in each of the three +categories. + +NOTE: A separate system task within Netwrix Password Secure checks every minute whether a trigger +applies. + +### Scripts + +A new dialogue appears after the selection in which the type of system "to be reset2 can be defined. + +![new script password reset](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/configuration/configuration_2-en.webp) + +- **Script type**: You select here from the possible script types. +- **Password**: The credentials for the record that will ultimately carry out the Password Reset. + The required information is specifically requested in each case. For example, if the reset is for + an MSSQL user, the MSSQL instance and the port used needs to be entered. + +The functions and configuration process are described in detail in the section Scripts. + +NOTE: It is not possible to create a Password Reset without an associated script. + +### Linked passwords + +All records that should be reset with the Password Reset according to the selected trigger are +listed under “Linked passwords”. Multiple objects can be entered. The linked Password Reset is also +visible in the footer of the reading pane once it has been successfully configured. + +![new script password reset](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/configuration/configuration_2-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/heartbeat.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/heartbeat.md new file mode 100644 index 0000000000..bad456d35f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/heartbeat.md @@ -0,0 +1,73 @@ +--- +title: "Heartbeat" +description: "Heartbeat" +sidebar_position: 50 +--- + +# Heartbeat + +## What is the heartbeat? + +The heartbeat checks whether passwords in Netwrix Password Secure match the login data on the +relevant systems. This process ensures that the passwords do not differ from one another. + +## Requirements + +The heartbeat is only available for passwords that are linked to a properly functioning Password +Reset. + +### Supported script types + +The passwords for the following script types can be tested: + +- Windows user +- MSSQL user +- Active Directory users +- Linux user + +Further information can be found in the section Scripts. + +## Testing using heartbeat + +The testing process using the heartbeat can be executed via various methods. + +## Testing via Password Reset + +The heartbeat is always carried out before the first resetting process using a Password Reset. After +the script has run, the testing process is carried out again. Further information on this process +can also be found in the section [Rollback](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/rollback.md). + +### Manual testing + +The heartbeat can be executed in the ribbon for the password module by clicking on **Check login +data**. The currently marked password is always tested. + +### Automatic testing via the password settings + +It is also possible to configure the heartbeat to run cyclically. It can be configured either via +the [User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md) or directly in the +[Password settings](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/password_settings.md). + +## Results of the tests + +The results of the test can be viewed in the **passwords module**. + +![result heartbeat](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/heartbeat/heartbeat_1-en.webp) + +The date when it was last executed can be seen at the top of the +[Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md). The success of the testing +process is indicated alongside using a coloured icon. Further information can be displayed by moving +the mouse over the icon. + +The icon has three different versions. These have the following meanings: + +The last test was successful. The password is correct The test could not be performed. For example, +the password could not be reached. The last test was completed. However, the password is different +to the one on the target system. + +## Filtering the results + +The filter can be configured using the filter group **Status of the login data** so that the tested +records can be selected. + +![Filter heartbeat status](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/heartbeat/heartbeat_2-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/logbook_entries_under_password.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/logbook_entries_under_password.md new file mode 100644 index 0000000000..6b9cc63df7 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/logbook_entries_under_password.md @@ -0,0 +1,44 @@ +--- +title: "Logbook entries under Password Reset" +description: "Logbook entries under Password Reset" +sidebar_position: 70 +--- + +# Logbook entries under Password Reset + +Subsequently all possible logbook entries in connection with Password Reset are listed + +The password reset first checks with the first script (via the heartbeat) whether the password is +correct: + +| Logbook Type | Logbook Record | +| ------------------------------ | -------------- | +| Login data valid | Container | +| Login data invalid | Container | +| Check errors during login data | Container | + +Afterwards all scripts of the password reset are executed one after the other and the following +logbook entries are written: + +| Logbook type | Logbook record | +| --------------------- | -------------- | +| Execute | Password Reset | +| Execute Rollback | Password Reset | +| Execution Error | Password Reset | +| Error during rollback | Password Reset | + +If an attempt was made to perform a rollback, but the rollback cannot be performed because the old +password was incorrect before the reset, or the first script is of the type “user-defined”, the +following logbook entry is written: + +| Logbook type | Logbook record | +| --------------------- | -------------- | +| Error during rollback | Password Reset | + +If a password reset has failed and an attempt is made to perform a rollback, the reset is blocked +for one day and the following logbook entry is written: (It does not matter if the rollback worked +or not) + +| Logbook type | Logbook record | +| ---------------------- | -------------- | +| Password Reset blocked | Password Reset | diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/password_reset.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/password_reset.md new file mode 100644 index 0000000000..c84a61949b --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/password_reset.md @@ -0,0 +1,29 @@ +--- +title: "Password Reset" +description: "Password Reset" +sidebar_position: 90 +--- + +# Password Reset + +## What is a Password Reset? + +The safest passwords are those that no one knows. A Password Reset enables passwords to be reset to +a new and unknown value according to freely definable triggers. A trigger could be a definable time +interval or a certain action by the user. **The value of the password is changed in both Netwrix +Password Secure and also on the target system.** + +![Password reset diagram](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/password_reset_1-en.webp) + +This process will be explained below using a specific example. The password for the MSSQL user has +expired. The Password Reset changes the password in Netwrix Password Secure and also in the target +system to a new value. + +![Password reset process diagram](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/password_reset_2-en.webp) + +NOTE: If an error occurs during the execution of a password reset, the affected reset is blocked +with all associated passwords. This is noted in the logbook with an entry "blocked". + +**CAUTION:** Due to the complexity of the process, it is strongly recommended that Password Reset is +configured **in combination with certified partners**. The desired simplification of work processes +using the above-mentioned automated functions is accompanied by numerous risks. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/requirements_1.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/requirements_1.md new file mode 100644 index 0000000000..8d2e1ac0d6 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/requirements_1.md @@ -0,0 +1,23 @@ +--- +title: "Requirements" +description: "Requirements" +sidebar_position: 10 +--- + +# Requirements + +## Relevant rights + +The following options are required for creating a Password Reset. + +### User rights + +- Can add new Password Resets +- Display Password Reset module + +### Requirements for Password Resets + +- A password that has administrative rights to the relevant target computers must have been saved in + Netwrix Password Secure. +- The Microsoft Remote Admin Tools must be saved on the target system. +- The target system must be accessible via the network. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/rollback.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/rollback.md new file mode 100644 index 0000000000..823b2016ae --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/rollback.md @@ -0,0 +1,29 @@ +--- +title: "Rollback" +description: "Rollback" +sidebar_position: 60 +--- + +# Rollback + +## What is a rollback? + +If an error occurs while running a script, a rollback is initiated. This ensures that the original +password is restored. + +## When does a rollback run? + +The following diagram shows when and according to which criteria a rollback is initiated: + +![rollback run](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/rollback/rollback_1-en.webp) + +## Procedure + +If a rollback needs to be run, all scripts for the Password Reset are executed once again. The last +password in the history is used for this process. No new historical entry is created after the +rollback. + +## Logbook + +The logbook can be used to see if a rollback has been run and if it was successful. After a +rollback, the password should be checked once again as a precaution. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/scripts.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/scripts.md new file mode 100644 index 0000000000..a1b706fffb --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/scripts.md @@ -0,0 +1,82 @@ +--- +title: "Scripts" +description: "Scripts" +sidebar_position: 30 +--- + +# Scripts + +## Available scripts + +The following scripts are supplied and can be directly used. In all scripts, a password is firstly +selected in the upper section. This is not the password that will be reset on the target system. +Instead, a user should be entered here that can complete the rest of the process on the target +system. This password thus requires administrative rights to the target system. + +A delay can also be configured in every script. This may be necessary, for example, if a password is +changed in AD and it is firstly distributed to other controllers. + +![new script](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_1-en.webp) + +## Active Directory Password Reset + +This script is responsible for changing passwords for Active Directory users (domain users). Access +to Active Directory is configured here under **Hostname**. + +![Active Directory Password Reset](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_2-en.webp) + +## Service accounts + +This script changes the access data within a service. Both the user and also the password can be +changed. The **host name** – i.e. the target computer – and the **service name** are saved here. + +![Service accounts scripts](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_3-en.webp) + +Please note that the **display name** for the **service** needs to be used. + +![display name service](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_4-en.webp) + +The access data in the associated password can be saved as follows: + +### Local user + +[Username] [Username] .[Username] [Computer][Username] + +### Active Directory user + +[Domain][Username] + +## Windows user + +This script can be used to reset the passwords for local Windows users. Only the **host name** needs +to be saved here. + +![Windows user script](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_5-en.webp) + +## Linux user + +Linux users can also be reset in the same way as Windows users. It is also only necessary to enter +the **host name** and the **port** here. + +![Linux user script](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_6-en.webp) + +## MSSQL user + +This script resets passwords for local MSSQL users. It is only necessary to enter the **MSSQL +instance** and the **port**. + +![MSSQL user script](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_7-en.webp) + +The name of the MSSQL instance can be taken from the login window for the SQL Management Studio. + +![MSSQL user script](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_8-en.webp) + +If a domain user is being used to log in to the SQL server, the user needs to be managed via the +script **Active Directory user**. + +## Planned task + +The passwords for users of Windows Task Scheduler can be changed using this script. The **host +name** of the computer on which the task will run and the **name** of the task itself are entered. + +![planned task](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwordreset/scripts/password_safe_scripts_9-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/user-defined_scripts.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/user-defined_scripts.md new file mode 100644 index 0000000000..7726d669ff --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/user-defined_scripts.md @@ -0,0 +1,79 @@ +--- +title: "User-defined scripts" +description: "User-defined scripts" +sidebar_position: 40 +--- + +# User-defined scripts + +## Individual solutions using your own scripts + +If your requirements cannot be met using the [Scripts](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/scripts.md), it is also possible +to create your own Powershell scripts. These scripts need to meet certain requirements to be used in +Netwrix Password Secure. + +## Storage location, name and call + +The scripts must be saved in the following directory: +`C:\ProgramData\MATESO\Password Safe and Repository Service\System\PowerShell` + +The scripts are saved in the **format.ps1**. + +## Structure of the scripts + +The PowerShell scripts must have the following structure: + +### RunScript function + +Netwrix Password Secure always calls the RunScript function. + + +``` +function RunScript +param ( +        [String]$HostName, +        [String]$UserName, +        [String]$NewPassword, +        [String]$CredentialsUserName, +        [Security.SecureString]$CredentialsPassword +    ) + +``` + +The following standard parameters can be used here: + +- UserName: The user name for which the password should be changed +- Password: The password that should be reset +- CredentialsUserName: The user name of the user authorized to carry our the reset (e.g. + administrator) +- CredentialsPassword: The password of the authorized user + +### Scriptblock + +The **scriptblock** can be used when the script should run in the context of another user. The +actual change is then carried out in the **scriptblock**. + +It is important in this case that you provide Netwrix Password Secure with feedback about what has +been changed via a **Write-Output**. The following example simply uses the outputs **true** or +**false**. However, it is also conceivable that an error message or similar is output. + + +``` +    $scriptBlock = {param ($UserName, $Password) +    // Make changes to SAP +    if($OK) { +        Write-Output "true" +    } else { +        Write-Output "false" +    } + +``` + +Naturally, CredentialsUserName and CredentialsPassword can also be directly used in the script (i.e. +without the **scriptblock**). You can view the supplied MSSQL script as an example. + +### Invoke + +A credential then still needs to be created. This is then transferred to the **scriptblock** using +the **invoke** command. It is also important in this case to provide Netwrix Password Secure with +feedback about all errors via **Write-Output** or **throw [System.Exception]**. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/_category_.json new file mode 100644 index 0000000000..563e094d99 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Passwords", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "passwords" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/creating_new_passwords.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/creating_new_passwords.md new file mode 100644 index 0000000000..66879a2767 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/creating_new_passwords.md @@ -0,0 +1,87 @@ +--- +title: "Creating new passwords" +description: "Creating new passwords" +sidebar_position: 10 +--- + +# Creating new passwords + +## What does creating new passwords/records mean? + +Saving a record/password stores information in the MSSQL database. This process is started in the +Passwords module for the client. It is accessed either via the icon in the ribbon, using the +keyboard shortcut "CTRL + N" or via the context menu that is accessed using the right mouse button +in list view. The next step is to select a suitable form that will open in a modal window. + +## Requirements + +The following 2 user rights are required: + +- Can add new passwords +- Display password module + +## Selecting a form + +When creating a new record, it is possible to select from all the forms for which the logged-in user +has the required permissions. To make the selection process as easy as possible, a preview of the +form fields included in the form is shown on the right hand side. + +![Select form](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/creating_new_passwords_1-en.webp) + +In this example, you can see that the "Password" form marked on the left contains three form fields +"Name", "User name" and "Password". Forms thus act as **templates** according to which their +information is saved. (Management of the forms including issuing permissions and editing existing +forms is covered in a separate section) + +## Entering data + +The window for creating a new record always open in a separate tab. As can be seen below, the +corresponding form fields for the previously selected form can now be filled. Password fields +deserve special mention here because they can be handled differently based on password rules. The +record can be saved via the ribbon when all fields have been filled. + +![new record](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/creating_new_passwords_2-en.webp) + +## Validity and tags + +Irrespective of the selected form, it is always possible to define the validity and tags for a +record. Both values are optional. + +![Validity and tags](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/creating_new_passwords_3-en.webp) + +- The **validity** defines an end date until which the record is valid. This information can be + evaluated e.g. in the logbook or in reports. It is thus possible to create a list of all expired + passwords for a user or an authorized entity. However, it is not possible to limit the usability + of expired passwords for security reasons. +- **Tags** are freely definable properties of records that can be used as search criteria. This also + allows thematically linked information to be grouped together. + +## Setting permissions for new records + +In principle, there are various approaches for setting permissions for newly created records. All of +them have already been described in the Authorization concept section. It is important to note here +that **manual setting of permissions is only possible after saving** a record. Automatic permissions +are set before the record is saved. In this context, the selection of the organisational structure +and the permissions for a record are important aspects. + +![permissions new record](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/creating_new_passwords_4-en.webp) + +- **Manual setting of permissions**: If you want to manually set permissions for the record, select + the organisational structure in which the record should be saved. After saving the record, the + permissions can be manually amended via the permissions tab in the ribbon. If you only want to + create a personal record for which no other user will receive permissions, simply select your own + organisational structure and conclude the process with "save" via the ribbon. + +NOTE: If any kind of automatic permissions have been activated for the selected OU, this will always +be prioritized. + +**CAUTION:** Even when creating private records, inheritance of permissions based on the logged-in +user can also be activated as an option. This option is described in a separate section. + +NOTE: The user right Allow sharing of personal passwords can be used to define that personal +passwords cannot be released to other users. + +**Automatic setting of permissions**: Automatic setting of permissions is carried out before the +record is saved. Irrespective of whether predefined rights or rights inheritance is being used, the +configuration is always carried out in the organisational structure or permissions area. Saving the +record thus completes the process for creating the password including the issuing of permissions. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/form_field_permissions.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/form_field_permissions.md new file mode 100644 index 0000000000..9d246adca8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/form_field_permissions.md @@ -0,0 +1,38 @@ +--- +title: "Form field permissions" +description: "Form field permissions" +sidebar_position: 40 +--- + +# Form field permissions + +## What are form field permissions? + +The authorization concept allows separate permissions to be set for each object. These objects could +be records, forms or users. Netwrix Password Secure goes one step further in this context. Every +single form field for a record can also be granted with separate permissions. It is thus possible to +grant different permissions for the password field of a record than are set for the other fields. + +## Relevant rights + +The following options are required to view "inherit" and "overwrite" icons. + +### User right + +- Can overwrite permissions +- Can inherit permissions + +## Configuration + +The associated form field permissions for the marked record can be opened via the ribbon using the +drop-down menu under "Permissions". + +![form field permissions](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/form_field_permissions_1-en.webp) + +The window that opens allows you to select the relevant form field for which you want to grant +permissions. The following example focuses on the password field. + +![permissions of password field](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/form_field_permissions_2-en.webp) + +The permissions configured here now exclusively apply to the password field. The other form fields +remain unaffected. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/history.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/history.md new file mode 100644 index 0000000000..2b897e9f10 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/history.md @@ -0,0 +1,56 @@ +--- +title: "History" +description: "History" +sidebar_position: 60 +--- + +# History + +## What is the history? + +Alongside saving passwords and keeping them safe, the ability to trace changes to records also has +great relevance. The history maintains a seamless account of the versions for all form fields in a +record. Every change to records is separately recorded, saved and can thus also be restored. In +addition, it is always possible to compare historical values with the current version. The history +is thus an indispensable component of every security concept. + +## The history in the reading pane + +The optional footer area can be used to already display the history when in the reading pane. All of +the historical entries are listed and sorted in chronological order. + +![history in footer](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/history_1-en.webp) + +The different versions are displayed one below the other on the left. The info for each respective +version can then be seen alongside on the right. A quick view can be displayed via the **History** +in the ribbon or via a double click. + +![quick view history](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/history_2-en.webp) + +## Detailed history in the Extras + +The detailed history for the record marked in list view can be called up in the Start/Extras tab. + +![History](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/history_3-en.webp) + +The history for the marked record opens in a separate tab. In list view, all of the available +versions with the date and time of their last change are sorted in chronological order. + +![history list view](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/history_4-en.webp) + +## Comparison of versions + +At least two versions need to be selected in order to carry out a comparison. In list view, mark the +first version and then add another version via the “Add” button on the right of the reading pane to +compare with the first one. + +![comparison of history versions](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/history_5-en.webp) + +If deviations exist between the two versions, these will be highlighted in color. + +![difference between password history](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/history_6-en.webp) + +## Restoring versions + +A selected status can be restored via the ribbon. The current state is overwritten and added to the +history diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/moving_passwords.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/moving_passwords.md new file mode 100644 index 0000000000..345a9483b1 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/moving_passwords.md @@ -0,0 +1,48 @@ +--- +title: "Moving passwords" +description: "Moving passwords" +sidebar_position: 30 +--- + +# Moving passwords + +## What happens when records are moved? + +Data can be moved within Netwrix Password Secure to another organisational structure. This does not +necessarily have to be linked to a change in permissions (the effects are described separately +below). Moving records without changing the permissions mainly has effects on the filtering or +search functions for records. + +## How do you move a record? + +The (marked) records are moved either via the ribbon or via the context menu that is accessed using +the right mouse button. + +![moving password](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/moving_passwords_1-en.webp) + +Multiple records can also be marked and moved. The selected permissions are then valid for all +records in this case. + +### Required permissions + +No special user rights/settings are required in order to move records. The “move” right for the +record is the only deciding factor. + +![required permissions](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/moving_passwords_2-en.webp) + +## Effects on existing permissions + +![effects on existing permissions](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/moving_passwords_3-en.webp) + +- **Retain permissions**: The permissions for the record are not changed by moving it and are + retained +- **Overwrite permissions**: The permissions for the record are overwritten by the target OU +- **Extend permissions**: The existing permissions are extended to include the permissions for the + target OU + +**CAUTION:** From a technical perspective, all rights will be removed from the record when +overwriting the permissions. The permissions will then be applied to the record in accordance with +the rights template or inheritance from organisational structures. It is important to note here that +it is theoretically possible to remove your own rights to the record! The rights change will only be +carried out if at least one user retains the right to issue permissions as a result. Otherwise, the +rights change will be cancelled with a corresponding message. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/password_settings.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/password_settings.md new file mode 100644 index 0000000000..bcb187aa92 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/password_settings.md @@ -0,0 +1,33 @@ +--- +title: "Password settings" +description: "Password settings" +sidebar_position: 50 +--- + +# Password settings + +## What are password settings? + +The password settings can be used to define a diverse range of options. These can be found in the +ribbon in the subsection “Extras”. The settings open up in a new tab. + +![password settings](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/password_settings_1-en.webp) + +### Category: Browser + +- **Default browser**: This option can be used to define a default browser for every record + separately. You can select from all browsers that have been registered as a browser in Windows. + +### Category: SSO + +- **Browser Extensions**: **Exact domain check**: This setting defines whether the domain for + displaying the record should be subjected to an exact domain check or not. Further information on + this subject can be found under Add-ons. +- **Browser Extensions**: Automatically fill login masks: This setting defines whether the login + masks are automatically filled when logging in via SSO. This is the case when the user is located + on a login page. If the record for this page has been saved, the login mask will be filled if this + option has been activated. Otherwise, this step needs to be carried out manually via the add-on. + If multiple records have been saved for this page, the user must complete this step manually via + the add-on in both cases. +- **Browser Extensions**: Automatically send login masks: If this option has been activated, the + login button is automatically pressed after filling in the login information. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md new file mode 100644 index 0000000000..205a7fddfa --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md @@ -0,0 +1,115 @@ +--- +title: "Passwords" +description: "Passwords" +sidebar_position: 10 +--- + +# Passwords + +## What are passwords? + +In Netwrix Password Secure v8, the data record with the passwords represents the central data +object. The Passwords module provides administrators and users with central access to the passwords +for the purpose of handling this sensitive data that requires protection. Search filters in +combination with color-highlighted tags enable very focussed work. Various approaches can be used to +help apply the desired permissions to objects. Furthermore, the ergonomic structure of the module +helps all users to use Netwrix Password Secure in an efficient and targeted manner. + +![Password modul](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/passwords_1-en.webp) + +## Prerequisite + +The following user right is required for adding new passwords: + +- **Can add new passwords** + +## Module-specific ribbon functions + +The ribbon offers access to all possible actions relevant to the situation at all times. Especially +within the "Passwords" module, the ribbon plays a key role due to the numerous module-specific +functions. General information on the subject of the ribbon is available in the relevant section. +The module-specific ribbon functions will be explained below. + +![ribbon functions](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/passwords_2-en.webp) + +### New + +- **New password**: New passwords can be added via this icon in the ribbon, via the context menu + that is accessed using the right mouse button and via the shortcut (Ctrl + N). The next step is to + select a suitable form. +- **Open**: Opens the object marked in list view and provides further information about the record + in the reading pane. +- **Delete**: Deletes the object marked in list view. A log file entry is created (see logbook). +- **Reveal**: The function **Reveal** can be used for all records that have a password field. The + passwords in the reading pane will be revealed. In the example, the passwords have been revealed + and can be hidden again with the **Hide** button. + +![hide password](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/passwords_3-en.webp) + +### Actions + +- **Notifications**: Defining notifications enables a constant flow of information about any type of + interaction. The issuing of notifications is carried out in the module designed for this purpose. +- **Duplicate**: Duplicating creates an exact copy of the record in a new tab. +- **Move**: Moves the record marked in list view to another organisational structure. +- **Toggle** **Favorite**: The selected record is marked as a favorite. It is possible to switch + between all records and favorites at any time. +- **Quick view**: A modal window opens for the selected record for 15 seconds and displays all + available information **including the value of the password**. +- Notifications: A list of all configured notifications + +### Permissions + +- **Permissions**: The drop-down menu can be used to set both password permissions and also form + field permissions. This method only allows the manual setting of permissions for data (see + + authorization concept) + +- **Password masking**: Masking passwords that need to be protected from unauthorized users is an + important feature of the security concept in Netwrix Password Secure. +- **Seal**: The multi-eye principle in Netwrix Password Secure is covered in its own section. Seals. + +### Clipboard + +The clipboard is a key element in the ribbon. This only exists in the "Passwords" module. **Clicking +on the desired form field for a record in the ribbon** will copy it to the clipboard. + +![Clipboard](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/passwords_4-en.webp) + +The message in the style of the "Balloon Tips" in Windows shows that the password has now been saved +in the clipboard for 300 seconds. (Note: the time until the clipboard is cleared is 60 seconds by +default. In the present case, this has been adjusted via the user settings.) + +### Start + +Conveniently working with passwords is only possible via the efficient usage of automated accesses +via RDP, SSH, general Windows applications or websites. This makes it possible to dispense with +(unsecure) entries via "copy & paste". + +- **Open web page**: If an URL is saved in the record, this menu option can be used to directly open + it. +- **Applications**: If applications have been linked to records, they can be directly opened via the + "start menu". + +### Extras + +- **Create external link**: This option creates an external link for the record marked in list view. + A number of different options can be selected: + +![external link](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/passwords_5-en.webp) + +**CAUTION:** If several sessions are opened on a client, an external link is always called in the +first session. + +- **History**: This icon opens the history for those records selected in list view in a new tab. Due + to the comprehensive recording of historical versions of passwords, it is now possible to compare + several versions with one another. +- **Print**: This option can be used to open the print function. +- **Export**: It is possible to export all the selected records and also the data defined by the + filter to a .csv file. +- **Change form**: It is possible to change the form used for individual records. "Mapping" of the + previous form fields can be directly carried out in the process. +- **Settings**: The password settings are described in a separate section. + +NOTE: The password module is based on the module of the same name in the Web Application. Both +modules have a different scope and design. However, they are almost identical to use. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/recycle_bin.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/recycle_bin.md new file mode 100644 index 0000000000..66989e5558 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/recycle_bin.md @@ -0,0 +1,26 @@ +--- +title: "Recycle Bin" +description: "Recycle Bin" +sidebar_position: 70 +--- + +# Recycle Bin + +This option allows you to view and permanently delete deleted passwords to which you are entitled. + +## Procedure for deleting passwords + +To put passwords into the recycle bin there are 2 possible procedures. Select the passwords you want +to delete and click on **Move to bin (1)** or right-click on the passwords and select **Move to +bin(2)**. + +![bin_2](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/bin_2.webp) + +You will then be asked if you actually want to perform this action. + +![bin_3](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/bin_3.webp) + +## Managing the Recycle Bin + +The management of the recycle bin can be found in chapter +[Bin](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/trash.md). diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/revealing_passwords.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/revealing_passwords.md new file mode 100644 index 0000000000..f9080a3f71 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/revealing_passwords.md @@ -0,0 +1,68 @@ +--- +title: "Revealing passwords" +description: "Revealing passwords" +sidebar_position: 20 +--- + +# Revealing passwords + +## What is involved in revealing passwords? + +Not all information is encrypted by the MSSQL database in Netwrix Password Secure for performance +reasons. Only the password itself (=secret) is encrypted with the help of the used encryption +algorithms and is then saved in the MSSQL database. As access to the MSSQL server is otherwise +secured via access permissions, this process enables the **maximum possible working speed** with a +**unchanged high level of security** through the use of **sophisticated**, **cryptographic +methods**. Revealing passwords describes the mechanism by which a password is made visible to the +user in the client. This process for dealing with passwords very precisely reflects the importance +of data security in Netwrix Password Secure – and this process will thus be described in detail +below. + +### Example case + +The record "Blogger" has been saved in the database and is visible to the logged-in user. It can +thus be deduced that the user has at least a read right for the record. As can be gathered from the +authorization concept, the user thus also generally has a read right to the password itself. This +means the user can view the value of the password using the "reveal" function. + +![Show password](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/revealing_passwords_1-en.webp) + +## Revealing passwords – diagram + +In this context, it is important to note that the word "reveal" does not really accurately describe +this process. It creates the **incorrect** impression that the client already has the password and +only needs to reveal it. However, the processes running in the background until the password are +revealed are much more complex and will thus be described below. + +![revealing password diagram](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/passwords/revealing_passwords_2-en.webp) + +### Saving the password on the server + +Even though you would assume the opposite, at the start a masked password (\*) is neither available +on the client nor the server in plain text! The password is stored as part of the MSSQL database in +a hybrid encrypted state via the two methods **AES 256** and **RSA**. Accordingly, it is not +currently possible either on the server or the client to view the password. If you mark a record, +the password is not available at all on the client and is encrypted on the server before it is +revealed. + +### The encrypted password is requested + +Pressing the "reveal"- button triggers the process for requesting the password. A request is sent to +the server to apply for the encrypted password to be released. The server itself does not possess +the required key (private key) to decrypt the password. Therefore, it can only deliver the +**encrypted value**. + +### Checking the permissions + +Whether the request sent in step 2 is approved is defined in the authorization concept. Once the +request has been received, the server checks whether the user possess the required rights. It also +checks the possible existence of other security mechanisms such as a seal or password masking. If +the necessary requirements for releasing the password have been met, the server now sends the +**encrypted password**. In the same step, a **log file entry** is saved that documents the user’s +access to the password. + +### Decrypting the password on the client + +The user now has the encrypted password which has been delivered by the server. The user himself +possesses the **private key** required for decrypting the password and can now view the actual +password. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md new file mode 100644 index 0000000000..903b67f780 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md @@ -0,0 +1,79 @@ +--- +title: "Roles" +description: "Roles" +sidebar_position: 50 +--- + +# Roles + +## What are roles? + +Each employee in a company is ultimately a member of a department and / or part of a particular +function level. These departments or groups are mapped within Netwrix Password Secure using the role +concept. The authorizations can be configured and inherited in a role-based manner. The **Roles +module** should only be made available to administrators. Accordingly, it is recommended to limit +the visibility of the role management. It is also possible to delegate the management of departments +or separate areas completely to third parties via the role concept. The authorization concept +ensures that users are only granted access to those roles to which they are entitled. + +![Roles module](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/roles/roles_1-en.webp) + +## Relevant rights + +The following options are required. + +### User right + +- Can add new roles +- Display role module + +## Roles in focus + +The configuration of roles is the basis for the authorization concept. The permissions for data +could also be set at a user level. However, the use of roles can dramatically reduce the +administrative workload, and it helps to keep an overview. In addition to the authorizations for +data, user rights are also mapped in the best case via roles. + +![Permissions meaning for Roles](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/roles/roles_2-en.webp) + +Roles are the central objects within Netwrix Password Secure. They form the indispensable bridge +between users and authorizations of any kind. + +## Creating and granting permissions for new roles + +If you are in the **roles module**, the process for creating new roles is the same as for +[Creating new passwords](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/creating_new_passwords.md). Roles can be created via the +ribbon and also via the context menu that is accessed using the right mouse button. + +![creating new role](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/roles/roles_3-en.webp) + +## Planning phase + +Just like the [Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md), +you should also familiarize yourself with the intended role concepts. The mapping of structures +present in a company is the starting point for the success of Netwrix Password Secure. You should +design the roles in Netwrix Password Secure only once a detailed design has been drawn up, and all +the requirements of all project participants have been met. + +## Why are there no groups? + +Netwrix Password Secure enforces the avoidance of unnecessary structures through the role concept. A +group-in-group nesting is not supported – and is not necessary at all. The resultant increase in +performance as well as increased overview promotes efficiency and effectiveness. The elegant +interplay of organisational structures, roles, and granular filter options can cover all +customer-specific scenarios. + +NOTE: This architecture makes nesting of roles obsolete. + +## Overview of members for a role + +As well as being able to view the **members** in the permissions dialogue, a list of all members for +a role is already made available in the +[Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md). All of the other users with +permissions but without membership of the role are not taken into account. + +![role overview](/images/passwordsecure/9.2/configuration/advanced_view/clientmodule/roles/roles_4-en.webp) + +NOTE: The roles module is based on the +[Roles module](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/roles_module.md) of the Web +Application. Both modules have a different scope and design but are almost identical to use. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/_category_.json new file mode 100644 index 0000000000..4230fa2e53 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Main menu", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "main_menu_fc" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md new file mode 100644 index 0000000000..cbd4dd26ae --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md @@ -0,0 +1,89 @@ +--- +title: "Account" +description: "Account" +sidebar_position: 20 +--- + +# Account + +## What is an account? + +Users can configure all user-specific information in their account. It should be noted that if the +[Masterkey mode](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/masterkey_mode.md) +process is used, user data will always be taken from Active Directory – editing this information in +Netwrix Password Secure is thus not possible. + +![account](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/account/installation_with_parameters_123-ewn.webp) + +## Edit profile + +All of the information in the contact and address sections can be defined under “Edit profile”. Some +areas of the profile overlap with the **management of users.** This information is explained in +[Managing users](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/managingusers/managing_users.md). + +NOTE: No changes can be made to users that were imported from AD using Master Key mode. In this +case, all information will be imported from AD. + +#### Editing user image + +A new image can be added or the existing one replaced or deleted by clicking on the profile image. + +NOTE: No changes can be made to users that were imported from AD with the aid of Master Key mode. If +an image has been saved in AD, it will be used here. + +#### Change password + +It is recommended that the user password is changed on a regular basis. If you want to use a new +password, it is necessary to enter the existing password in advance. The strength of the password +will be directly displayed. + +NOTE: Users who were imported from AD with the aid of Master Key mode log in with the domain +password. Therefore, no password can be configured in this case. + +NOTE: The strength of the user password can be stipulated by administration through the issuing of +password rules. + +NOTE: If a user changes his or her password, all sessions that are still open are automatically +terminated. + +#### Multifactor authentication + +Multifactor authentication provides additional protection through a second login authentication +using a hardware token. The configuration is carried out via the ribbon in the “Security” section. +See also in +[Multifactor authentication](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/multifactorauthentication/multifactor_authentication.md) + +![installation_with_parameters_124](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/account/installation_with_parameters_124.webp) + +#### Configure autologin + +This option can be used to automate the login to Netwrix Password Secure. For setup, just enter the +password twice and save it. + +The autologin is linked to the hardware and thus will not work on a different computer. If you +change the hardware or the hardware ID, an existing autologin needs to be recreated. + +#### Relevant right + +Option to manage the autologin + +User right + +- Can manage autologin + +**CAUTION:** The automatic login should be handled as a process critical to security. It is +important to note that all data can be accessed, for example, if you forget to lock the computer. + +NOTE: For security reasons, the autologin is only valid for 180 days and then needs to be +subsequently renewed. + +#### Reset settings + +Clicking on this button resets all user-specific settings such as the column width, colour scheme, +etc. to the default values. + +#### Start offline synchronization + +If you have made changes to the database and do not want to wait for the next automatic +synchronization, an offline synchronization can also be started manually. The synchronization runs +in the background and is indicated by a status bar in the footer as well as by the icon. More… diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/administration.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/administration.md new file mode 100644 index 0000000000..07d7869388 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/administration.md @@ -0,0 +1,44 @@ +--- +title: "Administration" +description: "Administration" +sidebar_position: 60 +--- + +# Administration + +## Sessions + +Via the menu item **Sessions**, all users connected to the database can be displayed. This page is +purely informative in character and thus no configurations can be made here. + +![installation_with_parameters_120](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/administration/installation_with_parameters_120.webp) + +The session view starts in the currently active module in a separate tab. + +#### Locked users + +All currently locked users can also be retrieved. There are two scenarios here: + +1. User name correct, password incorrect: The user name is displayed +2. User name incorrect: The client is displayed + +In addition, the number of attempted logins and the length of time that the user was locked in each +case can be seen. + +![installation_with_parameters_121](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/administration/installation_with_parameters_121.webp) + +#### Default password rules + +Password rules can be defined for both user passwords and also for WebViewer exports that then need +to be fulfilled. In the following example, a user password must correspond to the “default password” +rule in order to be valid + +![Standard password rule](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/administration/installation_with_parameters_122-en_677x129.webp) + +#### Relevant right + +There is a separate option for defining the password rules for named passwords. + +**User right** + +- Can configure standard password rules diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/_category_.json new file mode 100644 index 0000000000..badb938bf9 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Export", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "export" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export.md new file mode 100644 index 0000000000..4b64cbaac9 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export.md @@ -0,0 +1,56 @@ +--- +title: "Export" +description: "Export" +sidebar_position: 80 +--- + +# Export + +## What is an export? + +An export is used for extracting the data saved in the MSSQL database. Both selective (manual) and +automated [System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md) can extract information from +Netwrix Password Secure in this manner. + +**CAUTION:** Please note that extracting passwords is always associated with a weakening of the +security concept. The informative value of the logbook will suffer when data is exported because the +revision of this data will no longer be logged. This aspect needs to be taken into account +particularly in conjunction with the Netwrix Password Secure +[Export wizard](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export_wizard.md) because the export result is not separately secured +by a password. + +The export function is accessed via the Main menu/Export. There are two fundamental types of export +– the WebViewer export and the export wizard. However, the latter is divided into four +subcategories. + +![installation_with_parameters_63](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/installation_with_parameters_63.webp) + +The [HTML WebViewer export](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/html_webviewer_export.md) creates a HTML file +protected by a password. In contrast, the export wizard creates an open and unprotected .csv file. + +## Requirements + +Permissions are used to define whether a record can be exported or not. Various protective +mechanisms can be applied. Restrictions can be placed on either the record itself and also via user +rights + +- **The permissions for the record:** The permissions for the record define whether a record can be + exported + +![Export in the ribbon](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/installation_with_parameters_64-en.webp) + +In this example, the marked role IT employee does not have the required permissions to export the +record. In contrast, the IT manager does have the required permissions. In addition, the +administrator possesses all rights, including the right to export. + +#### Relevant right + +The following option is required. + +User right + +- Can export + +NOTE: If a record is exported, this user right and also the corresponding permissions for the record +must be set. The user right defines whether a user can generally export data, while the permissions +for the record define which records can be exported. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export_wizard.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export_wizard.md new file mode 100644 index 0000000000..3da7f42246 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export_wizard.md @@ -0,0 +1,58 @@ +--- +title: "Export wizard" +description: "Export wizard" +sidebar_position: 20 +--- + +# Export wizard + +## What export wizards are there? + +There are a total of four different export wizards. + +![installation_with_parameters_74_548x283](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/export_wizard/installation_with_parameters_74_548x283.webp) + +The functionality of these wizards only differs based on the data to be exported. A distinction is +made between passwords, organisational structures, forms and applications. **As all four wizards are +handled in the same way, the following section will only describe the password export wizard.** The +remaining three wizards function in the same way. + +## What is the password export wizard? + +This wizard allows records to be exported in standard.csv format. In contrast to the +[HTML WebViewer export](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/html_webviewer_export.md), the resulting file is +not protected by a password. It goes without saying that this feature must be used carefully. + +## Starting the password export wizard + +The export wizard can be accessed in a variety of different ways: + +- **Starting via Main menu/Extras:** If the wizard is opened, the export will include all passwords + for which the registered user has the required permissions. If the user is an administrator with + permissions for all records, the export will include all passwords in the database. +- **Starting via the ribbon:** The export can also be started via the + [Ribbon](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md) in the + [Passwords](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md) module. + +![Export ribbon](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/export_wizard/installation_with_parameters_75-en.webp) + +The password export wizard can be started via the ribbon in two ways. **Selected passwords** exports +only those passwords marked in list view, whereby **Passwords based on the filter** uses the +currently defined filter settings as the criteria. + +The wizard + +A diverse range of variables for the export and the storage location can be defined in the wizard. A +corresponding preview is also provided. + +![installation_with_parameters_76](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/export_wizard/installation_with_parameters_76.webp) + +Once the wizard has been completed, the desired export is created and saved to the defined storage +location. + +**CAUTION:** It is important to once again point out the sensitive nature of this export function +that could have critical consequences from a security perspective. As the required permissions for +this export are generally only granted to users/roles with higher positions in the hierarchy, this +subject is even more relevant from a security perspective: It is possible to export all passwords +for which a user has the required permissions. Administrators could thus (intentionally or +unintentionally) cause more damage per se. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/html_webviewer_export.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/html_webviewer_export.md new file mode 100644 index 0000000000..1c56da98c4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/html_webviewer_export.md @@ -0,0 +1,131 @@ +--- +title: "HTML WebViewer export" +description: "HTML WebViewer export" +sidebar_position: 10 +--- + +# HTML WebViewer export + +## What is a HTML WebViewer export? + +The **WebViewer** is an option inNetwrix Password Secure for exporting passwords in an encrypted +**HTML file**. The records are selected using the +[Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md) function. The passwords for which the user +has the corresponding permissions are exported. They are displayed in a current browse that has +**JavaScript activated**. + +## Data security + +- Naturally, the HTML WebViewer file is **encrypted** +- The export of the file is protected using a corresponding + [User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md) +- The user requires the **export right** for the passwords + +## Required rights + +The **export right for the WebViewer** is configured via the **user rights**: + +User right + +- Can export HTML WebViewer + +The **export right** for the password is configured as normal via the ribbon: + +![installation_with_parameters_65](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_65.webp) + +## Exporting a HTML file + +The **HTML file** is created on the user\*s client and started in the **Main menu** under **Export +WebViewer**. + +![installation_with_parameters_66](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_66.webp) + +The **HTML WebViewer Wizard** carries out the \* WebViewer export\*. + +###### Create WebViewer + +General information and notes about the export are displayed under **Create WebViewer**. + +###### Settings + +General information such as the **Name** and **Export path** for the **HTML file** can be entered +here. + +**File name**: Freely selectable name + +**Export path:** Storage location for the file on the client + +**Time until logout**: Time in seconds for which the window remains open without any activity + +**Standard value:** 60 seconds, user can define the time + +Export **WebViewer** with **user password** or new freely **definable password**: You can decide +here whether to issue a new password for the export. + +![installation_with_parameters_67](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_67.webp) + +- WebViewer export with an Active Directory user + +If an **Active Directory user** is carrying out the **WebViewer** export, a **password** needs to be +explicitly entered. + +![installation_with_parameters_68](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_68.webp) + +###### Export filter + +The export filter works in the same way as the filters for the modules. + +![installation_with_parameters_69](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_69.webp) + +#### Finish + +The information about the exported passwords is displayed in the **Finish** ribbon. Clicking on the +**Finish** + +button will then create the **HTML** **file** in the export path and close the window. + +![installation_with_parameters_70](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_70.webp) + +A subsequent note provides you with information about the export process. + +![installation_with_parameters_71](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_71.webp) + +## Using the HTML WebViewer file + +The **HTML file** is created in the export path and can be copied to a mobile data medium (USB +stick, external HDD, …). The **HTML file** can be opened in a standard browser and displays the +**Netwrix Password Secure – HTML WebViewer / Login** when started. The **database** and the **user +name** are predefined. The user \*password is used for the login. + +**CAUTION:** The login mask is blocked for a period of time if the password is incorrectly entered! + +1. Database: Predefined +2. User: Predefined +3. Password: Entered by the user + +![Login HTML WebViewer](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_72-en.webp) + +###### Overview + +After logging in to Netwrix Password Secure, the overview page for the \*HTML- WebViewer \* with the +passwords is displayed. + +NOTE: Use the password search function in the event of more than 20 passwords! + +1. Displayoftherecords(max.20) +2. Detailedinformationontheselectedrecord +3. Search,logout,timeout +4. Copytoclipboard +5. Reveal + +![Entry in HTML WebViewer](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/export/html_webviewer-export/installation_with_parameters_73-en.webp) + +#### Closing the HTML WebViewer overview + +You can log out by clicking on **Logout**. In the event of a longer period of inactivity, the user +will be **automatically logged out after a set period of time has expired (time until logout).** + +NOTE: You have been logged out due to inactivity. + +The browser will then show the **Netwrix Password Secure– HTML WebViewer / Login** again and also +the reason for being logged out. It is possible to log in again. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/_category_.json new file mode 100644 index 0000000000..e42f1173a8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Extras", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "extras" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/extras.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/extras.md new file mode 100644 index 0000000000..9f19ee94e9 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/extras.md @@ -0,0 +1,23 @@ +--- +title: "Extras" +description: "Extras" +sidebar_position: 10 +--- + +# Extras + +## What are Extras? + +Netwrix Password Secure provides a diverse range of supporting features that do not directly provide +added value but mostly build on existing approaches and expand their functionalities. They are +work-saving features that in total simplify the process of working with Netwrix Password Secure. + +![installation_with_parameters_77_517x414](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/installation_with_parameters_77_517x414.webp) + +- [Password rules](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md) +- [Password generator](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_generator.md) +- [Reports](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/reports.md) +- [System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md) +- [Seal templates](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md) +- [Tag manager](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/tag_manager.md) +- [Image management](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/image_manager.md) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/image_manager.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/image_manager.md new file mode 100644 index 0000000000..9489f1950e --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/image_manager.md @@ -0,0 +1,75 @@ +--- +title: "Image management" +description: "Image management" +sidebar_position: 70 +--- + +# Image management + +## What is image management? + +All logos and icons are managed in the image management. They can then be linked to the +corresponding data records. The images are then displayed in the Basic view as well as in the list +view of the client. + +![Icon/logos in NPS](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/image_management/installation_with_parameters_106-en.webp) + +## Relevant rights + +The following options are required: + +- Can upload new password images +- Can manage password images + +NOTE: It is important that the setting “Ask for Favicon-Download “ is only considered, if the right +“Can upload new password images “ has been activated! + +#### Managing Icons/Logos + +There are two ways to upload icons. + +1. By creating or saving the dataset. + +In order to import favicons directly when saving the data set, the following preconditions must be +met: + +- Setting “Ask Favicon-Download “ is activated. +- A URL is stored in the data record. + +If these preconditions are met, the stored URL is checked for the favicon when saving the data +record. If a favicon is found, it will be imported into the database and displayed in the data +record in future. + +NOTE: If there are several deposited, always use the first one. + +2. Manual filing + +In the main menu in [Extras](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/extras.md) you can find the image management. Here, you have the +possibility to store icons and logos manually. + +![Image management](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/image_management/installation_with_parameters_107-en.webp) + +Click on the + symbol to open the mask for creating images. + +![add image](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/image_management/installation_with_parameters_108-en.webp) + +- **Name** Name the picture here. + +- **Search** **value** The following priority must be observed: + + - **Passwords**: first URL in the password (if several URLs are stored) -> attached tags -> + password name -> names of connected applications + - **Applications**: URL stored in the application -> attached tags -> application name + +- ![icon_open_folder](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/image_management/icon_open_folder.webp) + This symbol can be used to upload locally saved icons and logos. + +NOTE: Please note that the icons and logos are not stored locally, but in the database. + +## Conditions + +The following conditions must be met for icons/logos to be uploaded and saved accordingly: + +- The maximum size of an image file is 100 MB. +- Supported formats are png, jpg, bmp, ico, .svg +- Several search values can be separated by a comma (“Netflix.de, Netflix.com”). diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_generator.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_generator.md new file mode 100644 index 0000000000..6388c732b4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_generator.md @@ -0,0 +1,68 @@ +--- +title: "Password generator" +description: "Password generator" +sidebar_position: 20 +--- + +# Password generator + +## What is the password generator? + +The complexity of passwords is generally determined by their randomness. In order to be able to rely +100% on the fact that the passwords are randomly generated, an algorithm for generating passwords is +indispensable. The password generator performs this function and is completely integrated into the +software. + +![installation_with_parameters_82](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_generator/installation_with_parameters_82.webp) + +## Opening the password generator + +The password generator can be opened in different ways: + +- **Main menu/Extras/Password generator:** Here, the password generator is accessed directly. + Passwords generated in the password generator can be copied to the clipboard. + +![Password generator](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_generator/installation_with_parameters_83-en.webp) + +- **When creating new records:** Once the password field has been selected in the reading pane, the + password generator can then be directly opened in the “Form field” tab via the ribbon. Passwords + generated here can be directly entered into the password field for the new record using the + “Adopt” button. Alternatively: The password generator can also be accessed on the right in the + password field in the reading pane. + +## Functionality + +The Character section is used to define the character groups that should form part of the password. +This section can also be used to exclude (special) characters. Once the password length has been +defined, a preview of a password that corresponds to the configured criteria is displayed on the +bottom edge of the password generator. The “shuffle function” can be activated via the icon on the +right next to the password preview. This will generate a new password in accordance with the defined +criteria. + +#### Phonetic passwords + +This type of password can be recognised by the fact that it is relatively easy to remember (they are +“readable”) but do not have any association to terms found in dictionaries. Only the number of +syllables + +and the total length are defined in this case. Options that can be set are how the syllables are +separated and whether to use LeetSpeak. + +![installation_with_parameters_84](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_generator/installation_with_parameters_84.webp) + +Password rule + +Already defined[Password rules](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md) can be utilised for the +automatic generation of new passwords + +## Multigenerator + +The multigenerator makes it possible to automatically generate up to 200 passwords. The convention +used for generating these passwords is always the previously defined default. This could be: + +- User defined +- Phonetic passwords +- Password rules + +The generated passwords are saved in a text file in the local user directory and can be opened +immediately if desired. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md new file mode 100644 index 0000000000..0af1b5fa65 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md @@ -0,0 +1,82 @@ +--- +title: "Password rules" +description: "Password rules" +sidebar_position: 10 +--- + +# Password rules + +## What are password rules? + +It is generally recommended that passwords should consist of at least 12 different characters, be +complex and be automatically created. Rules set guidelines that can be made binding for users – +meaning that the use of passwords with a certain level of complexity is enforced. Existing rules can +also be reused in other areas. + +![Password rules](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_rules/installation_with_parameters_97-en.webp) + +## Relevant right + +The following option is required to manage password rules. + +User right + +- Can manage password rules + +## Managing password rules + +If “Password rules” is selected under Main menu/Extras, the available password rules will appear in +a separate tab in the currently active module. + +![installation_with_parameters_98](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_rules/installation_with_parameters_98.webp) + +In this screenshot, a total of 3 password rules are shown. As the rule “Very secure password” has +been selected in [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md), the +[Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md) on the right displays the +configuration for this rule: + +- **General:** The Password length of 25 is the minimum number of characters that a password needs + to contain according to this rule. The required Password quality is an internal measure of + security, which is calculated for this rule. This value always lies between 1 (very unsecure) and + 100 (maximum security). +- **Categories:** A password can consist of a total of four categories. It is possible to define + which of these categories to use and also how many of them to use. +- **Forbidden characters**: It is also possible to exclude some special characters. These characters + need to be entered in the list without separators. +- **Forbidden passwords:** Some passwords and the user name can also be added to the list of + forbidden passwords +- **Preview rules:** When new rules are created, an example password is generated that conforms to + the configured rules. This is only the case for passwords with a minimum length of 3 characters! + +## Using password rules + +Once password rules have been defined, they can be productively used in two different ways: + +- Use within the [Password generator](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_generator.md) +- Default for the password field in a form: + +When a password field is defined in a form, one of the defined password rules can be set as the +default. This means that the default will always be used when a new password is created. In this +way, it is possible to ensure that the required level of complexity is maintained for certain +passwords. + +![installation_with_parameters_99](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_rules/installation_with_parameters_99.webp) + +If one of these password rules is defined for a form, it is only possible to define a new random +value for the password if a new password is created. The icon on the right hand side of the password +field is used for this purpose. + +![installation_with_parameters_100](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/password_rules/installation_with_parameters_100.webp) + +## Defining standard rules for user passwords + +If Master Key mode is not being used, users can change their passwords in Netwrix Password Secure. +The administrator can define the password strength required for these passwords by using standard +password rules. + +## Visibility + +The password rules themselves are not subject to any permissions. All defined rules are therefore +available to all users. The rules are managed from the Main menu. + +NOTE: Users can only manage the rules if they have the appropriate user right diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/reports.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/reports.md new file mode 100644 index 0000000000..e2ba5eac4d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/reports.md @@ -0,0 +1,57 @@ +--- +title: "Reports" +description: "Reports" +sidebar_position: 30 +--- + +# Reports + +## What are reports? + +Comprehensive reporting is an important component of the ongoing monitoring of processes in Netwrix +Password Secure. Similar to selectively configurable +[Notifications](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/notifications.md), reports also contain +information that can be selectively defined. The difference is mainly the trigger. Notifications are +linked to an event, which acts as the trigger for the notification. In contrast, reports enable +tabular lists of freely definable actions to be produced at any selected time – the trigger is thus +the creation of a report. This process can also be automated via +[System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md). + +![reports](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/reports/installation_with_parameters_78-en.webp) + +NOTE: Reports only ever contain information for which the user has the required permissions. + +A separate tab for managing existing reports and creating new reports can be opened in the current +module via the Main menu/Extras/Reports. The module in which the report is opened is irrelevant, the +contents are always the same. + +![installation_with_parameters_79](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/reports/installation_with_parameters_79.webp) + +The filter on the left has no relevance in relation to reports. Although reports can also be +“tagged” in theory, filtering has no effect on the reports. In +[List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md), there are currently three +configured report requests shown. + +#### Creating a report request + +New report requests can be created in list view via the ribbon or also the context menu that is +accessed using the right mouse button. The form for creating a new report request again opens in a +separate tab. Alongside a diverse range of variables, the report type can be defined using a +drop-down list. There are currently dozens of report types available. + +![installation_with_parameters_80](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/reports/installation_with_parameters_80.webp) + +The filter can be used to define the scope of the report e.g. to focus on a certain OU or simply a +selection of tags. Once saved, the report will now be shown in the list of report requests. + +###### Manually create reports + +You can now create a manual report via the ribbon. This will open in a separate tab and can be +displayed in the default web browser if desired. + +![installation_with_parameters_81](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/reports/installation_with_parameters_81.webp) + +Automated sending of reports via system tasks + +In general, reports are not manually created but are automatically sent to defined recipients. This +is apossible via system tasks, which can run processes of this nature at set times. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md new file mode 100644 index 0000000000..d2755fbdfc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md @@ -0,0 +1,34 @@ +--- +title: "Seal templates" +description: "Seal templates" +sidebar_position: 50 +--- + +# Seal templates + +## What are the seal templates? + +The configuration of +[Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md) must be +well-thought-out and error-free. It is absolutely essential to save the once-invested effort in the +form of seal templates. The automation of ever-recurring tasks will, in this context, extremely +speed up the timing of the work. Once defined, templates can be attached to data records in a few +simple steps. The adaptation of already created stencils is presented in the seal templates as clear +and very fast. + +![Seal templates](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/seal_templates/installation_with_parameters_101-en.webp) + +NOTE: A separate tab opens in the active module in order to edit the default templates + +## Creating templates + +**CAUTION:** The right Can manage seal templates is required + +When creating seals, the seal can be saved as a template using the wizard. All templates saved in +this way are listed in the overview of the seal templates. Furthermore, it is possible to edit +existing templates directly or create new ones via the button in the ribbon. This is done in the +same way as the seal assistant. + +![installation_with_parameters_102](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/seal_templates/installation_with_parameters_102.webp) + +Once templates have been added, they can be immediately used for the creation of new seals. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/_category_.json new file mode 100644 index 0000000000..2c51c5c2d4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "System tasks", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "system_tasks" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/emergency_webviewer.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/emergency_webviewer.md new file mode 100644 index 0000000000..d267ef7c4b --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/emergency_webviewer.md @@ -0,0 +1,165 @@ +--- +title: "EmergencyWebViewer" +description: "EmergencyWebViewer" +sidebar_position: 10 +--- + +# EmergencyWebViewer + +## What is an Emergency WebViewer export? + +Safeguarding data is essential and this should be carried out using +[Backup management](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md). +However, a backup is not sufficient in some cases e.g. if a backup cannot be directly restored due +to a hardware problem. In these cases, **Netwrix Password Secure** offers the backup feature +**Emergency WebViewer Export**. + +The **Emergency WebViewer Export** is based on an encrypted **HTML file** which can be decrypted +using a corresponding **key**. Both files are required to view the passwords in a browser and form +the core system of the backup mechanism. + +## Creation of the file and key + +The **Emergency WebViewer Export** is created in Netwrix Password Secure as a +**[System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md)** and this task can be used to guarantee a regular backup of +the records (passwords) by entering an interval. When setting up the system task, the user thus +defines the cycle at which the **Emergency WebViewer.html file** is created on the Server Manager. +The existing file is overwritten in each case by the latest version at the defined interval. The +associated key is only created once at the beginning and needs to be saved. The current version of +the **HTML file** can only be decrypted using this **key**. + +**CAUTION:** The key (PrivateKey.prvkey) and the file (Emergency WebViewer.html) must be saved onto +a secure medium (USB stick, HDD, CD/DVD, …) and kept in a secure location! + +## Data security + +• Naturally, the HTML WebViewer file is encrypted + +• The export of the file is protected using a corresponding +[User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md) + +• The file can only be encrypted using the **PrivateKey.prvkey** file + +**CAUTION:** The export right for the passwords is not required for the Emergency WebViewer Export! + +## Required rights + +The user requires the following right to create a **Emergency WebViewer Export system task:** + +![installation_with_parameters_89](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_89.webp) + +## Emergency WebViewer.html and PrivateKey.prvkey + +The **Emergency WebViewer Export** creates two associated files. + +1. The file **Emergency WebViewer.html** is created on the computer executing the task +2. The associated key **PrivateKey.prvkey** is created on the client. + +## Calling up the Emergency WebViewer Export + +The Emergency WebViewer Export is set up as a **system task**. It can be called up in the main menu +under **Extras -> System Tasks**. + +![installation_with_parameters_90_831x487](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_90_831x487.webp) + +## Creating a Emergency WebViewer Export file + +Clicking on New opens a new window and the **Emergency WebViewer Export** can be selected. The +**configuration page** is then displayed. + +![installation_with_parameters_91_578x390](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_91_578x390.webp) + +It is not possible to use the **Emergency WebViewer Export** with an **Active Directory user.** + +![installation_with_parameters_92_467x103](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_92_467x103.webp) + +## Configuration page for the Emergency WebViewer Export task + +A new tab is displayed: **New emergency HTML WebViewer export task** This now needs to be configured +in accordance with the requirements. + +![new emergend HTML](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_93-en_925x527.webp) + +1. **General** Name: Enter a unique name Description: Enter additional information + Status: Execution: \*Activated\*/Deactivated +2. **Overview** Last run: Information display Next run: Information display +3. **Task settings** Folder path: Enter from the perspective of the server + Private key: needs to be saved +4. **Interval** Setting for when the system task is executed +5. **Executing server (optional)** Address (IP) of the additional server +6. **Tags** Freely definable characteristics of records + +**CAUTION:** The private key for the Emergency WebViewer must be saved before the system task can be +saved! + +## Displaying the Emergency WebViewer Export tasks + +Once the configuration has been completed, the **system task** is displayed in the current module in +the + +**System Tasks** tab. The user has the option of checking the data here + +![installation_with_parameters_94_914x671](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_94_914x671.webp) + +## Using the Emergency WebViewer.html file + +After the **system task** has been successfully executed, **two files** will have been created for +the password backup. + +1. Emergency WebViewer.html +2. PrivateKey.prvkey + +**CAUTION:** The file Emergency WebViewer.html is saved on the server executing the task. The + +**CAUTION:** key PrivateKey.prvkey needs to be securely saved by the user!\* + +The **Emergency WebViewer Export** is used in the same way as the **WebViewer export**. The +**passwords** are displayed in a current browser. The passwords are accessed in the **Emergency +WebViewer Export** with the **user password** and the **key** saved for the user. The search +function is used to select the **key (PrivateKey.prvkey)** and also to check its **validity**. If +all data has been correctly entered, it is then possible to log in. + +NOTE: The current user needs to log in using their password. If an incorrect password is entered, +access is temporarily blocked. + +Login data + +- Database: Predefined +- User: Predefined +- Password: User password (must be entered by the user) +- Key: PrivateKey.prvkey + +![emergency-webviewer](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/emergency-webviewer.webp) + +## Overview + +After successfully logging in, the **overview page** for the **Emergency WebViewer Export** is +displayed. This contains information about the saved **passwords** just like with the WebViewer +export. The passwords are now available to the user. + +Overview: Emergency HTML WebViewer / passwords + +![password in emergency webviewer](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/emergency_webviewer/installation_with_parameters_96-en.webp) + +The following data is displayed in the overview: + +Overview data: + +1. Display of the currently available records +2. Detailed information on the selected record +3. Search, logout, timeout until logout +4. Copy password to clipboard +5. Reveal password + +## Security note + +The existing **passwords** are now available to the user for further processing. The HTML page is +closed by clicking on **Logout**. + +If the user is **inactive** for **60 seconds**, he is automatically **logged out** and the **login** +is displayed with additional information. + +NOTE: You have been logged out due to inactivity + +The user can log in again using the **password** and **key** as described above. After successfully +logging in, the **Emergency WebViewer Export overview** is displayed again. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md new file mode 100644 index 0000000000..7433e80cc0 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md @@ -0,0 +1,98 @@ +--- +title: "System tasks" +description: "System tasks" +sidebar_position: 40 +--- + +# System tasks + +## What are system tasks? + +Netwrix Password Secure supports administrators and users by automating repetitive tasks. These are +represented as system tasks. Predefined tasks can thus be carried out at freely defined intervals. + +![System Tasks](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/installation_with_parameters_85-en.webp) + +## Relevant rights + +The following options are required for managing system tasks. + +User right + +- Can manage Active Directory system tasks +- Can manage system task reports +- Can manage discovery service system tasks +- Can manage Emergency WebViewer export system tasks +- Can manage WebViewer export system tasks + +## What can be automated? + +There are currently four different work processes that can be automated using system tasks: + +- **HTML WebViewer export:** Exports a freely definable selection of records in an AES-256 encrypted + HTML file. The file is saved in the form of notifications. +- **Reports:** Automatically creates a report that is issued in the notifications. This requires a + report request to be created in advance. +- **Network service scan:** Searches for service accounts on the network at defined cycles +- **Active Directory synchronization:** The comparison with Active Directory can also be automated + via system tasks. This requires an active directory profile to be created in advance. It is + important to note that only the Master Key profile can be automatically compared. + +## Creating system tasks + +System tasks can be initiated as usual via the ribbon or also the context menu that is accessed +using the right mouse button. The desired process to be automated using system tasks is then +selected from the four above-mentioned work processes. + +![installation_with_parameters_86](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/installation_with_parameters_86.webp) + +Naturally, the four work processes also share some similarities in their configuration. + +- **Status:** The system task is normally activated and then starts immediately after it has been + saved according to the defined intervals. If the system task is deactivated here, it is still + saved but is not yet activated. +- **Next run:** This setting describes when the system task will be performed or when it was already + performed for the first time (if this task was already created and is now being edited) +- **Interval:** The interval at which the system task should be executed is defined here. All + increments between every minute and once only are possible. It is also possible to enter an end + date. + +The differences between the four work processes to be automated are described below. These +differences are always part of the task settings within the system task form – the example here +shows an HTML WebViewer export to be configured. + +![installation_with_parameters_87](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/installation_with_parameters_87.webp) + +WebViewer generator + +- Filter: The passwords that should be exported are defined using a filter. +- Password: The HTML WebViewer creates an encrypted HTML file. The password is defined here and must + then be confirmed. + +Reports + +- Report request: The report requests defined in Reports are available and can be selected here. + +Discovery Service + +- The Discovery Service scans the network and lists all of the services for which a service user has + been saved. These can then be maintained using Netwrix Password Secure. The information collected + can then be directly transferred to the Password Reset for this purpose. + +Active Directory synchronization + +- The Active Directory profile required for the synchronization is selected from those available. + +Emergency WebViewer export + +- The Emergency WebViewer export creates an encrypted HTML file that contains all passwords. In an + emergency, the data required to get the system up and running again can be accessed in this file. + +NOTE: Tags could be defined for individual tasks – yet they have no relevance and can also not be +used as filter criteria in the system tasks. + +Status + +A corresponding note will be displayed to indicate if a task is currently being executed. + +![installation_with_parameters_88](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/system_tasks/installation_with_parameters_88.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/tag_manager.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/tag_manager.md new file mode 100644 index 0000000000..421a9d28a8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/tag_manager.md @@ -0,0 +1,34 @@ +--- +title: "Tag manager" +description: "Tag manager" +sidebar_position: 60 +--- + +# Tag manager + +## What is the tag manager? + +All existing tags can be viewed, edited and deleted directly in the tag manager. This can be +achieved via the filter, within the “Edit mode” of a data set as well as via the main menu under the +group [Extras](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/extras.md). + +![how to open the tag manager](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/tag_management/installation_with_parameters_103-en.webp) + +![Tag management](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/tag_management/installation_with_parameters_104-en.webp) + +The tag manager itself is a clearly structured tool with which you can view and edit all relevant +information. The colours can also be assigned here. The “Number used” column indicates how often an +object has been tagged with the tag. In this way, you can keep track of and remove tags that are no +longer needed. + +![All tags](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/tag_management/installation_with_parameters_105-en.webp) + +## Relevant rights + +The following option is required for managing tags + +User right + +- Manage tags + +**CAUTION:** It is only possible to delete tags if there are no more data associated with them diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/trash.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/trash.md new file mode 100644 index 0000000000..acce29979c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/trash.md @@ -0,0 +1,24 @@ +--- +title: "Bin" +description: "Bin" +sidebar_position: 80 +--- + +# Bin + +Here the logged-in user can manage his recycle bin. All deleted passwords to which the user is +entitled are displayed. + +## Functions + +The following functions are available: + +![bin_4](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/extras/trash/bin_4.webp) + +- **Restore**: The selected passwords are restored. + +- **Delete permanently**: The selected passwords are permanently deleted. This means that they can + no longer be restored. + +- **Empty entire bin**: The entire recycle bin is permanently deleted, so none of these passwords + can be recovered. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/general_settings.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/general_settings.md new file mode 100644 index 0000000000..51f8c4cfc6 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/general_settings.md @@ -0,0 +1,38 @@ +--- +title: "General settings" +description: "General settings" +sidebar_position: 30 +--- + +# General settings + +## What are general settings? + +The **general settings** relate to users. Thus, each user can customize the software to their own +needs. The following options can be configured: + +Colour scheme + +Various Windows colour schemes are available. The colour scheme Colorful provides e.g. different +colours which make it easier to distinguish between the modules in the software. If the colour +scheme is changed, the client must be restarted. + +Language + +The user can toggle between English and German. After changing the language, the client must be +restarted. + +Starting the application minimised in the notification area + +You can start the client minimized if you wish to run Netwrix Password Secure in the background. You +will be able to access it through the notification area. + +Minimise the application on closing + +If this option has been activated, the Netwrix Password Secure client will not end when the window +is closed but will merely be minimised. It will continue to run in the background. It is then only +possible to properly end Netwrix Password Secure via the main menu. + +Starting with Windows + +Of course, you can start the Netwrix Password Secure Client directly with Windows. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/import.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/import.md new file mode 100644 index 0000000000..37b0c314de --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/import.md @@ -0,0 +1,69 @@ +--- +title: "Import" +description: "Import" +sidebar_position: 70 +--- + +# Import + +## What is an import? + +If another password management tool was used before Netwrix Password Secure, these data can be +imported into Netwrix Password Secure. The formats .csv and especially Keepass (.xml) are supported. +Both variants can be set up in the import wizard, which is started via the Main menu/Import. + +![Import](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/import/installation_with_parameters_57-en.webp) + +## Requirements + +Whether the user is permitted to import data is controlled by the corresponding +[User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md). + +![installation_with_parameters_58](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/import/installation_with_parameters_58.webp) + +## The import wizard + +The wizard supports the import of data into Netwrix Password Secure in four steps. + +Select type + +![installation_with_parameters_59](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/import/installation_with_parameters_59.webp) + +The first step is to define the file that is to be used for the import. It is only possible to +proceed to the second step when the defined type corresponds to the stated file to be imported. The +second step is the settings. + +Settings + +![installation_with_parameters_60](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/import/installation_with_parameters_60.webp) + +1. The settings are used to firstly define the level in the hierarchy for saving the imported + structure. As can be seen in the example, the import will take place in the main organisational + unit. One of the existing organisational units can also be defined as a parent instance via the + drop-down menu. +2. The slider defines whether the imported structures should be imported as an organisational unit + or as a tag. If the slider is fully moved to the left, only tags are created. If it s moved to + the right, all objects are imported as an organisational structure. In addition, every object can + be configured separately via the context menu that is accessed using the right mouse button. It + is also possible to ignore folders. + +NOTE: No folders exist in Netwrix Password Secure. For this reason, it is necessary to define +whether a folder is saved as an organisational structure or as a tag during the import. The same +process is also used for the migration. + +Assignment of the form fields + +![installation_with_parameters_61](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/import/installation_with_parameters_61.webp) + +The third step is to assign the forms from the file to be imported to already existing forms. As +form fields may also have different names, the assignment process must be carried out manually via +drag & drop. Depending on which form was selected on the top line, form fields from the list on the +right can now be assigned to the form fields to be imported via drag & drop. It is also possible to +create new forms. + +Finish + +![installation_with_parameters_62](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/import/installation_with_parameters_62.webp) + +In the final step, the configured settings are summarised as a list of the objects to be imported. +The button “Finish” closes the wizard and starts the import. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/main_menu_fc.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/main_menu_fc.md new file mode 100644 index 0000000000..769c9c539f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/main_menu_fc.md @@ -0,0 +1,23 @@ +--- +title: "Main menu" +description: "Main menu" +sidebar_position: 30 +--- + +# Main menu + +## What is the Main menu/Backstage? + +All settings that are not linked to a particular module are defined in the Backstage (main menu). +This makes it easy to access the settings at any time and in any module. + +![Main menu](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/installation_with_parameters_56-en.webp) + +- [Extras](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/extras.md) +- [Account](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md) +- [General settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/general_settings.md) +- [User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md) +- [User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md) +- [Administration](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/administration.md) +- [Import](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/import.md) +- [Export](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/export/export.md) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/_category_.json new file mode 100644 index 0000000000..2c2eb8b19a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "User rights", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "user_rights" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/overview_of_all_user_rights.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/overview_of_all_user_rights.md new file mode 100644 index 0000000000..cf524ad8cc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/overview_of_all_user_rights.md @@ -0,0 +1,116 @@ +--- +title: "Overview of all user rights" +description: "Overview of all user rights" +sidebar_position: 10 +--- + +# Overview of all user rights + +This section lists all of the existing user rights. If a right is explained in more detail in +another section, you can navigate directly to this section by clicking on the link in the Section +column. The rights are grouped according to categories to provide a better overview + +| Category: General | Section | +| ------------------------- | ---------------------- | +| Can overwrite permissions | Form field permissions | +| Can inherit permissions | Form field permissions | + +| Category: Configuration | Section | +| ------------------------------------------------------------------------------------------------------------------- | ------- | +| Can add seal | | +| Can apply password masking | | +| Can change form for a password | | +| Can close tab of own organisational unit in LightCliet | | +| Can edit filter | | +| Can export | | +| Can import | | +| Can manage password form fields | | +| Can manage password images | | +| Can manage seal templates | | +| Can manage tags | | +| Can print | | +| Category: Mobile synchronisation | Section | +| --- | --- | +| Can synchronise with mobile devices | | +| Category: New records | Section | +| --- | --- | +| Can add new Active Directory profiles | | +| Can add new RDP applications | | +| Can add new SSH applications | | +| Can add new SSO applications | | +| Can add new web applications | | +| Can add new SAML applications | | +| Can add new users | | +| Can add new documents | | +| Can add new forms | | +| Can add new organisational units | | +| Can add new Password Resets | | +| Can add new passwords | | +| Can add new roles | | +| Can add new tags | | +| Can add individual passwords via Basic view | | +| Can add new passwords images | | +| Can add new Entra ID profiles | | +| Category: Offline mode | Section | +| --- | --- | +| Offline mode | | +| Timespan for how long the offline mode can be used without connection to the server | | +| Categorie: Rights | Section | +| --- | --- | +| If non-administrators select “Override permissions” when moving items, keep existing permissions for administrators | | +| Category: Rights templates | Section | +| --- | --- | +| Can edit members when using a rights template | | +| Can manage rights templates | | +| Can view selection of rights templates | | +| Can switch standard rights template | | +| Category: Security | Section | +| --- | --- | +| Is database administrator | | +| Can manage Active Directory profiles | | +| Can authorize other users to use personal passwords | | +| Can manage records for an application | | +| Can manage autologin | | +| Can set owner rights | | +| Can manage database sessions | | +| Can permanently delete the deleted users | | +| Can permanently delete the deleted organisational structures | | +| Can view deleted organisational structures | | +| Can permanently delete the deleted roles | | +| Can view deleted roles | | +| Can manage locked users | | +| Can edit global settings | | +| Can export HTML WebViewer | | +| Can change security level options | | +| Can manage password rules | | +| Can create personal records | | +| Can configure standard password rules | | +| Can carry out batch processing for permissions based on a filter | | +| Can manage password images | | +| Category: Visibility User right new | Section | +| --- | --- | +| Display application module | | +| Display notification module | | +| Show discovery service module | | +| Display document module | | +| Display form module | | +| Display logbook module | | +| Display organisational structure module | | +| Display Password Reset module | | +| Display password module | | +| Display roles module | | +| Category: System tasks | Section | +| --- | --- | +| Can manage Active Directory system tasks | | +| Can manage system task reports | | +| Can manage discovery service system tasks | | +| Can manage Emergency WebViewer export system tasks | | +| Can manage WebViewer export system tasks | | + +NOTE: There is a version selection box in the user rights. The options that were newly added in the +selected version are correspondingly marked in the list. + +![installation_with_parameters_115](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/overview_user_rights/installation_with_parameters_115.webp) + +This makes it easier for administrators to correctly configure new options before they release the +update for all employees. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md new file mode 100644 index 0000000000..d59b1a129b --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md @@ -0,0 +1,75 @@ +--- +title: "User rights" +description: "User rights" +sidebar_position: 50 +--- + +# User rights + +## What are user rights? + +In the user rights, access to functionalities is configured. Amongst tother things, this category +includes both the visibility of individual [Client Module](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/client_module.md), as +well as the use of the import, export or management of rights templates functions. A complete +listing is directly visible in the user rights. + +## Administration of user rights + +Managing all user rights exclusively at the level of the user would be a time intensive process and +thus require a disproportionate amount of care and maintenance. In the same way as with the +[Authorization and protection mechanisms](/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md), +an approach can be used in which several users are grouped together. Nevertheless, it must still be +possible to additionally address the specific requirements of individual users. Some +functionalities, on the other hand, should be available to all users. In order to do this, Netwrix +Password Secure offers a three-step concept. + +![installation_with_parameters_111](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/installation_with_parameters_111.webp) + +When it comes to user rights, the focus is always on the user. The user can receive user rights in +one of the following three ways: + +1. The **personal user right** only applies to a specific user. This is always configured via + the[Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md). + +**User rights to role**s apply to all members of a role and are specified in the +[Roles](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md) + +1. The **global user right** applies to all users of a database without exception. You can configure + it in the client settings. + +How a user receives a user right is irrelevant. The only important thing is that the user actually +receives a required right in one of the three ways mentioned above. It is recommended that you link +user rights to roles and, if necessary, supplement them with global user rights. + +**CAUTION:** In addition to personal and global user rights (as opposed to settings), user rights +are assigned via roles and not via organisational units! + +NOTE: Only those user rights that the current user possesses themselves can be issued. However, all +rights can be removed. + +![installation_with_parameters_112](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/installation_with_parameters_112.webp) + +## Configuring the security level + +The **security level** is an essential element that is also specified in the user rights. This is +the basis for the configuration of the [User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md). + +![installation_with_parameters_113](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/installation_with_parameters_113.webp) + +## Searching within user rights + +Due to the large number of possible configurations, the search function helps you to quickly find +the desired configuration. This process is based as usual on the List +[Search](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md). + +![installation_with_parameters_114](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/installation_with_parameters_114.webp) + +#### Database administrator + +Special attention should be given to the right Is database administrator. This right has the +following effects: + +- The user can also issue rights that he does not possess himself. +- The user can only have their rights removed by other database administrators. +- The user can unlock other users on the Server Manager. +- The user can also remove other users from the rights if they have the owner right. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/_category_.json new file mode 100644 index 0000000000..6ac028f85d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "User settings", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "user_settings" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/overview_of_all_user_settings.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/overview_of_all_user_settings.md new file mode 100644 index 0000000000..374f18d86f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/overview_of_all_user_settings.md @@ -0,0 +1,169 @@ +--- +title: "Overview of all settings" +description: "Overview of all settings" +sidebar_position: 10 +--- + +# Overview of all settings + +This section lists all of the existing settings. If a setting is explained in more detail in another +section, you can navigate directly to this section by clicking on the link in the Section column. +The settings are grouped according to categories to provide a better overview + +| Category: General | Section | +| -------------------------------------------- | ------- | +| Number of allowed widgets | | +| Mark notifications as read when opening them | | +| Can search for updates | | +| Allow a tab to be opened multiple times | | +| Display module name on dashboard | | +| Open quick search in new tab | | +| Edit tab after opening | | +| Close tab after saving | | +| Close tab after discarding | | +| Tab width | | +| Restore last tabs opened | | +| Ask for favicon download | | + +| Category: Display | Section | +| ------------------------------------------------------------------------ | ------- | +| Customizable window caption | | +| Display fold-down details in permissions view | | +| Change lists when widening in table view | | +| Display path for the organisational structure in the header | | +| Scaling value for the user interface | | +| Display kind of password in full client | | +| Display kind of passwords in Basic view | | +| Switch logo view on mouse over in Basic view | | +| Category: Browser | Section | +| --- | --- | +| Standard browser | | +| Category: Dashboard | Section | +| --- | --- | +| Display dashboard on startup | | +| Display remaining amount of data in the widget | | +| Category: Record | Section | +| --- | --- | +| Number of initially loaded records | | +| Display records as “about to expire” if the remaining days are less than | | +| Apply form changes to passwords | | +| Display total number of filter results | | +| Maximal number of search results for all | | +| Categorie: Documents | Section | +| --- | --- | +| Document history | | +| Permitted document extensions | | +| Maximum size in MB | | +| Category: Print | Section | +| --- | --- | +| Font size | | +| Category: Real-time update | Section | +| --- | --- | +| Refresh notifications in real time | | +| Category: Filter | Section | +| --- | --- | +| Display mode | | +| Jump to filter on quick search | | +| Can use filter negation | | +| Automatically use last filter | | +| Display mode status when starting the program | | + +| Category: Footer area | Section | +| --------------------------------------------------------------------------------------------------------------- | ------- | +| Show notifications in the footer area | | +| Show documents in the footer area | | +| Display footer area | | +| Show history in the footer area | | +| Show logbook in the footer area | | +| Show metadata in the footer area | | +| Show Password Resets in the footer area | | +| Category: Configuration | Section | +| --- | --- | +| Display animation in SSO configuration window | | +| You must enter a reason for establishing the RDP connection | | +| You must enter a reason for establishing the SSH connection | | +| Netwrix Password Secure user directory | | +| Default form (for Basic view) | | +| Start Basic view on next login | | +| Include subordinated organisational units in Basic view | | +| Category: Reading pane | Section | +| --- | --- | +| Orientation for Active Directory | | +| Orientation for applications | | +| Orientation for notifications | | +| Orientation for reports | | +| Orientation for documents | | +| Orientation for forms | | +| Orientation for logbook | | +| Orientation for organisational structure | | +| Orientation for Password Reset | | +| Orientation for passwords | | +| Orientation for rules | | +| Orientation for roles | | +| Orientation for seal templates | | +| Orientation for system tasks | | +| Orientation for forwarding rules | | +| Size of profile image in reading area | | +| Category: Mobile synchronisation | Section | +| --- | --- | +| Validity of the mobile database without synchronisation in days (0 = no limit on validity) | | +| Maximum number of login attempts before deleting the database (0 = unlimited) | | +| Category:Offline mode | Section | +| --- | --- | +| Automatic synchronisation after an interval in minutes (0 for deactivated) | | +| Offline synchronisation after saving a record | | +| Path where the offline database should be saved (empty for standard) | | +| Category:Proxy | Section | +| --- | --- | +| Address | | +| User name | | +| Password | | +| Use Windows proxy | | +| Category:Rights | Section | +| --- | --- | +| Clear user field after adding | | +| Inherit permissions for new objects (without rights template) | | +| Existing passwords inherit changes to the permissions for organisational units | | +| Permission search: Add gradually | | +| Delete user from the permissions for new objects when the user creating the new object is authorized via a role | | +| Hide deleted users and roles in permissions | | +| Category:Security | Section | +| --- | --- | +| Change rule for the user password | | +| Disconnect database connection due to inactivity after | | +| Deactivate inactive users | | +| Length of validity of the multifactor authentication token (minutes) | | +| Confirmation of authenticity on login | | +| Minimum score for password quality level “good” | | +| Minimum score for password quality level “strong” | | +| Display password in quick view | | +| PKI: Enforce validity period for certificates | | +| PKI: Certificate hash methods | | +| PKI: Checking mode for certificate chains | | +| Time period after which inactive sessions will be deleted from the server | | +| Category:SSO | Section | +| --- | --- | +| Browser Extension: Exact domain check | | +| Browser Extension: Automatically send login masks | | +| Browser Extensions: Automatically fill login masks | | +| Browser addons: Show password | | +| Category:Keyboard shortcuts | Section | +| --- | --- | +| Execute script to enter the password in the selected windowk | | +| Execute script to enter the user name in the selected window | | +| Execute script to enter the user name and password in the selected window | | +| Execute script to enter the user name and password in the selected window using the Enter button | | +| Category:Clipboard | Section | +| --- | --- | +| Clearing the clipboard | | +| Clear clipboard on closing | | +| Clear clipboard on minimising | | +| Clipboard gallery | | + +NOTE: There is a version selection box in the settings. The options that were newly added in the +selected version are correspondingly marked in the list. + +![installation_with_parameters_115](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/overview_user_rights/installation_with_parameters_115.webp) + +This makes it easier for administrators to correctly configure new options before they release the +update for all employees. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md new file mode 100644 index 0000000000..d03c2ec1a9 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md @@ -0,0 +1,79 @@ +--- +title: "User settings" +description: "User settings" +sidebar_position: 40 +--- + +# User settings + +## What are user settings? + +There are many functions within Netwrix Password Secure that can be adapted to the needs of users. +It is also possible to define various parameters for optical representations. This can be inherited +both at \* user level \*, \* global \* and \* organisational units \*. In addition, there is a +security level concept, which categorizes the users into five layers. The administration of settings +can thus be linked to the presence of the required security level. + +## Managing user settings + +You can configure user settings similarly to [User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md). Here too, +there are a total of three possibilities with which a user can define his settings or be configured +from another location. For the sake of easy manageability, it is again a good idea to configure the +users not individually, but to provide several equal users with settings. + +![installation_with_parameters_116](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_settings/installation_with_parameters_116.webp) + +The focus is always on the user, also when it comes to user rights. It can obtain its settings in +one of the following three ways: + +1. Personal settings only apply to a specific user. These are always configured via the + organisational structure module. +2. Settings for organisational structures apply to all members of a role, and are specified in the + organisational structure module +3. Global settings apply to all users of a database without exception. You can configure them in the + client settings. + +**CAUTION:** In addition to personal and global settings (as opposed to authorizations), settings +are not assigned via roles, but via organisational units! + +![installation_with_parameters_112](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_rights/installation_with_parameters_112.webp) + +### Inheritance of user settings + +If you leave the personal settings on the outside, there are two ways to inherit settings: + +1. Global inheritance +2. Inheritance on the basis of membership in organisational units (OU) + +Global settings are configured as usual in the [Main menu](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/main_menu_fc.md). The organisational +units are inherited via the +[Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md). +All users who are assigned to an organisational unit inherit all user settings for this OU. In the +present case, the users “Jones” and “Moore” inherit all settings from the “IT” organisational unit: + +![inherit permissions](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_settings/installation_with_parameters_117-en.webp) + +The “Settings” button in the ribbon allows you to see the settings for both organisational units and +users. The many setting options can be restricted by the known +[Search](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md) mechanisms. + +![installation_with_parameters_118](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_settings/installation_with_parameters_118.webp) + +The diagram shows the settings for the user “Jones”. The search has been filtered by the term +“Detail”. The column **“Inherited from”** shows that some settings have been inherited globally, or +by the organisational unit “IT”. The top two options have no value in the column. This is because +this parameter has been defined at user level. + +NOTE: The inheritance for individual settings can be deactivated in the ribbon! + +## Security levels + +Option groups were created in the global settings to ensure that users can control only those +settings for which they hold permissions. Categorising security levels from 1 to 5 allows you to +combine similar options and thus make them available to the users. + +![user settings](/images/passwordsecure/9.2/configuration/advanced_view/mainmenu/user_settings/installation_with_parameters_119-en.webp) + +The [User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md) define who has the required permissions to change +which security levels. As with all rights, this is achieved either through global inheritance, the +role, or as a right granted directly to the user. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/_category_.json new file mode 100644 index 0000000000..3bcf4aaf6d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Operation and Setup", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "operation_and_setup" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/_category_.json new file mode 100644 index 0000000000..113bb86a6f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Dashboard and widgets", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "dashboard_and_widgets" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/dashboard_and_widgets.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/dashboard_and_widgets.md new file mode 100644 index 0000000000..81c8cfbada --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/dashboard_and_widgets.md @@ -0,0 +1,82 @@ +--- +title: "Dashboard and widgets" +description: "Dashboard and widgets" +sidebar_position: 80 +--- + +# Dashboard and widgets + +## What are dashboards and widgets? + +In case of large installations, the amount of information provided by Netwrix Password Secure may +seem overwhelming. Dashboards expand the existing filter possibilities by an arbitrarily +customizable info area, which visually prepares important events or facts + +![Dashboard](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/dashboard_and_widgets/installation_with_parameters_50-en.webp) + +Dashboards are available in almost all [Client Module](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/client_module.md)s. A +separate dashboard can be set for each individual module. **Widgets** correspond to the individual +modules of the dashboard. There are various widgets, which can be individually defined and can be +configured separately. In the above example, three widgets are enabled and provide information about +current notifications, password quality, and user activity. The **maximum number of possible +widgets** is managed in the[User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md). + +NOTE: You can close the dashboard using the button in the tab. You can open it again via **View** > +**Show dashboard** in the ribbon. + +NOTE: The display of the dashboard is basically uncritical since the user can only see the data on +which he is also entitled. + +#### Relevant settings + +The following options are available in combination with the dashboard and widgets. + +**Settings** + +- Display dashboard on startup +- Display module names on dashboard +- Number of allowed widgets +- Display remaining amount of data in the widget + +#### Adding and removing widgets + +If the dashboard tab is enabled, you can enable the dashboard editing mode via the ribbon. Adding +and editing widgets is only possible in this mode. + +![Adding and removing widgets](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/dashboard_and_widgets/installation_with_parameters_51-en.webp) + +Use the drop-down menu to select the widget to be added \* (1) . **Then add the widget to the +dashboard using the corresponding button in the ribbon** (2). The maximum number of widgets that can +be added can be configured in the user settings. In editing mode, any widget can be directly removed +from the dashboard via the button on the upper right edge. The processing mode is ended by saving +via the ribbon. + +![Adding widgets](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/dashboard_and_widgets/installation_with_parameters_52-en.webp) + +## Customizing widgets + +In the editing mode, you can customize each widget separately. To do this, select the widget and +switch to the \* widget content tab \* in the ribbon. + +![Customizing widgets](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/dashboard_and_widgets/installation_with_parameters_53-en.webp) + +Separate variables can be customized for each widget. This example shows how often users have had +passwords displayed. Naturally, the variables are distinct for each widget since other information +could be relevant. + +Widget event + +You can select the **Widget Event** option in the ribbon. This activates the interaction of the +widgets. In the following example, this feature was enabled for the Activity widget. As a result, +the dashboard not only displays all activities, but also filters them according to the user selected +in the **Team List** widget. It therefore concerns all activities of the user “Moore”. These are +filtered “live” and displayed in real-time. + +![Widget event](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/dashboard_and_widgets/installation_with_parameters_54-en.webp) + +## Arranging widgets + +In the edit mode, the layout of the widgets is user-defined. Drag & drop allows you to place a +widget in the corresponding position on the dashboard (left, right, top, or bottom). + +![Arranging widgets](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/dashboard_and_widgets/installation_with_parameters_55-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/keyboard_shortcuts.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/keyboard_shortcuts.md new file mode 100644 index 0000000000..9037fb3379 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/keyboard_shortcuts.md @@ -0,0 +1,22 @@ +--- +title: "Keyboard shortcuts" +description: "Keyboard shortcuts" +sidebar_position: 10 +--- + +# Keyboard shortcuts + +## Functionality + +Some actions can be executed very efficiently using keyboard shortcuts. These are configured in the +section of the same name within the **global +[User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md)** + +The following keyboard shortcuts are available: + +- **CTRL+ ALT + U** transfers the user name from the selected record to the active window +- **CTRL+ ALT + S** starts a script that firstly transfers the user name from the selected record to + the active window. The shortcut will then execute a TAB jump and transfer the password. +- **CTRL+ ALT + P** enters the selected password into the active window or field +- **CTRL+ ALT + R** firstly transfers the user name from the selected record to the active window + via the enter key. The shortcut will then execute a TAB jump and transfer the password. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/_category_.json new file mode 100644 index 0000000000..dce4f41135 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Filter", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "filter" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/advanced_filter_settings.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/advanced_filter_settings.md new file mode 100644 index 0000000000..4775c589b8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/advanced_filter_settings.md @@ -0,0 +1,111 @@ +--- +title: "Advanced filter settings" +description: "Advanced filter settings" +sidebar_position: 20 +--- + +# Advanced filter settings + +## Linking filters + +The two options for linking the filter criteria are very easy to explain using the example of +[Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md). The following options are available: + +1. Logical “Or operator” + +By default, the filter is active in this mode. In the following example, the user wants to find all +records with at least one of the tags ”**Important**” or ”**Development**”. This also means that +records can either have one of the tags, or both. + +![installation_with_parameters_17_839x376](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/installation_with_parameters_17_839x376.webp) + +Due to the colour coding of the tags in the records, it can be seen that the first two records have +one of the tags, while the third one has both tags. However, all three are included in the results. +**At least one filter criterion must be met.** + +**2. Logical “And operator”** + +This mode is activated directly by the checkbox in the filter. Each filter criterion has its own +checkbox. + +![installation_with_parameters_18](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/installation_with_parameters_18.webp) + +![installation_with_parameters_19_822x325](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/installation_with_parameters_19_822x325.webp) + +**In contrast to the “OR link”, the “AND link” must fulfil both criteria**. Accordingly, only those +records that have both the tag **”Important”** and the tag ”Development” are listed in the results +for this example. + +## Filter tab in the ribbon + +The filter management can also be found in the [Ribbon](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md). Here, it is +possible e.g. to expand the currently configured filter criteria, save the filter, or simply clear +all currently applied filters. + +![installation_with_parameters_20](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/installation_with_parameters_20.webp) + +#### Saving, editing, and deleting filters + +In many cases, it is recommended to store defined filters. In this way, it is possible to make +efficient use of filter results from previous searches. The button **“Save filter”** directly +prompts you to assign a meaningful name to this filter. The filter is saved according to the +criteria currently configured in the filter. This filter is now listed in the selection menu and can +now be selected. Note that a selected filter selection is immediately applied to the filter but is +not automatically executed. The filter must be used for this purpose. Both the button in the ribbon, +so also the counterpart in the filter, lead to the same result here. + +![Filter settings](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/advanced-filter-settings-1-en.webp) + +Deleting and overwriting existing filters is identical in the procedure. The filter, which has been +marked in the selection field, is always deleted. If an existing filter is to be overwritten, the +name of the filter is retained and is overwritten with the filter criteria currently configured in +the filter. + +————————— + +#### **Advanced filter** + +In the “Extended filter” category you can adjust the filter as desired, eg by adding or removing +filter groups. Clicking on **”Edit filter”** activates the processing mode. You can terminate it +with **”Finish editing”.** + +![Filter editing](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/advanced-filter-settings-2-en.webp) + +New filter groups can now be added via the selection field. For this purpose, the desired filter +type is selected (in the example, the filter group is the seal). The process is completed by +**”adding a filter group”.** Newly added filter groups are always placed at the very bottom of the +filter. + +In **Edit mode**, the filter view changes, in addition to the possible actions in the ribbon. Use +the arrow buttons to adjust the order of the filter groups. The icons “Plus” and “Minus” can be used +to create additional instances of existing filter groups or to remove existing ones. In the +following example, a content filter was added and all other filter groups removed. + +![Filter](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/advanced-filter-settings-3-en_923x441.webp) + +In this example, only the content filter is used – in two instances! \* The “And” link will now +display all records that contain both the word “password” and the phrase “important”. \* + +#### Negation of filters + +It is often important to be able to negate the filter. + +Activation + +In the “Extended filter” category you have the possibility to activate the negation: + +![allow negation](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/allow-negation-en.webp) + +It is thus possible to refine very precisely filter results even further. This becomes more and more +important when there are a large number of records in the database and the resulting amount of data +is still unmanageable despite the fact that filters has been appropriately defined. + +![installation_with_parameters_25_752x412](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/advancedfiltersettings/installation_with_parameters_25_752x412.webp) + +Negations are defined directly in the checkbox of an element within a filter group. Without +negations, you can only search e.g. for a tag. Negations make the following queries possible: + +”Deliver all records that have the tag “Development” but are not tagged with “Important”! + +**CAUTION:** In order to effectively use negations, it is important that “and links” are always +enabled. Otherwise operations with negations cannot be modelled mathematically. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/display_mode.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/display_mode.md new file mode 100644 index 0000000000..f8a301c2dc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/display_mode.md @@ -0,0 +1,38 @@ +--- +title: "Display mode" +description: "Display mode" +sidebar_position: 10 +--- + +# Display mode + +## What display modes exist? + +In addition to the already described [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md), it is possible to switch to structure +view. This alternative view enables you to filter solely on the basis of the organisational +structure. Although this type of filtering is also possible in standard filter view, you are able to +directly see the complete organisational structure in structure view. + +NOTE: As there are no longer any folders in Netwrix Password Secure version 9, the structure view +can not mirror all of the functionalities of the folder view in version 7. However, the structure +view has been modelled on the folder view to make the changeover from the previous version easier. + +![installation_with_parameters_15](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/displaymode/installation_with_parameters_15.webp) + +As you can see, only the organisational structure is visible in this view. This view is the ideal +choice for users who want to work in a highly structural-based manner. + +## Relevant options + +There are three relevant [User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md) +associated with the display mode: + +![installation_with_parameters_16](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/displaymode/installation_with_parameters_16.webp) + +- **Display mode:** It is possible to define whether the standard filter, structure filter or both + are displayed. If the last option is selected, you can switch between both views. +- **Jump to filter on quick search:** If you are using structure view, it is possible to define + whether the system should automatically jump to the standard filter if you click the quick search + (top right in the client) +- **Display mode status when starting the program:** This setting defines which display mode is + displayed as default when starting the program. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md new file mode 100644 index 0000000000..c66d4e1ae4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md @@ -0,0 +1,98 @@ +--- +title: "Filter" +description: "Filter" +sidebar_position: 20 +--- + +# Filter + +## What is a filter? + +The freely configurable filters of the PSR client provide all methods for easy retrieval of stored +data. The filter criteria are always adapted according to the module in which you are currently +located. When you select one or several search criteria, and click on “Apply filter”, the results +will be displayed in the list view. If necessary, this process can be repeated as desired and +further restrictions can be added. + +## Relevant rights + +The following option is required for editing filters: + +**User right** + +- Can edit filter + +![Filter](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/installation_with_parameters_10-en.webp) + +## Who is allowed to use the filter? + +The filter is an indispensable working tool because of the possibility to restrict existing results +according to individual requirements. Consequently, all users can use the filter. It is, of course, +possible to place restrictions for filter criteria. This means that the filter criteria available to +individual employees can be restricted by means of +[Authorization and protection mechanisms](/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md). +For example, an employee can only filter for the [Forms](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/forms.md) password +if he has the read permission for that form. + +**CAUTION:** There are no permissions for [Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md). This means that any employee can +use any tags. The display order in the filter is determined by the frequency of use. This process is +not critical to security, since tags do not grant any permissions. They are merely a supportive +measure for filtering. + +## Application example + +Filter without criteria + +By selecting the desired criteria and applying the filter using the button of the same name, the set +of all the records corresponding to the criteria is displayed in the list view. If you used the +filter without criteria, you would obtain a list of all records to which you generally have +authorization. + +![editing criteria](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/installation_with_parameters_11-en.webp) + +As you can see, 133 records are not really manageable. In most situations you will need to reduce +the number of records by adding filters. + +**Adding filter criteria** + +The filter **organization** can be applied directly to the authorizations to restrict the number of +records according to the authorizations granted. In this case, the logged-on user holds rights for +various areas. However, it would like to see only those records which are assigned to the **Own +passwords** area within the organisational structure. In addition, there should be further +restrictions, which could be formulated as in the following sentence: “Deliver all records from my +own passwords that were created with the form **password** and which contain the expression **2016** +and the tag **Administrator**. + +![Adding filter criteria](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/installation_with_parameters_12-en.webp) + +As can be seen, the filter delivers the desired results. The extent to which the filter criteria +match the three remaining data sets is assigned in colour. + +**CAUTION:** When filtering with several criteria, such as forms, content and tags, all filter +criteria must be complied with. It is therefore a logical “AND operation”. Other possible methods +for linking criteria are described in detail in the Advanced Filter Settings. + +**Content filter** + +The term \* 2016 \* is part of the description in the \* My Schufa \* record, part of the +description of \* Wordpress 2016 \* and Microsoft Online 2016 . **Since the search** \***”in all +fields”** is activated in the content filter, all three records are also included in the results, +and are displayed in the list view. You can also configure the content filter to search for +expressions in a specific field. The icon next to the expression **”in all fields”** opens the +content filter configuration in a modal window. As can be seen, the content filter has been +configured to only search in the form **password** and then only in the form field **Internet +address:** + +![installation_with_parameters_13](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/installation_with_parameters_13.webp) + +![Content filter](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/filter/installation_with_parameters_14-en.webp) + +It is very easy to abstract, because of the present example, that the filter can be adapted to your +personal requirements. It is thus the most important tool to be able to retrieve data once stored in +the database. + +**CAUTION:** The effectiveness of the filter is closely linked to data integrity. Only when data is +kept clean, efficient operation with the filter is ensured. It is important that employees are +trained in the correct handling of the filter tool as well as when creating the records. Workshops +show the best success rate in this context. If you require further information, contact us under +mail to: sales@passwordsafe.de. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md new file mode 100644 index 0000000000..70040b8c79 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md @@ -0,0 +1,91 @@ +--- +title: "List view" +description: "List view" +sidebar_position: 30 +--- + +# List view + +## What is the list view? + +The list view is located centrally in the Netwrix Password Secure client, and is a key element of +daily work. There are also list views in Windows operating systems. If you click on a folder in +Windows Explorer, the contents of the folder are displayed in a list view. The same is true in +Netwrix Password Secure version 9. + +However, instead of folders, the content of the list view is defined by the currently applied +filter. \* This always means that the list view is the result of a filtered filter \*. For the +currently marked record in list view, all existing form fields are output to the reading pane. With +the two tabs “All” and “Favourites, the filter results can be further restricted. + +![List view](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_26-en.webp) + +At the bottom of the list view, the number of loaded records and the time required for this are +shown. + +NOTE: For more than 100 list elements, only the first 100 records are displayed by default. This is +to prevent excessive database queries where the results are unmanageable. In this case, it makes +sense to further refine the filter criteria. By pressing the “All” button in the header of the list +view, you can still manually switch to the complete list. + +## Searching in list view + +Through the search field, the results found by the filter can be further refined as required. After +you have entered the search term, the results are automatically limited to those records which +correspond to the criteria (after about half a second). The search used for the search is +highlighted in yellow. + +![installation_with_parameters_27](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_27.webp) + +## Detailed list view + +The default view displays only limited information about the records. However, the width of the list +view is flexible and can be adjusted by mouse. At a certain point, the view automatically changes to +the detailed list view, similar to the procedure in Microsoft Outlook. All form fields are displayed + +![Table view](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_28-en.webp) + +## Favourites + +Regularly used records can be marked as favourites. This process is carried out directly in the +[Ribbon](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md). A record marked as a favourite is indicated with a star in list view. + +![Favourite](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_29-en.webp) + +You can filter for favourites directly in the list view. For this purpose, simply switch to the +“Favourites” tab + +![installation_with_parameters_30](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_30.webp) + +#### Othersymbols + +Every record displayed in list view has multiple icons on the right. These give feedback in colour +about both the password quality and the [Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md) used. Mouseover tooltips provide +more precise details. + +![installation_with_parameters_31](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_31.webp) + +NOTE: The information visible underneath the password name is taken from the info field for the +associated form and will be explained separately + +## Workingwith records + +All records that correspond to the filter criteria are now displayed in list view. These can now be +opened, edited, or deleted via the ribbon. Many functions are also available directly from the +context menu. You can do this by right-clicking the record. Multiple selection is also possible. To +do this, simply highlight the desired objects by holding down the Ctrl key. + +![installation_with_parameters_32](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_32.webp) + +#### Opening and editing data sets + +By double-clicking, as with the context menu (right mouse button), all records can be opened from +the list view in a separate tab. Only in this view can you make changes. This detail view opens in a +separate tab, the list view is completely hidden + +![editing dataset](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/listview/installation_with_parameters_33-en.webp) + +NOTE: Working with data records depends of course on the type of the data record. Whether passwords, +documents or organisational structures: The handling is partly very different. For more information, +please refer to the respective sections on the individual +[Client Module](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/client_module.md) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/operation_and_setup.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/operation_and_setup.md new file mode 100644 index 0000000000..e62783a4ef --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/operation_and_setup.md @@ -0,0 +1,97 @@ +--- +title: "Operation and Setup" +description: "Operation and Setup" +sidebar_position: 10 +--- + +# Operation and Setup + +## Client structure + +The modular structure of the client ensure that the required functionalities are always in the same +place. Although the module selection gives access to the various areas of Netwrix Password Secure, +the control elements always remain at the positions specified for this purpose. This intuitive +operating concept ensures efficient work and a minimum of training time. + +![Operation](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/operation-and-setup-1-en.webp) + +![Dashboard](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/operation-and-setup-2-en.webp) + +1. [Ribbon](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md) + +2. [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md) + +3. [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) + +4. [Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md) + +5. [Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md) + +6. [Search](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md) + +7. [Dashboard and widgets    ](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/dashboard_and_widgets.md) + +## TABs + +Tabs offer yet another option within the to present related information in a separate area. This tab +navigation enables you to display, quickly access and switch between relevant information. The +results for a filter with specific criteria can thus be retained without the original result being +overwritten + +when a new filter is applied. In parallel, detailed information about records can also be found in +their own tabs. It is of course possible to adjust the order of the tabs via drag & drop according +to your individual requirements. + +![Dashboard](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/installation_with_parameters_2-en.webp) + +#### Standard tab + +Depending on the active module, the All passwords tab will be renamed to the corresponding module by +default. (All documents, all forms, etc.) + +![Standard tab](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/standard-tab-en.webp) + +Although the name suggests that all records in the database are displayed, the records displayed in +list view correspond to the criteria that have been defined in the filter. The tab closes and can be +restored by reusing the filter. + +## Client footer information + +Independently of the module chosen, various information is displayed in the footer area of the +client. The icons are also provided with a meaningful mouse-over text, which provides additional +information. + +- Connection to database +- Feedback in case connection is insecure +- Last name, first name (user name) of the logged-in user + +![installation_with_parameters_4](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/installation_with_parameters_4.webp) + +- [Ribbon](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md) +- [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md) +- [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) +- [Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md) +- [Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md) +- [Search](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md) +- [Dashboard and widgets](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/dashboard_and_widgets.md) +- [Shortcut key](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/dashboardandwidgets/keyboard_shortcuts.md) + +## Orientation + +It is possible to change the alignment of the following objects: + +- [Active Directory link](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md) +- [Applications](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/applications.md) +- [Notifications](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/notifications.md) +- [Reports](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/reports.md) +- [Documents](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/documents.md) +- [Forms](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/forms/forms.md) +- [Logbook](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/logbook.md) +- [Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md) +- [Password Reset](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/password_reset.md) +- [Password rules](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/password_rules.md) +- [Roles](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md) +- [Seal templates](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md) +- [System tasks](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/systemtasks/system_tasks.md) +- Forwarding Rules +- Profil picture in the reading pane diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/print.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/print.md new file mode 100644 index 0000000000..ea4814196c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/print.md @@ -0,0 +1,96 @@ +--- +title: "Print" +description: "Print" +sidebar_position: 70 +--- + +# Print + +#### What can the print function do? + +It is often necessary to print out data stored in Netwrix Password Secure for documentation +purposes. The Print function is available in numerous areas of Netwrix Password Secure for this +purpose. It is possible to print out records such as e.g. passwords or also information about +organisational units and much more. + +#### Relevantrights + +The following rights are relevant. + +**Record rights** + +- The **Print** right for the relevant record is required in each case. + +User right + +- Can print + +#### Availability + +The print function is available in the following modules: + +- Passwords +- Documents +- Organisational structure +- Roles +- Forms + +#### Using the print function + +The print function can be called up via the ribbon. + +![installation_with_parameters_44](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/print/installation_with_parameters_44.webp) + +Firstly, it is necessary to select whether you want to print a table or a detailed view. The amount +of data can also be defined. The individual menu items are described in detail further down in this +section. After making your selection, the data is firstly prepared for printing. Depending on the +amount of data, this may take a few minutes. The print preview is then opened. + +![print password](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/print/installation_with_parameters_45-en.webp) + +NOTE: The print preview accesses the functions of the printer driver. Depending on the printer or +driver being used, the appearance and functions offered by the print preview may vary. The +individual functions will thus not be described in detail here. + +The printing process is ultimately started via the **print preview**. It is also possible to save +the view or adjust the layout before printing. + +#### Selecting the data to be printed + +There are different options available for adapting the printing result to your personal +requirements. The individual menu items will be explained here using the example of printing +passwords. + +###### Table view (current selection) + +All **selected** records will be printed out. In the following example, **Adobe** and **Anibis.ch** +are thus printed out. + +![selected data](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/print/installation_with_parameters_46-en.webp) + +The data is printed here in table form. + +![print password](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/print/installation_with_parameters_47-en.webp) + +#### Tableview (current filter) + +All currently **filtered** records will be printed out here. In this example, all seven records are +thus printed out. + +![filtered password](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/print/installation_with_parameters_48-en.webp) + +They are printed out – as described above – in table form. + +#### Detailed view (current selection) + +This option also prints out the currently selected records. However, a detailed view is printed out +in this case. + +![print filtered passwords](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/print/installation_with_parameters_49-en.webp) + +#### Detailed view (current filter) + +This function can be used to print out all filtered records in detailed view as described above. + +NOTE: It should be noted that the amount of data generated via this function can quickly become very +large. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md new file mode 100644 index 0000000000..27c4e3d631 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md @@ -0,0 +1,59 @@ +--- +title: "Reading pane" +description: "Reading pane" +sidebar_position: 40 +--- + +# Reading pane + +## What is the reading pane? + +The reading pane on the right side of the client always corresponds to the detailed view of the +selected record in the list view and can be completely deactivated via the ribbon. In addition, you +can configure here the arrangement of the reading pane – either on the right, or underneath the +[List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md). + +![Reading area](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/readingpane/installation_with_parameters_34-en.webp) + +## Structure of the reading pane + +The reading pane is divided into two areas: + +1. **Details area** +2. Footer area + +![installation_with_parameters_35](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/readingpane/installation_with_parameters_35.webp) + +1. Details area + +Depending on which record you have selected in [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md), the +corresponding fields are displayed here. In the header, the assigned [Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md), as +well as the +[Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md) +are displayed. + +**CAUTION:** It should be noted that the details area cannot be used for editing records! Although +it displays all of the data, editing is only possible if the record has been opened. + +2. Footer area + +In the footer area of the reading pane, it is possible to display various information for the +currently selected record. The button can be activated via the button provided. It is hidden by +default. + +![Footer area](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/readingpane/installation_with_parameters_36-en.webp) + +The logbook, linked documents, history, notifications and password resets can be accessed separately +here via the tabs. The individual elements can be viewed with a double-click, as well as by using +the quick view (space bar). Double clicking always opens a separate tab, the quick view merely opens +a modal window + +Visibility of the individual tabs within the footer section is secured via separate +[User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md): + +![installation_with_parameters_37](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/readingpane/installation_with_parameters_37.webp) + +The same options can also be found in the settings. A tab is only displayed if it has been activated +both in the rights and also in the settings. This makes it possible to specify (for example via the +administrator) whether a user is permitted to view the tab or not. The user can then define +themselves which tabs they want to be displayed. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md new file mode 100644 index 0000000000..1575524ec3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md @@ -0,0 +1,54 @@ +--- +title: "Ribbon" +description: "Ribbon" +sidebar_position: 10 +--- + +# Ribbon + +## What is the ribbon? + +The ribbon is the central control element of Netwrix Password Secure version 9. It is available in +all modules. Netwrix Password Secure is almost always operated via the ribbon in the header area of +the PSR client. + +![Ribbon](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/ribbon/installation_with_parameters_5-en.webp) + +The features available within the ribbon are dynamic, and are based on the currently available +actions. Various actions can be performed, depending on which object is selected. The module +selected also affects the features that are available in the ribbon. Of course, the most important +actions can also be controlled via the context menu (right mouse button). + +![Ribbon - Item](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/ribbon/ribbon-1-en.webp) + +This mainly affects the very often used features such as opening, deleting or assigning tags. +However, a complete listing of the possible actions is always only possible directly in the ribbon. +This ensures that the context menu can be kept lean. + +## Access to the client main menu (backstage) + +The button at the top left of the ribbon provides access to the +[Main menu](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/main_menu_fc.md): + +![installation_with_parameters_7](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/ribbon/installation_with_parameters_7.webp) + +## Ribbon tabs + +There are tabs in the header area of the ribbon that summarize all available operations. By default, +module-independent **Start, View, and Filter** is available. If the footer of the +[Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md) is opened (1), further tabs will be visible in the +ribbon (2). These contain, according to the selection made in the footer, other possible actions. + +![Ribbon Tabs](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/ribbon/installation_with_parameters_8-en.webp) + +#### Content tabs + +Double-clicking on an object in the [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) opens a new tab with its +detailed view. Depending on which form field you have selected, the corresponding content tab opens +in the ribbon. + +![Content tabs](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/ribbon/installation_with_parameters_9-en.webp) + +Depending on the selected form field, further actions are offered in the Content tab. In the +Password field, this is, for example, calling the password generator or the screen keyboard, or the +possibility to copy it to the clipboard. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md new file mode 100644 index 0000000000..c408931d9d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md @@ -0,0 +1,52 @@ +--- +title: "Search" +description: "Search" +sidebar_position: 60 +--- + +# Search + +## What is search? + +With the help of the search, it is possible to find data stored in the database efficiently +according to selected criteria. Basically, there are 2 search modes: + +1. Quick search + +In the upper right section of the ribbon, there is a search field, which scans the module that is +currently open. This is a full-text search that scans all fields and tags except the password field. + +![quick search](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/search/installation_with_parameters_41-en.webp) + +The fast search is closely linked to the [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md), because search queries are +converted directly into one or several content filters. You can also separate search terms using +spaces, for example, **Cook Daniel**. Note that this search creates two separate content filters, +which are logically linked with “and” +. This means that both words must occur in the data record. +The sequence is irrelevant. If the ordering needs to be taken into account, the search term must be +enclosed in quotation marks: **“Cook Daniel”**. The search is not case sensitive. No distinction is +made between upper and lower case. + +NOTE: You can access quick search directly via \* Ctrl + Q\*! + +Negations in the quick search + +Negations restrict the results to such an extent that certain criteria may not be met. The following +example searches for all records that contain the expression \* Delphi , **but not the expression +swiss. The notation, which must be entered in the quick search, is: Delphi -swiss** + +![quick search](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/search/installation_with_parameters_42-en.webp) + +2. List search + +With the list search in the header of the [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md), the results of the +filter can be searched further. This type of search is available in almost every list. Scans only +the currently filtered results. Password fields are not searched. The search is live, so the result +is further refined with every additional character that is entered. Automatic “highlighting” takes +place in yellow colour. + +![list search](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/search/installation_with_parameters_43-en.webp) + +A direct database query is performed when the filter is executed. The list search only searches +within the query already made. + +NOTE: The list search is hidden by default and can be activated with “Ctrl + F” diff --git a/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md new file mode 100644 index 0000000000..e5f9aa2813 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md @@ -0,0 +1,51 @@ +--- +title: "Tags" +description: "Tags" +sidebar_position: 50 +--- + +# Tags + +## What are tags? + +The tag system is ubiquitous in Netwrix Password Secure. It can be used to classify and describe +almost every object. An object can have several such tags. These are always displayed in the header +area of the data record. Optionally, tags can be provided with colours or a description. They +determine the aesthetics of Netwrix Password Secure, and are optically a great help, in order not to +loose the overview even in case of large amounts of data. + +NOTE: Tags have no permissions. Any user can use any tag! + +## Relevant rights + +The following option is required for creating new tags. + +User rights + +- Can add new tags + +## Adding tags to records + +Tags can be directly added when creating new records and also when editing records. The procedure is +the same. In Edit mode, the tags are always at the bottom. + +![Tags in dataset](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/tags/installation_with_parameters_38-en.webp) + +The operation is intuitive. From the third entered letter, existing tags are searched for full text. +If the desired tag has been found, it can be added. Both the navigation with mouse, thus also with +keyboard, is possible. If a new tag is to be created, this can be done directly with “Return”. + +![installation_with_parameters_39](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/tags/installation_with_parameters_39.webp) + +## Tags in the ribbon + +If you edit a record and mark an existing or new tag, a corresponding content tab appears in the +ribbon. Here, the tag manager can be opened as well as the colour and description of the tag can be +adapted directly. + +![Tags in password](/images/passwordsecure/9.2/configuration/advanced_view/operation_and_setup/tags/installation_with_parameters_40-en.webp) + +## Management of tags + +A separate section is available under Extras in the client for the tag manager. This is explained in +a special section. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/_category_.json new file mode 100644 index 0000000000..15e0af1775 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Permission concept and protective mechanisms", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "permission_concept_and_protective" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/_category_.json new file mode 100644 index 0000000000..bde6770d7b --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Automated setting of permissions", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "automated_setting_of_permissions" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/automated_setting_of_permissions.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/automated_setting_of_permissions.md new file mode 100644 index 0000000000..094f7faf90 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/automated_setting_of_permissions.md @@ -0,0 +1,30 @@ +--- +title: "Automated setting of permissions" +description: "Automated setting of permissions" +sidebar_position: 20 +--- + +# Automated setting of permissions + +## Reusing permissions + +Netwrix Password Secure generally differentiates between multiple methods for setting permissions: + +1. Manual setting of permissions +2. Inheritance of permissions within organisational structures +3. Using predefined rights + + - In the manual setting of permissions, the desired permissions are directly configured for each + record. Automatic processes and inheritance are **not** used in this case. + - Both the use of predefined rights and also the inheritance from organisational structures are + based on the **automated reuse** of already granted permissions according to previously + defined rules. + +The following diagram deals with the question: **How do users or roles receive the intended +permissions?** + +![manual vs automated settings](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/automated-setting-of-permissions-1-en.webp) + +NOTE: Inheritance from organisational structures is defined by default in the system. This can be +configured in the settings. The relevant setting is “Inherit permissions for new objects (without +permission template)”. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/inheritance_from_organizational.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/inheritance_from_organizational.md new file mode 100644 index 0000000000..95441490b0 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/inheritance_from_organizational.md @@ -0,0 +1,89 @@ +--- +title: "Inheritance from organisational structures" +description: "Inheritance from organisational structures" +sidebar_position: 10 +--- + +# Inheritance from organisational structures + +## Organisational structures as a basis + +The aim of organisational structures is to reflect the hierarchies and dependencies amongst +employees that exist in a company. Permissions are granted to these structures as usual via the +ribbon. Further information on this subject can be found in the section +[Permissions for organisational structures](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/permissions_for_organisational.md). +As a specific authorization concept is generally already used within organisational structures, this +is also used as the basis for further permissions. This form of inheritance is technically +equivalent to granting permissions based on **affiliations to a folder**. When creating a new +record, the record receives the permissions in accordance with the defined permissions for the +organisational unit. + +![explanation of authorization](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-1-en.webp) + +## Relevant user settings + +Whether this form of inheritance should be applied is defined via the settings in the ribbon. It can +be configured in more detail using two settings. + +**CAUTION:** If a predefined rights exists, this will always overwrite inherited permissions from +organisational structures + +Inherit permissions for new objects (without rights template) This setting is relevant for newly +created records. + +![setting inherit permission](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-2-en.webp) + +The following values can be configured: + +Off: Permissions from OUs are not inherited organisational unit: When creating new objects, +permissions are set in accordance with the defined rights for the target organisational unit. This +setting is active by default. organisational unit and user: As well as inheriting permissions for +organization units, the configured permissions for the user are now also inherited when creating +private records. \*If inheritance for the users is also activated, the creation of private records +is in itself no longer possible. When creating new records to be saved in the organisational unit +for the logged-in user, the permissions for the record are now granted in accordance with the +permissions for the user. + +Existing passwords inherit changes to the permissions for organisational units + +![setting inherit from OU to password](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-3-en.webp) + +This option means that changes to permissions for an organisational unit will be inherited by all +passwords for this organisational unit. This setting is active by default. When inheriting +permissions, a dialogue will be displayed that offers you the following options: + +Increase or reduce permissions: The permissions for the passwords are retained and are only +increased or reduced by the change. Overwrite permissions: The permissions for the passwords are +completely overwritten. This means that all permissions for a password are firstly removed and then +the new permissions for the organisational unit are inherited. Cancel inheritance: The permissions +are not inherited but are only changed in the organisational unit. \*The permissions are only +inherited by existing passwords within the organisational unit. Therefore, the permissions are not +inherited downwards throughout the entire structure. + +Example case This example shows the creation of a new record in the organisational structure +“marketing”. It is defined in the settings for the stated organisational structure that permissions +should be inherited by new objects in accordance with the organisational structure. + +The permissions for the organisational unit “marketing” are shown below: + +![example of permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-4-en.webp) + +A new password is now created in the organisational unit “marketing”. + +![new password](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-5-en.webp) + +It is important that no preset is defined for this organisational unit. The permissions for the +record just created are now shown. + +![permissions example](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-6-en.webp) + +## Conclusion + +The permissions for the “storage location” are simply used when creating new objects. Two conditions +apply here: + +The value “organisational unit” must be selected in the settings for the inheritance of permissions +There must be no [Predefining rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md) for the +affected organisational structure This process is illustrated in the following diagram: + +![process for inheritance of permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/automated_settings/inheritance_from_organisational_structures/inheritance-7-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/_category_.json new file mode 100644 index 0000000000..c53f3cdaa2 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Manual setting of permissions", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "manual_setting_of_permissions" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/manual_setting_of_permissions.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/manual_setting_of_permissions.md new file mode 100644 index 0000000000..60a54252ea --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/manual_setting_of_permissions.md @@ -0,0 +1,94 @@ +--- +title: "Manual setting of permissions" +description: "Manual setting of permissions" +sidebar_position: 10 +--- + +# Manual setting of permissions + +## What is the manual setting of permissions for records? + +In contrast to the +[Automated setting of permissions](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/automated_setting_of_permissions.md), the +manual approach does not utilize any automatic processes. This method of setting permissions is thus +carried out separately for every record – this process is not as recommended for newly created data. +If you want to work effectively in the long term, the automatic setting of permissions should be +used. However, the manual setting of permissions is generally used when editing already existing +records. + +## Adding additional users with permissions + +In the previous section, it was clarified that permissions are granted either directly to the user +or to several users grouped in a role. With this knowledge, the permissions can be set manually. In +the [Passwords](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md), there are three different ways to access +the permissions in the list view: + +1. Icon in the ribbon +2. Context menu of a data record (right-click) +3. Icon at the right edge of the reading pane + +![different ways to access the permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/manual-setting-of-permissions-1-en.webp) + +NOTE: The icon on the right of the reading pane shows the information whether the record is personal +or public. In case of personal data records, the user that is logged on is the only one who has +permissions! + +The author is created with all permissions for the record. As described in the +[Permission concept and protective mechanisms](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/permission_concept_and_protective.md), you can now +add roles and users. 'Right click - Add' inside the userlist or use the ribbon "User and roles" to +add a user. The filter helps you to quickly find those users who should be granted permissions for +the record in just a few steps. + +![add user and role](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/manual-setting-of-permissions-2-en.webp) + +The search [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md)opens in a separate tab and can be +configured as usual. + +![seach filter](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/manual-setting-of-permissions-3-en.webp) + +**Multiple selection** is also enabled. It allows to add several users via the Windows standard +Ctrl/Shift + left mouse button. + +## Set and remove permissions + +By default, all added users or roles receive only the “Read” permission on the record. The “Read” +permission at the beginning is sufficient to view the fields of the data record and to use the +password. "Write" permission allows you to edit a data record. **The permission “Authorize” is +necessary to authorize other users to the record**. This is also a requirement for +the[Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md). + +![setting all permissions example](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/manual-setting-of-permissions-4-en.webp) + +## Transferring permissions + +A simple right-click on a user can be used to copy and transfer permission configurations of users +or roles to others in the context menu. In this context, the use of permission templates is also +very practical. In the “Template” area of ​​the ribbon, you can save configured permissions, +including all users, and reuse them for other records. + +![preset menu](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/manual-setting-of-permissions-5-en.webp) + +The transfer of permissions and their reuse can be an important building block to create and +maintain entitlement integrity. This method cannot rule out misconfigurations, but it will minimize +the risk significantly. Of course, the correct configuration of these templates is a prerequisite. + +## The add permission + +The “add" permission holds a special position in the authorization concept. This permission controls +whether a user/role is permitted e.g. to create a new record within an organisational structure. +Consequently, this permission can only be set in the +[Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md). + +## The owner permission + +The "owner" permission can be set for a user. This permission is more of **a guarantee**. Once +assigned, there is no way to remove the user or role. This is only possible by the user or the role +itself, as well as by users with the permission “Is database administrator”. + +![owner permission](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/manual-setting-of-permissions-6-en.webp) + +The owner permission prevents other users who have the “Authorize” permission from removing someone +with the owner permission from the record. + +**CAUTION:** The owner permission does not protect a record from being deleted. Any user who has +deletion permission can delete the record! diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/multiple_editing_of_permissions.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/multiple_editing_of_permissions.md new file mode 100644 index 0000000000..0a39ed6221 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/multiple_editing_of_permissions.md @@ -0,0 +1,123 @@ +--- +title: "Multiple editing of permissions" +description: "Multiple editing of permissions" +sidebar_position: 20 +--- + +# Multiple editing of permissions + +## How to edit multiple permissions? + +As part of the manual modification of permissions, it is also possible to edit multiple records at +the same time. Various mechanisms can be used to select the records to be edited. You are able to +select the records in [List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) or you can use +the filter as part of the multiple editing function. Both scenarios are described below. + +### User permissions for batch processing + +This mode is inactive by default and needs to be activated in the user rights. + +- Can carry out batch processing for permissions based on a filter + +## Multiple editing via list view + +Individual permissions can be added or remove via **Multiple editing within list view**. The +existing permissions will **not be overwritten**. + +## Selecting the records + +In list view, Shift or Ctrl + mouse click can be used to select multiple records. Permissions can +also be granted for these records via the selection. The marked records are displayed in a different +color. 6 records are marked in the following image. + +![password list](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-1-en.webp) + +## Dialogue for configuring the permissions + +A new tab will be opened in the ribbon above the "Permissions" button in which the permissions can +be configured. The tab will display the number of records that will be affected by the defined +changes. + +![rights for selected passwords](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-2-en.webp) + +NOTE: As the already granted permissions for the selected records may differ, it is not possible to +display the permissions here. + +## Adding permissions + +To add a permission, a user or role is selected first in the ribbon under **Search and add** or +**Search**. The permissions are then selected as usual in the ribbon. The +:material-plus-circle-outline: symbol indicates that permissions will be added. In the following +example, Mr. Steiner receives read permission to all selected records. In contrast, Mr. Brewery +receives all permissions. + +## Reducing permissions / removing users and roles from the permissions + +If you want to remove permissions, it is also necessary to add the user or the desired role to be +edited. Clicking on **Reduce permissions** now means that permissions will be removed. This is +indicated by the :material-minus-circle-outline: symbol. The selected permissions will be removed. + +NOTE: If the **read** permission is to be removed for a user or role, the user will be completely +removed from the permissions. + +## Examples + +In the following example, Mr. Steiner receives read permissions to all selected records. In +contrast, Mr. Brewery receives all permissions: + +![rights for selected passwords](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-3-en.webp) + +The read permission will be removed for Mr. Steiner. As removing the read permissions means that no +other permissions exist for the record, Mr. Steiner is completely removed from the permissions. The +authorize, move, export and print permissions are being removed from Mr. Brewery. Assuming that he +previously had all permissions, he will then have read, write and delete permissions remaining: + +![edit rights for selected passwords](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-4-en.webp) + +## Batch processing using a filter + +In some cases it is necessary to edit the permissions for a very large number of records. On the one +hand, a maximum limit of 1000 records exists and on the other hand, handling a very large number of +records via list view is not always the best solution. The **Batch processing using a filter** mode +has been developed for this purpose. This is directly initiated via the ribbon. + +![Batch processing using a filter](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-5-en.webp) + +In the subsequent dialogue, you define whether you want to expand, reduce or completely overwrite +existing permissions. If you select **expand or reduce** at this stage, the same logic as for +**editing via list view** is used. No permissions will thus be overwritten. + +In the option **overwrite permissions**, the existing permissions are removed and then replaced by +the newly defined permissions. + +**CAUTION:** It is important to proceed with great caution when overwriting permissions because this +function can quickly lead to a large number of records becoming unusable. + +![permissions adapted on a filter](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-6-en.webp) + +The filter itself defines the selection criteria for the records to be edited. The currently +configured filter will be used as default. The records that will be affected by the changes are also +not displayed in this view. Only the number of records is displayed. In the following example, 9 +passwords are being edited to add the read permission the role "Sales". + +![permissions change for selected records](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-7-en.webp) + +## Seals and password masking + +Sealed or masked records cannot be edited using batch processing. If these types of passwords are +selected, a dialogue will be displayed when carrying out batch processing to inquire how these +records should be handled. + +![security warning because of sealed or masked passwords](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-8-en.webp) + +It is possible to select whether the affected records are skipped or whether the seal or password +masking should be removed. If the **remove** option is selected, the process needs to be confirmed +again by entering a PIN. + +![security warning](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/manual_settings/multiple_editing_of_permissions/multiple-editing-of-permissions-9-en.webp) + +**CAUTION:** The removal of seals and password masking cannot be reversed! + +NOTE: Depending on the number of records, editing records may take a long time. This process is +carried out in the background for this reason. A hint will indicate that the permissions process has +been completed. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/right_templates.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/right_templates.md new file mode 100644 index 0000000000..8f8ccc8392 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/right_templates.md @@ -0,0 +1,22 @@ +--- +title: "Right templates" +description: "Right templates" +sidebar_position: 10 +--- + +# Right templates + +## Using right templates + +Once they have been configured, permissions can be constantly reused. The functionality **Saving +permissions as a template** in the ribbon is used for this purpose. The templates are globally +available and can also be used for other records. + +NOTE: When saving templates, always select a name that will also allow it to be safely +differentiated from other templates if you have a large number of right templates. + +Nevertheless, the use of right templates merely reduces the amount of work and still envisages the +manual setting of permissions. Automatic process for the issuing of permissions also exist in +Netwrix Password Secure and will be covered in the section +[Predefining rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md) and also under +"[Inheritance from organisational structures](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/automatedsettingofpermissions/inheritance_from_organizational.md)". diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/permission_concept_and_protective.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/permission_concept_and_protective.md new file mode 100644 index 0000000000..2297a44571 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/permission_concept_and_protective.md @@ -0,0 +1,138 @@ +--- +title: "Permission concept and protective mechanisms" +description: "Permission concept and protective mechanisms" +sidebar_position: 40 +--- + +# Permission concept and protective mechanisms + +## What is the permission concept? + +With Netwrix Password Secure version 9 we provide the right solution to all conceivable demands +placed on it with regards to permission management. [Roles](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md) are a +great way to efficiently manage multiple users without losing the overview. We've created multiple +methods to manually or automatically manage your permissions. More information can be seen in the +chapter +[Multiple editing of permissions](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/multiple_editing_of_permissions.md) + +Alongside the definition of manual and automatic setting of permissions, the (optional) setting of +[Protective mechanisms](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/protective_mechanisms.md) forms +part of the authorization concept. The protective mechanisms are thus downstream of the permissions. +The interrelationships between all of these elements are illustrated in the following diagram. + +![Authorisation concept](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/permission_concept_1-en.webp) + +NOTE: Applying some form of permissions is **obligatory**. Applying a protective mechanism is +**optional**. + +NOTE: The configuration of visibility is a technical part of the permissions process. However, this +mechanism has a “protective character” and is thus listed under protective mechanisms. + +## Basic mechanics of the permission concept + +These three pillars are irrevocable and always impact permissions of every type. + +### The three pillars of the permission concept + +The reproduction of company-specific permission structures can vary greatly in terms of effort. The +basic concept is based on only a few rules which always apply without exception. Despite the +innumerable individual adjustment screws, these basic rules can be summarized in three essential +steps. + +### 1. Permissions only for users or roles + +If the permission for a data record is to be defined, there are basically only two possibilities: + +1. Permission for a **user** +2. Permission for a **role** + +A role is technically nothing more than a summary of multiple users with the same permissions. It +is, of course, a good idea to manage these roles in accordance with your company’s activities. The +role “Administrators” can therefore be provided with more extensive authorizations than, for +example, the role “Sales Assistance”. This role-based inheritance allows the organization to +maintain the overview in a larger corporate structure as well as a simple procedure when adding new +employees. Instead of having to entitle him individually, this is simply added to his role. + +![Permission only for users or roles](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/permission_concept_2-en.webp) + +It is obvious to proceed with the organization of accesses using the concept of roles as a basis and +only to grant rights individually to employees in exceptional cases. The unplanned absence of +personnel must also be taken into account in such concepts. Working with roles defuses such risks +significantly. + +NOTE: + + +``` +Permissions are always granted to only one user or role! + +``` + +### 2. Membership in roles + +The key point is membership in a role. If an employee can use the authorizations according to the +roles assigned to him, **he must be a member of the role**. Only members see the records that have +been authorized for the role. + +![Membership in roles](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/permission_concept_3-en.webp) + +NOTE: + + +``` +A small technical digression into the nature of the encryption can be very helpful with the basic understanding. Each role has a key pair. The first key is used to encrypt data. Access to this information is only possible with the second key. The membership in a role is equivalent to this second key. + +``` + +### 3. Membership vs. permissions for roles + +The admin user in Netwrix Password Secure must pay particular attention to the interplay between +users and roles. This dynamics is crucial for understanding the concept of authorization, in order +to ensure maximum software adaptability to any corporate structure. The following diagram +illustrates this with an example of two users. + +![Membership vs permissions for roles](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/membership_permission.webp) + +- **User 1** is a member of the role, and is therefore authorized for all records that are assigned + to the role. However, it has only “read rights” for the role itself. This means, it can see the + role, but cannot “Edit, move, or delete” it. +- **User 2** has all rights for the role. It can add additional users to the role by means of + “authorize”. The crucial point, however, is that it is not a member of the role. It cannot, + therefore, see any records for which the role is authorized. + +In practice, the first user would be a classic user that is assigned, for example, to the Sales role +by the administrators, and can view the records accordingly. The second user could be one of those +administrators. This user has extensive rights for the role. It can edit it, and add users to it. +However, it cannot see any data that is assigned to sales. It lacks membership in the role. + +NOTE: + + +``` +As a member of a role, it must have at least the “read” right for the role! + +``` + +## Specific example and configuration + +Similar to the previous section Permission concept and protective mechanisms for roles, the +configuration of a role will be illustrated using two users. The configuration is performed in the +[Roles](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md). By double-clicking on the role “IT-Consultants” in the +[List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md), you can open their detailed view. + +![roles list view](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/permission_concept_5-en.webp) + +- The user “Holste” is a member of the role and can, therefore, access those records for which the + role has permissions. He has the obligatory read right for the role, which is the basic + requirement in order to be a member of the role. Which exact rights it has to the data record is + not defined within the role! This is set out in the following section. +- The user “Administrator” has all rights to the role, but is not a member! Thus, it cannot see any + records that are authorized for the role. However, it has all rights to the role and can therefore + print, assign other users to the role, and delete them. + +![explanation of the authorization through a role](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/permission_concept_6-en.webp) + +This example clearly shows the advantages of the concept. The complete separation of administrative +users from regular users brings significant advantages. Of course, one does not necessarily exclude +the other. An administrator can, of course, have full access to the role and also be a member in it! +The boundaries between the two often overlap, and can be freely defined in Netwrix Password Secure. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/_category_.json new file mode 100644 index 0000000000..280c13033d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Predefining rights", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "predefining_rights" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md new file mode 100644 index 0000000000..699c7782ce --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md @@ -0,0 +1,84 @@ +--- +title: "Predefining rights" +description: "Predefining rights" +sidebar_position: 30 +--- + +# Predefining rights + +## What are predefined rights? + +[Permissions for organisational structures](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/permissionsfororganisational/permissions_for_organisational.md) +can be carried out separately for every record. Although this method enables you to very closely +control every intended permission structure, it is not really efficient. On the one hand, there is +too much configuration work involved, while on the other hand, there is a danger that people who +should also receive permissions to access data are forgotten. In addition, many users should not +even have the right to set permissions. “Predefining rights” is a suitable method to simplify the +permissions and reduce error rates by using automated processes. This page covers the configuration +of predefined rights, please also refer to the sections +[Working with predefined rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/working_with_predefined_rights.md) +and their +[Scope of validity for predefined rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/scope_of_validity_for_predefined.md). + +## Organisational structures as a basis + +[Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md) +can be very useful in many areas in Netwrix Password Secure. In this example, they provide the basic +framework for the automated granting of rights. In the broadest sense, these organisational +structures should always be entered in accordance with existing departments in a company. The +following example specifically focuses on an IT department. The following 3 hierarchies +([Roles](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/roles.md)) have been defined within this IT department: + +- **IT employee** +- **IT manager** +- **Administrator** + +## Predefine rights + +In general, a senior employee is granted more extensive rights than those granted to a trainee. This +hierarchy and the associated permission structure can be predefined. In the +O[Organisational structure](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/organisational_structure.md) +module, we now select those OUs (departments) for which rights should be predefined and select +\*predefine rights” in the ribbon. + +![button of predefined rights](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/predefined-rights-1-en.webp) + +- **Creating the first template group:** A new window will appear after clicking on the icon for + adding a new template group (green arrow) in which a meaningful name for the template group should + be entered. + +![add template](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/predefined-rights-2-en.webp) + +Roles and users can now be added to this template via the ribbon or through the context menu (right +mouse click). This was already completed in the example. The role **IT employee** only has the "read +permission", the **IT manager** also has the "write permission" and the capability of managing +permissions. **Administrators** possess all available permissions. Configuration of the permission +structures is explained in +[Manual setting of permissions](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/manual_setting_of_permissions.md). + +![example permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/predefined-rights-3-en.webp) + +## Adding other template groups + +It is also possible to configure several different right templates within one department. This may +be necessary e.g. if there are several areas of competency within one department which should each +receive different permissions. Alongside the **IT general** area, the template groups **Exchange** +and **Firewall** have also been defined below. + +![Standard template](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/predefined-rights-4-en.webp) + +A **default template group** can be defined directly next to the drop-down menu for selecting the +template group (green arrow). This is always pre-configured when you select “IT” as the OU to save +records. + +## Issuing tags for predefining rights + +In the same way that permissions are defined within right templates, it is also possible to +automatically set **tags**. Their configuration is carried out in the same way as issuing +[Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md) for records. + +![tags for predefining rights](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/predefined-rights-5-en.webp) + +This process ensures that a special tag is automatically issued when using a certain template group. +Example cases can be found in the +[Working with predefined rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/working_with_predefined_rights.md). diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/relevant_user_rights.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/relevant_user_rights.md new file mode 100644 index 0000000000..b9616e4527 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/relevant_user_rights.md @@ -0,0 +1,33 @@ +--- +title: "Relevant user rights" +description: "Relevant user rights" +sidebar_position: 20 +--- + +# Relevant user rights + +## User rights for predefined rights + +The user rights section provides all of the basic information required for handling user rights . +Nevertheless, the four user rights related to “predefining rights” are explained below. + +![global user rights](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/relevant_user_rights/relevant_user_rights_1-en.webp) + +- **Can switch default rights templates:** When selecting the rights template, a diverse range of + rights template groups can be selected. To be able to select a different template to the default + template, the right “Can switch default rights templates” is required. If this right has not been + granted, you are forced to use the default template. +- **Can manage rights templates:** If the user has the right to manage rights templates, they can + open the management function for the rights template via the button “predefine rights”. To receive + full rights to manage the rights templates for an organisational unit, the rights “read” and + “authorize” are required for the corresponding organisational unit. +- **Can view selection of rights templates:** This right controls whether the rights template + selection function is displayed or not when creating new records. If this right has not been + granted, the user is thus not able to see for which roles and users the user rights are being + defined. +- **Can remove members from rights templates:** Roles defined within the rights templates cannot be + removed without this right. If this right has not been granted, the roles defined in the templates + are always authorized for records in this organisational structure. If the user right is + activated: The user can remove the roles via the “x” icon: + +![Permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/relevant_user_rights/relevant_user_rights_2-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/scope_of_validity_for_predefined.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/scope_of_validity_for_predefined.md new file mode 100644 index 0000000000..a9788ab0e2 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/scope_of_validity_for_predefined.md @@ -0,0 +1,29 @@ +--- +title: "Scope of validity for predefined rights" +description: "Scope of validity for predefined rights" +sidebar_position: 30 +--- + +# Scope of validity for predefined rights + +In general, all of the predefined rights for an organisational structure are applied to all +underlying objects. These objects could be passwords, forms, form fields documents, users, +applications or also other nested organisational structures in the hierarchy. In the following +example, the rights template **IT general** has been defined for the organisational unit **IT**. + +![rights template](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/scope_of_validity/scope_of_validity_1-en.webp) + +If this type of “preset” has been defined, the corresponding icon is displayed at the corresponding +level (= green arrow). As no other icons exist below this level, this means that the preset is valid +for all underlying objects. + +The following example shows how a preset can be defined for when the “password” form is used that +not only grants the existing permissions to the roles but also provides the sales manager with read +rights. + +![working with rights template](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/scope_of_validity/scope_of_validity_2-en.webp) + +As can be seen, the preset “IT general” is valid for all objects. An exception here is the +“password” form because a unique preset has been defined for this form (blue arrow). As a result, +all records created using the “password” form receive permissions as defined in this preset (incl. +the sales manager). diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/working_with_predefined_rights.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/working_with_predefined_rights.md new file mode 100644 index 0000000000..0fc0f1becd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/working_with_predefined_rights.md @@ -0,0 +1,68 @@ +--- +title: "Working with predefined rights" +description: "Working with predefined rights" +sidebar_position: 10 +--- + +# Working with predefined rights + +## Using predefined rights when creating passwords + +After you have configured [Predefining rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md), you can then use them to +create new records. Proceed here as follows: + +- Select the password module +- “New password” via the ribbon +- Select a form + +In the next window to appear, the organisational unit “IT” and the template group “Exchange” are +selected. + +![predefined rights](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/working_with_predefining_rights/working_with_predefined_rights_1-en.webp) + +Here is the underlying rights template as a comparison: + +![example for predefined rights](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/working_with_predefining_rights/working_with_predefined_rights_2-en.webp) + +The relationship between them is obvious. It can be immediately seen that by selecting the +organisational unit “IT” based on the rights configured in the rights template, permissions are +granted for the roles “IT management” and also “Administrators”. **The underlying tags “IT” and +“Exchange” are also set.** + +## Preview of the permissions to be set + +When using rights templates, the permissions to be granted can be very quickly classified via a +**color table**. The actual permissions can also be viewed as usual via the +[Ribbon](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/ribbon.md). The following color key is used with the +associated permissions: + +| **Color** | **Permission** | +| --------- | -------------- | +| Green | Read | +| Yellow | Write | +| Orange | Delete | +| Red | Authorize | + +Other rights also exist that are, however, not separately indicated by a color. The overview in the +ribbon can be used to see whether the “move”, “export” and “print” rights are set or not. The +permissions for the selected role/user are always displayed – in this case for the role “IT +management”. + +![predefined rights permiissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/working_with_predefining_rights/working_with_predefined_rights_3-en.webp) + +## Conclusion + +The [Manual setting of permissions](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/manual_setting_of_permissions.md) enables +the configuration of rights for both existing and also new records. The option of +[Predefining rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md) represents a very efficient alternative. Instead of +having to separately grant permissions for every record, a “preset” is defined once for each +organisational structure. Once this has been done, it is sufficient in future to merely select the +organisational structure when creating a record. The permissions are then set automatically. This +process is particularly advantageous for those users who should not set their permissions +themselves. + +![predefined rights diagram](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/working_with_predefining_rights/working_with_predefined_rights_4-en.webp) + +**CAUTION:** The configuration of permissions can be carried out manually or automatically as +described. If you want to change previously set permissions later, this has to be done manually. +Retrospectively defining rights is not possible. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/_category_.json new file mode 100644 index 0000000000..2b4a3080aa --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Protective mechanisms", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "protective_mechanisms" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/password_masking.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/password_masking.md new file mode 100644 index 0000000000..31cb339a38 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/password_masking.md @@ -0,0 +1,67 @@ +--- +title: "Password masking" +description: "Password masking" +sidebar_position: 30 +--- + +# Password masking + +## What is password masking? + +The safest passwords are those that you do not know. Password masking follows this approach. It +prevents the password from being shown, while allowing the use of the automatic sign-on. You can +apply it via the button of the same name in the ribbon. + +![button password masking](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/password_masking/password_masking_1-en.webp) + +## Relevant rights + +The following option is required to apply password masking. + +### User right + +- Can apply password masking + +### Required permissions + +In the same way as for the [Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md) configuration, the **authorize permission** +for the record is required to apply or remove the masking. Users who have the **authorize +permission** for a record can continue to use the record without limitations after applying password +masking. Password masking only applies to users without the "can apply password masking" right. + +NOTE: Password masking can only be applied to records with an existing password! + +## Applying password masking + +The icon in the ribbon allows users with the required permissions to apply password masking +following a confirmation prompt. By default, the privacy is for all those who have at least reading +permission, but not the permission **authorize**. + +### Password masking via form field permissions + +As an alternative, you can also apply password masking via the +[Form field permissions](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/form_field_permissions.md). In the +[List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) of a record, there is a separate +button in the ribbon for that purpose. Ensure that the password field is highlighted. + +![form field permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/password_masking/password_masking_2-en.webp) + +The special feature when setting or editing masking via the form field permissions is that you can +individually select users to whom masking will be applied. In the following example, masking has +been specified only for the role of “trainees”, although the “IT” role does not have the **authorize +permission** either. In addition to the name of the role or the user, the icon symbolizes the fact +that visa protection applies to trainees. + +![example password masking](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/password_masking/password_masking_3-en.webp) + +NOTE: Use the icon in the ribbon to apply password masking to all users who have read permission on +the record, but not the **authorize permission**. If you wish to specify more precisely for which +users the password masking should be applied, this is also possible via the form field permissions. + +NOTE: It is important to note that the login mask for records with password masking will be "sent +automatically", even if the setting **Browser Extensions: Automatically send login masks** has been +deactivated. + +**CAUTION:** The password masking only applies to those users who are authorized at the time of +attachment to the record. If a record has the password masking and a user get´s authorized the +record is **not protected** for this user. The password masking should then be removed and reset. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/protective_mechanisms.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/protective_mechanisms.md new file mode 100644 index 0000000000..b3faa425c3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/protective_mechanisms.md @@ -0,0 +1,62 @@ +--- +title: "Protective mechanisms" +description: "Protective mechanisms" +sidebar_position: 40 +--- + +# Protective mechanisms + +## What are protective mechanisms? + +The primary goal of Netwrix Password Secure is to ensure data security at all times. The +authorization concept is naturally the most important component when it comes to granting users the +intended level of permissions for accessing data. Specifically, this makes it possible to make +certain information only available to selected employees. Nevertheless, it is still necessary to +have protective mechanisms above and beyond the authorization concept in order to handle complex +requirements. + +- [Visibility](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/visibility.md) is not separately configured but is instead directly + controlled via the authorization concept (read permission). Nevertheless, it represents an + important component within the existing protective mechanisms and is why a separate section has + been dedicated to this subject. +- By configuring [Temporary permissions](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/temporary_permissions.md), it is + possible to grant users or roles temporary access to data. +- [Password masking](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/password_masking.md) enables access to the system without + having to reveal the passwords of users. The value of the password remains constantly hidden. +- To link the release of highly sensitive access data to a double-check principle, it is possible to + use [Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md). The configuration of users or roles with the permissions to issue a + release is possible down to a granular level and is always adaptable to individual requirements. + +The following diagram shows a summary of how the existing protective mechanisms are integrated into +the authorization concept. + +![protective mechanism diagram](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/protective_mechanisms-en.webp) + +In the interplay of the +[Authorization and protection mechanisms](/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md), +almost all conceivable scenarios can be depicted. It is worth mentioning again that the +authorization concept is already a very effective tool, with limited visibility of passwords and +data records. This concept is present everywhere in Netwrix Password Secure, and will be explained +in more detail below. + +## Visibility as a basic requirement + +It should always be noted that **visibility** is always a basic requirement for applying further +protective mechanisms. A record that is completely hidden from a user (= no read permission) can +naturally not be given any further protective mechanisms. + +NOTE: The visibility of a record is always the basic requirement for applying further protective +mechanisms + +## Combining multiple protective mechanisms + +In principle, there are a diverse range of possibilities for combining the above-mentioned +protective mechanisms. Temporary access to a “masked” record is possible just as having a “masked” +record which is additionally secured by a double-check principle is also possible. **Nevertheless, +it should be noted that temporary permissions in combination with seals always pose a risk.** If +releasing a seal requires approval from a person who only possesses or possessed temporary +permissions or will only possess them in future, this could naturally conflict with the configured +release criteria. + +**CAUTION:** The combination of seals and temporary permissions is not recommended if the user with +permissions to issue a release has only been given temporary permissions. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/_category_.json b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/_category_.json new file mode 100644 index 0000000000..bb90850646 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Seals", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "seals" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/release_mechanism.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/release_mechanism.md new file mode 100644 index 0000000000..674cdd9552 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/release_mechanism.md @@ -0,0 +1,67 @@ +--- +title: "Release mechanism" +description: "Release mechanism" +sidebar_position: 20 +--- + +# Release mechanism + +## What is the release mechanism? + +A sealed password will not be released until the number of approvals required in the seal has been +granted. Releases can be granted by anyone who has been defined as having the required permissions +to issue the release in the seal. The mechanism describes the complete process from the first +release request to the final grant of the release and the breaking of the seal. + +## Users and roles in the release mechanism + +As noted in the previous sections, seals always restrict the right of a user to view a specific +password. Even if the configuration is usually done at the level of the role, each user is naturally +responsible for his own request when carrying out the release. Even if a seal is defined for a role, +technically separate seals are created for each individual member of the role. + +NOTE: Requests or releases are only valid for the respective user! + +**CAUTION:** If a user is a member of several roles of a seal, the "stronger" right is always +applied. Release rights have a priority over read rights + +## 1. Requesting a release + +In order to release a seal for sealed passwords, this must be requested from the user with the +required permissions to issue the release. Within the Netwrix Password Secure client, this can be +done via the buttons **Reveal** and **Seal** in the ribbon, as well as via the **Icon in the +password field** of the data record in the reading pane. + +![seal protection](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/release_mechanism/release_mechanism_1-en.webp) + +A modal window opens, which can be used to request the seal. The reason for the entry will be +displayed to the users with the required permissions to issue the release. + +![start seal process](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/release_mechanism/release_mechanism_2-en.webp) + +All user with the required permissions to issue the release will be notified that the user has +requested the seal. This can be viewed via the module +[Notifications](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/notifications.md), as well as in the Seal +overview. + +## 2. Granting a release + +The [Seal overview](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seal_overview.md) can be opened via the seal symbol in the +ribbon directly from the mentioned notification. It is indicated by the corresponding icon that +there is a need for action. All relevant data for a release are illustrated within the seal +overview. The reason given in the release is also evident. + +![seal overview](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/release_mechanism/release_mechanism_3-en.webp) + +If the release is granted, the Inquirer Im **Module Notifications** will be informed. You can also +open the seal directly from the ribbon and see the now released state. + +![notification seal status](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/release_mechanism/release_mechanism_4-en.webp) + +## 3. Breaking the seal + +As soon as the requesting user has received the number of the required releases, he will be informed +via the notifications as usual. The seal can now be broken. From this point on, the user will be +able to see the password. + +![broken seal](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/release_mechanism/release_mechanism_5-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seal_overview.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seal_overview.md new file mode 100644 index 0000000000..88f6a6cf3d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seal_overview.md @@ -0,0 +1,57 @@ +--- +title: "Seal overview" +description: "Seal overview" +sidebar_position: 10 +--- + +# Seal overview + +## What is the seal overview? + +Users with the required permissions to issue the releases receive access to the current state of the +existing seals at any time via the seal overview. The overview is accessible via the ribbon as well +as the icon in the password field of the reading pane. + +![button seal](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_overview/seal_overview_1-en.webp) + +## The four states of a seal + +The seal overview provides an overview of all users who have access to the sealed data set. This is +also the case when they receive the seal on the membership of a role. Functions for editing and +removing existing seals are also available. In addition, the current state of the seal is displayed +in the form of a release matrix. There are a total of **four states**, in which a seal can be: + +![states of seal](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_overview/seal_overview_2-en.webp) + +#### 1. Sealed + +If a data record for a user **is sealed**, the user is prevented from seeing the password by the +seal. This corresponds to the condition when a seal has been newly installed. By resetting a request +via the icon at the right edge of the screen, current requests from individual users are also +returned to the "sealed" state. + +#### 2. Release process + +If a user has requested a release, it is in the **release process**. This status is highlighted by +an icon next to the user name, since a possible release can be actively granted by the authorized +user. These so-called **important entries** can also be filtered in the headline of the seal +overview in via the column. The maximum duration of an release request can be configured in the +advanced seal settings. If the deadline has elapsed without sufficient releases being made, the +request is deleted and the state “sealed” is restored. + +#### 3. Released + +If a release is granted, a seal is approved as **released**. The maximum duration of a granted +release can be limited in the advanced seal settings. The user then has, for example, 24 hours to +accept the release and break the seal. + +#### 4. Broken + +The actual **seal breach** is obtained by acquiring knowledge of the release and by actively +breaking the seal after a security query. Viewing the password is irrelevant. Once broken seals can +be manually reset by the icon to the right of the broken seal column. The state “Sealed” is +restored. + +**CAUTION:** It makes no sense to re-seal already visible passwords. The user was able to view the +password. Therefore, it is not monitorable whether the password has been saved, for example, by +screenshot. In such cases, a new password is the only way to guarantee 100% password security! diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md new file mode 100644 index 0000000000..e39c9c212c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md @@ -0,0 +1,149 @@ +--- +title: "Seals" +description: "Seals" +sidebar_position: 40 +--- + +# Seals + +## What are seals? + +Passwords are selectively made available to the different user groups by means of the +[Authorization and protection mechanisms](/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md). +Nevertheless, there are many scenarios in which the ability to view and use a record should be +linked to a release issued in advance. In this context, the seal is an effective protective +mechanism. This multi-eye principle protects passwords by securing them with granular release +mechanisms. If you want to see a password, this must be requested and released. The release can also +be temporary. + +## Relevant rights + +The following option is required to add a seal. + +## User right + +- Can add seal + +## Required permissions + +Firstly, the user must have the **authorize permission** for the record in order to create seals. +The read permission to all users and roles that are contained in the seal is also required. The +exact configuration of password masking and permissions for records is described in detail in the +Authorization concept section. + +## What exactly is sealed? + +Technically speaking, the password itself is not sealed. It is the permission to see a password +field that is protected by a seal. This allows for the most sensitive configurations, in which one +group can use the password without restrictions, but the same password is sealed for other users. +The wizard assists users in applying seals, as well as in future maintenance. + +**CAUTION:** The complete data set is never sealed! Only the permission to view a password is +protected by a seal. + +**CAUTION:** Be Aware" Only records that are protected with a password can be sealed! + +## Seal wizard + +All seal configurations are performed in the wizard. Both the application of new seals as well as +the processing and removing are possible. The current state of a seal can also be viewed in an +overview, which is accessible via the button in the ribbon. When the seal wizard is opened via the +ribbon, the wizard appears in the case of unsealed data sets, which runs in **four steps** through +the configuration of the seal. + +![seal button](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_1-en.webp) + +#### 1. Apply seal + +![multi-eye principe](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_2-en.webp) + +All objects that are sealed are displayed at the beginning. Depending on the data record, this can +be one object, or several. It is also possible to use existing +[Seal templates](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md). Optionally, you can +enter a reason for each seal. + +#### 2. Multi-eye principle + +The seal logic is the most basic element of this protective mechanism. Here, you define for which +users or roles the record should be sealed or released in the future. All those for whom the record +is to be sealed are displayed in red, while all users with the required permissions to issue a +release are displayed in blue. + +![example permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_3-en.webp) + +NOTE: All users and roles for which the data set is not sealed and which are not authorized for +release are displayed in green. These can use the data record independently of the seal. + +To avoid having to perform any configuration manually, roles and users are copied directly from the +authorizations of the data record. Compare with the "permissions" for the record (can be viewed via +the ribbon). + +![example permissions](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_4-en.webp) + +Supervisors should issue the releases for their employees. Therefore, the checkbox also follows the +existing authorizations. The following **scheme** is used: + +NOTE: All users and roles that have the **authorize permission** to the record are "authorized to +issue a release" for the seal by default. All users and roles that do not have the **authorize +permissions** to the record are copied directly into the "Sealed for" column. + +Here is a closer look at the permissions of the role **Administrators** on the record: + +![example multi-eye principe](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_5-en.webp) + +## Adjusting the seal logic + +Although standard authorizations are used as a basis for the sealing concept, these can be adapted. +The number of releases generally required is as configurable as the required number of releases from +a role. In the following example, the seal has been extended so that a total of three release +authorizations are required in order to release the seal **(Multi-eye principle)**. The role of the +administrators has been marked in the mandatory column. This means that it must grant at least one +release. In summary: A total of three releases must be made, whereby the group of administrators +must grant at least one release. + +![edit seal](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_6-en.webp) + +In order to be not only dependent on existing authorizations on the data set, other users can also +be added to the seal. The role accounting under "sealed for" has been added below. + +![define permission for the seal](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_7-en.webp) + +NOTE: When a role or a user is added to a seal, these users also receive permissions on the record +according to the authorization granted in the seal. A role that is added under "Sealed for" receives +the **Read permission** on the record. When you add authorization permissions, these will include +the **Read**, **Write**, **Delete**, and **Authorize** permission. + +**CAUTION:** All the roles that were once added to the seal can no longer be removed via the seal +logic. This is only possible directly via the authorizations of the data record! + +NOTE: It is possible to seal records for a user who is also authorized to issue a release. In this +constellation, it is important to ensure that at least one other user is authorized to issue a +release. In principle, you should never be able to issue a release for yourself. + +#### 3. Advanced settings + +Advanced seal settings allow you to adjust the multi-eye principle. Both the time validity of a +release request as well as a granted release can be configured. Multiple break defines whether after +the breaking of a seal by a user, other users may still break it. + +![advanced settings](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_8-en.webp) + +#### 4. Saving the seal + +Before closing the wizard, it is possible to save the configuration for later use in the form of a +template. [Seal templates](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/seal_templates.md) can be +optionally provided with a description for the purpose of overview. + +![save seal](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/seals/seals_9-en.webp) + +## Summary + +The permissions already present on the data set form the basis for any complex seal configurations. +It is freely definable which users have to go through a release mechanism before accessing the +password. The roles, which may be granted, are freely definable. An always accessible +[Seal overview](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seal_overview.md) allows all authorized persons to view the current +state of the seals. The section on the[Release mechanism](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/release_mechanism.md) +describes in detail the individual steps, from the initial release request to the final release. + +- [Seal overview](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seal_overview.md) +- [Release mechanism](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/release_mechanism.md) diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/temporary_permissions.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/temporary_permissions.md new file mode 100644 index 0000000000..8c1ab52484 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/temporary_permissions.md @@ -0,0 +1,47 @@ +--- +title: "Temporary permissions" +description: "Temporary permissions" +sidebar_position: 20 +--- + +# Temporary permissions + +## What are temporary permissions? + +So far, we have covered permissions that were valid for an unlimited period. However, a permission +can also be granted in advance with a time restriction. Examples are users who stay in the company +for a limited time, such as interns or trainees. + +## Configuration + +When configuring the +[Manual setting of permissions](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/manualsettingofpermissions/manual_setting_of_permissions.md), you can +specify a temporary release for each role. The start date as well as the end date is selected here. +You can start the configuration using the **Extras** area in the ribbon. + +![temporary permission](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/temporary_permissions/temporary_permissions-en.webp) + +In this example, the role "trainees" was granted the read permission to a data set for two weeks. + +## Color scheme + +The colors in the "time period" column provide information on the current status of the granted +permissions: + +- **Brown:** The temporary permission is configured but is still inactive. The selected time period + is still in the future. +- **Green:** The temporary permission is active. +- **Red:** The time period for the temporary permissions has already expired. + +NOTE: Temporary permissions can also be assigned to multiple roles and users at the same time. You +can select multiple users and roles as usual with Ctrl/Shift + left mouse button! + +## Special features of the authorization system + +Due to their very nature, temporary permissions leave lots of potential for incorrect +configurations. Conceivable constellations include a situation when the only user with all rights +only has temporary permissions. When these permissions expire, there is no longer any user with full +permissions. To prevent this happening, users with temporary permissions are handled differently. + +**CAUTION:** There must always be one user who has the “authorize” right to a record, who does not +only have temporary permissions. diff --git a/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/visibility.md b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/visibility.md new file mode 100644 index 0000000000..b224f8dbc1 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/visibility.md @@ -0,0 +1,40 @@ +--- +title: "Visibility" +description: "Visibility" +sidebar_position: 10 +--- + +# Visibility + +## Visibility of data + +The use of a [Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md) is generally the gateway to +displaying existing records. Nevertheless, this aspect of the visibility of the records is closely +interwoven with the existing permissions structure. Naturally, a user can always only see those +records for which they have at least a read Permission. This doctrine should always be taken into +consideration when handling records. [Tags](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/tags.md) are not +subject to any permissions and can thus always be used as filter criteria. Nevertheless, the +delivered results will only contain those records for which the user themselves actually has +permissions. A good example here is the tag “personal record”. Every user can mark their own record +as personal – yet each user will naturally only be able to find their own personal records. + +## Creating independently working environments + +The possibility of separately defining the visibility of individual objects is one of the special +features within the Netwrix Password Secure authorization concept. Irrespective of whether handling +records, documents, organisational structures, roles or forms: it is always possible to define +whether a user or a role possesses a read permission to the object or not. The permissions for each +of these objects can be defined separately via the ribbon in the permissions dialogue. This approach +enables the creation of independently existing departments within a database. The permissions +structure for the SAP form can be seen below. It shows that only the sales manager and the +administrators are currently permitted to create new records of type SAP. + +![example permissions on a form](/images/passwordsecure/9.2/configuration/advanced_view/permissionconcept/predefining_rights/protective_mechanisms/visibility/visibility-en.webp) + +In general, each department can independently use forms, create passwords and manage hierarchies in +this way. Especially in very sensitive areas of a company, this type of compartmentalization is +often required and also desired. + +NOTE: An alternative also supported by Netwrix Password Secure is for each department to set up +their own MSSQL database. However, this physical separation requires considerably more +administration work than the above-mentioned separation of data based on permissions and visibility. diff --git a/docs/passwordsecure/9.3/configuration/autofilladdon/_category_.json b/docs/passwordsecure/9.3/configuration/autofilladdon/_category_.json new file mode 100644 index 0000000000..52e6e25746 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/autofilladdon/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Autofill Add-on", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "autofill_add-on" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/autofilladdon/autofill_add-on.md b/docs/passwordsecure/9.3/configuration/autofilladdon/autofill_add-on.md new file mode 100644 index 0000000000..4fa7aecf05 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/autofilladdon/autofill_add-on.md @@ -0,0 +1,65 @@ +--- +title: "Autofill Add-on" +description: "Autofill Add-on" +sidebar_position: 60 +--- + +# Autofill Add-on + +## What is the Autofill Add-on? + +The Autofill Add-on is responsible for the automatic entry of login data in applications. This +enables logins without knowledge of the password, which can be a particularly valuable tool in +combination with +[Password masking](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/password_masking.md). +The +[Authorization and protection mechanisms](/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md) +is used to define which users should receive access. + +However, the password remains hidden because it is entered by Netwrix Password Secure. + +#### Requirements + +The Autofill Add-on is installed together with the Netwrix Password Secure client and can then be +used by users (assuming they have sufficient permissions). A separate installation is thus not +necessary. A desktop link is created for both the client and also for the Autofill Add-on. + +User rights + +The right **Can create web applications** is required for creating new web applications\* + +NOTE: The agent can control multiple databases at the same time + +#### Functionality + +The functionality of the Autofill Add-on is illustrated in the following diagram. + +![Automatic entries diagram](/images/passwordsecure/9.2/configuration/autofill_add-on/installation_with_parameters_125-en.webp) + +RDP and SSH +sessions(![1](/images/passwordsecure/9.2/configuration/autofill_add-on/1.webp) +) are not automatically started via the Autofill Add-on. Applications are created for this purpose +in the Netwrix Password Secure client. The creation and use of these connections is explained in +detail in the corresponding section. + +Automatically starting all other types of connection is the task of the **Autofill Add-on**. The +following types of connections exist: + +- Entering login data in Windows applications: Alongside the above-mentioned RDP and SSH sessions, + other Windows applications can also be automated + (![2](/images/passwordsecure/9.2/configuration/autofill_add-on/2.webp)). + A major difference is that the two above-mentioned connections are set up and “embedded” in a + separate tab. Other applications, such as e.g. VMware, are directly started as usual. In these + cases, the Autofill Add-on takes over the communication between the application server and the + Windows applications. + +NOTE: For entering data on websites, the record must contain at least the following fields: User +name, password, URL. + +#### Conclusion + +As the Autofill Add-on is directly connected to the application server, login data can also be +entered without the main client. Exceptions are the RDP and SSH connections. These are forced to +remain part of the client. The Autofill Add-on thus acts as a lean alternative for the use of the +client with the two limitations mentioned. Naturally, all of the steps completed are still entered +in the logbook and are always traceable. diff --git a/docs/passwordsecure/9.3/configuration/autofilladdon/configuration_autofill_add-on.md b/docs/passwordsecure/9.3/configuration/autofilladdon/configuration_autofill_add-on.md new file mode 100644 index 0000000000..f41c588795 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/autofilladdon/configuration_autofill_add-on.md @@ -0,0 +1,43 @@ +--- +title: "Configuration" +description: "Configuration" +sidebar_position: 10 +--- + +# Configuration + +## Starting the Autofill Add-on + +The Autofill Add-on can be directly started via the desktop link that is automatically created when +it is installed. The login data correspond to the normal user data for the client. + +![Login SSO](/images/passwordsecure/9.2/configuration/autofill_add-on/configuration/installation_with_parameters_129-en.webp) + +To log in, the desired database and the associated login data are firstly selected. The Autofill +makes all of the databases configured on the client available. It is also possible to create +profiles as usual so that the connection data for certain databases can be used efficiently in the +future. + +NOTE: The agent accesses the same configuration file as the client. All changes to profiles will +thus also affect the client. New profiles can thus also be created via the Autofill. + +#### Context menu functionality + +After successfully logging in, the Autofill Add-on firstly runs in the background. Right click on +the icon in the system tray to open the context menu. + +![icon options](/images/passwordsecure/9.2/configuration/autofill_add-on/configuration/installation_with_parameters_130-en.webp) + +- **Disconnect**: Connect to database/disconnect from database. (All connections are shown for + multiple databases) +- **Login** enables you to log into another database +- **Disable/Enable agent** allows you the option of temporarily disabling automatic login +- A diverse range of variables can be defined via the **Settings** +- **Reload all Data** + +Settings + +![settings sso agent](/images/passwordsecure/9.2/configuration/autofill_add-on/configuration/installation_with_parameters_131-en.webp) + +- The desktop notifications display various information, such as when data is entered +- Start with Windows includes the Autofill Add-on in the autostart menu diff --git a/docs/passwordsecure/9.3/configuration/basicview/_category_.json b/docs/passwordsecure/9.3/configuration/basicview/_category_.json new file mode 100644 index 0000000000..15a94b2924 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "The Basic view", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "basic_view" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/basicview/basic_view.md b/docs/passwordsecure/9.3/configuration/basicview/basic_view.md new file mode 100644 index 0000000000..bca147482d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/basic_view.md @@ -0,0 +1,31 @@ +--- +title: "The Basic view" +description: "The Basic view" +sidebar_position: 30 +--- + +# The Basic view + +![light-client-en](/images/passwordsecure/9.2/configuration/basic_view/light-client-en.webp) + +## What is the Basic view about? + +The Basic view is a lean tool for every end user. It guarantees quick and easy access to the daily +needed passwords. Although the Basic view has a limited range of functions, it can be operated +intuitively and without previous knowledge or training by any user. The Basic view is designed for +up to 50 passwords. The Basic view introduces to professional password management. It is also the +ideal tool for the daily handling of passwords. + +![image1](/images/passwordsecure/9.2/configuration/basic_view/image1.webp) + +## Requirements & required rights + +You don’t need any special permission to use the Basic view. However, the handling of the Basic +views can be set via rights and settings. Read more in chapter +[To do for Administration](/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/to_do_for_administration.md). + +#### Installation + +The Basic view is installed directly with the Web Application, so you don’t need any special +installation. For further information, visit the +chapter[Installation Client](/docs/passwordsecure/9.3/installation/installationclient/installation_client.md) diff --git a/docs/passwordsecure/9.3/configuration/basicview/checklist_of_the_basic_view.md b/docs/passwordsecure/9.3/configuration/basicview/checklist_of_the_basic_view.md new file mode 100644 index 0000000000..0f58657d3a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/checklist_of_the_basic_view.md @@ -0,0 +1,40 @@ +--- +title: "Checklist of the Basic view" +description: "Checklist of the Basic view" +sidebar_position: 20 +--- + +# Checklist of the Basic view + +## Checklist for setting the Basic view + +This checklist helps the administrator in setting the Basic view. To work smoothly with the Basic +view, the following points must be observed: + +1. Select form + +The stored form must cover all required field types. At least required: **Text, username, password, +URL** + +2. Set display of the Basic view or Advanced view + +The setting **Display passwords in Basic view & display passwords in Advanced view** allows you to +configure the display of both clients. The passwords can be displayed with an icon, logo or in text +form. + +3. Are users in the right organisational unit? + +Check if the user is in the correct organisational unit. The **add** right to the organisational +unit is also required so that users can create passwords in the Basic view. + +4. Define user as Basic view user + +You can either define the user directly as Basic view user. This works by changing the user type +accordingly. Alternatively, you can activate the setting **Start Basic view at next login.** This +will prompt the user to log in to the Basic view. + +![image2](/images/passwordsecure/9.2/configuration/basic_view/checklist/image2.webp) + +5. Add default applications (optional) + +It is advised to create the applications, which shall be stored as passwords, beforehand. diff --git a/docs/passwordsecure/9.3/configuration/basicview/password_management.md b/docs/passwordsecure/9.3/configuration/basicview/password_management.md new file mode 100644 index 0000000000..fc468a0f2c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/password_management.md @@ -0,0 +1,68 @@ +--- +title: "Password management" +description: "Password management" +sidebar_position: 60 +--- + +# Password management + +## Creating passwords + +This chapter deals with the main functionality of Basic view, namely the secure storage and +management of passwords. It should be noted that a password can be stored in different ways. + +NOTE: The required settings and rights are given by the in-house administration. Further information +can be found here: To do for the administration + +#### Create with application + +**Prerequisite:** An existing application is available. It does not matter whether this is an SSO, +web, RDP, or SSH application. + +![create password](/images/passwordsecure/9.2/configuration/basic_view/password_management/create-password-en.webp) + +NOTE: Managing and creating the corresponding applications is the responsibility of the in-house +administration. How to create an application can be read here and in the following chapters. + +Clicking on the existing application opens a window that asks for the user name and password. + +![create-password-light](/images/passwordsecure/9.2/configuration/basic_view/password_management/create-password-light.webp) + +Once these fields are filled in, the record is created. + +![created record](/images/passwordsecure/9.2/configuration/basic_view/password_management/apple-icon-en.webp) + +Now the record can be opened by clicking on the corresponding tile. + +#### Create without application + +Alternatively, it is also possible to create a data set without an application. + +By clicking on the + symbol or right click ->New or CTRL+N a new window opens. In this window, the +information relevant for the stored form is entered in the Password tab. It is also possible to +assign the data record to each organizational unit to which the creating user is authorized. It does +not matter in which tab the user is located. If a rights template is defined for the selected +organizational unit, then this template will take effect at this point. It is also possible to +define one or more corresponding tags for the data set. + +![create new password](/images/passwordsecure/9.2/configuration/basic_view/password_management/create-new-password-en.webp) + +![create-light-client](/images/passwordsecure/9.2/configuration/basic_view/password_management/create-light-client.webp) + +In the next step, an application can be added to the newly created data record, if one already +exists. To do this, go to the Linked Applications tab. + +![linked applications](/images/passwordsecure/9.2/configuration/basic_view/password_management/linked-applications-en.webp) + +Then the whole process is completed by clicking the "Finish" button. + +![netwrix logo](/images/passwordsecure/9.2/configuration/basic_view/password_management/netwrix-logo-en.webp) + +## Changing and deleting passwords + +In order to change or delete passwords you should stay on the corresponding tile with the mouse +cursor. The control button will appear. + +When you click the button, you will be offered the "Edit" and "Delete" options, among others. + +![options record light client](/images/passwordsecure/9.2/configuration/basic_view/password_management/options-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/basicview/start_and_login_basic_view.md b/docs/passwordsecure/9.3/configuration/basicview/start_and_login_basic_view.md new file mode 100644 index 0000000000..6a94328cd6 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/start_and_login_basic_view.md @@ -0,0 +1,52 @@ +--- +title: "Start and Login" +description: "Start and Login" +sidebar_position: 30 +--- + +# Start and Login + +## Starting the Web application + +To start the Basic view, the Web application must be started first. + +As soon as the login mask appears, the login data of the corresponding user are entered there. It is +essential to ensure that the variant set up by the administrator is used. There are several options +for this: + +local user: + +e.g. administrator (user name administrator) + +![image3](/images/passwordsecure/9.2/configuration/basic_view/start_and_login/image3.webp) + +AD User: + +There are 2 possibilities here: + +1. username like the local user (e.g. administrator) + +2. domain and username (e.g. nps\administrator) + +![image4](/images/passwordsecure/9.2/configuration/basic_view/start_and_login/image4.webp) + +**CAUTION:** Please ask your administrator if you are not sure which login details apply to you! + +#### Change to the web view of the Basic view + +As soon as the login was successful, you are now either: + +- directly in the web view of the Basic view, because the user is a Basic view user. + +or + +- in the Web Application. To switch from the Web Application to the Basic view web view, you have to + click on your profile name. There you will be offered the option **"Switch to the Basic view"**. + +![switch to lightclient](/images/passwordsecure/9.2/configuration/basic_view/start_and_login/switch-to-lc-wc-en.webp) + +The Basic view web view is in no way inferior to the Basic view. The same functions are given except +for the download of the favicons (icon, symbol or logo used by web browsers to mark a website in a +recognizable way). + +![LightClient in WebClient](/images/passwordsecure/9.2/configuration/basic_view/start_and_login/wc-lc-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/basicview/tab_system.md b/docs/passwordsecure/9.3/configuration/basicview/tab_system.md new file mode 100644 index 0000000000..142059e7fd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/tab_system.md @@ -0,0 +1,42 @@ +--- +title: "Tab system" +description: "Tab system" +sidebar_position: 50 +--- + +# Tab system + +## What is the tab system? + +The tab system helps to structure the passwords in order to manage and find them more easily. For +this purpose, several tabs can be created and switched between them with a click. + +![tabs LightClient](/images/passwordsecure/9.2/configuration/basic_view/tab_system/tabs-lc-en.webp) + +## Personal and public tabs + +Basic view distinguishes between personal and public tabs. The personal tab contains the passwords +that are exclusively in the organizational unit of the logged-in user. In Advanced view, these are +the passwords assigned to the personal organizational unit + +![tabs](/images/passwordsecure/9.2/configuration/basic_view/tab_system/tab-lc-1-en.webp) + +Furthermore, public tabs are also available. These correspond to the public + +organizational units on the Advanced view. It is also possible to store all public organizational +units as public tabs. No upper limit is set here. + +![public tab](/images/passwordsecure/9.2/configuration/basic_view/tab_system/public-tab-en.webp) + +## Showing and hiding tabs + +The public tabs can be shown and hidden as needed. The X closes the current tab. + +![close tab](/images/passwordsecure/9.2/configuration/basic_view/tab_system/close-tab-en.webp) + +A public tab can be displayed again with a simple click on the +. + +![select organisational unit](/images/passwordsecure/9.2/configuration/basic_view/tab_system/select-ou-en.webp) + +In the subsequent dialog, only the desired organizational unit must be selected and confirmed with +OK. All organizational units to which the user is authorized are available here. diff --git a/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/_category_.json b/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/_category_.json new file mode 100644 index 0000000000..2477c2f261 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "To do for Administration", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "to_do_for_administration" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/errorcodes_of_the_lightclient.md b/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/errorcodes_of_the_lightclient.md new file mode 100644 index 0000000000..ddbeb82e9d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/errorcodes_of_the_lightclient.md @@ -0,0 +1,51 @@ +--- +title: "Errorcodes of the Basic view" +description: "Errorcodes of the Basic view" +sidebar_position: 10 +--- + +# Errorcodes of the Basic view + +## Error codes for administration + +If problems with the Basic view should appear, they are classified by error codes. These codes help +the administration to stop problems even more quickly and solve them. There are 7 different types of +error codes: + +SavePasswordUnknown + +An unexpected error has occurred. Further information can be found in the event display of the +application server. + +SavePasswordPlausibilityField + +The plausibility has not been fulfilled when saving a password. The mandatory fields of the +deposited form should be checked. + +![installation_with_parameters_156_795x595](/images/passwordsecure/9.2/configuration/basic_view/administration/errorcodes/installation_with_parameters_156_795x595.webp) + +NoDefaultForm + +No standard form was selected. The form can be stored in the settings under **Standard form (for the +Basic view).** + +![installation_with_parameters_157](/images/passwordsecure/9.2/configuration/basic_view/administration/errorcodes/installation_with_parameters_157.webp) + +DefaultFormNotFound + +The rights of the form must be checked. The user must have at least the permission to read the form. + +DefaultFormMissingFields + +The form has been set correctly. However, the field types in the form must be checked. At least +required: Text, user name, password, URL. + +DefaultFormImpossiblePlausibility + +When creating a password for an application, there is a field which is not displayed. Therefore, the +plausibility in fields should be checked. + +NoValidOrganisation + +Is only relevant for the web view of the Basic view. It is activated if you want to create a +password using the add-on and the user does not have an OU in which to create it. diff --git a/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/to_do_for_administration.md b/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/to_do_for_administration.md new file mode 100644 index 0000000000..b5253b7db6 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/todoforadministration/to_do_for_administration.md @@ -0,0 +1,73 @@ +--- +title: "To do for Administration" +description: "To do for Administration" +sidebar_position: 10 +--- + +# To do for Administration + +## Conditions for using the Basic view + +The Basic view allows end users to easily manage their passwords in Netwrix Password Secure without +any training or prior knowledge. In order to ensure proper operation, the administration has to make +a few preparations first. This will be further discussed in the following. + +NOTE: To make the Basic view transition as easy and smooth as possible for the user, the +administration can orient towards this checklist. + +#### Relevant rights and settings + +This section lists the rights and settings the user needs to work with the Basic view. The +administration can adjust these rights and settings at its own discretion. + +#### Rights + +| User right | Chapter | +| ---------------------------------------------------------- | ------- | +| Can add individual passwords in the basic view | | +| Can close tab of own organisational unit in the basic view | | + +#### Settings + +| Settings | Chapter | +| ----------------------------------------------------------- | ------- | +| Include subordinated organisational units in the basic view | | +| Start web application in basic view on next login | | +| Display kind of passwords in the basic view | | +| Switch logo view on mouse over in the basic view | | + +## Password Management in the Basic view + +There are several ways to provide/create passwords in the Basic view. + +#### Predefined passwords + +Predefined passwords have already been created on the FullClient. Basic view users must at least +obtain the right to read a record in order to use the password. + +![installation_with_parameters_154](/images/passwordsecure/9.2/configuration/basic_view/administration/installation_with_parameters_154.webp) + +#### Creating passwords via applications + +In order to use applications on the Basic view, the administration must first create them on the +FullClient. By clicking on the application, the end user can easily generate secure passwords. To be +able to use the application, the user needs at least the authorization to **read**. + +Further information on this topic can be found in the chapter +[Applications](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/applications/applications.md). + +![installation_with_parameters_155](/images/passwordsecure/9.2/configuration/basic_view/administration/installation_with_parameters_155.webp) + +#### Creating passwords via applications without applications + +Please consider the following rights and settings so that Basic view users can create new passwords. + +User rights: + +- Can create individual passwords in the Basic view + +Setting: + +**Default form** Otherwise, no form can be assigned to the new password. + +- Add right to the organisational unit of the user diff --git a/docs/passwordsecure/9.3/configuration/basicview/view.md b/docs/passwordsecure/9.3/configuration/basicview/view.md new file mode 100644 index 0000000000..8c8b27209d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/basicview/view.md @@ -0,0 +1,64 @@ +--- +title: "View" +description: "View" +sidebar_position: 40 +--- + +# View + +## The view of the Basic view + +The Basic view interface is arranged in tiles. If a logo/icon has been stored for a password in the +image management, this can optionally be displayed with the associated data record. If the logo of +the password is not available, a reduced Outlook view is displayed. + +1. view of a Basic view button with stored logo + +![apple-logo](/images/passwordsecure/9.2/configuration/basic_view/view/apple-logo.webp) + +2. view of a Basic view button without logo, but with deposited web address + +![mindfactory-logo](/images/passwordsecure/9.2/configuration/basic_view/view/mindfactory-logo.webp) + +3. view of a Basic view button without stored web address/logo + +![sql-server-log](/images/passwordsecure/9.2/configuration/basic_view/view/sql-server-log.webp) + +Click on the tile to open the application. + +![SSO LightClient](/images/passwordsecure/9.2/configuration/basic_view/view/sso-lc-en.webp) + +The tiles can be dragged and dropped to the desired position + +![move tiles](/images/passwordsecure/9.2/configuration/basic_view/view/move-tiles-en.webp) + +## Mouseover + +As with add-ons, the control button is displayed as soon as you hover the mouse over the +corresponding elements. This process is known as "mouseover". + +![View LightClient](/images/passwordsecure/9.2/configuration/basic_view/view/view-lc-en.webp) + +When you click the button, the following options become visible: + +- -New (A new record can be created.) +- -Edit (The selected record can be edited.) +- Move (The selected record can be moved to another organisational unit) +- Move to bin (the selected record can be deleted.) +- -Copy username (the username of the selected record will be copied to the clipboard). +- -Copy password (the password of the selected record will be copied to the clipboard). +- Typing assistance (Use this view to easily type out passwords) +- -Refresh (The record will be updated.) + +You can only perform the above operations if you are sufficiently authorized. Please point this out +to your in-house administrator if this is not the case for you. + +**CAUTION:** You can only execute the mentioned operations if you are sufficiently authorized. +Please point this out to your in-house administrator if this is not the case for you. + +## Image management + +Usually, the setup of logos/icons in the i**mage management** is done by the in-house +administration. You can learn more about this in the FullClient +[Image management](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/extras/image_manager.md) +documentation. diff --git a/docs/passwordsecure/9.3/configuration/browseraddons/_category_.json b/docs/passwordsecure/9.3/configuration/browseraddons/_category_.json new file mode 100644 index 0000000000..8b9ec7085c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/browseraddons/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Browser Add-ons", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "browser_add-ons" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/browseraddons/applications_add-on.md b/docs/passwordsecure/9.3/configuration/browseraddons/applications_add-on.md new file mode 100644 index 0000000000..0bc1f16d00 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/browseraddons/applications_add-on.md @@ -0,0 +1,89 @@ +--- +title: "Applications" +description: "Applications" +sidebar_position: 10 +--- + +# Applications + +## What are applications? + +Data can be entered on many websites without further configuration. The website is scanned in order +to find data entry fields in which the user name and password can then be entered. No further steps +are thus necessary. For websites where data cannot be entered directly, it is necessary to create an +application manually. These applications correspond to working guidelines that precisely define +which information should be entered into which target field. The full script that describes the +assignment is called an “**application**”. + +![registration with and without application](/images/passwordsecure/9.2/configuration/browseradd-ons/applications/installation_with_parameters_142-en.webp) + +The diagram starts with the user navigating to a website. The application server is then checked to +see whether a record has been saved for this website for which the currently registered user also +has the required permissions. If this is the case, the information required for the login is sent to +the Browser Extension in encrypted form. The password is only decrypted in the add- on shortly +before it is entered. There are two ways in which the information is entered: **Data entry without +application** and **Data entry with application**. + +Data entry without application + +The data entry without application process is sufficient for most websites because the fields can be +directly assigned (mapping). The system checks in the background whether a login mask has been found +for any websites visited. The URL is now used to check if there are any records in the linked +websites that would fit the page. It is only necessary for the hostname including the domain suffix, +such as .de or .com, to match. The data are then entered. In this case, the user name is transmitted +to the first user name field that can be found on the page. The password is also entered into the +first password field found on the page. If automatic login has been activated in the settings, this +is also carried out by clicking the login button. + +#### Data entry with application + +It is not possible to automatically recognise the fields that must be filled on some websites. An +application needs to be created in these cases. If more than two fields need to be transferred, it +is also necessary to create an application. In this context, “application” means instructions that +are used to enter information into the fields. It thus assigns fields in the record to the +associated fields on the website. This mapping process only needs to be configured once. The +applications is responsible for entering data in the fields on the website from then on. In the +following example, the data entry process is carried out from the client. Naturally, this is also +possible via [Browser Add-ons](/docs/passwordsecure/9.3/configuration/browseraddons/browser_add-ons.md). The procedure remains the same. + +![installation_with_parameters_143](/images/passwordsecure/9.2/configuration/browseradd-ons/applications/installation_with_parameters_143.webp) + +The URL is checked to see whether the record matches the web page. It is only necessary for the +hostname including the domain suffix (“.de” or “.com”) to match. + +## Creating applications + +**CAUTION:** The user right Can add new web applications is required in order to create applications + +If the login mask on a website cannot be automatically completed, it is necessary to manually create +an application. To create an application, the desired website is first called up. The add-on is then +started via the relevant icon. The menu item “Create application\* can be found here + +![create application](/images/passwordsecure/9.2/configuration/browseradd-ons/applications/installation_with_parameters_144-en.webp) + +A modal window now opens. The actual application is now created here. + +![modal application window](/images/passwordsecure/9.2/configuration/browseradd-ons/applications/installation_with_parameters_145-en.webp) + +The following options are available: + +- **Advanced options** allows you to define a delay separately for each field when entering the + data. This is sensible when the process of entering the data would otherwise not run smoothly on + sluggish websites. +- The **Move** setting can be used to change the position of the modal window if it covers the login + window + +To capture, click on the first field to be filled on the website. It will be directly added to the +list in the modal window. For better identification, fields that belong together are marked in +colour. + +![choosed application field](/images/passwordsecure/9.2/configuration/browseradd-ons/applications/installation_with_parameters_146-en.webp) + +The field type (e.g. INPUT) and the field label are displayed in the field itself. In addition, an +action is proposed which fits the field type, such as e.g. entering the user name. The action can +naturally be adjusted if required. Once all fields have been captured, the system checks whether the +actions are correct. Finally, the application can be saved. + +![example for a application](/images/passwordsecure/9.2/configuration/browseradd-ons/applications/installation_with_parameters_147-en.webp) + +The saved application is now available for the user and can be used via the add-on. diff --git a/docs/passwordsecure/9.3/configuration/browseraddons/browser_add-ons.md b/docs/passwordsecure/9.3/configuration/browseraddons/browser_add-ons.md new file mode 100644 index 0000000000..933e5b0da3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/browseraddons/browser_add-ons.md @@ -0,0 +1,128 @@ +--- +title: "Browser Add-ons" +description: "Browser Add-ons" +sidebar_position: 50 +--- + +# Browser Add-ons + +Passwords can also be used in the browser using the browser add-on. You can search for passwords in +the add-on, transfer them to the clipboard or enter them in the input mask of the website +automatically. The automatic login may require applications. + +In order to provide the data, the add-on needs a connection to the database. This can be set up +directly in server mode. + +Currently, add-ons are available for the following browsers: + +- Microsoft Edge +- Google Chrome +- Mozilla Firefox +- Safari + +![Add-on Browser](/images/passwordsecure/9.2/configuration/browseradd-ons/addon-connections-en.webp) + +## Installation + +Please find more information about the installation on: Installation Browser Add-ons + +## Connection via server mode + +If the installation of the browser extension has been carried out, the user can now open the desired +browser. A window appears in which the security of the connection is confirmed. Pairing is performed +with a simple click. A new icon will also be displayed in the desired browser from this point +onwards: + +![Icon Add-on](/images/passwordsecure/9.2/configuration/browseradd-ons/addon-icon-en.webp) + +If the icon is displayed as shown, it means that although the add-on has been installed. + +## Database profiles + +The server mode must know which database profile it is connected to. There are two ways of setting +up a database profile: + +First, the database profile can be created manually. Therefore, he following information is +required: IP address, Web Application URL and database name. Please note that /api is appended to +the end of the IP address. + +![database profil](/images/passwordsecure/9.2/configuration/browseradd-ons/manual-database-profile-en.webp) + +It is also possible that the database profile is filled out automatically. For this, you need to log +on to a database via Web Application. By clicking on the add-on in the Web Application, its profile +can be taken over. Now all necessary information such as profile name, IP address, Web Application +and database name are transferred. + +![Adopt WebClient profile](/images/passwordsecure/9.2/configuration/browseradd-ons/adopt-database-profile-en.webp) + +## The server mode benefits + +The server mode offers the following advantages: + +- No terminal service is required in terminal server operation + +**CAUTION:** Please note that SSO applications only work via Autofill Add-on. If you are in server +mode and the Autofill Add-on has not been started, SSO applications do not work! + +After successful connection, the number of data records available for the current Internet page is +displayed on the icon. + +![record found](/images/passwordsecure/9.2/configuration/browseradd-ons/record-found-en.webp) + +## Settings + +All settings that relate to the add-on are made centrally on the client. The user settings system +can be used to enter them globally per organisational unit or per user. The following options have a +direct impact on the add-ons and can be found in the SSO category: + +- Browser add-ons: Automatically send login masks ensures that the login is automatically completed + after the access data has been entered. It is thus not necessary to click the relevant button + manually +- About browser add-ons: Automatically fill login masks ensures that access data is entered without + the need for any confirmation when a website is recognised. + +The default browser option also has an impact on the add-ons. This setting defines the browser in +which the websites are opened from the client. + +NOTE: It is important to note that the login mask for records with password masking will be ”sent +automatically\*, even if the setting Browser add-ons: Automatically send login masks has been +deactivated. + +## Working with add-ons + +NOTE: A record can only be used for entering data if it has a form field of type "URL". + +The subscript number mentioned in the previous section is only available with active logins and +therefore already says a lot about the “Number of possible entries”. For example, if the number “2” +is shown, you can directly select the account you want to log in with. + +![Addon list](/images/passwordsecure/9.2/configuration/browseradd-ons/addon-records-list.webp) + +Previously, the prerequisite was that you had to navigate manually to the precise website via the +browser that you actually wanted to use. This navigation can now also be handled by Netwrix Password +Secure – as described in the following section. + +## Search and navigation + +It is currently assumed that the user has to navigate manually to the website on which they want to +automatically enter login data. This way of working is possible but is not convenient enough. The +add-on can be used in a similar way to bookmarks. The search field can be used to search for the +record in the database. The prerequisite is again that the record contains a URL. + +![Record usage](/images/passwordsecure/9.2/configuration/browseradd-ons/addon-records-usage-en.webp) + +The screenshot shows that the URL and the name of the record (Wikipedia) are searched. The results +for the search are displayed and can be selected using the arrow buttons or the mouse. The selected +website will be opened in a separate tab. + +## Several passwords for one website + +If a user opens a page and multiple passwords with the autofill function are possible for this +website, no entries will be made unlike in older versions. Instead, the following message appears in +a pop-up: + +![Multiple entries](/images/passwordsecure/9.2/configuration/browseradd-ons/addon-multiple-passwords-en.webp) + +However, if the autofill function is only activated for one password but multiple passwords are +possible, the password with the autofill function is entered. If the user clicks on a record in the +pop-up, this record is entered as normal (as was the case previously). diff --git a/docs/passwordsecure/9.3/configuration/browseraddons/how_to_save_passwords.md b/docs/passwordsecure/9.3/configuration/browseraddons/how_to_save_passwords.md new file mode 100644 index 0000000000..076a3fcd74 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/browseraddons/how_to_save_passwords.md @@ -0,0 +1,46 @@ +--- +title: "How to save passwords" +description: "How to save passwords" +sidebar_position: 20 +--- + +# How to save passwords + +This chapter describes how to store passwords via add-on. + +**CAUTION:** You can only save passwords in server mode! + +## New access data + +With the setup and login via server mode, the access data can now be added automatically. When +visiting a website whose credentials have not yet been stored in Netwrix Password Secure, you get +automatically asked whether they should be created. + +![new password detected](/images/passwordsecure/9.2/configuration/browseradd-ons/how_to_save_passwords/addon-create-password-en.webp) + +By confirming, you will be directly forwarded to the Web Application and registered there. If there +are less fields in the deposited or selected form than in the login mask, the missing fields are +automatically created as web form fields by default. + +![WebClient prefilled](/images/passwordsecure/9.2/configuration/browseradd-ons/how_to_save_passwords/webclient-prefilled-form-en.webp) + +Known access data + +If you log in to a login screen with changed access data, you can update this automatically. To do +this, log on to the login screen of the changed page as usual. Thereupon a message appears that new +access data has been recognized. Now you can optionally decide to create a new dataset or update an +already known dataset. + +![data was recognized](/images/passwordsecure/9.2/configuration/browseradd-ons/how_to_save_passwords/installation_with_parameters_151-en.webp) + +- **Save password**: The password will be exchanged without opening the Web Application. +- **check changes**: The Web Application is opened and you are logged in. The previous password has + been replaced by the new one. However, the storage must be carried out manually. + +![data was recognized](/images/passwordsecure/9.2/configuration/browseradd-ons/how_to_save_passwords/installation_with_parameters_152-en.webp) + +The following prerequisites apply so that a data record is considered to already exist: + +- The URL must be identical. +- The user name must be identical. +- The entry must be made by the add-on and the change must only affect the password. diff --git a/docs/passwordsecure/9.3/configuration/configuration.md b/docs/passwordsecure/9.3/configuration/configuration.md new file mode 100644 index 0000000000..8125627f38 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/configuration.md @@ -0,0 +1,10 @@ +--- +title: "Configuration" +description: "Configuration" +sidebar_position: 40 +--- + +# Configuration + +The following pages will provide you with in-depth information how to configure the different +Netwrix Password Secure components and features. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/_category_.json b/docs/passwordsecure/9.3/configuration/mobiledevices/_category_.json new file mode 100644 index 0000000000..69696042ea --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Mobile devices", + "position": 70, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "mobile_devices" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/_category_.json b/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/_category_.json new file mode 100644 index 0000000000..f4d1f53a0e --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "Autofill", + "position": 60, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/autofill_in_android.md b/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/autofill_in_android.md new file mode 100644 index 0000000000..1bc304c41e --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/autofill_in_android.md @@ -0,0 +1,47 @@ +--- +title: "Autofill in Android" +description: "Autofill in Android" +sidebar_position: 20 +--- + +# Autofill in Android + +With autofill, the credentials are transferred from the Netwrix Password Secure app directly to the +login screens. This works for websites in the browser as well as for other apps. + +#### Requirements + +For automatic registration, the service must be enabled in the User Help¹ and Show via other apps¹ +Netwrix Password Secure App must be enabled. + +#### Autofill + +The login data is entered as soon as the app finds a corresponding mask on a web page or in an app. +In some masks the process starts automatically, in others it is necessary to type in the first +field. + +There are two possible scenarios. + +- The **Netwrix Password Secure app** displays all matching passwords. The user selects the desired + password and the app enters it. +- Selection of a password in the Netwrix Password Secure App. This dialog opens automatically if no + password is found. + +No password found + +If no password is found that matches the app or the website called up, the desired password must +first be selected. + +Exactly one password found + +If there is a data set that contains exactly the URL that is called up, the corresponding password +can be suggested. A simple click on the password is then sufficient to pass the data to the website +or app. + +Multiple passwords found + +If several matching passwords are found in the database, the desired one must be selected. + +NOTE: Depending on the current state, it may be necessary to authenticate on the app before +selecting or confirming the password to be entered. The database then has to be unlocked via the +password or Touch ID first. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/autofill_in_ios.md b/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/autofill_in_ios.md new file mode 100644 index 0000000000..bf098c6a41 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/autofill/autofill_in_ios.md @@ -0,0 +1,56 @@ +--- +title: "Autofill in iOS" +description: "Autofill in iOS" +sidebar_position: 10 +--- + +# Autofill in iOS + +The most important comfort feature of the Netwrix Password Secure app is probably the autofill. With +autofill, the credentials from the Netwrix Password Secure app are transferred directly to the login +screens. This works both with websites in the browser and with other apps. + +#### Requirements + +In order to ensure automatic registration, a few prerequisites must be met. First of all, the +automatic registration must be set up in the settings. If the **iOS keychain** is not needed, it +should be deactivated. This makes handling a bit easier. Finally, a database connection must exist +and access to passwords must be possible. + +#### Autofill + +**Autofill** always occurs when a login mask is found. No matter whether this is in an app or on a +website. For some login masks, the auto-enrollment process starts automatically. For other masks, +you have to type once into the first field. The autofill itself can be divided into three different +scenarios. + +Dialog + +Depending on the configuration and scenario, the dialog for entry can have different +characteristics: + +- First, one or more passwords are displayed that match the current page or app. These can be + selected and entered with a click. +- It is also possible to open the dialog for selecting a password. If no password is found, this + dialog is displayed directly. +- Finally, the iOS keychain can also be opened. If this function is not needed, it can be + deactivated. The corresponding option will then no longer be offered. + +No password found + +If no password is found that matches the app or the website, the desired password must first be +selected. + +Exact password found + +If there is a data record that contains exactly the URL that is called up, the corresponding +password can be suggested. A simple click on the password is then sufficient to pass the data to the +website or app. + +Several passwords found + +If several matching passwords are found in the database, the desired one must be selected. + +NOTE: Depending on the current state, it may be necessary to authenticate to the app before +selecting or confirming of the password to be entered. The database then has to be unlocked via the +password, Touch ID or Face ID. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/mobile_devices.md b/docs/passwordsecure/9.3/configuration/mobiledevices/mobile_devices.md new file mode 100644 index 0000000000..3f7642b534 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/mobile_devices.md @@ -0,0 +1,55 @@ +--- +title: "Mobile devices" +description: "Mobile devices" +sidebar_position: 70 +--- + +# Mobile devices + +## The new Netwrix Password Secure Mobile App – mobile and simple! + +With version 8.10 we have created the perfect complement to the client: **The Netwrix Password +Secure Mobile App!** + +With its **convenient** interface, the Netwrix Password Secure Mobile App offers the perfect +prerequisite for every user to find their way around **quickly** and **easily**. + +For detailed documentation of the **Netwrix Password Secure Mobile App** + +NOTE: Please note that as of version 8.10.0, the previous version 7 App is no longer compatible. + +#### Security is our ambition + +No matter whether you work with a smartphone or a tablet, you benefit from the highest possible +security on all iOS and Android devices. All passwords are not only available on the mobile device, +but can also be automatically transferred to websites. So you can use highly complex and therefore +secure passwords and don’t have to remember them anymore. The Netwrix Password Secure Mobile App +thus combines security and convenience. In addition, the use of a local database ensures that +passwords can be accessed even when no + +#### Functions + +The functionalities of **password management, SSO, synchronization** and **tab system** are even +more extensive and detailed in the specially created **documentation**. + +### Password management + +The new **Netwrix Password Secure mobile app** keeps all **passwords** safe. They can not only be +stored securely but also structured conveniently. + +### SSO + +The most important convenience feature of the Netwrix Password Secure Mobile app is the possibility +of entering passwords directly into log-in masks of other apps or browser pages. The configuration +and correct use can be found out in the corresponding chapters for **iOS** and **Android**. + +### Synchronization + +Since the data exchange between mobile database and server database is done automatically in the +background, there is no need to worry about the actuality of the data. + +### Tab system + +With the new and simplified tab system, the handling for the individual user has been made +uncomplicated and clear. The affiliation of the passwords is visible at a glance. The exact handling +of the tab system can be read in the chapter **Tabs**. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/passwords_mobileapp.md b/docs/passwordsecure/9.3/configuration/mobiledevices/passwords_mobileapp.md new file mode 100644 index 0000000000..05bafbdea5 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/passwords_mobileapp.md @@ -0,0 +1,85 @@ +--- +title: "Password Management" +description: "Password Management" +sidebar_position: 50 +--- + +# Password Management + +In principle, there are two types of passwords. **Global** and **personal** passwords. + +#### Global passwords + +Global passwords are passwords that are assigned to an organizational unit. These passwords are +usually used by more than one user. + +![Mobile App - global passwords](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/global-passwords-ma-en.webp) + +Prerequisites + +The following prerequisites must be met in order to create new global passwords: + +- User right **Can create new passwords** +- **Add right** to the corresponding organizational unit + +#### Personal passwords + +Personal passwords are passwords to which only the creating user is authorized. + +![MobileApp - personal passwords](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/personal-passwords-ma-en.webp) + +Requirement + +The following user rights are required to create personal passwords: + +- Can create new passwords +- Can create personal records + +#### Create passwords + +When creating a new record, it is necessary to know whether it is a personal or a global password. +Because according to this criterion you should select the appropriate tab and click on the + located +in the upper right corner. + +![create new password](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/create-new-password-ma-en.webp) + +After that, select the required **form**. + +![select form](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/select-form-ma-en.webp) + +Then, once you have filled in all the relevant information of the selected form, one click on +**Save** is enough to create the password. + +![new entry MobileApp](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/new-entry-ma-en.webp) + +#### Editing passwords + +To edit a password, click on the corresponding password and select the pencil icon. + +![editing password](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/new-entry-ma-2-en.webp) + +As soon as you click on the pencil icon again in the new window, in the so-called read-only view, +you can edit all existing fields. + +![edit passwordfield MobileApp](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/edit-passwordfield-ma-en.webp) + +![edit passwordfield](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/edit-entry-ma-2-en.webp) + +#### Delete + +Passwords can currently only be deleted via the Full- or Web Application. + +#### Tags + +Tags can be added or removed both when creating and editing a password. + +![MobileApp - Tags](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/edit-tag-ma-en.webp) + +It is also possible to create a completely new tag. + +This is possible by searching in the tag selection in the search field for a tag that does not +already exist. + +You will then be offered the option of creating this previously non-existent tag. + +![Mobileapp - select/create tag](/images/passwordsecure/9.2/configuration/mobiledevices/passwords/select-tag-ma-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/securitymd.md b/docs/passwordsecure/9.3/configuration/mobiledevices/securitymd.md new file mode 100644 index 0000000000..2267b13359 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/securitymd.md @@ -0,0 +1,38 @@ +--- +title: "Security" +description: "Security" +sidebar_position: 10 +--- + +# Security + +#### Your security is our ambition + +Security is a top priority for Netwrix Password Secure - right from the conception stage, it sets +the course for all further developments. Of course, security was also taken into account during the +development of the Netwrix Password Secure app and the latest technologies were used. The following +encryption techniques and algorithms are currently used: + +Global + +- AES 256 / RSA 4096 encrypted +- PBKDF2 with up to 100,000 iterations +- End to end encrypted (like all Netwrix Password Secure App Clients) +- No direct connection to Netwrix Password Secure Server required. Connection is via web server. +- MDM (Mobile Device Management) support +- Passwords can be used offline when server access is not available +- Fast incremental data synchronization +- Easy connection between Netwrix Password Secure Mobile Apps and the server via QR code +- Easy navigation between private and shared passwords +- Automatic reconciliation of data using real-time updates +- Two-factor authentication +- Synchronization with multiple databases possible +- Expiration date of databases to ensure automatic deletion +- Server and app side security settings. Who is allowed to use the app and to what extent? + +iOS + +- Full support of FaceID and TouchID for passwordless login to the Netwrix Password Secure Mobile + app. +- Password AutoFill support. Passwords are automatically entered in other apps and Safari. (No + copy/paste or typing) diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/settings_mobileapp.md b/docs/passwordsecure/9.3/configuration/mobiledevices/settings_mobileapp.md new file mode 100644 index 0000000000..5bcbe95af7 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/settings_mobileapp.md @@ -0,0 +1,75 @@ +--- +title: "Settings" +description: "Settings" +sidebar_position: 70 +--- + +# Settings + +As soon as you are logged in to the **Netwrix Password Secure App**, you can access the **settings** +via the three dots at the very top left of the screen. These will be briefly explained here. + +![MobileApp - settings](/images/passwordsecure/9.2/configuration/mobiledevices/settings/settings-ma-en.webp) +![MobileApp - settings](/images/passwordsecure/9.2/configuration/mobiledevices/settings/settings-2-ma-en.webp) + +#### General + +Hide personal tab + +In some use cases personal passwords are not needed on the mobile device. If this is the case you +can hide the tab with the personal passwords. + +Show all passwords in search tab + +If this option is deactivated, a search will always refer to the opened tab only. This can be useful +if there are several records in the database which have the same name and can only be distinguished +by the affiliation to an organizational unit. + +#### Security + +Touch ID / Face ID + +Here the login via Face ID or Touch ID can be activated and deactivated. + +Automatic logout + +Automatic logout from the app can be enabled and configured here. + +#### Synchronization + +Automatic synchronization + +How to synchronize with the main database is configured here. The following options are available: + +- **Any type of connection:** as long as there is a connection, synchronization will take place. No + matter if it is a WLAN connection or a connection via the mobile network. +- **Only for WLAN connection:** Synchronization only takes place if there is a connection via WLAN. +- **Disabled:** It is not synchronized + +NOTE: Costs may be incurred for synchronization via the mobile network! + +Synchronize now + +Starts the synchronization. This can also be started outside the settings at any time by simply +swiping down. More information can also be found in the chapter +[Synchronization](/docs/passwordsecure/9.3/configuration/mobiledevices/synchronization.md). + +Fix sync errors + +This menu item first checks for errors caused by the synchronization. If there are such errors you +get the possibility to repair them or to overwrite them with the current state of the server +database. + +#### Logging + +Logging + +Here you can activate or deactivate the logging. + +Show log file + +If logging is active, the log file can be displayed here. + +Delete log file + +Logs that are no longer needed can be deleted here. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/_category_.json b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/_category_.json new file mode 100644 index 0000000000..237f0e7607 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Setup", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "setup_mobile_device" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/biometric_login.md b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/biometric_login.md new file mode 100644 index 0000000000..21f0e5c984 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/biometric_login.md @@ -0,0 +1,15 @@ +--- +title: "Biometric login" +description: "Biometric login" +sidebar_position: 30 +--- + +# Biometric login + +Depending on the operating system used (iOS or Android), logging in to the app can also be done +using biometric factors such as fingerprint or facial recognition. Directly during the first login, +the app suggests (depending on the type of smartphone) the use of Touch ID or fingerprint or Face ID +or facial recognition. Clicking **Yes** here is sufficient to log in to the database in the future +using the respective biometric feature. + +![setup face ID](/images/passwordsecure/9.2/configuration/mobiledevices/setup/biometric_login/setup-face-id-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/installation_of_the_app.md b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/installation_of_the_app.md new file mode 100644 index 0000000000..802549b9a1 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/installation_of_the_app.md @@ -0,0 +1,34 @@ +--- +title: "Installation of the App / Requirements" +description: "Installation of the App / Requirements" +sidebar_position: 10 +--- + +# Installation of the App / Requirements + +The Netwrix Password Secure app is installed as usual via the Apple Store or Google Playstore. The +apps can be found under the following links: + +![App store](/images/passwordsecure/9.2/configuration/mobiledevices/setup/installation_app/appstore-icon.webp) + +![Google Play](/images/passwordsecure/9.2/configuration/mobiledevices/setup/installation_app/android-icon.webp) + +#### Requirements + +The **Netwrix Password Secure Apps** can be installed on the following systems: + +**iOS:** at least version 10.14 + +**Android:** at least version 8.0 + +**Web Application**: Since the app connects via the Web Application, it is mandatory to have it +installed. The documentation of the Web Application installation can be seen in the chapter +[Installation Web Application](/docs/passwordsecure/9.3/installation/installationwebapplication/installation_web_application.md) + +**Port**: The connection is made via https port 443, which must be enabled on the server side. + +[User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md)**:** The users need the +right **Can synchronize with mobile devices.** + +[Database properties](/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_properties.md): It must +be ensured that the Enable mobile synchronization option is set. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/linking_the_database.md b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/linking_the_database.md new file mode 100644 index 0000000000..ec2263d832 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/linking_the_database.md @@ -0,0 +1,57 @@ +--- +title: "Linking the database" +description: "Linking the database" +sidebar_position: 20 +--- + +# Linking the database + +First, an existing database must be linked to the Netwrix Password Secure app in order to finally +synchronize the data. During linking, an encrypted database is created on the mobile device, which +provides the data even without a network connection. + +There are two ways to create a link. + +#### Manual linking + +If the database is to be linked manually, the dialog for creating the link is first called up via +the + in the top right-hand corner. Here the address of the Web Application is entered and confirmed +with a click on Connect. + +![Create link](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/create-link-ma-en.webp) + +In the next step, all available databases are displayed. The desired one can be selected by clicking +on it. + +![choose link](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/choose-created-link-en.webp) + +Finally, the login with user name and password takes place. In addition, a meaningful name can be +assigned. + +![log in with your data](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/integration-ma-en.webp) + +#### Link via QR code + +Fulluser + +The quickest way to create a link is via a QR code. To do this, first log in to the client. You will +find the corresponding QR code in the Backstage under Account: + +![QR-code](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/link-via-qr-code-en.webp) + +Then click on the button for the QR code in the app. In the following dialog, the QR code is simply +photographed from the monitor. The mobile database is now created directly in the background and +linked to the database on the server. In the next step, you can give the database profile a +meaningful name and log in directly: + +![log in with your data](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/integration-ma-en.webp) + +LightUser + +Using the Light view, the user must click on their user account and click on the **Account** option + +![Account LightClient](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/account-lc-2-en.webp) + +This will open a window where you can use the QR code to scan the database. + +![QR code lightclient](/images/passwordsecure/9.2/configuration/mobiledevices/setup/linking_database/account-lc-3-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setting_up_autofill.md b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setting_up_autofill.md new file mode 100644 index 0000000000..58f2a534f1 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setting_up_autofill.md @@ -0,0 +1,33 @@ +--- +title: "Setting up autofill" +description: "Setting up autofill" +sidebar_position: 40 +--- + +# Setting up autofill + +The most important comfort feature of the Netwrix Password Secure App is probably the autofill, i.e. +the possibility to enter access data directly into the input mask. The autofill must first be set up +or configured. + +#### Setting up the autofill under iOS + +In the settings, first select the item Passwords & Accounts and then Automatically fill in. As soon +as Auto-fill is activated, all options for filling in login windows are offered. Here one then +selects Netwrix Password Secure. + +RECOMMENDED: We recommend deactivating the **keychain (iOS)** as well as any other apps offered to +prevent misunderstandings in usage. + +![password options](/images/passwordsecure/9.2/configuration/mobiledevices/setup/setting_up_autofill/password-options-en.webp) + +#### Setting up automatic registration on Android + +In the settings under Operating aids ¹, among the downloaded services, the Netwrix Password Secure +app is activated. + +In addition, you must define in the settings under Show via other apps that Netwrix Password Secure +may be shown via other apps. + +RECOMMENDED: We recommend to use only Netwrix Password Secure for automatic registration and to +deactivate all other apps here. This prevents possible misunderstandings in the operation. diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setup_mobile_device.md b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setup_mobile_device.md new file mode 100644 index 0000000000..ee79e122dc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setup_mobile_device.md @@ -0,0 +1,24 @@ +--- +title: "Setup" +description: "Setup" +sidebar_position: 20 +--- + +# Setup + +## Requirements + +Netwrix Password Secure Mobile Apps automatically synchronize with an existing Netwrix Password +Secure database. The [Web Application](/docs/passwordsecure/9.3/configuration/webapplication/web_application.md) is used as the +interface for this. This must therefore be installed. In addition, the database must be enabled for +use with mobile devices on the [Server Manager](/docs/passwordsecure/9.3/configuration/servermanger/server_manger.md). + +#### Setup and configuration + +The setup and initial configuration of the **Netwrix Password Secure App** is explained in the +following chapters: + +- [Installation of the App / Requirements](/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/installation_of_the_app.md) +- [Linking the database](/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/linking_the_database.md) +- [Biometric login](/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/biometric_login.md) +- [Setting up autofill](/docs/passwordsecure/9.3/configuration/mobiledevices/setupmobiledevice/setting_up_autofill.md) diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/synchronization.md b/docs/passwordsecure/9.3/configuration/mobiledevices/synchronization.md new file mode 100644 index 0000000000..9fde565ded --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/synchronization.md @@ -0,0 +1,40 @@ +--- +title: "Synchronization" +description: "Synchronization" +sidebar_position: 40 +--- + +# Synchronization + +The synchronization of data between the mobile database and the server database is extremely +important. On the whole, you don't have to worry about synchronization, because the data is +automatically synchronized in the background. + +Synchronization logic + +First of all, it is important to note how the synchronization has been configured in the +[Settings](/docs/passwordsecure/9.3/configuration/mobiledevices/settings_mobileapp.md). A prerequisite for successful synchronization is that +the configured connection is available. This is done via https port 443, which must be enabled on +the server side. Once the prerequisites have been met, there are the following triggers for +synchronization: + +- A login to the app takes place +- Swipe down in the app +- The synchronization is started in the settings of the app. +- A data record is changed in one of the two databases + +Which dataset is being synchronized? + +In Netwrix Password Secure, each field in a record has a timestamp. During a synchronization +synchronization, these timestamps are checked and the newer field is written to the other database. + +Example: + +Assuming in a record the field "Username" is changed in the Advanced view and the field "Password" +is changed in the App. "password" is changed in the app, you will have different data statuses on +both devices. After a synchronization, you will receive the changed user name and the new password +on both devices. + +Settings for synchronization + +The configuration is described in the chapter [Settings](/docs/passwordsecure/9.3/configuration/mobiledevices/settings_mobileapp.md) diff --git a/docs/passwordsecure/9.3/configuration/mobiledevices/tabs.md b/docs/passwordsecure/9.3/configuration/mobiledevices/tabs.md new file mode 100644 index 0000000000..c805f54acd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/mobiledevices/tabs.md @@ -0,0 +1,43 @@ +--- +title: "Tabs" +description: "Tabs" +sidebar_position: 30 +--- + +# Tabs + +Once you have successfully logged in, you will find yourself in the view where all the user's +passwords are located. + +![all passwords in mobile app](/images/passwordsecure/9.2/configuration/mobiledevices/tabs/all-passwords-ma-en.webp) + +Here you have the following options: + +Action menu + +With a click on +![three-points-en](/images/passwordsecure/9.2/configuration/mobiledevices/tabs/three-points-en.webp) +the action menu is opened. + +![actions mobile app](/images/passwordsecure/9.2/configuration/mobiledevices/tabs/actions-ma-en.webp) + +The following actions are offered: + +- **Open settings** (more information can be found in the Settings chapter). +- **Close tab** (the option is offered only if you are in one of the organizational units tabs. The + default ones are excluded) +- **Logout** (you will be logged out from the database) +- **Cancel** (closes the action menu and returns to the tab view) + +Tabs + +Below the passwords there is a bar for managing tabs. + +![manage tabs](/images/passwordsecure/9.2/configuration/mobiledevices/tabs/all-passwords-ma-2-en.webp) + +By clicking on the plus sign there is a possibility to add more tabs. + +![add tabs](/images/passwordsecure/9.2/configuration/mobiledevices/tabs/add-tabs-ma.webp) + +These tabs are organizational units that the user can see. By default, the tabs **"All passwords"** +and **"Personal"** are stored. diff --git a/docs/passwordsecure/9.3/configuration/offlineclient/_category_.json b/docs/passwordsecure/9.3/configuration/offlineclient/_category_.json new file mode 100644 index 0000000000..2cd56829c8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/offlineclient/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Offline Add-on", + "position": 90, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "offline_client" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/offlineclient/offline_client.md b/docs/passwordsecure/9.3/configuration/offlineclient/offline_client.md new file mode 100644 index 0000000000..2506a5bbb2 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/offlineclient/offline_client.md @@ -0,0 +1,58 @@ +--- +title: "Offline Add-on" +description: "Offline Add-on" +sidebar_position: 90 +--- + +# Offline Add-on + +## What is the Offline Add-on? + +The Offline Add-on enables you to work without an active connection to the Netwrix Password Secure +server. If the corresponding setting has been configured +([Setup and sync](/docs/passwordsecure/9.3/configuration/offlineclient/setup_and_sync.md)), the local copy of the server database will be +automatically synchronized according to freely definable cycles. This ensures that you can always +use a (relatively) up-to-date version of the database offline. + +Facts + +- “Microsoft SqlServer Compact 4.0.8876.1” is used for creating offline databases +- The database is encrypted using AES-128 or SHA-256. A so-called “platform default” is used for + this purpose +- In addition, RSA encryption processes are used +- More on this subject…::https://technet.microsoft.com/en-us/library/gg592949(v=sql.110).aspx + +#### Installation + +The Offline Add-on is automatically installed together with the main client. No database profiles +need to be created – this task is performed by the client during the initial synchronization, +together with the creation of the offline database. + +#### Operation + +Operation of the Offline Add-on is generally based on the +[Operation and setup](/docs/passwordsecure/9.3/configuration/servermanger/operation_and_setup_admin_client.md). +Since the Offline Add-on only has a limited range of functions, the following must be taken into +account with regards to its operation: + +- There is no dashboard +- Only the password module is available +- The filter is not available. Records are found using the + [Search](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/search.md) +- The automatic login data entry can be performed via the + [Autofill Add-on](/docs/passwordsecure/9.3/configuration/autofilladdon/autofill_add-on.md), independently of the Offline Add-on + +![Offline Client](/images/passwordsecure/9.2/configuration/offlineclient/installation_with_parameters_264-en.webp) + +#### What data is synchronised? + +[Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md) +enhance the security concept in Netwrix Password Secure to include a double-check principle that can +be defined in fine detail. This means that releases for protected information are linked to the +positive authentication of one or more users. Naturally, it is not possible to issue these releases +when the server is not connected. For this reason, sealed records are not synchronized and thus do +not form part of offline databases. + +Otherwise, all records for which the user has the **export right** are synchronised. + +Records with **password masking** are adopted into the offline database and can be used as normal. diff --git a/docs/passwordsecure/9.3/configuration/offlineclient/setup_and_sync.md b/docs/passwordsecure/9.3/configuration/offlineclient/setup_and_sync.md new file mode 100644 index 0000000000..49b488296d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/offlineclient/setup_and_sync.md @@ -0,0 +1,86 @@ +--- +title: "Setup and sync" +description: "Setup and sync" +sidebar_position: 10 +--- + +# Setup and sync + +## Setting up the offline database + +It is important to ensure that the right requirements have been met before setting up the Offline +Add-on. The following configurations need to be defined in both the Server Manager and also the user +rights/user settings. + +Requirements + +To set up offline databases, this option must be activated in the Server Manager first. This process +is carried out separately for each database in the database view in the Server Manager in the +“General settings” (right click on the database). This is also possible to do when the database is +initially created. + +![Properties](/images/passwordsecure/9.2/configuration/offlineclient/setup/installation_with_parameters_265-en.webp) + +You will find further information on this subject in the +sections:[ Creating databases](/docs/passwordsecure/9.3/configuration/servermanger/creating_databases.md) and +[Managing databases](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md) + +User rights + +The user requires the “offline mode” right. In addition, how long offline mode can be used without a +server connection can be defined in the user rights. + +![User rights](/images/passwordsecure/9.2/configuration/offlineclient/setup/installation_with_parameters_266-en.webp) + +Creating an offline database + +The synchronization with the offline database can generally be carried out automatically. However, +**the first synchronization must be carried out manually**. The synchronization is started via the +Main menu/Account. + +![account-en](/images/passwordsecure/9.2/configuration/offlineclient/setup/account-en.webp) + +NOTE: The offline databases are stored locally under the following path: %appdata%\MATESO\Password +Safe and Repository Client\OfflineDB + +An offline database must be created per user and client for each online database. This makes it +possible to use several offline databases with an Offline Add-on. + +#### Synchronization + +In order to keep the data always consistent, the offline database must be synchronized regularly. +Synchronization is automatically performed by the client in the background. The interval can be +freely configured in the +[User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md). The synchronization is +completed every 30 minutes by default. When creating and editing records, it is also possible to +synchronize outside of the synchronization cycle so that the changes are directly available offline. +In addition, the synchronization can also be started manually in Backstage via “Account”. + +A running synchronization is displayed in the icon in the task bar as well as by a status bar in the +client: + +![progress icon](/images/passwordsecure/9.2/configuration/offlineclient/setup/progress-icon-en_64x53.webp) + +![installation_with_parameters_269](/images/passwordsecure/9.2/configuration/offlineclient/setup/installation_with_parameters_269.webp) + +As soon as the synchronization is completed, this is indicated by a hint. + +![notification "offline sync completed"](/images/passwordsecure/9.2/configuration/offlineclient/setup/offline-sync-completed-en_383x75.webp) + +#### Relevant settings + +![installation_with_parameters_271](/images/passwordsecure/9.2/configuration/offlineclient/setup/installation_with_parameters_271.webp) + +Offline mode can be configured and personalized using the four settings mentioned: + +- **Offline synchronization after saving a record**: The synchronization of the offline database is + completed directly after saving a record. It is important to note that this only applies to those + records that are saved by the user who is logged in. Changes made by another user do not trigger + any synchronization! +- **Offline synchronization after login:** If this option is active, the offline database is + synchronized after each restart of the client. +- **Automatic synchronization after an interval**: This setting is used to define the interval at + which a synchronization of the offline database will be periodically carried out. The default + value is 30 minutes. +- **Path where the offline database should be saved**: If this field is left empty, the system + default is used. Otherwise, the storage location for the offline database can be entered directly. diff --git a/docs/passwordsecure/9.3/configuration/sdkapi/_category_.json b/docs/passwordsecure/9.3/configuration/sdkapi/_category_.json new file mode 100644 index 0000000000..ed7af24b66 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/sdkapi/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "SDK / API", + "position": 80, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "sdk__api" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/sdkapi/migration_guide.md b/docs/passwordsecure/9.3/configuration/sdkapi/migration_guide.md new file mode 100644 index 0000000000..a194cc8bf7 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/sdkapi/migration_guide.md @@ -0,0 +1,156 @@ +--- +title: "migration_guide" +description: "migration_guide" +sidebar_position: 10 +--- + +## Migration Guide: Breaking Changes - API Login + +Overview: We've enhanced the login authentication process to offer a more dynamic and secure +experience. This update introduces a new method of authentication, effective for servers from +version 8.12 onward. + +**CAUTION:** Important Update: Starting from server version 9.0, the previous login method will no +longer be functional. Users must adopt the new authentication approach provided in our API to +continue accessing the services. + +#### Why was this change done? + +Since version 8.12, our server and clients are supporting authentication methods other than +passwords. Therefore, we have introduced a two-step authentication in our server and our clients. +After entering the username, the server is asked for the main factor for the authentication.With the +release of version 8.12, our server and client applications have expanded their support for +authentication methods beyond traditional passwords. Consequently, to enhance security, a two-step +authentication process has been introduced within both our server and client environments. This +process entails the user inputting their username, followed by a request to the server for the +primary authentication factor. Notably, this change was not initially implemented in our APIs. + +To align our systems with enhanced security standards, we have undertaken the implementation of the +new PBKDF2 hashing iteration count. As part of this transition, we have made the strategic decision +to discontinue the use of the old authentication endpoint. Subsequently, we have diligently +integrated the new authentication mechanism into our APIs to ensure a consistent and secure user +experience. + +Transition details: + +- **Old Method Deprecation**: The previous login method is deprecated and no longer operational with + servers of version 9.0. +- **New Authentication Requirement:** To access our services, users must switch to the updated + authentication method in our APIs, compatible with servers from version 8.12 onward. Versions + older than 8.12 are no longer operational with the API. If you're using such an old version, + please use the old API. + +**CAUTION:** Action Required: Ensure that your server version is 8.12 or later to implement the new +authentication method and seamlessly access our services. Update your integration with the API to +incorporate the revised login interface and maintain uninterrupted service access. + +Below are code examples for the previous and updated authentication methods. + +#### C# + +Previous authentication method (deprecated) + +``` +var database = "your-database"; +var username = "your-username"; +var password = "your-password"; +var psrApi = new PsrApi("your-endpoint"); +var mfaRequest = await psrApi.AuthenticationManager.Login(database, username, password); +while (mfaRequest != null) { +    // Gathering user input for authentication fields +    Console.Write(mfaRequest.DisplayName);  +    foreach (var field in mfaRequest.RequiredFields) +    { +        Console.Write(field.Type.ToString());  +        var mfa = Console.ReadLine(); +        field.Value = mfa; +    }  +    mfaRequest = await psrApi.AuthenticationManager.Login(database, username, password, mfaRequest.RequiredFields); +} +``` + +New authentication method (required for version 9.0 onwards) + +``` +var database = "your-database"; +var username = "your-username"; +var psrApi = new PsrApi("your-endpoint"); +var authenticationFlow = psrApi.AuthenticationManagerV2.StartNewAuthentication(database, username); +await authenticationFlow.StartLogin(); +while (!authenticationFlow.IsAuthenticated) { +    var requirement = authenticationFlow.GetNextRequirement(); +    var selectedRequirement = requirement.PossibleRequirements.FirstOrDefault() as DynamicFillableAuthentication; +    foreach (var field in selectedRequirement.Fields) { +        // Gather user input for authentication fields from the console +        Console.Write(field.Key); +        field.Value = Console.ReadLine(); +} +    await authenticationFlow.Authenticate(selectedRequirement); +} +``` + +#### JavaScript + +Previous authentication method (deprecated) + +``` +const database = 'your-database' +const username = 'your-username' +const password = 'your-password' +let api = new PsrApi('your-endpoint') +let mfaRequest = await psrApi.authenticationManager.login(database, username, password) +while (mfaRequest) { +    for (const field of mfaRequest.requiredFields) { +        field.value = prompt(field.type) +    } +    mfaRequest = await psrApi.authenticationManager.login(database, username, password, mfaRequest.requiredFields); +} +``` + +New authentication method (required for version 9.0 onwards) + +``` +const database = 'your-database' +const username = 'your-username' +let api = new PsrApi('your-endpoint') +await psrApi.authenticationManagerV2.startLogin(database, username) +while (!psrApi.authenticationManagerV2.isAuthenticated) { +    let requirement = await psrApi.authenticationManagerV2.getNextRequirement() +    let selectedRequirement = requirement.PossibleRequirements[0] +    for (const field of selectedRequirement.Fields) { +        // Simulating console interaction to gather user input +        field.Value = prompt(field.Key) +    }  +    await psrApi.authenticationManagerV2.authenticate(selectedRequirement) +} +``` + +#### Implementation explanation + +The API object is created as always: by passing the server address to the constructor. + +After that, the implementation differs slightly between C# and JavaScript. For C#, we’re getting the +authentication flow via **psrApi.AuthenticationManagerV2.StartNewAuthentication("your-database", +"your-username");**. On the resulting instance, the asynchronous method **StartLogin()** needs to be +called and awaited. Using the JavaScript API, we can directly call and await the +**psrApi.authenticationManagerV2.startLogin('your-database', 'your-username)** method. + +After this, you must call the **GetNextRequirement()** method. The result contains the requirements +the user has to fill in. It usually contains a “Fields“ list, where the “Value” needs to be set. The +filled requirements need to be sent to the server via +**psrApi.authenticationManagerV2.authenticate** method. Don’t forget to wait for the result (using +the **await** keyword). + +Now, the authentication via API also provides the possibility to configure a second factor and +change the user password during login. In this case, the result of the **GetNextRequirement** call +has the property “IsConfiguration” set to true. If the user can choose between multiple second +factors, they are all part of the “PossibleRequirements” array. Select the one you want to use, fill +in the fields, and send the requirement via **authenticate** method. + +As soon as the authentication is completed, the **psrApi.authenticationManagerV2.isAuthenticated** +property is set to true. + +For any queries or assistance in transitioning to the new authentication method, please refer to our +updated documentation or reach out to our support team. + +Thank you for your cooperation as we continue to improve security and usability within our API. diff --git a/docs/passwordsecure/9.3/configuration/sdkapi/sdk__api.md b/docs/passwordsecure/9.3/configuration/sdkapi/sdk__api.md new file mode 100644 index 0000000000..a95dcf50cc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/sdkapi/sdk__api.md @@ -0,0 +1,38 @@ +--- +title: "SDK / API" +description: "SDK / API" +sidebar_position: 80 +--- + +# SDK / API + +API: This interface can be used to "address Netwrix Password Secure externally" in order to, for +example, read data for other programs. The API can only be accessed via our wrappers (SDK) using C# +and JavaScript. + +In the JavaScript version of the API, all enums can be found under the global object "PsrApiEnums". + +## Requirements and download + +The SDK can be downloaded from the Customer Information System. + +## Using the API + +The central object is "PsrApi". It contains various "managers" that contain the entire business +logic. First a "PsrApi" object must be created. The only transfer parameter of this class is the +endpoint of the Netwrix Password Secure WebServices. If the Web Application is in use, +`https://Web Application-url/api` can be used as the endpoint. Otherwise the Netwrix Password Secure +Server, i.e. `app-server01:11016`, must be used directly. + +## Login + +If you do not log in to the system in advance, it is not possible to use the API. The first +parameter for the login method is the desired database, followed by the user name and password. It +is important to note that all methods for running the API that initiate a server call are +implemented asynchronously. “Task” objects are returned in C# and “Promise” objects are returned in +JavaScript. + +## Technical documentation + +You can find the complete technical documentation for the SDK +[here](https://help.passwordsafe.de/api/v9/). diff --git a/docs/passwordsecure/9.3/configuration/servermanger/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/_category_.json new file mode 100644 index 0000000000..a78a651997 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Server Manager", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "server_manger" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/basic_configuration.md b/docs/passwordsecure/9.3/configuration/servermanger/basic_configuration.md new file mode 100644 index 0000000000..7b9ed245bc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/basic_configuration.md @@ -0,0 +1,88 @@ +--- +title: "Basic configuration" +description: "Basic configuration" +sidebar_position: 10 +--- + +# Basic configuration + +## What is basic configuration? + +Within the basic configuration, the connection to the SQL server or to the databases is defined. The +basic configuration appears the first time the Server Manager is started and can be called up at any +time in the basic configuration. + +![base configuration](/images/passwordsecure/9.2/configuration/server_manager/baseconfiguration/installation_with_parameters_188-en.webp) + +## The basic configuration + +A special wizard is available to carry out the configuration: + +![Baseconfig](/images/passwordsecure/9.2/configuration/server_manager/baseconfiguration/installation_with_parameters_189-en.webp) + +#### Service address + +The service address of the SQL server can be selected via the drop-down menu. It is mandatory to +select the adapter via which the Server Manager can also access the SQL server. + +The loopback address 127.0.0.1 should not be used here. + +#### Service user + +Service user This setting is used to define the service user, which is needed to start the server +service as well as the backup service. The “Use local system” setting starts the services with the +local system account. + +**CAUTION:** The defined service user **needs local administrator** rights to properly configure the +server and create databases. + +#### SQL configuration instance + +Under “SQL Server instance” the database server must be specified, including the SQL instance. For +simplicity, you can copy the server name from the login window of the SQL server. + +![installation_with_parameters_190](/images/passwordsecure/9.2/configuration/server_manager/baseconfiguration/installation_with_parameters_190.webp) + +If the option “Service user” is selected, enter the user that logs on to the SQL Server. Please note +that “dbCreator” rights are necessary to create a configuration database. “dbOwner” rights are +sufficient if the database is created manually on the SQL server and is only accessed here. Enter +the name of the configuration database under “Database”. + +NOTE: Refer to the system requirements for server section for more information about the users. + +#### Expert mode + +Expert mode displays additional menu options for advanced configurations: + +Backup service user + +You can use a dedicated user to run the backup here. The service user is selected by default. + +SQL configuration instance + +This menu item can be configured in expert mode via a so-called connection string. + +Certificate + +The SSL connection certificate can also be configured under this item to protect the client server +connection. By default, a certificate is generated by the Server Manager. However, you can also +choose your own. Further information can be found directly in the section provided for this purpose. + +**CAUTION:** Exchanging or overwriting an existing certificate may cause warnings to the clients if +the certificate is not trusted by each client. + +Allow host mode + +Host mode is no longer supported since version 8.13. + +Activating caching + +Caching is activated by default to improve performance. The so-called SqlBroker is registered for +the database on the SQL server here. The following is cached: + +- The roles of the individual users +- The structure of the organisational units +- All settings + +NOTE: If this option is changed, the server needs to be restarted so that the change can take +effect. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/certificates/_category_.json new file mode 100644 index 0000000000..1d195a83f7 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Certificates", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "certificates" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md new file mode 100644 index 0000000000..13df4862f7 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md @@ -0,0 +1,84 @@ +--- +title: "Certificates" +description: "Certificates" +sidebar_position: 20 +--- + +# Certificates + +Various different certificates are used to guarantee the security of Netwrix Password Secure. The +certificates are essential for the smooth operation of Netwrix Password Secure. It is thus important +that they are carefully backed up. + +## What certificates are used? + +The individual certificates are described in the following sections: + +- [SSL connection certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/ssl_connection_certificates.md) +- [Database certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/database_certificates.md) +- [Master Key certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/master_key_certificates.md) +- [Discovery service certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/discovery_service_certificates.md)s +- [Password Reset certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/password_reset_certificates.md) + +## Calling up the certificate manager + +There are two ways to open the certificate manager. The certificates for each specific database can +be managed via the ribbon: + +![installation_with_parameters_196_647x73](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_196_647x73.webp) + +In the **Main menu**, it is also possible to start the certificate manager for all databases via the +**basic configuration:** + +![base configuration](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_197-en.webp) + +NOTE: Operation of the certificate manager is always the same. The only difference is whether the +certificates are displayed for each database or for all databases. + +#### Checking existing certificates + +After opening the certificate manager, all certificates specific to Netwrix Password Secure will be +displayed. Clicking on the certificate will display further information. + +![installation_with_parameters_198](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_198.webp) + +Double clicking on a certificate will open the Windows Certificate Manger to provide more detailed +information. + +![installation_with_parameters_199_423x396](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_199_423x396.webp) + +#### Required certificates / deleting no longer required certificates + +The overview will initially only display those certificates that are being used and are thus +required. Clicking on **All** will also display the no longer required certificates. For example, it +is possible that outdated certificates exist on the machine due to a test installation. These +certificates can be easily deleted via the corresponding button in the ribbon. + +![certificates-ac-4-en](/images/passwordsecure/9.2/configuration/server_manager/certificates/certificates-ac-4-en.webp) + +#### Importing certificates + +Previously backed up certificates can be integrated into the installation via the Import button. +This merely requires you to enter the desired .pfx file and its password. + +#### Exporting certificates + +The relevant certificates will be backed up by clicking on export. A password firstly needs to be +issued here. If a storage location has not yet been entered via the settings, you are firstly asked +to enter it. + +NOTE: SSL connection certificates are not included in this process and are also not backed up. These +certificates can be recreated if necessary. + +#### Settings + +You can define whether every certificate should be saved to its own file in the **settings**. If +this option has not been activated, all relevant certificates will be backed up in one file. In +addition, the storage location is defined in the settings. + +![installation_with_parameters_201_826x310](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_201_826x310.webp) + +#### Backing up certificates + +If you want to automatically back up the certificates on a cyclical basis, this can be done via the +backup system. Further information can be found in the section Backup management. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/database_certificates.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/database_certificates.md new file mode 100644 index 0000000000..88941c3314 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/database_certificates.md @@ -0,0 +1,33 @@ +--- +title: "Database certificates" +description: "Database certificates" +sidebar_position: 20 +--- + +# Database certificates + +## What is a database certificate? + +A unique certificate is created for each database. This has the name **psrDatabaseKey**: + +![installation_with_parameters_207](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_207.webp) + +The database certificate **does not encrypt the database.** Rather, it is used for the encrypted +transfer of passwords from the client to the server in the following cases: + +- Creation of a WebViewer via a task +- Creation of an AD profile protected by a master key +- Login of users imported from AD in Master Key mode + +NOTE: The database certificate cannot be replaced by your own certificate. + +NOTE: The expiry date for the database certificate is not checked. The certificate thus does not +need to be renewed. + +**CAUTION:** If the database is being moved to another server, it is essential that the certificate +is also transferred! + +#### Exporting and importing the certificate + +The section [Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md) explains how to back up the certificate and link it +again. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/discovery_service_certificates.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/discovery_service_certificates.md new file mode 100644 index 0000000000..8e6f9c197a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/discovery_service_certificates.md @@ -0,0 +1,26 @@ +--- +title: "Discovery service certificates" +description: "Discovery service certificates" +sidebar_position: 40 +--- + +# Discovery service certificates + +## What is a discovery service certificate? + +If a discovery service is created, a corresponding certificate is also created: + +![installation_with_parameters_202](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_202.webp) + +NOTE: The discovery service certificate cannot be replaced by your own certificate. + +NOTE: The certificates for the discovery service have an expiry date. However, this is not checked. +The certificate thus does not need to be renewed. + +**CAUTION:** If the database is being moved to another server, it is **essential that the discovery +service certificate is also transferred!** + +#### Exporting and importing the certificate + +The section [Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md)explains how to back up the certificate and link it +again. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/master_key_certificates.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/master_key_certificates.md new file mode 100644 index 0000000000..6022c03417 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/master_key_certificates.md @@ -0,0 +1,29 @@ +--- +title: "Master Key certificates" +description: "Master Key certificates" +sidebar_position: 30 +--- + +# Master Key certificates + +#### What is a Master Key certificate? + +If Active Directory is accessed via +[Masterkey mode](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/masterkey_mode.md), +a certificate will be created. This has the name + +Active Directory: Domain: + +![installation_with_parameters_208](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_208.webp) + +NOTE: The Master Key certificate cannot be replaced by your own certificate. + +NOTE: The certificates for Master Key mode have an expiry date. However, this is not checked. The +certificate thus does not need to be renewed. + +**CAUTION:** If the database is being moved to another server, it is essential that the Master Key +certificate is also transferred! + +#### Exporting and importing the certificate + +The section certificates explains how to back up the certificate and link it again. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/nps_server_encryption_certificate.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/nps_server_encryption_certificate.md new file mode 100644 index 0000000000..60020ef87a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/nps_server_encryption_certificate.md @@ -0,0 +1,17 @@ +--- +title: "Netwrix Password Secure Server Encryption Certificate" +description: "Netwrix Password Secure Server Encryption Certificate" +sidebar_position: 60 +--- + +# Netwrix Password Secure Server Encryption Certificate + +With the update to the version 8.16.0 the Netwrix Password Secure Server Encryption Certificate will +be added automatically. + +![NPS Server Encryption](/images/passwordsecure/9.2/configuration/server_manager/certificates/nps-server-encryption_1014x771.webp) + +This certificate is important if you will activate an offline license. In future there will be more +features for which this certificate is relevant. + +RECOMMENDED: **Please export this certificate separately!!!** diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/password_reset_certificates.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/password_reset_certificates.md new file mode 100644 index 0000000000..2634f3be7a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/password_reset_certificates.md @@ -0,0 +1,28 @@ +--- +title: "Password Reset certificates" +description: "Password Reset certificates" +sidebar_position: 50 +--- + +# Password Reset certificates + +## What is a Netwrix Password Secure certificate? + +If a [Password Reset](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/password_reset.md) is created, +a corresponding certificate is created. This ensures that the passwords are transferred in encrypted +form. + +![password-reset](/images/passwordsecure/9.2/configuration/server_manager/certificates/password-reset.webp) + +NOTE: The Password Reset certificate cannot be replaced by your own certificate. + +NOTE: The certificates for the Password Reset have an expiry date. However, this is not checked. The +certificate thus does not need to be renewed. + +**CAUTION:** If the database is being moved to another server, it is essential that all Password +Reset certificate is also transferred! + +#### Exporting and importing the certificate + +The section [Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md)explains how to back up the certificate and link it +again. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/certificates/ssl_connection_certificates.md b/docs/passwordsecure/9.3/configuration/servermanger/certificates/ssl_connection_certificates.md new file mode 100644 index 0000000000..82669ab9b8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/certificates/ssl_connection_certificates.md @@ -0,0 +1,99 @@ +--- +title: "SSL connection certificates" +description: "SSL connection certificates" +sidebar_position: 10 +--- + +# SSL connection certificates + +## What is an SSL connection certificate? + +The connection between clients and the server is secured via an SSL certificate. The **latest +encryption standard TLS 1.2** is used here. It is also possible to create a certificate via the +server, as well as to use an existing certificate with a CA. All computers on which a client is +installed must trust the certificate. + +Otherwise, the following message will appear when the client is started: + +**This connection is not trusted!** + +The connection to the server is not considered secure. + +![not_trusted_certificates](/images/passwordsecure/9.2/configuration/server_manager/certificates/not_trusted_certificates.webp) + +NOTE: Windows Server 2012 R2 requires the latest patch level, since it has been delivered with SSL3, +and has been extended to include TLS 1.2 + +**CAUTION:** The service user creates the databases. A separate certificate is also generated for +each database. Therefore, the service user must be a local administrator or a domain administrator, +as otherwise they would have no rights to save data in the certificate store. + +#### Structure of certificates + +The following information applies to both the **Netwrix Password Secure certificate** and also to +your **own certificates:** + +Alternative applicant + +Communication between the client and server can only take place using the path that is stored in the +certificate with the alternative applicant. Therefore, the Netwrix Password Secure certificate +stores all IP addresses for the server, as well as the hostname. When creating your own certificate, +this information should also be saved under the alternative applicant. + +NOTE: All information (including the IP address) are stored as DNS name. + +#### Using the Netwrix Password Secure certificate + +The name of the PSR certificate is **PSR8Server**. This can be done via the +[Basic configuration](/docs/passwordsecure/9.3/configuration/servermanger/basic_configuration.md) in the AdminConsole. The +certificate is saved locally under: + +Local computer -> own certificates -> certificates + +NOTE: The certificate is valid from its creation up to the year 9999 – and is thus valid almost +indefinitely. For this reason, it is not necessary to note any expiry date. + +Distributing the Netwrix Password Secure certificate + +In order for the certificate to be trusted, it can be exported to the server and then imported to +the clients. The following storage location needs to be selected here: + +local computer -> trusted root certificate location -> certificates + +The certificate can be both rolled out and distributed using group guidelines. + +Manually importing the Netwrix Password Secure certificate + +If the Netwrix Password Secure certificate is not rolled out, it is also possible to manually import +the certificate. To do this, firstly open the certificate information. In the warning notification, +the Show server certificate button is available for this purpose. In the following dialogue, select +the option Install certificate… + +![installation_with_parameters_204_415x395](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_204_415x395.webp) + +A **Certificate import wizard** will open in which **Local computer** should be selected. + +![installation_with_parameters_205_555x405](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_205_555x405.webp) + +In the next step, the storage location “trusted root certificate location” needs to be manually +selected. + +![installation_with_parameters_206_556x406](/images/passwordsecure/9.2/configuration/server_manager/certificates/installation_with_parameters_206_556x406.webp) + +Finally, the installation needs to be confirmed once again. + +NOTE: The user logged in to the operating system requires rights to create certificates + +#### Using your own certificate + +If a CA already exists, you can also use your own certificate. You can specify this within the +[Basic configuration](/docs/passwordsecure/9.3/configuration/servermanger/basic_configuration.md). Please note that a server +certificate for SSL encryption is used here. The CA must be configured so that all clients trust the +certificate. It is necessary to adhere to the certification path. + +**CAUTION:** When configuring, you must ensure that the clients can access the CA lock lists + +Wildcard certificates + +Wildcard certificates are not supported. In theory, it should be possible to use them but we cannot +help with the configuration. You can use wildcard certificates at your own responsibility. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/creating_databases.md b/docs/passwordsecure/9.3/configuration/servermanger/creating_databases.md new file mode 100644 index 0000000000..6ba623e945 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/creating_databases.md @@ -0,0 +1,58 @@ +--- +title: "Creating databases" +description: "Creating databases" +sidebar_position: 40 +--- + +# Creating databases + +![installation_with_parameters_216](/images/passwordsecure/9.2/configuration/server_manager/creatingdatabase/installation_with_parameters_216.webp) + +[https://www.youtube.com/embed/md7_VEdVuWM?rel=0](https://www.youtube.com/embed/md7_VEdVuWM?rel=0)[https://www.youtube.com/embed/md7_VEdVuWM?rel=0](https://www.youtube.com/embed/md7_VEdVuWM?rel=0) + +## What are databases? + +Databases contain all information on users, records, documents, etc. The changes to objects in +Netwrix Password Secure will also become part of the MSSQL database. Naturally, the regular creation +of backups to secure this data should always have the highest priority. The **MSSQL** relational +database management system is used in Netwrix Password Secure version 9. + +## Creating databases + +The creation of databases is supported by the database wizard, which is started directly from the +ribbon. The individual tabs of the wizard are explained below: + +![database wizard](/images/passwordsecure/9.2/configuration/server_manager/creatingdatabase/installation_with_parameters_217-en.webp) + +Database server + +The first tab can be used to manually select the database server. By default, the value defined in +the Advanced settings is preset. A user can also be entered or the service user can be selected +instead. + +Name + +Enter the name of the new database here. Alternatively, you may select an existing database. A +meaningful name makes it easier to differentiate between databases, especially when using multiple +databases. + +Data + +This setting can be used to define whether a template should be used. The template will provide the +database with ready-made forms and dashboard settings that make it easier to get started. The user +can select from English and German templates. However, it is also possible to proceed without a +template – you will then start with a completely empty database. If you have a backup from Password +Safe version 7, this can be migrated. + +User + +This setting is used to define the first user to be created – normally this is the administrator. If +a migration is active, the user can be deleted after migration. + +#### Finishing the database wizard + +Once a database has been created successfully, , provided it has been selected. If no data migration +has been selected, the new database is created directly, and will be displayed in the database +overview. + +![created new database](/images/passwordsecure/9.2/configuration/server_manager/creatingdatabase/installation_with_parameters_218-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/_category_.json new file mode 100644 index 0000000000..99ee9711b4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Database properties", + "position": 60, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "database_properties" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_firewall.md b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_firewall.md new file mode 100644 index 0000000000..8aaed30693 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_firewall.md @@ -0,0 +1,77 @@ +--- +title: "Database firewall" +description: "Database firewall" +sidebar_position: 30 +--- + +# Database firewall + +## What is the database firewall? + +The database firewall enables you to regulate access to the database. A whitelist policy is used for +this process. Firewall rules are used to allow access to the database in individual cases. + +#### Activating the firewall + +The firewall can be directly activated in the database settings. + +![database firewall](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_226-en.webp) + +Access to the firewall is blocked after it has been activated. Login attempts are directly blocked. + +![installation_with_parameters_227](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_227.webp) + +#### Firewall rules + +The rules already set are displayed in the section on the right. The icons +![+](/images/passwordsecure/9.2/configuration/server_manager/database_properties/+.webp) +and +![-](/images/passwordsecure/9.2/configuration/server_manager/database_properties/-.webp) +can be used to add or also delete rules. Rules can be edited by double clicking on them. + +![firewall rule](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_230-en.webp) + +The following possibilities exist: + +- Access from an individual computer is allowed via the IP address. +- A Range of multiple IP addresses can also be optionally selected. +- It is also possible to regulate access using the Computer name. +- Finally, access can also be allowed for a certain Windows user. For example, the administrator can + be allowed access irrespective of the computer being used. +- The setting Grant access defines whether access is allowed or blocked. This is symbolised by a + corresponding icon. + +Naturally, the rules can also be combined. It is thus possible e.g that only one defined user can +access one database from a certain IP address. + +NOTE: The conditions are always combined using AND operators + +If two or more rules overlap, the rule with the least rights will always be applied. For example, if +a rule allows access from a range of IP addresses but another rule blocks a specific computer within +this range then the rule blocking the computer is applied. + +## Examples + +The functionality of the firewall will be explained in more detail using the following rules: + +![defined firewall rules](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_231-en.webp) + +Approving an IP range (Rule 1) + +The first rule in the example allows access from a range of IP addresses from 192.168.150.1 to +192.168.150.254 + +Locking a particular computer (Rule 2) + +The computer with the IP 192.168.150.64 is within the range defined in Rule 1. Access from this PC +is blocked using this rule. + +Blocking an individual user (Rule 3) + +If you want to block a particular user (perhaps because they have left the company) then this is +also possible. + +Computer-independent access for a user (Rule 4) + +This rule grants access to the administrator. It is irrelevant which computer the administrator uses +to log in to the database. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_properties.md b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_properties.md new file mode 100644 index 0000000000..5691a639db --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_properties.md @@ -0,0 +1,34 @@ +--- +title: "Database properties" +description: "Database properties" +sidebar_position: 60 +--- + +# Database properties + +The properties of a database can be opened by double-clicking on the database. No login to the +database is required. + +![installation_with_parameters_225](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_225.webp) + +#### Properties + +The following options can be edited: + +- [General settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/general_settings.md) +- [Syslog](/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/syslog.md) +- [Database firewall](/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_firewall.md) + +General Settings + +The following can be defined in the General Settings: + +- **Database server** – here the SQL instance can be specified again. +- **SystemTask check interval** – specifies the time interval in which the check interval for + SystemTasks should run (**default set to 60 minutes**) +- **Enable offline access** – Activate/deactivate the Offline Add-on +- **Activate access via web client** – Activate/deactivate the web client (**active by default**) +- **Allow mobile synchronization** – Activate/deactivate synchronization with mobile devices +- **Lock clients if login is incorrect (IP address)** – Lock IP if login is incorrect +- **Enable real-time update** – Enables/disables real-time update between clients **(default is + active)** diff --git a/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/general_settings_admin_client.md b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/general_settings_admin_client.md new file mode 100644 index 0000000000..cf18266eb4 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/general_settings_admin_client.md @@ -0,0 +1,19 @@ +--- +title: "General settings" +description: "General settings" +sidebar_position: 10 +--- + +# General settings + +## What are general settings? + +Within the general settings, surface settings regarding the colour scheme as well as the language +used are configured. The password for logging in to the Server Manager can also be changed here. + +![General settings](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_254-en.webp) + +## Determining the system hash + +This function determines the system hash, and copies it to the clipboard. This hash is used for the +offline license. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/syslog.md b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/syslog.md new file mode 100644 index 0000000000..cdef69d3b5 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/syslog.md @@ -0,0 +1,17 @@ +--- +title: "Syslog" +description: "Syslog" +sidebar_position: 20 +--- + +# Syslog + +If desired, the server logs and also the +**[Logbook](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/logbook.md)** can be transferred to a Syslog +server. Double clicking on a database allows you to access its settings. The corresponding menu +items can be found there. + +![installation_with_parameters_232](/images/passwordsecure/9.2/configuration/server_manager/database_properties/installation_with_parameters_232.webp) + +After activating the Syslog interface via the corresponding option, it is possible to configure the +Syslog server. If desired, the entire logbook can also be transferred via another option. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/_category_.json new file mode 100644 index 0000000000..45caf65f25 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Main menu", + "position": 90, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "main_menu" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md new file mode 100644 index 0000000000..418044d227 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md @@ -0,0 +1,38 @@ +--- +title: "Advanced settings" +description: "Advanced settings" +sidebar_position: 40 +--- + +# Advanced settings + +## What are advanced settings? + +Global standard default values are specified in the advanced settings. + +![advanced settings](/images/passwordsecure/9.2/configuration/server_manager/main_menu/installation_with_parameters_263-en.webp) + +#### Database server + +The database server stored here is used as a default value when rebuilding databases. There are 2 +modes: + +Simple mode + +In simple mode, the path to the database server including the user and the associated password can +be specified. You may use the service user for this purpose. + +Extended mode + +In extended mode, the connection string can be specified, which contains both the server, the user +and the password + +SMTP server + +By configuring the SMTP server you define all settings for emails, which the server should send, eg +via the notification system. At the final save, the connection is directly tested for functionality. +The “Save SMTP settings” button becomes active only after a change has been made. + +Log forwarding configuration + +Here you can define the settings which logs will be forwarded via mail diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/_category_.json new file mode 100644 index 0000000000..494288a0c3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Backup settings", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "backup_settings" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/automated_deletion_of_backups.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/automated_deletion_of_backups.md new file mode 100644 index 0000000000..0defce7bf3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/automated_deletion_of_backups.md @@ -0,0 +1,29 @@ +--- +title: "Automatic backup cleanup" +description: "Automatic backup cleanup" +sidebar_position: 20 +--- + +# Automatic backup cleanup + +It is possible to delete backups automatically after a certain period of time. This can be useful if +you append date and time to the backups and thus generate new files daily. + +![automatic cleanup](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/automatic_backup_cleanup/automated-deletion-of-backups-en.webp) + +###### Requirement + +**CAUTION:** It must be ensured that the user who sets up the automated deletion has sysadmin +privileges on the SQL server. + +###### Furnishing + +To be able to use the automatic cleanup, it must be activated first. + +For a proper function of the automatic deletion, the following must be defined: + +- the age of the backups which have to be deleted +- the SQL instance +- all paths where the automatic cleanup of the backup files is to be performed. + +![setup automatic backup cleanup](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/automatic_backup_cleanup/automated-deletion-of-backups-2-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md new file mode 100644 index 0000000000..38781c1b96 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md @@ -0,0 +1,85 @@ +--- +title: "Backup management" +description: "Backup management" +sidebar_position: 10 +--- + +# Backup management + +#### Introduction + +Regular backups of the data should always be part of every security concept. If you wish to create +backups directly on the SQL server, you should also include the Netwrix Password Secure databases. +If no central backups are carried out at the SQL level, you can create backup profiles using the +Server Manager. The backups themselves will then be generated on the SQL Server. + +#### Difference between an incremental and full backup + +A complete backup always saves all data in a database. An incremental backup also creates a complete +image of the database as the first step. In future, only the changes since the backup created at the +beginning will be saved. This saves both time and memory capacity. + +#### Backup concept + +It is recommended that an incremental backup is run every hour. In addition, a full backup should be +created once a week. + +#### Managing the backup schedule + +Creating a backup schedule + +You can create a new schedule via the ribbon. This is facilitated by a wizard. All the information +entered under [Backup settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_settings.md) will be used by default. + +A profile name is entered first. The desired databases are also selected. You also need to specify +the directory for the backups. + +![new backup profile - base settings](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/backup_management/installation_with_parameters_257-en.webp) + +NOTE: It must be a directory on the SQL server. + +Now set the time interval for creating the backups. A preview on the right will show when the +backups will be created in future. An end date can be optionally entered. + +![new backup profile - interval](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/backup_management/installation_with_parameters_258-en.webp) + +In the advanced settings, you can configure whether the backup should be activated directly. It is +also possible to specify whether to create incremental backups. If the date and time are added to +the file name, a new backup is created with each run. If this is not done, the last backup is always +overwritten. The service user can be used to create the backup or a service user can be specified +with a corresponding name and password. + +In addition, you can enter here whether the required certificates should be saved using a backup +task. Further information can be found in the section +[Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md). + +![installation_with_parameters_259](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/backup_management/installation_with_parameters_259.webp) + +Backup run + +The backups are executed by the SQL server in the background. If an error occurs, this is indicated +in “orange” in the backup list. Information about any errors issued by the SQL server is displayed +under all backups. A backup will be automatically deactivated if it does not run 5x in a row. This +will be marked in the list in red. The schedule cannot be reactivated directly. You will need to +open it and amend it. + +Other backup actions + +A selected schedule can be deleted via the ribbon. The wizard for a schedule can be called up by +double-clicking on it to make any changes. In addition, a backup can be started directly via the +ribbon at any time. The backup service must be running for this purpose. You can also display this +in the history. + +#### Restoring data from a backup + +Restoring data from backups is performed using the database module. Data can only be restored to +existing databases. Firstly, select the required database. You can now select Insert in the ribbon. + +![restore backup](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/backup_management/installation_with_parameters_260-en.webp) + +If necessary, firstly enter login data for the user that logs in to the SQL server – although the +service user is generally used here. Now select the backup file. All the backups contained in the +file will then be displayed. Now simply click on Restore to restore the backup to the existing +database. + +![Database restore](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/backup_management/installation_with_parameters_261-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_settings.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_settings.md new file mode 100644 index 0000000000..6bc2bd279f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_settings.md @@ -0,0 +1,20 @@ +--- +title: "Backup settings" +description: "Backup settings" +sidebar_position: 20 +--- + +# Backup settings + +## What are backup settings? + +Within the backup settings the default values for the execution of backups can be defined. + +![Backup settings](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/installation_with_parameters_255-en.webp) + +#### Interval settings + +The interval for backups can be customized as needed. A separate assistant is available for this +purpose. + +![define interval in backup settings](/images/passwordsecure/9.2/configuration/server_manager/main_menu/backup_settings/installation_with_parameters_256-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/disaster_recovery_scenarios.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/disaster_recovery_scenarios.md new file mode 100644 index 0000000000..3205a682fe --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/disaster_recovery_scenarios.md @@ -0,0 +1,123 @@ +--- +title: "Disaster recovery scenarios" +description: "Disaster recovery scenarios" +sidebar_position: 30 +--- + +# Disaster recovery scenarios + +#### Finding a quick solution in the event of a disaster + +In our experience, Netwrix Password Secure is usually installed in IT in a central location. If the +system fails, it must be possible to gain access to the passwords again as quickly as possible. This +section is designed to help you quickly find a solution in the event of a problem. + +#### Prevention + +It is extremely important to create a sensible recovery plan and to make corresponding preparations. +Unfortunately, it is not possible to supply a finished recovery plan because it always needs to be +created individually. The following points should be taken into account in this process: + +Creating backups + +It is of course essential in the event of a disaster that you can access a backup that is as +up-to-date as possible. Therefore, it is necessary to regularly create +[Backup management](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md). + +Who is responsible in the event of a disaster? + +The first thing to decide is who should take action in the event of a disaster. Corresponding +deputies should also be defined. The responsible employee should have the corresponding rights +within Netwrix Password Secure. + +Providing the required passwords + +What passwords do those people responsible need in order to restore Netwrix Password Secure? + +- Domain password to log into the specific computer +- Password for the Server Manager +- Access data for the service user +- Access data for the SQL user +- Password for logging into Netwrix Password Secure + +Furthermore, it must be ensured that the responsible user has access to these passwords at all +times. The following options are possible: + +- Store the passwords in the company safe +- Create corresponding [Offline Add-on](/docs/passwordsecure/9.3/configuration/offlineclient/offline_client.md) +- Periodically create a HTML WebViewer file with automatic delivery via a system task including + e-mail forwarding which can be configured in + [Account](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md) + +#### Disaster scenarios + +The following section will describe various disaster scenarios including the possible recovery +steps. + +Scenario 1 + +Problem: + +Database is corrupt + +Solution: + +Restore the database from a backup. + +Scenario 2 + +Problem: + +Database server is faulty + +Solution: + +Install the database server on new hardware. If the server name changes as a result, the licence +needs to be reactivated. If the licence has already been activated multiple times, it may be that it +can only be released again by Netwrix. If the SQL instance name changes, the connection to the +database server needs to be reconfigured on the application server. This is carried out via the +basic configuration. + +Any existing offline databases will continue to function properly. + +Scenario 3 + +Problem: + +Application server faulty + +Solution: + +New installation on new hardware. The licence must be reactivated. If the server name has changed, +it may be that the licence can only be released again by Netwrix. The basic configuration must be +completed to restore the connection to the database server. If the server name changes, the database +profile on the client needs to be amended. + +Any existing offline databases need to be recreated! + +Scenario 4 + +Problem: + +Both servers are faulty but passwords from Netwrix Password Secure are required urgently. + +Solution: + +Install the database server and application server on new hardware. The licence must be reactivated. +Restore the database from the backup. The basic configuration must be completed to restore the +connection to the database server. If the licence has already been activated multiple times, it may +be that it can only be released again by Netwrix. + +Any existing offline databases need to be recreated! + +Scenario 5 + +Problem: + +As for Scenario 4 but the Active Directory is also not available. + +Solution: + +As described for scenario 4. If the user was imported in end-to-end mode, you can also log in +without an AD connection. Users imported in Masterkey mode cannot log in. Therefore, it is +recommended that you create special, local emergency users for such cases. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md new file mode 100644 index 0000000000..da50be8937 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md @@ -0,0 +1,54 @@ +--- +title: "License settings" +description: "License settings" +sidebar_position: 30 +--- + +# License settings + +## What are license settings? + +Licenses for the Netwrix Password Secure are managed within the license settings. In addition, all +current license details are displayed in the window provided for this purpose. + +![License settings](/images/passwordsecure/9.2/configuration/server_manager/main_menu/installation_with_parameters_262-en.webp) + +## Licenses + +**CAUTION:** Version 7 licenses cannot be used for Netwrix Password Secure version 9. “Please +contact us”: http: //www.passwordsafe.de to obtain a version 9 license. + +Licenses are linked via the Netwrix license server. Here are the details: + +- license.passwordsafe.de +- IP: 13.74.32.103 +- Port 443 TCP (standard HTTPS port) + +Ensure that this server is accessible. You may also use Proxy servers. The license is retrieved from +the server and stored in the server configuration. The license will be checked every hour, and +updated as required. The retention time is 30 days. If there is no internet connection, you can +continue to work for 30 days. If this period should cause problems, please contact us. + +#### Integrating and managing licenses + +After purchase, you will receive the required license information in the form of “customer name” and +“password”. Enter this information directly into the License Server Access area. Use the Select and +Activate button to establish a connection to the license server. You can select the acquired +licenses from a list. The license can be now used. + +NOTE: Optionally, you may specify a proxy. By default, the proxy stored in the operating system is +used. + +**CAUTION:** The licence is called up in the context of the service user. If you experience +connection problems, the firewall and, if relevant, the proxy should be checked. + +#### How to activate the license via license file + +1. Transition the file attached to this email to the Netwrix Password Secure Server(s). +2. Open the Netwrix Password Secure Server Manager. +3. Open the main menu and select the License settings area. +4. Open the License file tab. +5. Click Upload license file. + ![license_file_tab](/images/passwordsecure/9.2/configuration/server_manager/main_menu/license_file_tab.webp) +6. Select the file from this email and then click Open. + ![activated_license](/images/passwordsecure/9.2/configuration/server_manager/main_menu/activated_license.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/main_menu.md b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/main_menu.md new file mode 100644 index 0000000000..7612421e77 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/main_menu.md @@ -0,0 +1,18 @@ +--- +title: "Main menu" +description: "Main menu" +sidebar_position: 90 +--- + +# Main menu + +## What is the main menu? + +The operation and structure of the Main menu/Backstage menu is the same for the +[Main menu](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/main_menu_fc.md) on the client. This area can be used +independently of the currently selected module. + +- [General settings](/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/general_settings_admin_client.md) +- [Backup settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_settings.md) +- [License settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md) +- [Advanced settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/_category_.json new file mode 100644 index 0000000000..fa9a46e09d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Managing databases", + "position": 70, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "managing_databases" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/_category_.json new file mode 100644 index 0000000000..4d4f954e47 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Database settings", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "database_settings" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/database_settings.md b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/database_settings.md new file mode 100644 index 0000000000..a70d518117 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/database_settings.md @@ -0,0 +1,25 @@ +--- +title: "Database settings" +description: "Database settings" +sidebar_position: 10 +--- + +# Database settings + +To open the settings of a database, select it and click on "Settings" in the ribbon. Alternatively +you can open the context menu with the right mouse button and click on "Properties". In the next +step you will be asked to enter your admin password. After that a window with the settings will +open. + +#### Settings + +You can now make the following settings: + +- Authentication +- [Multifactor Authentication](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md) +- [Session timeout     ](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/session_timeout.md) +- [HSM connection via PKCS # 11](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/hsm_connection.md) +- Automatic cleanup +- SAML configuration +- Deletion of users +- More options diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/hsm_connection.md b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/hsm_connection.md new file mode 100644 index 0000000000..ffe601dbd5 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/hsm_connection.md @@ -0,0 +1,49 @@ +--- +title: "HSM connection via PKCS # 11" +description: "HSM connection via PKCS # 11" +sidebar_position: 30 +--- + +# HSM connection via PKCS # 11 + +## What is the HSM connection? + +The HSM connection ensures that the certificates can be outsourced to the HSM. This ultimately leads +to an increased protection because the certificates are not directly in the server’s access. The +connection is effected via PKCS # 11. + +#### Requirements + +In order to be able to connect an HSM, the following conditions have to be met: + +- An executable HSM has to be available. +- The PKCS # 11 drivers have to be installed on the application server. +- The device is set up via the Administrator database on the Server Manager. + +**CAUTION:** Please note, if an HSM is to be used, the database also has to be set up thoroughly. It +is currently not possible to transfer an existing database to an HSM. + +#### Hardware compatibility + +In principle, any HSM should work with the PKCS#11 interface. However, it is recommended to try this +out in a test position or a PoC beforehand. + +#### Installation + +The installation is set up on the Server Manager via the database settings. + +![installation_with_parameters_235](/images/passwordsecure/9.2/configuration/server_manager/managing_databases/database_settings/installation_with_parameters_235.webp) + +- **Library path**: Here you can find the installed PKCS # 11 driver of the HSM. +- **Token-Serial**: The serial number of the token is given here. +- **Token Label**: The name of the token. +- **PIN**: Finally, the PIN is specified for authentication at the token. + +## Use by Netwrix Password Secure + +As soon as the HSM is connected, all server keys are transferred to the HSM. This is the database +certificate. If the AD has been connected in Masterkey mode, the masterkey will also be transferred +to the HSM. Then the certificates are no longer stored in the certificate store of the application +server, but centrally managed by the HSM. All other keys are not stored on the HSM, but derived from +the masterkeys. Therefore, Netwrix Password Secure rarely accesses the HSM, for example, at server +startup or at the AD Sync. As a result, the load on the HSM can be kept low. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md new file mode 100644 index 0000000000..311f022a43 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md @@ -0,0 +1,23 @@ +--- +title: "Multifactor Authentication" +description: "Multifactor Authentication" +sidebar_position: 10 +--- + +# Multifactor Authentication + +## What is multifactor authentication? + +Multifactor authentication is used to secure the logon to the by an additional factor. The actual +setup takes place in the client. The configured en can then be used by any user + +Activation of different factors + +In the Databases module, select a database and open its settings via the ribbon... + +![Database settings](/images/passwordsecure/9.2/configuration/server_manager/managing_databases/database_settings/mfa-de.webp) + +In the settings you define which second factors can be used. + +NOTE: If you want to use "Encipherment" for PKI certificates without KeyUsageFlag, uncheck the +corresponding checkbox. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/session_timeout.md b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/session_timeout.md new file mode 100644 index 0000000000..8d92779b48 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/session_timeout.md @@ -0,0 +1,13 @@ +--- +title: "Session timeout" +description: "Session timeout" +sidebar_position: 20 +--- + +# Session timeout + +Here you can set individually for each client when an inactive connection to the application server +is automatically terminated. Select the desired time period in the drop-down menu and save the +setting by clicking on **"Save"**. + +![session timeout](/images/passwordsecure/9.2/configuration/server_manager/managing_databases/database_settings/session-timeout-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md new file mode 100644 index 0000000000..59344efe61 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/managing_databases.md @@ -0,0 +1,97 @@ +--- +title: "Managing databases" +description: "Managing databases" +sidebar_position: 70 +--- + +# Managing databases + +## Managing a database + +The available actions can be selected via the context menu that is accessed using the right mouse +button or also via the ribbon. + +![Managing databases](/images/passwordsecure/9.2/configuration/server_manager/managing_databases/installation_with_parameters_234-en.webp) + +## Database settings + +All database settings are saved in the database. It is necessary to log in to the database before +editing the settings. Any user that exists in the database can be used for this purpose. You can +always restore Global settings via the ribbon. + +Multifactor authentication + +This area can be used to configure which services will be used for multi-factor authentication. The +available services are: RSA Secure ID, SafeNet, YubiKey NEO, and YubiKey Nano. After selecting the +required service, specify the respective access data. You must also configure various services. In +this case, you can specify on the client which methods will be used by the individual users. + +Further information on this subject can be found in the +section[Multifactor Authentication](/docs/passwordsecure/9.3/configuration/servermanger/managingdatabases/databasesettings/multifactor_authentication_ac.md). + +PKCS#11 + +Via the PKCS # 11 interface, the server keys can be protected via a hardware security module (HSM). +The interface can be configured here. + +Automatic clean up + +If desired, the logbook, **notifications, session recordings** and also the **historical documents** +can be automatically cleaned up here. You merely have to enter how old the data needs to be before +it is deleted. Logbook entries can be exported before the deletion process. + +**CAUTION:** It is important to note that the logbook is also used for the filter functions. If the +logbook is regularly cleaned up, it is possible that the full functions of the filter will no longer +be available. + +#### Database actions + +Show connection locks + +In the ribbon, all connection locks can be displayed. To do this, you must first log in to the +database. All locked users will be displayed in a list. The following is displayed: + +- User name (if known) +- Reason for lock +- Number of login attempts +- Expiry of the lock. The user can be unlocked by right-clicking on an entry. + +A user can be locked manually using the corresponding button. It is necessary to select the user, +configure the expiration of the lock and specify a reason. + +Show / disconnect sessions + +You can use the corresponding button to display all currently connected clients. After selecting a +session, the connection can be disconnected. + +Migration + +Once a database has been selected, the can be started via the ribbon. This also allows multiple +version 7 databases to be merged into one. + +**CAUTION:** When the migration is started, the database is set to migration mode. For the duration +of the migration, it is not possible to log in to the database – users who are already logged in +will be sent a corresponding message. The sessions will, however, remain open so that users can +continue working as soon as the migration is complete. + +Certificates + +Management of the certificates is very important. This is described in the section certificates. + +Display database users + +This button can be used to call up statistics about the users in the respective databases. It shows +you which users are active in which database. Naturally, this list can also be exported. + +#### Data backup + +Here you can view the history of all backups or also a single backup. + +Show history + +All backups of the database are displayed hierarchically in a sortable list. + +Importing + +A backup can be restored here. This can be done via a file or from the history. The procedure is +described under Backup management diff --git a/docs/passwordsecure/9.3/configuration/servermanger/msp/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/msp/_category_.json new file mode 100644 index 0000000000..048747ed4d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/msp/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "MSP", + "position": 100, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "msp" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/_category_.json b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/_category_.json new file mode 100644 index 0000000000..e5ccaed2bd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Changes in the Server Manager", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "changes_in_the_adminclient" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/changes_in_the_adminclient.md b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/changes_in_the_adminclient.md new file mode 100644 index 0000000000..50ab4adf26 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/changes_in_the_adminclient.md @@ -0,0 +1,25 @@ +--- +title: "Changes in the Server Manager" +description: "Changes in the Server Manager" +sidebar_position: 10 +--- + +# Changes in the Server Manager + +#### Navigation + +In the previous on-prem version, there are the modules Databases (1) and Backups (2). + +![Modules in AdminClient](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/module-ac-en_606x403.webp) + +In the new MSP version these have been replaced by the modules Customers (1) and Cost Overview (2). + +![AdminClient - MSP module](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/module-msp-ac-en.webp) + +In the MSP version, you will find the individual customer databases under the Customers module. + +NOTE: The Backup module has been removed, because Netwrix Password Secure's own backup is not +suitable for environments with multiple customer databases. As a Managed Service Provider, you must +back up your customer databases yourself using appropriate measures. + +The Status and Web Application modules are identical in both versions. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/cost_overview_module.md b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/cost_overview_module.md new file mode 100644 index 0000000000..5f9917c138 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/cost_overview_module.md @@ -0,0 +1,14 @@ +--- +title: "Cost overview module" +description: "Cost overview module" +sidebar_position: 20 +--- + +# Cost overview module + +In the Cost overview module, all billed customers are displayed. Here you can see all changes in the +number of users and options (1) for the current month (forecast) and the past months at a glance. +This view can be filtered by month (2). If you use your own billing system, you can export the +displayed or filtered values as a CSV file (3). + +![Cost overview](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/cost_overview/cost-overview-en_998x722.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/customers_module.md b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/customers_module.md new file mode 100644 index 0000000000..064b96752d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/msp/changesintheadminclient/customers_module.md @@ -0,0 +1,105 @@ +--- +title: "Customers module" +description: "Customers module" +sidebar_position: 10 +--- + +# Customers module + +#### Creating a new customer + +Creating a new customer is done via the Customers module (1). Here, click on New (2) in the upper +left corner. This applies both to customers in a test phase and to customers who are to be billed +immediately. + +![create-new-customer-msp-en_1035x753](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/create-new-customer-msp-en_1035x753.webp) + +When creating a new customer, the customer name is specified under **General** (1). + +If (2) is not checked, a test customer is created without billing. This is then a customer in the +test phase. If (2) is checked, a customer will be created who will be charged by Netwrix from the +current month. + +At (3) a date is automatically entered that is four weeks in the future. This date can be changed by +the managed service provider for test customers as well as billed customers, for example to limit +the test period or if the date of a possible termination of a billed customer should be known in +advance. + +![General settings new customer](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/general-new-customer-msp-en_1029x682.webp) + +Under License (4) the maximum number of users can be specified. Here you have the possibility + +(5) to limit the number up to which new users can be created or not. The options booked by the +customer (6) can be activated or deactivated by ticking them off. All other settings are identical +to the on-prem version. + +![License settings new customer](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/licence-new-customer-msp-en_1013x675.webp) + +After saving, the test customers are displayed under Test (1) and the customers to be billed under +Billed (2). When you click on a (test) customer, you will see the associated + +information and activated options. By clicking the button Edit (3 + 4) you can make + +adjustments can be made. The contract data can be adjusted by Edit (3). + +The options can be activated or deactivated by Edit (4). + +![overview-1-msp-en](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/overview-1-msp-en.webp) + +#### Test customer view + +In the view of a test customer, the general contract data can be edited under the general contract +information under Edit (1) and the test customer can be converted to a billed customer. Billing +customers can no longer be converted back to test customers. + +Under Active options, options can be selected and deselected with Edit (2). For test customers, no +billing data is available in the Forecast, Last Months and Cost History fields. + +Since no costs are incurred for test customers, no information is displayed here under User history +(3), Forecast, Last months and Cost history. + +![test-customer-view-msp-en_1024x742](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/test-customer-view-msp-en_1024x742.webp) + +#### Billed customer view + +Here you can also edit the contract details and activate or deactivate options. Additionally you can +see the user history (4) of the last months, the forecast for the current month (5) including the +expected costs for the users and options, as well as the total amount. Furthermore, you will find +the statements of the last months (6) and a graphical representation of the cost history (7). + +![billed-customer-msp-en_1032x752](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/billed-customer-msp-en_1032x752.webp) + +#### Deactivating and reactivating a customer + +Both test customers and customers to be billed can be deactivated, e.g. if a test customer cannot +continue testing until later or if a customer to be billed does not pay his invoice. When +deactivating, all data is retained and the customer can be completely restored. + +To deactivate a customer, select the database (1) and then Deactivate (2). + +![deactivate-customer-msp](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/deactivate-customer-msp.webp) + +A reason (3) can be specified for the deactivation and then the database can be deactivated (4). + +![deactivate-customer-2-msp](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/deactivate-customer-2-msp.webp) + +To reactivate a deactivated customer, select the deactivated database (1) and then Activate (2). + +![reactivate-customer-msp-en](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/reactivate-customer-msp-en.webp) + +#### Deleting a customer + +To delete a customer, select the database (1) and then Remove (2). Removal is possible with both +active and deactivated customer databases. + +![remove-customer-msp-en_947x686](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/remove-customer-msp-en_947x686.webp) + +Deletion must be confirmed (3). + +![confirm-delete-customer-msp-en](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/confirm-delete-customer-msp-en.webp) + +The following dialog box (4) indicates that the database has been deleted in Netwrix Password +Secure, but you as an MSP are responsible for deleting the database in the SQL server as well as any +existing backups. + +![successfull-deletion-msp-en](/images/passwordsecure/9.2/configuration/server_manager/msp/changes_in_ac/customers_module/successfull-deletion-msp-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/servermanger/msp/msp.md b/docs/passwordsecure/9.3/configuration/servermanger/msp/msp.md new file mode 100644 index 0000000000..62296b76f3 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/msp/msp.md @@ -0,0 +1,15 @@ +--- +title: "MSP" +description: "MSP" +sidebar_position: 100 +--- + +# MSP + +Whether you are a partner or an end user of Netwrix Password Secure - this help will support you in +getting started with MSP and guide you safely through the configuration and operation of the +software. + +We are pleased that you have chosen Netwrix Password Secure for your password protection needs. + +We hope you enjoy discovering your new password manager! diff --git a/docs/passwordsecure/9.3/configuration/servermanger/operation_and_setup_admin_client.md b/docs/passwordsecure/9.3/configuration/servermanger/operation_and_setup_admin_client.md new file mode 100644 index 0000000000..4fc2f23079 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/operation_and_setup_admin_client.md @@ -0,0 +1,115 @@ +--- +title: "Operation and setup" +description: "Operation and setup" +sidebar_position: 80 +--- + +# Operation and setup + +## Structure of the Server Manager + +The structure of the Server Manager is based to a high degree on the structure of the actual client. +The control elements such as the ribbon and the info and detail areas can be derived from the +section dealing with the +client([Operation and Setup](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/operation_and_setup.md)). + +NOTE: An initial password is required for the first login on Server Manager. The password is +“admin”. This password should be changed directly after login and carefully documented. + +#### Status module + +![Status Admin Client](/images/passwordsecure/9.2/configuration/server_manager/operation_and_setup/installation_with_parameters_248-en.webp) + +1. Ribbon + +As usual the ribbon can be found above. Because the module is purely informative, there is no +functionality in the ribbon, except for updating the view + +2. Notification area + +- The info area shows the status of the specific services. Click the icon to configure services. By + default, the base configuration is used. If necessary, individual parameters can be replaced or + adapted to personal requirements. +- You can start and stop a specific service via +- On the right side of the info area, the utilization of the processor and main memory is displayed + over two curves. +- In the “Backup service” area, the last backups are displayed using a diagram. There is a green bar + for a successful backup, a red symbolizes a failed backup. Additional information is displayed via + a mouseover. + +3. Server log + +The server logbook shown on the right of the screen monitors and controls the server. It shows all +relevant actions on the server in a comprehensible way, always displaying the last 100 entries. The + +| Action | Color | +| ----------------------------- | ------ | +| Expected actions | black | +| Events that require attention | orange | +| Problems and crashes | red | + +- Expected actions – such as starting and stopping services – are displayed in black +- All events (e.g. failed login attempts) that require attention are displayed in orange +- All problems (e.g. crashes) are marked in red + +The server logbook can be sorted in ascending and descending order by date and description via the +column headings. The period shown can be limited using . + +# Databases module + +Databases are managed in a dedicated module. All relevant information on the existing databases can +also be called up – completely without accessing the SQL server. + +![Databases Admin Client](/images/passwordsecure/9.2/configuration/server_manager/operation_and_setup/installation_with_parameters_252-en.webp) + +1. Ribbon + +2. Database overview + +In the database overview, all databases listed alphabetically. This section can be minimised using +the arrow symbol on the top, left edge. Right-click on one of the databases to display a context +menu with all available functions. + +3. Notification area + +The Info area displays all the information about the database currently selected in the database +overview. This information is ivided into the three subsections “Database summary, Data sets and +Database tables”. + +4. Recent backups + +List of recent backups. Can be sorted by date + +5. Database log + +The database log is used to monitor and control the specific databases. All relevant actions for the +selected database are displayed in a comprehensible manner in one list. The categorisation is +carried out in the same way as the server log according to the colours applied. + +#### Backups module + +There is also a separate module for configuring the backups. This means that all backups can be +configured and managed directly from the Server Manager. + +![backup-ac](/images/passwordsecure/9.2/configuration/server_manager/operation_and_setup/backup-ac.webp) + +1. Ribbon + +2. Backup overview + +All configured backups are listed here. The overview can be minimized to the left. Other functions +are available via right-click + +3. Notification area + +The notification area is divided into three sections. The “Basic settings, Advanced settings and +Info” sections for the selected database can be used + +4. Recent backups + +The last backups are displayed in a list on the right. + +5. All backups + +A tabular overview shows all previous backups. The view can be sorted as usual. Here you can see at +a glance, when which database was saved and whether the backup was successful. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/server_manger.md b/docs/passwordsecure/9.3/configuration/servermanger/server_manger.md new file mode 100644 index 0000000000..b2c1407f2c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/server_manger.md @@ -0,0 +1,22 @@ +--- +title: "Server Manager" +description: "Server Manager" +sidebar_position: 10 +--- + +# Server Manager + +## What is the Server Manager? + +The Server Manager takes care of the central administration of the databases as well as the +configuration of the backup profiles. In addition, it provides the very important interface to the +Netwrix Password Secure license server. Furthermore, it is used for the administration of globally +defined settings, as well as the configuration of profiles for sending emails. +[Installation Server Manager](/docs/passwordsecure/9.3/installation/installation_server_manager.md) + +![Admin Client](/images/passwordsecure/9.2/configuration/server_manager/installation_with_parameters_187-en.webp) + +In this sense, the server service represents the interface between the client and the SQL server. +The Server Manager is responsible for configuring the server service. It allows the central +administration of the databases without having access to the SQL server. This is a huge advantage +with regards to organization and authorizations. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/settlement_right_key.md b/docs/passwordsecure/9.3/configuration/servermanger/settlement_right_key.md new file mode 100644 index 0000000000..3f7d391a2a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/settlement_right_key.md @@ -0,0 +1,90 @@ +--- +title: "Settlement right key" +description: "Settlement right key" +sidebar_position: 50 +--- + +# Settlement right key + +#### Problem Description + +In the version 8.3.0.13378 passwords which cannot be decrypted for other users could be created. In +this case, individual users or even all users do not have the necessary legal key. If a user wants +to reveal an affected password, the following message is displayed: + +![installation_with_parameters_219_706x98](/images/passwordsecure/9.2/configuration/server_manager/settlement_right_key/installation_with_parameters_219_706x98.webp) + +#### Bugfix + +The bug was fixed with the version 8.3.0.14422 Hotfix 1. If an older version is in use, it is +important to update to the latest version 8.4.0.14576. + +#### Review and settlement of records + +When updating to version 8.4.0.14576, the Server Manager is checked for affected data records. + +###### Review via the Server Manager + +The results of the query show which passwords can be fixed by which user. (In this example, the +entries are highlighted in color). + +- Blue = password name +- Yellow = Repairable / Irreparable +- Orange = users / roles who can fix the password + +Reparable records + +Passwords in which users / roles with entitlement right and right key exist: + +![installation_with_parameters_220_584x65](/images/passwordsecure/9.2/configuration/server_manager/settlement_right_key/installation_with_parameters_220_584x65.webp) + +Irreparable records + +Passwords in which users / roles without a legal key or with a legal key but without an +authorization right exist: + +![installation_with_parameters_221_697x40](/images/passwordsecure/9.2/configuration/server_manager/settlement_right_key/installation_with_parameters_221_697x40.webp) + +###### Settlement of reparable records + +Damaged passwords are corrected automatically with the users / roles specified under ‘repairable +with’ when logging on to the client or Web Application. + +The right key can be checked using the form field permissions of password fields. If at least one +user has the right key, the password can be fixed. In the following example, only the user ‘white’ +has the right key and thus only this user can discover and correct the password. + +![installation_with_parameters_222_754x91](/images/passwordsecure/9.2/configuration/server_manager/settlement_right_key/installation_with_parameters_222_754x91.webp) + +When logging on to the database via the client, a cleanup task is started automatically. This task +always runs with the logged in user. In this case – as far as it is possible with the user – all +affected passwords are corrected. Thus, when all users have logged in once, all affected passwords +should be adjusted. + +###### Irreparable records (not repairable) + +Irreparable passwords cannot be corrected automatically. Nevertheless, it may happen that passwords +marked as irreparably can be corrected manually. + +First case + +In the first case, no user / role has the right key on the password. Thus, no user can decrypt or +correct the password. + +![installation_with_parameters_223_757x69](/images/passwordsecure/9.2/configuration/server_manager/settlement_right_key/installation_with_parameters_223_757x69.webp) + +The affected passwords have to be recreated. For the security, a new database with an older backup +can be included. From this database, the affected passwords / data can be taken over into the +current database again. + +Second case + +In the second case, there are users / roles who have the right key but not the right to claim. As +far as the number of irreparable passwords is limited, these can be used to check the form field +permissions manually. + +![installation_with_parameters_224_762x90](/images/passwordsecure/9.2/configuration/server_manager/settlement_right_key/installation_with_parameters_224_762x90.webp) + +For the passwords concerned, the user with the legal key must be given the right of authorization +temporarily to correct. If the corresponding user has the entitlement right, he can reset the legal +key, either automatically when logging in or manually when saving the authorizations. diff --git a/docs/passwordsecure/9.3/configuration/servermanger/setup_wizard.md b/docs/passwordsecure/9.3/configuration/servermanger/setup_wizard.md new file mode 100644 index 0000000000..b405fb24cc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/servermanger/setup_wizard.md @@ -0,0 +1,74 @@ +--- +title: "Setup wizard" +description: "Setup wizard" +sidebar_position: 30 +--- + +# Setup wizard + +## What is the setup wizard? + +The setup wizard contains all relevant settings for setting up Netwrix Password Secure. The +individual points can also be changed later on. Separate sections are available for each. + +#### Defining the administrator password + +The first step is to define the authentication password for the Server Manager. The initial password +is “admin”. A new password needs to be entered during startup – this new password should be securely +and properly documented. It can be subsequently changed in the +[General settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/general_settings.md). + +![setup-wizard-ac-en](/images/passwordsecure/9.2/configuration/server_manager/setupwizard/setup-wizard-ac-en.webp) + +NOTE: The initial password is “admin”. + +#### License settings + +The second step is to complete the configuration for successively connecting to the licence server. +This step can also be carried out later “in the [License settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md) + +![setup-wizard-ac-2-en](/images/passwordsecure/9.2/configuration/server_manager/setupwizard/setup-wizard-ac-2-en.webp) + +“license.passwordsafe.de” should be entered in the field “Licence server”. The other access data +(user name and password for the licence server will be sent to you by email). + +If necessary, access data for a possible proxy can also be issued – otherwise the proxy in the +operating system will be used. You can then select and activate the required license by clicking on +the corresponding button. + +#### Database server + +The configuration of the database server is also part of the +[Advanced settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md) and can also be edited there later on. + +![setup-wizard-ac-3-en](/images/passwordsecure/9.2/configuration/server_manager/setupwizard/setup-wizard-ac-3-en.webp) + +The database server must be specified along with the associated SQL instance. For simplicity, you +can copy the server name from the login window of the SQL server. + +The user that will be used to create the database on the SQL Server is also specified. The user +therefore needs **dbCreator** rights. Alternatively, you can use the service user for this purpose. +The “Advanced” button allows you to specify a **Connection String.** + +#### SMTP server + +The last step is to configure the SMTP server via which all emails are sent. This is also part of +the [Advanced settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/advanced_settings.md) should it be necessary to make changes +later on. + +![setup-wizard-ac-4-en](/images/passwordsecure/9.2/configuration/server_manager/setupwizard/setup-wizard-ac-4-en.webp) + +Once the data has been entered and successfully tested, the wizard can be completed by clicking on +“Finish”. + +Security notes + +As soon as the setup wizard has been completed, two security notes will be displayed in the +**Status** + +module that need to be confirmed. + +**CAUTION:** It is recommended that you only confirm the security notes when the corresponding point +has actually been carried out. It is absolutely essential to ensure that regular +[Backup management](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md) are created +and the [Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md) are backed up. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/_category_.json b/docs/passwordsecure/9.3/configuration/webapplication/_category_.json new file mode 100644 index 0000000000..c09eaf5cec --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Web Application", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "web_application" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md b/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md new file mode 100644 index 0000000000..9c1d8d169a --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/authorization_and_protection_mechanisms.md @@ -0,0 +1,51 @@ +--- +title: "Authorization and protection mechanisms" +description: "Authorization and protection mechanisms" +sidebar_position: 30 +--- + +# Authorization and protection mechanisms + +## Security and protection on the Web Application + +As with the client, the records can be protected on the Web Application with different mechanisms. +The authorizations on records can also be managed in the Web Application. During the development of +the Web Application, there was always taken care that the operation is identical to the operation of +the client. Since the Web Application is based on HTML, it is unfortunately not possible to render +the client 100% identical. Therefore, the operation may differ in details. These deviations should +be clarified in this chapter. + +#### Permissions and rights concept + +###### Protections + +Password masking + +The password masking follows the familiar logic of the client. Due to this function, reference +should be made to the chapter of +[Password masking](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/password_masking.md). + +There are marginal differences in the operation. The privacy protection is fixed or edited via a +button in the extended menu.. + +![installation_with_parameters_183](/images/passwordsecure/9.2/configuration/web_applicaiton/authorization_and_protection/installation_with_parameters_183.webp) + +The corresponding button is only displayed if the logged in user has the sufficient rights. + +If a record is provided with a privacy protection, this is shown in the header of the password. + +![installation_with_parameters_184](/images/passwordsecure/9.2/configuration/web_applicaiton/authorization_and_protection/installation_with_parameters_184.webp) + +Seal + +The seals also correspond in function to the known logic of the client. In the chapter seal further +explanations can be found. The +[Seals](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/protectivemechanisms/seals/seals.md) +are configured in the extended menu via a button. + +![installation_with_parameters_185](/images/passwordsecure/9.2/configuration/web_applicaiton/authorization_and_protection/installation_with_parameters_185.webp) + +The button is only displayed for the users who have the rights to edit seals. If a record is sealed, +this will be shown in the password field. + +![seal_wc](/images/passwordsecure/9.2/configuration/web_applicaiton/authorization_and_protection/seal_wc.webp) diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/_category_.json b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/_category_.json new file mode 100644 index 0000000000..10f748e3bd --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Functional scope", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "functional_scope" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/application.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/application.md new file mode 100644 index 0000000000..a2f807a1b2 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/application.md @@ -0,0 +1,30 @@ +--- +title: "Application" +description: "Application" +sidebar_position: 80 +--- + +# Application + +The following functions are currently available in the **Application module**: + +Web & SAML applications: + +- Create +- Manage +- Delete + +NOTE: A detailed explanation of how to configure SAML can be found in the chapter “Configuration of +SAML” + +General functions: + +- Notifications +- Duplicate +- Move +- Favorite +- Quick view +- Connect password + +NOTE: The Web Application module Applications is based on the client module of the same name +“Applications”. Both modules differ in scope and design, but the operation is almost identical. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/documents_web_application.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/documents_web_application.md new file mode 100644 index 0000000000..8a87958f40 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/documents_web_application.md @@ -0,0 +1,30 @@ +--- +title: "Documents" +description: "Documents" +sidebar_position: 90 +--- + +# Documents + +The following functions are currently available in the **Document module:** + +- New + New document can be added in the following ways: + ◦ Right click -> search + ◦ Search via the navigation bar + ◦ By Drag & Drop (by dragging the document into the window) + +- Open properties +- Update document +- Notifications +- Move +- Favourite +- Quick view +- Export +- Authorizations +- Create external link +- Print +- History + +NOTE: The Web Application module **Documents** is based on the client module of the same name +“Documents”. Both modules differ in scope and design, but the operation is almost identical. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/forms_module.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/forms_module.md new file mode 100644 index 0000000000..bbcc9fad6f --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/forms_module.md @@ -0,0 +1,23 @@ +--- +title: "Forms module" +description: "Forms module" +sidebar_position: 50 +--- + +# Forms module + +The following functions are currently available in the **forms module**: + +- Add +- Open +- Delete +- Notifications +- Duplicate +- Favourite +- Quick view +- Permissions +- Print +- Export + +NOTE: The Web Application module **forms** is based on the client module of the same name. Both +modules have a different scope and design but are almost identical to use. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/functional_scope.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/functional_scope.md new file mode 100644 index 0000000000..9e3b2794bb --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/functional_scope.md @@ -0,0 +1,28 @@ +--- +title: "Functional scope" +description: "Functional scope" +sidebar_position: 10 +--- + +# Functional scope + +The **Web Application** will act as the basis for a constant enhancement. The current functional +scope will be explained at this point. For the purposes of clarity, the relevant modules will be +described in their own subsections. + +#### General functions + +- Global settings and User settings +- Global User rights + +#### Functions in the individual modules + +- [Password module](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/password_module.md) +- [Tag system](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/tag_system.md) +- [Organisational structure module](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/organisational_structure.md) +- [Roles module](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/roles_module.md) +- [Forms module](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/forms_module.md) +- [Notifications](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/notifications.md) +- [Logbook](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/logbook_web_application.md) +- [Application](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/application.md) +- [Documents](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/documents_web_application.md) diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/logbook_web_application.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/logbook_web_application.md new file mode 100644 index 0000000000..3308e1b963 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/logbook_web_application.md @@ -0,0 +1,28 @@ +--- +title: "Logbook" +description: "Logbook" +sidebar_position: 70 +--- + +# Logbook + +The **logbook module** exists of the following features: + +- Filter function +- Quick view + +NOTE: The Web Application module logbook is based on the same called client module logbook. Both +modules differ in range and design. However, the handling is almost the same. + +Differences to the logbook on the Client: + +The following options are not available yet in the **Web Application**. If needed, you can use them +on the Client. + +- Documents +- Multifactor authentication +- Report configuration +- Applications +- Password Reset +- Password rules +- Sytem Task diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/notifications.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/notifications.md new file mode 100644 index 0000000000..f598d3e458 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/notifications.md @@ -0,0 +1,16 @@ +--- +title: "Notifications" +description: "Notifications" +sidebar_position: 60 +--- + +# Notifications + +- The **permission module** exists of the following features: +- Filter function +- Seal function +- Mark message as read/unread +- Quick view (use button and space bar) + +The Web Application module permissions is based on the same called client module notifications. Both +modules differ in range and design. However, the handling is almost the same. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/_category_.json b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/_category_.json new file mode 100644 index 0000000000..2f4190cfcb --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Organisational structure module", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "organisational_structure" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/organisational_structure.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/organisational_structure.md new file mode 100644 index 0000000000..ab685e1169 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/organisational_structure.md @@ -0,0 +1,73 @@ +--- +title: "Organisational structure module" +description: "Organisational structure module" +sidebar_position: 30 +--- + +# Organisational structure module + +The following functions are currently available in the **organisational structure module**: + +- Adding/editing/deleting/authorizing users / organisational structures +- Notifications +- Drag & Drop +- Filter +- Quick view +- User settings +- User rights +- Changing passwords +- Print + +NOTE: The Web Application module organisational structure is based on the client module of the same +name. Both modules have a different scope and design but are almost identical to use. + +## AD connection in the Web Application + +The Active Directory connection in the Web Application works similiar to the Client. In the chapter +[Active Directory link](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/active_directory_link.md) +you can find further information. + +![Organisational structure WebClient](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/installation_with_parameters_160-en.webp) + +The Web Application offers the following functions: + +- Import +- Manual synchronisation +- Manage profiles + +###### Radius + +You can reach the Radius server, if the import is in the Masterkey mode. The Radius server will be +provided in the Active Directory profile and will therefore deliver the possible authentication +methods in future. You will find further informations in the +[RADIUS authentication](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/organisationalstructure/directoryservices/activedirectorylink/radius_authentication.md) +chapter. + +![installation_with_parameters_161](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/installation_with_parameters_161.webp) + +###### Predefining rights + +To **predefine rights** in the Web Application, the procedure is the same as in the Client. +[Predefining rights](/docs/passwordsecure/9.3/configuration/advancedview/permissionconceptandprotective/predefiningrights/predefining_rights.md)) + +Go to the module organisational structure to choose the organisation unit for which the rights shall +be predefined. Then choose **Predefine rights** in the menu bar. + +![installation_with_parameters_162](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/installation_with_parameters_162.webp) + +**Creating the first template group:** A modal window will appear after clicking on the icon for +adding a new template group (green arrow) in which a meaningful name for the template group should +be entered. + +![installation_with_parameters_163](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/installation_with_parameters_163.webp) + +Now you can add the appropriate roles and users. + +![installation_with_parameters_164](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/installation_with_parameters_164.webp) + +You can add users and roles in different ways: + +- Add the appropriate roles and users at the toolbar under **Search and add**. +- Click on the loupe to see all the users and roles. + +![installation_with_parameters_165](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/installation_with_parameters_165.webp) diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/user_management.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/user_management.md new file mode 100644 index 0000000000..36bb5b7a87 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/organisationalstructure/user_management.md @@ -0,0 +1,20 @@ +--- +title: "User management" +description: "User management" +sidebar_position: 10 +--- + +# User management + +## How are the users managed in the Web Application? + +The user management strongly depends on whether the Active Directory has been connected or not. In +Master Key mode, the Active Directory remains the leading system. In all other modes, the user +administration is carried out via the organisational structure module. + +#### Creating local users + +When creating new users, you must pay attention to whether it is a **User (Basic View)** or a +**Advanced User (View)**. + +![installation_with_parameters_166](/images/passwordsecure/9.2/configuration/web_applicaiton/functional_scope/organisational_structure/user_management/installation_with_parameters_166.webp) diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/password_module.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/password_module.md new file mode 100644 index 0000000000..f2b835195d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/password_module.md @@ -0,0 +1,55 @@ +--- +title: "Password module" +description: "Password module" +sidebar_position: 10 +--- + +# Password module + +The **Password Module** currently provides the following functions: + +- Create +- Delete +- Edit +- Uncover password +- Quick search +- Add/edit form fields +- Tagged +- Duplicate +- Move +- Quick view (passwords automatically reveal) +- Favorites +- Filter +- Structural filter +- Authorization/edit rights +- Form field authorizations +- Change password undercover +- Password generator with guidelines +- Copy to clipboard +- Open Internet page +- View logbook +- Display seal/visibility protection +- German/English +- Change user password, if “Change password at next login” is active +- Show notifications +- Keyboard navigation + ◦ ALT+Q: Quick search + ◦ ALT+N: New record + ◦ ALT+S: Save in Edit/New View + ◦ ALT+DEL: Delete selected record + ◦ Arrow up/down in list: Change selection + ◦ Right/left arrow in list: Page forward/backward + ◦ Enter: Open selected record + +- Privacy screen +- Seal +- Print +- Create external link +- History +- Change form +- Export +- WebViewer Export + +NOTE: The Web Application module Password module is based on the module of the same name that is +located in the client. Both modules differ in scope and design, but are nevertheless almost +identical in terms of operation. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/roles_module.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/roles_module.md new file mode 100644 index 0000000000..55a5e66583 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/roles_module.md @@ -0,0 +1,21 @@ +--- +title: "Roles module" +description: "Roles module" +sidebar_position: 40 +--- + +# Roles module + +The following functions are currently available in the **roles module:** + +- Add +- Delete +- Notifications +- Favourites +- Quick view +- Permissions +- User rights +- Print + +The Web Application module **roles** is based on the client module of the same name. Both modules +have a different scope and design but are almost identical to use. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/tag_system.md b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/tag_system.md new file mode 100644 index 0000000000..8facda3781 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/tag_system.md @@ -0,0 +1,13 @@ +--- +title: "Tag system" +description: "Tag system" +sidebar_position: 20 +--- + +# Tag system + +The tag system currently offers the following functions: + +- Add +- Delete +- Edit diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/_category_.json b/docs/passwordsecure/9.3/configuration/webapplication/operation/_category_.json new file mode 100644 index 0000000000..69b8feec7d --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Operation", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "operation" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/filter_or_structure_area.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/filter_or_structure_area.md new file mode 100644 index 0000000000..0a91f33e27 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/filter_or_structure_area.md @@ -0,0 +1,38 @@ +--- +title: "Filter or structure area" +description: "Filter or structure area" +sidebar_position: 30 +--- + +# Filter or structure area + +As is also the case on the client, it is possible to select between filter and structure. For this +purpose, the following buttons are available on the navigation bar + +![installation_with_parameters_169](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/filter_or_structure/installation_with_parameters_169.webp) + +1. Filter + +The filter on the Web Application is based on the +[Filter](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/filter/filter.md). Therefore, only those +characteristics specific to the Web Application will be described here. + +Using the filter + +Operation of the “Web Application filter” barely differs from the operation of the client filter. It +is only necessary to note that the Clear filter and Apply filter buttons can be found above the +filter. The configuration settings can also be found directly above the Web Application filter. + +Configuring the filter + +The configuration for the filter can be displayed via the following buttons: + +![installation_with_parameters_170](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/filter_or_structure/installation_with_parameters_170.webp) + +New filter groups can be added using **Add filter groups** and the current filter can be reset using +**Reset filter. Advanced mode** provides you with the possibility of deleting or moving individual +filter groups. The **Allow negation of filters** option can also be selected. + +2. Structure + +The structure can be operated in precisely the same way as on the client. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/footer.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/footer.md new file mode 100644 index 0000000000..2b82e0ff90 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/footer.md @@ -0,0 +1,38 @@ +--- +title: "Footer" +description: "Footer" +sidebar_position: 70 +--- + +# Footer + +The footer displays various different information about the currently selected record in multiple +tabs. It can be activated or deactivated using the small arrow on the far right. The footer is +hidden by default. + +![installation_with_parameters_178](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/footer/installation_with_parameters_178.webp) + +1. Notification area + +The notification area shows who last had access to the record. The users are displayed using +corresponding icons or their avatars. Clicking on the user will display their rights. + +2. Logbook + +You can view the last log entries about the record in the logbook tab. + +3. History + +The history can also be displayed via a corresponding tab. + +4. Documents + +The documents tab can be used to access all linked documents. + +5. Notifications + +This tab shows who has subscribed to receive notifications about the record. + +6. Password Resets + +The Password Resets that have been performed can also be listed. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/header.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/header.md new file mode 100644 index 0000000000..38e8066e14 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/header.md @@ -0,0 +1,44 @@ +--- +title: "Header" +description: "Header" +sidebar_position: 10 +--- + +# Header + +The header provides the following functions: + +![Header](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/header/installation_with_parameters_171-en_679x38.webp) + +1. Logo + +The logo acts as a home button. It always takes you back to the standard view. + +2. Display and hide filter + +As is also the case on the client, the filter or structure area can be displayed and hidden. + +3. Modules + +As is also the case on the client, modules like passwords, organisational structures, roles and +forms can be managed here. + +4. Quick search + +The quick search offers you the same functions as the quick search on the client. It searches in all +fields of the complete database except the password field. The tags are still searched. + +5. Quick search + +Upcoming tasks like export, import, print and so on are displayed here. + +6. Notifications + +here you will be informed about incoming notifications. The notification can also be called up by +clicking on it. + +7. Account + +The user who is currently logged in can be seen under account. You can log out by clicking on the +account. It is also possible to call up the settings in +[Account](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/account.md). diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/list_view.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/list_view.md new file mode 100644 index 0000000000..1420236c23 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/list_view.md @@ -0,0 +1,23 @@ +--- +title: "List view" +description: "List view" +sidebar_position: 50 +--- + +# List view + +## What is list view? + +The central element of the navigation in the Web Application is list view, which clearly presents +the filtered elements. As list view in the Web Application provides the same functions as list view +in the client, we refer you at this point to the +[List view](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/list_view.md) section. + +![installation_with_parameters_176](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/list_view/installation_with_parameters_176.webp) + +#### Special features + +The list view differs from that on the client in the following areas: + +- List view cannot be individually configured +- There are – as is usual in a browser – no context menus diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/menu.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/menu.md new file mode 100644 index 0000000000..b01fd05742 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/menu.md @@ -0,0 +1,93 @@ +--- +title: "Menu" +description: "Menu" +sidebar_position: 40 +--- + +# Menu + +## What is the menu? + +The ribbon on the client has been replaced by a menu on the Web Application. The menu thus +represents the central operating element on the Web Application. The functions available within the +menu are dynamic and are based on the currently available actions. Different actions are possible +depending on which view is currently being used. + +#### Menu bar + +The menu can take on two forms. In general, the **menu bar** containing the **most important +functions** is displayed. It will be described here using the example of the password module. + +![menu bar](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/menu_bar/installation_with_parameters_174-en.webp) + +1. Expand menu + +The size of the menu can be maximised using this button. + +2. New + +This option can be selected to call up the wizard for adding a new record. + +3. Open + +Displays the selected password and all of its details in the reading pane. + +4. Reveal + +Reveals the password. + +5. Permissions + +This button is used to configure the rights for the record. + +6. Password + +Copies the password to the clipboard. + +###### Advanced menu + +If the menu – as described above – is maximised, **all functions** are then available. The functions +on the menu bar are repeated here. The menu is divided into a number of sections. These correspond 1 +to 1 to the sections of the ribbon on the client. + +![Menu](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/menu_bar/installation_with_parameters_175-en.webp) + +In our example, the menu looks like this: + +1. New Item + +This section offers you more options for editing passwords. These include, for example, **Open** or +also **Delete**. + +2. Actions + +The actions can be used, for example, to mark the password as a Favourite or also to Duplicate it. + +3. Permissions + +This section does not offer any additional functions than simply opening the permissions. + +4. Clipboard + +This section can be used to copy all available fields to the clipboard. + +5. Start + +A website can be called up here. + +NOTE: As already described, the menu is dynamic and thus appears in a variety of different forms. +However, the basic function is always the same: The menu bar contains the basis functions, while the +advanced menu contains all functions. + +6. Extras + +All of the additional functions can be found here. These functions correspond to the main client and +will be described in the next section: + +[Passwords](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwords/passwords.md) + +7. Password Reset + +The functions of the +[Password Reset](/docs/passwordsecure/9.3/configuration/advancedview/clientmodule/passwordreset/password_reset.md) can be found +here. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/_category_.json b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/_category_.json new file mode 100644 index 0000000000..a2da549604 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Navigation bar", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "navigation_bar" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/navigation_bar.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/navigation_bar.md new file mode 100644 index 0000000000..14cb42bf61 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/navigation_bar.md @@ -0,0 +1,25 @@ +--- +title: "Navigation bar" +description: "Navigation bar" +sidebar_position: 20 +--- + +# Navigation bar + +The navigation bar provides the following functions. + +![navigation bar](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/installation_with_parameters_172-en_643x142.webp) + +1. Filter + +This function can be used to switch the view to the filter in the left section. You also have the +possibility to switch from filter to structure. + +2. Tabs + +The Tabs represent a secondary navigation function within the Web Application. For each action you +will do a new tab will be opend. + +Example + +![tab system](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/installation_with_parameters_173-en.webp) diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/settings_wc.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/settings_wc.md new file mode 100644 index 0000000000..c12b4acbc8 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/settings_wc.md @@ -0,0 +1,70 @@ +--- +title: "Settings" +description: "Settings" +sidebar_position: 20 +--- + +# Settings + +The settings are called up via the [Navigation bar](/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/navigation_bar.md). The following options are +available: + +#### Language + +You can select German or English here by simply clicking on them. The change is made immediately and +does not require you to restart the browser. + +#### Extras + +Seal management + +Here you have the possibility to manage templates for seals. + +Tag management + +The tag management allows you to manage the tags. + +Image management + +With the image management, you can manage your icons and logos easily and quickly. + +![image management](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/settings/installation_with_parameters_179-en.webp) + +#### Adding icons and logos + +By clicking on the **New** button, the input mask will open. + +![new image](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/settings/installation_with_parameters_180-en.webp) + +After filling in and uploading the icon/logo, the process only needs to be saved. + +![save new image](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/settings/installation_with_parameters_181-en.webp) + +Edit / Delete icons and logos + +If an icon and/or logo is outdated, you can edit or even delete the stored icons/logos. + +![manage image](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/settings/installation_with_parameters_182-en.webp) + +#### Settings + +The following options can be managed via this menu item: + +- Global user rights +- Global settings +- User settings + +The management of these settings is based on the client. Further information can be found under +global [User rights](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/userrights/user_rights.md) and +[User settings](/docs/passwordsecure/9.3/configuration/advancedview/mainmenufc/usersettings/user_settings.md) + +The following settings are not available on the Web Application: + +- Customizable window caption +- Permitted document extensions +- Clipboard gallery +- Category: Proxy + +Account + +Here it is possible to change the password of the logged in user. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/user_menu_wc.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/user_menu_wc.md new file mode 100644 index 0000000000..c9bc19ba0c --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/user_menu_wc.md @@ -0,0 +1,39 @@ +--- +title: "User menu" +description: "User menu" +sidebar_position: 10 +--- + +# User menu + +The user menu can be found in the upper right corner of the Web Application. A right click on the +logged in user opens it. + +#### Options in the user menu + +![bin_1](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/navigation_bar/user_menu/bin_1.webp) + +Settings + +All possible settings can be viewed in the following chapter settings. + +Bin + +In the bin you can manage your deleted passwords. + +Help + +A click on help takes you directly to the Netwrix Password Secure documentation page. + +Switch to Basic view + +What the Basic view is able to do in the web view can be inspected here. + +Lock + +This locks the user who is currently logged in and only needs to enter his password to use the web +client again. + +Log out + +The logged in user is logged out. All relevant information is now required to log on again. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/operation.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/operation.md new file mode 100644 index 0000000000..ced8d40187 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/operation.md @@ -0,0 +1,85 @@ +--- +title: "Operation" +description: "Operation" +sidebar_position: 20 +--- + +# Operation + +Operation of the Web Application has been based as far as possible on the operation of the Netwrix +Password Secure client. Nevertheless, there are some differences that need to be noted and they are +described here. + +NOTE: There is also a Basic view in the Web Application. Everything worth knowing can be found at +the following link: web view Basic view + +#### Login + +There is no database profile on the Web Application. All databases approved for the Web Application +will be made available. The following information needs to be entered to log in: + +Database name + +User name + +Password + +![Login WebClient](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/installation_with_parameters_167-en.webp) + +After successfully logging in, the last database name used and the last registered user will be +saved. You thus only need to enter the password for the next login. + +#### Transferring login data via the URL + +The **database name** and **user name** can be transferred directly via the URL. The following +parameters are used here: + +- **database** for transferring the database nam +- **username** for transferring the user name + +The parameters are simply attached to the URL for the Web Application and separated from one another +with a **&**. + +Example + +You want to call up the Web Application under **https://psr_Web Application.firma.com.** In the +process, you want the login mask to be directly filled with the database **Passwords** and the user +name **Anderson**. The following URL is then used: **https://psr_Web +Application.firma.com/authentication/ login?database=Passwords&username=Anderson** + +NOTE: It is possible to only transfer the database. The user name is not absolutely necessary. + +#### Structure + +The Web Application is split into a number of sections that are described below. + +![Operation](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/installation_with_parameters_168-en.webp) + +1. [Header](/docs/passwordsecure/9.3/configuration/webapplication/operation/header.md) + +The header provides access to some essential functions. + +2. [Navigation bar](/docs/passwordsecure/9.3/configuration/webapplication/operation/navigationbar/navigation_bar.md) + +It is possible to switch between module and filter view on the navigation bar. + +3. [Filter or structure area](/docs/passwordsecure/9.3/configuration/webapplication/operation/filter_or_structure_area.md) + +As is also the case on the client, it is possible to select between filter and structure. + +4. [Menu](/docs/passwordsecure/9.3/configuration/webapplication/operation/menu.md) + +The ribbon on the client has been replaced by a menu bar on the Web Application. + +5. [List view](/docs/passwordsecure/9.3/configuration/webapplication/operation/list_view.md) + +The records currently selected using the filter can be viewed in list view. + +6. [Reading pane](/docs/passwordsecure/9.3/configuration/webapplication/operation/reading_pane_webclient.md) + +The reading pane shows you details about the relevantly selected element. + +7. [Footer](/docs/passwordsecure/9.3/configuration/webapplication/operation/footer.md) + +Various information about the record is displayed in the footer. For example, logbook entries or the +history. diff --git a/docs/passwordsecure/9.3/configuration/webapplication/operation/reading_pane_webclient.md b/docs/passwordsecure/9.3/configuration/webapplication/operation/reading_pane_webclient.md new file mode 100644 index 0000000000..2afabe6ccc --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/operation/reading_pane_webclient.md @@ -0,0 +1,21 @@ +--- +title: "Reading pane" +description: "Reading pane" +sidebar_position: 60 +--- + +# Reading pane + +## What is the reading pane? + +As with the list view, the reading pane on the Web Application is almost identical to that on the +client. Therefore, we also refer you here to the corresponding +[Reading pane](/docs/passwordsecure/9.3/configuration/advancedview/operationandsetup/reading_pane.md) section. + +![reading_pane](/images/passwordsecure/9.2/configuration/web_applicaiton/operation/reading_pane/reading_pane.webp) + +Various information is displayed on the header – as is the case with the client. For example, the +tags for the records or information on whether the record is public or private. Password masking is +also symbolised here. + +NOTE: There are – as is usual in a browser – no context menus diff --git a/docs/passwordsecure/9.3/configuration/webapplication/problems_with_the_server_connection.md b/docs/passwordsecure/9.3/configuration/webapplication/problems_with_the_server_connection.md new file mode 100644 index 0000000000..1e865a1aa2 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/problems_with_the_server_connection.md @@ -0,0 +1,27 @@ +--- +title: "Problems with the server connection" +description: "Problems with the server connection" +sidebar_position: 40 +--- + +# Problems with the server connection + +If no connection can be established from the Web Application, there are several possible causes: + +Server not started + +First, you should check whether the application server is running. + +Service not started + +The Windows service administration should be used to check whether the **Netwrix Password Secure +Service** has been started. + +Port not released + +Port 11016 TCP must be released on the application server. + +CORS not configured + +Make sure that the CORS configuration has been implemented. Further information can be found in +chapter Installation Web Application diff --git a/docs/passwordsecure/9.3/configuration/webapplication/web_application.md b/docs/passwordsecure/9.3/configuration/webapplication/web_application.md new file mode 100644 index 0000000000..388c0fcc04 --- /dev/null +++ b/docs/passwordsecure/9.3/configuration/webapplication/web_application.md @@ -0,0 +1,28 @@ +--- +title: "Web Application" +description: "Web Application" +sidebar_position: 40 +--- + +# Web Application + +## What is the Web Application + +The previous WebAccess function has been replaced by the **Web Application” in Netwrix Password +Secure version** **8.3.0. The completely newly developed \*Web Application** will act as the basis +for the constant enhancement of the functional scope. The desired objective is to also provide the +full functional scope of the client in the Web Application. The **Web Application** will thus be +constantly enhanced. All of the currently available functions can be viewed in the +[Functional scope](/docs/passwordsecure/9.3/configuration/webapplication/functionalscope/functional_scope.md) section. + +![WebClient](/images/passwordsecure/9.2/configuration/web_applicaiton/installation_with_parameters_159.webp) + +**Netwrix Password Secure Web Application** enables platform-independent access to the database via +a browser. It is irrelevant whether you are using Microsoft Windows, macOS or Linux, it is only +necessary for javascript to be supported. As the **Netwrix Password Secure Web Application** has a +responsive design, it can also be used on all mobile devices such as tablets and smartphones. + +The **Web Application** is based both optically and also in its operation on the Netwrix Password +Secure client. As usual, users can only access the data for which they also have permissions. The +installation is described in the section +[Installation Web Application](/docs/passwordsecure/9.3/installation/installationwebapplication/installation_web_application.md) diff --git a/docs/passwordsecure/9.3/enduser/_category_.json b/docs/passwordsecure/9.3/enduser/_category_.json new file mode 100644 index 0000000000..47348ad344 --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Getting Started for End Users", + "position": 70, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "overview" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/enduser/advancedview.md b/docs/passwordsecure/9.3/enduser/advancedview.md new file mode 100644 index 0000000000..4a2f16458c --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/advancedview.md @@ -0,0 +1,20 @@ +--- +title: "Outlook: Advanced View" +description: "Outlook: Advanced View" +sidebar_position: 50 +--- + +# Outlook: Advanced View + +Curious about how you can manage your team in Netwrix Password Secure? + +Learn more about how to … + +- Share passwords masked / only for a limited time (i.e. with working students or interns) +- Separately authorize the disclosure of passwords +- View the password quality and monitor all actions in your team +- View the reasons given by your team members for revealing passwords in plain text +- And much more! + +Simply contact your IT department for further information on the advanced view of Netwrix Password +Secure. diff --git a/docs/passwordsecure/9.3/enduser/browserextension.md b/docs/passwordsecure/9.3/enduser/browserextension.md new file mode 100644 index 0000000000..69c596e1b5 --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/browserextension.md @@ -0,0 +1,49 @@ +--- +title: "Get the Browser Extension" +description: "Get the Browser Extension" +sidebar_position: 10 +--- + +# Get the Browser Extension + +First, Netwrix Password Secure is designed to make and keep your passwords more secure. But this +also means that managing - and logging in with them - is easier and saves time! That's why you need +the browser extension to save yourself the hassle of typing in passwords in future and to be logged +in to all your website accesses with just one click! + +Step 1 – Is your browser extension already installed? You can find out by: + +- Looking for this icon next to the URL input field in your browser. See the icon in the top bar of + the screenshot below. +- Opening the Password Secure Web App, logging in and scrolling down: If not installed yet, you can + find the download link in the footer. See the Download Edge Extension link in the bottom center of + the screenshot below. + +![downloadextension](/images/passwordsecure/9.2/enduser/downloadextension.webp) + +NOTE: If you need more information about installing the browser extension, please visit the +following topic in our documentation: +[Installation Browser Extension](https://helpcenter.netwrix.com/bundle/PasswordSecure_9.0/page/Content/PasswordSecure/Installation/Browser/Installation_Browser_Add-on.htm) + +Step 2 – After downloading, the browser extension is simply dragged and dropped into the browser. +See the Get button in the upper-right section of the screenshot below. + +![getextension](/images/passwordsecure/9.2/enduser/getextension.webp) + +Step 3 – After confirming a security question, it is installed, and an icon appears in the menu bar +to "add the extension". + +![addextension](/images/passwordsecure/9.2/enduser/addextension.webp) + +Step 4 – Please open or reload the web application of Netwrix Password Secure (see link in email +from your administrator) to connect your user profile with the extension. See the lock icon in the +screenshot below. + +![extensionadded](/images/passwordsecure/9.2/enduser/extensionadded.webp) + +Step 5 – Now click on this icon in your browser to open the browser extension. See the Adopt Select +**Adopt Web Application profile**. Done! + +![nodatabaseprofile](/images/passwordsecure/9.2/enduser/nodatabaseprofile.webp) + +RECOMMENDED: If not done yet, bookmark this page to have it quickly at hand! diff --git a/docs/passwordsecure/9.3/enduser/cleanuppasswords.md b/docs/passwordsecure/9.3/enduser/cleanuppasswords.md new file mode 100644 index 0000000000..f97813b05b --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/cleanuppasswords.md @@ -0,0 +1,84 @@ +--- +title: "Clean up Your Passwords" +description: "Clean up Your Passwords" +sidebar_position: 20 +--- + +# Clean up Your Passwords + +For a clean relocation of passwords, it is important to clean up all your passwords beforehand. This +means to check which secrets are still up-to-date or if there are any duplicates you can remove +first! + +## Transer Data from Your Browser + +With Netwrix Password Secure, you now have the right tool to save and manage all your secrets handy +at one place and above all a safe alternative to browser-saved passwords! But how can you now +securely import them to your new solution? + +Simply do this: + +Step 1 – Every time you login to a website now and your browser wants to autofill, this Password +Secure Pop-up will appear, asking you if you would like to save your secret in Netwrix Password +Secure. Just click **Create new**. See the screenshot below. + +![createnew](/images/passwordsecure/9.2/enduser/createnew.webp) + +Step 2 – Now the Web Application will open and automatically transfer the recognized login data, +including URL to a new data set. + +![createpassword](/images/passwordsecure/9.2/enduser/createpassword.webp) + +Step 3 – Choose an organizational unit in which you want to save it and give your new data set a +meaningful name to find it again quickly. (You now also have the option to add further information +and tags.) Now click **Save**. See the box to the right of Organizational unit in the screenshot +above. + +## Check for Weak Passwords + +Your passwords do not automatically become secure after they have been transferred to Netwrix +Password Secure. No matter how well protected a password is - if it is easy for a hacker to guess, +they don't need access to the password manager to use it. This is why our solution automatically +checks the strength of your password and much more. + +Step 1 – Paste your password in the password field. See the box to the right of the Password field +in the screenshot below. + +![passwordfield](/images/passwordsecure/9.2/enduser/passwordfield.webp) + +Step 2 – If it is not classified as "strong" (green), we strongly recommend using the integrated +password generator to assign a new, secure password: Therefore, just click on the white password +generator icon to the right of the password field. See the Strong button in the screenshot above. + +Step 3 – The password generator will open. A secure password is created automatically just click +“Apply”. (Learn more about the possibilities of our password manager in the next chapter.) + +![passwordgenerator](/images/passwordsecure/9.2/enduser/passwordgenerator.webp) + +Step 4 – Now don't forget to replace your password in the target application as well. + +**Great side effect!** The access data stored in your browser is no longer up to date and therefore +no longer a danger! You should also think about deleting these passwords from your browser +permanently. + +## Create Strong Passwords + +The password generator offers three possibilities to create a secure password. To open it, click on +“Create password” and then on the password generator icon right to the password field. + +Step 1 – Create a user defined password which gives you the most options such as including and +excluding special characters or defining the length of the password. + +![userdefined](/images/passwordsecure/9.2/enduser/userdefined.webp) + +Step 2 – Create a phonetic password that is easier to pronounce, but still complex. + +![phonetic](/images/passwordsecure/9.2/enduser/phonetic.webp) + +NOTE: This option is best suited for passwords that must be read and typed in, such as operating +machines without an internet connection. + +Step 3 – Create a password according to a set password rule in your company: If your IT has already +stored password guidelines for you, you can select them here and simply click on apply. + +![rule](/images/passwordsecure/9.2/enduser/rule.webp) diff --git a/docs/passwordsecure/9.3/enduser/createnewentry.md b/docs/passwordsecure/9.3/enduser/createnewentry.md new file mode 100644 index 0000000000..0773246a8e --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/createnewentry.md @@ -0,0 +1,57 @@ +--- +title: "Create a New Entry from Scratch" +description: "Create a New Entry from Scratch" +sidebar_position: 30 +--- + +# Create a New Entry from Scratch + +Follow the steps to create a new entry from scratch. + +Step 1 – First, click _Create new password_ on the upper left in Netwrix Password Secure. + +![createnewpassword](/images/passwordsecure/9.2/enduser/createnewpassword.webp) + +Step 2 – A form will open. Now choose the form you need, such as "Website," on the upper right. See +the form drop-down list in the screenshot below. + +![selectform](/images/passwordsecure/9.2/enduser/selectform.webp) + +Step 3 – Let`s fill out the website form in this example. + +- Choose the organization unit you want to save the password in like the department. + +![selectou](/images/passwordsecure/9.2/enduser/selectou.webp) + +- Choose a permission template to define who else can see your password. + +![permissionstemplate](/images/passwordsecure/9.2/enduser/permissionstemplate.webp) + +- Set a description for your stored password. + +![description](/images/passwordsecure/9.2/enduser/description.webp) + +- Enter the username or email address needed for login. + +![username](/images/passwordsecure/9.2/enduser/username.webp) + +- Enter the password manually or use the password generator by clicking on the button in the middle + (high number). The password generator will open. + +NOTE: To learn more about the generating of passwords, see the +[Clean up Your Passwords](/docs/passwordsecure/9.3/enduser/cleanuppasswords.md) topic for additional information. + +![password](/images/passwordsecure/9.2/enduser/password.webp) + +NOTE: By clicking on the **lock icon** right to the password generator, you can mask and unmask your +password. + +- Enter the website URL that leads to the login. + +![websiteurl](/images/passwordsecure/9.2/enduser/websiteurl.webp) + +- Add one or more tags to categorize your password and find it easier (i.e., "HR" or "Internet"). + +![tags](/images/passwordsecure/9.2/enduser/tags.webp) + +Step 4 – Click **Save**, and you are done! diff --git a/docs/passwordsecure/9.3/enduser/organizepasswords.md b/docs/passwordsecure/9.3/enduser/organizepasswords.md new file mode 100644 index 0000000000..e8efc70ae4 --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/organizepasswords.md @@ -0,0 +1,71 @@ +--- +title: "Organize Your Passwords" +description: "Organize Your Passwords" +sidebar_position: 40 +--- + +# Organize Your Passwords + +## Add a Team Tab + +The tab system is used to structure all your passwords: Tabs help you to make them easier to manage +and find. You can create several tabs and switch between them within one click. + +Follow the steps to add a team tab. + +Step 1 – Click on the **Plus** sign and a form will open. + +![newform](/images/passwordsecure/9.2/enduser/newform.webp) + +Step 2 – You can now search for a specific organizational unit by clicking on the tree on the left +or use the search field to find the unit you need. + +![search](/images/passwordsecure/9.2/enduser/search.webp) + +Step 3 – Click **OK** to close the form and your new team tab will open automatically. + +## Search with Tags + +With a growing number of managed passwords, it becomes even more important to maintain a structure +and overview. Therefore, Netwrix Password Secure works with tags instead of a folder system: You can +assign any number of tags to your passwords to categorize and find them again quickly. + +![assigntags](/images/passwordsecure/9.2/enduser/assigntags.webp) + +To find a password, just use the search field and enter a tag like the department or position you +are in (i.e., "Marketing"). Netwrix Password Secure now not only is searching for tags, but also for +“Marketing” in all Netwrix Password Secure fields (i.e., Content Marketing). + +![searchresults](/images/passwordsecure/9.2/enduser/searchresults.webp) + +NOTE: Optimize your search results by using the **minus sign (-)** to exclude terms: Only results in +which this word does not appear will be displayed (i.e., all social media accounts that are used +outside of marketing = "-social media marketing"). + +## Choose Your View + +Netwrix Password Secure offers two different views - the list and tile view. Just **switch the +button** on the upper right to change views! + +List View + +The screenshot below shows the list view. + +![listview](/images/passwordsecure/9.2/enduser/listview.webp) + +Tile View + +The screenshot below shows the title view. + +![switchbutton](/images/passwordsecure/9.2/enduser/switchbutton.webp) + +When in **tile view**, you can also drag and drop the buttons on another position. By hovering over +them with the mouse, you will see more information like the username, and you can login with one +click. + +![titleview](/images/passwordsecure/9.2/enduser/titleview.webp) + +NOTE: The **list view** is suitable for many data sets while the tile view is particularly favorable +for the most frequently used secrets. + +RECOMMENDED: Use the list view for all shared secrets and the tile view for personal accounts. diff --git a/docs/passwordsecure/9.3/enduser/overview.md b/docs/passwordsecure/9.3/enduser/overview.md new file mode 100644 index 0000000000..0c153f6537 --- /dev/null +++ b/docs/passwordsecure/9.3/enduser/overview.md @@ -0,0 +1,24 @@ +--- +title: "Getting Started for End Users" +description: "Getting Started for End Users" +sidebar_position: 70 +--- + +# Getting Started for End Users + +It is time to set up your new password management solution Netwrix Password Secure! The process +won't take too long, but you should allow yourself a little time to get to know the product. As when +it comes to your IT security, it's important to make sure you get it right. Below is a step-by-step +guide to setting up a password manager and leading you through the first few steps. + +## How to Log In + +Where can I find my username and password? + +You can find your login data in the email provided by your administrator. This email also contains +the following information: + +- Link to the Netwrix Password Secure Web Application +- How to login +- Information about your browser extension +- Bookmark of Netwrix Password Secure diff --git a/docs/passwordsecure/9.3/faq/_category_.json b/docs/passwordsecure/9.3/faq/_category_.json new file mode 100644 index 0000000000..0c7ff6cade --- /dev/null +++ b/docs/passwordsecure/9.3/faq/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "FAQ", + "position": 60, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/faq/security/_category_.json b/docs/passwordsecure/9.3/faq/security/_category_.json new file mode 100644 index 0000000000..1a38cad5e6 --- /dev/null +++ b/docs/passwordsecure/9.3/faq/security/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "Security", + "position": 10, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/faq/security/encryption.md b/docs/passwordsecure/9.3/faq/security/encryption.md new file mode 100644 index 0000000000..06ec693fb1 --- /dev/null +++ b/docs/passwordsecure/9.3/faq/security/encryption.md @@ -0,0 +1,43 @@ +--- +title: "Encryption" +description: "Encryption" +sidebar_position: 10 +--- + +# Encryption + +## Used Algorithms + +Safety has always been one of the most basic considerations when designing software. All other +requirements were assessed according to how safe they were. Parallel to the development phase, the +theoretical concepts of external security companies were examined in terms of feasibility, as well +as compliance with IT security standards. Prototypes have been ultimately developed on the basis of +these findings, which form the blueprint for the current Netwrix Password Secure version 9. The +following encryption techniques and algorithms are currently in use: + +- AES-GCM 256 +- PBKDF2 with 623,420 SHA256 iterations (client- and server-side) for the creation of user hashes +- PBKDF2 with 610,005 SHA256 iterations for the encryption of the user keys +- ECC (with the "NIST P-521" curve) for the private-public key procedure + +NOTE: All encryption algorithms used by Netwrix Password Secure are FIPS compliant. + +## Applied cryptographic procedures + +Applied cryptographic procedures The container encryption of the passwords is based on the +aforementioned algorithms. Each container has its own randomly generated salt. Each password, user, +and role has its own key pair. When releases are granted for users and roles, the passwords within +the database are hierarchically encrypted. Netwrix Password Secure also uses the following +cryptographic methods to achieve maximum security: + +To integrate an AD, you can choose between an end-to-end encryption (E2EE – the safest mode) and the +Master Key The server key is protected using the hardware security module (HSM) via PKCS#11 Brute +force protection for logging in by means of automatic blocking of the requesting client Certificate +protection when using applications Certificate request for client/server connection You may use your +own certificate authority (CA) as an option. Latest version of the Secure Sockets Layer (SSL) +Passwords are only encrypted and transported to the client when they have been explicitly requested +in advance. More… + +**CAUTION:** Only secrets are encrypted. Metadata is not encrypted to ensure search speed. Secrets +are usually passwords. However, the customer can decide what kind of data they are. Note that +Secrets cannot be searched for. diff --git a/docs/passwordsecure/9.3/faq/security/high_availability.md b/docs/passwordsecure/9.3/faq/security/high_availability.md new file mode 100644 index 0000000000..1b3ad7ffad --- /dev/null +++ b/docs/passwordsecure/9.3/faq/security/high_availability.md @@ -0,0 +1,43 @@ +--- +title: "High availability" +description: "High availability" +sidebar_position: 30 +--- + +# High availability + +## What is high availability? + +High availability is designed to guarantee the further operation of Netwrix Password Secure in the +event of damage. A series of requirements need to be met in advance in order to use this feature + +**CAUTION:** As the configuration of high availability is complex, it is (generally) implemented +during a consultation. If you are interested in this feature, please contact us directly or contact +your responsible partner. + +#### Requirements + +The following points should be observed during the configuration. + +- It is essential that MSSQL Enterprise Version is used for replicating the database (even in the + case of a replication across multiple locations) +- To achieve a better level of protection, we recommend operating the Netwrix Password Secure + database on its own cluster +- A Netwrix Password Secure application server needs to be licensed for each location. Every + application server has its own configuration database. + +Load balancer + +- To reduce the load on the server, a load balancer can be installed upstream of the application + server +- If no load balancer is used, the distribution of the database profiles for the users is generally + carried out via the registry + +If a database is set up at ”location A” including an AD profile, the certificate needs to exported +there and then imported onto the server at “location B”. The database is replicated using MSSQL +technology and can be integrated as an existing database into Netwrix Password Secure at “location +B”. If the application server at “location A” fails, the server in the registry needs to be replaced +(location B) and rolled out again to users using group rules (GPO). + +NOTE: Only peer-to-peer transaction replication is tested. If a different type of replication is +used, it should be tested in advance. diff --git a/docs/passwordsecure/9.3/faq/security/penetration_tests.md b/docs/passwordsecure/9.3/faq/security/penetration_tests.md new file mode 100644 index 0000000000..bc05ed4133 --- /dev/null +++ b/docs/passwordsecure/9.3/faq/security/penetration_tests.md @@ -0,0 +1,23 @@ +--- +title: "Penetration tests" +description: "Penetration tests" +sidebar_position: 20 +--- + +# Penetration tests + +## External Penetration tests + +The high security standards of Netwrix Password Secure are regularly attested by external pentests +of different providers. New functions in particular are always subjected to penetration tests in +order to have them thoroughly checked before release. The resulting findings enable us to detect and +eliminate potential vulnerabilities in advance. + +## Why we test regularly? + +In pentesting, external and certified security auditors look specifically for security gaps and +weaknesses in the software that an attacker could exploit. Attack scenarios are simulated on the +client side, the source code is checked and the quality of the cryptographic process is assessed. In +this way, the security of Netwrix Password Secure and the data stored in it is tested in advance in +order to be able to offer our customers effective protection and minimize the risk of success of an +attack. diff --git a/docs/passwordsecure/9.3/index.md b/docs/passwordsecure/9.3/index.md new file mode 100644 index 0000000000..f25fed5e95 --- /dev/null +++ b/docs/passwordsecure/9.3/index.md @@ -0,0 +1,25 @@ +--- +title: "Why Netwrix Password Secure?" +description: "Why Netwrix Password Secure?" +sidebar_position: 1 +--- + +# Why Netwrix Password Secure? + +## Users depend on passwords + +Now more than ever in their day-to-day business worldwide. They are used constantly and everywhere, +and they need to be professionally managed. Passwords should be safe, have at least 12 characters, +including uppercase and lowercase as well as special characters. In the best case, a separate access +password should be used for each account. It should be changed regularly. It is hard enough to meet +this challenge in private settings. In a large corporate environment, you wouldn’t be able to +adequately manage this task without the use of a professional password management tool. + +## Scalability + +The scalability of Netwrix Netwrix Password Secure (NPS) makes it suitable for use in SMEs, large +companies, and global corporations. The flexibility required for this task is the driving factor +behind our development to meet the ever-changing requirements of modern and safety-conscious +companies. NPS is the perfect software solution for companies that wish to effectively manage +security-relevant data such as passwords, documents, or certificates at a very high encryption +level. diff --git a/docs/passwordsecure/9.3/installation/_category_.json b/docs/passwordsecure/9.3/installation/_category_.json new file mode 100644 index 0000000000..64ab617b78 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Installation", + "position": 20, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "installation" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/installation/installation.md b/docs/passwordsecure/9.3/installation/installation.md new file mode 100644 index 0000000000..7250488faa --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installation.md @@ -0,0 +1,79 @@ +--- +title: "Installation" +description: "Installation" +sidebar_position: 20 +--- + +# Installation + +The following pages will provide you with all the information how to install the different Netwrix +Password Secure components. + +## System landscape + +The following overview presents a basic production Netwrix Password Secure system landscape. Version +9 allows the use of several database servers across all sites. These are then synchronized using +Microsoft SQL server tools. Any number of application servers can be made available for the client +connection. This ensures load distribution, and allows work without significant latency. This +technology offers enormous performance advantages, particularly in the case of installations that +are spread across worldwide locations. + +## Client (presentation layer) + +The client layer handles the representation of all data and functions, which are provided by the +application server. + +## Application server (business logic) + +The application server is entirely responsible for the control of the business logic. This server +only ever delivers the data for which the corresponding permissions are available. The multi-tier +architecture described at the beginning allows the use of several application servers and ensures +efficient load distribution. + +## Database server (data storage) + +Netwrix Password Secure uses Microsoft SQL Server to store data due to its widespread use, and its +ability to ensure high-performance access even in large and geographically scattered environments. +Smaller installations may also use the free SQL Express version. + +## Conclusion + +At least three servers are thus recommended: + +- Database server (MSSQL) +- Application server (Netwrix Password Secure services) +- Web server (IIS, NginX, Apache 2) + +**CAUTION:** For databases in a production system, we recommend using a fail-safe cluster. Microsoft +SQL Server can replicate the data to a different data centre, e.g via WAN. We also recommend +providing a Windows server for each function. Separating the systems makes it easier to expand and +scale the system landscape at a later point. However, it is not absolutely necessary to separate the +systems. Accordingly, all of the components can also be installed on one server in the case of +smaller installations or test environments. + +### Firewall rules / Ports + +## MSSQL Server + +- Port 1433 TCP for communication with application server (incoming) + +### Application server + +- Port 443 HTTPS for connection to the Netwrix Password Secure license server (outgoing) +- Port 11011 TCP for communication with clients or web server IIS (incoming) +- Port 11014 TCP for the backup service (usually does not need to be unlocked) +- Port 11016 TCP for the Web services (incoming; only when using the Web Application) +- Port 11018 TCP for real-time update (incoming) +- Port 1433 TCP for communication with SQL Server (outgoing) + +### Webserver (Web Application) + +- Port 443 HTTPS to access the webserver from the client (incoming) +- Port 11016 for communication to the application server (outgoing) +- Port 11018 for the real-time update (outgoing) + +### Client + +- Port 11011 TCP for communication with the application server (outgoing) +- Port 11018 TCP (outgoing) +- Port 52120 TCP with the add-on (outgoing) diff --git a/docs/passwordsecure/9.3/installation/installation_server_manager.md b/docs/passwordsecure/9.3/installation/installation_server_manager.md new file mode 100644 index 0000000000..25d3710668 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installation_server_manager.md @@ -0,0 +1,40 @@ +--- +title: "Installation Server Manager" +description: "Installation Server Manager" +sidebar_position: 20 +--- + +# Installation Server Manager + +## Guide + +The MSI installation files and the associated +[Application server](/docs/passwordsecure/9.3/installation/requirements/application_server.md) can be found in the corresponding +sections. The following step-by-step guide will accompany you through the wizards. + +![Password Secure Server Setup](/images/passwordsecure/9.2/installation/installation_server_manager/installation-admin-client-1-en.webp) + +First you are required to read and accept the license terms. These can also be printed. + +![Password Secure Server Setup](/images/passwordsecure/9.2/installation/installation_server_manager/installation-admin-client-2-en.webp) + +The next step is to define the location. The suggested location can be retained. + +![Password Secure Server Setup](/images/passwordsecure/9.2/installation/installation_server_manager/installation-admin-client-3-en.webp) + +Start the installation. + +![Password Secure Server Setup](/images/passwordsecure/9.2/installation/installation_server_manager/installation-admin-client-4-en.webp) + +The last step closes the setup and opens (if desired) the Server Manager. + +![Password Secure Server Setup](/images/passwordsecure/9.2/installation/installation_server_manager/installation-admin-client-5-en.webp) + +## Authentication + +After the installation, you can login directly to the Server Manager. + +![Server Authentication](/images/passwordsecure/9.2/installation/installation_server_manager/server-auth-en.webp) + +NOTE: The initial password for the first login is “admin”. It should be changed directly after the +logon. diff --git a/docs/passwordsecure/9.3/installation/installationbrowseraddon/_category_.json b/docs/passwordsecure/9.3/installation/installationbrowseraddon/_category_.json new file mode 100644 index 0000000000..e654bf472d --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationbrowseraddon/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Installation Browser Extension", + "position": 50, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "installation_browser_add-on" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/installation/installationbrowseraddon/google_chrome.md b/docs/passwordsecure/9.3/installation/installationbrowseraddon/google_chrome.md new file mode 100644 index 0000000000..277b83e401 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationbrowseraddon/google_chrome.md @@ -0,0 +1,24 @@ +--- +title: "Google Chrome" +description: "Google Chrome" +sidebar_position: 10 +--- + +# Google Chrome + +## Installing the add-on + +The installation of the Google Chrome Add-on is done directly from the Google Store. You can access +it via the following link: +[Add-on for Google Chrome](https://chrome.google.com/webstore/detail/netwrix-password-secure/bpjfchmapbmjeklgmlkabfepflgfckip). + +Alternatively, you can also access the Google Store via the Autofill Add-on. To do this, right-click +the icon to open the context menu. After a further click on Install Browser Extensions the Google +Chrome Add-on can be selected, whereupon you will be redirected directly to the Google Store. + +The installation is started via Add. + +The add-on is now installed and the icon is added to the browser. + +NOTE: It is also possible to find the Add-on link in the Web Application page footer, if it is not +installed yet. diff --git a/docs/passwordsecure/9.3/installation/installationbrowseraddon/installation_browser_add-on.md b/docs/passwordsecure/9.3/installation/installationbrowseraddon/installation_browser_add-on.md new file mode 100644 index 0000000000..7cdf1f2a39 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationbrowseraddon/installation_browser_add-on.md @@ -0,0 +1,14 @@ +--- +title: "Installation Browser Extension" +description: "Installation Browser Extension" +sidebar_position: 50 +--- + +# Installation Browser Extension + +Following browser extensions can be installed:  + +- [Google Chrome](/docs/passwordsecure/9.3/installation/installationbrowseraddon/google_chrome.md) +- [Microsoft Edge](/docs/passwordsecure/9.3/installation/installationbrowseraddon/microsoft_edge.md) +- [Mozilla Firefox](/docs/passwordsecure/9.3/installation/installationbrowseraddon/mozilla_firefox.md) +- [Safari](/docs/passwordsecure/9.3/installation/installationbrowseraddon/safari.md) diff --git a/docs/passwordsecure/9.3/installation/installationbrowseraddon/microsoft_edge.md b/docs/passwordsecure/9.3/installation/installationbrowseraddon/microsoft_edge.md new file mode 100644 index 0000000000..8b6534686f --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationbrowseraddon/microsoft_edge.md @@ -0,0 +1,18 @@ +--- +title: "Microsoft Edge" +description: "Microsoft Edge" +sidebar_position: 20 +--- + +# Microsoft Edge + +## Installing the add-on + +The installation of the Edge Add-on is done directly from the official Store. The Edge Add-on can be +downloaded from the following link: +[Add-on for Edge](https://microsoftedge.microsoft.com/addons/detail/netwrix-password-secure/ahdfobpkkckhdhbmnpjehdkepaddfhek). + +![Add-on Edge](/images/passwordsecure/9.2/installation/browser/addon-edge-en.webp) + +NOTE: It is also possible to find the Add-on link in the Web Application page footer, if it is not +installed yet diff --git a/docs/passwordsecure/9.3/installation/installationbrowseraddon/mozilla_firefox.md b/docs/passwordsecure/9.3/installation/installationbrowseraddon/mozilla_firefox.md new file mode 100644 index 0000000000..f42bc00077 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationbrowseraddon/mozilla_firefox.md @@ -0,0 +1,20 @@ +--- +title: "Mozilla Firefox" +description: "Mozilla Firefox" +sidebar_position: 30 +--- + +# Mozilla Firefox + +## Installing the add-on + +The installation of the Firefox Add-on is done directly from the official Store. The Firefox Add-on +can be downloaded from the following link: +[Add-on firefox](https://addons.mozilla.org/en-US/firefox/addon/password-safe-browser-add-on/). + +After the download, the add-on is simply dragged and dropped into the browser. + +After confirming a security question, it is installed and an icon is created in the menu bar. + +NOTE: It is also possible to find the Add-on link in the Web Application page footer, if it is not +installed yet diff --git a/docs/passwordsecure/9.3/installation/installationbrowseraddon/safari.md b/docs/passwordsecure/9.3/installation/installationbrowseraddon/safari.md new file mode 100644 index 0000000000..1c91616943 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationbrowseraddon/safari.md @@ -0,0 +1,15 @@ +--- +title: "Safari" +description: "Safari" +sidebar_position: 40 +--- + +# Safari + +## Installing the add-on + +The Safari Add-on can be downloaded from the following link: +[Add-on Safari](https://download.passwordsafe.de/v9/Netwrix_Password_Secure-9.0.3.dmg). + +To install it, simply double-click on the downloaded file. A window will open where you then only +need to drag and drop the Netwrix Password Secure logo onto the applications. diff --git a/docs/passwordsecure/9.3/installation/installationclient/_category_.json b/docs/passwordsecure/9.3/installation/installationclient/_category_.json new file mode 100644 index 0000000000..81712fa0bb --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationclient/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Installation Client", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "installation_client" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/installation/installationclient/installation_client.md b/docs/passwordsecure/9.3/installation/installationclient/installation_client.md new file mode 100644 index 0000000000..f732f49d5b --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationclient/installation_client.md @@ -0,0 +1,100 @@ +--- +title: "Installation Client" +description: "Installation Client" +sidebar_position: 30 +--- + +# Installation Client + +## Guide + +The MSI installation files and the associated +[Client configuration](/docs/passwordsecure/9.3/installation/requirements/client_configuration.md) can be found in the corresponding +sections. The following step-by-step guide will accompany you through the wizards. + +![installation wizard page 1](/images/passwordsecure/9.2/installation/installation_client/installation-client-1-en.webp) + +You are required to read and accept the terms of service. These can also be printed. + +The next step is to define the location of the client. The suggested location can be retained.You +can also define whether additional components should be installed. + +**CAUTION:** Please only install the Terminal Server Service (for Autofill Add-on) if terminal +server operation is intended! + +![installation wizard page 2](/images/passwordsecure/9.2/installation/installation_client/installation-client-3-en.webp) + +The actual installation starts in the next step. + +![installation wizard page 3](/images/passwordsecure/9.2/installation/installation_client/installation-client-4-en_339x265.webp) + +The last step closes the setup and opens (if desired) the Client. + +![installation wizard page 4](/images/passwordsecure/9.2/installation/installation_client/installation-client-5-en.webp) + +## Installed applications + +There are always several applications installed. + +![client icon](/images/passwordsecure/9.2/installation/installation_client/cllient-en.webp) + +This is the regular Client. + +![offline client icon](/images/passwordsecure/9.2/installation/installation_client/psrofflineclient-en.webp) + +The Offline Add-on allows access to the data without connection to Server Manager. + +![icon_autofill_agent](/images/passwordsecure/9.2/installation/installation_client/icon_autofill_agent.webp) + +The Autofill Add-on is used for SSO applications. + +## Integrating a database + +For connection to the database, the creation of a database profile is obligatory. The following +information is required: + +- Profile name: The name of the profile. This will be displayed on the client in the future +- IP address: The IP address of the Netwrix Password Secure V8 server is stored here +- Database name: Specifies the name of the database + +## Distributing database profiles via the registry + +There is also an option to distribute database profiles. The profiles are specified via a +corresponding registry entry. The next time Netwrix Password Secure is started, the profiles will be +saved in the local configuration file. The database connection can be made with the following keys: + + +``` +HKEY_CURRENT_USER\SOFTWARE\MATESO\Password Safe and Repository 8\DatabaseProfiles +HKEY_LOCAL_MACHINE\SOFTWARE\MATESO\Password Safe and Repository 8\DatabaseProfiles + +``` + +These keys are structured like this: + +- HostIP: Server IP address +- DatabaseName: Name of the database +- LastUserName: The field for the user name can be specified here + +![profil-registry](/images/passwordsecure/9.2/installation/installation_client/profil-registry-en.webp) + +Is the profile set with the following entries? + + +``` +HKEY_LOCAL_MACHINE\SOFTWARE\MATESO\Password Safe and Repository 8\DatabaseProfiles + +``` + +Then the last used date base as well as the last registered user are created with the following ID, +when you log in for the first time: + + +``` +HKEY_CURRENT_USER\SOFTWARE\MATESO\Password Safe and Repository 8\DatabaseProfiles + +``` + +NOTE: When the corresponding registry entry is set and no related database profile exists, the +profile will be created at the next start-up. Please note that profiles created like this cannot be +edited or deleted in the client. diff --git a/docs/passwordsecure/9.3/installation/installationclient/installation_with_parameters.md b/docs/passwordsecure/9.3/installation/installationclient/installation_with_parameters.md new file mode 100644 index 0000000000..e933ad2949 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationclient/installation_with_parameters.md @@ -0,0 +1,28 @@ +--- +title: "Installation with parameters" +description: "Installation with parameters" +sidebar_position: 10 +--- + +# Installation with parameters + +## What is installation with parameters? + +The installation of the Netwrix Password Secure client can also be optionally run on the command +line. This method also requires the transfer of parameters. These can be combined with one another. +In this case, the individual parameters are separated from one another by a blank space. The +parameters listed in the following section enable you to adapt the type of client installation. + +## Running on the command line with parameters + +Run the installation via the command line: **MSI-FILE.msi [PARAMETER]** + +**Parameter** + +- **AUTOFILL_ADDON_AUTOSTART=“0”**: Deactivates launching the Autofill Add-on in Windows autostart +- **INSTALL_AUTOFILL_ADDON=“0**”: Deactivates the installation of the Autofill Add-on. In the list + of the components to be installed in the setup, a check mark has not been set but this can be set + again by the user +- **INSTALL_OFFLINE_ADDON=“0”**: Deactivates the installation of the Offline Add-on. In the list of + the components to be installed in the setup, a check mark has not been set but this can be set + again by the user diff --git a/docs/passwordsecure/9.3/installation/installationwebapplication/_category_.json b/docs/passwordsecure/9.3/installation/installationwebapplication/_category_.json new file mode 100644 index 0000000000..c328f38534 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationwebapplication/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Installation Web Application", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "installation_web_application" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/installation/installationwebapplication/apache.md b/docs/passwordsecure/9.3/installation/installationwebapplication/apache.md new file mode 100644 index 0000000000..762531e32a --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationwebapplication/apache.md @@ -0,0 +1,49 @@ +--- +title: "Apache" +description: "Apache" +sidebar_position: 10 +--- + +# Apache + +In order to integrate the Web Application onto an Apache server, it is first necessary to enter all +of the relevant settings: + +## Document directory + +The folder from which the Web Application should be operated is entered here. The default folder is +/var/www/html + +## SSL certificate path + +It is necessary to enter the directory in which the certificate will be saved here. + +## SSL certificate key path + +Finally, it is necessary to enter where the certificate key is located here. + +![apache-en](/images/passwordsecure/9.2/installation/installation_web_application/apache-en.webp) + +Once all of the settings have been entered, the Web Application can be created via the button in the +ribbon. The folder in which the ZIP file is located will then open automatically. The archive is now +unzipped and the contents copied to the document directory on the web server. + +The configuration for the Apache server has now also been created and can be viewed on the Server +Manager. + +![apache-en-2](/images/passwordsecure/9.2/installation/installation_web_application/apache-en-2.webp) + +The configuration can be selected using CTRL+A and copied. It is then directly integrated onto the +Apache server. + +NOTE: The configuration of the Apache server is always individual. Therefore, it is only possible to +roughly describe the process for a standard installation. + +## Standard configuration + +The file /etc/apache2/sites-available/default-ssl.conf is (for example "nano") opened. Everything +between``and``is now deleted and replaced by the +configuration from the server. Apache is subsequently restarted via systemctl reload apache. + +The Web Application is now ready to use and can be directly started. Further information can be +found at the end of this section under "SCalling up the Web Application". diff --git a/docs/passwordsecure/9.3/installation/installationwebapplication/installation_web_application.md b/docs/passwordsecure/9.3/installation/installationwebapplication/installation_web_application.md new file mode 100644 index 0000000000..2d9627ce52 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationwebapplication/installation_web_application.md @@ -0,0 +1,93 @@ +--- +title: "Installation Web Application" +description: "Installation Web Application" +sidebar_position: 40 +--- + +# Installation Web Application + +**CAUTION:** This guide focuses on the initial installation of the Web Application and is not +relevant for further updates. + +## Preparations for installation + +### System requirements + +Please ensured that all [Webserver](/docs/passwordsecure/9.3/installation/requirements/webserver/webserver.md) requirements have been met. + +### SSL certificate + +When the web service is started, the certificate created in the basic configuration is configured +and connected to port 11016. This is the connection certificate for communication between the web +server and the Netwrix Password Secure server. + +### Databases + +All databases that are to be used on the Web Application must be enabled for this purpose. With a +double click on the corresponding database the option "Access via Web Application" can be activated. + +## Installation + +The Web Application is generated by the Server Manager and made available in a ZIP archive. +Depending on the web server, the ZIP archive is created accordingly. The installation also differs +depending on the web server used. Irrespective of the web server used, the following information +firstly needs to be entered: + +### Destination + +Name the folder where the ZIP archive with the Web Application should be placed. + +**CAUTION:** Do not use the Server Manager installation directory + +NOTE: If the web server is created on IIS, execute config.bat to handle integration of the web +server. + +### Server IP + +Please check if the IP address is correct otherwise no connection to the Web Application can be +established. If the IP address is wrong, you have to change it in the basic configuration of the +Server Manager. + +### Web server host address + +Enter the IP address or the host name of the web server. + +### Port + +Enter the port that is used to communicate with the Web Application. + +All of the subsequent steps or the required tasks will be explained in the associated chapters for +each specific web server. + +## Custom Branding + +You can personalize the Web App with your company’s branding by navigating to `Custom branding`. There, upload your logo files and specify the custom text you want to display; the updated branding will appear across the application once saved. + +![Custom branding configuration](/images/passwordsecure/9.3/installation/installation_web_application/configure_custom_branding.webp) + +## CORS configuration + +A button for the so-called CORS configuration can be found on the ribbon. It is essential that this +configuration is carried out before the Web Application can be used. A list of the permitted CORS +domains will be saved as a result. Requests received via the Web Application can then be checked +against this list. The request will only be successfully carried out if the origin header for a +request is available in the permitted domains. + +In order to add a domain, simply enter it at the bottom of the dialogue. Clicking on +:material-plus-circle-outline: will add the entry to the list at the top. + +![cors-en-new](/images/passwordsecure/9.2/installation/installation_web_application/cors-en-new.webp) + +NOTE: In general, it is sufficient to add the IP address which was also saved as the Web server host +address. + +## Calling up the Web Application + +The process for calling up the Web Application is dependent on the configuration of the web server: + +- Web Application in root directory -> `https://hostname` +- Web Application in a subdirectory -> `https://hostname/path-to-subdirectory` +- Port is not set to 443 -> `https://hostname:port/path-to-subdirectory` + +NOTE: In order for the redirect to be used, it is important to ensure on apache and nginx web +servers that no other host listens to port 80. diff --git a/docs/passwordsecure/9.3/installation/installationwebapplication/microsoft_iis.md b/docs/passwordsecure/9.3/installation/installationwebapplication/microsoft_iis.md new file mode 100644 index 0000000000..53771713f1 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationwebapplication/microsoft_iis.md @@ -0,0 +1,64 @@ +--- +title: "Microsoft IIS" +description: "Microsoft IIS" +sidebar_position: 20 +--- + +# Microsoft IIS + +If the Web Application is being operated on a Microsoft IIS web server, there are two methods for +integrating it into the system: + +## Create as its own website + +For this option, a website with the name "Web Application" will be directly created on the IIS by +config.bat. The Web Application will be operated here from the standard directory +C:\inetpub\wwwroot. + +## Integrate in existing website + +requires there to be an existing website. Therefore, a website needs to be firstly created on the +IIS web sever. The name of the website then needs to be entered in the Server Manager. It is also +necessary to enter the folder from which the Web Application should be operated under "website +directory". The format here is "/Web Application" + +![IIS installation](/images/passwordsecure/9.2/installation/installation_web_application/installation-webclient-3-en.webp) + +Once all of the settings have been entered, the Web Application can be created via the corresponding +button in the ribbon. When the ZIP archive containing the Web Application has been created, it is +copied to the previously defined directory (C:\inetpub\wwwroot as standard) and unzipped there to +create a new directory. + +## Config.bat + +The file config.bat can be found in the newly created Web Application directory and now needs to be +executed when logged on as the administrator. This will integrate the Web Application into the IIS +web server. + +NOTE: If the system requirements have not been met, you will be informed that the URL Rewrite and/or +Application Request Routing modules need to be installed. In this case, follow the instructions on +the wizard that will then immediately open. In addition, it is necessary to install the WebSocket +Protokoll. Afterwards, config.bat needs to be executed again. + +If the website has been correctly created, this will be correspondingly indicated by the +notification IIS page created. + +![IIS-creating page](/images/passwordsecure/9.2/installation/installation_web_application/installation-webclient-4-en.webp) + +**CAUTION:** Following a successful installation, it is imperative that config.bat is deleted! The +config.bat file should also not be used for an "update" + +## Certificate + +The certificate then needs to be saved. Select the newly created website on the IIS web server. The +bindings can now be opened on the far right. + +![IIS](/images/passwordsecure/9.2/installation/installation_web_application/installation-webclient-5-en.webp) + +Select the https entry and open it for editing. The SSL certificate is then selected here. + +![IIS](/images/passwordsecure/9.2/installation/installation_web_application/installation-webclient-6-en.webp) + +In addition, the Netwrix Password Secure certificate needs to be exported from the Netwrix Password +Secure Server and imported onto the ISS under local computer > trusted root certificate location -> +certificates. Further information can be found in the section "Certificates" diff --git a/docs/passwordsecure/9.3/installation/installationwebapplication/nginx.md b/docs/passwordsecure/9.3/installation/installationwebapplication/nginx.md new file mode 100644 index 0000000000..ab7ec622fb --- /dev/null +++ b/docs/passwordsecure/9.3/installation/installationwebapplication/nginx.md @@ -0,0 +1,50 @@ +--- +title: "nginx" +description: "nginx" +sidebar_position: 30 +--- + +# nginx + +In order to integrate the Web Application onto an nginx server, it is first necessary to enter all +of the relevant settings: + +## Document directory + +The folder from which the Web Application should be operated is entered here. The default folder is +/var/www/html. + +## SSL certificate path + +It is necessary to enter the directory in which the certificate will be saved here. The standard +path here is /etc/nginx/certs/Web Application.crt. + +## SSL certificate key path + +Finally, it is necessary to enter where the certificate key is located here. The default setting is +/etc/nginx/certs/Web Application.key. + +![ngnix installation](/images/passwordsecure/9.2/installation/installation_web_application/installation-webclient-9-en.webp) + +Once all of the settings have been entered, the Web Application can be created via the button in the +ribbon. The folder in which the ZIP file is located will then immediately open. The archive is +unzipped and its contents are copied to the document directory on the web server. + +The configuration for the nginx server was also created together with the ZIP file. This can be +directly viewed on the Server Manager. + +![ngnix installation](/images/passwordsecure/9.2/installation/installation_web_application/installation-webclient-10-en.webp) + +The configuration then still needs to be integrated onto the nginx server. It can be directly copied +on the Server Manager for this purpose. + +NOTE: Every web server configuration is individual. Therefore, it is only possible to outline the +normal process for a standard installation. + +## Standard configuration + +The file /etc/nginx/sites-available/default is firstly opened. For example via "nano". Now search +for the entry `server { }`. The configuration for the Server Manager is then added. Finally, the web +server is restarted using the command systemctl restart nginx. + +The Web Application is now ready to use and can be directly started. diff --git a/docs/passwordsecure/9.3/installation/requirements/_category_.json b/docs/passwordsecure/9.3/installation/requirements/_category_.json new file mode 100644 index 0000000000..af267b40ba --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "Requirements", + "position": 10, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/installation/requirements/application_server.md b/docs/passwordsecure/9.3/installation/requirements/application_server.md new file mode 100644 index 0000000000..bb16428681 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/application_server.md @@ -0,0 +1,42 @@ +--- +title: "Application server" +description: "Application server" +sidebar_position: 10 +--- + +# Application server + +#### System Components + +| | | | +| ----------------- | ------------------ | ------------------ | +| Attribute | Minimum | Recommended | +| OS | MS Win Server 2019 | MS Win Server 2025 | +| Architecture | x64 | x64 | +| CPU [# Cores] | 4 | 8 | +| RAM [GB] | 16 | 32 | +| Disk Space [GB] | 70 | 100 | +| MS .Net Framework | 4.8 | 4.8.1 | +| MS WMF | 5.1 | 5.1 | + +#### + +#### Required configuration + +- Service User: local admin rights, 'logon as a service' allowed +- PowerShell Execution Policy: RemoteSigned +- Mandatory Ports/firewall rules + + - Port 443 HTTPS for connection to the Netwrix Password Secure license server (outgoing) + - Port 1433 TCP for communication with SQL Server (outgoing) + - Port 11011 TCP for communication with windows applications or web server IIS (incoming) + - Port 11016 TCP for the Web services (incoming; only when using the Web Application) + - Port 11018 TCP for real-time update (incoming) + - Port 11014 TCP for the backup service (usually does not need to be unlocked) + - Port 11015 TCP for Entra ID communication (incoming; only when using the Entra ID + provisioning) + - Port 11019 TCP for using Password Secure as Identity Provider (SAML) (incoming) + +- (Optional) Server needs to be domain-joined (only when using AD provisioning (not Entra ID)) +- (Optional) Provide SMTP-Server details: hostname, port, auth method, protocol (mandatory for a + variety of features) diff --git a/docs/passwordsecure/9.3/installation/requirements/client_configuration.md b/docs/passwordsecure/9.3/installation/requirements/client_configuration.md new file mode 100644 index 0000000000..a04c4f5141 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/client_configuration.md @@ -0,0 +1,31 @@ +--- +title: "Client configuration" +description: "Client configuration" +sidebar_position: 30 +--- + +# Client configuration + +#### System Components + +NOTE: Our Windows Application (Win App) is not available for MSP-customers! + +| | | | +| --------------------------- | ----------------------------------- | ---------------------- | +| Attribute | Minimum | Recommended | +| OS | Win 10 21H2 19044 Win 11 21H2 22000 | Win 11 23H2 22631.3235 | +| Architecture | x64 | x64 | +| CPU [Cores] | 4 | 8 | +| RAM [GB] | 8 | 16 | +| Disk Space [GB] | 50 | 100 | +| MS .NET Framework | 4.8 | 4.8.1 | +| RDP-Version (if applicable) | 10 | 12 | + +#### Required Configuration + +- Mandatory ports/firewall rules + **a**. Port 11011 TCP for communication with the application server (outgoing) + **b**. Port 11016 TCP for WebSocket communication with the server (outgoing) + +- WAN/VPN connection to application server: MTU-size = 1500 bytes (1472 bytes + 28 bytes for the + header) diff --git a/docs/passwordsecure/9.3/installation/requirements/mobile_apps.md b/docs/passwordsecure/9.3/installation/requirements/mobile_apps.md new file mode 100644 index 0000000000..89a0dc7ea5 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/mobile_apps.md @@ -0,0 +1,19 @@ +--- +title: "Mobile Apps" +description: "Mobile Apps" +sidebar_position: 50 +--- + +# Mobile Apps + +#### Required Version + +**CAUTION:** Our mobile apps are only supported on devices with the official OS (no jailbreak, not +rooted). + +| | | | +| ---------------- | ------- | ----------- | +| OS | Minimum | Recommended | +| iOS (Apple) | 17.7.1 | 18.1 | +| iPadOS (Apple) | 17.7.1 | 18.1 | +| Android (Google) | 13 | 15 | diff --git a/docs/passwordsecure/9.3/installation/requirements/mssql_server.md b/docs/passwordsecure/9.3/installation/requirements/mssql_server.md new file mode 100644 index 0000000000..2bbab17206 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/mssql_server.md @@ -0,0 +1,32 @@ +--- +title: "MSSQL Server" +description: "MSSQL Server" +sidebar_position: 20 +--- + +# MSSQL Server + +#### Required Version + +RECOMMENDED: Using MS SQL Server Express can lead to significant performance issues because of the +various limitations. Our recommendation is to use MS SQL Server Standard as a minimum. + +Please follow Microsoft recommendations for system requirements for SQL Server. + +| | | | +| --------------------- | ------- | ----------- | +| Attribute | Minimum | Recommended | +| MS SQL Server Version | 2019 | 2022 | + +**CAUTION:** If you plan to install the MS SQL Server on the machine with the Netwrix Password +Secure application server, please ensure to meet the combined minimum requirements for both systems. + +#### Required Configuration + +1. Service User: dbCreator (only required if the Netwrix Password Secure is used to create databases + (recommended)), dbOwner + **a**. (Optional) Sysadmin (only when using the Netwrix Password Secure Backup Service) +2. Collation: Latin1_General_CI_AS (if the MS SQL Server is using a different collasion, the + database needs to be created manually with the right collation and then be linked to/in Netwrix + Password Secure) +3. Port/firewall rule: Port 1433 TCP for communication with application server (incoming) diff --git a/docs/passwordsecure/9.3/installation/requirements/webserver/_category_.json b/docs/passwordsecure/9.3/installation/requirements/webserver/_category_.json new file mode 100644 index 0000000000..9b0df2001b --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/webserver/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Webserver", + "position": 40, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "webserver" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/installation/requirements/webserver/browser.md b/docs/passwordsecure/9.3/installation/requirements/webserver/browser.md new file mode 100644 index 0000000000..0a3d03a546 --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/webserver/browser.md @@ -0,0 +1,20 @@ +--- +title: "Browser" +description: "Browser" +sidebar_position: 10 +--- + +# Browser + +#### Required Version + +Only the browser extension provided in the store of the supported browser is supported (NOT Chrome +browser extension used in Edge, for example). + +| | | | +| ----------------- | -------------------------- | ----------- | +| Supported Browser | Minimum | Recommended | +| Chrome | Last two Stable releases | Stable | +| Edge | Last three Stable releases | Stable | +| Firefox | ESR | Stable | +| Safari | Latest | Latest | diff --git a/docs/passwordsecure/9.3/installation/requirements/webserver/webserver.md b/docs/passwordsecure/9.3/installation/requirements/webserver/webserver.md new file mode 100644 index 0000000000..9da45043de --- /dev/null +++ b/docs/passwordsecure/9.3/installation/requirements/webserver/webserver.md @@ -0,0 +1,39 @@ +--- +title: "Webserver" +description: "Webserver" +sidebar_position: 40 +--- + +# Webserver + +#### System Components + +| | | | +| --------- | --------------- | ----------------- | +| Webserver | Minimum | Recommended | +| IIS | 10 | 10 | +| Apache | 2.4.58 | 2.4.58 | +| NGINX | 1.24.0 (stable) | 1.25.4 (mainline) | + +#### Required Modules/Extensions + +| | | | | +| --------------------- | ------- | ----------- | ---------- | +| Attribute | Minimum | Recommended | Applies to | +| URL Rewrite mod | 2.1 | 2.1 | IIS | +| ARR | 3.0 | 3.1 | IIS | +| Websocket Protocol | - | - | IIS | +| mod_rewrite module | - | - | Apache | +| mod_proxy module | - | - | Apache | +| mod_ssl module | - | - | Apache | +| mod_proxy_http module | - | - | Apache | + +#### Required Configuration + +Mandatory Ports/firewall rules + +- Port 443 HTTPS to address the web server from the client (inbound) +- Port 11016 for communication with the application server (outgoing) +- Port 11018 for real-time updating (outgoing) +- (Optional) Port 11019 for using Password Secure as Identity Provider (SAML) (outgoing) +- (Optional) Port 11015 for Entra ID SCIM provisioning (outgoing) diff --git a/docs/passwordsecure/9.3/introduction/_category_.json b/docs/passwordsecure/9.3/introduction/_category_.json new file mode 100644 index 0000000000..7a06add9de --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Introduction", + "position": 10, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "introduction" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/introduction/introduction.md b/docs/passwordsecure/9.3/introduction/introduction.md new file mode 100644 index 0000000000..9d5cd3dd79 --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/introduction.md @@ -0,0 +1,14 @@ +--- +title: "Introduction" +description: "Introduction" +sidebar_position: 10 +--- + +# Introduction + +## Welcome to the official Netwrix Password Secure documentation! + +All Netwrix product announcements have moved to the Netwrix Community. See announcements for +Netwrix Password Secure in the +[Password Secure](https://community.netwrix.com/c/password-secure/announcements/122) area of the +community. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/_category_.json b/docs/passwordsecure/9.3/introduction/versionhistory/_category_.json new file mode 100644 index 0000000000..ffb42b5dc3 --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "Version History", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "version_history" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.0.30423.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.0.30423.md new file mode 100644 index 0000000000..52340922cc --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.0.30423.md @@ -0,0 +1,54 @@ +--- +title: "Version 9.0.0.30423" +description: "Version 9.0.0.30423" +sidebar_position: 100 +--- + +# Version 9.0.0.30423 + +## New + +#### Cross-client change\* + +- The encryption system has undergone significant enhancements to bolster its resistance against + brute force attacks. Moreover, it now aligns with the latest OWASP recommendations. + +#### Extended view (formerly FullClient) + +- Windows clients have transitioned to exclusive compatibility with 64-bit systems, optimizing + available RAM resources and enabling concurrent operation of more RDP sessions (also affects the + SSO and OfflineClient). RDP libraries have also been upgraded to 64-bit. +- In the recycle bin of organizational units, it is now possible to permanently delete objects via + multiple selections. +- The clarity of the user interface has been enhanced by defaulting to icons instead of logos, + offering a more streamlined experience. This adjustment also applies to the Web Application. + +\* This improvement affects all views (normal and advanced view) and Clients (Admin-, Web-, SSO- and +OfflineClient), the browser extension, API, and the server as well as MSP. + +#### MSP + +- Price details can now be customized on a per-customer basis, allowing for greater flexibility and + tailored pricing options. + +## Fixed + +#### Extended view (formerly FullClient) + +- The export now also works when using special separators. +- The export now also works, when text qualifier is empty. +- The "Add" permission for imported organizational units has been corrected. +- The report on "Inactive user accounts" now shows correct data. + +#### Web Application + +- The OTP field can now be reset. + +#### Server + +- The "User deleted" event is now correctly recorded in the logbook. + +#### Browser extensions + +- Even if no URL is stored, the username and password can now be copied from the browser extension + again. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.1.30479.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.1.30479.md new file mode 100644 index 0000000000..9b52d3b21f --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.1.30479.md @@ -0,0 +1,29 @@ +--- +title: "Version 9.0.1.30479" +description: "Version 9.0.1.30479" +sidebar_position: 90 +--- + +# Version 9.0.1.30479 + +## Fixed + +#### Extended view + +- After duplicating a password, the quality of the password is recalculated correctly. +- RDP connections now work again on Windows Server 2019. + +#### Web Application + +- The quick view can now be scrolled correctly even if another modal popup is open. + +#### Browser Extension + +- The search in the browser extension now works as expected again. + +#### Server + +- System tasks are no longer deactivated after each run if they were configured with the interval + 'Once' in the past. +- HSM accesses are limited to a minimum now. +- A self-defined password can be used for the WebViewer export again diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.2.30602.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.2.30602.md new file mode 100644 index 0000000000..1d1c737d0a --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.2.30602.md @@ -0,0 +1,40 @@ +--- +title: "Version 9.0.2.30602" +description: "Version 9.0.2.30602" +sidebar_position: 80 +--- + +# Version 9.0.2.30602 + +## New + +#### Advanced view (formerly FullClient) + +- The fields "user colour" and "initials" have been removed. +- For better readability, the option "Change Active Directory synchronization status" has been + shortened to "Change AD sync state". +- The "Settings" tab doesn`t close anymore when another option is clicked on (This only affects the + Web Application.). + +#### Basic view (formerly LightClient) + +- The "View details" option has been renamed to the more appropriate term "Quick view", which is + already used in the extended view (This only affects the Web Application.). + +## Fixed + +#### Advanced view (formerly FullClient) + +- Uploading a file now also works if no file name (e.g. '.env') is specified. + +#### Web Application: + +- Buttons to multiselect documents and applications have been added in the mobile view. +- The "New organisational unit" dropdown menu closes now when another tab has been opened. +- When multiple objects are selected, the button "Form field permissions" is greyed out now. +- Predefined rights templates for more than one organizational unit can now be edited + simultaneously. + +#### Browser Extension + +- Passwords can now also be copied to the clipboard if no URL is stored. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.3.30606.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.3.30606.md new file mode 100644 index 0000000000..dbcbacc840 --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.3.30606.md @@ -0,0 +1,13 @@ +--- +title: "Version 9.0.3.30606" +description: "Version 9.0.3.30606" +sidebar_position: 70 +--- + +# Version 9.0.3.30606 + +## Fixed + +#### DesktopClient + +- The PuTTY Client has been updated to version 0.81. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.0.30996.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.0.30996.md new file mode 100644 index 0000000000..6cf5f533f7 --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.0.30996.md @@ -0,0 +1,106 @@ +--- +title: "Version 9.1.0.30996" +description: "Version 9.1.0.30996" +sidebar_position: 60 +--- + +# Version 9.1.0.30996 + +## New + +#### Browser Extension + +- UserVoice Winner: Stored OTPs can now be retrieved directly via the browser extension. +- New improved autofill logic: The autofill function has been completely revised to enable a more + convenient automatic login in the browser. +- Cross-platform authentication is now possible: The Windows app, browser extension and autofill + add-on can now authenticate each other. +- UserVoice Winner: You can now also use htaccess forms for automatic login. +- The SSO agent connection for the browser extension has been deprecated. Here you can find + instructions on how to switch to server mode as well as an FAQ to this topic (This also affects + the autofill add-on.). +- Browser extension profiles can now be configured via policy. +- Opening Netwrix Password Secure from the browser extension now works correctly. + +#### Basic view (formerly Light Client)\* + +- SSO applications can now be connected with passwords. +- The button “Ignore application” has been renamed to “Hide application”. + +\*As the basic view on Windows has been deprecated with version 9.1.0, the basic view from now on +always refers to the web app. + +#### Server + +- Missing data is now migrated to ECC. +- The web server configuration routine for IIS has been improved. +- If you change the deployment mode to "Members of groups only" during AD synchronization, the + checkboxes for synchronization are now ignored. + +## Improvements + +#### Platform-client change\* + +The following names have been changed: + +| Obsolete | New (English) | New (German) | +| ------------------------------------ | ------------------- | ------------------- | +| WebClient | Web application | Web Application | +| LightUser / Basic view User | (Basic) user\* | (Standard) User\* | +| Basic view (Ansicht) | Basic view | Standardansicht | +| FullUser / FullClient User | Advanced user | Advanced User | +| FullClient (Ansicht) | Advanced view | Erweiterte Ansicht | +| Browser Add-on | Browser extension | Browser-Erweiterung | +| App | Mobile application | Mobile Application | +| Desktop Client | Windows application | Windows Application | +| Web Endpoint | Web server | Web Server | +| SSO Agent / SSO Add-on / SSO Service | Autofill add-on | Autofill Add-on | +| OfflineClient | Offline add-on | Offline Add-on | +| AdminClient | Server Manager | Server Manager | +| SAML Service | IdP service | IdP Service | + +\* This improvement affects all views (basic and advanced view), apps and add-ons (Server Manager, +web and Windows app, autofill and offline add-on) the browser extension, API, and the server as well +as MSP. + +#### Basic view (formerly LightClient)\* + +- The basic view on Windows has been deprecated. Basic users can still login via web app. + +#### Browser extension + +- Login errors are now displayed correctly. + +#### Server + +- The quality of secrets stored in the database is now encrypted. + +## Fixed + +#### Advanced view (formerly FullClient) + +- The footer is now displaying the latest four involved users again. +- Resetting to the default settings for actions in the clipboard is no longer saved when canceling. +- Drag & Drop while updating a document is now possible in the web app. + +This only affects the Windows app: + +- Rights from organizational units to passwords can now also be inherited recursively. +- Login security has improved: Credentials for one application can no longer be reused for a + different one. +- Report details are now displayed correctly again. + +#### Server + +- Changing the form of passwords with multiline passwords now works. +- Sorting in the (emergency) web viewer now works correctly. + +#### Server Manager + +- The migration summary no longer shows an error message when all ECC migrations were started + successfully. + +#### API + +- It is no longer possible to attach data to more than one organizational unit. +- Passwords that are changed via the JavaScript API/SDKbuD are encrypted correctly. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.1.31138.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.1.31138.md new file mode 100644 index 0000000000..87e4f7f741 --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.1.31138.md @@ -0,0 +1,72 @@ +--- +title: "Version 9.1.1.31138" +description: "Version 9.1.1.31138" +sidebar_position: 50 +--- + +# Version 9.1.1.31138 + +## New + +#### Advanced view (formerly FullClient) + +- To facilitate the management of multiple directory service connections such as Active Directory or + Entra ID, this is now done from a central location and requires only one user right (Can manage + directory service connections). +- The tag filter can now contain more than 10 tags. +- The protection of sensitive data in the process memory has been improved. +- If a browser tab is already open with the web app, this is now used first when creating new access + data via the browser extension (This also applies to the standard view.). + +## Improvements + +#### Server + +- The logging of errors in the realtime connection is now deactivated by default. +- The migration from RSA to ECC has been improved by better performance and by eliminating the + migration of organisational units. +- A new security setting has been added that fully logs access to encrypted passwords. + +#### Server Manager + +- To avoid typing errors when exporting certificates, the password must now be entered twice. +- A new security setting has been added that fully logs access to encrypted passwords. + +## Fixed + +#### Advanced view (formerly FullClient) + +- Offline synchronization now also works for cross-platform login (This also applies to the offline + add-on.). +- The setting “Restore last opened tabs” works again. +- Closing the Windows app works again without unexpected crashes. + +#### Web app + +- The setting “Permitted document extensions” can now be reset in the user settings. +- The “Clipboard gallery” option can now be changed in the user settings and global user settings. +- When uploading many documents, the list can now be scrolled. +- The list of documents to be uploaded can now be searched. + +#### Server + +- Documents with forbidden file extensions can no longer be uploaded. +- The speed of loading filters has been improved. +- An error when loading passwords after replacing the database certificate has been fixed. +- The “Add” right can now only be transferred to organisational units. + +#### Browser extension + +- The automatic entry in iframes now takes the correct address into account again. +- A bug has been fixed that prevented some websites from recognizing the data entered during + automatic entry. +- The fields with the type integer, decimal number and checkbox can be used again for automatic + entry. +- Profiles with long names are now displayed correctly again in the browser extension menu. +- New passwords are now recognized again if the user is logged in to more than one database. +- The cross-platform login in the browser extension now also works if the URL of the web app has + changed. + +#### API + +- After logging out in the JavaScript API, the “isAuthenticated” information is now correct. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.2.31276.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.2.31276.md new file mode 100644 index 0000000000..c6b4e456fc --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.2.31276.md @@ -0,0 +1,56 @@ +--- +title: "Version 9.1.2.31276" +description: "Version 9.1.2.31276" +sidebar_position: 40 +--- + +# Version 9.1.2.31276 + +## New + +#### Server & Server Manager + +- You can now assign an alias for each database for login purposes, eliminating the need to disclose + the real database name. +- Individual databases can now be set to read-only mode. + +#### Web App + +- External links created via the web app now contain the database alias if one has been defined. + +#### Browser extension + +- The browser extension is now able to fill out OTP fields. + +## Improvements + +#### Web App + +- It is now possible to define the URL in applications of type Web as a regular expression. + +#### Browser extension + +- The performance of the browser extension has been improved. + +## Fixed + +#### Advanced view + +- The import of CSV files now handles organizational units correctly. +- The quick view and history of passwords can be opened again. +- Spontaneous errors when changing selected passwords have been fixed. +- Web applications with URLs defined as regex are recognized correctly. +- Logging in to the Windows app is possible again if you were last logged in in the standard view. + +#### Web App + +- Entra ID tokens can be regenerated in the profile list. + +#### Server Manager + +- The version of the nginx web server is no longer returned in the header in the standard + configuration. + +#### Browser extension + +- Web applications with URLs defined as regex are now recognized correctly. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.3.31365.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.3.31365.md new file mode 100644 index 0000000000..262cc7f39e --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.3.31365.md @@ -0,0 +1,44 @@ +--- +title: "Version 9.1.3.31365" +description: "Version 9.1.3.31365" +sidebar_position: 30 +--- + +# Version 9.1.3.31365 + +## New + +#### Browser extension + +- Based on Manifest V3, a new browser extension for Chrome has been released. + +#### Extended view (on Windows & web) + +- A new filter group “Directory Service Type” has been added, which allows explicit filtering by + users and roles from directory services. + +#### Server + +- The alias of a database is now displayed in the Authenticator app if one is configured, and a new + token is generated. +- The session timeout for new databases is now set to 1 hour instead of the previous 6 hours. + +## Fixed + +#### Extended view + +- An external package with a vulnerability classified as weak has been updated. The vulnerability + could not be exploited via Netwrix Password Secure (This also affects the server & Server Manager + as well as the autofill & offline add-on.). +- The obsolete property “Spaces” has been removed from the password policies (This also affects the + offline add-on.). +- A possible XSS vulnerability in the WebViewer has been closed (This also affects the web app.). +- A problem has been fixed where the password was not saved on the server after a change when it was + copied to the clipboard. +- The cross-client login for the browser extension is now also operational for synchronized Windows + profiles. + +#### Server Manager + +- The configuration script for the web app under IIS now also works if there are spaces in the + target path. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.0.32454.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.0.32454.md new file mode 100644 index 0000000000..379e22192a --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.0.32454.md @@ -0,0 +1,74 @@ +--- +title: "Version 9.2.0.32454" +description: "Version 9.2.0.32454" +sidebar_position: 20 +--- + +# Version 9.2.0.32454 + +## New + +#### Web App (Advanced & Basic view) + +- The web app is now available with a new design and can be deployed via Server Manager. For a + limited time, the old web app remains available as an alternative. + +#### Advanced view (on Windows) + +- Additional time periods are now available for the "When revealing password" trigger: 6 hours, 12 + hours, and 1 day. +- API login is now possible with an API key that can be generated directly in the Windows and web + app (This applies to the API and web app in new design.). This simplifies the login process and + increases flexibility for integration. +- For more targeted synchronization, it is now optionally possible to limit the attributes of Active + Directory and Entra ID users to be synchronized (This also applies to the web app and server.). + +## Improvements + +#### Web & Windows App + +- Multiline password fields can only be changed when they are revealed. + +#### Web App + +- To provide a better overview of all password changes, the "Show password" button in the password + history now also displays the encrypted fields of the historical versions. + +#### Server Manager + +- The alias of a database is now displayed in the database list, enabling quicker identification and + management of databases with different names. + +## Fixed + +#### Advanced view (on Windows) + +- Cross-client login now works for database profiles distributed via the registry (This also applies + to the autofill add-on.). +- The values of list fields in passwords are now displayed as expected. +- The Windows app now always starts within the visible area when multiple monitors are used. +- After updating, translations are now loaded correctly on the first start of the Windows app. +- Copying multiple fields to the clipboard while editing a password no longer removes the field + values. +- A bug has been fixed that prevented users from switching the Detail tab in the footer. +- An error in the tag management was resolved, which caused the buttons in the ribbon to disappear. + +#### Web App + +- An unloaded translation in the notifications has been fixed. +- Reloading the web app now correctly shows the "Locked" view again. +- Browser language detection for the web app is now reliable once more. +- Deleted users and roles can now be removed from permissions (This also applies to the Windows + app.). + +#### Browser Extension + +- Excessive console output in the browser extension has been removed. + +#### Server Manager + +- Database login via the Server Manager is now also supported when using IPv6. + +#### API + +- The JavaScript API now again supports the creation of valid users. diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.1.32530.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.1.32530.md new file mode 100644 index 0000000000..b66370d1fd --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.1.32530.md @@ -0,0 +1,47 @@ +--- +title: "Version 9.2.1.32530" +description: "Version 9.2.1.32530" +sidebar_position: 10 +--- + +# Version 9.2.1.32530 + +## New + +#### Server & Server Manager + +The default name of the configuration database now contains the host name of the server. + +#### API + +The version of the API can now be called up within it. + +## Fixed + +#### Windows App + +Active Directory users in MasterKey mode can change their first factor required for login again. + +The distribution of translation files has been optimized. + +#### Web App + +Password fields of type ‘Heading’ are displayed correctly again (This only applies to the new +design.). + +When creating a new user, the field for assigning roles is readable again (This only applies to the +new design.). + +The distribution of translation files has been optimized. + +#### Browser extension + +A problem with a vulnerable package in the dependencies has been fixed. + +#### API + +The ‘SaveRights’ call is now functional again in the JavaScript API. + +#### Basic view in the web app + +Mouse hover effects in the basic view have been fixed (This only applys to the new design .). diff --git a/docs/passwordsecure/9.3/introduction/versionhistory/version_history.md b/docs/passwordsecure/9.3/introduction/versionhistory/version_history.md new file mode 100644 index 0000000000..cc25f5b553 --- /dev/null +++ b/docs/passwordsecure/9.3/introduction/versionhistory/version_history.md @@ -0,0 +1,30 @@ +--- +title: "Version History" +description: "Version History" +sidebar_position: 30 +--- + +# Version History + +The previously released versions and the corresponding changelogs can be found in the following +sections. + +- [Version 9.2.1.32530](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.1.32530.md) + +- [Version 9.2.0.32454](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.2.0.32454.md) + +- [Version 9.1.3.31365](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.3.31365.md) + +- [Version 9.1.2.31276](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.2.31276.md) + +- [Version 9.1.1.31138](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.1.31138.md) + +- [Version 9.1.0.30996](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.1.0.30996.md) + +- [Version 9.0.3.30606](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.3.30606.md) + +- [Version 9.0.2.30602](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.2.30602.md) + +- [Version 9.0.1.30479](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.1.30479.md) + +- [Version 9.0.0.30423](/docs/passwordsecure/9.3/introduction/versionhistory/version_9.0.0.30423.md) diff --git a/docs/passwordsecure/9.3/maintenance/_category_.json b/docs/passwordsecure/9.3/maintenance/_category_.json new file mode 100644 index 0000000000..01a1e6dd4d --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/_category_.json @@ -0,0 +1,6 @@ +{ + "label": "Maintenance", + "position": 50, + "collapsed": true, + "collapsible": true +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/maintenance/eccmigration/_category_.json b/docs/passwordsecure/9.3/maintenance/eccmigration/_category_.json new file mode 100644 index 0000000000..615b99fa82 --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/eccmigration/_category_.json @@ -0,0 +1,10 @@ +{ + "label": "ECC Migration", + "position": 30, + "collapsed": true, + "collapsible": true, + "link": { + "type": "doc", + "id": "ecc_migration" + } +} \ No newline at end of file diff --git a/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration.md b/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration.md new file mode 100644 index 0000000000..d4f65959ee --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration.md @@ -0,0 +1,13 @@ +--- +title: "ECC Migration" +description: "ECC Migration" +sidebar_position: 30 +--- + +# ECC Migration + +For a better overview the ECC migration is organized in two sections. One for the administrators and +one for the end user: + +- [Admin Manual](/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_administrator_manual.md) +- [User Manual](/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_user_manual.md) diff --git a/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_administrator_manual.md b/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_administrator_manual.md new file mode 100644 index 0000000000..5776412424 --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_administrator_manual.md @@ -0,0 +1,78 @@ +--- +title: "Admin Manual" +description: "Admin Manual" +sidebar_position: 10 +--- + +# Admin Manual + +## Preparation + +Before you execute the migration, you must ensure that the following preparations have been made: + +- Installation of the latest Netwrix Password Secure-Server, Native Client and Web Client +- Check in the [Database properties](/docs/passwordsecure/9.3/configuration/servermanger/databaseproperties/database_properties.md) if the **offline + access** and the **mobile synchronization** are allowed + If that should be the case, **contact your users and make sure that they have to synchronize the + Offline Add-on and the mobile app**. + +**CAUTION:** If the OfflineClient or App does have not yet synchronized items, they are lost after +the migration mode is enabled! + +- Backup all certificates using the Netwrix Password Secure Server Manager + +**CAUTION:** Only certificate backups made through the Server Manager are valid! + +![Certificates](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/certificates-ac-1-en.webp) + +![Export certificates](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/certificates-ac-2-en.webp) + +- Delete or restore all non “permanent deleted” users + If you have deactivated or non “permanent deleted“ users it would make sense to delete them + permanently, otherwise the migration would never finalize. Keep in mind, that every E2EE User must + log in, before you can complete the migration. +- Only have **one active Netwrix Password Secure-Server** + In the case of multiple Netwrix Password Secure-Servers, you need to stop all Netwrix Password + Secure-Server services on all servers except on one, which actually is used for the migration. +- For each Entra ID profile you have to create a new token. This token must be stored in the + corresponding Enterprise Application under the Provisioning tag. + +## Migration + +NOTE: During the migration, the database is in read-only mode. So it is possible to read all records +from the database, but it is not possible to add new or edit existing records. + +#### Start migration + +Clicking on the icon **“Start migration”** in the databases' module to start the migration process + +![start migration](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/start-migration-en.webp) + +Select the database you want to migrate and enter the code-word. + +Remember, The code word is “Start”. Please make sure that you have read the whole documentation. +Otherwise, data loss might occur! + +![select database](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/start-migration-2-en.webp) + +You should see the message, that the selected databases are now in migration mode: + +![start migration](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/start-migration-3-en.webp) + +As written in the message, export all required certificates via the Netwrix Password Secure Server +Manager. If you have multiple servers in use import the certificates via the Server Manager at the +end of the migration process. + +**CAUTION:** If certificates are missing the migration cannot be continued. + +#### Watch the migration process + +In the migration process you find all information about the current process, what is already +migrated and what still needs to be migrated + +![migration progress](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/migration-progress-en.webp) + +After each user has logged into the database and has been successfully migrated, the migration is +complete. + +![migration finished](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/migration-finished-en.webp) diff --git a/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_user_manual.md b/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_user_manual.md new file mode 100644 index 0000000000..11eb4feb09 --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/eccmigration/ecc_migration_user_manual.md @@ -0,0 +1,25 @@ +--- +title: "User Manual" +description: "User Manual" +sidebar_position: 20 +--- + +# User Manual + +## Preparation: + +If you use the Offline Add-on and the Mobile app it is necessary to synchronize them before your +admin starts the migration. + +**CAUTION:** If you do not synchronize your data, it is lost and no more accessible after the +migration! + +## Migration + +During the migration every E2EE-User of the database has to log in. Keep the client running until +the message **„Userdata migration finished”** appears. + +![userdata_migration_finished_en](/images/passwordsecure/9.2/configuration/server_manager/ecc_migration/userdata_migration_finished_en.webp) + +NOTE: The migration can only be carried out with the Web Application and NativeClient. A migration +just using the Extension, Autofill Add-on or the Mobile App is not possible. diff --git a/docs/passwordsecure/9.3/maintenance/moving_the_server.md b/docs/passwordsecure/9.3/maintenance/moving_the_server.md new file mode 100644 index 0000000000..afd82dfd11 --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/moving_the_server.md @@ -0,0 +1,103 @@ +--- +title: "Moving the server" +description: "Moving the server" +sidebar_position: 20 +--- + +# Moving the server + +## Preparations + +It is necessary to make some preparations so that the move can be completed without any problems. + +#### 1. Installing the SQL server + +If the SQL server and the application server are on the same machine, the SQL server should be +installed on the new machine first. It is necessary to observe the +[MSSQL Server](/docs/passwordsecure/9.3/installation/requirements/mssql_server.md) for this process. + +#### 2. Installing the server + +The Netwrix Password Secure application server is installed next (see +[Application server](/docs/passwordsecure/9.3/installation/requirements/application_server.md)). The installation itself +is described under +[Installation Server Manager](/docs/passwordsecure/9.3/installation/installation_server_manager.md). + +#### 3. Basic configuration + +After the server has been installed, the +[Basic configuration](/docs/passwordsecure/9.3/configuration/servermanger/basic_configuration.md) is +completed. A new configuration database will be created on the SQL server as a result. If you want +to retain the old SQL server, it is necessary to give the configuration database a new name. + +#### 4. Deactivating the old server + +The license first needs to be deactivated before it can be activated on the new server (see options +under [License settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md). Now stop +the server so that nothing more can be changed in the database. + +## Backing up the data + +After making these preparations, the data from the old server can be backed up. + +#### 1. Backing up the system + +If using a virtual machine, a backup of it should be created. The old version of the server can then +be restored in the event of problems. + +#### 2. Backing up the database + +In order to transfer the data to the new server, a backup of the database should be created. +Although this is also possible via the Server Manager, we recommend carrying out the backup at the +SQL level: right click on the database, then on Tasks and Backup. The desired target folder is +selected in the following window. + +![insert backup](/images/passwordsecure/9.2/maintenance/sql-backup-en.webp) + +#### 3. Backing up the server certificate + +It is essential that the all available +[Certificates](/docs/passwordsecure/9.3/configuration/servermanger/certificates/certificates.md) are backed up. +Depending on the installation, a different number of certificates are required here. + +## Configuring the new server + +After the backed up data (database and certificate) has been transferred to the new server, it still +needs to be integrated. + +#### 1. Integrating the database at the SQL level + +Firstly, a new database is created on the SQL server. This option can be found in the SQL Management +Studio after right clicking on Databases. It is usually sufficient to simply enter the database +names. + +![integrate the database](/images/passwordsecure/9.2/maintenance/sql-new-db-en.webp) + +As soon as the database has been created, the option Restore (under Tasks) can be selected by right +clicking on the server. The Database is thus selected here. The backup now needs to be selected. It +is also essential to check whether the correct database has been selected in the field "Target". + +![restore db](/images/passwordsecure/9.2/maintenance/sql-restore-en.webp) + +NOTE: This method can be also used to import backups that were directly created from the Server +Manager. + +#### 2. Setting up the server + +After the backup has been installed on the new database, you can be start the Server Manager and run +the setup wizard. The [Setup wizard](/docs/passwordsecure/9.3/configuration/servermanger/setup_wizard.md) is +used for (amongst other things) reactivating the license. It is now possible to enter all of the +desired configurations for the server. + +#### 3. Importing the certificates + +The backed up certificates are imported via the certificate manager. + +#### 4. Integrating the database + +Finally, the database is integrated onto the server via the database wizard. + +## Modifications on the client + +If the IP and/or host name for the server has changed, it is necessary to create/roll out new +database profiles from the client. diff --git a/docs/passwordsecure/9.3/maintenance/update.md b/docs/passwordsecure/9.3/maintenance/update.md new file mode 100644 index 0000000000..efe6cf1c21 --- /dev/null +++ b/docs/passwordsecure/9.3/maintenance/update.md @@ -0,0 +1,111 @@ +--- +title: "Update" +description: "Update" +sidebar_position: 10 +--- + +# Update + +## Reasons for regular updates + +Our development team is constantly working on the further development of the software. This does not +only involve fixing any problems but also primarily the development of new features to adapt the +software as best as possible to the requirements of our customers. Therefore, it is recommended that +you regularly install updates. + +The documentation always refers to the latest version available. If Netwrix Password Secure deviates +from the documentation (e.g. in appearance or also its functional scope), it makes sense to firstly +update to the latest version. + +NOTE: The update check on the server or the client can be used to easily install the latest version. +The update check on the client must be activated in the settings for users beforehand. We recommend +leaving the update check deactivated for normal users! Otherwise these users could independently +attempt to install updates. Since a new client cannot connect to an old server, this results in the +user not being able to log in. + +## Requirements + +The requirements should be checked or established before an update. + +**CAUTION:** Please always check the Changelog for requirements or breaking changes before updating! + +### Check the software maintenance package + +The right to install updates is acquired with the software maintenance package. It is important to +note that you are permitted to install all updates as long as the software maintenance package is +still active. If the software maintenance package has expired, you are only permitted to use those +versions that were released during the term of the software maintenance package. Therefore, you +should check whether the software maintenance package is still active before an update. This can be +easily checked on the Server Manager under +[License settings](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/license_settings.md). + +### Creating a backup + +An update always involves making a profound change to the existing software. A corresponding +[Backup management](/docs/passwordsecure/9.3/configuration/servermanger/mainmenu/backupsettings/backup_management.md) +should thus be created directly before the update to ensure that no data is lost if a serious +problem arises. + +### Checking compatibility + +An attempt is always made to design the Server Manager so that it is backwards compatible. +Unfortunately this is not always possible. Therefore, you should always check which client version +the Server Manager is compatible with before an update. The version history for the relevant version +will provide this information. + +**CAUTION:** If the password for logging in to the Server Manager on the database has been saved, it +is essential that it is noted down or temporarily saved elsewhere before an update! + +### Latest installation files + +The installation files can be downloaded from the +[customer information system](https://license.passwordsafe.de/kis). Please simply use the access +data that we sent to you by email to log in. + +## Perform update + +### Updating the Server Manager + +The Server Manager is simply installed on top of the existing installation. The password from the +Server Manager should be made available at this point in any case. After the installation of the +Server Manager, the database is only accessible when it is activated. If the password is only in the +Netwrix Password Secure, it should be temporarily stored at this point. + +NOTE: If the service has not been ended in advance, the installation wizard will give you the +opportunity to do so. If the service is still not ended at this stage, the computer will then need +to be restarted. It is thus recommended that the Netwrix Password Secure services are ended before +the update. + +Further information on the installation wizard can be found in the section +[Installation Server Manager](/docs/passwordsecure/9.3/installation/installation_server_manager.md). + +### Patch level update for the databases + +The databases are usually deactivated after updating the Server Manager because they do not yet have +the corresponding patch level. This should be immediately checked. After logging in to the Server +Manager, the module “Databases” is immediately visible. If the databases have been deactivated, you +can reactivate them directly in the ribbon via the corresponding button. The patch level will be +updated during this process. + +### Updating the client + +The updates for the client are also simply installed over the existing installation. Further +information can be found in the section Installation of the client. Naturally, the update can also +be carried out using the installation parameters. + +### Updating the Web Application + +The application server must firstly be updated. A new Web Application +([Installation Web Application](/docs/passwordsecure/9.3/installation/installationwebapplication/installation_web_application.md) +is then created according to the instructions for the web server being used. The document directory +on the web server should now be completely emptied. The Web Application is then unzipped and copied +to the document directory on the corresponding web server. + +**CAUTION:** If the Web Application is being operated on an IIS web server, a new config.bat is +generated for creating the new version. This must not be executed if the Web Application has already +been installed and it must be deleted without fail after a successful update. + +NOTE: If the Web Application is used, the module: `proxy_wstunnel` must be installed when using +Apache. With IIS the `WebSocket Protocol` becomes necessary. Further information can be found in the +chapter [Webserver](/docs/passwordsecure/9.3/installation/requirements/webserver/webserver.md). This applies to version 8.5.0.14896 +or newer. diff --git a/docs/passwordsecure/9.3/msp_system.md b/docs/passwordsecure/9.3/msp_system.md new file mode 100644 index 0000000000..43371e0260 --- /dev/null +++ b/docs/passwordsecure/9.3/msp_system.md @@ -0,0 +1,58 @@ +--- +title: "MSP System" +description: "MSP System" +sidebar_position: 30 +--- + +# MSP System + +To ensure optimal operation, we recommend that the following hardware resources are made available: + +## Microsoft SQL Server + +The following system requirements are the minimum system requirements and should manage around 10 +customers with less than 20 users each. + +- Windows Server 2016 (or newer) +- MSSQL Server 2014 (or newer) +- 4 CPU’s +- 16 GB RAM +- min. 100 GB HDD + +**CAUTION:** Please note, that using a SQL Server with Express edition is not recommended because of +diverse limitations there. + +If your customer's count is growing over time, you should add every 200 users a minimum of at least: + +- 2 CPU’s +- 8 GB RAM + +## Application Server + +The following system requirements are the minimum system requirements and should manage around 10 +customers with 20 users each. + +- Windows Server 2016 (or newer) +- 4 CPU’s +- 16 GB RAM +- min. 50 GB HDD +- .NET Framework 4.8 + +If your customer's count is growing over time, you should add every 200 users a minimum of at least: + +- 1 CPU +- 4 GB RAM + +RECOMMENDED: Currently, we suggest you use an application server to handle a max of about 100 +customers. So if you reach 100 customers, you should set up a second Application Server or use some +sort of load balancing between the application servers. + +**CAUTION:** Every additional 1000 users an additional Web-Endpoint - incl. loadbalancing - is +recommended + +**CAUTION:** Every additional 100 customers/1000 users an additional Application Server - incl. +loadbalancing - is recommended. + +NOTE: Please note that individual variables - like the number of passwords per user - will affect +performance. Especially for MSP-Systems it is required to monitor performance continuously, and add +additional resources on demand. diff --git a/docs/privilegesecure/4.1/install/components/components.md b/docs/privilegesecure/4.1/install/components/components.md index a14af35205..3756003829 100644 --- a/docs/privilegesecure/4.1/install/components/components.md +++ b/docs/privilegesecure/4.1/install/components/components.md @@ -59,7 +59,7 @@ The `NPS.zip` file that can be downloaded from the Netwrix Customer portal conta - NPS.HaMgr.exe – Installs the High Availability Management tool. If high availability setup is desired, please coordinate with [Netwrix Support](https://www.netwrix.com/support.html) and consult the - [How to Configure High Availability (HA) Using SbPAM.HaMgr.exe (now NPS.HaMgr.exe)](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HfOCAU.html) + [How to Configure High Availability (HA) Using SbPAM.HaMgr.exe (now NPS.HaMgr.exe)](/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations) knowledge base article. - NPS.ProxyService – Installs the NPS Proxy Service nodes. It is available as both an EXE and MSI format. By default, this service is installed on the application server. This executable diff --git a/docs/privilegesecure/4.1/install/servicesonadditionalservers/actionservice.md b/docs/privilegesecure/4.1/install/servicesonadditionalservers/actionservice.md index b3ae11b1ba..447db67fc9 100644 --- a/docs/privilegesecure/4.1/install/servicesonadditionalservers/actionservice.md +++ b/docs/privilegesecure/4.1/install/servicesonadditionalservers/actionservice.md @@ -28,14 +28,14 @@ Follow the steps to install the NPS Action Service on another server. :::tip Remember, You must configure the Antivirus exclusions according to the -[Exclusions for Antivirus (AV) & Endpoint Software](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000Hi8CAE.html) +[Exclusions for Antivirus (AV) & Endpoint Software](/docs/kb/privilegesecure/exclusions-for-antivirus-av-endpoint-software) knowledge base article. ::: **Step 1 –** Make sure that you have configured the Antivirus exclusions according to the following Netwrix knowledge base article: -[Exclusions for Antivirus (AV) & Endpoint Software](https://kb.netwrix.com/5938) +[Exclusions for Antivirus (AV) & Endpoint Software](/docs/kb/privilegesecure/exclusions-for-antivirus-av-endpoint-software) **Step 2 –** Move the NPS.ActionService.exe installation package to the desktop of the remote server. diff --git a/docs/privilegesecure/4.1/install/servicesonadditionalservers/proxyservice.md b/docs/privilegesecure/4.1/install/servicesonadditionalservers/proxyservice.md index bce6247a07..13da59a8cf 100644 --- a/docs/privilegesecure/4.1/install/servicesonadditionalservers/proxyservice.md +++ b/docs/privilegesecure/4.1/install/servicesonadditionalservers/proxyservice.md @@ -27,7 +27,7 @@ application. :::tip Remember, You must configure the Antivirus exclusions according to the -[Exclusions for Antivirus (AV) & Endpoint Software](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000Hi8CAE.html) +[Exclusions for Antivirus (AV) & Endpoint Software](/docs/kb/privilegesecure/exclusions-for-antivirus-av-endpoint-software) knowledge base article. ::: diff --git a/docs/privilegesecure/4.2/install/components/components.md b/docs/privilegesecure/4.2/install/components/components.md index 3508c5a6c2..3ccd162af7 100644 --- a/docs/privilegesecure/4.2/install/components/components.md +++ b/docs/privilegesecure/4.2/install/components/components.md @@ -56,9 +56,7 @@ The `NPS.zip` file that can be downloaded from the Netwrix Customer portal conta - NPS.HaMgr.exe – Installs the High Availability Management tool. If high availability setup is desired, please coordinate with [Netwrix Support](https://www.netwrix.com/support.html) and - consult the - [How to Configure High Availability (HA) Using SbPAM.HaMgr.exe (now NPS.HaMgr.exe)](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000HfOCAU.html) - knowledge base article. + consult the [How to Configure High Availability (HA) Using SbPAM.HaMgr.exe (now NPS.HaMgr.exe)](/docs/kb/privilegesecure/configuring-and-upgrading-in-high-availability-mode-and-using-remote-services-configurations) knowledge base article. - NPS.ProxyService – Installs the NPS Proxy Service nodes. It is available as both an EXE and MSI format. By default, this service is installed on the application server. This executable can be copied to other servers to install the service. The MSI can be used with a software @@ -85,7 +83,7 @@ The `NPS.zip` file that can be downloaded from the Netwrix Customer portal conta - sbpam-url.exe – Installs the sbpam-url URL handler. This will automatically launch SSH sessions from the browser in your preferred SSH client program. See the - [Invoking Desktop SSH Client Automatically](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000004n11CAA.html) + [Invoking Desktop SSH Client Automatically](/docs/kb/privilegesecure/invoking-desktop-ssh-client-automatically) Knowledge Base Article for additional information. - SbPostgreSQL16.exe – Installs the PostgreSQL v16 database. By default, this installer is run as part of the Netwrix Setup Launcher. It installs the following components: diff --git a/docs/privilegesecure/4.2/install/servicesonadditional/actionservice.md b/docs/privilegesecure/4.2/install/servicesonadditional/actionservice.md index b592cae6d9..85b6b59d18 100644 --- a/docs/privilegesecure/4.2/install/servicesonadditional/actionservice.md +++ b/docs/privilegesecure/4.2/install/servicesonadditional/actionservice.md @@ -25,15 +25,12 @@ The Proxy Service is installed as part of the Action Service installation packag Follow the steps to install the NPS Action Service on another server. :::tip -Remember, You must configure the Antivirus exclusions according to the -[Exclusions for Antivirus (AV) & Endpoint Software](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000Hi8CAE.html) +Remember, You must configure the Antivirus exclusions according to the [Exclusions for Antivirus (AV) & Endpoint Software](/docs/kb/privilegesecure/exclusions-for-antivirus-av-endpoint-software) knowledge base article. ::: - **Step 1 –** Make sure that you have configured the Antivirus exclusions according to the following -Netwrix knowledge base article: -[Exclusions for Antivirus (AV) & Endpoint Software](https://kb.netwrix.com/5938) +Netwrix knowledge base article: [Exclusions for Antivirus (AV) & Endpoint Software](/docs/kb/privilegesecure/exclusions-for-antivirus-av-endpoint-software) **Step 2 –** Move the NPS.ActionService.exe installation package to the desktop of the remote server. diff --git a/docs/privilegesecure/4.2/install/servicesonadditional/proxyservice.md b/docs/privilegesecure/4.2/install/servicesonadditional/proxyservice.md index 7550a76732..717281e2b3 100644 --- a/docs/privilegesecure/4.2/install/servicesonadditional/proxyservice.md +++ b/docs/privilegesecure/4.2/install/servicesonadditional/proxyservice.md @@ -25,12 +25,10 @@ Follow the steps to install the NPS Proxy Service on another server that will ru application. :::tip -Remember, You must configure the Antivirus exclusions according to the -[Exclusions for Antivirus (AV) & Endpoint Software](https://helpcenter.netwrix.com/bundle/z-kb-articles-salesforce/page/kA04u0000000Hi8CAE.html) +Remember, You must configure the Antivirus exclusions according to the [Exclusions for Antivirus (AV) & Endpoint Software](/docs/kb/privilegesecure/exclusions-for-antivirus-av-endpoint-software) knowledge base article. ::: - **Step 1 –** Copy the `NPS.ProxyService.exe` file to the desktop of the remote server. **Step 2 –** Right-click on the installer and select Run as administrator. The Netwrix Privilege diff --git a/docs/privilegesecurediscovery/installation/machineprovisionidrac.md b/docs/privilegesecurediscovery/installation/machineprovisionidrac.md index 0fd3768c6d..cf1573d501 100644 --- a/docs/privilegesecurediscovery/installation/machineprovisionidrac.md +++ b/docs/privilegesecurediscovery/installation/machineprovisionidrac.md @@ -1,5 +1,5 @@ --- -title: "Machine Provisioning - iDRAC" +title: "(RETIRED INFO) Machine Provisioning - iDRAC" description: "Machine Provisioning - iDRAC" sidebar_position: 20 --- diff --git a/sidebars/activitymonitor/9.0.js b/sidebars/activitymonitor/9.0.js new file mode 100644 index 0000000000..7b1f64de61 --- /dev/null +++ b/sidebars/activitymonitor/9.0.js @@ -0,0 +1,17 @@ +// DIAGNOSTIC TEST: const generateKBSidebar = require('../../src/utils/generateKBSidebar'); + +module.exports = { + sidebar: [ + { + type: 'autogenerated', + dirName: '.', + }, + // DIAGNOSTIC TEST: Comment out entire KB section + // { + // type: 'category', + // label: 'Knowledge Base', + // collapsed: true, + // items: generateKBSidebar('activitymonitor') + // }, + ], +}; diff --git a/sidebars/passwordsecure/9.3.js b/sidebars/passwordsecure/9.3.js new file mode 100644 index 0000000000..d0211a4048 --- /dev/null +++ b/sidebars/passwordsecure/9.3.js @@ -0,0 +1,8 @@ +module.exports = { + sidebar: [ + { + type: 'autogenerated', + dirName: '.', + } + ], +}; diff --git a/src/config/products.js b/src/config/products.js index ba9a1c4239..c70148cde1 100644 --- a/src/config/products.js +++ b/src/config/products.js @@ -106,10 +106,16 @@ export const PRODUCTS = [ categories: ['Other'], icon: '', versions: [ + { + version: '9.0', + label: '9.0', + isLatest: true, + sidebarFile: './sidebars/activitymonitor/9.0.js', + }, { version: '8.0', label: '8.0', - isLatest: true, + isLatest: false, sidebarFile: './sidebars/activitymonitor/8.0.js', }, { @@ -119,7 +125,7 @@ export const PRODUCTS = [ sidebarFile: './sidebars/activitymonitor/7.1.js', }, ], - defaultVersion: '8.0', + defaultVersion: '9.0', }, { id: 'auditor', @@ -373,10 +379,16 @@ export const PRODUCTS = [ categories: ['Privileged Access Management (PAM)'], icon: '', versions: [ + { + version: '9.3', + label: '9.3', + isLatest: true, + sidebarFile: './sidebars/passwordsecure/9.3.js', + }, { version: '9.2', label: '9.2', - isLatest: true, + isLatest: false, sidebarFile: './sidebars/passwordsecure/9.2.js', }, { @@ -386,7 +398,7 @@ export const PRODUCTS = [ sidebarFile: './sidebars/passwordsecure/9.1.js', }, ], - defaultVersion: '9.2', + defaultVersion: '9.3', }, { id: 'pingcastle', diff --git a/src/training/1secure/1600.md b/src/training/1secure/1600.md index b28140ea33..77e117c408 100644 --- a/src/training/1secure/1600.md +++ b/src/training/1secure/1600.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/1secure/3600-6.md b/src/training/1secure/3600-6.md new file mode 100644 index 0000000000..d60950ad1d --- /dev/null +++ b/src/training/1secure/3600-6.md @@ -0,0 +1,9 @@ +import { N1S } from '@site/src/training/products'; + +## 3600.6 Introduction to – Alerts & Risk Assessment + +Recommended prerequisite: 3600.5 Introduction to – Reports + +The Alerts & Risk Assessment module provides an understanding of the Alerts Timeline dashboard, the Risk Assessment dashboard, associated reports and exports, and the Netwrix AI risk remediation feature. + +Estimated length: 25 minutes diff --git a/src/training/1secure/5600-1.md b/src/training/1secure/5600-1.md new file mode 100644 index 0000000000..c614bc790d --- /dev/null +++ b/src/training/1secure/5600-1.md @@ -0,0 +1,15 @@ +import { N1S } from '@site/src/training/products'; + +## 5600.1 – Demo the Basic Use Cases + +Recommended prerequisite: 3600.6 Introduction to – Alerts & Risk Assessment + +The Netwrix 1Secure – Demo the Basic Use Cases course provides you with the ability to demonstrate the three basic use cases for this application: + +* Risk Assessment +* Reporting +* Alerts + +When you complete this course, you will understand the scenario and demonstration talking points for each use case. + +Estimated length: 30 minutes diff --git a/src/training/1secure/additional.md b/src/training/1secure/additional.md index 702f7d8c20..f28921cf8d 100644 --- a/src/training/1secure/additional.md +++ b/src/training/1secure/additional.md @@ -4,6 +4,7 @@ import { N1S } from '@site/src/training/products'; The following courses are available for self-enrollment through the Learning Library: +* What's New in Netwrix 1Secure ITDR - Netwrix Identity Recovery (Recovery for AD Features) * What's New in – August 2025 (DSPM) * What's New in – August 2025 (ITDR) * NEW File Integrity & Configuration Monitor (Change Tracker Features) diff --git a/src/training/1secure/index.js b/src/training/1secure/index.js index da8f71b226..1bde7aa28f 100644 --- a/src/training/1secure/index.js +++ b/src/training/1secure/index.js @@ -5,4 +5,6 @@ export { default as N1SIntroMO } from './3600-2.md'; export { default as N1SIntroConf } from './3600-3.md'; export { default as N1SIntroData } from './3600-4.md'; export { default as N1SIntroReport } from './3600-5.md'; +export { default as N1SIntroAlertRisk } from './3600-6.md'; +export { default as N1SDemoCore } from './5600-1.md'; export { default as N1SAdditional } from './additional.md'; diff --git a/src/training/access-analyzer/1000.md b/src/training/access-analyzer/1000.md index 104fe6e0c7..1202685030 100644 --- a/src/training/access-analyzer/1000.md +++ b/src/training/access-analyzer/1000.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application, formerly Netwrix Enterprise Auditor. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/change-tracker/1900.md b/src/training/change-tracker/1900.md index b72075dc6a..dcb8342826 100644 --- a/src/training/change-tracker/1900.md +++ b/src/training/change-tracker/1900.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 10 minutes +Estimated length: 2 minutes diff --git a/src/training/data-classification/1120.md b/src/training/data-classification/1120.md index d89255b378..095daa07ee 100644 --- a/src/training/data-classification/1120.md +++ b/src/training/data-classification/1120.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/data-classification/additional.md b/src/training/data-classification/additional.md index 8da858f958..798faea973 100644 --- a/src/training/data-classification/additional.md +++ b/src/training/data-classification/additional.md @@ -4,6 +4,7 @@ import { NDC } from '@site/src/training/products'; The following courses are available for self-enrollment through the Learning Library: +* What's New in v5.7.10 * Dropbox Solution * Box Solution * What's New in v5.7 diff --git a/src/training/data-security-posture-management/1980.md b/src/training/data-security-posture-management/1980.md new file mode 100644 index 0000000000..d0b36f5c65 --- /dev/null +++ b/src/training/data-security-posture-management/1980.md @@ -0,0 +1,9 @@ +import { Company } from '@site/src/training/products'; + +## 1980 Introduction to Data Security Posture Management Solution + +Recommended prerequisite: None + +The Introduction to Data Security Posture Management Solution course presents the value of a DSPM solution. + +Estimated length: 1 minute diff --git a/src/training/data-security-posture-management/index.js b/src/training/data-security-posture-management/index.js new file mode 100644 index 0000000000..084655b001 --- /dev/null +++ b/src/training/data-security-posture-management/index.js @@ -0,0 +1 @@ +export { default as DSPMIntro } from './1980.md'; diff --git a/src/training/directory-management/1981.md b/src/training/directory-management/1981.md new file mode 100644 index 0000000000..df4d6f6fcf --- /dev/null +++ b/src/training/directory-management/1981.md @@ -0,0 +1,9 @@ +import { Company } from '@site/src/training/products'; + +## 1981 Introduction to Directory Management Solution + +Recommended prerequisite: None + +The Introduction to Directory Management Solution course presents the value of this solution. + +Estimated length: 1 minute diff --git a/src/training/directory-management/index.js b/src/training/directory-management/index.js new file mode 100644 index 0000000000..6c10653b26 --- /dev/null +++ b/src/training/directory-management/index.js @@ -0,0 +1 @@ +export { default as DMIntro } from './1981.md'; diff --git a/src/training/directory-manager/1940.md b/src/training/directory-manager/1940.md index 511c96fb92..67d6552fa7 100644 --- a/src/training/directory-manager/1940.md +++ b/src/training/directory-manager/1940.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application, formerly Netwrix GroupID. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/endpoint-management/1982.md b/src/training/endpoint-management/1982.md new file mode 100644 index 0000000000..5e009f19bc --- /dev/null +++ b/src/training/endpoint-management/1982.md @@ -0,0 +1,9 @@ +import { Company } from '@site/src/training/products'; + +## 1982 Introduction to Endpoint Management Solution + +Recommended prerequisite: None + +The Introduction to Endpoint Management Solution course presents the value of this solution. + +Estimated length: 1 minute diff --git a/src/training/endpoint-management/index.js b/src/training/endpoint-management/index.js new file mode 100644 index 0000000000..1865e8718f --- /dev/null +++ b/src/training/endpoint-management/index.js @@ -0,0 +1 @@ +export { default as EMIntro } from './1982.md'; diff --git a/src/training/identity-management/1983.md b/src/training/identity-management/1983.md new file mode 100644 index 0000000000..9198c6dafb --- /dev/null +++ b/src/training/identity-management/1983.md @@ -0,0 +1,9 @@ +import { Company } from '@site/src/training/products'; + +## 1983 Introduction to Identity Management Solution + +Recommended prerequisite: None + +The Introduction to Identity Management Solution course presents the value of this solution. + +Estimated length: 1 minute diff --git a/src/training/identity-management/index.js b/src/training/identity-management/index.js new file mode 100644 index 0000000000..ccffafe2e4 --- /dev/null +++ b/src/training/identity-management/index.js @@ -0,0 +1 @@ +export { default as IMIntro } from './1983.md'; diff --git a/src/training/identity-threat-detection-response/1984.md b/src/training/identity-threat-detection-response/1984.md new file mode 100644 index 0000000000..abc56f5dc7 --- /dev/null +++ b/src/training/identity-threat-detection-response/1984.md @@ -0,0 +1,9 @@ +import { Company } from '@site/src/training/products'; + +## 1984 Introduction to Identity Threat Detection & Response Solution + +Recommended prerequisite: None + +The Introduction to Identity Threat Detection & Response Solution course presents the value of an ITDR solution. + +Estimated length: 1 minute diff --git a/src/training/identity-threat-detection-response/index.js b/src/training/identity-threat-detection-response/index.js new file mode 100644 index 0000000000..03aac8b7ef --- /dev/null +++ b/src/training/identity-threat-detection-response/index.js @@ -0,0 +1 @@ +export { default as ITDRIntro } from './1984.md'; diff --git a/src/training/password-policy-enforcer/1240.md b/src/training/password-policy-enforcer/1240.md index 819c75704b..bfefa16f49 100644 --- a/src/training/password-policy-enforcer/1240.md +++ b/src/training/password-policy-enforcer/1240.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/password-reset/1360.md b/src/training/password-reset/1360.md index 343e74d4f2..0b9df95322 100644 --- a/src/training/password-reset/1360.md +++ b/src/training/password-reset/1360.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/password-secure/1760.md b/src/training/password-secure/1760.md index 3e32afc6f1..81dcd8a007 100644 --- a/src/training/password-secure/1760.md +++ b/src/training/password-secure/1760.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/platform-governance-for-netsuite/1440.md b/src/training/platform-governance-for-netsuite/1440.md index 6e5b9044eb..7094d4623c 100644 --- a/src/training/platform-governance-for-netsuite/1440.md +++ b/src/training/platform-governance-for-netsuite/1440.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/platform-governance-for-salesforce/1460.md b/src/training/platform-governance-for-salesforce/1460.md index dce9a161be..2b07c68554 100644 --- a/src/training/platform-governance-for-salesforce/1460.md +++ b/src/training/platform-governance-for-salesforce/1460.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/privileged-access-management/1985.md b/src/training/privileged-access-management/1985.md new file mode 100644 index 0000000000..6ba45d5eaa --- /dev/null +++ b/src/training/privileged-access-management/1985.md @@ -0,0 +1,9 @@ +import { Company } from '@site/src/training/products'; + +## 1985 Introduction to Privileged Access Management Solution + +Recommended prerequisite: None + +The Introduction to Privileged Access Management Solution course presents the value of this solution. + +Estimated length: 1 minute diff --git a/src/training/privileged-access-management/index.js b/src/training/privileged-access-management/index.js new file mode 100644 index 0000000000..50e1655ba7 --- /dev/null +++ b/src/training/privileged-access-management/index.js @@ -0,0 +1 @@ +export { default as PAMIntro } from './1985.md'; diff --git a/src/training/recovery-for-ad/1400.md b/src/training/recovery-for-ad/1400.md index 66e1a7b37f..1ab286c59f 100644 --- a/src/training/recovery-for-ad/1400.md +++ b/src/training/recovery-for-ad/1400.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/threat-manager/1560.md b/src/training/threat-manager/1560.md index a0c7496e06..451da83423 100644 --- a/src/training/threat-manager/1560.md +++ b/src/training/threat-manager/1560.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/src/training/threat-manager/additional.md b/src/training/threat-manager/additional.md index 9885ef8a6f..150b2e2a94 100644 --- a/src/training/threat-manager/additional.md +++ b/src/training/threat-manager/additional.md @@ -10,6 +10,7 @@ This product was formerly named Netwrix StealthDEFEND. ::: +* New MCP Server for * What's New in v3.0 * Protect your Active Directory Against Common Cyber Threats * Top 5 Issues in diff --git a/src/training/threat-prevention/1500.md b/src/training/threat-prevention/1500.md index a8ec35ca6a..b9000153e4 100644 --- a/src/training/threat-prevention/1500.md +++ b/src/training/threat-prevention/1500.md @@ -6,4 +6,4 @@ Recommended prerequisite: None The – Valuable Features course provides an understanding of the key aspects of the application. -Estimated length: 5 minutes +Estimated length: 2 minutes diff --git a/static/images/activitymonitor/9.0/admin/activitymonitormain.webp b/static/images/activitymonitor/9.0/admin/activitymonitormain.webp new file mode 100644 index 0000000000..cd75b3dc6c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/activitymonitormain.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/activitymonitorwithlinuxagentinstalled.webp b/static/images/activitymonitor/9.0/admin/agents/add/activitymonitorwithlinuxagentinstalled.webp new file mode 100644 index 0000000000..a5bb08872f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/activitymonitorwithlinuxagentinstalled.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/adagentinstalled.webp b/static/images/activitymonitor/9.0/admin/agents/add/adagentinstalled.webp new file mode 100644 index 0000000000..c778f290b7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/adagentinstalled.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/adconnectionblank.webp b/static/images/activitymonitor/9.0/admin/agents/add/adconnectionblank.webp new file mode 100644 index 0000000000..e6d5230a5b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/adconnectionblank.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/adconnectionsuccessful.webp b/static/images/activitymonitor/9.0/admin/agents/add/adconnectionsuccessful.webp new file mode 100644 index 0000000000..ffb88ef50b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/adconnectionsuccessful.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/agentinstalllocation.webp b/static/images/activitymonitor/9.0/admin/agents/add/agentinstalllocation.webp new file mode 100644 index 0000000000..12c926083b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/agentinstalllocation.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/clientcertificate.webp b/static/images/activitymonitor/9.0/admin/agents/add/clientcertificate.webp new file mode 100644 index 0000000000..34defaf513 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/clientcertificate.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/credentialsservers.webp b/static/images/activitymonitor/9.0/admin/agents/add/credentialsservers.webp new file mode 100644 index 0000000000..904d4973d4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/credentialsservers.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/dcsdeployagentconnection.webp b/static/images/activitymonitor/9.0/admin/agents/add/dcsdeployagentconnection.webp new file mode 100644 index 0000000000..71c29f578e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/dcsdeployagentconnection.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/dcstodeploytheagenttopage.webp b/static/images/activitymonitor/9.0/admin/agents/add/dcstodeploytheagenttopage.webp new file mode 100644 index 0000000000..5aab11e463 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/dcstodeploytheagenttopage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/domainstomonitorpage.webp b/static/images/activitymonitor/9.0/admin/agents/add/domainstomonitorpage.webp new file mode 100644 index 0000000000..a25191ca85 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/domainstomonitorpage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/enablewindowsfileactivitymonitoring.webp b/static/images/activitymonitor/9.0/admin/agents/add/enablewindowsfileactivitymonitoring.webp new file mode 100644 index 0000000000..feaecb6e30 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/enablewindowsfileactivitymonitoring.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/hostnameoripaddresswindow.webp b/static/images/activitymonitor/9.0/admin/agents/add/hostnameoripaddresswindow.webp new file mode 100644 index 0000000000..12e90ab3a7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/hostnameoripaddresswindow.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/importhostsfromacsvfilewindow.webp b/static/images/activitymonitor/9.0/admin/agents/add/importhostsfromacsvfilewindow.webp new file mode 100644 index 0000000000..b03119035e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/importhostsfromacsvfilewindow.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/installagentsonmultiplehosts.webp b/static/images/activitymonitor/9.0/admin/agents/add/installagentsonmultiplehosts.webp new file mode 100644 index 0000000000..455b2fd398 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/installagentsonmultiplehosts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/linuxagentoptions.webp b/static/images/activitymonitor/9.0/admin/agents/add/linuxagentoptions.webp new file mode 100644 index 0000000000..9e5a74a506 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/linuxagentoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/locationdefault.webp b/static/images/activitymonitor/9.0/admin/agents/add/locationdefault.webp new file mode 100644 index 0000000000..8011d2b1b6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/locationdefault.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/publickey.webp b/static/images/activitymonitor/9.0/admin/agents/add/publickey.webp new file mode 100644 index 0000000000..802e3e9812 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/publickey.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/testaccountconnection.webp b/static/images/activitymonitor/9.0/admin/agents/add/testaccountconnection.webp new file mode 100644 index 0000000000..8a7da5c036 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/testaccountconnection.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/add/windowsagentsettingspage.webp b/static/images/activitymonitor/9.0/admin/agents/add/windowsagentsettingspage.webp new file mode 100644 index 0000000000..1640d88a4c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/add/windowsagentsettingspage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/agentaddedfinalimage.webp b/static/images/activitymonitor/9.0/admin/agents/agentaddedfinalimage.webp new file mode 100644 index 0000000000..19ed011ed3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/agentaddedfinalimage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/agentmessages.webp b/static/images/activitymonitor/9.0/admin/agents/agentmessages.webp new file mode 100644 index 0000000000..5e041f29b6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/agentmessages.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/additionalpropertiestab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/additionalpropertiestab.webp new file mode 100644 index 0000000000..3141a3eda1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/additionalpropertiestab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/addoreditapiclient.webp b/static/images/activitymonitor/9.0/admin/agents/properties/addoreditapiclient.webp new file mode 100644 index 0000000000..3bb5239020 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/addoreditapiclient.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/aduserstab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/aduserstab.webp new file mode 100644 index 0000000000..2061bab96d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/aduserstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/apiservertab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/apiservertab.webp new file mode 100644 index 0000000000..a6ed37834d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/apiservertab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/archiving_tab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/archiving_tab.webp new file mode 100644 index 0000000000..1173f63a47 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/archiving_tab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/archivingtabconfigure.webp b/static/images/activitymonitor/9.0/admin/agents/properties/archivingtabconfigure.webp new file mode 100644 index 0000000000..2de001bcf7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/archivingtabconfigure.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/connectiontab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/connectiontab.webp new file mode 100644 index 0000000000..df7e87ddb8 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/connectiontab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/diskquotatab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/diskquotatab.webp new file mode 100644 index 0000000000..f3145cd306 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/diskquotatab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/dnstab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/dnstab.webp new file mode 100644 index 0000000000..5d8be1e050 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/dnstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/emcceeoptionstab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/emcceeoptionstab.webp new file mode 100644 index 0000000000..2629e0dd5e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/emcceeoptionstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalerts.webp b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalerts.webp new file mode 100644 index 0000000000..653d7a82df Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalerts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalerts.webp b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalerts.webp new file mode 100644 index 0000000000..0e9cbe8b57 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalerts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagebody.webp b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagebody.webp new file mode 100644 index 0000000000..8641bbe90b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagebody.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagesubject.webp b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagesubject.webp new file mode 100644 index 0000000000..b969597b8d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertsemailalertsmessagesubject.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalerts.webp b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalerts.webp new file mode 100644 index 0000000000..021b6620a8 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalerts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalertsmessagetemplate.webp b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalertsmessagetemplate.webp new file mode 100644 index 0000000000..fb6d453af8 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/inactivityalertssyslogalertsmessagetemplate.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/linuxagentadditionalpropertiestab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/linuxagentadditionalpropertiestab.webp new file mode 100644 index 0000000000..62b65c4d0d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/linuxagentadditionalpropertiestab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/linuxconnectiontab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/linuxconnectiontab.webp new file mode 100644 index 0000000000..d3fb749194 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/linuxconnectiontab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/linuxtab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/linuxtab.webp new file mode 100644 index 0000000000..6218741328 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/linuxtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/mainimage.webp b/static/images/activitymonitor/9.0/admin/agents/properties/mainimage.webp new file mode 100644 index 0000000000..5b1e6b8fb9 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/mainimage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.webp b/static/images/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.webp new file mode 100644 index 0000000000..988a0063c6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/netappfpolicyoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/networkproxytab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/networkproxytab.webp new file mode 100644 index 0000000000..f8db8b53a1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/networkproxytab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/networktab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/networktab.webp new file mode 100644 index 0000000000..7233e97f3c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/networktab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/nutanix.webp b/static/images/activitymonitor/9.0/admin/agents/properties/nutanix.webp new file mode 100644 index 0000000000..e6f78dbc3e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/nutanix.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/panzuratab.webp b/static/images/activitymonitor/9.0/admin/agents/properties/panzuratab.webp new file mode 100644 index 0000000000..6cd261018e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/panzuratab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/qumulo.webp b/static/images/activitymonitor/9.0/admin/agents/properties/qumulo.webp new file mode 100644 index 0000000000..04a3a1b902 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/qumulo.webp differ diff --git a/static/images/activitymonitor/9.0/admin/agents/properties/windowsspecifyaccountorgroup.webp b/static/images/activitymonitor/9.0/admin/agents/properties/windowsspecifyaccountorgroup.webp new file mode 100644 index 0000000000..026d9d4e03 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/agents/properties/windowsspecifyaccountorgroup.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainoutputsadded.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainoutputsadded.webp new file mode 100644 index 0000000000..945522ee3d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainoutputsadded.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainsdonly.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainsdonly.webp new file mode 100644 index 0000000000..581a23e5e5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/actiivtymonitordomainsdonly.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/activtymonitorblank.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/activtymonitorblank.webp new file mode 100644 index 0000000000..82dd108aa4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/activtymonitorblank.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/attributestab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/attributestab.webp new file mode 100644 index 0000000000..8c22095a18 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/attributestab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/classestab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/classestab.webp new file mode 100644 index 0000000000..e5f1033646 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/classestab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/contexttab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/contexttab.webp new file mode 100644 index 0000000000..e5e66b413d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/contexttab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeauthenticationselectedaccounts.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeauthenticationselectedaccounts.webp new file mode 100644 index 0000000000..3dcfcc5f92 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeauthenticationselectedaccounts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeloginsmachineaccounts.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeloginsmachineaccounts.webp new file mode 100644 index 0000000000..aa790dd5bc Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/editaccountsexcludeloginsmachineaccounts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/edithostsexcludeselectedhosts.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/edithostsexcludeselectedhosts.webp new file mode 100644 index 0000000000..0839ae95d4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/edithostsexcludeselectedhosts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/forgedpac.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/forgedpac.webp new file mode 100644 index 0000000000..5a02ee9f93 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/forgedpac.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilterstab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilterstab.webp new file mode 100644 index 0000000000..6392048bcb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/globalfilterstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp new file mode 100644 index 0000000000..58838a3ad1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostfrom.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostto.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostto.webp new file mode 100644 index 0000000000..ad0d05d872 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/hostto.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesfrom.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesfrom.webp new file mode 100644 index 0000000000..c2d7f897fe Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesfrom.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesto.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesto.webp new file mode 100644 index 0000000000..0fc8052214 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ipaddressesto.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldap.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldap.webp new file mode 100644 index 0000000000..6e8876151c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/ldap.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/objectstab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/objectstab.webp new file mode 100644 index 0000000000..23fb8dad72 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/objectstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp new file mode 100644 index 0000000000..9e85d978d6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operations.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationstab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationstab.webp new file mode 100644 index 0000000000..49b24cdf70 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationtab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationtab.webp new file mode 100644 index 0000000000..dcba3037f0 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/operationtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/processes.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/processes.webp new file mode 100644 index 0000000000..fe4fca8189 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/processes.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/servers.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/servers.webp new file mode 100644 index 0000000000..7b22df0ab4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/servers.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp new file mode 100644 index 0000000000..588b852681 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/serverstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/users.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/users.webp new file mode 100644 index 0000000000..a9ea6c6883 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/users.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp new file mode 100644 index 0000000000..d4e1c5bc90 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/admonitoringconfiguration/userstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/errorpropagation.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/errorpropagation.webp new file mode 100644 index 0000000000..56e22c0823 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/errorpropagation.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/logfiles.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/logfiles.webp new file mode 100644 index 0000000000..5643daf724 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/logfiles.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/sdldapmonitoring.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/sdldapmonitoring.webp new file mode 100644 index 0000000000..f7a26f5d01 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/sdldapmonitoring.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/stealthdefendproperties.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/stealthdefendproperties.webp new file mode 100644 index 0000000000..7fd24e90f2 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/stealthdefendproperties.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoreddomains/syslogudp.webp b/static/images/activitymonitor/9.0/admin/monitoreddomains/syslogudp.webp new file mode 100644 index 0000000000..93e5c65df3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoreddomains/syslogudp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcisilon.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcisilon.webp new file mode 100644 index 0000000000..5cc8820b2d Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcisilon.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcunity.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcunity.webp new file mode 100644 index 0000000000..3e5d96446b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcunity.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcvnxcelerra.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcvnxcelerra.webp new file mode 100644 index 0000000000..7dc5935dda Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitoremcvnxcelerra.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorhitachi.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorhitachi.webp new file mode 100644 index 0000000000..7e265a108f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorhitachi.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornasuni.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornasuni.webp new file mode 100644 index 0000000000..466f5bcf16 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornasuni.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornetapp.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornetapp.webp new file mode 100644 index 0000000000..4e8150da32 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitornetapp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorpanzura.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorpanzura.webp new file mode 100644 index 0000000000..98dfe08bed Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorpanzura.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsharepoint.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsharepoint.webp new file mode 100644 index 0000000000..7d0286df86 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsharepoint.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsqlserverhost.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsqlserverhost.webp new file mode 100644 index 0000000000..9f5fc33ac8 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorsqlserverhost.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorwindows.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorwindows.webp new file mode 100644 index 0000000000..d09c4fe527 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/activitymonitorwindows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addagent01.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addagent01.webp new file mode 100644 index 0000000000..7574facf30 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addagent01.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addexchangeonline.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addexchangeonline.webp new file mode 100644 index 0000000000..9d264e8f5c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addexchangeonline.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost.webp new file mode 100644 index 0000000000..8fb1682267 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost02.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost02.webp new file mode 100644 index 0000000000..30289306cf Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhost02.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcisilon.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcisilon.webp new file mode 100644 index 0000000000..4766291764 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcisilon.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcvnxcelerra.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcvnxcelerra.webp new file mode 100644 index 0000000000..545dbe2559 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostemcvnxcelerra.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostentraid.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostentraid.webp new file mode 100644 index 0000000000..928573f552 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostentraid.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhosthitachi.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhosthitachi.webp new file mode 100644 index 0000000000..e08c4bf8b7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhosthitachi.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnasuni.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnasuni.webp new file mode 100644 index 0000000000..71522af27b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnasuni.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnetapp.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnetapp.webp new file mode 100644 index 0000000000..a9caf8b9f5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostnetapp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostpanzura.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostpanzura.webp new file mode 100644 index 0000000000..cc23713840 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostpanzura.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo01.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo01.webp new file mode 100644 index 0000000000..68e188951f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo01.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo02.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo02.webp new file mode 100644 index 0000000000..7ba3539041 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo02.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo04.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo04.webp new file mode 100644 index 0000000000..87c378ca44 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo04.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo06.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo06.webp new file mode 100644 index 0000000000..032be4f65a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostqumulo06.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostsharepoint.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostsharepoint.webp new file mode 100644 index 0000000000..90768f32cc Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostsharepoint.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostwindows.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostwindows.webp new file mode 100644 index 0000000000..a018c3df07 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addhostwindows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhost.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhost.webp new file mode 100644 index 0000000000..be26533e56 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhost.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhostemcunity.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhostemcunity.webp new file mode 100644 index 0000000000..17c32250f4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/addnewhostemcunity.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/azureadconnection.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/azureadconnection.webp new file mode 100644 index 0000000000..2dd8b5eaca Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/azureadconnection.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp new file mode 100644 index 0000000000..43efe3f7ef Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/chooseagent.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp new file mode 100644 index 0000000000..415c8e3b45 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionshitachi.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionshitachi.webp new file mode 100644 index 0000000000..b3f66cf1d6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionshitachi.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnasuni.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnasuni.webp new file mode 100644 index 0000000000..7b10976f52 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnasuni.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnetapp.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnetapp.webp new file mode 100644 index 0000000000..01d597486c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionsnetapp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionspanzura.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionspanzura.webp new file mode 100644 index 0000000000..790478d4d6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionspanzura.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionswindows.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionswindows.webp new file mode 100644 index 0000000000..cb5742e96f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configurebasicoptionswindows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperations.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperations.webp new file mode 100644 index 0000000000..384f2a8330 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperations.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsforemcisilon.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsforemcisilon.webp new file mode 100644 index 0000000000..e3898d62b9 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsforemcisilon.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationshitachi.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationshitachi.webp new file mode 100644 index 0000000000..c2d2eb222c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationshitachi.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsnetapp.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsnetapp.webp new file mode 100644 index 0000000000..f2d1c9ab77 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationsnetapp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationssharepoint.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationssharepoint.webp new file mode 100644 index 0000000000..c0595d3194 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationssharepoint.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationswindows.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationswindows.webp new file mode 100644 index 0000000000..7404d6508f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/configureoperationswindows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/connection.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/connection.webp new file mode 100644 index 0000000000..2ce25f402c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/connection.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidadded.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidadded.webp new file mode 100644 index 0000000000..17aee937c5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidadded.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidconnection.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidconnection.webp new file mode 100644 index 0000000000..4835631582 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidconnection.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidoperations.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidoperations.webp new file mode 100644 index 0000000000..6ab7b44d29 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/entraidoperations.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.webp new file mode 100644 index 0000000000..0bce101ee2 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/exchangeonline.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileandpagetab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileandpagetab.webp new file mode 100644 index 0000000000..0c64173207 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileandpagetab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileouputpage.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileouputpage.webp new file mode 100644 index 0000000000..08bd872e42 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileouputpage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp new file mode 100644 index 0000000000..feba302cc0 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutput.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp new file mode 100644 index 0000000000..31eb11c6e5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/fileoutputpage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/hitachinasoptions.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/hitachinasoptions.webp new file mode 100644 index 0000000000..484547cf26 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/hitachinasoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonoptions.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonoptions.webp new file mode 100644 index 0000000000..0237f3a17c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonprotocols.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonprotocols.webp new file mode 100644 index 0000000000..5d07cff198 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/isilonprotocols.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/mailboxesexclude.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/mailboxesexclude.webp new file mode 100644 index 0000000000..8226653900 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/mailboxesexclude.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/mssqlserveroptionspage.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/mssqlserveroptionspage.webp new file mode 100644 index 0000000000..a282e935cf Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/mssqlserveroptionspage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nasunioptions.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nasunioptions.webp new file mode 100644 index 0000000000..8d3df8900f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nasunioptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappconnection.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappconnection.webp new file mode 100644 index 0000000000..a641f932b0 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappconnection.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyconfiguration.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyconfiguration.webp new file mode 100644 index 0000000000..304d8b0570 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyconfiguration.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyenableconnect.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyenableconnect.webp new file mode 100644 index 0000000000..4e766ce196 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicyenableconnect.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicytab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicytab.webp new file mode 100644 index 0000000000..7e9dfc1d8c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/netappfpolicytab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixnetworkadapter.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixnetworkadapter.webp new file mode 100644 index 0000000000..a8f1e1e6ac Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixnetworkadapter.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_04.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_04.webp new file mode 100644 index 0000000000..a932bbad53 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_04.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_05.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_05.webp new file mode 100644 index 0000000000..bdc2d9b13b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_05.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_06.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_06.webp new file mode 100644 index 0000000000..7b41de1c6e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_06.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_07.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_07.webp new file mode 100644 index 0000000000..4f68e9f806 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_07.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_08.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_08.webp new file mode 100644 index 0000000000..0fa9437ed9 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_08.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_09.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_09.webp new file mode 100644 index 0000000000..50279c225f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_09.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_10.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_10.webp new file mode 100644 index 0000000000..423dd23cba Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/nutanixoptions_10.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/operations.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/operations.webp new file mode 100644 index 0000000000..c30a2ce830 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/operations.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraconfigureoperations.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraconfigureoperations.webp new file mode 100644 index 0000000000..c827dae628 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraconfigureoperations.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraoptions.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraoptions.webp new file mode 100644 index 0000000000..9ae0bc86a7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/panzuraoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost01.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost01.webp new file mode 100644 index 0000000000..4add53ea9c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost01.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost02.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost02.webp new file mode 100644 index 0000000000..ba3e7356ac Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost02.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost03.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost03.webp new file mode 100644 index 0000000000..d4288f0607 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost03.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost04.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost04.webp new file mode 100644 index 0000000000..65ed62a1f7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost04.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost05.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost05.webp new file mode 100644 index 0000000000..0116afa8fc Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost05.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost06.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost06.webp new file mode 100644 index 0000000000..83d9fdb851 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost06.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost07.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost07.webp new file mode 100644 index 0000000000..cd6bbd7c6b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost07.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost08.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost08.webp new file mode 100644 index 0000000000..52fa704ddd Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/powerstoreaddhost08.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/protocolspage.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/protocolspage.webp new file mode 100644 index 0000000000..42dec449af Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/protocolspage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.webp new file mode 100644 index 0000000000..32a71499ca Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointonline.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointoptions.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointoptions.webp new file mode 100644 index 0000000000..1fc24b5315 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sharepointoptions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggerpage.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggerpage.webp new file mode 100644 index 0000000000..9bea300d3a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggerpage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggersuccess.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggersuccess.webp new file mode 100644 index 0000000000..0082c7dfeb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverlogontriggersuccess.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverobjects.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverobjects.webp new file mode 100644 index 0000000000..2fb11ea5c2 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/sqlserverobjects.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp new file mode 100644 index 0000000000..803418c1cf Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutput.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp new file mode 100644 index 0000000000..36659deeed Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/syslogoutputpage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp new file mode 100644 index 0000000000..d101f3a008 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/trustedservercertificate.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/usersexclude.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/usersexclude.webp new file mode 100644 index 0000000000..bbbf88e4fc Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/usersexclude.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologactivity.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologactivity.webp new file mode 100644 index 0000000000..da56c6dddf Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologactivity.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp new file mode 100644 index 0000000000..4f68ed13ec Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologgeneric.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologtheactivity.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologtheactivity.webp new file mode 100644 index 0000000000..0760433e51 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/add/wheretologtheactivity.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputfile.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputfile.webp new file mode 100644 index 0000000000..f6c3651b48 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputfile.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputsyslog.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputsyslog.webp new file mode 100644 index 0000000000..5aee504d5e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/addnewoutputsyslog.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/errorpropogationpopulated.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/errorpropogationpopulated.webp new file mode 100644 index 0000000000..0390edaa2a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/errorpropogationpopulated.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/monitoredhoststab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/monitoredhoststab.webp new file mode 100644 index 0000000000..6085b860fa Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/monitoredhoststab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/outputpropertiesoverview.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/outputpropertiesoverview.webp new file mode 100644 index 0000000000..2b040140c4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/outputpropertiesoverview.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/auditingtab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/auditingtab.webp new file mode 100644 index 0000000000..a22353f719 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/auditingtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/azure.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/azure.webp new file mode 100644 index 0000000000..82819c4b8f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/azure.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/emailalertstab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/emailalertstab.webp new file mode 100644 index 0000000000..10de921948 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/emailalertstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/emctabemcvnxcelerra.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/emctabemcvnxcelerra.webp new file mode 100644 index 0000000000..1eb45e7abb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/emctabemcvnxcelerra.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettings.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettings.webp new file mode 100644 index 0000000000..cba95baf96 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettings.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsaddoreditclusternode.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsaddoreditclusternode.webp new file mode 100644 index 0000000000..6eabff07ba Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsaddoreditclusternode.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsconnecttocluster.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsconnecttocluster.webp new file mode 100644 index 0000000000..0bf135b2b1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/enableorconnectsettingsconnecttocluster.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicytab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicytab.webp new file mode 100644 index 0000000000..94ce8e79b3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/fpolicytab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/hitachihostproperties.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/hitachihostproperties.webp new file mode 100644 index 0000000000..052a065e54 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/hitachihostproperties.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/hostpropertiesoverview.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/hostpropertiesoverview.webp new file mode 100644 index 0000000000..bffb54d8c1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/hostpropertiesoverview.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalertstab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalertstab.webp new file mode 100644 index 0000000000..eadf4ec9c3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/inactivityalertstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/logontriggertab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/logontriggertab.webp new file mode 100644 index 0000000000..4e5a224477 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/logontriggertab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlservertab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlservertab.webp new file mode 100644 index 0000000000..da7597a6e5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/mssqlservertab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/nasunitab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/nasunitab.webp new file mode 100644 index 0000000000..5452bb8fb6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/nasunitab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/netapptab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/netapptab.webp new file mode 100644 index 0000000000..0afac5802f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/netapptab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/nutanixhostprop01.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/nutanixhostprop01.webp new file mode 100644 index 0000000000..c197c361cb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/nutanixhostprop01.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/panzuratab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/panzuratab.webp new file mode 100644 index 0000000000..d535c6b8a0 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/panzuratab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/privilegedaccess.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/privilegedaccess.webp new file mode 100644 index 0000000000..75e2949e6c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/privilegedaccess.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/qumulohostproperties.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/qumulohostproperties.webp new file mode 100644 index 0000000000..91890d4de5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/qumulohostproperties.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/sharepointtab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/sharepointtab.webp new file mode 100644 index 0000000000..900d77a8a6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/sharepointtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/syslogalertstab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/syslogalertstab.webp new file mode 100644 index 0000000000..f2272055e4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/syslogalertstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptionstab.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptionstab.webp new file mode 100644 index 0000000000..3a6996e28f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/tweakoptionstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/unixid.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/unixid.webp new file mode 100644 index 0000000000..db73c69980 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/unixid.webp differ diff --git a/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/windows.webp b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/windows.webp new file mode 100644 index 0000000000..140e2b116b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/monitoredhosts/properties/windows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/accountexclusions_exchangeonline.webp b/static/images/activitymonitor/9.0/admin/outputs/accountexclusions_exchangeonline.webp new file mode 100644 index 0000000000..f06b7a6427 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/accountexclusions_exchangeonline.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/additionalpropertiestab.webp b/static/images/activitymonitor/9.0/admin/outputs/additionalpropertiestab.webp new file mode 100644 index 0000000000..43dba0b9c5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/additionalpropertiestab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/azuread.webp b/static/images/activitymonitor/9.0/admin/outputs/azuread.webp new file mode 100644 index 0000000000..f6550b5017 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/azuread.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/azureadoperationstab.webp b/static/images/activitymonitor/9.0/admin/outputs/azureadoperationstab.webp new file mode 100644 index 0000000000..79e2f0d942 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/azureadoperationstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/fs.webp b/static/images/activitymonitor/9.0/admin/outputs/fs.webp new file mode 100644 index 0000000000..af38071ec5 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/fs.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/gidexclusionstab.webp b/static/images/activitymonitor/9.0/admin/outputs/gidexclusionstab.webp new file mode 100644 index 0000000000..2caa4f3cc3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/gidexclusionstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/linux.webp b/static/images/activitymonitor/9.0/admin/outputs/linux.webp new file mode 100644 index 0000000000..a510abebf9 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/linux.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/logfilesactivedirectory.webp b/static/images/activitymonitor/9.0/admin/outputs/logfilesactivedirectory.webp new file mode 100644 index 0000000000..6077e15871 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/logfilesactivedirectory.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/nasdevices.webp b/static/images/activitymonitor/9.0/admin/outputs/nasdevices.webp new file mode 100644 index 0000000000..8bd50e5b11 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/nasdevices.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/objectstab.webp b/static/images/activitymonitor/9.0/admin/outputs/objectstab.webp new file mode 100644 index 0000000000..e9dd4e1d6f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/objectstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/operations.webp b/static/images/activitymonitor/9.0/admin/outputs/operations.webp new file mode 100644 index 0000000000..1fd379c2ef Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/operations.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/operationstab.webp b/static/images/activitymonitor/9.0/admin/outputs/operationstab.webp new file mode 100644 index 0000000000..7d86b76250 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/operationstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/pathfilteringsharepointhosts.webp b/static/images/activitymonitor/9.0/admin/outputs/pathfilteringsharepointhosts.webp new file mode 100644 index 0000000000..e58b0d2638 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/pathfilteringsharepointhosts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/pathfilteringtab.webp b/static/images/activitymonitor/9.0/admin/outputs/pathfilteringtab.webp new file mode 100644 index 0000000000..0cefa085ff Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/pathfilteringtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/processexclusions.webp b/static/images/activitymonitor/9.0/admin/outputs/processexclusions.webp new file mode 100644 index 0000000000..e0c47684d1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/processexclusions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/protocolstab.webp b/static/images/activitymonitor/9.0/admin/outputs/protocolstab.webp new file mode 100644 index 0000000000..f55bd98117 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/protocolstab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/qumulooutputproperties.webp b/static/images/activitymonitor/9.0/admin/outputs/qumulooutputproperties.webp new file mode 100644 index 0000000000..730745d43b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/qumulooutputproperties.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/sharepoint.webp b/static/images/activitymonitor/9.0/admin/outputs/sharepoint.webp new file mode 100644 index 0000000000..4720417b4e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/sharepoint.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/sharepointonprem.webp b/static/images/activitymonitor/9.0/admin/outputs/sharepointonprem.webp new file mode 100644 index 0000000000..4881a5e770 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/sharepointonprem.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/sp.webp b/static/images/activitymonitor/9.0/admin/outputs/sp.webp new file mode 100644 index 0000000000..916a47e630 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/sp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/sql.webp b/static/images/activitymonitor/9.0/admin/outputs/sql.webp new file mode 100644 index 0000000000..d671cfcc97 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/sql.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/sqlhosts.webp b/static/images/activitymonitor/9.0/admin/outputs/sqlhosts.webp new file mode 100644 index 0000000000..32367ec245 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/sqlhosts.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/syslogactivedirectory.webp b/static/images/activitymonitor/9.0/admin/outputs/syslogactivedirectory.webp new file mode 100644 index 0000000000..29fbeb5415 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/syslogactivedirectory.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/syslogentraid.webp b/static/images/activitymonitor/9.0/admin/outputs/syslogentraid.webp new file mode 100644 index 0000000000..306c449ff7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/syslogentraid.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/sysloglinux.webp b/static/images/activitymonitor/9.0/admin/outputs/sysloglinux.webp new file mode 100644 index 0000000000..cfd85f116a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/sysloglinux.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/syslognas.webp b/static/images/activitymonitor/9.0/admin/outputs/syslognas.webp new file mode 100644 index 0000000000..50ad949e3e Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/syslognas.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/syslogwindows.webp b/static/images/activitymonitor/9.0/admin/outputs/syslogwindows.webp new file mode 100644 index 0000000000..ee38f9e642 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/syslogwindows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/threatmanager.webp b/static/images/activitymonitor/9.0/admin/outputs/threatmanager.webp new file mode 100644 index 0000000000..e50a47a572 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/threatmanager.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/addoreditgidwindow.webp b/static/images/activitymonitor/9.0/admin/outputs/window/addoreditgidwindow.webp new file mode 100644 index 0000000000..0a7d961adb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/addoreditgidwindow.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/addoreditpath.webp b/static/images/activitymonitor/9.0/admin/outputs/window/addoreditpath.webp new file mode 100644 index 0000000000..fe4213b8f0 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/addoreditpath.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/addoreditprocessprocessexclusions.webp b/static/images/activitymonitor/9.0/admin/outputs/window/addoreditprocessprocessexclusions.webp new file mode 100644 index 0000000000..8ac9a5ad41 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/addoreditprocessprocessexclusions.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/sharepointspecifyaccount.webp b/static/images/activitymonitor/9.0/admin/outputs/window/sharepointspecifyaccount.webp new file mode 100644 index 0000000000..ae30e21bac Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/sharepointspecifyaccount.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/specifysqlusernamewindow.webp b/static/images/activitymonitor/9.0/admin/outputs/window/specifysqlusernamewindow.webp new file mode 100644 index 0000000000..fcec97d023 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/specifysqlusernamewindow.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/syslogmessagetemplate.webp b/static/images/activitymonitor/9.0/admin/outputs/window/syslogmessagetemplate.webp new file mode 100644 index 0000000000..c2e8b07fe1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/syslogmessagetemplate.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/window/unixspecifyunixaccount.webp b/static/images/activitymonitor/9.0/admin/outputs/window/unixspecifyunixaccount.webp new file mode 100644 index 0000000000..14c165b3d0 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/window/unixspecifyunixaccount.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/windows.webp b/static/images/activitymonitor/9.0/admin/outputs/windows.webp new file mode 100644 index 0000000000..cfd297cdf4 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/windows.webp differ diff --git a/static/images/activitymonitor/9.0/admin/outputs/windowsfilenasdevices.webp b/static/images/activitymonitor/9.0/admin/outputs/windowsfilenasdevices.webp new file mode 100644 index 0000000000..53d2402977 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/outputs/windowsfilenasdevices.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/exportbutton.webp b/static/images/activitymonitor/9.0/admin/search/exportbutton.webp new file mode 100644 index 0000000000..229a2e3a55 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/exportbutton.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/operationssdropdownfiltermenu.webp b/static/images/activitymonitor/9.0/admin/search/operationssdropdownfiltermenu.webp new file mode 100644 index 0000000000..673f742ac3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/operationssdropdownfiltermenu.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/activedirectorynewsearchtab.webp b/static/images/activitymonitor/9.0/admin/search/query/activedirectorynewsearchtab.webp new file mode 100644 index 0000000000..659f00ab04 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/activedirectorynewsearchtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/auditeventsfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/auditeventsfilters.webp new file mode 100644 index 0000000000..5028a00a3a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/auditeventsfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/auditmask.webp b/static/images/activitymonitor/9.0/admin/search/query/auditmask.webp new file mode 100644 index 0000000000..6aad60b981 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/auditmask.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/authenticationfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/authenticationfilters.webp new file mode 100644 index 0000000000..c01521f4d8 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/authenticationfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/custom.webp b/static/images/activitymonitor/9.0/admin/search/query/custom.webp new file mode 100644 index 0000000000..4f06c84167 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/custom.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/delete.webp b/static/images/activitymonitor/9.0/admin/search/query/delete.webp new file mode 100644 index 0000000000..7411e9a754 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/delete.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/dlp.webp b/static/images/activitymonitor/9.0/admin/search/query/dlp.webp new file mode 100644 index 0000000000..73f89810d6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/dlp.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/general.webp b/static/images/activitymonitor/9.0/admin/search/query/general.webp new file mode 100644 index 0000000000..70011cb0f9 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/general.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/generalfilter.webp b/static/images/activitymonitor/9.0/admin/search/query/generalfilter.webp new file mode 100644 index 0000000000..25dce1e3df Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/generalfilter.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/generalfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/generalfilters.webp new file mode 100644 index 0000000000..3a8a398cce Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/generalfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/item.webp b/static/images/activitymonitor/9.0/admin/search/query/item.webp new file mode 100644 index 0000000000..331d0b5659 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/item.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/ldapqueriesfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/ldapqueriesfilters.webp new file mode 100644 index 0000000000..13634fd617 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/ldapqueriesfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/linuxsearchquerybar.webp b/static/images/activitymonitor/9.0/admin/search/query/linuxsearchquerybar.webp new file mode 100644 index 0000000000..2426ff1e25 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/linuxsearchquerybar.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/location.webp b/static/images/activitymonitor/9.0/admin/search/query/location.webp new file mode 100644 index 0000000000..2e9f2e1141 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/location.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/locationfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/locationfilters.webp new file mode 100644 index 0000000000..84bc66aef6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/locationfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/lsassguardianfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/lsassguardianfilters.webp new file mode 100644 index 0000000000..31d34a6a9f Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/lsassguardianfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/movedeletecopycheckinfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/movedeletecopycheckinfilters.webp new file mode 100644 index 0000000000..7e53aa0b6a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/movedeletecopycheckinfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/objectchangesfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/objectchangesfilters.webp new file mode 100644 index 0000000000..194eca028b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/objectchangesfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/permissionsfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/permissionsfilters.webp new file mode 100644 index 0000000000..52796dd350 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/permissionsfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/searchfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/searchfilters.webp new file mode 100644 index 0000000000..4ab184c144 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/searchfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/searchquery.webp b/static/images/activitymonitor/9.0/admin/search/query/searchquery.webp new file mode 100644 index 0000000000..6773937959 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/searchquery.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/searchquerybar.webp b/static/images/activitymonitor/9.0/admin/search/query/searchquerybar.webp new file mode 100644 index 0000000000..7faa0d79cb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/searchquerybar.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/searchuitop.webp b/static/images/activitymonitor/9.0/admin/search/query/searchuitop.webp new file mode 100644 index 0000000000..df3c1bbaa1 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/searchuitop.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/sharepointnewsearchtab.webp b/static/images/activitymonitor/9.0/admin/search/query/sharepointnewsearchtab.webp new file mode 100644 index 0000000000..4b3a5b0559 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/sharepointnewsearchtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/sharepointonlinesearchquerybar.webp b/static/images/activitymonitor/9.0/admin/search/query/sharepointonlinesearchquerybar.webp new file mode 100644 index 0000000000..bd7a0e261c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/sharepointonlinesearchquerybar.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/sharing.webp b/static/images/activitymonitor/9.0/admin/search/query/sharing.webp new file mode 100644 index 0000000000..20d1db3fdb Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/sharing.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/signinevents.webp b/static/images/activitymonitor/9.0/admin/search/query/signinevents.webp new file mode 100644 index 0000000000..c8e07025d6 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/signinevents.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/sqlfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/sqlfilters.webp new file mode 100644 index 0000000000..6adeda275c Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/sqlfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/sqlsearchquerytoolbar.webp b/static/images/activitymonitor/9.0/admin/search/query/sqlsearchquerytoolbar.webp new file mode 100644 index 0000000000..aa2ba8a411 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/sqlsearchquerytoolbar.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/target.webp b/static/images/activitymonitor/9.0/admin/search/query/target.webp new file mode 100644 index 0000000000..aa667e0f04 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/target.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/targetresourcefilters.webp b/static/images/activitymonitor/9.0/admin/search/query/targetresourcefilters.webp new file mode 100644 index 0000000000..f5cd790a62 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/targetresourcefilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/user.webp b/static/images/activitymonitor/9.0/admin/search/query/user.webp new file mode 100644 index 0000000000..ceea8bc277 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/user.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/userfilter.webp b/static/images/activitymonitor/9.0/admin/search/query/userfilter.webp new file mode 100644 index 0000000000..2d7cbe19b3 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/userfilter.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/query/userfilters.webp b/static/images/activitymonitor/9.0/admin/search/query/userfilters.webp new file mode 100644 index 0000000000..8fcd5f0106 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/query/userfilters.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/activedirectorysearchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/activedirectorysearchresults.webp new file mode 100644 index 0000000000..88fce56abc Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/activedirectorysearchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/filesearchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/filesearchresults.webp new file mode 100644 index 0000000000..5e8081ac30 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/filesearchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/filesearchresultspermissionsimage.webp b/static/images/activitymonitor/9.0/admin/search/results/filesearchresultspermissionsimage.webp new file mode 100644 index 0000000000..d67532f928 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/filesearchresultspermissionsimage.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/linuxsearchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/linuxsearchresults.webp new file mode 100644 index 0000000000..fea629a002 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/linuxsearchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/permissionslpopupwindow.webp b/static/images/activitymonitor/9.0/admin/search/results/permissionslpopupwindow.webp new file mode 100644 index 0000000000..9348084a42 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/permissionslpopupwindow.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/searchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/searchresults.webp new file mode 100644 index 0000000000..a31873b2b7 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/searchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/sharepointonlinesearchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/sharepointonlinesearchresults.webp new file mode 100644 index 0000000000..956725d30a Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/sharepointonlinesearchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/sharepointsearchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/sharepointsearchresults.webp new file mode 100644 index 0000000000..4d4a8043b2 Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/sharepointsearchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/results/sqlsearchresults.webp b/static/images/activitymonitor/9.0/admin/search/results/sqlsearchresults.webp new file mode 100644 index 0000000000..f0737cc1ae Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/results/sqlsearchresults.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/searchtab.webp b/static/images/activitymonitor/9.0/admin/search/searchtab.webp new file mode 100644 index 0000000000..d690a5fbac Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/searchtab.webp differ diff --git a/static/images/activitymonitor/9.0/admin/search/sort.webp b/static/images/activitymonitor/9.0/admin/search/sort.webp new file mode 100644 index 0000000000..1097cdf72b Binary files /dev/null and b/static/images/activitymonitor/9.0/admin/search/sort.webp differ diff --git a/static/images/activitymonitor/9.0/config/activedirectory/categoryimportfromnam.webp b/static/images/activitymonitor/9.0/config/activedirectory/categoryimportfromnam.webp new file mode 100644 index 0000000000..eec2b88a36 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/activedirectory/categoryimportfromnam.webp differ diff --git a/static/images/activitymonitor/9.0/config/activedirectory/categoryimportfromshare.webp b/static/images/activitymonitor/9.0/config/activedirectory/categoryimportfromshare.webp new file mode 100644 index 0000000000..2b1ae737c7 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/activedirectory/categoryimportfromshare.webp differ diff --git a/static/images/activitymonitor/9.0/config/activedirectory/namconnection.webp b/static/images/activitymonitor/9.0/config/activedirectory/namconnection.webp new file mode 100644 index 0000000000..083f773ed8 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/activedirectory/namconnection.webp differ diff --git a/static/images/activitymonitor/9.0/config/activedirectory/scope.webp b/static/images/activitymonitor/9.0/config/activedirectory/scope.webp new file mode 100644 index 0000000000..9c06f5986f Binary files /dev/null and b/static/images/activitymonitor/9.0/config/activedirectory/scope.webp differ diff --git a/static/images/activitymonitor/9.0/config/activedirectory/share.webp b/static/images/activitymonitor/9.0/config/activedirectory/share.webp new file mode 100644 index 0000000000..1741b2fc1a Binary files /dev/null and b/static/images/activitymonitor/9.0/config/activedirectory/share.webp differ diff --git a/static/images/activitymonitor/9.0/config/azure-files/azure-files-audit.webp b/static/images/activitymonitor/9.0/config/azure-files/azure-files-audit.webp new file mode 100644 index 0000000000..3082c54da1 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/azure-files/azure-files-audit.webp differ diff --git a/static/images/activitymonitor/9.0/config/azure-files/rbac-roles-scopes.webp b/static/images/activitymonitor/9.0/config/azure-files/rbac-roles-scopes.webp new file mode 100644 index 0000000000..4b7f4410f7 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/azure-files/rbac-roles-scopes.webp differ diff --git a/static/images/activitymonitor/9.0/config/ctera/cterasyslogmsg.webp b/static/images/activitymonitor/9.0/config/ctera/cterasyslogmsg.webp new file mode 100644 index 0000000000..1c7fc4f811 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/ctera/cterasyslogmsg.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerscale/eventforwarding.webp b/static/images/activitymonitor/9.0/config/dellpowerscale/eventforwarding.webp new file mode 100644 index 0000000000..b8e574b326 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerscale/eventforwarding.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerscale/settings.webp b/static/images/activitymonitor/9.0/config/dellpowerscale/settings.webp new file mode 100644 index 0000000000..cfeb3ef259 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerscale/settings.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/configeventpublisher.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/configeventpublisher.webp new file mode 100644 index 0000000000..8ab3d13493 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/configeventpublisher.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/eventpublishingpool.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/eventpublishingpool.webp new file mode 100644 index 0000000000..64e3c2f76e Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/eventpublishingpool.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/fseventpublishing.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/fseventpublishing.webp new file mode 100644 index 0000000000..cbeab87c28 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/fseventpublishing.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/nasserver.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/nasserver.webp new file mode 100644 index 0000000000..41e821e781 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/nasserver.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/nasserver1.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/nasserver1.webp new file mode 100644 index 0000000000..3707a557ec Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/nasserver1.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/nasservers.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/nasservers.webp new file mode 100644 index 0000000000..5494430372 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/nasservers.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/publishingpools.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/publishingpools.webp new file mode 100644 index 0000000000..a4bdb4a910 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/publishingpools.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp new file mode 100644 index 0000000000..a2d260cac4 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/registryeditor.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellpowerstore/services.webp b/static/images/activitymonitor/9.0/config/dellpowerstore/services.webp new file mode 100644 index 0000000000..a2c5e55c46 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellpowerstore/services.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellunity/eventscifs.webp b/static/images/activitymonitor/9.0/config/dellunity/eventscifs.webp new file mode 100644 index 0000000000..46730c7597 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellunity/eventscifs.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellunity/eventsnfs.webp b/static/images/activitymonitor/9.0/config/dellunity/eventsnfs.webp new file mode 100644 index 0000000000..4586a9a2d9 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellunity/eventsnfs.webp differ diff --git a/static/images/activitymonitor/9.0/config/dellunity/registryeditorendpoint.webp b/static/images/activitymonitor/9.0/config/dellunity/registryeditorendpoint.webp new file mode 100644 index 0000000000..98da3adacd Binary files /dev/null and b/static/images/activitymonitor/9.0/config/dellunity/registryeditorendpoint.webp differ diff --git a/static/images/activitymonitor/9.0/config/netappcmode/validatefirewall.webp b/static/images/activitymonitor/9.0/config/netappcmode/validatefirewall.webp new file mode 100644 index 0000000000..30347c152e Binary files /dev/null and b/static/images/activitymonitor/9.0/config/netappcmode/validatefirewall.webp differ diff --git a/static/images/activitymonitor/9.0/config/netappcmode/validatesecuritylogincreation.webp b/static/images/activitymonitor/9.0/config/netappcmode/validatesecuritylogincreation.webp new file mode 100644 index 0000000000..f03895a507 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/netappcmode/validatesecuritylogincreation.webp differ diff --git a/static/images/activitymonitor/9.0/config/nutanix/activitynutanix.webp b/static/images/activitymonitor/9.0/config/nutanix/activitynutanix.webp new file mode 100644 index 0000000000..84a34985fd Binary files /dev/null and b/static/images/activitymonitor/9.0/config/nutanix/activitynutanix.webp differ diff --git a/static/images/activitymonitor/9.0/config/panzura/auditeventstwoagnt_panzura.webp b/static/images/activitymonitor/9.0/config/panzura/auditeventstwoagnt_panzura.webp new file mode 100644 index 0000000000..7bc3bf9bfe Binary files /dev/null and b/static/images/activitymonitor/9.0/config/panzura/auditeventstwoagnt_panzura.webp differ diff --git a/static/images/activitymonitor/9.0/config/panzura/panzurasingleagntmonitor.webp b/static/images/activitymonitor/9.0/config/panzura/panzurasingleagntmonitor.webp new file mode 100644 index 0000000000..2d21397384 Binary files /dev/null and b/static/images/activitymonitor/9.0/config/panzura/panzurasingleagntmonitor.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/adconnection.webp b/static/images/activitymonitor/9.0/install/agent/adconnection.webp new file mode 100644 index 0000000000..dd9063444c Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/adconnection.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/cacertconfig.webp b/static/images/activitymonitor/9.0/install/agent/cacertconfig.webp new file mode 100644 index 0000000000..424b2804e5 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/cacertconfig.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/changedestination.webp b/static/images/activitymonitor/9.0/install/agent/changedestination.webp new file mode 100644 index 0000000000..80d61cd857 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/changedestination.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/complete.webp b/static/images/activitymonitor/9.0/install/agent/complete.webp new file mode 100644 index 0000000000..d3e9015dbc Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/complete.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/consolewithagent.webp b/static/images/activitymonitor/9.0/install/agent/consolewithagent.webp new file mode 100644 index 0000000000..ac856e17d2 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/consolewithagent.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/credentials.webp b/static/images/activitymonitor/9.0/install/agent/credentials.webp new file mode 100644 index 0000000000..c288e225ae Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/credentials.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/destinationfolder_1.webp b/static/images/activitymonitor/9.0/install/agent/destinationfolder_1.webp new file mode 100644 index 0000000000..568d5078b2 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/destinationfolder_1.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/domaincontroller.webp b/static/images/activitymonitor/9.0/install/agent/domaincontroller.webp new file mode 100644 index 0000000000..c75f50c1fc Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/domaincontroller.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/domains.webp b/static/images/activitymonitor/9.0/install/agent/domains.webp new file mode 100644 index 0000000000..36bf90c68f Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/domains.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/enterprisemanageram.webp b/static/images/activitymonitor/9.0/install/agent/enterprisemanageram.webp new file mode 100644 index 0000000000..e3969f6d03 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/enterprisemanageram.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/eula.webp b/static/images/activitymonitor/9.0/install/agent/eula.webp new file mode 100644 index 0000000000..9cf1941465 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/eula.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/eventsourcesad.webp b/static/images/activitymonitor/9.0/install/agent/eventsourcesad.webp new file mode 100644 index 0000000000..b58bcd4a27 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/eventsourcesad.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/installlocation.webp b/static/images/activitymonitor/9.0/install/agent/installlocation.webp new file mode 100644 index 0000000000..ae3c53eb08 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/installlocation.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/installnew.webp b/static/images/activitymonitor/9.0/install/agent/installnew.webp new file mode 100644 index 0000000000..74233a1aab Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/installnew.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/license.webp b/static/images/activitymonitor/9.0/install/agent/license.webp new file mode 100644 index 0000000000..ad7583d84f Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/license.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/linuxagentoptions.webp b/static/images/activitymonitor/9.0/install/agent/linuxagentoptions.webp new file mode 100644 index 0000000000..d413a2cec3 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/linuxagentoptions.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/portdefault.webp b/static/images/activitymonitor/9.0/install/agent/portdefault.webp new file mode 100644 index 0000000000..2011618066 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/portdefault.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/properties.webp b/static/images/activitymonitor/9.0/install/agent/properties.webp new file mode 100644 index 0000000000..d661340c4a Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/properties.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/readyinstall.webp b/static/images/activitymonitor/9.0/install/agent/readyinstall.webp new file mode 100644 index 0000000000..4871404250 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/readyinstall.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/readytoinstall.webp b/static/images/activitymonitor/9.0/install/agent/readytoinstall.webp new file mode 100644 index 0000000000..f56032404b Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/readytoinstall.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/screen1.webp b/static/images/activitymonitor/9.0/install/agent/screen1.webp new file mode 100644 index 0000000000..411bee37a5 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/screen1.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/screen2.webp b/static/images/activitymonitor/9.0/install/agent/screen2.webp new file mode 100644 index 0000000000..1c4e378d66 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/screen2.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/screen3.webp b/static/images/activitymonitor/9.0/install/agent/screen3.webp new file mode 100644 index 0000000000..2db7f89f9d Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/screen3.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/specifyagentport.webp b/static/images/activitymonitor/9.0/install/agent/specifyagentport.webp new file mode 100644 index 0000000000..2011618066 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/specifyagentport.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/specifyport.webp b/static/images/activitymonitor/9.0/install/agent/specifyport.webp new file mode 100644 index 0000000000..2011618066 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/specifyport.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/success.webp b/static/images/activitymonitor/9.0/install/agent/success.webp new file mode 100644 index 0000000000..5565794682 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/success.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/welcome.webp b/static/images/activitymonitor/9.0/install/agent/welcome.webp new file mode 100644 index 0000000000..d2382fc934 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/welcome.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/welcome_1.webp b/static/images/activitymonitor/9.0/install/agent/welcome_1.webp new file mode 100644 index 0000000000..f48fa50630 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/welcome_1.webp differ diff --git a/static/images/activitymonitor/9.0/install/agent/windowsagent.webp b/static/images/activitymonitor/9.0/install/agent/windowsagent.webp new file mode 100644 index 0000000000..733c582431 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/agent/windowsagent.webp differ diff --git a/static/images/activitymonitor/9.0/install/complete.webp b/static/images/activitymonitor/9.0/install/complete.webp new file mode 100644 index 0000000000..ee52a152a1 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/complete.webp differ diff --git a/static/images/activitymonitor/9.0/install/destinationfolder.webp b/static/images/activitymonitor/9.0/install/destinationfolder.webp new file mode 100644 index 0000000000..bc4f7e91a7 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/destinationfolder.webp differ diff --git a/static/images/activitymonitor/9.0/install/eula.webp b/static/images/activitymonitor/9.0/install/eula.webp new file mode 100644 index 0000000000..a6cb9e9a38 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/eula.webp differ diff --git a/static/images/activitymonitor/9.0/install/licenseadded.webp b/static/images/activitymonitor/9.0/install/licenseadded.webp new file mode 100644 index 0000000000..a1d0f302e7 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/licenseadded.webp differ diff --git a/static/images/activitymonitor/9.0/install/licenseinfo.webp b/static/images/activitymonitor/9.0/install/licenseinfo.webp new file mode 100644 index 0000000000..d15061717b Binary files /dev/null and b/static/images/activitymonitor/9.0/install/licenseinfo.webp differ diff --git a/static/images/activitymonitor/9.0/install/loadlicense.webp b/static/images/activitymonitor/9.0/install/loadlicense.webp new file mode 100644 index 0000000000..72b6c5e98b Binary files /dev/null and b/static/images/activitymonitor/9.0/install/loadlicense.webp differ diff --git a/static/images/activitymonitor/9.0/install/ready.webp b/static/images/activitymonitor/9.0/install/ready.webp new file mode 100644 index 0000000000..fe83ac7956 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/ready.webp differ diff --git a/static/images/activitymonitor/9.0/install/removeagents.webp b/static/images/activitymonitor/9.0/install/removeagents.webp new file mode 100644 index 0000000000..6dd4828276 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/removeagents.webp differ diff --git a/static/images/activitymonitor/9.0/install/triallicense.webp b/static/images/activitymonitor/9.0/install/triallicense.webp new file mode 100644 index 0000000000..9fe249549b Binary files /dev/null and b/static/images/activitymonitor/9.0/install/triallicense.webp differ diff --git a/static/images/activitymonitor/9.0/install/triallicenseinfo.webp b/static/images/activitymonitor/9.0/install/triallicenseinfo.webp new file mode 100644 index 0000000000..e24261cc7a Binary files /dev/null and b/static/images/activitymonitor/9.0/install/triallicenseinfo.webp differ diff --git a/static/images/activitymonitor/9.0/install/updateagentinstaller.webp b/static/images/activitymonitor/9.0/install/updateagentinstaller.webp new file mode 100644 index 0000000000..842edc7f82 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/updateagentinstaller.webp differ diff --git a/static/images/activitymonitor/9.0/install/updateagentinstallerpopup.webp b/static/images/activitymonitor/9.0/install/updateagentinstallerpopup.webp new file mode 100644 index 0000000000..60bfb40f8c Binary files /dev/null and b/static/images/activitymonitor/9.0/install/updateagentinstallerpopup.webp differ diff --git a/static/images/activitymonitor/9.0/install/welcome.webp b/static/images/activitymonitor/9.0/install/welcome.webp new file mode 100644 index 0000000000..fb98f88e10 Binary files /dev/null and b/static/images/activitymonitor/9.0/install/welcome.webp differ diff --git a/static/images/activitymonitor/9.0/requirements/nam_admodule.webp b/static/images/activitymonitor/9.0/requirements/nam_admodule.webp new file mode 100644 index 0000000000..d118ba765c Binary files /dev/null and b/static/images/activitymonitor/9.0/requirements/nam_admodule.webp differ diff --git a/static/images/activitymonitor/9.0/requirements/ntp.webp b/static/images/activitymonitor/9.0/requirements/ntp.webp new file mode 100644 index 0000000000..e0f66b5033 Binary files /dev/null and b/static/images/activitymonitor/9.0/requirements/ntp.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/dashboard/aboutdashboard.webp b/static/images/activitymonitor/9.0/siem/qradar/dashboard/aboutdashboard.webp new file mode 100644 index 0000000000..2e1201c8dc Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/dashboard/aboutdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/dashboard/deletionsdashboard.webp b/static/images/activitymonitor/9.0/siem/qradar/dashboard/deletionsdashboard.webp new file mode 100644 index 0000000000..bfd86b6474 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/dashboard/deletionsdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/dashboard/homedashboard.webp b/static/images/activitymonitor/9.0/siem/qradar/dashboard/homedashboard.webp new file mode 100644 index 0000000000..fdd1722536 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/dashboard/homedashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/dashboard/permissionchangesdashboard.webp b/static/images/activitymonitor/9.0/siem/qradar/dashboard/permissionchangesdashboard.webp new file mode 100644 index 0000000000..40f040c8e3 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/dashboard/permissionchangesdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/dashboard/ransomwaredashboard.webp b/static/images/activitymonitor/9.0/siem/qradar/dashboard/ransomwaredashboard.webp new file mode 100644 index 0000000000..8a50fdd278 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/dashboard/ransomwaredashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/dashboard/userinvestigationdashboard.webp b/static/images/activitymonitor/9.0/siem/qradar/dashboard/userinvestigationdashboard.webp new file mode 100644 index 0000000000..3af2bf1f18 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/dashboard/userinvestigationdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/file_activity_monitor_app.webp b/static/images/activitymonitor/9.0/siem/qradar/file_activity_monitor_app.webp new file mode 100644 index 0000000000..03d2c1220e Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/file_activity_monitor_app.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/settings.webp b/static/images/activitymonitor/9.0/siem/qradar/settings.webp new file mode 100644 index 0000000000..34b91a0f56 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/settings.webp differ diff --git a/static/images/activitymonitor/9.0/siem/qradar/stealthbitsoffenses.webp b/static/images/activitymonitor/9.0/siem/qradar/stealthbitsoffenses.webp new file mode 100644 index 0000000000..b11a7b9ddf Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/qradar/stealthbitsoffenses.webp differ diff --git a/static/images/activitymonitor/9.0/siem/splunk/dashboard/deletionsdashboard.webp b/static/images/activitymonitor/9.0/siem/splunk/dashboard/deletionsdashboard.webp new file mode 100644 index 0000000000..aebc7bdd77 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/splunk/dashboard/deletionsdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/splunk/dashboard/overviewdashboard.webp b/static/images/activitymonitor/9.0/siem/splunk/dashboard/overviewdashboard.webp new file mode 100644 index 0000000000..65e098a748 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/splunk/dashboard/overviewdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/splunk/dashboard/permissionchangesdashboard.webp b/static/images/activitymonitor/9.0/siem/splunk/dashboard/permissionchangesdashboard.webp new file mode 100644 index 0000000000..6fb3781b99 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/splunk/dashboard/permissionchangesdashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/splunk/dashboard/ransomwaredashboard.webp b/static/images/activitymonitor/9.0/siem/splunk/dashboard/ransomwaredashboard.webp new file mode 100644 index 0000000000..79c5022b98 Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/splunk/dashboard/ransomwaredashboard.webp differ diff --git a/static/images/activitymonitor/9.0/siem/splunk/file_activity_monitor_app.webp b/static/images/activitymonitor/9.0/siem/splunk/file_activity_monitor_app.webp new file mode 100644 index 0000000000..413f873bff Binary files /dev/null and b/static/images/activitymonitor/9.0/siem/splunk/file_activity_monitor_app.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/agentinactivityalertsemailcredentials.webp b/static/images/activitymonitor/9.0/troubleshooting/agentinactivityalertsemailcredentials.webp new file mode 100644 index 0000000000..4882fe1250 Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/agentinactivityalertsemailcredentials.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/agentuseraccount.webp b/static/images/activitymonitor/9.0/troubleshooting/agentuseraccount.webp new file mode 100644 index 0000000000..1b77c7a1ef Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/agentuseraccount.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/archiveuseraccount.webp b/static/images/activitymonitor/9.0/troubleshooting/archiveuseraccount.webp new file mode 100644 index 0000000000..0b5ab00bc2 Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/archiveuseraccount.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/collectlogsbutton.webp b/static/images/activitymonitor/9.0/troubleshooting/collectlogsbutton.webp new file mode 100644 index 0000000000..27aef2d84f Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/collectlogsbutton.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/collectlogswindow.webp b/static/images/activitymonitor/9.0/troubleshooting/collectlogswindow.webp new file mode 100644 index 0000000000..e9c85444ba Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/collectlogswindow.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/monitoredhostinactivityalertsemailcredentials.webp b/static/images/activitymonitor/9.0/troubleshooting/monitoredhostinactivityalertsemailcredentials.webp new file mode 100644 index 0000000000..52fdea9d0a Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/monitoredhostinactivityalertsemailcredentials.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/monitoredhostuseraccount.webp b/static/images/activitymonitor/9.0/troubleshooting/monitoredhostuseraccount.webp new file mode 100644 index 0000000000..d95bba3efe Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/monitoredhostuseraccount.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/panzuramqprotectionaccount.webp b/static/images/activitymonitor/9.0/troubleshooting/panzuramqprotectionaccount.webp new file mode 100644 index 0000000000..dcb9b19cde Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/panzuramqprotectionaccount.webp differ diff --git a/static/images/activitymonitor/9.0/troubleshooting/tracelogs.webp b/static/images/activitymonitor/9.0/troubleshooting/tracelogs.webp new file mode 100644 index 0000000000..14016245dd Binary files /dev/null and b/static/images/activitymonitor/9.0/troubleshooting/tracelogs.webp differ diff --git a/static/images/auditor/10.8/install/installationscreen.webp b/static/images/auditor/10.8/install/installationscreen.webp index 4c4f7b71e5..f8bcf76c38 100644 Binary files a/static/images/auditor/10.8/install/installationscreen.webp and b/static/images/auditor/10.8/install/installationscreen.webp differ diff --git a/static/images/auditor/10.8/install/welcome_screen.webp b/static/images/auditor/10.8/install/welcome_screen.webp index 84d874c187..673b8b5681 100644 Binary files a/static/images/auditor/10.8/install/welcome_screen.webp and b/static/images/auditor/10.8/install/welcome_screen.webp differ diff --git a/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp b/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp index 84d874c187..673b8b5681 100644 Binary files a/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp and b/static/images/auditor/10.8/install/welcome_screen_thumb_0_0.webp differ diff --git a/static/images/passwordsecure/9.3/installation/installation_web_application/configure_custom_branding.webp b/static/images/passwordsecure/9.3/installation/installation_web_application/configure_custom_branding.webp new file mode 100644 index 0000000000..fe5391def6 Binary files /dev/null and b/static/images/passwordsecure/9.3/installation/installation_web_application/configure_custom_branding.webp differ