Step 1 - Verify System Requirements

Successful use of ALM requires your organization’s IT infrastructure to meet several criteria.

Thycotic One accounts

Each member of your organization who will use ALM must have a Thycotic One account. These free accounts provide authentication to Delinea’s cloud services, including ALM.

To open a Thycotic One account, visit Thycotic One.

The email a User submits when signing up for Thycotic One will be the email they must provide later when obtaining an ALM User account.

Browser Compatibility

Google Chrome
Mozilla Firefox

Vault Types

Delinea ALM uses Secret Server to store credentials for the accounts it creates in Active Directory. This removes security risks long associated with storage of temporary credentials for new AD accounts.

If you are not using Secret Server Cloud, your Secret Server version must be Version 10.2.000018 or later, with the Secret Server Platinum or Pro license. Secret Server’s web services must be running.

Instructions related to Secret Server requirements appear in Integrate ALM with Secret Server.
Delinea DevOps Secrets Vault
Azure Key Vault
AWS Secrets Manager
HashiCorp Vault

Domain Types

The following domain types are supported:

An Active Directory Domain Controller on Windows Server 2012 or later.
Azure AD Domain Services.
Amazon Web Services Identity and Access Management.
Google Cloud Platform Identity and Access Management.

A User account privileged to create Active Directory accounts can authenticate into AD to create other AD accounts.

For details on integration with Active Directory, see Integrate ALM with Active Directory.

ALM Engine Windows Service

The ALM Engine is a Windows Service that runs on a machine in your organization’s environment. It manages interactions between the ALM cloud service and your Active Directory installation. It also supports ALM’s integration with your organization’s Secret Server instance.

See Setup the ALM Engine Service for details.