Directory Services Agent (AD)
This agent supports the Active Directory synchronization between Privilege Manager Cloud instances and local directory services. This agent only needs to be installed on one system to perform the synchronization task. The local agent can be deployed into an AD environment instead of requiring direct connectivity from the server to the domain controllers. You will be able to configure the product in either method (direct or agent-based).
The agent method requires that the Directory Services Agent is installed on one computer connected to a domain controller. Once installed, the agent receives the Active Directory Sync (Agent) scheduled task along with other parameters such as the credential used, which AD objects, etc. to perform a synchronization between a Cloud instance and local AD.
If the Directory Services Agent is installed on a system with an Application Control or a Local Security Agent, a license will be consumed. If a system has the Delinea Agent (Core Agent) and Directory Services Agent installed ONLY, no license is consumed.
The Directory Services Agent for local AD synchronization with Privilege Manager Cloud instances is available for x64-bit systems only.
If the Directory Services Agent produces error messages about failed application control policy processing in the agent log, those messages can be ignored.
When upgrading Privilege Manager to a newer version, it is recommended to also upgrade the Directory Services Agent so they are both on the same version.
We recommend the following topics for details pertaining to the Directory Services Agent functionality:
- Active Directory Synchronization, to learn how to setup and run the synchronization task on the Synchronization tab of the Active Directory Domain foreign system.
- Agent System Requirements, to learn about the Directory Services Agent specific system requirements.
Prerequisites
The Core Delinea Agent needs to be installed on the system that receives the Directory Services Agent installation. The other agents aren't required, but can be installed on the same system without issues.
Directory Services Agent Installation
Download the latest version of the Directory Services Agent via the Software Downloads page.
-
Double-click the .msi file to start the installation wizard:
Close all other applications running on the system and click Next.
-
On the EULA Agreement screen, select I accept the license agreement.
Click Next.
-
On the Destination Folder screen, keep the default installation destination or use Browse to select a different folder.
Click Next.
-
On the Ready to install screen, you have an option to go back to change your previous selection, otherwise click Next to proceed with the installation.
If you have any other Delinea Agents already installed on the system, the installer my prompt you to stop the services before you can proceed.
-
After a successful installation of the Directory Services Agent, you will see the following screen:
Click Close.
-
Restart any previously stopped agent services.