System Requirements for Secret Server

Please read the notes at the bottom of this article.

Minimum Requirements for Basic Deployments

Web Server Database Server
2 CPU Cores 2 CPU Cores
4 GB RAM 4 GB RAM
25 GB Disk Space 50 GB Disk Space
Windows Server 2012 Windows Server 2012
IIS 7 or newer (64-bit applications only) SQL Server 2014-2022
.NET 4.8 or newer Collation SQL_Latin1_General_CP1_CI_AS

Recommended Requirements for Basic Deployments

Web Server Database Server
4 CPU Cores 4 CPU Cores
16 GB RAM 16 GB RAM
25 GB Disk Space 100+ GB Disk Space
Windows Server 2012-2022 Windows Server 2012-2022
IIS 7 or newer (64-bit applications only) SQL Server 2014-2022
.NET 4.8 or newer Collation SQL_Latin1_General_CP1_CI_AS
Windows Server 2022 is supported by Secret Server 11.0 or later. It may work with earlier versions, but that has not been officially confirmed.

Minimum Requirements for Advanced Deployments

Recommended for organizations deploying discovery, session recording,or increased numbers of distributed engines:

Also see feature-specific guides listed below.

Web Server Database Server
8 CPU Cores 8 CPU Cores
16 GB RAM 16 GB RAM
25 GB Disk Space 100+ GB Disk Space
Windows Server 2012-2022 Windows Server 2012-2022
IIS 8 or newer (64-bit applications only) SQL Server 2014-2022
.NET 4.8 or newer Collation SQL_Latin1_General_CP1_CI_AS
Windows Server 2022 is supported by Secret Server 11.0 or later. It may work with earlier versions, but that has not been officially confirmed.
Distributed Engines RabbitMQ Messaging Server
4 CPU Cores 4 CPU Cores
4 GB RAM 4 GB RAM
25 GB Disk Space 40 GB Disk Space
Further adjustments to system requirements for both RabbitMQ and distributed engines are at the discretion of Delinea Professional Services engineers.

Recommended Requirements for Specific Features

Session Recording Requirements: Basic and Advanced

Ports Used By Secret Server

Notes

This section contains caveats potentially having a significant effect on any installation.

  • The use of Server Core for Secret Server installations is not recommended; All QA and testing is based non-core versions of Windows Server.

  • To comply with Microsoft licensing requirements, there is an additional constraint on which Microsoft Windows Server version you can use as the RDS server for session connector.

    If you use Microsoft User Client Access Licenses (CALs), you cannot use Windows Server 2019. You must use Windows Server 2012 or 2016. If you use Microsoft Device CALs, you can use any supported version of Windows Server.

  • Secret Server requires that Microsoft SQL Server and its database be set to the collation SQL_Latin1_General_CP1_CI_AS. See Microsoft SQL collation requirements and check your server collation settings before upgrading.

  • System Requirements apply to both physical and virtual machines.

  • For best performance, we recommend using dedicated (clean) servers for hosting Delinea products.

  • If .NET or IIS features are not already installed on the web server, the Delinea Installer will add and configure them automatically.

  • If SQL is not already installed on a database server, the Delinea installer can setup SQL Express on the web server; however, SQL Express is intended for trials and sandbox environments only. Though Delinea will support SQL Express, users will likely experience performance issues due to the memory and product limitations. If experiencing performance issues while using SQL Express, we highly recommend upgrading to SQL Server prior to contacting Delinea Support.

  • A link to Microsoft documentation on the use and limitations of SQL Express can be found at: https://docs.microsoft.com/en-us/sql/sql-server/editions-and-components-of-sql-server-2017.

  • Installing Secret Server with Azure SQL: Currently, we do not recommend using Secret Server with Azure SQL when the Web host and the Azure SQL instance are in different datacenters. According to Microsoft, applications, such as Secret Server, that use frequent, high-volume, ad hoc queries use substantial response time on network communication between the application and Azure SQL database tiers. Thus, network latency with many data access operations across datacenters can become an issue.

  • Unsupported Web Servers: Small Business Server (SBS), The Essentials Edition, Any client OS, domain controllers, SharePoint servers.

  • Secret Server Cloud requires an on-premise machine to use a distributed engine.

  • SQL launchers do not support SSMS 18.0 or higher.

  • Discovery scanning for Windows Server 2016 scheduled tasks requires that either the Secret Server node or the distributed engine that is executing the scan must run on Windows Server 2016 or later. This is due to changes in Windows Server 2016 API used for scheduled task dependency scans.

  • AWS RDS: Currently, we do not recommend using Secret Server with AWS Relational Database Service when the Web host and the SQL instance are in different datacenters. Applications, such as Secret Server, that use frequent, high-volume, ad hoc queries depend on fast network communication response time between the application and SQL database. Thus, network latency with many data access operations across datacenters can become an issue.

  • Secret Server requires the application pool to have the "load user profile" setting enabled. Secret Server will report a critical alert to notify admins if this setting is not enabled.

  • Supported Web browsers:

    • Google Chrome

    • Mozilla Firefox

    • Microsoft Edge. Edge Chromium only. Legacy Microsoft Edge is not supported.

    • Safari