Skip to main content
Matrix42 Self-Service Help Center

Installation Guide IV: EgoSecure Server Installation

EgoSecure Server Installation

Before you Start 

Make sure that the following requirements are met:

  • EgoSecure Data Protection installation file (available in the EgoSecure download area)
  • License key (.lic & .txt) (not required for trial installation)
  • Minimum hardware and software requirements
  • User with read access to Microsoft Active Directory/Novell eDirectory/LDAP
  • SQL user with a permission to create databases

Preparing the Installation 

Please check that the following preparations are done:

  • SQL-server installed. If an SQL-server is installed, start the installation immediately. Otherwise, install an SQL-server first. For details about free installation of SQL Server Express, see chapter SQL Server Installation.
  • Case-insensitive collation selected. Select a case-insensitive collation in the database server settings so that the EgoSecure Server can identify the computers and users by name correctly. Case-insensitive collation example: SQL_Latin1_General_CP1_CI_AS.

Installation

To work with EgoSecure Data Protection, install the Server components on your server. The following components of EgoSecure Data Protection are installed:

Launch the Installer

  • Open the setup file (EgoSecureSetup_x64.exe)
  • Select the language of the setup process and click OK. The welcome dialog opens.
  • In the Welcome dialog, click Next to continue.
  • Select I accept the terms of the license agreement and click Next.
  • Click Next to install EgoSecure Data Protection in the default folder or Click Change… to specify another installation path.
  • The dialog for selecting additional components for installation appears

Service Bus

  • Enable EgoSecure Service Bus Adapter if you want to install it and click Next. For details about EgoSecure Service Bus Adapter, see the article.
    • If you selected to install EgoSecure Service Bus Adapter, the dialog for configuring parameters appears.
    • Define configuration parameters for EgoSecure Service Bus Adapter:
      • Select which Service Bus system you use: RibbitMq or Azure.
      • Fill in the Connection string, Topic name and Pipeline name fields, with the data from the Service Bus system you already have.
      • The configuration parameters can later be changed in the Admin Tool.
    • Click Next

Server Type

  •  The dialog for selecting the EgoSecure Server type appears. The server type can later be changed in the Admin Tool.
    • Select, which server type you want to install and proceed with Next 

Ports

  • The dialog for specifying ports appears. Define the following ports:
Server Connection Port

Server Connection Port (default value: 6005) is a port on the Server for incoming data traffic used by the Agents and the Console to connect to the Server. In the Admin Tool, server connection ports are represented with the Agent port and the Console port.

Agent Notification Port

Agent Notification Port (default value: 6006) is port on the Agents for incoming data traffic used by the Server to send notifications about permission changes to the Agents. If the polling mode is enabled, the Agent notification port is not used by the Server, because in case of polling the Server doesn’t send notifications directly to the Agent. Notifications are stored in the database till the moment the Agent checks for them during one of its polling intervals.

clipboard_eb4869deb70b0fe53776e1ae1a05db748.png

Add Port to firewall exceptions

To add the specified port as a firewall inbound rule for EgoSecure automatically, enable Add port to firewall exceptions. To add exception ports on server and client computers manually, create an inbound rule on the Server (TCP 6005, Allow the connection) and on the Agent (TCP 6006, Allow the connection) in the Advanced settings of the Windows Firewall.

  • Proceed with Next. The dialog for selecting the database type appears.

Database

  • Select the database type and click Next.
  • The dialog for configuring the database server login appears.
  • Configure the database server: enter the name of the SQL-server. Click Browse to select the available database server.
  • Set the Microsoft SQL Server Desktop Engine check box if MSDE is used.
  • In the Database Name field, enter the database name. By default, EgoSecure is displayed.

If you do not specify the database name OR the specified database name doesn’t exist on the database server: For Microsoft SQL Server: a new database with the name “EgoSecure” is generated automatically. For Microsoft Azure SQL: a new database is NOT generated automatically and a warning appears. Please, use an existing database name.

  • Press Next

Directory Services

  • The dialog for selecting a directory service type appears.
  • Select the type of the directory service and click Next.
    • Permitted directory services: 
      • Microsoft Active Directory
      • Azure Active Directory
      • Novell eDirectory (4.91 SP2 or higher)
      • LDAP
      • EgoSecure internal directory
  • If without Directory Service is selected, skip the next step in the instruction.
  • Enter the credentials for adding a domain controller of the selected directory service. More domain controllers of other directory service types can be added later in the EgoSecure Data Protection Console interface.

Microsoft Active Directory credentials

  • Enter the name of your Domain Controller.
  • Enter the Active Directory administrator as User, and enter the Password.

Novell eDirectory credentials

  • Enter the name of the NDS server under NDS Server.
  • Enter the context of your Novell environment under Context.
  • Enter the Novell supervisor as User and the respective Password.

LDAP credentials

  • In the LDAP Server field, enter the name of the LDAP server.
  • In the Context filed, enter the context of you LDAP environment.
  • Enter the LDAP supervisor in the User field and the necessary Password.

Azure Active Directory credentials

  • In the Directory (tenant ID) field, enter the identification number of the Azure Active Directory.
  • In the Application (client) ID field, enter the unique ID of the application registered in the Azure portal.
  • In the Application password (client secret) field, paste the newly generated application client secret.
  • Click Next.

Service Account

  • The dialog for specifying logon information for the EgoSecure Server service appears.
  • Select one of the following connection options:
    • Windows authentication: Logging in to the database is performed via a Windows user account. In the next step, select the user account radio button and define user login data. This user account needs the rights:
      • to create a database on the SQL Server.
      • to write to the registry of the EgoSecure server machine.
    • Server authentication using Login ID and password below: enter the database user login data. In the next step, select Local system account radio button
  • Select one of the radio buttons depending on the selection in the previous step.

SQL Windows Authentication is not compatible with System account used to run the server. That is why, select user account for Windows authentication.

  • Click Next

Supervisor Password 

  • The Supervisor Password dialog appears. This dialog doesn’t appear if the specified database already contains the EgoSecure Supervisor password.,
  • Enable the Supervisor Password check box and define the password. The supervisor can fully manage the EgoSecure Data Protection Console and create super administrators and administrators. You can also set the supervisor password when logging in to the Console for the first time, or in the Administration main menu of the Console.

If a supervisor password is not specified, any system administrator of the company can manage the server.

  EgoSecure does not store the supervisor password on its side, therefore the supervisor password can not be restored. Store the password in a safe location. You can change the password via the /sp admin tool command (involving the EgoSecure support). For details, see the EgoSecure AdminTool – commands guide.

  • Click Next

SSL and Certificates

  • The SSL and certificates dialog appears.
  • If the defined database already contains the EgoSecure password for protecting Agent authentication certificates and its private keys, the dialog is not shown.
  • Set the Enable SSL box. Once the EgoSecure Server starts, SSL EgoSecure certificates are generated automatically.
  • Check the Add authentication certificates with private keys to MSI box and define a password to include Agent authentication certificates to the MSI package (use only printable characters from the ASCII table for the password). This option is used only if you are going to distribute certificates via the MSI package. If you do not set the check box on this step, make sure to distribute certificates to Agents using another way. For details about distributing certificates (both EgoSecure and not EgoSecure ones), see the Configuring SSL chapter of the EgoSecure Console Manual.
  • Click Next.

Ready to Install

  • The Ready to install the Program dialog appears. 
  • Click Install to start the installation.
  • Once the server installation is complete, click Finish to exit the wizard.

The EgoSecure Server is now installed. The EgoSecure Console icon appears on the desktop.

Modifying the installation

Modify the EgoSecure Server to install or uninstall the additional components.

  • Start the EgoSecureSetup_x64.exe file of the same EgoSecure Server version that is currently installed or click Modify in the Windows section for adding or removing programs.
  • The Welcome dialog appears.
  • Click Modify and then click Next.
  • Enable the component to install it or disable the component to uninstall it
  • Click Next.
  • The installation modification starts.
  • Once the installation is complete, click Finish.

Silent installation

To perform a silent server installation, install the server on one computer and then install on other computers via the silent installation command.

  • Run cmd.exe as an administrator.
  • Copy EgoSecureSetup_x64.exe to a specific location. E.g. to disk C:\.
  • Enter the following command:
    • C:\EgoSecureSetup_x64.exe -a -r -f1"%USERPROFILE%\Desktop\EgoSecureSetup.iss"
  • The Server InstallShield opens.
  • Install the server with your parameters.
    • All the installation parameters are automatically written to the EgoSecureSetup.iss file.
  • Once the server is installed, copy the EgoSecureSetup.iss and the EgoSecureSetup_x64.exe files to another computer.
  • On another computer, run cmd.exe as an administrator and then execute the following command:
    • C:\EgoSecureSetup_x64.exe -a -s -f1"%USERPROFILE%\Desktop\EgoSecureSetup.iss"
  • Once the server is installed successfully, ResultCode=0 is written to the setup.log file created automatically on the desktop. If the installation was not successful, then ResultCode=-3 is written.
  • Was this article helpful?