Skip to main content
Matrix42 Self-Service Help Center

Cloud Connector Guide I: Cloud Customers

Requirements

  1. Before you start you should have received three certificates:
  • Cloud Connector Client Certificate (client.pfx)
  • Cloud Connector Server Certificate (server.cer)
  • Silverback Root Authority Certificate (RootRSA.cer)
  1. Please ensure that your Cloud Connector Endpoint Server has TLS 1.2  activated

Download 

Download the Cloud Connector source on Matrix42 Marketplace

Run the setup

  • Launch the setup for the Cloud Connector on the server in your environment
  • Click Run on Security Warning
  • Wait until InstallShield Wizard will start
  • Click Next
  • Click I accept the terms in the license agreement
  • Click Next 
  • Choose Complete Installation

Standard Installation path is C:\Program Files (x86)\Matrix42\Cloud Connector\ 

  • Select Number of Clients (keep 2 as default)
  • Click Next

You can have multiple Cloud Connector clients on the one machine to ensure redundancy. Each client will create a service on the local machine. Having more than one, ensures that if the service is to fail there will be another to take its place.

  • Click Install
  • Click Finish

Import Certificates

For a secure communication between your Silverback Cloud Instance and your resources, the Cloud Connector Server needs to have all three certificates imported and the Network Service needs to have control over the Client Certificate Private Key. 

Import Server Certificate

Perform these steps on the Cloud Connector Endpoint Server. 

  • Press Windows Key + R to launch the Run prompt
  • Enter mmc and press Ok
  • Select File
  • Select Add/Remove Snap-In
  • Select Certificates Click Add
  • Select Computer Account
  • Click Next
  • Click Finish
  • Click OK
  • Expand Certificates (Local Computer)
  • Expand Personal
  • Expand Certificates
  • Right Click in the middle pane
  • Click All Tasks
  • Click Import
  • Click Next
  • Click Browse
  • Select your server.cer file
  • Click Open
  • Click Next
  • Click Next
  • Click Finish

Import Client Certificate

  • Right Click in the middle pane
  • Click All Tasks
  • Click Import
  • Click Next
  • Click Browse
  • Change Search Filter to All Files (*.*)
  • Select your client.pfx file
  • Click Open
  • Click Next
  • Enter your received password
  • Enable Mark this key as exportable
  • Click Next
  • Click Next
  • Click Finish

Set Permission 

  • In the MMC Screen, right click the newly imported Cloud Connector Client certificate
  • Select All Tasks
  • Select Manage Private Keys
  • Click Add
  • Enter “NETWORK SERVICE” and Click Check Names to Confirm
  • Click OK
  • Ensure NETWORK SERVICE has Full Control and Read Allowed
  • Click OK

Import Silverback Root Authority Certificate

  • Navigate to Trusted Root Certification Authorities
  • Expand Certificates
  • Perform a right click
  • Click All Tasks
  • Click Import
  • Click Next
  • Select the RootRSA certificate
  • Click Next
  • Click Next
  • Click Finish

Config Generator

  • Open Windows Explorer
  • Enter the following C:\Program Files (x86)\Matrix42\Cloud Connector\Config Generator\SilverbackMDM.SilverBack.CloudConnectorConfigGenerator.exe
  • Press Enter
  • Run SilverbackMDM.SilverBack.CloudConnectorConfigGenerator.exe

Create Config 

  • Enter your Silverback URL with https into the Tunnel URL field (e.g. https://silverback100.m42cloud.com/tunnel)
  • Click the certificate icon for Client Certificate 
  • Pick your Cloud Connector Client Certificate (Issuer Silverback Root Authority)
  • Click OK
  • Certificate Thumbprint should be filled now
  • Disable Certificate Pinning
  • Click the certificate icon for Server Tunnel Certificate 
  • Pick your Silverback Tunnel Certificate  (Issuer Silverback Root Authority)
  • Click OK
  • Certificate Thumbprint should be filled now

Export Config

  • Click Export
  • Click Make New Folder
  • Name the folder Cloud Connector Config
  • Click OK
  • Click OK to confirm that settings are save

Configure Services

  • Open your recently created folder
  • e.g. C:\Cloud Connector Config
    • Expand SilverbackConfigs
    • Expand srv
    • Expand Cloud Connector Client
  • Copy the existing file into C:\Program Files (x86)\Matrix42\Cloud Connector\Service
  • Overwrite the existing file

Start Services

  • Open Services MMC
  • Search for Silverback Cloud Connector Service 1 and 2
  • Start both services

If the services are struggling open Event Viewer Windows Application Logs and check errors. Try to export Config unencrypted

Check Connection

  • Open Silverback Management Console
  • Login as Administrator
  • Navigate to Admin
  • Navigate to Cloud Connector
  • You should see now 2 cloud connectors 

Configure Silverback

Add Active Directory

  • Logout as Administrator
  • Login as Settings Administrator
  • Navigate to LDAP
  • Enter your LDAP Server IP Address or FQDN (e.g. dc01.imagoverum.com)
  • Check the Account Field
    • Keep userPrincipalName or
    • change to sAMAccountName
  • Click Save
  • Click OK

Configure Cloud Connector

  • Navigate to Cloud Connector
    • Enable Send LDAP Requests through Tunnel
    • Enable Traffic Log
  • Click Save
  • Click OK

Restart Services

  • Navigate back to your Cloud Connector Server instance
  • Restart Silverback Cloud Connector Services

Check Connection

  • Was this article helpful?