Administrator Guide
Table Of Contents
- Dell Data Guardian Windows, Mac, Mobile, and Web Administrator Guide v2.9
- Introduction
- Requirements
- Configure and Install Data Guardian on Windows
- Data Guardian Client Registry Settings
- Configure an On-prem Server for Data Guardian
- Install Data Guardian
- Set GPO on Domain Controller to Enable Entitlements
- Uninstall Data Guardian
- View Reports
- Data Guardian Troubleshooting
- Configure and Install Data Guardian on Mac
- Configure and Install Data Guardian for the Web Client
Parameters for Hosted Dell Security Center Parameters for Dell Server (On-prem) - .exe or .msi (for
Workspace ONE)
INSTALL_ID=<Installation ID for that tenant> (For a multi-tenant
environment.)
ENTERPRISE=1 (Internal User)
ENABLESSLTRUST=0 (Disable SSL trust validation) ENABLESSLTRUST=0 (Disable SSL trust validation)
REBOOT=SUPPRESS (Null allows for automatic reboots,
SUPPRESS disables reboot)
REBOOT=SUPPRESS (Null allows for automatic reboots,
SUPPRESS disables reboot)
Example Command Line for On-prem
• The following example installs Data Guardian silently, for an internal user, with no SSL trust validation, logs stored to C:\Library\Logs
\Install.log.
setup.exe /S /V"/QB! REBOOT=SUPPRESS SERVER=server.domain.com /L*V "c:\Library\Logs
\install.log" ENABLESSLTRUST=0"
Example Command Line for Hosted Dell Security Center
• The following example installs Data Guardian silently, in a SaaS environment, for an internal user, with no SSL trust validation, logs
stored to C:\Library\Logs\Install.log.
setup.exe /S /V"/QB! REBOOT=SUPPRESS SAAS=1 /L*V "c:\Library\Logs\install.log"
ENABLESSLTRUST=0"
Example Command Line for .msi
• The following example installs Data Guardian in an .msi environment, for an internal user, with no SSL trust validation, logs stored to
C:\Library\Logs\Install.log.
"Dell Data Guardian.msi" /QB! REBOOT=SUPPRESS ENTERPRISE=1 SERVER=server.domain.com /L*V
"c:\Library\Logs\install.log" ENABLESSLTRUST=0
User must reboot after a Location change
After Data Guardian has been installed, if you use Microsoft’s Folder Redirection, Group Policy, Windows Registry, or other option to
modify the location of a local folder or library that Data Guardian would sweep, client-side caching occurs. For example, a user might
modify the Documents folder’s Properties > Location to a network drive. Therefore, after a Location change, the user must reboot before
logging in to Data Guardian. The following may be impacted:
• Opt-in mode - If you or a user modify the location of the Documents or Secure Documents folder, the user must reboot or manually
protect a file through right-click or Save As.
• Force-protected mode - If you or a user modify the location of the Documents or Unprotected folder, the user must reboot or
manually protect a file through Save As Protected.
Set GPO on Domain Controller to Enable
Entitlements
• If your clients will be entitled from Dell Digital Delivery, follow these instructions to set the GPO on the domain controller to enable
entitlements (this may not be the same server running the Dell Server).
• The workstation must be a member of the OU where the GPO is applied.
• Ensure that outbound port 443 is available to communicate with the Dell Server. If port 443 is blocked (for any reason), the
entitlement feature does not function.
1. On the Domain Controller to manage the clients, click Start > Administrative Tools > Group Policy Management.
2. Right-click the OU where the policy should be applied and select Create a GPO in this domain, and Link it here.
3. Enter a name for the new GPO, select (none) for Source Starter GPO, and click OK.
4. Right-click the GPO that was created and select Edit.
5. The Group Policy Management Editor loads. Access Computer Configuration > Preferences > Windows Settings > Registry.
6. Right-click the Registry and select New > Registry Item. Complete the following.
Action: Create
Hive: HKEY_LOCAL_MACHINE
Key Path: SOFTWARE\Dell\Dell Data Protection
Value name: Server
Configure and Install Data Guardian on Windows
17