Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Pro
51525354555657585960
Congure Key Server for Uninstallation of
Encryption Client Activated Against
Security
Management Server
This section explains how to congure components for use with Kerberos Authentication/Authorization when using an Security
Management Server. The Security Management Server Virtual does not use the Key Server.
The Key Server is a Service that listens for clients to connect on a socket. Once a client connects, a secure connection is negotiated,
authenticated, and encrypted using Kerberos APIs (if a secure connection cannot be negotiated, the client is disconnected).
The Key Server then checks with the Security Server (formerly the Device Server) to see if the user running the client is allowed to
access keys. This access is granted on the Remote Management Console via individual domains.
If Kerberos Authentication/Authorization is to be used, then the server that contains the Key Server component will need to be part of
the aected domain.
Because the Security Management Server Virtual does not use the Key Server, typical uninstallation is aected. When an Encryption
client that is activated against a Security Management Server Virtual is uninstalled, standard forensic key retrieval through the Security
Server is used, instead of the Key Server's Kerberos method. See Command Line Uninstallation for more information.
Services Panel - Add Domain Account User
1 On the Security Management Server, navigate to the Services panel (Start > Run... > services.msc > OK).
2 Right-click Key Server and select Properties.
3 Select the Log On tab and select the This account: option.
In the This account: eld, add the domain account user. This domain user must have at least local administrator rights to the Key
Server folder (must be able to write to the Key Server cong le, as well as the ability to write to the log.txt le).
Enter and conrm the password for the domain user.
Click OK.
12
Dell Data Security Endpoint Security Suite Pro
Congure Key Server for Uninstallation of Encryption Client Activated Against Security Management Server
57