WIXLIB

½FASTPASS PASSWORD MANAGERVersion 3.6INSTALLATION GUIDE

INSTALLATION GUIDEDocument TitleInstallation GuideDocument ClassificationPublicDocument RevisionADocument StatusFinalDocument DateDecember 12, 20182/88The specifications and information in this document are subject to change without notice. Companies, names,and data used in examples herein are fictitious unless otherwise noted. This document may not be copied ordistributed by any means, in whole or in part, for any reason, without the express written permission ofFastPassCorp A/S. 2004 – 2018 FastPassCorp A/S. All rights reserved.Lyngby Hovedgade 98, 2800 Kongens Lyngby, Denmark.http://www.fastpasscorp.comFastPass Password Manager is a trademark of FastPassCorp A/S. All further trademarks are the property of theirrespective owners.Limited WarrantyNo guarantee is given for the correctness of the information contained in this document. Please send anycomments or corrections to documentation@fastpasscorp.comFastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models

INSTALLATION GUIDE3/88Table of Contents11.11.21.31.41.5Introduction .Purpose .Audience .References .How to use this document .Terms .55555522.12.2About FastPass Password Manager . 6The architecture of FastPass Password Manager . 7Integration to Microsoft Active Directory . 93Installing FastPass Password Manager . 113.1Preparing the Installation . 113.2Creating User Accounts and Groups . 113.2.1Preparing the application servers . 143.2.2Preparing AD LDS Servers . 153.2.3Installing the Web-Server role . 163.2.4Preparing the target AD . 303.2.5Requesting a FastPass Password Manager license . 313.3Installing . 313.3.1Installing FastPass Password Manager . 323.3.2Initializing the AD LDS instance for FastPass . 393.3.3Initializing the FastPass Password Manager solution . 423.4Service restart . 463.5Configuring the FastPass Password Manager solution . 463.5.1Accessing the Administration Client . 4644.14.2Installing the stand-alone FastPass Client (DMZ) . 48Installing . 48Configuring the client . 505Installing Multisystem Password Reset and Synchronization . 535.1Installing SQL 2016 Express SP1 . 535.2Installing the SQL 2016 Management Studio Express . 585.3Installing SQL 2012 Express . 595.4Configuring Microsoft SQL-Express for use with Sync Server . 645.4.1Enabling encryption for SQL server 2016 . 645.4.2Enabling encryption for SQL server 2012R2 . 655.5Pre-requisites for the connectors . 655.6Install Password Sync Server . 666Additional information . 7177.17.27.3Appendices . 72Appendix A: Backing Up AD LDS Database on Windows 2016 Server. . 72Appendix B: Backing Up AD LDS Database on Windows 2012 Server. . 78Appendix C: Restart FastPass Services . 84FastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models

INSTALLATION GUIDE7.47.4.17.4.27.4.37.4.47.4.57.54/88Appendix D: Recommended changes when installing for more than 5.000 users . 85Storing Event data on SQL . 85MSSQL and Space Considerations . 85Tweaking ADAM/ADLDS settings . 86Deprovisioning time . 87Adjusting the Gateway Settings . 87Appendix E: Delete notifications older than 30 days in FastPass . 87FastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models

INSTALLATION GUIDE15/88INTRODUCTIONThe document has last been updated December 12, 2018 and is now targeted the FastPass PasswordManager version 3.61.1PURPOSEThe purpose of this document is to describe the steps included in the process of performing a FastPassPassword Manager implementation.Although the document is written as a tutorial for perform ing a real installation the reader shall expect tochange input values to match the standards and requirements of their own environment.1.2AUDIENCEThe intended audience of this document is personnel either responsible for, preparing or performing theapplication installation.1.3REFERENCESThis document references the following documents:Version 3.6 Administrators Guide.1.4HOW TO USE THIS DOCUMENTChapter 3 outlines the installation process.Chapter 4 describes the preparation steps for the installation.Chapter 5 describes the actual installation.1.5TERMSThe following technical and product specific terms are used without further explanation throughout thedocument.FastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models

INSTALLATION GUIDE26/88ABOUT FASTPASS PASSWORD MANAGERFastPass is a solution for large organizations focused on self -service of passwords and compliance forpassword issues.Users are required to remember many more complex passwords on more systems than ever before.Research (Gartner) suggests that 20-50% of all calls to Help Desks are related to forgotten passwords.Self-service of passwords is the obvious answer to increase productivity and security.Built to use Active Directory as the authoritative repository, FastPass can deliver almost instant ROI bydeploying in just a few hours utilizing your existing Microsoft Windows Server environment.Introduce Self-ServiceUsers only need a web browser to access FastPass whether on the corporate intranet or across theinternet. Even from a Windows PC and the log-in screen users can benefit from FastPass from anotherwise locked PC!Success with self-service requires a clear plan for implementation. FastPass Best Practices helpcustomers reach 80-95% self-service success. The best practices focus on enrollment , Accessanywhere, Flexible and individual authentication and user -friendly assistance!Introduce ComplianceCompanies now more than ever understand the cost of data breaches. According to research 63% ofdata breaches are caused by some kind of password issues.Compliance and security requires a combination of secure self -service and a secure process for theassisted password reset.FastPass has the components to secure customers’ compliance!FastPass helps reducing the workload in the Help Desk, increase end -user productivity and StrengthenSecurityA Password Management solution from FastPassCorp will save you both time and money and at thesame time increase end-user productivity enhance service to a 24/7/365 password self-service andstrengthen security through a secure password reset process and enable stronger password policies tobe enforced with no additional support cost in the Help -desk.For Executives: Reduce service desk cost Increase employee productivity Avoid data breaches and related costs Leverage past investments in Windows Server and Active Directory Typically, ROI within 3-6 monthsFor service desk managers: Remove 20-50% of calls to help desk Enhanced logging and reporting Significantly reduce total cost per forgotten password Increase employee satisfaction Easy implementationFastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models

INSTALLATION GUIDE 7/88Best practices guidelinesFor compliance and IT-security managers Reduce risk for data breaches Make and monitor a compliant manual process Implement strong password policies with user acceptance Keep cost of compliance and security downFor employees: Extremely fast solution to a forgotten password situation Access to systems 24/7/365 No need to involve other people (service desk, colleagues etc.) No barrier to comply with strict password security policies Simple to use2.1THE ARCHITECTURE OF FASTPASS PASSWORD MANAGERThe following describes and illustrates the architecture of Fa stPass Password Manager.From a user perspective FastPass should be available everytime the user needs to user the credentials.FastPass delivers a client that enables the user to access FastPass even when the user cannot login atthe Windows Login prompt. Basically, Password Manager is offering a web based self -service featuresto maintain passwords in the enterprise. This is what is illustrated below.ADAMPassword oftActive DirectoryDirectoriesServersFastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models

INSTALLATION GUIDE8/88Logically the Password Manager Server is built of multiple sub components each offering its own set offunctions for the total solution. The main components are listed in the table below:ComponentDescriptionBackend ServerImplement the control of all end-user transactions, communication tothe Gateway Server, scheduled discovery of users in the domaininfrastructure, control and coordination of password synchronizations,invitations of users etc.Client ServerImplements the Web-interface for the end-users and communicateswith the Backend Server.Gateway ServerImplements access to the domain infrastructure and other PasswordSync target systems.All three main components are by default installed on the Password Manager Server and are directlyconfigured to operate together. A full implementation can be built on additional Client Servers andGateway Servers.This is shown in the illustration:FastPassCorp A/S is a public company registered on Nasdaq/Copenhagen/FirstNorth.Distribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication modelsFastPassCorp A/S is a public company registered on NasdaDistribution and implementation is done through strong and professional partners internationallyWe improve productivity and compliance for passwords and other authentication models