Skip to main content

Install DSM Administrator

*Note: To use Find-IT functionality, install Nmap software.

Perform the following steps to install DSM Administrator.

  1. Copy the PK Protect Installer for Linux on the machine where you want to install and setup the PK Protect components.

  2. Run the DgSecure-<x.x.x.x>-linux-x64-installer.run file.

Note: By default, the installer runs as “Root User”. To run as the non-root user, 777 permissions is required on the /tmp directory. Once the installation is completed, restart the PK Protect IDP services manually from the IDP directories.

  1. Press Enter to accept the license agreement.

  2. Provide the path of the directory where PK Protect will be installed or press enter to continue with the default directory as displayed.

*Note: If user does not wish to give complete access to the temporary directory for certain environments, steps to create a new directory are:

  1. A parameter “sys_temp_dir” is available, which can be used to set temporary directory where installer can write, create, and execute files during installation, the syntax is:
    <InstallerName> --sys_temp_dir “<Absolute_path_of_Custom_temp_folder>”

  2. For installation on Linux environment minimum permission requirement is 755 for the folder “<Absolute_path_of_Custom_temp_folder>”

  1. Enter Y if you want to continue installation as a current user.

  2. Specify the Port number to configure PK Protect server. The default port number is 10181. If you have any SSL Certificate, enter Y, else go to Step 8.

  3. Select option for SSL certificate from the following two options: Self Signed and Trusted.

    1. Self-Signed – For Self-Signed SSL Certificate, perform the following steps:

      1. Enter the SSL Port number on which the SSL Certificate is configured. By default, the port number is 10182.

      2. If you want to provide the Java cacert path, enter “Y”, else enter “N”.

        1. If you enter “Y”, provide the Java cacert path and its Password.

        2. If you enter “N”, provide the following details as depicted in the screenshot below:

    2. Trusted – For Trusted SSL Certificate, perform the following steps:

      1. Enter the SSL Port number on which the SSL Certificate is configured. By default, the port number is 10182.

      2. Specify the Keystore File, Alias Name, Keystore Password, and Key Password for configuring the Trusted SSL Certificate.

  4. The user must enter “Y” for SSL Certificate in step 5 to customize cipher suites. To Customize Allowed Cipher Suites, type “Y” to provide a customized list of supported cipher suites as depicted in the screenshot below, else enter “N” and move to Step 8.


    If there is more than one cipher, separate ciphers with the “:” symbol.

*Note: After finishing the installation, restart the DataguiseServer service for customized ciphers to take effect. The installer only allows the following ciphers to be used:

  1. ECDHE-ECDSA-AES128-GCM-SHA256

  2. ECDHE-RSA-AES128-GCM-SHA256

  3. ECDHE-ECDSA-AES256-GCM-SHA384

  4. ECDHE-RSA-AES256-GCM-SHA384

  5. ECDHE-ECDSA-CHACHA20-POLY1305

  6. ECDHE-RSA-CHACHA20-POLY1305

  7. DHE-RSA-AES128-GCM-SHA256

  8. DHE- RSA-AES256-GCM-SHA384

  1. Select the database type from the given options. There are four types of databases that you can install:

Following are the steps to configure different Database Types.

PostgreSQL

To configure PostgreSQL database, enter [1].

  1. Provide the database connection configuration details as depicted in the screenshot below. If the user has enabled SSL, then move to step 2, else move to step 3.

  2. If the user has enabled SSL in the above step, then provide the required information as shown below:

*Note: For PostgreSQL, you must create pgcrypto extension to update the dashboard in PK Protect with the latest executions.

  1. Provide the database name, user name and password to connect to the database.

  2. Provide the database configuration details as depicted in the below screenshot:


    As per the values provided for the above mentioned schemas, it will be checked whether the database/schema is existing or new. After checking, the option to either create a new database/schema or use an existing database/schema is provided.

  3. Select metadata crypto option i.e., System Generated Key and Custom Key.

    1. Type [1] if you want to select System Generated Key.

    2. Type [2] if you want to select Custom Key as metadata crypto option and provide the keystore details as depicted in the screenshot below:

  4. Enter controller ID.

MySQL

To configure MySQL, enter [3].

  1. Provide MySQL Server connection details as depicted in the screenshot below:

  2. Provide the database configuration details as depicted in the below screenshot:


    As per the values provided for the above mentioned schemas, it will be checked whether the database/schema is existing or new. After checking, the option to either create a new database/schema or use an existing database/schema is provided.

  3. Select metadata crypto option i.e., System Generated Key and Custom Key. To know more, refer to step 5 of section PostgresSQL.

  4. Enter the controller ID.

SQL Server

To configure SQL Server, enter [2].

  1. Specify whether you want to connect through Port or Instance and provide the required information.

*Note: In case, you want to install PK Protect using Azure SQL Server as a metadata repository, one of the following conditions should be met:

  1. The user should create the master database prior to PK Protect installation using SQL Server Client. After creating the database, the user can specify the name of that database at the time of installation with SQL Server.
    --OR--

  2. The user should specify the master user credentials in SQL Server Client to create the desired database at the time of installation with SQL Server.

  1. If you choose option [1] in step 1, then provide the details depicted in the screenshot below:

  2. If the user chooses option [2] in step 1, then provide the details depicted in the screenshot below.

  3. Provide the database configuration details as depicted in the below screenshot:


    As per the values provided for the above mentioned schemas, it will be checked whether the database/schema is existing or new. After checking, the option to either create a new database/schema or use an existing database/schema is provided.

  4. Select metadata crypto option i.e., System Generated Key and Custom Key. To know more, refer to step 5 of section PostgresSQL.

  5. Enter the controller ID.

Oracle

To configure Oracle, enter [4].

  1. Select either Basic or TNS.


    1. If you choose Basic, enter the required information which includes user name, password, host name, SID/Service, and port number.

    2. If you choose TNS, enter the required information which includes user name, password, TNS name, and TNS admin path.


      *Note: The user specified above must have the following privileges:


      Additionally, the EXECUTE ON DBMS_CRYPTO privilege needs to be granted to public.

  2. Provide the information needed to configure PK Protect Oracle repository as depicted in the below screenshot:


    As per the values provided for the above-mentioned schemas, it will be checked whether the database/schema is existing or new. After checking, the option to either create a new database/schema or use an existing database/schema is provided.

  3. Select metadata crypto option i.e., System Generated Key and Custom Key. To know more, refer to step 5 of Section PostgresSQL.

  4. Enter controller ID. Press enter to continue installing using the default controller ID or provide a controller ID.

*Note: Ensure that the controller ID is same for all the IDPs. If you cannot access PK Protect after installing the controller, you must make sure the Tomcat 9 Server is up and running. If the Tomcat 9 server is not running, go to /opt/Dataguise/DgSecure/DataguiseServer and trigger start.sh file.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.