Identifying prerequisites (OS, Ports, AD, SQL …) and installation of KACE Desktop Authority
Architecture
Supported OS
Installation
- Microsoft Windows Server 2008 R2 Standard/Enterprise
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2 Standard/Enterprise
- Microsoft Windows Server 2016
Client
- Microsoft Windows 7 (including 64-bit)
- Microsoft Windows 8.1 (including 64-bit)
- Microsoft Windows 10 (including 64-bit)
- Microsoft Windows Server 2008 R2 Standard/Enterprise
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2 Standard/Enterprise
- Microsoft Windows Server 2016
Port Opening
| Port | Services |
| 135 | Remote Service Management Port |
| 139 | Remote Registry needed to install the admin service. |
| 443 | HTTPS port used by IIS |
| 1433 | Microsoft-SQL-Server. |
| 1529 | Off-Network Remote Management Gateway Service. |
| 2000 | Remote Management (if used and the port can be changed in the element for Remote Management) |
| 8017 | Desktop Authority Operation Master Settings |
| 57238 | Desktop Authority Manager Service |
Antivirus Exceptions
Add the following exceptions
Clients:
- C:\Desktop Authority\
- C:\Program Files\Quest\
- C:\Program Files (x86)\Quest\
- C:\Windows\System32\SLInstall.exe
- C:\Windows\System32\SLBoost.exe
- C:\Windows\SysWOW64\SLInstall.exe
- C:\Windows\SysWOW64\SLBoost.exe
- C:\Windows\Temp\Desktop Authority\
- C:\Windows\Prefetch\
Server:
- C:\Program Files (x86)\Quest\Desktop Authority
- C:\Windows\System32\DAAdminSvc.exe
- C:\Windows\SysWOW64\DAAdminSvc.exe
SQL Server
By default, Quest installs a SQL Express 2014, but you can also use a SQL server with the following versions:
- 2008
- 2008 R2
- 2012
- 2014
- 2016
- 2017
The SQL server MUST be installed on the same server as QUEST Desktop Authority
If you install SQL server manually, you must enable “SQL Authentication” mode (SA Account)
Active Directory Functional Level
Supported Active Directory functional levels:
- Microsoft Windows 2008 domain functional level
- Microsoft Windows 2008 R2 domain functional level
- Microsoft Windows 2012 domain functional level
- Microsoft Windows 2012 R2 domain functional level
- Microsoft Windows 2016
Service Accounts
3 accounts are required
- Installation Account => Domain Administrator (netlogon modification required)
- Super User Group => A group for Desktop Authority administrators
- Operation Service => Local Administrator of the QUEST server
- Manager Service => Local Administrator of the QUEST server
- IIS Application => Local Administrator of the QUEST server
The last 3 accounts can be identical
Server Sizing
On the same server with SQL and Desktop Authority, with at least:
- Quad-core processor (dual-core in LAB)
- 16 GB of memory (4 GB RAM in LAB)
For disks, no specific prerequisites are indicated; you can start with:
- A System partition of 60 or 80 GB
- A partition for QUEST of 20 GB
- A partition for the SQL database of 20 GB
Installation
- Disable Enhanced Security. This is not a prerequisite for installation, but it allows the WEB console to launch correctly at the end of installation.
- Add “Operator Service” and “Manager Service” accounts to the local administrator group
- The installation will check the prerequisites and then start the installation
- The setup will then offer to install additional components
- Enter your serial number
- Install or provide information for the SQL express database
- Provide paths for the SQL database and “Desktop Authority” installation
- Provide the accounts (or account) for the services
- The default ports for these services are 8017 and 57238.
- Specify the administrator group for the solution (the account performing the installation will also be an administrator)
- Confirm the IIS configuration
- To manage a client remotely off-network, configure the feature during installation.
- Enable the feature by selecting “I want to use Off Network Remote.”
- Select a self-signed certificate, or your certificates
- Start the installation
- The installation takes between 15 and 30 minutes
