Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

SafeNet Agent for Windows Logon

Installing the agent

search
printsuggest an editpdf paneldownload

Installing the agent

note

Note

Always work in Run as administrator mode when installing and configuring the agent.

Following are the ways to install the agent:

copy link to clipboardInteractive Installation

Perform the following steps to install the agent on windows machine (with administrative privileges) using the installer:

  1. Locate the installation file and execute the following command to run the installer:

    msiexec /i "SafeNet Authentication Service Agent for Win 8-10-2012-2016 x64.msi" /qf

  2. On the Welcome to the InstallShield Wizard for SafeNet Authentication Service Agent for Win 8-10-2012-2016 window, click Next.

    alt_text

  3. On the License Agreement window, read the software license agreement and to proceed, select I accept the terms in the license agreement option, and click Next.

    alt_text

    To proceed, the InstallShield Wizard searches for the agent configuration file (as downloaded earlier from SafeNet Trusted Access) in the background. If the file is available, you will be moved to step 4, else you need to perform the following steps:

    1. On the Authentication Server Pairing window, select STA Authentication Server type, and click Next.

      alt_text

    2. On the Browse File window, click Change to browse and select a configuration file, and click Next.

      alt_text

      note

      Note

      Click Skip to proceed without selecting an agent configuration file. You can upload the file later in Communications > Agent Configuration.

  4. On the Customer Information window, perform the following steps:

    1. In the User Name field, enter your user name.

    2. In the Organization field, enter the name of your organization (any custom name can be used).

    3. Click Next.

      alt_text

  5. On the Destination Folder window, perform one of the following steps:

    1. To accept the default installation destination folder, click Next.

    2. To change the installation folder, other than the default one, click Change, and then browse to locate and select the required folder.

    3. Click Next.

      alt_text

  6. On the Windows Logon Setup window, provide the following information, and click Next.

    Exempt Local and Domain Administrator groups from SafeNet Authentication Select this checkbox to allow administrators to log on without providing STA credentials.
    Logon Mode

    Select one of the following logon modes:

    > User will enter both STA and Windows credentials with each logon.

    > STA will cache Windows passwords after the first use.

    alt_text

  7. On the Ready to Install the Program window, click Install.

    alt_text

  8. When the installation process completes, the Installshield Wizard Completed window is displayed. Click Finish.

    alt_text

copy link to clipboardSilent Installation

Another approach to install the agent is to run the installation silently with parameters. A silent installation enables you to complete the installation without any user prompts. This allows to set the key configuration items, for example, authentication server FQDN and logon mode.

To install silently, enter the following command from the command line to launch the SafeNet Windows Logon msi installation package:

note

Note

Ensure to keep both the .msi and .agent files at the same location.

msiexec /i "SafeNet Authentication Service Agent for Win 8-10-2012-2016 x64.msi" /quiet AGENTMODE=1

After the silent installation completes, the machine restarts.

To set options, the property name is used in name value pairs with spaces in between each pair. For example, to install the agent in NextGen mode and provide a specific path to the agent file, run the following command:

msiexec /i "SafeNet Authentication Service Agent for Win 8-10-2012-2016 x64.msi" /quiet AGENTMODE=1 JSONFILEPATH="<PathToAgentFile>"

note

Note

SSL will be enabled by default.

The following is a list of options (parameters) that can be specified. If the option is not specified, it will be set to the default value, which is equivalent to clicking Next on all pages of the installer dialog. These parameters cannot be specified during agent upgrades.

Option Description Value
AGENTMODE Logon mode of installation

1 for Next Generation mode, 0 for Classic installation

Default: 0
JSONFILEPATH Path to agent file

Path to agent file

Default: 0
AGENTSTATUS To enable or disable the agent 1 Enable the agent, 0 Disable the agent

Default: 1
INSTALLDIR To install the agent at a non-default location

Use the following command:

msiexec /i "MSI_file_path\MSI_file_name" /quiet INSTALLDIR=<"target_directory_path">

copy link to clipboardConfiguring the updated agent file

To configure the updated agent file, download the .agent file, push it in either of the following locations and execute the following command on the command line:

cd C:\Program Files\SafeNet\Windows Logon\WinLogonManager.exe JSONFILEPATH="<PathToAgentFile>"

For example, use the following commands to load the configuration from the agent file when the file is pushed to:

  1. Installation Directory

    alt_text

  2. Centralized Directory

    alt_text

After the command executes, the following agent file configuration gets updated:

  • The Primary and Secondary URL gets updated in the registry.

  • The BSID Key gets updated in the existing BSID Key file location.

On this page