Deployment Guide

Table Of Contents

Post-Installation Configuration

After installation, some components of your environment may need to be configured, based on the Dell Data Security solution

used by your organization.

After installing the Security Management Server Virtual, the following defaults should be modified:

● Change the back end server password at the following location:

C:\Program Files\Dell\Enterprise Edition\Message Broker\conf\application.properties

● Change password for every front end server in your environment at the following location:

C:\Program Files\DELL\Enterprise Edition\Beac\conf\application.properties

The password displays as follows: proxy-server.password=ENC(<texthere>)

To change the password:

1. Select: ENC(<texthere>)

2. Change the selected text to: CLR(<newpasswordhere>)

After service restart, the modified line changes to ENC from CLR and the password is encrypted.

NOTE: The proxy-server.username may also be modified, but this must match within the Message Broker's

application.properties file and all active front end servers.

Validate Manager Trust Chain Check

If a self-signed certificate is used on the Security Management Server Virtual for SED or BitLocker Manager, SSL/TLS trust

validation must remain

disabled

on the client computer. Before enabling SSL/TLS trust validation on the client computer, the

following requirements must be met:

● A certificate signed by a root authority (for example, Entrust or Verisign) must be imported into the Dell Server. See Import

an Existing Certificate or Enroll a New Server Certificate.

● The full chain of trust of the certificate must be stored in the Microsoft keystore on the client computer.

To disbale SSL/TLS trust validation, on the client computer, change the value of the following registry entry to 1:

[HKLM\System\CurrentControlSet\Services\DellMgmtAgent\Parameters]

DisableSSLCertTrust=REG_DWORD (32-bit):1

Post-Installation Configuration 31