Skip to main content

Setting up access to Active Roles Management Shell

When listing accounts from Active Roles Server remotely, access to Active Roles Management Shell is required.

On the Active Roles Server:

  1. Add the Active Roles target system administrator into following local user groups by using server manager:

    • Remote Desktop Users

    • WinRMRemoteWMIUsers__

    • WSS_ADMIN_WPG

    Note

    Local group WinRMRemoteWMIUsers__ is not installed by default in Windows later versions, such as Windows 2016. It can be added by using command:

    net localgroup /add WinRMRemoteWMIUsers__

  2. Launch Active Roles Management Shell as an Administrator.

  3. Execute the following command to enable Windows Remote Management (WinRM):

    Enable-PSRemoting -Force

  4. Execute the following command to enable Credential Security Support Provider (CredSSP) authentication on the Active Roles Server:

    Enable-WSManCredSSP -Role Server

To configure the client computer where the connector(agtars) is installed:

  • If the connector (agtars) is installed on Bravura Security Fabric server:

    1. Launch Windows PowerShell as an Administrator.

    2. Execute the following command to enable Credential Security Support Provider (CredSSP) authentication:

    Enable-WSManCredSSP -Role client -DelegateComputer "<ARS server name>"

  • If the connector (agtars) is installed on the Active Roles Server:

    1. Install Proxy Service (psproxy) on the Active Roles Server.

    2. Install Connector Pack, which should match the setup of Bravura Security Fabric server Connector Pack.

In this section: