Secondary Domain Controller Manual Setup Instructions

If you have opted to not auto-install the Passportal Secondary DC Agents, or are only installing on selected Secondary DC's - you will need to manually install the Passportal Secondary DC Agent on each Secondary DC manually.

Prerequisites

  • 64-bit
  • Windows Server 2008 R2 and newer
  • Windows Server Core is not supported at this time
  • Domain Admin access on Domain Controller

  • Supports TLS 1.2 or higher. More information on which versions of windows server support which TLS protocols can be found in this article.
  • C++ 2013 Redistubutable and .NET 4.5 installed on target device.
  • Outbound FTP Endpoint: agent.passportalmsp.com port 21 should be enabled (Optional)
  • Ports 7771 and 777 open for internal network communuications
  • Port 443 (TLS) for communications with the Passportal dashboard

For clarification on the Windows Agent toggles, see Active Directory Integration.

You will require a copy of Passportalx64.msi which was downloaded with the Windows Agent on the Primary DC, and an individual install command to run on each individual Secondary DC. The below instructions detail how to generate the install command and how to manually install on Secondary DCs.

To manually install the Secondary DC Agent:

Initial steps are taken on the Primary DC

  1. On the Primary DC launch the Passportal Agent Configuration Utility (either from the desktop shortcut or via C:\Program Files\Solarwinds\Passportal Agent
  2. Enter your login details, select the appropriate Country and Client and then click Continue
  3. Enter the Windows Service Account Login credential and the Password (these can be retrieved from the Client Credentials in Passportal if needed), and then click Secondary DC Install
  4. The Passportal Agent Configuration Utility will take a few moments to confirm the credentials, and then the window will refresh to show the Secondary DC install command configuration
  5. Enter the name of the Secondary DC Machine (Do not use it's IP Address), and click View Command - The install command will be copied to clipboard as it contains sensitive data such as passwords and domain credentials. We recommending saving this temporarily in a *.txt file to aid the installation process on the Secondary DC. Here is an example of the command with sensitive information redacted:
  6. cmd /WAIT /C msiexec /i Passportalx64.msi /q TARGETDIR="c:\Program Files\Solarwinds\Passportal Agent" EMAIL="someone@somewhere.com" PASSWORD="***" ORGKEY="***" CLIENTNAME="Acme Corp" COUNTRY="UK" DOMAIN="PPFOREST2.LOCAL" DOMAINUSER="ppadmin" DOMAINPASSWORD="***" INSTALLTYPE="ListenerOnly" PRIMARYIP="10.199.30.29" PRIMARYPORT="7771" SHAREDKEY="XXXXXXXXXXXXXXXXXXXXXXXXXXXXX" SECONDARYID="Server02"

    Now we take actions with each Secondary DC

  7. Copy the Passportalx64.msi to a local folder on the Secondary DC, along with the command that was generated in Step 5
  8. Open a Command Prompt window, with Administrator rights (i.e. Open as Administrator)
  9. Change directory to the directory where you have stored the Passportalx64.msi
  10. Execute the command created in step 5. The installation will proceed, with progress and any errors shown in the Command Prompt window
  11. Once installed, the Secondary DC will need to be rebooted to allow 2-way sync to function, but does not need to be done immediately and can be done at your earliest convenience
  12. Repeat from Step 1 for each Secondary DC