ARM 9.1
System requirements
for SolarWinds Access Rights Manager
The following table lists hardware and software system requirements for your SolarWinds Access Rights Manager installation.
Graphical user interface (GUI) requirements
Web components and web interface requirements
Network requirements and firewall settings
ARM Server requirements
Hardware requirements for the ARM Server vary depending on several factors:
- the number of users in Active Directory (AD)
- the number of file servers and directories monitored by ARM
- the ARM Server's data storage settings
Installing ARM onto a server that has an Orion Platform installation will cause a conflict with the RabbitMQ service. To avoid this, ARM and Orion Platform products must be installed on separated servers. Note that ARM is not an Orion Platform product.
| Hardware/Software | Requirements | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Operating System |
|
||||||||
| CPU (number of processor cores) |
Intel Itanium platforms are not supported. |
||||||||
| Hard drive space |
|
||||||||
| Memory |
|
||||||||
| .NET Framework |
.NET 4.5.2 (or higher) |
||||||||
| Access rights |
The service account requires local administrator rights on the ARM server. |
||||||||
| Other |
The ARM server must be a member of an Active Directory domain. Clusters are not supported. Server Core is not supported. |
ARM Collector requirements
| Hardware/Software | Requirements |
|---|---|
| Operating System |
|
| CPU (number of processor cores) |
2 Intel Itanium platforms are not supported. |
| Hard drive space | 5 GB |
| Memory | 4 GB |
| .NET Framework |
.NET 3.5 SP1 and .NET 4.5.2 (or higher) |
| Other |
ARM collectors can be installed on a member server (node) of a cluster. ARM collectors cannot be used as a cluster for Windows Server Failover Clustering manager. |
ARM GUI application requirements
These requirements are for both the main ARM application and the ARM Configuration application.
| Hardware/Software | Requirements |
|---|---|
| Operating System |
|
| CPU (number of processor cores) | 2 |
| Hard drive space | 500 MB |
| Memory | 2 GB |
| .NET Framework |
.NET 3.5 SP1 and .NET 4.5.2 (or higher) |
| Graphics |
Graphic card supporting DirectX 10 |
| Screen resolution |
Minimum: 1280x1024 Recommended: 1920x1080 (1080p) |
SQL Server requirements
| Hardware/Software | Requirements | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft SQL Server (32-bit and 64-bit) |
|
||||||||
| CPU (number of processor cores) |
2 Intel Itanium platforms are not supported. |
||||||||
| Hard drive space (Database storage) |
|
||||||||
| Memory | 4 GB | ||||||||
| .NET Framework |
.NET 3.5 SP1 and .NET 4.5.2 (or higher) |
||||||||
| Access rights |
|
||||||||
| Other |
SQL Server Express Edition can be used but has the following limitations:
|
File server requirements
| Hardware/Software | Requirements |
|---|---|
| Operating System |
|
| Supported types of file servers |
Windows Server Failover Clustering (WSFC) is supported. |
Web components and web interface requirements
| Hardware/Software | Requirements |
|---|---|
| Operating System |
|
| .NET Framework |
.NET 3.5 SP1 and .NET 4.5.2 (or higher) |
| Internet Information Services (IIS) | Version 7.5 or higher |
| Supported browsers |
Cookies and Javascript must be enabled. |
| Other |
|
Network requirements and firewall settings
| Port | Service/Process | Purpose and Description |
|---|---|---|
|
389 |
LDAP |
Active Directory scanning |
|
139 445 135+dynamic* |
NetBIOS Microsoft DS (CIFS) Local users/groups (WMI/DCOM/RPC) |
File server scanning |
| 1433 | MS SQL Server |
ARM uses this port for all communication between the ARM server and the SQL server. Collectors communicate only with the ARM server and do not communicate with the SQL server |
|
88 |
Kerberos |
Authentication |
|
55555+dynamic* |
ARM components standard port |
ARM components standard port ARM uses this port for all communication between the ARM server and client (GUI applications). |
*SolarWinds recommends defining application-based rules for services that use dynamic ports because of the possibility of random high-numbered ports being used.
ARM service account permissions
SolarWinds recommends using service accounts (dedicated user accounts) for ARM. This ensures that:
- The access rights of the service accounts are used only by ARM.
- It is easy to identify whether an action was performed by an ARM service account or by a domain admin.
- If the domain admin's password changes, the ARM configuration is unaffected.
- Restrictions are avoided through activity limits (for example, Exchange Online allows only three parallel requests).
| Feature | Required access rights |
|---|---|
| ARM server |
A service account requires local administrator rights on the ARM server. If a service account is a member of the domain Admin group, then this requirement is automatically fulfilled. If a server computer becomes a member of the domain (domain join) then the group Domain Admins will become a member of the local administrator group. |
| SQL Server |
|
| Active Directory (AD)-Scan |
Every user account requires at least read-only rights in order to be able to generate an Active Directory scan. If you utilize delegation in your organization, then you must add the service account to the group that can read the required OUs. |
| AD Modify |
If you work with delegation in your company, you must assign service accounts to a group that is allowed to change the relevant OUs. Without delegation: Service accounts become a member of the Domain admin group. |
| File server (FS)-Scan |
User accounts require access rights in order to be able to read NTFS permissions as well as traverse folders. Service accounts can become a member of the domain admin group. If the domain admin account does not have access to all folders (for example, user folders) then add service accounts to the backup operators on the file server. |