Windows Server Prerequisites
Make sure your system fits the descriptions below before starting the installation.
Backup Operator Privileges
The user configured in the permissions perquisites section must be a member of the local Backup Operator group of the file server. It eliminates the need to grant explicit permissions to the Data Access Security user to all the folders on the file server. By using the Backup Operator privilege, Data Access Security can crawl, collect permissions, and classify data even if the user does not have explicit permissions to the folder.
Permissions
Data Access Security requires different permissions based on the tasks that require those permissions. The user configured in the Application Configuration wizard must have the following permissions on the file server:
- Share Read permissions to all shares on the file server
- Member of the local Backup Operators group on the file server
- Member of the local Administrators group on the file server
The following describes required permissions by each Data Access Security task:
- Crawling - The user must have Share Read permissions to all the shares on the file server and be a member of the local Backup Operators group on the file server.
- Permission Collection - The user must have Share Read permissions to all the shares on the server and be member of the local Backup Operators group on the server. The user must also be a member of the local Administrators group to read the Share Permissions and the local Users and Groups of the server.
- Data Classification - The user must have Share Read permissions for all the shares on the server and be member of the local Backup Operators group on the server.
Activity Monitor Installer
An Activity Monitor Installer is required for Windows File Server–type applications only. The Activity Monitor Installer can be downloaded here.
The installer is a command-line application that receives parameters and installs the Activity Monitor service inside the Windows File Server.
Important
The installer must be executed from within the Windows File Server.
Activity Monitor Installer Prerequisites
ASP.Net Core 9.0 Runtime v9.0.11 (minimum version) - Windows Hosting Bundle Installer must be installed on the virtual machine. If that is missing, the installer will not start and will notify the user.
Supported Windows Versions
The installer can be installed on:
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Activity Monitor Installer Installation Phases
- Configure the application using Data Access Security.
- Retrieve the IP addresses of the virtual appliance cluster (Activity Monitor).
- Install the Activity Monitor on the virtual machine.
Activity Monitor Installer Installation
The installer command-line application accepts the following parameters:
| Parameter | Description |
|---|---|
| -f, --folder |
(Required) Installation folder path |
| -c, --cert |
Certificate thumbprint |
| -h, --host |
(Required) VA address |
| -p, --port |
VA port. Default: 11000 |
| -v, --verbose | Enables verbose log level |
| -l, --log |
Log file path |
| -r, --rollback | Enables rollback support |
| -?, -h, --help | Shows help and usage information |
Here is an example with actual values:
SailPoint.Das.Installer.exe install -f C:\InstallerPath -h "172.16.4.101"
After the installation is completed, the DAS_WFS service will be installed and running on the File Server.
Console Output
During installation, the console displays progress information.
Note
Only the following two commands are mandatory:
- -f (installation folder)
- -h (VA host)
If other parameters are omitted, the installer uses default values:
-
Default installation path:
C:\ProgramData\DAS_WFS -
Default log path:
C:\ProgramData\DAS_WFS\Logs
Post-Installation Behavior
Once installation is complete, the installer will:
- Create and configure the Activity Monitor service on the virtual machine.
- Create the logs folder in the pre-defined location.
Uninstallation
To uninstall, run SailPoint.Das.Installer.exe uninstall.
The console will display the uninstallation progress and status.
Communication Requirements
| Requirement | Source | Destination | Port |
|---|---|---|---|
| Permissions / Resource Collector and Data Classification Analysis | Permissions and Resource Collector Virtual Appliance / Data Classification Server Virtual Appliance | Monitored Server | SMB (139, 445) |
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.