Configure the Privilege Management MMC PMC Snap-in

You need to install and configure the Privilege Management MMC on the machine you will use to administrate PMC policy.

The installation packages differ based on your operating system:

  • For 32-bit (x86) systems, run PrivilegeManagementPolicyEditor_x86.exe.
  • For 64-bit (x64) systems, run PrivilegeManagementPolicyEditor_x64.exe.

You can obtain these downloads from the File Downloads area of the Customer Service Portal.

For compatible versions, please see the Release Notes.

Add and Configure the Privilege Management PMC Snap-in

You need to use the Privilege Management MMC PMC snap-in for the Microsoft Management Console (MMC) to manage policy for endpoints managed by PMC.

To load the Privilege Management PMC snap-in for the MMC:

  1. Run mmc.exe from the Start menu.
  2. Navigate to File > Add/Remove Snap-in and select Privilege Management Settings (PMC). Click Add.
  3. Click OK.

Ensure you install the Privilege Management Settings (PMC) snap-in, rather than just Privilege Management Settings.

The next step is to configure the MMC to connect to PMC.

PMC Connection settings

Setting What to Enter
Connection
Server URL The URL for PMC with 8443 in the Port field.
Tenant ID

The tenant ID GUID that you are using to authenticate with PMC. You can obtain it from Microsoft Azure for Azure Directory authentication.

Authorization Provider
URL The URL for PMC with :8443/oauth appended to it.
Identification
MMC Client ID

This needs to be the same GUID you generated and used in the PMC connection settings called Application ID.

There are many ways to generate a GUID. For example, you can use a PowerShell cmdlet:

new-guid
Client Return URI Enter http://defendpoint-mmc.com. This string does not resolve but needs to be as stated.
Amend token resource ID

Check this box. This string needs to be https://api.PMC.avecto.com. This string does not resolve but needs to be as stated.

For more information regarding connecting PMC to the Policy Editor, please see Connect PMC to Policy Editor.

Confirm the Connection to PMC

You should now confirm that you can access PMC from the PMCPrivilege Management MMC snap-in.

Click New Policy to start a new policy.

  1. Click New Policy in the Privilege Management MMC snap-in.

 

  1. Enter your credentials for PMC when prompted and click Sign in.
  2. If you clicked Create, you are prompted to enter a name for your policy. If you clicked PMC Policies, you are taken to a list of policies in PMC.

If you receive an error connecting to PMC, ensure you have entered the correct options in both PMC and the PMCPrivilege Management MMC PMC snap-in.