Integrate Endpoint Privilege Management for Windows with Password Safe

The Endpoint Privilege Management for Windows and Password Safe integration supports the following features:

  • Off-network account management: Endpoint Privilege Management for Windows contacts Password Safe for password tests or password changes.
  • Allow as Password Safe user: You can run an application using managed account credentials sourced from Password Safe.

You can integrate Endpoint Privilege Management for Windows and Password Safe on the following platforms:

  • BeyondInsight
  • Webserver
  • EPM

Installation documentation is available for each platform.

For more information, see https://www.beyondtrust.com/docs/index.htm.

Installer Flags

Use the following installer flags when setting up a EPM-W client and BeyondInsight Password Safe integration.

Flag Description
BEYONDINSIGHTCERTNAME

The certificate used for communicating with BeyondInsight. The default value is eEyeEmsClient.

Use with the BIMODE flag.

BEYONDINSIGHTURL

The URL of the BeyondInsight server.

Use with the BIMODE flag.

BEYONDINSIGHTWORKGROUP

The workgroup the machine is part of for BeyondInsight. The default value is BeyondTrust Workgroup.

Use with the BIMODE flag.

BIMODE

Used to install components and settings required for communication with the BeyondInsight platform.

When set to 1:

  • Installs BeyondInsight components.
  • Adds BEYONDINSIGHT to “PolicyEnabled” key.

This flag is required when using PSMODE=1.

PSMODE

Use to install components for communication with Password Safe.

When set to 1 installs Password Safe components.

This flag requires BIMODE.

IC3MODE

Controls communication with EPM SaaS platform.

When set to 1 adds WEBSERVICE to “PolicyEnabled” key.