PSM pre-installation tasks

This topic describes prerequisites to the PSM installation.

Verify that all installed components and applications are compatible. The compatible versions of the Privileged Access Manager - Self-Hosted components are listed in System Requirements by Product.


Before installing or upgrading, ensure that your system still complies with security requirements. To learn more, see Security Fundamentals.

Ready the PSM server machine

The following section describes prerequisites for the PSM server machine.


For information about Setting up RDS on Windows, refer to the Microsoft documentation.

To benefit from RemoteApp user experience validate the following:

  • RDP client v6.1.7601 or above (RDP protocol version v7.1 or above) on end user machines.

PSM License

Verify that the CyberArk license specifies PSM. Each PSM server installation requires its own license, so make sure that your license specifies the number of PSM servers that you intend to install.

Permissions to install

During installation, Safes and a User are created to enable the PSM to work. So that the installation creates these successfully, the Vault user who installs PSM must have the following authorizations in the Vault:

  • Add Safes

  • Add/Update Users

  • Reset Users’ Passwords

  • Activate Users

  • Manage Vault File Categories

During Vault installation, an Administrator user is created with these authorizations specifically for this type of activity.

RDS on a PSM server

This procedure describes how to setup RDS on a PSM server.

This procedure is done automatically during PSM automatic installation.

If you install PSM using the PSM wizard installation, you must set up RDS. To do this, either run the Set up script or perform the following procedure manually.