Install a CyberArk Identity Connector

Skip this topic if you have done it as part of another tutorial.

The CyberArk Identity Connector is a multipurpose software that enables secure communication between your internal network and CyberArk Identity.

The machine you are installing the connector on should meet the following requirements:

  • Windows Server 2012 or later

  • 8 GB of memory, of which 4 GB should be available for connector cache functions

  • 2 core CPU

  • Has Internet access so that it can access the CyberArk cloud services.

  • Has a GlobalSign Root CA - R3 certificate installed in the Local Machine Trusted Certificate root authorities store.

    Refer to https://support.globalsign.com/ca-certificates/root-certificates/globalsign-root-certificates for more certificate detail.

  • Microsoft .NET version 4.5 or later; if it isn’t already installed, the installer installs it for you.

  • Be a server that is always running and accessible.

Industry best practice recommends that you do not install the connector on the same server as the domain controller. Domain controllers are single-purpose systems.
  1. Log in using the domain administrator account that has sufficient permissions to install the connector.
    1. Open the Identity Administration portal.
    2. Click Settings >Network > CyberArk Identity Connectors > Add CyberArk Identity Connector.

    3. Click 64-bit in the Download pane.

      The download begins.

  3. Extract the files.

  4. Double-click the installation program: CyberArk Installer.

    In the file name, rr.r indicates the release version and aa indicates the processor architecture (64-bit).

  5. Click Yes to continue if the User Account Control warning displays.
  6. Click Next on the Welcome page.

  7. Review the End User Software License and Services Agreement, accept the terms of agreement, then click Next.

  8. Select the components to install, then click Next.

    The default is to install all components. Use the description on the installation UI determine what you want to install.

  9. Click Install > Finish to open a second installation wizard.

    This second installation wizard initiates the connection between Active Directory and your CyberArk Identity tenant.

  10. Click Next on the Welcome page.

  11. Type the administrative user name and password for your CyberArk Identity account, then click Next.

  12. Click Next unless you are using a proxy to connect to the internet.

  13. (Optional) Specify your domain if you want to synchronize deleted objects in Active Directory/LDAP with CyberArk Identity, then click Next.

    If you want to synchronize deleted objects, make sure you are logged in as a domain administrator.

  14. Click Next if all of the tests are successful.

    As the final step, the connector registers your customer identifier with your tenant, then runs in the background as a Windows service.

  15. Click Finish to complete the configuration and open the connector configuration panel, which displays the status of the connection and your customer ID.
  16. Click CyberArk Identity Connector to view or change any of the default settings.
  17. Click Close.