Before Installation

This topic describes prerequisites to the PVWA installation.


Before installing or upgrading, ensure that your system still complies with security requirements. To learn more, see Security Fundamentals.

We recommend that you install the PVWA automatically using the PAS deployment scripts, as described in Automatic Installation.

Work with a secure channel

A secure channel is required between the PVWA machine and the Internet Browser, therefore, an SSL certificate must be installed on the Web server. In addition, HTTPS binding must be configured on the web site where the PVWA is installed.

Install the PVWA server prerequisites

The PVWA_Prerequisites script automates PVWA server prerequisites by doing the following:

  • Installs Web Server Roles

  • Disables IPv6

  • Configures the self certificate

  • Enable TLS 1.2 on the PVWA server

Web Server roles

Before installing the PVWA, add the Web Server role.

To add the Web Server role:

  1. Log onto the PVWA machine with the Administrator user.

  2. In the Server Manager, select Add Roles and Featuresto display the Add Roles and Features Wizard.

  3. In Server Roles, select Web Server (IIS) then click Next.

  4. In Features, expand .NET Framework 4.5 Features, then WCF Services.

  5. Select HTTP Activation and accept the features required for HTTP Activation.

  6. Click Next and add the following Web Server Role (IIS) role services.

Vault user authorizations

During installation, Safes and a User are created to enable the Password Vault Web Access to work. In order for the installation to create these successfully, the Vault user who will carry out the installation must have the following authorizations in the Vault:

Add Safes
Add/Update Users
Reset Users’ Passwords
Activate Users
Manage Server File Categories
Audit Users

You can use the built-in Administrator user to install the PVWA.

Safe ownership

You must have ownership of the VaultInternal and Notification Engine safe.

Close all applications

Close all other applications currently running on your computer, before installing the Password Vault Web Access.

Log onto Windows as the Administrator user

Before beginning installation, log onto Windows as the Administrator user.

TruePrivileged Access Security11.5