Articles in this section

See more
Print

Cayosoft Administrator System Requirements

  • Updated
Follow

Content: 

Hardware Requirements 

Component Requirements

Platform

2 GHz or higher Intel-compatible dual or quad-core CPU 

Memory

16 Gb minimum, recommended for environments with up to 1000 users in all managed systems.

24 Gb is recommended for environments with up to 50000 users in all managed systems.

32 Gb is recommended for environments with 50000 users or more in all managed systems.

Note: Additional RAM may be required for highly loaded installations. For example, when several automation rules and/or Dynamic Groups are executed in parallel every few minutes. Or with dozens of users using Web Portal simultaneously.  

Disk

60 Gb or more of free disk space

Machine

Physical, On-premise Virtual, Azure, or AWS Virtual Server.

 

Software Requirements

Component Requirements

OS

Windows Server 2012R2 or later*.

Active Directory forest functional level

Windows Server 2012R2 or later.

Microsoft Exchange Server

Exchange Server 2013, with Cumulative Update 21

Exchange Server 2016, with Cumulative Update 10.

Exchange Server 2019

Web Browser

Google Chrome (Versions released within the past 12 months)

Mozilla Firefox (Versions released within the past 12 months)

Apple Safari (Versions released within the past 12 months)

Microsoft Edge based on Chromium (Versions released within the past 12 months)**

Required ports

Learn more about ports used by Cayosoft Administrator Service.
*Important: Support for Windows Server 2012 will be discontinued on October 10th, 2023. Please see the Microsoft article for details: Windows Server 2012 - Microsoft Lifecycle | Microsoft Docs 
**Important: The end of support for the legacy version of the Microsoft Edge desktop app is on March 9, 2021. Microsoft Internet Explorer is not supported.

 

Windows Server 2012 R2 Microsoft Frameworks Required Installs

Required to manage any system or service with Cayosoft Administrator

Component Notes

Microsoft .NET Framework 4.7.2 or later

No download is required for Server 2012 R2 or later, just add the role.

To determine the installed version of Microsoft .NET Framework, follow the instructions provided in Microsoft Determine which .NET Framework versions are installed - .NET Framework | Microsoft Learn.

Microsoft Management Framework 5.1 or later

See installation instructions.

PowerShell Gallery Module 2.5 or later

See installation instructions.

Note: This module is required for the Administrator Service version 10.1 or later.

 

Windows Server 2012 R2 Active Directory Required Installs

Note: for hybrid user management, the Active Directory schema needs to be extended with Exchange attributes. This is required because Exchange Online makes use of these attributes for synced users.
Component Notes

Remote Server Administration Tools (RSAT)

No download is required for Windows 8.x or Server 2012 R2 or later, just add the role.

See installation instructions.

Active Directory PowerShell Module (included in RSAT installation)

No download is required for Server 2012 R2 or later, just add the Server role.

Active Directory Users and Computers MMC (included in RSAT installation)

No download is required for Server 2012 R2 or later, just add the Server role.

 

Microsoft 365 Services

Note: Use the Cayosoft Requirements Check tool to automatically install these required components.

Azure AD and Microsoft 365 Exchange Online

Component Notes

MSOnline PowerShell for Azure Active Directory

See installation instructions.

Exchange Online PowerShell module (EXO V3)

See installation instructions.

 

Microsoft Teams and Microsoft 365 Skype for Business Online

Component Notes

Microsoft Teams PowerShell module

See installation instructions.

 

Microsoft  365 SharePoint Online

Component Notes

SharePoint Client-Side Object Model 

See installation instructions.

SharePoint Online Management Shell

See installation instructions.

 

Service Account and Target Systems Credentials

Permission requirements for Windows Service Account and credentials, provided for each target system, are listed in the table below.

Important: For replication group configuration, each Server must be configured to connect to the platforms to be managed by service accounts specific to that server.  In other words, each Cayosoft Server should have its own set of service accounts for all managed platforms: Active Directory, Microsoft 365, Exchange Server on-premise, and Microsoft Skype Server on-premise.

 

Service Permissions

Server/Computer

Windows Service Account, configured to run the Cayo Administration Service,  should have Local Administrator permissions on the workstation or server where the product will be installed.

Windows Service Account should be a member of the Domain Admins group if you plan to automate the user and group account suspension process with Cayosoft Administrator.

Active Directory

Active Directory Service Account, specified in the Active Directory domain credentials setting, should have Domain Admin permissions (or up to the level required for desired tasks to be completed).

Exchange On-Premises

Exchange Service Account, specified in the Exchange credentials setting, should have the Exchange Organizational Management Role.

Skype/Lync On-Premises

At least CsUserAdministrator role must be assigned to the specified Skype connection account.

Azure AD and Microsoft 365  Exchange Online

Microsoft 365 connection account should hold the Global Administrators and must be a cloud-only account, i.e. not synchronized with on-premises Active Directory. For more details, please see Microsoft 365 credentials setting description in Microsoft 365 extension settings article.

Microsoft Teams

Teams license and Teams Administrator role are required for Microsoft 365 connection account to maintain its ownership in teams and channels, specifically private teams and channels.

SharePoint Online

Microsoft 365 Service Account, specified in the Microsoft 365 credentials setting, should have Full Administrator permission.

Target Servers or Systems

Windows Service Account should have Administrative permissions on the target system up to the level required for the tasks to be completed.

 

PowerShell Execution Policy for Windows Computers Requirements

Cayosoft Administrator executed PowerShell scripts to communicate with external services like Active Directory, Exchange, Microsoft 365, and others, and it requires the 'Unrestricted' level of PowerShell Execution Policy.

According to this MS article https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-executionpolicy?view=powershell-5.1, the effective execution policy is determined by the order of precedence as follows:

  • MachinePolicy. Set by a Group Policy for all users of the computer.
  • UserPolicy. Set by a Group Policy for the current user of the computer.
  • Process. Affects only the current PowerShell session.
  • CurrentUser. Affects only the current user.
  • LocalMachine. Default scope that affects all users of the com
  1. When initializing the PowerShell hosts to execute rules, the Cayosoft Administration Service sets execution policy on the Process scope to Unrestricted level.
    1. From the article above: "Unrestricted. Loads all configuration files and runs all scripts. If you run an unsigned script that was downloaded from the Internet, you are prompted for permission before it runs."
    2. The Unrestricted level is required because the Service does not execute ps1 files and ready-made scripts. Instead, the Service reads the rule definition and executes it command-by-command, based on the rule configuration and design. 
  2. Cayosoft Administrator won't work if the PowerShell execution policy is forced to AllSigned through Group Policy, both on MachinePolicy and UserPolicy levels. In this case, Group Policy settings will override settings on the Process scope level. 
  3. If the PowerShell execution policy is set to AllSigned on CurrentUser or LocalMachine level, Cayosoft Administrator will be able to override them.
  4. To check the execution policy for the Administration Service, run the PowerShell or PowerShell ISE under the account configured to run the Cayosodt Administration Service and run the following command: 
    1. Get-ExecutionPolicy -List
    2. Ensure that the Process policy and above is set to Unrestricted or Undefined

 

SMTP Mail Server Requirements

See details in the KB20140105-1 Configuring Cayosoft Administrator SMTP Server Settings.

 

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.