Getting Started

The Getting Started tasks guide you through the basic setup, configuration, and use of Local Security Solution.

Prerequisites for Getting Started tasks

• Notification Server 6.0 SP3, or later
• Local Security 6.1 SP1 installed on the Notification Server. See Installation (page 4)

Getting Started tasks

1. Install the Local Security Agent on Computers
2. #Perform Local User Inventory
3. #Enable the Random Password Policy
4. #View Data on Computers

Exercise scenario

You are a system administrator. Your IT manager asked you to perform an inventory of defined local users and groups on all Windows Computers in your environment. Your manager also wants you to implement a random password generator policy for the Administrator user account to improve the management of these users and groups. Finally, you need to view the local users, groups, and password data on a computer.

Perform Local User Inventory

After the Local Security Agent has been installed, the solution performs a local user inventory. This inventory is gathered by the Local User Inventory Policy, which is enabled by default. You do not need to do anything for this policy to run. However, you may want to view this policy and its settings.

To view the Local User Inventory Policy

1. Click the Configuration tab.
2. In the left pane, select Configuration > Solutions Settings > Security Management > Local Security > Windows > Local Security Agent Configuration > Local User Inventory Policy.
   Take note of the collection this policy applies to and the interval it is set to run. You can change the interval as needed. (If you make changes click Apply.)

Enable the Random Password Policy

The Random Password policy lets you generate random passwords for a defined collection.
To set up and use the Random Password policy

1. In the Altiris Console, click the Tasks tab.
2. In the left pane, navigate to Tasks > Security Management > Local User Security > Windows > Local User Tasks.
3. Right-click Sample Random Password Policy for Administrators and select Clone.
4. Give the new policy a unique name and click OK.
5. In the left pane, select the new policy.
6. In the right pane, select Enable.
   For the purpose of this Getting Started exercise, you do not need to make any other changes to this policy.

   Note The Log password at server before change option ensures the password change request and subsequent change are never lost. However, there is additional overhead associated with selecting this option because of the added communication between Notification Server and managed computers.

7. Click Apply.

View Data on Computers

After the required policies have been enabled and deployed, you can view users, groups, and password information for individual computers on the Altiris Console.
To view user, group, and password data on a computer

1. In the Altiris Console, click the Configuration tab.
2. In the left pane, select Configuration > Solutions Settings > Security Management > Local Security > Windows > Local Security Agent Uninstall > All Windows Computers with Local Security Agent Installed.
3. In the right pane, double-click on a computer name to open Resource Manager.
4. Click the Summaries tab.
5. In the left pane, select Resource Manager > Local Security.
   • Click All Local Groups to view the local groups on the computer. Double-click a local group to view inventory and associations for that group.
   • Click All Local Users to view the local users on the computer. Double-click a local user to view inventory, events, and associations for that user.
   • Click Local Accounts Diagram to view a diagram of all accounts found on the computer.
   • Click Managed Local User Passwords to view user password change information on the computer. To view the managed password for a user, right- click the user name and select Show Managed Password.

     Note - The amount of time you can view the password depends on how you configured the Password Disclosure Settings. For information, see Password Disclosure Settings on page 23.