After you have analyzed the environment, you should prepare the Active Directory organizational units and groups to use. You can then install administrative consoles and the audit and monitoring service infrastructure, and prepare initial zones.

Here are the key steps involved:

  • (Optional) Create organizational units or containers to define a scope of authority.

    The deployment team should consult with the Active Directory enterprise administrator to determine whether any additional containers or organizational units would be useful, who should be responsible for creating Licenses and Zones container objects, and who will manage the objects in those containers.

  • (Optional) Create the additional Active Directory security groups for your organization.

    Groups can simplify permission management and the separation of duties.

  • Install Access Manager on at least one administrative Windows computer.

  • Open Access Manager for the first time to run the Setup Wizard for the Active Directory domain.

  • Create a parent zone and the appropriate child zones as identified in your basic zone design.

    The hierarchical zone structure you use depends primarily on how you want to use inheritance and roles.

  • Prepare Windows computer accounts in the appropriate zones and assign the default Windows Login role to the appropriate Active Directory users and groups.

  • Install Audit Manager and Audit Analyzer together or separately.

  • Create an installation and a management database on one computer.

  • Create an audit store and audit store database on at least one computer.

  • Install a collector on at least two computers.