Adaptiva.comSupport

Plan for OneSite platform installation

The OneSite Platform consists of the following components required for installation:

  • Adaptiva Server

  • SQL Database

  • Adaptiva Client

Adaptiva Server

The OneSite Platform solution hosts both the Server software and the Adaptiva Client instance. The OneSite Platform uses both components to facilitate and simplify complex endpoint management processes, including caching, peer communication, content acquisition, and result reporting.

The Adaptiva Client component provides administration services and policy deployments for products and connects with the Adaptiva database, either locally or on a remote server. The Adaptiva Server also communicates with the following third-party products:

  • CrowdStrike Falcon

  • Microsoft Defender

  • Microsoft Endpoint Management: Configuration Manager, and Intune

  • Omnissa Workspace ONE

  • SentinelOne Singularity

  • Tenable Security Center

  • Tenable Vulnerability

Adaptiva Server Requirements

The information in the table below details the minimum requirements for the installation.

Component
Minimum Requirement

Operating System

Windows Server, Standard or Datacenter Edition. For more information on the supported operating systems, see Supported Operating Systems, Software, Drivers, and BIOS.

Processor

Single Quad-core Xeon Processor.

RAM

32 GB minimum.

Storage

Installation files require 1.5 GB for the Adaptiva Server, and the Adaptiva Client. Logging requires approximately 5 GB for the default logging retention. In addition to the general storage requirements, the Adaptiva Server may need disk space to store published content in the Content Library. The estimated size is the same amount of storage used for the content source files, plus 20% for policy files and DIFF files.

Adaptiva Server Installation Path Details

The Adaptiva Server installation wizard uses the following default location for files and logs:

C:\Program Files\Adaptiva\AdaptivaServer

Important

Do not install the Adaptiva Server on the OS C: drive. The OneSite product log files grow to a maximum size of approximately 5 GB, and the Adaptiva Content Library installed with the Adaptiva Server expands over time. This may impact storage and performance on the OS C: drive.

You may also choose your own installation path.

Admin Portal Port

The Adaptiva Server hosts a web page for administration. This web page must be configured to a specific HTTP Port on the server. This defaults to using the HTTP Port 443. If another service is using port 443, a different port must be specified during installation. Use NETSTAT -nabo to return a list of currently used ports. Adaptiva recommends using port 9678 if the default port is unavailable.

(Optional) Client HTTP Transport Port

Adaptiva Clients use specific UDP ports to communicate with the Adaptiva Server as well as other clients. If UDP communication with the Adaptiva Server does not work, client-to-server communications can be changed to use HTTP. You can use Port 9679 or select another port. Run the NETSTAT -nabo command to return a list of currently used ports.

Installation Account

The account performing the installation requires local administrator permissions on the Adaptiva Server and must be included in the SQL SysAdmin role on the SQL Server. You may change this permission after installation. In addition, you may also change the service account from the local system to a specified service account after installation.

Server/Location
Account
Permissions

Adaptiva Server

Installation account Reporting Account Optional Service account

Local Administrators group The installation will grant db_datareader permissions on the Adaptiva database. If used, the account must be granted the Log On As A Service User right.

SQL Server hosting the Adaptiva database

Adaptiva Server SYSTEM Account Installation Account Optional Service Account

The SQL Server Role requires the sysadmin permissions for installation and upgrade. Minimum permissions (after installation) Adaptivadatabase Security User Mapping (account running the Adaptiva Server service): db_datareader, db_datawriter, db_ddladmin, db_executer

Content Library

<domain>\AdaptivaServer$ Optional Service Account

If you choose to change the location of the Adaptiva Content Library to a remote drive or share, the Adaptiva Server service account must be granted Modify permissions to the location.

Record the Server Details

  • Server Installation path

  • Integration with Existing ConfigMgr Site

  • Integration with Workspace ONE

  • Admin Portal Web UI Communications Port is 443 or 9678

  • (Optional) HTTP Client Transport Port

Note

If not configuring the HTTP Client Transport Port, leave it set to 0.

Server Activation (OneSite Anywhere only)

If the Adaptiva Server will use OneSite Anywhere and the Adaptiva Cloud Relay Servers, then the following steps are required to request an activation code.

This is required when clients are on the internet or cannot communicate directly with the Adaptiva Server using UDP or HTTP.

This can be submitted via a request from the Support Portal.

  1. Open a web browser and connect to https://support.adaptiva.com and log in.

  2. Click Submit a request.

  3. From the drop down, select I would like to request Cloud and/or CDN activation for an Adaptiva Server.

  4. Complete the form with the following information and click Submit:

    Server Name (or identifier - required):
Server Use: Production, Dev, Test, QA, etc (required):
Request type (required):
- Cloud Activate & Provision Adaptiva CDN
- Cloud Activate Only
- Provision Adaptiva CDN Only
Support Email Address (required):
Billing Email Address (required):
Billing Telephone Number (required):

  5. Within 24 hours an activation code will be sent.

Adaptiva database

The Adaptiva Server requires its own SQL Server database (Adaptiva database).

SQL Server Requirements

Review the requirements in the table below when deciding which SQL Server Edition to use with the Adaptiva Server.

Component
Requirement

SQL Server Version

SQL Server 2022 SQL Server 2019 SQL Server 2017

Database Compatibility Level

Minimum level is SQL Server 2017 (140). SQL Server 2019 (150) or newer is recommended.For more information on upgrading to a supported SQL Server edition, see Supported version and edition upgrades (SQL Server 2017) - Microsoft.

Database Sizing

Minimum database size is 5 GB. Storage allocation per managed device is approximately 2.5 MB. Use the following equation to determine your database size requirements: 5 GB + (2.5 MB x licensed clients) = x GB SQL Server Express Edition will support up to approximately 2000 devices.

Memory

64 GB minimum

Disk Infrastructure

SSD or NVMe drives for the database files (recommended), including tempdb and transaction log files.

Database Considerations

You can host the Adaptiva database on an existing SQL Server instance or on SQL Server Express Edition, the free version of SQL Server. If hosting the database alongside other solutions (Microsoft Configuration Manager), ensure compliance with the licensing requirements for Microsoft. If choosing to use SQL Server Express, you can either install it manually or allow the Adaptiva Server setup to install and configure it automatically. SQL Server Express Edition supports environments with up to 2,000 devices.

Adaptiva database SQL Server

  • Local server: Microsoft SQL Server is installed on the same server as the Adaptiva Server service.

  • Remote server: This is a different server running a Microsoft SQL Server instance. The SQL Server instance may use clustering.

Choosing the SQL Server Edition

The Adaptiva Server installation wizard requires specific input depending on the SQL Server Edition you choose to use. You may choose to install one of the following SQL Server Editions:

  • SQL Server Express

  • SQL Server Standard

  • SQL Server Enterprise

Use the information in this section to help determine which SQL Server Edition works best in your environment to host the Adaptiva database. For a full list of the differences between Editions, see Compare SQL Server versions (Microsoft).

SQL Server Express Edition Details

If using SQL Server Express, Adaptiva Server Setup automatically downloads, installs, and configures it, or you can manually download, install, and then configure it.

Downloading and installing the free SQL Server Express Edition from Microsoft requires an Internet connection. If using this version, you must enable Microsoft .NET Framework 4.0. For details on how to download .NET Framework 4.0, see Microsoft .NET Framework 4 Full Language Pack (x86 x64).

SQL Server Express Edition has the following limitations:

  • No Built-In Scheduled Backups (workaround available)

  • SSRS is only available with SQL Express with Advanced Services

  • Maximum Allowed Memory Capacity is 1410 MB

  • Maximum Database Size is 10 GB

  • Maximum Number of Cores is 1 socket, up to 8 cores

  • No High Availability.

The following settings will be installed when the Adaptiva Server Setup completes the installation:

  • Installs SQL Server 2022 Express Edition

  • Creates a Named Instance called AdaptivaSQL

SQL Server 2022 Express Edition (SQLEXPR_x64_ENU.exe) can be pre-downloaded. Copy the downloaded SQLEXPR_x64_ENU.exe to the following path:

c:\users\<accountname>\AppData\Local\Temp

You may also specify your own path.

SQL Server Standard Edition Details

  • Install on the Adaptiva Server or in a remote location.

  • Standard SQL licensing requirements apply. Consult with a Microsoft licensing specialist to ensure you have purchased the proper licenses.

  • Required with more than 2000 licensed devices.

  • Supports high-availability configuration (single database).

SQL Server Enterprise Edition Details

  • The Enterprise edition includes the SQL Server Standard Edition statements.

  • Supports high-availability configuration (multiple databases).

Account Permissions

Installation Account

The account performing the installation on the Adaptiva Server must be granted the sysadmin role on the SQL Server. These permissions can be reduced after installation. See the Adaptiva OneSite Platform Installation User Guide for more information.

Database Access Account

The Adaptiva Server installation defaults to using the Local System account. You can change this to a local account or, preferably, a domain account. When you integrate with ConfigMgr, you must grant the selected account the necessary permissions in ConfigMgr. See ConfigMgr Planning.

Adaptiva Reporting Account

The Adaptiva Server uses a read-only SQL login to display product dashboards. All data providers for the Adaptiva Server query the Adaptiva database using this read-only SQL login.

During installation, the setup wizard grants this login the db_datareader permission on the Adaptiva database. Consider the following options when planning for the Adaptiva Reporting Account:

Quick installation (recommended)

  • This option will download, install and configure SQL Express Edition on the Adaptiva server. It will create and configure a SQL account to be used by the data providers.

Note

This is the recommended option for OneSite Patch installations.

Advanced installation

SQL Server is not installed

  • This option will download, install and configure SQL Express Edition. The Adaptiva Reporting Account page will need to use Windows Authentication, so you must provide the pre-created domain or computer service account credentials.

SQL Server is already installed on the same server

  • This option allows you to choose either a SQL account or a Windows Authenticated account. To allow the installation to create an account, leave the account information blank after deselecting Windows Authentication.

  • If Windows Authentication is checked, you must provide the pre-created domain or computer service account credentials.

SQL Server is already installed on a remote server

  • This option requires you to use Windows Authentication. You must provide the pre-created domain service account or a local service account credentials on the remote SQL server.

All service accounts should have a non-expiring password.

Important

When Windows Authentication is used with a domain account, enter the NETBIOS Domain name, not the Fully Qualified Domain name.

Record the Server and SQL Server Edition Details

Record the server details and the chosen SQL Server Edition. The Adaptiva Server installation may require configuration details, such as the following:

  • If using SQL Express, using the following download and installation paths:

    • For the download folder location, use the following path:

      c:\users\<accountname>\AppData\Local\Temp

    • For the SQL Server installation location, use the following path:

      C:\Program Files\Microsoft SQL Server

      Note

      It is recommended not to install SQL Server on the C: drive.

  • Database Server FQDN (if using Remote Server)

  • Instance Name: Default or AdaptivaSQL for SQL Server Express Edition

  • SQL Server Port: Defaults to 1433

  • Database name: Adaptiva

  • Encryption status of the SQL database

  • Account when not using the Local System username and password. Domain names must be entered as a NetBIOS name, not an FQDN.

  • For SQL Authentication Protocol, use NTLM V2 unless integrating with ConfigMgr, Adaptiva databases, and ConfigMgr databases are on different servers (add additional security as necessary), and then add Kerberos.

  • For the Reporting Account domain name, use the username and password if using Windows Authentication. Do not use FQDN for the domain name.

Security Certificate Options

The Server installation defaults to creating a TLS-based certificate for use with HTTPS. The Adaptiva Server installation provides the following TLS security options:

  • Add your own TLS certificate, authorized through a Certificate Authority (CA) such as Active Directory Certificate Services or a third-party CA (i.e., GoDaddy, DigiCert, Let's Encrypt, etc).

  • Use the self-signed TLS certificate that the Adaptiva Server creates during Server installation. This certificate is 4096 bits, uses SHA-512 hash, and expires in 12 years from the date of creation.

  • Use plain HTTP protocol. The Adaptiva Server installation allows this option for lab testing only. Adaptiva does not support this choice on production servers.

When deciding on the type of TLS certificate to use for your Server installation, consider whether your security organization has any requirements for using certificates, such as the following:

  • Self-signed certificates versus CA certificates.

  • Wildcard certificates versus a certificate specific to a server.

  • Key size, Hash algorithm, and expiration length requirements.

Record the TLS certificate option you chose.

CA Requirements

The CA-issued certificate should be 4096 bits and use a SHA-512 hash.

Set an expiration that complies with the security policy for your company. Be sure to create a reminder to renew the certificate before expiration.

CAs issue SSL certificates as PFX files, which you must convert to PEM files for use with the Adaptiva Server. The two separate .pem files required by the Adaptiva Server include a certificate file and a private key file in the UTF-8 format. You can convert the .pfx files to .pem using OpenSSL.

Self-signed Certificate Requirements

List the x.500 protocol common and alternate comma-separated names you want to use for the self-signed certificate. These include the following server details:

  • FQDN

  • DNS aliases

  • IP addresses

  • NETBIOS name

Every Administrator using the Admin Portal must install this certificate into their Trusted Root Certification Authorities certificate store.

Communication Ports and Flow Diagrams

OneSite Platform communicates between the server and clients on a range of different ports as a network application. For a list of required ports, see Communication Port and Flow Diagrams.

The installers automatically create firewall rules on Windows and CentOS for ports in all network profiles. If using a firewall other than the default included with the operating system for the device, you may need to manually configure the required ports to ensure communications are available.

Internet Access

The Adaptiva Server must be allowed to access the internet. This is an outbound connection only and uses the standard HTTP ports, TCP ports 443 and 80. See Allow Access to Internet Destinations. Managed devices that cannot reach the Adaptiva Server across the company network must also allow for this connectivity.

Internet Access Requirements

The Adaptiva Server and Adaptiva Client require access to the following URL:

http[s]://*adaptiva.cloud

Ensure that the following Request Methods are allowed:

HEAD, GET, POST

When using proxies, verify whether you must explicitly allow these request methods. Additionally, allow the DELETE request method for the Adaptiva Server when CDN services are provisioned.

Important

Ensure SSL Inspection is disabled.

Internet URLs

Adaptiva Server and managed clients not able to communicate directly with the Adaptiva Server must be allowed to connect to the internet destinations in the table below. All ports are outbound only.

Source
Description
Destination
Ports

Adaptiva Server and managed Clients

Adaptiva Server

*.Adaptiva.cloud *.opendns.com

http/https (TCP port 80, TCP port 443), ICMP, and UDP 3478

Adaptiva Server and managed Clients

Adaptiva CDN. When OneSite Patch is licensed, metadata and fallback content originates here.

*.Adaptivacdn.cloud

https (TCP port 443)

Adaptiva Server

CDN Storage1

*.bunnycdn.com

https (TCP port 443)

Adaptiva Server

Approval messaging, email messages, and SMS messages

Api.sendgrid.com Api.twilio.com Twilio/SendGrid will keep message content for a brief time. No personally identifiable information, other than an email address or phone number, is sent over this channel.

https (TCP port 443)

Central Office or CDN-enabled devices

When using this solution, the Adaptiva Server or CDN-enabled devices download from a third-party vendor location. The server and internet-capable clients require a connection to these locations.

Third-party vendor location

https (TCP port 443)

Adaptiva Server

CrowdStrike Falcon

region.crowdstrike.com region hosts the instance for the tenant. For example, api.us-2.crowdstrike.com. For more information, see CrowdStrike (requires a login).

https (TCP port 443)

Adaptiva Server

Microsoft Defender

<region>.api.security.microsoft.com region is * or the nearest server. For more information, see Supported Microsoft Defender for Endpoint APIs.

https (TCP port 443)

Adaptiva Server

Tenable Vulnerability Manager

cloud.tenable.com

https (TCP port 443)

Adaptiva Server

Tenable Security Center

TSC Server URL

https (TCP port 443)

Adaptiva Server

SentinalOne Singularity

<region>.sentinelone.net <region> hosts the instance for the tenant. For example, usea1-partners.sentinelone.net. For more information, see SentinelOne Mgmt API Source.

https (TCP port 443)

Adaptiva Server and All Clients

Azure (for Intune)

*.microsoft.com *.windows.net

https (TCP port 443)

As of December 1, 2020, the Adaptiva CDN Service Level Agreement provides CDN storage without additional cost, unless storage exceeds certain limits. The table below shows the included storage and overage costs for the Adaptiva CDN service.

Storage Use
Included Storage
Overage Costs

Data Storage

2 TB per customer

$300 per 1 TB (or part thereof), per year

Data Transfer / Egress

1 GB per licensed endpoint per month

$0.02 per 1 GB, per month

Antivirus Exceptions

The OneSite Platform acquires content directly from the Adaptiva Content Library on the Adaptiva Server and from the AdaptivaCache folder on individual devices with the Adaptiva Client.

Because antivirus scanning of these files can cause performance degradation, Adaptiva recommends excluding Adaptiva folders from antivirus scans. Adaptiva uses a secure hash to protect all distributed content against tampering or corruption, either in transit or when stored.

Creating Antivirus Folder Exclusions

Exclude the folders listed in the list below. The exclusions below are parent folders only. Exclude all subfolders.

Adaptiva Server

  • <path>\Adaptiva\AdaptivaServer

Adaptiva Server Content Library

  • The location where the Adaptiva Content Library will be located.

    Note

    This path must be excluded only if the Adaptiva Content Library is located in a different location from the default location.

Adaptiva Client - Windows

  • C:\Program Files\Adaptiva\AdaptivaClient

    Note

    Update this exclusion if using a different location.

  • <drive>\AdaptivaCache

  • All physical drives will automatically have an Adaptiva Cache folder.

  • %windir%\SoftwareDistribution

Adaptiva Clients - Linux and MacOS

  • /opt/adaptiva

    This includes both the adaptivacache and adaptivaclient folders for both platforms.

ConfigMgr Exclusions

If using Adaptiva OneSite with ConfigMgr, ensure that the exclusions listed below are already in place. The following paths are included here for reference and completeness:

  • %windir%\CCM\Logs

  • %windir%\CCM\ServiceData

  • %windir%\CCMCache

  • %windir%\CCMSetup

Intune Management Extension Exclusions

  • %ProgramFiles(x86)%\Microsoft Intune Management Extension\Content

  • %windir%\IMECache

Creating Antivirus Process Exclusions

In some cases, administrators prefer to exclude processes rather than folders, particularly when aggressive antivirus programs consider the executables to be a high-risk process.

Adaptiva Server

  • <path>\Adaptiva\AdaptivaServer\bin\AdaptivaServerService.exe

Windows Client Service

  • C:\Program Files\Adaptiva\AdaptivaClient\bin\AdaptivaClientService.exe

  • C:\Program Files\Adaptiva\AdaptivaServer\bin\AdaptivaUserPortal.exe

  • C:\Program Files\Adaptiva\AdaptivaClient\bin\OneSiteClient.exe

  • C:\Program Files\Adaptiva\AdaptivaClient\bin\OneSiteClient64.exe

  • C:\Program Files\Adaptiva\AdaptivaClient\bin\amd64\OneSiteDownloader.exe

Linux and Mac Client Daemon

  • /opt/adaptiva/adaptivaclient/bin/adaptivaclientd

MacOS-Only Client Daemon

  • /opt/adaptiva/adaptivaclient/bin/adaptivauserd

ConfigMgr Client Service

If using Adaptiva OneSite with ConfigMgr, ensure that the exclusions listed below are already in place. The following paths are included here for reference and completeness:

  • %windir%\CCM\CCMExec.exe

  • %windir%\CCM\CMRCService.exe

Supported Browsers

Adaptiva OneSite supports the following browsers:

  • Google Chrome

  • Microsoft Edge

  • Mozilla Firefox*

  • Safari

Important

Do not use Microsoft Internet Explorer.

* If you receive an Admin Portal login error when using Mozilla Firefox, see Resolve the Mozilla Firefox Active Directory Login Issue KB article.

Adaptiva Client

The Adaptiva Client is an integral component of the Adaptiva OneSite Platform and must be installed on the Adaptiva Server for the OneSite Platform to function as expected. Install additional Adaptiva Clients on managed devices on the same subnet to share the content load.

Adaptiva Client Installation Best Practices

Use the following best practices when installing the Adaptiva Client:

  • Install the Adaptiva Client on the Adaptiva Server.

  • Install the Adaptiva Client on all managed devices.

  • Install additional Adaptiva Clients on the same subnet or Office as the Adaptiva Server to support content load sharing.

Adaptiva Client Installation Options

When setting up the Adaptiva Client, you have the following installation options:

  • Manually install the Adaptiva Client on the Adaptiva Server using the Adaptiva Client Installer. The Adaptiva Server Installer automatically launches the Adaptiva Client Installer dialog after installing the server.

  • Automatically install the Adaptiva Client using an existing Software Distribution mechanism (e.g., Microsoft Intune, WorkSpace ONE, or Microsoft ConfigMgr).

  • Automatically install the Adaptiva Client using the AdaptivaP2PClientInstallation.msi uses a GPO to automatically and silently deploy the AdaptivaClientSetup.exe.

Identify the Adaptiva Client Installation Path

The Adaptiva Client installation uses the following default location:

C:\Program Files\Adaptiva\AdaptivaClient

You may also choose your own installation path.

Tip

When installing the Adaptiva Client on the Adaptiva Server, use the same parent folder you used for the Adaptiva Server.

Record the installation path.

OneSite Client Count

The Adaptiva Server uses the client count to determine the amount of memory necessary for the server components to properly function. This count represents the number of managed devices.

Memory Buffer Size Parameters

The Adaptiva Server automatically calculates the maximum data memory buffer size based on the total client count you provide during the server installation. You may also choose to use another memory buffer size.

Refer to the following parameters when determining the correct memory buffer size necessary for your clients to effectively use the Adaptiva Server:

  • 0 to 5,000 clients require 2048 MB

  • 5,001 to 10,000 clients require 3072 MB

  • 10,001 to 19,999 clients require 5120 MB

  • 20,000 to 49,999 clients require 6144 MB

  • 50,000 and above clients require 8192 MB

Note

When integrated with ConfigMgr and Endpoint Protection is enabled, double the selected memory buffer size.

Record the License Count

Record the total license count.

Admin Portal Communication

If another service is using port 443, a different port must be used during installation. Use NETSTAT -nabo to return a list of currently used ports. Adaptiva recommends using port 9678, which you can use if the default port is unavailable.

Record the port to use for Admin Portal communications.

PreviousWhat's newNextPlan for ConfigMgr integration

Last updated

Was this helpful?