Configuring ObserveIT Overview

After installation, ObserveIT is already running, capturing, and recording any human interaction with any server that the agent is installed on. However, in some cases, you might want to make configuration changes to the product. Some of these configuration changes are listed below:

• Licensing and Activation.

• Changing/Adding Console Users that can access the ObserveIT Web Management Console.

• Changing the administrator's password.

• Configuring ObserveIT's Identification Services.

• Creating Server Groups.

• Configuring ObserveIT's Server Configuration Policies, including the setting of the agent icon, users that are required to perform secondary logons, which applications to record or to exclude from the recording policy and more.

• Configuring LDAP connections and SMTP alerting options.

• Configuring the monitor log for integration with 3rd-party monitoring tools.

• Configuring connection security.

• Creating Server Messages.

And more. Some of these tasks will be described here, but for all the configuration options please refer to the product documentation for more information.

• Accessing the Web Management Console
• Console Users
• Server Groups
• Server Policies
• Identification Services
• LDAP Connectivity
• Real-Time Alerts
• Server Messages

Accessing the Web Management Console

By default, ObserveIT Pro edition will offer to create an additional web site that will be configured to listen to TCP port 4884. By doing so, all the ObserveIT Agents will communicate with the ObserveIT Application Server by using TCP port 4884. You will also use this port to connect to the ObserveIT Web Management Console. However, it is easy to change this port by using the IIS Manager snap-in. When accepting the default settings during the installation of the ObserveIT Application Server, use the following URL to connect to the ObserveIT Web Management Console:

http://servername:4884/ObserveIT
Where servername is the name or IP of the server where the ObserveIT Web Management Console is installed.

If you are logged in at the console of the server where the Web Management Console is installed, you can access it from the "Start Menu" under "Programs" > "ObserveIT".

An Internet Explorer window will open, prompting you to log in to the Web Management console. Since this is your first time using the ObserveIT Web Management Console, you will be prompted to change the default "Admin" password.

Important note:

Passwords are CASE sensitive. Please select a password that is strong enough to prevent casual guessing or other brute force attacking, making it at least 6 characters long, and with a combination of lower case, upper case, numbers and other characters. Please make sure you remember this password or write it down in a safe place, as without it you will not be able to log on to the ObserveIT Web Management Console. This password CANNOT be recovered in any way.

Using the Web Management Console is simple and intuitive. Across the top of the interface are tabs to select a functional view. Each view has a vertical option menu on the left-hand side of the screen. Below the option menu for all views are quick links to the most recent activity.

• Back to top

Console Users

ObserveIT administrators are also known as "Console Users". Console Users can log on to the ObserveIT Web Management Console and view recorded sessions and other information, as well as make configuration changes based upon their role.

The default Console User is the "Admin" operator, which has the highest permissions for any configuration task.

You can easily create additional Console Users. When you create a Console User, you can create either Local Console Users (which will be created in the ObserveIT database), or, if an LDAP connection has been established, Active Directory-based Console Users.

By default, new Console Users have the "Allow access to "All Servers" group" check-box selected. This means that they can gain access to all the deployed ObserveIT Servers. If you want, you can unselect the check-box, and then manually grant the user the appropriate access rights to either single ObserveIT Servers, or to Server Groups. For example, one might need to configure a specific Console User to only view recorded sessions on 5 individual SharePoint servers, and to restrict a different Console User to only view recorded sessions on 3 different SQL servers.

Console Users can also be configured to receive E-mail notifications.

• Back to top

Server Groups

ObserveIT allows some management and configuration features to be applied on several servers at once by using the Server Groups. You can use server groups to configure permissions for Console Users.

• Back to top

Server Policies

ObserveIT Agents are configured by using Server Policies. Server Policies are sets of configuration options that control aspects of how the monitored server is configured. You can also manually change Server Configuration settings for individual servers, but when doing so, the Server Policy that had been previously linked to that server will be unlinked, and the server status will turn to "Manual". However, while using manual settings can be useful in scenarios where individual servers require individual settings, as a general rule of thumb, we recommend using Server Policies instead, which makes the task of configuration much easier.

Click on the Server Policy Template name in the list to display the configuration property page. After clicking on a Server Policy Template, you'll see that they have several sections within it. These are identical to the ones you find in any Server manual configuration settings.

Some of the settings included in the Server Policies are:

• Enable recording - Configures the policy to be active. Disabling this check-box will disable the ObserveIT Agent and all recording on the server(s) that are linked to this policy will cease.

• Show tray icon - Configured the visibility of the ObserveIT Agent tray icon on all linked Servers.

• Enable recording notification - Configures the availability the yellow recording notification bar on top of the desktop, clearly notifying the user that their actions are being recorded.

• Image format - This drop-down list has affect over the ObserveIT performance related to the format of collected screenshots and the amount of storage required.

• Offline Policy - When enabled, allows the local caching of recorded data on all linked Servers. This is useful in the event of network malfunctions or disconnecting. When network connectivity is back, the Agent will transmit the locally cached data back to the Application Server.

• Identification Policy - When enabled, and when users are added to the Forced-Identification user list, whenever a Forced-Identification user logs on to any linked Server, the user will first enter their credentials in the regular Windows logon screen prompt. After passing that authentication phase, the user will be displayed with a secondary ObserveIT logon screen.

• User Recording Policy - Will configure the ObserveIT Agent to record all user sessions. You can exclude specific users from being recorded by adding them to the "Exclude" list.

• Application Recording Policy - By default, the ObserveIT Agent will record all applications accessed during a user's session. By default, there is no application in the "Exclude" box. Adding applications to that box by using the drop-down list will configure the ObserveIT Agent to record all applications except the ones in the "Exclude" list.

• Record Metadata only - By using this setting, the ObserveIT Agent will only record Metadata for the applications accessed during a user's session. No graphic information will ever be recorded.

• Back to top

Identification Services

When multiple users have access to a generic account (for example the default Administrator account), it can be difficult, even impossible to identify the actual person using the account. ObserveIT can be configured to require users that logon to the monitored servers to identify themselves with a secondary ObserveIT logon prompt. These users are also known as "Forced-Identification" users.

Whenever a Forced-Identification user logs on to any ObserveIT-monitored server or workstation, the user will first enter their credentials in the regular Windows logon screen prompt. After passing that authentication phase, the user will be displayed with a secondary ObserveIT logon screen.

Now, by looking at the Server Diary, User Diary, Free-Text Search or Reports - you will be able to clearly see who exactly has logged on as the Administrator, while before implementing Identification Services, the only information you had was the Windows user name.

• Back to top

LDAP Connectivity

ObserveIT can be configured to require users that logon to the monitored servers to identify themselves with a secondary ObserveIT logon prompt. Once the LDAP connection is properly established, the domain appears in two locations.

The first is the Configuration > Console Users page, where you can create and configure additional ObserveIT Console Users that can administer ObserveIT or that can be used to view recorded sessions.

The second is the Configuration > Identification page, where you can configure users that are required to identify themselves with a secondary ObserveIT logon whenever they log on to any ObserveIT-monitored server.

• Back to top

Real-Time Alerts

In addition to capturing the screen image for each user action, ObserveIT for Servers extracts information about the state of the operating system and the application being used, which allows ObserveIT for Servers to precisely identify what the user is doing in any given moment. This metadata is analyzed and encoded in a standardized format that is stored in the Database Server. Because this information is stored along with the metadata describing what is seen on the screen, you can perform very powerful searches across your entire enterprise. Another feature of ObserveIT is its capability to also create textual log files for monitoring purposes.

You can use 3rd-party monitoring and management tools such as Microsoft System Center Operation Manager 2007, CA-Unicenter, IBM Tivoli, HP Openview and others – to parse these log files and create events, triggers and alerts based upon text strings that appear inside the log files. By doing so, you integrate ObserveIT into your existing monitoring software and gain very important real-time alerting and reporting capabilities, answering questions such as "Alert me when a Remote Desktop session is opened by a user called John to a remote server with a given IP address".

• Back to top

Server Messages

With ObserveIT, you can create and configure messages that will be displayed when a user logs on to one or more servers. These messages can include information for the user(s), instructions, requests to perform specific tasks, contact information in case of software or hardware issues, and more. Messages can be configured to be displayed on all servers, on some servers, for all users logging on to these servers, or just for some users. In addition, messages can be configured to be constantly displayed, to only be displayed for a few hours, or to be displayed till a specific date or time. In addition, messages can be used to receive input from the user(s) logging on the these servers.

After users see the message, they might want to provide some sort of textual feedback such as information about the reason for their logging on the server(s), the purpose of their connection, the actions they intend to perform, contact information, ticket or support request numbers and more. This feedback is recorded in the ObserveIT console and can be viewed by an ObserveIT Admin.

Finally, users are required to acknowledge the message(s) they received. This acknowledgment is recorded in the ObserveIT console, and can be used as proof that the user(s) have indeed been warned about a specific task, and that they understood and accepted the message.

• Back to top