Prerequisites

Keeper Bridge Prerequisites

The Tray Application and Windows Service can be installed on the follow operating systems:

  1. Windows Server 2008 R2

  2. Windows Server 2012

  3. Windows Server 2012 R2

  4. Windows Server 2016

Note: For Active Directory servers, the Keeper Bridge application will need to be installed on a domain joined member server located on the same network as a domain controller. Ensure your domain joined member server is NOT a domain controller as this is not a supported setup of the Keeper Bridge application. The Domain functional level must be at Windows 2008 R2 or higher in order for the bridge to properly integrate.

The following data needs to be known in order to configure the Tray Application:

  1. Domain or Forest name of the Directory.

  2. An account used to bind the Keeper Bridge to the Directory (e.g. keeperbind@yourcompany.com ). This is a Directory account which requires at least read only access to the Directory domain. No other special privileges are needed.

  3. A Security Group called Keeper Admins. Only users that are member of the Keeper Admins Security group will be permitted to login to the Tray application and configure the service. This group name can be changed and the Admin Security Group setting in the Keeper Admin Security configuration modified accordingly later. For a multi-domain forest create this group as a universal group so that users in this group are cached in the Global Catalog.

  4. Ensure the Email Property (typically “mail” or “userPrincipalName”) in Directory Service Options is set to the correct value to pick up the user's Email address.

  5. The Keeper Bridge needs access to the Directory on either ports 389 or 636 and to the Keeper Cloud on port 443. (keepersecurity.com or keepersecurity.eu depending on your data center location).

To help alleviate permission issues that can arise if different administrators run the bridge under their account, a Keeper service account can be used. This is a Keeper account with the "Keeper Administrator" permission assigned.