For a Windows based installation of the Endpoint Operations Management agent, the user installing the agent must have permissions to install and modify the service.

After you install the Endpoint Operations Management agent, the installation folder including all subdirectories and files should only be accessible by the SYSTEM, the administrators group, and the installation user. When you install the Endpoint Operations Management agent using ep-agent.bat, ensure that the hardening process succeeds. As the user installing the agent, it is advised that you take note of any error messages. If the hardening process fails, the user can apply these permissions manually.

Table 1. Windows Files and Permissions

Directory or File

Groups or Users

Full Control

Modify

Read and Execute

Read

Write

<agent directory>/bin

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/conf

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/log

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/data

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/bin/hq-agent.bat

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/bin/hq-agent.sh

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/conf/*

(all files in the conf directory)

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/log/*

(all files in the log directory)

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-

<agent directory>/data/*

(all files in data directory)

SYSTEM

Yes

-

-

-

-

Administrator

Yes

-

-

-

-

Installation User

Yes

-

-

-

-

Users

-

-

-

-