Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
David_Charnon
Collaborator

Identity Collector Requirements (Java)

I recently downloaded and installed the latest Identity Collector agent. I am successfully collecting data from our AD servers.  I am a bit confused as to the requirements. SK108235 lists the following:

Windows Server 2008, Windows Server 2012, Windows Server 2012 R2, Windows 2016 (starting from R80.10) and Windows 2019 (starting from R80.40).
Has connectivity to the AD domain controllers of the organization using DNS, LDAP and DCOM
It is also possible to install the Identity Collector directly on one of the Domain Controllers.
If any Firewall software is installed on the Domain Controllers (including Windows Firewall),
then make sure that the rules allow DNS, LDAP and DCOM traffic from the machine, on which the Identity Collector is installed.
With Windows Firewall, add the following "Allow" rule: "Remote Event Log Management" --> "Remote Event Log Management (RPC)".
Has connectivity to the Security Gateway over TCP port 443.
Administrator account is required for Identity Collector installation and for running Identity Collector UI process.
Has .NET framework (version 4) installed.
At least 8 GB of RAM.
At least 10 GB of free disk space.
Oracle Java JRE 1.8 (Java SE Runtime Environment 8).

I do not have Java installed on the server on which I installed the Identity Collector (at least I can't find it). Is Java only required if acquiring identities from certain sources (e.g. not AD)? Or did this change with the latest release (which would be a Good Thing)?

 

Thanks,

Dave

 

 

 

 

0 Kudos
9 Replies
PhoneBoy
Admin
Admin

It's the first I've heard of JRE being required for Identity Collector.
Is it working without JRE installed?
0 Kudos
Nik_Bloemers
Collaborator

This requirement has been on the sk page for as long as I can remember (at the very least a year). We have it installed on our Collectors since it's clearly listed as a requirement, but we never tested it without Java.
0 Kudos
David_Charnon
Collaborator

It is working without Java. I am only using it to collect identities from Active Directory.

 

Dave

0 Kudos
Vladimir
Champion
Champion

Yeah, it is listed as a prerequisite and has been for a while.

0 Kudos
David_Charnon
Collaborator

I opened a support case (6-0001989489) about this question. Answer:

"Java is only required for Cisco ISE configuration."

 

Dave

0 Kudos
PhoneBoy
Admin
Admin

Not sure why it's required there, but ok, mystery resolved.
0 Kudos
Royi_Priov
Employee
Employee

Hi @David_Charnon ,

 

Yes, that is correct.

Our extension for Cisco ISE is written in Java, and therefore Java is needed.

Working for AD / syslog / eDirectory integration will work without it.

 

Thanks,
Royi Priov
Group manager, Identity Awareness R&D
Nik_Bloemers
Collaborator

Can you update the SK with this clarification?
0 Kudos
Royi_Priov
Employee
Employee


@Nik_Bloemers wrote:
Can you update the SK with this clarification?

sure, already asked SK team to do so.

Thanks,
Royi Priov
Group manager, Identity Awareness R&D
0 Kudos