Skip to main content

Configure Snow Extender

Learn how to configure the Snow Extender in the Snow Extender configurator.

Snow Extender is created, downloaded, and installed in Snow Atlas, see Install Snow Extender.

Start Snow Extender

When you have configured your Snow Extender, start the Windows service to enable the Snow Extender to collect and transfer data from the customer premises to Snow Atlas.

  • On the Service tab, select Start.

Stop Snow Extender

To Upgrade Snow Extender, you must first stop your Snow Extender.

  • On the Service tab, select Stop.

Set the user to run the Snow Extender

Use a Custom user to run your Snow Extender. This is an optional step.

  1. On the Service tab, select Set user.

    Set user is only available if the Windows service for Snow Extender has been stopped.

  2. In Select user, select one of the two user account types:

    • To let the predefined local system account run the Snow Extender, select Local system user. This is the default option.

    • To assign a specific Windows user account to run the Snow Extender, select Custom user and then enter the Username and Password of a local Windows account.

  3. Select Ok.

Define proxy server settings

If you have a proxy server through which your Snow Extender sends data, you must configure the proxy settings for the Snow Extender to be able to establish a connection.

  1. On the Service tab, select Use proxy.

  2. Enter the hostname of your proxy in Host.

  3. Enter the port number for your proxy in Port.

  4. Select one of two ways to use credentials when authenticating against a proxy:

    • To use default credentials for proxy authentication, select Use default credentials.

    • To set the credentials for proxy authentication, clear Use default credentials and then enter a Username and Password.

Configure custom encryption keys

To ensure secure communication between the Snow Inventory Agents and Snow Extenders, and for smooth migration of the snowpack files to Snow Atlas, you can use custom encryption keys.

  1. On the Service tab, select Enable custom encryption keys. The Path field and Browse appears.

  2. To set the folder that contains the encryption keys used within your organization, select Browse.

  3. To save the changes made, select Save.

note

The snowpacks received through the file system and the Snow Extender APIs are added to the File Elevator directory and uploaded to the Data Forwarder and Snow Atlas.

Re-enroll Snow Extender

To change which Snow Atlas tenant your Snow Extender is connected to, re-enroll Snow Extender.

  1. On the Service tab, select Re-enroll.

  2. In Snow Extender, paste your secret key and select Enroll.

    note

    This can be the secret key that you copied in Install Snow Extender or another secret key for a different tenant.

    The Snow Extender now attempts to connect with Snow Atlas. If the connection is successful, Service Status will be Running and your tenant-specific information will display in the Service tab.

    If the connection is not successful, make sure that your environment meets the System Requirements.

  3. If the Snow Extender was deactivated previously, select Install after enrollment to reactivate the service in the configuration.

Configure settings for File Elevator

The File Elevator can monitor one or more local folders with inventory or discovery data on your Snow Extender server, and forward the data to Snow Atlas. The polling interval controls how frequently the Snow Extender checks for new files to be forwarded in the File Elevator folders.

  1. On the File Elevator tab, enter the number of seconds for the Snow Extender to wait between polling folders in Polling interval.

  2. To add a folder, select New.

  3. Select Browse.

  4. Select the folder that you want to poll or manually enter the path to the folder.

  5. Select Enabled if you want this folder to be processed. Clear the check box if you want to save the folder but not have its contents processed.

  6. To confirm your new folder, select Save.

Configure Snow Inventory API endpoints

The Snow Inventory API endpoints are used by both Snow Inventory Agents and Snow Integration Manager to pass the inventory results to Snow Atlas. The DNS name and port you configure here are an important part of your Snow Inventory Agent configuration when creating the agent installation packages.

You can set up more than one Snow Inventory API endpoint, for example, if you want to be able to receive data over both HTTP and HTTPS, or support more than one server certificate.

  1. On the Inventory Api tab, select New.

  2. Optional: Enter a Name for the endpoint. This name is only used here to identify the endpoint.

  3. Confirm that the endpoint is Enabled. The endpoint is enabled by default. This means that it is ready to receive traffic from Snow Inventory Agents when you save the configuration.

  4. Enter the Port to use. The port number is the TCP port that is opened for incoming traffic. It is used by Snow Inventory Agents and other inventory sources to report inventory data. It is defined by you.

    note

    The standard port used for unencrypted HTTP is port 80. The port used for encrypted traffic is normally port 443. You can enter any port here if it is open for traffic throughout your network.

  5. Enter a DNS Name that binds your API to a specific DNS name in one of the two ways:

    • If you have set up several APIs that all respond to the same port, enter a DNS Name. It is used as a filter to route the incoming traffic to the correct API.

    • If you have not set up several APIs that all respond to the same port, enter an asterisk, *, as a wildcard to make the API respond to all incoming traffic on the selected port.

  6. Optional: To secure the traffic between the Snow Inventory API and Snow Inventory Agents using a server certificate, configure the setting for HTTPS.

    1. Select Use HTTPS

    2. Select Browse and select a Server certificate. The certificates in the list are from Windows certificate stores. If no certificates are listed, add a certificate to at least one of your Windows certificate stores.

    3. If you only want to accept data from clients that use a certificate, select Require Client Certificate, enter a client certificate thumbprint and then select Add.

      The thumbprint is a unique text string that can be found in the certificate properties.

  7. Optional: To enable the use of additional HTTP security headers, select Use strict security.

  8. Select Save.

Configure Snow License Manager API endpoints

The Snow License Manager API endpoints are only used by the Snow Integration Connectors for SaaS applications in SAM Core, for example Microsoft 365 and Adobe Creative Cloud.

You can set up more than one Snow License Manager API endpoint, for example, if you want to receive data over both HTTP and HTTPS, or support more than one server certificate.

If you do not plan to set up one of the SaaS connectors in Snow Integration Manager, you do not have to configure the Snow License Manager API endpoint in your Snow Extender.

  1. On the SLM Api tab, select New.

  2. Optional: Enter a Name for the endpoint. This name is only used here to identify the endpoint.

  3. Confirm that the endpoint is Enabled. The endpoint is enabled by default. This means that it is ready to receive traffic from Snow Inventory Agents when you save the configuration.

  4. Enter a DNS Name that binds your API to a specific DNS name in one of the two ways:

    • If you have set up several APIs that all respond to the same port, enter a DNS Name. It is used as a filter to route the incoming traffic to the correct API.

    • If you have not set up several APIs that all respond to the same port, enter an asterisk, *, as a wildcard to make the API respond to all incoming traffic on the selected port.

  5. Enter the Port to use. The port number is the TCP port that is opened for incoming traffic. It is used by Snow Inventory Agents and other inventory sources to report inventory data. It is defined by you.

    If you want to set up both Snow Inventory API endpoint and the Snow License Manager endpoint on the same port, you must bind each API to a unique DNS name. If you do not do this, the Snow Extender will not know which API the incoming data is meant for.

    note

    The standard port used for unencrypted HTTP is port 80. The port used for encrypted traffic is normally port 443. You can enter any port here if it is port open for traffic throughout your network.

  6. Enter a Username and Password to authenticate and protect Snow License Manager API.

    The username and password are used to set up basic authentication between Snow Integration Manager, or other parties, and Snow License Manager API. Create a username and a password here, and use the same credentials in the Snow Integration Connectors for SaaS applications in SAM Core.

  7. Optional: To secure the traffic between the Snow License Manager API and Snow Integration Connectors using a server certificate, configure the settings for HTTPS.

    1. Select Use HTTPS.

    2. Select Browse and select a Server certificate. The certificates listed are from Windows certificate stores. If no certificates are listed, add a certificate to at least one of your Windows certificate stores.

  8. Select Save.

Add Active Directory domains

note

A new connector for Microsoft AD Discovery is introduced in Snow Integration Manager, that reflects the current functionality in Snow Extender, but with additional capabilities for flexible scheduling of AD discovery, support for multiple AD domains, and customized filtering of users and devices. For new and existing instances of AD domains, it is recommended that you use the connector in SIM, to leverage these additional features. For details on how to set up the connector in SIM, see the Microsoft AD Discovery connector guide.

The Active Directory Discovery interface lets you discover users and devices by adding one or more Active Directory domains.

  1. On the AD Discovery tab, select New.

  2. Enter a Name for this domain.

  3. Confirm that Enabled is selected.

  4. Enter an LDAP Path to your Active Directory where you want to search for users and devices.

    EXAMPLE

    • LDAP://DC=contoso,DC=local

    • LDAP://contoso.local

  5. Optional: If you want to connect to the Active Directory over secure LDAP, select Use SSL.

    Your Active Directory domain must support connection over secure LDAP.

  6. Enter a Username and Password of a user with read access to the Active Directory that you want to use to authenticate the Active Directory.

  7. Optional: If you want to inventory devices, select Get Devices.

  8. Optional: If you want to inventory users, select Get Users.

  9. To test the Active Directory Discovery setup, select Test.

  10. Select Save.

  11. To configure how often the Active Directory Discovery will query the Active Directory for users and computers, enter the number of hours that Active Directory Discovery waits between runs in Runs every.

  12. Select Save Interval.

Configure settings for Data Forwarder

The Data Forwarder is used for forwarding snowpack and inventory data to a secondary on-premises or publicly hosted destination containing Inventory Server, in addition to Snow Atlas.

  1. On the Data Forwarder tab, enter the Endpoint to which the data is to be forwarded.

  2. To activate the Data Forwarder component, select Enable.

  3. Optional: For additional certificate and site name settings in Optional settings:

    1. To provide a certificate file used for the connection, browse the Certificate Path. The selected file should have a .pfx extension.

    2. Enter the Certificate Password.

    3. Enter the Site Name. The value you define here overwrites the site name received in the .inv or .snowpack files.

  4. To test the configuration, select Test.

  5. To save the configuration, select Save.