Installing an individual Tanium Module Server

The Taniumâ„¢ Module Server role installation and registration workflow creates the Module Server and the configuration and certificates that are required for secure communication with the Tanium Server. The steps you complete with the Configure Remote Module Server menu register the Module Server with the Tanium Server. During registration, the two servers generate and install the required certificates: trusted.crt on the Module Server appliance and trusted-module-servers.crt on the Tanium Server appliance.

  • You must repeat the remote Module Server configuration steps for each node to register the Module Server with each node in a Tanium Server cluster.
  • If you use the Tanium Operations menu to replace the self-signed SOAP certificate on the Tanium Server with an SSL certificate provided by a Certificate Authority, you must redo the remote Module Server configuration steps to update the certificates that are derived from that certificate on each server.

Before you begin

Make sure:

Install the Tanium Module Server

To add an appliance with a Tanium Module Server role to an existing Appliance Array, add the appliance to the array, assign a role to the appliance, and then install the pending role. For steps, see Add an appliance to an Appliance Array. After you install the pending role, you must configure the Tanium Server to use the Module Server and then enable the Module Server.

  1. Sign into the Module Server appliance as a user with the tanadmin role.
  2. Enter 1 to go to the Tanium Installation menu. ClosedView screen
  3. Enter 3 to install the Tanium Module Server.
  4. When prompted, specify the Tanium platform version that you want to install.

The installation takes approximately 30 seconds to complete.

Configure the Tanium Server to use the remote Module Server

  1. Sign into the Tanium Server appliance as a user with the tanadmin role.
  2. Enter 2 to go to the Tanium Operations menu. ClosedView screen
  3. Enter A to go to the Configure Remote Module Server menu. ClosedView screen
  4. Enter 1 and follow the prompts to configure the Tanium Server to use the remote Module Server. Be sure to copy the certificate fingerprint. You need it when you configure the Module Server. ClosedView screen

Enable the remote Module Server

  1. Sign into the Tanium Module Server appliance as a user with the tanadmin role.
  2. Enter 2 to go to the Tanium Operations menu. ClosedView screen
  3. Enter A to go to the Configure Remote Module Server menu.
  4. Enter 2 and follow the prompts to enable the remote Module Server and to configure its connection with the Tanium Server. Specify the Tanium Console admin user (tanium, not a TanOS user). ClosedView screen

    For a cluster, register the Tanium servers individually. ClosedView screen

What to do next