Good evening - I’ve got my policy configured but I have a question about the HIBP. It’s downloaded the 28GB zip and has decompressed it into 65,000+ 400kb+ DB files. My question is, is that correct? Also, is one to throw all of those files into the sysvol to replicate to other DCs? I didn’t really see much in the documentation that mentioned the large amount of DB files so it had me concerned. I believe older versions Anixis just had 1 large txt file.
Thanks!
Hi Bryan. That is correct. It’s a totally different format now. This format is better for delta updates, but it is a huge number of files. It’s better to use DFS directly rather than sysvol now. I was going to point you to the documentation, but I see that it needs to be updated. As I mentioned in another post recently, there is work being done to make the database significantly smaller. I can’t say more than that for now, but we are aware of the issue and are working to improve it.
Perfect, thank you. The platform has changed for sure!
Hi Tonio!
Thanks to your info I was able to reply to some MSSPs who asked me about it.
Are there any updates on this by any chance? Perhaps a roadmap?
Thanks!
Hi Andrea. Sorry about the delay. I’m not sure how much can be publicly shared at this point. I’ve asked internally and will respond when I hear back.
Jeremy here. I’ll be the new PM / Owner on this project with the help of my amazing team.
In a nutshell: This is actively being investigated. I can’t make any “date promises” as this is still in the research phase; but I also hope we can get you want you want here.
When the winds change and we’ve got something concrete to share, you’ll be the first to know; but hang tight right now while we see what’s practical.
Thanks!
-Jeremy Moskowitz
Hi Jeremy,
The documentation for this is quite confusing, in my opinion. Am I supposed to set a UNC path in Passwords Hash Database Folder if I want this to be stored centrally and not on each DC? The docs don’t state this. And why is there a “Download File” link when I choose the Website option? The “File” option gives you a path field that, I suppose(?), is the file I downloaded from the documentation? But then why am I asked to download a file and save it somewhere with the Website option? How do I tell HIBP where I saved the file? I don’t see what the distinction is between the two options.
I’m getting really tired as an IT administrator with constant changes from every company that often have no apparent benefit to myself. They seem to be a symptom of “Look, boss! I changed things and published press releases and made a blog post announcing the changes.”
If you want to have a program that helps the user it should go like this:
Thank you for reading my rant.
Hi @chris.parker.2. I’m sorry about the confusion. The downloader is borrowed from another Netwrix product. It works exactly how the other team would like it to, but it is different to how the rest of PPE works. We do need to document it better, and the documentation is slowly being improved.
Am I supposed to set a UNC path in Passwords Hash Database Folder if I want this to be stored centrally and not on each DC?
Yes.
And why is there a “Download File” link when I choose the Website option?
Use the link to manually download and distribute the file if your DCs cannot download the file directly (or if you don’t want each DC downloading a copy). You only need to do this if you want each DC to have their own file. The downloader will prompt you for the download folder when you click the link.
The “File” option gives you a path field that, I suppose(?), is the file I downloaded from the documentation?
Correct. This is where it gets confusing. Processing happens when you click the Apply button. In your case, just select Website, then apply. Don’t click the download link. You will need lots of free disk space on the chosen drive. Also look in the box on the lower-right if it looks like nothing is happening because that is where errors are displayed. For example:
