Deciding where to deploy agents
AuthAnvil Password Sync Agents allow you to synchronize passwords on local and remote machines on the same network, as well as passwords for services and scheduled tasks. In a domain environment, you only need to deploy a single sync agent for the domain, typically on the domain controller, which can handle all of the domain passwords. This sync agent is also capable of handling Windows passwords for all non-domain machines on the same network. Service and task passwords require an appropriate linked credential to be configured for the sync agent, which will typically be a domain credential.
In a non-domain environment, a single sync agent is capable of handling Windows passwords for all non-domain machines on the same network, so can be deployed on any machine. Typically, this will be installed on a server or another machine that will be online and available a majority of the time. Service and task passwords may require additional sync agents to be deployed, as they require an appropriate linked credential to be configured for the sync agent, and one linked credential can be configured per agent.
Installing the Sync Agent
- Before installing a Sync Agent make sure Microsoft .NET Framework 4 Client Profile and Extended are both installed. You can download the full package here from Microsofts Download Center.
- Download the sync agent package from the Sync Agents tab of your own AuthAnvil Password Server to the target machine.
- Unzip the package and run the the SyncAgentSetup.msi package.
- Click Next and then Next again to accept the default folder path.
- Click Next to begin the install process.
- Click Close when complete.
Configuring the Sync Agent
Run the Sync Agent Control Form elevated (Run as Administrator). By default it is located at C:\Program Files (x86)\Scorpion Software\AuthAnvil Password Sync Agent\SyncAgentControlForm.exe
- Edit the Server URL and Org ID to point at your AuthAnvil Password Server instance and click Save Settings. The tool will start the Sync Agent service, and the sync agent will attempt to connect to the AuthAnvil Password Server, and this sync agent should appear under Pending Agents in the Sync Agents tab of the AuthAnvil Password Server.
Note: The Sync Agent included with AuthAnvil Password Server v1.6 is able to use HTTPS in the Server URL. Previous versions had to be manually reconfigured to allow HTTPS requests.
Changing Agent Settings
The Password Sync Agent includes a settings application located by default at C:\Program Files\Scorpion Software\AuthAnvil Password Sync Agent\SyncAgentControlForm.exe that allows the user to view and change a few agent-specific settings. Hit Save Changes to save your setting changes.
- Server URL: The URL of your AuthAnvil Password Server
- Org ID: The Org ID of your AuthAnvil Password Server Organization. This is typically 1.
- Check-in Frequency: How often you would like this agent to check in with the AuthAnvil Password Server server for new instructions.
- Certificate information: The Certificate used to identify this agent and secure communications between it and the AuthAnvil Password Server. Click Revoke Certificate if you believe that the certificate has been compromised, or if you are planning to decommission this sync agent so that it cannot be reused by another Sync Agent.
- Trust Verification Code: A value that will uniquely identify this agent on an AuthAnvil Password Server. You can use this value to identify which agent this is in the list of agents listed in the Sync Agents tab in the AuthAnvil Password Server.
If you change the Sync Agent password during the Sync Agent Approval process, you will need to perform a Manual Authorization using this tool in order to complete the Sync Agent Approval process. After you change the password on the AuthAnvil Password Server side, open up this tool, click the Manual Authorization tab, enter the password that you set and click Activate. This will complete the approval process and authorize this Sync Agent for use in the AuthAnvil Password Server.
Additional Sync Agent resources
For information regarding the upgrading of existing Sync Agents please see this article. "How can I upgrade my Sync Agents?".
The following article will help you understand Password Sync Scenarios.
See this article for information about the different Sync Status messages.
If you have any questions or need some help, we would be happy to assist. Open a case at kaseya.zendesk.com .