Versions Compared

Old Version 42

changes.mady.by.user Daliya Agletdinova

Saved on

compared with

New Version 43

changes.mady.by.user Daliya Agletdinova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The client part of Agent is installed To install agents on user workstations. The parameters , follow these steps:

  1. Run the Certiflow.Agent.msi from Axidian CertiFlow installation package and follow the wizard instructions.
  2. Configure the settings required to connect to Axidian CertiFlow server
are configured during installation via
  1. . You can do it via:
    1. Group Policy
or
    2. Windows
registry.
    1. Registry
Info

To obtain Axidian CertiFlow Agent installation package, please contact Axidian technical support.

Run the IndeedCM.Agent.msi from Axidian CertiFlow installation package and complete the procedure, following the Wizard instructions. The Agent starts up automatically after installation.

Setting up

the

Agent

parameters

settings via Group Policy

To add an Axidian CertiFlow administrative template (ADMX), proceed as follows:

  1. Copy the contents of IndeedCMCertiflow.Client\Misc\PolicyDefinitions folder to the central ADMX file storage of domain controller C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions.

    Info

    When using If you use local ADMX file storage, place Axidian CertiFlow templates are to be placed to in C:\Windows\PolicyDefinitions folder.


  2. Open the Group Policy Management console.

  3. Create a new group policy object in the console tree or select an existing one.

  4. Open the context menu and select the Edit item.
  5. In the opened  Group Policy Management Editor select Computer Configuration > Policies > Administrative Templates > Axidian CertiFlow > Agent.
    Scroll Pagebreak
  6. Enable the Agent's URL Settings policy and specify its values:
    • Specify the path to the agentregistrationapi application, located on Axidian CertiFlow server, in the Agents registration service URL parameter.

    • Specify the path to the agentserviceapi application in the Agents service URL parameter.

      Info
      iconfalse
      titleFor example:

      Agent registration service URL: https://srv.demo.local:3003/agentregistrationapi/
      Agent service URL: https://srv.demo.local:3003/agentserviceapi/


  7. Link this policy object to a group, where Axidian CertiFlow CM user workstations reside.
  8. Click Apply and perform policy update.
Note

Policies are updated when after you reboot the workstation is rebooted with the client agent installed. To force Group Policy updates without rebooting, run the gpupdate /force command.


Additional policies

You can configure additional policies for agents operation: Configure additional policies that define the work of Agents, if required:

  • Agent's timeouts settings
This

The policy defines:

    • Timeout of requests to agent services (default
    • :
    • value is 30
    • sec.
    • seconds)
    • Frequency of agent status update request (default
    • :
    • value is 300
    • sec.
    • seconds)
    • Scroll Pagebreak
    • Frequency of agent settings, bindings, tasks and sessions update request (default
    • :
    • value is 30
    • sec.
    • seconds)
    • Timeout request to disconnect
    • the
    • agent from
    • the
    • CertiFlow server (default
    • :
    • value is 3
    • sec.
    • seconds)
  • Events caching settings
This

The policy defines

the period in minutes during which

:

    • time limit for the agent
will try
    • to
send
    • attempt sending events from
the
    • cache to
the Axidian
    • CertiFlow server (default
:
    • value is 10
min.
    • minutes)
and
    • number of events sent to the server per
one
    • request (default
:
    • value is 500 events)
.
  • Proxy server settings

The policy defines the use of a proxy server

settings for connection to Axidian CertiFlow CM

when you connect to CertiFlow server.

If the policy is

not defined or is disabled, then

disabled or not set, the proxy server will not be used.

Set

You can set the proxy server address in

"

Proxy server

"

field.

  • Event log settings 
This

The policy defines

events level for Axidian

the event recording level in the CertiFlow server Event Log:

    • All (default)
    • Errors only
    • Warnings and errors only
  • Tasks caching settings
This

The policy defines:

    Frequency of updating
    • how often the task cache is updated and
    • sending
    • how often the task
    • execution
    • status is sent to the server
    • if sending failed for the first time (default: 60 sec)Timeout at which the tasks will be removed from the
    • , if the task status was not reported to the server immediately (default value is 60 seconds)
    • how much time must pass before tasks are removed from cache during the next cache
    • update
    • refresh (default
    • :
    • value is 300
    • sec.)Timeout after which it will be possible to rerun the
    • seconds)
    • how much time must pass before a task canceled by the user can be re-executed (default
    • :
    • value is 60
    • sec.
    • seconds)
  • Smart card status update settings
This

The policy defines how often the smart card status

update

is checked (default

:

value is 30

sec.

seconds):

    • Lock user
    • \
    • /administrator PIN
    • User
    • \
    • /administrator PIN input retries
      Scroll Pagebreak

Setting up

the

Agent

parameters

settings via Windows Registry

Create a registry file registry file (.reg) file with the following contents:

Code Block
languagepowershell
Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\IndeedCMCertiFlow\Agent]
"AgentRegistrationServiceUrl"=""
"AgentServiceUrl"=""
"ProxyEnable"=
"ProxyServer"=""


Tip

For 32-bit systems, the parameter branch is:

[HKEY_LOCAL_MACHINE\SOFTWARE\IndeedCMCertiFlow\Agent]

The AgentRegistrationServiceUrl parameter specifies a link and port to connect to agentregistrationapi application.
The AgentServiceUrl parameter specifies a web - address and port to connect to agentserviceapi application.
If you use a proxy is used on workstations where the client agent is installed, specify the ProxyEnable and ProxyServer parameters (proxy server URL).

Info
iconfalse
titlePossible parameter values:
  1.  "ProxyEnable"=dword:00000000 - proxy is not used.
  2.  "ProxyEnable"=dword:00000001 и "ProxyServer"="" - default proxy settings are used.
  3.  "ProxyEnable"=dword:00000001 и ProxyServer="<proxy server URL>" - the proxy server specified in the setting is used.

Here is an example of a .reg file to connect to Axidian CertiFlow CM server named srv.demo.local via https HTTPS protocol and 3003 port using the proxy server https://192.168.10.10:443.

Code Block
languagepowershell
titleExample:
Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\IndeedCMCertiFlow\Agent]
"AgentRegistrationServiceUrl"="https://srv.demo.local:3003/agentregistrationapi/"
"AgentServiceUrl"="https://srv.demo.local:3003/agentserviceapi/"
"ProxyEnable"=dword:00000001
"ProxyServer"="https://192.168.10.10:443"


Warning

Distribute the registry file and make changes to user workstations’ settings. For the changes to take effect, restart To apply changes, reboot the workstation with Axidian CertiFlow Agent installed or restart the Axidian CertiFlow   Agent Service.



Divbox

Table of Contents