Previous Topic: Custom AgentsNext Topic: User Directories


Agent Discovery Introduced

Agent Discovery lets you discover instances of different types and versions of CA SiteMinder® agents. Once discovered, you can view agent-specific details such as version, state, and so on. You can also view a list of agents deployed on various hosts in your enterprise and delete the unwanted agent instance entries from the list.

Note: Agent Discovery does not support traditional agents.

Heartbeat messages help identify the r12.5 agents. The frequency with which an agent sends heartbeat messages to the Policy Server is known as heartbeat interval. The MinTimeBetweenAgentStatusUpdates parameter that denotes the heartbeat interval, controls the minimum time that has to elapse before a Policy Server updates the Agent Instance objects in the store. Any heartbeat message received by the Policy Server before the minimum time elapses, is ignored. The default value of this parameter is 24 hours and the minimum value is 1 hour. An Agent identifies itself on startup regardless of whether the time set for the MinTimeBetweenAgentStatusUpdates parameter has elapsed.

Agent Discovery identifies all agents that communicate with the Policy Server regularly, irrespective of the version of the agent. To identify agents prior to r12.5, Agent Discovery uses a combination of the IP address and trusted host of an agent. Any change in this combination for an agent results in multiple entries for the same agent.

Agent Discovery does not identify the ASA agents prior to r12.5, because these agents do not send any information to the Policy Server. The attributes of an ASA agent are displayed as unknown in the Agent Instances list. If the ASA agent host has another agent prior to r12.5 using the same host and trusted host combination, the ASA entry is hidden from the list.

You can view a list of agent instances that are deployed in your enterprise using Agent Instances under Infrastructure in the Administrative UI.

Note: For agents prior to r12.5, the IP address is displayed as the host name.

List Agent Instances

You can list the agent instances to know the number of agents deployed across your enterprise. You can also view a list of agent instances based on the search criterion you provide. The search criterion can be any attribute of an agent instance.

From the list, you can view all the relevant details of an agent instance and delete one or more agent instance entries. If you delete an agent prior to r12.5, none of the agent attributes are displayed in the list, except the trusted host. All the attributes of the deleted agent appear in the list again, whenever the agent restarts.

Note: Even after you delete an agent instance entry, the agent instance remains active so long as it communicates with the Policy Server regularly.

You can sort any attribute of an agent instance to view the list of agents instances that use the same attribute you selected.

To list agent instances

  1. Click Infrastructure, Agent.
  2. Click Agent Instances.

    All the discovered agent instances in your enterprise are displayed.

  3. Click the icon under Show Details to view agent-specific details.

    The agent-specific details appear below the agent instances list table.

    Note: For agents prior to r12.5, the configuration mode is either FIPS Only or Compact. The Administrative UI displays the details based on the actual mode being used in server-agent communication.

  4. (Optional) Specify the search criterion in the Search field.

    The agent instances list is filtered based on the search criterion.

  5. (Optional) Click the arrow mark in the table heading of an attribute to sort the agent instances list based on the selected attribute.
Configure the Policy Server Heartbeat Interval

Heartbeat interval helps Agent Discovery determine the state of an agent. When the agent does not send any heartbeat message beyond 24 hours, the state of the agent instance changes to inactive. You can configure the heartbeat interval to change the default value, which is 24 hours.

To configure the Policy Server Heartbeat Interval using XPSConfig

  1. Open a command prompt in the computer hosting the Policy Server.
  2. Enter the following command:
    XPSConfig
    

    The Products Menu opens.

  3. Enter SM.

    The Parameters Menu opens and lists the SiteMinder parameters.

  4. Enter the value against the MinTimeBetweenAgentStatusUpdates option.

    The MinTimeBetweenAgentStatusUpdates Parameter Menu opens.

  5. Enter C to change the value.
  6. Enter the new value.

    Default: 24 hours

    Minimum: 1 hour

  7. Enter Q three times to exit the MinTimeBetweenAgentStatusUpdates Menu, Parameters Menu, and SiteMinder Menu and return to the command prompt.