Agents use a configuration file stored in memory when they are running. If someone tampers with a configuration file while the agent is running, the agent does not use the tampered file. When an agent receives a new configuration from the CA User Activity Reporting Module server, the agent replaces the disk file with the received file before restarting. In this way, a tampered file is automatically replaced with the correct file.
If someone restarts the agent from external source after tampering with the file, the Agent detects that the file is tampered and shuts down. The agent does not accept any configuration data, including from the CA User Activity Reporting Module server list from the tampered file.
The Agent Explorer shows the agent as not responding. Use the CA User Activity Reporting Module server status and command tools to reset the agent configuration. The agent resumes working properly after this action.
|
Copyright © 2013 CA.
All rights reserved.
|
|