Selecting (or creating) Registration Passwords for Agent Registration Settings

You can set up one or more password credentials to be used for Server Agent Registration Settings. Selecting a password credential gives you greater control by limiting how broadly a credential can be shared and letting you further limit access to specific groups and group resources.

The credentials used to register agents rely on password credentials defined in the policy tree. You can either create the credentials in the policy tree, or you can create them from within TLS Protect while setting up Agent Registration Settings.

TIP  Changes you make in TLS Protect can take up to 10 minutes before they take effect. This delay is designed to minimize impact on your server's performance. However, if you want to force your changes immediately, either use IIS Manager to recycle the VEDClient Application Pool (for the Trust Protection Platform server) to refresh the configuration cache, or issue the iisreset command to restart the IIS web server.

For SSH agentless groups, you'll need to restart the Trust Protection Platform service (vplatform).

Agents that successfully register with a specific credential are assigned a Trust Level of Specific Credential. This trust level can then be used as criteria for limiting which agents qualify for membership in a particular group.

BEST PRACTICE  Whether you create the password credentials, use a name that clearly identifies it as the password credential for use with the Server Agent. Other administrators who need to configure Agent Registration Settings can then be aware of which credential to use.

To specify a registration password, either select one that already exists, or create a new one.

  1. In TLS Protect, click Clients > Agent Registration Settings.

  2. In the Registration Password box, begin typing the name of the password credential object you have defined in Trust Protection Platform.

    TIP  If you haven't yet created a password credential you want to use with Agent Registration Settings, click Create New Credential.

  3. When the credential appears, select it.

  4. (Optional) Do one or more of the following:

    1. To add additional credentials, begin typing the name of the next credential.
    2. To remove a credential, click .
  5. Click Save.
  1. In TLS Protect, click Clients > Agent Registration Settings.
  2. Above the Registration Password field, click Create New Credential.
  3. In the Create Password Credential box, click the folder drop-down list and select the folder where you want to place the new credential.
  4. In the Credential Name field, type a unique name for the new credential.

  5. Type the associated password in the Password (and Confirm Password) fields, and then click Create.

IMPORTANT  After creating a new credential, it appears in the Registration Passwords field. However, you must click Save on that Agent Registration page to ensure that the new password credential is used for registration.

If you are not in a location in TLS Protect that supports contextual creation of credentials, you can use Policy Tree to create the credential.

  1. From the TLS Protect menu bar, click Policy Tree.
  2. Select the Credentials or Policy tree from the Tree drop-down menu.

  3. Do one of the following:

    • In the Credentials tree, select the Root Credential object, and then click Add.
    • In the Policy tree, select the Policy, Device, or Application object where you want to create the credential object, and then click Add > Credentials.

  4. Click the credential object you want to create:

  5. Define the credential object configuration settings for the credential type you chose.
  6. When finished, click Save.

Related Topics Link IconRelated Topics