Searching...
Filters
SmallMediumLarge
Home Print Show Topic URL Previous Next
IT Management Suite
Client Management Suite
Server Management Suite
Deployment Solution
Asset Management Suite
ServiceDesk

Viewing and managing the agent registration status

Client Management Suite for Mac

The Agent Registration Status report lets you view all registration requests and completed registrations from Symantec Management Agents.

In this report, you can see the computers that the Agent Registration Policy has automatically allowed or blocked. Note that for direct Symantec Management Agent push installation, the registration is bypassed. However, the computers are still displayed in the report and their status is set to Allowed. If no Agent Registration Policy applies to the computer, its status is set to Pending and the right-click menu lets you manually allow or block it. The right-click menu also lets you revoke the trust of the agents that you have previously allowed.

Incoming registration requests are distinguished by the resource keys and they are merged based on the resource keys lookup.

In some situations, duplicate registration requests may appear. For example, if you reinstall the agent on a computer that is already registered on Notification Server, its public key changes. In this case, Symantec recommends that you approve the registration request to let this computer continue communicating with Notification Server. Also, the duplicate registration requests may appear if you have computers with identical resource keys in your network. In this case, Symantec recommends not to approve the duplicate registration request because it may cause connectivity issues for the resource that previously existed.

If you have duplicate registration requests in your report, the requests are handled as follows:

  • If the initial request is allowed and the duplicate request is also allowed, the duplicate request is merged with the existing resource and the report is updated to display a single entry.

  • If the initial request is allowed but the duplicate request is blocked, both requests remain in the list. The allowed request represents the actual resource and the duplicate request in blocked or pending state represents the registration attempt from a potentially duplicated resource.

The Agent Registration Status report keeps all requests for audit purposes and lets you continuously observe them.

To view and manage the agent registration status

  1. In the Symantec Management Console, on the Reports menu, click All Reports.

  2. In the left pane, under Reports, expand Notification Server Management > Registration, and then click Agent Registration Status.

  3. (Optional) On the Agent Registration Status page, use the right-click menu options to modify the status of the agent. Note that depending on the status of the agent, the right-click options vary.

    Allow

    You can allow the agents that are in the Pending, Blocked, or Revoked state.

    If you allow a blocked agent, the trust is granted next time when the agent sends a registration request to Notification Server.

    Block

    You can block the agents that are in the Pending or Revoked state.

    If you block a revoked computer, its functional status does not change. However, changing the status lets you differentiate the revoked computers that should never again connect to Notification Server from the revoked computers that may still require your attention.

    Note that computers with the Blocked status are removed from the list after a predefined period of time if no new registration requests were sent from the same computer during this time. The default period is three months, but you can change it on the Purging Maintenance page.

    Revoke

    You can revoke the registration of the agents that you have previously allowed. For example, you can revoke the registration for the client computer that is reported missing or stolen. After you revoke the agent, it stops receiving policies from Notification Server. Also, a revoked computer cannot be used as a site server.

    During the revocation of internal agent trust, the agent encryption key registration gets marked as revoked on Notification Server. Revoked agents do not receive policies and do not run tasks. Also, the revoked agent clears locally stored policies to minimize its activity. After the revocation, Symantec Management Agent is forced to reinitiate the registration process.

    The agent receives information about its revoked status next time when it tries to access secured data. Notification Server does not notify the agent about the revocation event when it occurs.

    Note that the revoked agent remains in the Revoked state even if the agent registration policy allows it. You must manually manage the revoked computers, if you want to change their state.