Orion Agent Active Directory Group Policy Administrative Template

Version 2

    To use this template, complete the following steps:

    1. Complete the migration itself using the instructions found in the SAM Administrator Guide.
    2. Create a domain-based Group Policy Object (GPO) using the Administrative Template (.admx) file attached.
    3. Follow the documentation provided by Microsoft for copying an Administrative Template to the appropriate directory in the Central Store, as well as creating the GPO within the Group Policy Management Console. This information can be found at the following link: http://technet.microsoft.com/en-us/library/cc748955%28v=ws.10%29.aspx
    4. Ensure the group policy will apply to the computer objects where the SAM agent is installed. This can be done by linking to the appropriate Organizational Unit (OU) or filtering to specific computer objects or groups.
    5. Ensure the policy is updated on the target computers. To do this, take the following steps:
      1. Open a command prompt in the Administrator context. (Right-click cmd.exe and select, Run as Administrator.)
      2. Enter gpupdate /force and then click Enter.
      3. To confirm this GPO has been correctly applied, check that the following registry key has been created: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\SolarWinds\Agent

    Optional: Rather than use the provided Administrative Template, you can create your own Group Policy Object by editing the following registry key and providing the correct values:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\SolarWinds\Agent

    Registry Value Name

    Registry Type

    Help Notes:

    Default

    TemplateVersion

    REG_SZ

    Template version

    1. 1.0

    TargetHost

    REG_SZ

    Enter the name of the Orion server to which the agent reports

     

    TargetIp

    REG_SZ

    Enter the IP address of the Orion server to which the agent reports

     

    TargetPort

    REG_DWORD

    The port used for agent communication

    17778

    HttpServer

    REG_SZ

    Boolean variable that indicates agent mode: Active (false) or Passive (true).

    FALSE

    HttpServerPort

    REG_DWORD

    Port that should be used by the agent in passive mode

    17790

    AutoUpgrade

    REG_SZ

    Enable automatic upgrades of the agent software

    TRUE

    CertStore

    REG_SZ

    Certificate store used for agent encryption

    SolarWinds Agent

    CertStoreType

    REG_SZ

    Certificate store hive for agent encryption (Must be LocalMachine or CurrentUser)

    LocalMachine

    CertSerial

    REG_SZ

    Certificate serial number

     

    CertSubject

    REG_SZ

    Certificate subject

     

    CertThumbprint

    REG_SZ

    Certificate thumbprint

     

    CACertStore

    REG_SZ

    Certificate store name for signing the certificate

    SolarWinds Agent

    CACertStoreType

    REG_SZ

    Certificate store type for signing the certificate (Must be LocalMachine or CurrentUser)

    LocalMachine

    CACertSubject

    REG_SZ

    Signing certificate subject

     

    HttpProxyUsername

    REG_SZ

    Proxy Server username

     

    HttpProxyPassword

    REG_SZ

    Proxy Server password

     

    HttpProxyUri

    REG_SZ

    Proxy Server URL

     

    HttpProxyAccessType

    REG_DWORD

    0 – Default (system wide proxy settings)
    1 – Auto discovery
    2 – Disabled
    3 – User provided

     

    SharedSecret

    REG_SZ

    Shared secret that provides mutual authentication for passive agent provisioning

     

    LogginEnable

    REG_DWORD

    0 – Log is disabled

    1 – Log is enabled

    1

    LogginOptions

    REG_DWORD

    Bitmask:

    1 – File

    2 – Output debug string

    4 – Add PID to filename

    8 – Create log file in executable directory

    0x10000 – Flush every line

    1

    LogginLevel

    REG_DWORD

    1 – Verbose

    2 – Normal (informational)

    4 – Warning

    8 – Error

    2

    LogginFileSizeMB

    REG_DWORD

    Maximum size (in MB) of each log file

    10

    LogginMaxFiles

    REG_DWORD

    Maximum number of log files to keep

    10

    MaintenancePeriod_s

    REG_DWORD

    Agent maintenance period in seconds

    900

    ReconnectTimeout_ms

    REG_DWORD

    Time in milliseconds that the agent waits between attempts to reconnect to the Agent Management Service (AMS)

    5000

    ClientPoll_ms

    REG_DWORD

    Time in milliseconds that the agent waits to verify if it has valid connection to the Agent Management Service (AMS)

    60000