LDAP Agent Settings Editor Follow
The LDAP Agent now ships with an LDAP Agent settings editor which is launchable via the Windows Start menu. The program runs with elevated privileges, so when a user starts it, they will be prompted by UAC. This limits the running of the program to solely administrators of the computer the LDAP Agent is installed on.
The editor has several functions:
- start/stop/restart the LDAP agent or check its running status
- change settings for the agent after installation
- test the connectivity of the agent
- generate a zip file containing debug information that could be sent via email
Status/Start/Stop/Restart
At the top is the agent status which in this case shows running. To the right of it are three buttons for start, stop, and restart of the service. If you press one of those buttons the program will take the action on the LDAP Agent and also update the status to indicate running or stopped.
Changing Running Settings
Sometimes during an install, data may have been entered incorrectly or may need to be changed. If that is the case, then the environment URL, Evo directory, access token, secret, sync interval, or sync groups may be changed. The “Apply” button is how the settings are saved. If the agent is running, they will be commanded to shut down the service before applying the settings. The secret is used in cryptography and is stored in a secure place on the computer. To enable viewing the secret, the user must check the “Reveal Secret” checkbox.
Connection Test
The program contains a “Connection Test…” button which performs the following connection tests on the running agent. The settings editor issues a command to the running agent and the agent performs these tests:
- verifies the agent can contact the Evo backend API endpoints via HTTPS
- verifies the agent can post and receive on the MQTT server which is used for authenticating users
Log Archive
The editor has the capability to collect event logs and other settings relevant to performance of the LDAP Agent which will allow Evo Support and Engineering to troubleshoot the problem. Clicking on the “Build Log Archive” button causes a zip file to be saved to the users desktop and the user will be prompted to copy that zip file to the clipboard—to email or paste to another location. The following data is collected and saved in the zip file in JSON files which are viewable by the operator.
- the “Evo Security” Windows Event Viewer log (including CredPro if installed)
- all Evo specific registry settings (including CredPro if installed)
- a snapshot of the last user sync
- credential providers installed on system
- credential filters installed on system
An example file name is: Evo_evotestdomainad_230504_133150.zip
. If we break it down, we see that it has the format of Evo_{Evo directory name}_{yymmdd}_{hhmmss}.zip
This allows it to have a roughly unique name.
Comments
0 comments
Please sign in to leave a comment.