Updating the PATROL Agent registry files
Once you run the set_unset_tls command to enable the TLS mode, perform the following steps to update the registry files.
To update the PATROL Agent's identity information into the registry files
Perform the following sequence of steps to update PATROL Agent's details into its registry files.
Log on to the host computer where you have installed the PATROL Agent, and have generated the certificates and certificate stores.
Navigate to the <ROOT_INSTALL_DIR>\common\security\bin_v3.0\Windows-x86-64\nss directory location and list the contents of the PatrolAsServer_DB certificate store by running the following command:
certutil-L -d sql:PatrolAsServer_DBThis command displays the PATROL Agent's identity information as shown in the following figure:
Perform the following sequence of steps to update the identity information in the PATROL Agent:
- Microsoft Windows
Go to Start > Run and type regedit. The registry editor dialog box is displayed as shown the following figure:
- Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\BMC Software\Patrol\SecurityPolicy_v3.0\agent\server directory location, and update the value of identity parameter with the PATROL Agent's identity information as shown in the following figure:
- Unix
Navigate to the <ROOT_INSTALL_DIR>/etc/patrol.d/</security_policy_v3.0 directory location.
- Using a text editor open the site.plc file.
Locate the identity parameter and assign the PATROL Agent's identity information to this parameter.
- Microsoft Windows
To update the PATROL Agent's encoded password information into its registry files
The default password for the PatrolAsServer_DB is password. If you change the password of the server DB store, then update this encoded password value into its registry files.
Log on to the host computer where you have installed the PATROL Agent, and have generated the certificates and certificate stores.
Navigate to the <ROOT_INSTALL_DIR>\common\security\bin_v3.0\Windows-x86-64 directory location and execute the bmcryptpw.exe command as shown in the following example code. This command prompts you to type the password for the PATROL Agent's client DB store.
bmcryptpw.exe -m <ROOT_INSTALL_DIR>\common\security\keys\sample.bin –e
Perform the following sequence of steps to update the encoded password information in the PATROL Agent:
- Microsoft Windows
- Go to Start > Run and type regedit. The registry editor dialog box is displayed as shown the following figure:
Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\BMC Software\Patrol\SecurityPolicy_v3.0\agent\server directory location, and update the value of password parameter with the PATROL Agent's encoded password information as shown in the following figure:
Update only the encoded password information, and keep the special character comma and the text sample.bin unchanged.
- Go to Start > Run and type regedit. The registry editor dialog box is displayed as shown the following figure:
- Unix
Navigate to the <ROOT_INSTALL_DIR>/etc/patrol.d/security_policy_v3.0 directory location.
- Using a text editor open the site.plc file.
Locate the password parameter and update the PATROL Agent's encoded password information.
- Microsoft Windows
Where to go from here
Once you update the PATROL Agent's registry files, verify the workflow diagram to ensure all the relevant tasks to enable TLS mode are performed.
Comments
You should state, right under the page title, that this only applies to systems running Microsoft Windows OS. If becomes obvious as one read's into the page but makes things easier on the reader to being with.
s/being/begin/
Hi,
Thanks for the feedback. I will confirm with the SME and update the page.
Thanks,
Rashmi
Hi,
I discussed this with the SME and have slightly modified the content structure. I have separated the instructions for Windows and Unix so that it is easy to locate.
Thanks,
Rashmi
Log in or register to comment.