You must configure communication between the authentication agents and RSA Authentication Manager. To do this, use the Security Console to generate a zip file (AM_Config.zip) that contains the Authentication Manager configuration file, sdconf.rec. To configure communication, you copysdconf.recto each agent host. The sdconf.rec file contains a snapshot of the server topology as it was when the file was generated. The agent uses the data in the sdconf.rec file as a backup.
The generated zip file also contains a failover.dat file that can be configured on the agent. The failover.dat file allows agent auto-registration to complete when the primary instance is unavailable or separated from the agent host by a firewall that uses Network Address Translation (NAT). This file includes a list of the primary and replica instances, and their alias IP addresses.
Before you begin
Make sure an agent is connected to Authentication Manager.
In the Security Console, click Access > Authentication Agents > Generate Configuration File
From the Maximum Retries drop-down menu, select the number of times you want the authentication agent to attempt to establish communication with Authentication Manager before returning the message “Cannot initialize agent - server communications.
From the Maximum Time Between Each Retry drop-down menu, select the number of seconds that you want to set between attempts by the authentication agent to establish communications with Authentication Manager.
Click Generate Config File.
Click Download Now, and save AM_Config.zip to your local machine.
After you finish
If you are configuring an agent:
Copy AM_Config.zip, containing the sdconf.rec file and the failover.dat file, to each agent host. The agent uses the data in the sdconf.rec file as a backup.
Configure the agent with the new sdconf.rec file and if necessary, the failover.dat file. For instructions, see your agent documentation.