I have a basic question about using the Auto-registration feature in the Windows Agent. If you add those capabilities to a Windows agent when it is installed is it still necessary to go into the Security Console of the RSA Authentication Manager and add that system directly as an agent to the system? I was hoping that Windows Auto-registration did all that for you but now I am wondering if that is true. Am I taking the term Auto-registration a tad too literally?
Thanks -
Mike
Auto-registration allows a new agent the Security Console has never seen before punch itself into the config automagically. It uses the server.cer file and sdadmreg.exe to do this. The concept is whenever the tcp/ip stack changes on the agent, the autoregistration component tries to reach an RSA server and update it's IP to the current one (in DHCP or VPN IP pool scenarios), or register itself as a new agent. It requires port 5550/tcp connectivity. Manually running sdadmreg -r will attempt a registration right then, so you can test this from command line and watch what occurs if you are troubleshooting.