OverviewQuick StartUser InterfaceConfiguration OptionsTeamsTroubleshooting

AD Agent: Quick Start Configuration

These instructions provide a quick introduction to setting up and running the AD Agent on a simple single-domain network.

1. Prepare the domain and service account:

  • Create a new group on the domain named "dcagent_services ".
  • Create a new domain user account named “dcagent_service” and make it a member of the dcagent_services group.

    NOTE: Be sure to record this password as you will be prompted for it during the configuration wizard process.
  • Add your administrator account to the dcagent_services group. (Any users in the dcagent_services group have permission to manage the AD Agent.)
  • Open the Domain Security Policy console, then expand the "Local Policies" / "Audit Policy" node on the Security Settings tree. Double-click the "Audit account logon events" policy, and check the "Define these policy settings" checkbox. Then check the "Success" checkbox. Make these same settings changes for the "Audit logon events" policy as well. Close the Domain Security Policy console.
  • Open the Domain Controller Security Policy console. Expand the "Local Policies" / "User Rights Assignment" node of the tree. Double-click the "Manage auditing and security log" policy. Check "Define these policy settings", then add the dcagent_services and Domain Admins groups to the list of permitted users. Close the console.

    If installing the AD Agent on a domain controller only:
    • Double-click the "Allow Logon Locally" setting.
    • Add the dcagent_service account to the list of permitted users.
  •  Close the Domain Controller Security Policy console.

Top

2. Install the AD Agent on a Windows server:

The steps in this section provide instructions for setting up and running AD Agent on a simple, single-domain network.

  • In the Web Filter user interface, go to System > Authentication > Enable/Disable Authentication window.
  • In the AD Agent frame, click Download Trustwave AD Agent Installer to download the AD Agent (DCAgent.msi) to the administrator’s machine.
  • Launch DCAgent.msi.

    NOTE: If prompted, install Microsoft .Net Framework 2.0. (This component is located on the Active Directory distribution media; it can also be downloaded from this location on the web: Microsoft .Net Framework 2.0 Download.) Framework may require updating other Windows components before installing the AD Agent.
  • Click Run to open the End User License Agreement (EULA) in the AD Agent installation setup wizard. After reading the EULA, click Accept to proceed with specifying the destination folder for installing the AD Agent.
  • After specifying the destination folder for AD Agent installation, click Next to proceed with the AD Agent installation setup process.
  • When the AD Agent installation setup process has successfully finished, completion information displays. Click Close to close the installation setup window and to open the AD Agent configuration wizard window. The configuration wizard can be completed now or at a later point in time.

Top

3. Run AD Agent configuration wizard:

The AD Agent configuration wizard should be run when setting up AD Agent for the first time, and if the role of the AD Agent on the current machine changes (from primary to satellite, or vice versa).

TIP: To access the configuration wizard after the initial setup process, go to Start on the Windows machine, and from the AD Agent menu select Quick-Configuration Wizard.

  • The first page of the Quick Configuration Wizard contains instructions similar to these; click NEXT to proceed.
  • Enter the password for the dcagent_service domain account that was created in Step 2; click NEXT to proceed.
  • Click NEXT to bypass the AD Agent role selection page.
  • Fill in all fields of the transmitter configuration page by supplying the IP address or hostname of the Web Filter, the IP port (if your filter has a non-default port), the authentication passphrase created in Step 2, and an optional descriptive name for the filter; click NEXT to proceed.
  • The Configuration Wizard is now ready to apply your settings. Click NEXT to start the process. Activity messages appear in the log window, and a completion message appears when the process is finished.
  • Check the log window for any error messages (in RED) and any instructions marked "MANUAL ACTION REQUIRED". If either of these messages appears, use the Copy to Clipboard button to capture the log for reference by Trustwave Technical Support.
  • If there are no errors or manual actions required, the AD Agent service will be automatically started by the Configuration Wizard. If errors or manual action instructions appear, those issues must be addressed separately, and then the service can be started using the Windows services applet.

Once the AD Agent service is up and running, you can launch the Agent user console to verify that the Agent is functioning properly.

Related Topics:

Back | Top



© Trustwave. All rights reserved.