Viewing and Managing the Agent Registration Status
The
Agent Registration Status
report lets you view all registration requests and completed registrations from Symantec Management Agents.In this report, you can see the computers that the
Agent Registration Policy
has automatically allowed or blocked. Note that for direct Symantec Management Agent push installation, the registration is bypassed. However, the computers are still displayed in the report and their status is set to Allowed
. If no Agent Registration Policy
applies to the computer, its status is set to Pending
and the right-click menu lets you manually allow or block it. The right-click menu also lets you revoke the trust of the agents that you have previously allowed.Incoming registration requests are distinguished by the resource keys and they are merged based on the resource keys lookup.
In some situations, duplicate registration requests may appear. For example, if you reinstall the agent on a computer that is already registered on Notification Server, its public key changes. In this case, Symantec recommends that you approve the registration request to let this computer continue communicating with Notification Server. Also, the duplicate registration requests may appear if you have computers with identical resource keys in your network. In this case, Symantec recommends not to approve the duplicate registration request because it may cause connectivity issues for the resource that previously existed.
If you have duplicate registration requests in your report, the requests are handled as follows:
- If the initial request is allowed and the duplicate request is also allowed, the duplicate request is merged with the existing resource and the report is updated to display a single entry.
- If the initial request is allowed but the duplicate request is blocked, both requests remain in the list. The allowed request represents the actual resource and the duplicate request in blocked or pending state represents the registration attempt from a potentially duplicated resource.
The
Agent Registration Status
report keeps all requests for audit purposes and lets you continuously observe them. This task is a step in the following processes:
- To view and manage the agent registration status
- In the Symantec Management Console, on theReportsmenu, clickAll Reports.
- In the left pane, underReports, expandNotification Server Management > Registration, and then clickAgent Registration Status.
- (Optional) On theAgent Registration Statuspage, use the right-click menu options to modify the status of the agent. Note that depending on the status of the agent, the right-click options vary.AllowYou can allow the agents that are in thePending,Blocked, orRevokedstate.If you allow a blocked agent, the trust is granted next time when the agent sends a registration request to Notification Server.BlockYou can block the agents that are in thePendingorRevokedstate.If you block a revoked computer, its functional status does not change. However, changing the status lets you differentiate the revoked computers that should never again connect to Notification Server from the revoked computers that may still require your attention.Note that computers with theBlockedstatus are removed from the list after a predefined period of time if no new registration requests were sent from the same computer during this time. The default period is three months, but you can change it on thePurging Maintenancepage.RevokeYou can revoke the registration of the agents that you have previously allowed. For example, you can revoke the registration for the client computer that is reported missing or stolen. After you revoke the agent, it stops receiving policies from Notification Server. Also, a revoked computer cannot be used as a site server.During the revocation of internal agent trust, the agent encryption key registration gets marked as revoked on Notification Server. Revoked agents do not receive policies and do not run tasks. Also, the revoked agent clears locally stored policies to minimize its activity. After the revocation, Symantec Management Agent is forced to reinitiate the registration process.The agent receives information about its revoked status next time when it tries to access secured data. Notification Server does not notify the agent about the revocation event when it occurs.Note that the revoked agent remains in theRevokedstate even if the agent registration policy allows it. You must manually manage the revoked computers, if you want to change their state.