Authenticating

After an Agent has been installed, it is not possible to start working with it immediately. A system administrator must first authenticate it. Follow these steps to authenticate Agents.

To Authenticate an Agent with "NO" Authentication Method

No manual authentication is necessary. The Authentication Key is derived automatically from the system name, the Transfer Key is automatically generated on first start of the Agent.

With this method, an Agent can only log on to the Automation Engine system with the Transfer Key specifically generated for it. You can change the Authentication Method later on.

Start the Agent.

The following happens automatically in the background:
- An Agent object is automatically created in Client 0. It derives the Authentication Key from the Automation Engine system name.
- The Transfer Key is automatically generated by the Agent and the Automation Engine. The Agent stores it in its KeyStore file.
Log on to Client 0 and open the Administration perspective.
Assign the required client authorizations in the Agent object if you do not use HSTA objects, see Assigning Clients to Agents.

The Agent generates the Transfer Key using the Diffie Hellman approach and stores it in the KeyStore file. Now it is authenticated in the Automation Engine system. Authenticated Agents display a tick in the Authenticated column on the Agents list.

To Authenticate an Agent with "LOCAL" (Server) Authentication Method

Log on to Client 0 and open the Administration perspective.
Expand the Agents & Groups menu in the Administration pane and select Agents.
Click Export Authentication Key on the toolbar.

A file containing the Authentication Key is downloaded.
Save the file containing the Authentication Key in a secure folder on the computer where the Agent runs.
In the Agent INI file enter the path and the name of the Authentication Key file in the [AUTHORIZATION] section using the InitialPackage= parameter.

In KeyStore=, enter the path and name of the Agent's KeyStore file. The agent uses the KeyStore file to store all keys used for authentication.

Make sure that the KeyStore file is located in a secure folder accessible to the Agent.
Start the Agent.

It loads the Authentication Key from the downloaded file provided by the InitialPackage= parameter and stores it in the KeyStore file. Then it deletes the original file.
An Agent object is automatically created in Client 0, which must be authenticated.
Assign the required client authorizations in the Agent object if you do not use HSTA objects, see Assigning Clients to Agents.
To authenticate the Agent:
1. Open the Administration perspective if you are not already there.
2. Open the list of Agents and select the one you want to authenticate.
3. Right-click and select Authenticate Agent.

To Authenticate an Agent with "LOCAL_REMOTE" (Server Agent) Authentication Method

Log on to Client 0 and open the Administration perspective to create an Agent object.

Its name must be the same as the one defined in the Agent INI file provided by the name= parameter ([GLOBAL] section) .
Assign the required client authorizations in the Agent object if you do not use HSTA objects, see Assigning Clients to Agents.
In the Agents list, right-click the Agent object you have just created and select Download Authentication Package.

You need W (Write) permissions for the Agent object to be able to export the Authentication Package.
Save the authentication package in a secure folder on the computer where the Agent runs.
In the Agent INI file:
- In InitialPackage= ([AUTHORIZATION] section) enter the path and name of the Authentication Package.
- In KeyStore= enter the path and name of the agent's KeyStore file in which the Agent will store the information retrieved from the Authentication Package.
Make sure that both files are stored in protected directories.
Start the Agent.

The Agent reads the Authentication Package file and stores the information in the KeyStore file. Then it deletes the Authentication Package file. The Agent is now authenticated in the Automation Engine system.