Configure Advanced Settings for the Agent

The command line Agent setup is a standard .msi file (Aternity_Agent_xx.msi), and an accompanying batch file (Aternity_Agent_xx_Install.bat) which contains the default parameters to run the setup.

The default settings in the batch file are designed to work with nearly all configurations and proxy server settings. However, for a virtual desktop or virtual application server, or for a special proxy server just for the Agent, configure the parameters accordingly.

The batch file typically contains only a single command to launch the .msi file with its parameters. For example:

msiexec /I Aternity_Agent_x.msi /QN /L*V+ logfilename.log ADDLOCAL=Agent,Recorder DEVICE_TYPE=Desktop AGGREGATION_SERVERS=hostname

Do not change the following parameters:

Field Description

/I

/QN

/LV

These are standard Microsoft .msi parameters required for a successful setup and log files, and should not be altered.

Procedure

  1. Step 1 Set the address of the Aternity Aggregation Server using the AGGREGATION_SERVERS parameter as follows:
    AGGREGATION_SERVERS=http://AggSrv:Agg_port1
    Important

    If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server.

    You can only enter one address for the AGGREGATION_SERVERS parameter.

    To secure the connection between the Agent and your Aggregation Server, specify https:// in the address in the AGGREGATION_SERVERS parameter.

    AGGREGATION_SERVERS=https://AggSrv:Agg_port1

    To further strengthen security, specify that the https uses two way SSL authentication, by adding the parameter CLIENT_CERTIFICATE=AUTOMATIC.

    You must also secure the Aggregation Server (or its load balancer) by configuring it to work with HTTPS.

    Secure the connection to an Aggregation Server with HTTPS
  2. Step 2 Choose the Agent features to deploy with the ADDLOCAL parameter.

    Combine several features by listing them separated by a comma (no space). For example, the default parameters are:

    ADDLOCAL=Agent,Recorder,ProductDiagnostics
    Field Description
    ADDLOCAL=Agent

    Installs and activates the Agent.

    ADDLOCAL=Recorder

    Adds a (disabled) Aternity Recorder to help create your own custom activities.

    Note

    The Recorder is a dormant component of the Agent, which is only enabled if the user explicitly and deliberately starts and stops a recording.

    ADDLOCAL=ProductDiagnostics

    Allows this computer to automatically send diagnostic information about the Agent to Aternity, to help improve the product and support.

  3. Step 3 (Optional) To configure the Agent on a device to report data anonymously, by encrypting the details (attributes) which identify a user, use the ENFORCE_PRIVACY parameter during setup as follows:
    ENFORCE_PRIVACY=true

    The default value is false, so if your batch file does not contain this parameter, it does not encrypt any user identifying fields. The encrypted attributes are:

    • User Name

    • IP Address

    • Hostname

    • Active IP Address

    • Username

    • Client Hostname

    • Email Address

    • AD Title

    • User Full Name

    For example, you can view the encrypted fields of a device whose Agent enabled ENFORCE_PRIVACY by viewing its Device Details dashboard.

    Example of encrypted fields when privacy is enabled on the device's Agent

    A Power User of Aternity can configure this list by navigating to Settings > Advanced Settings > privacy > privateStaticAtttributeList.

  4. Step 4 To implement failover between several Aggregation Servers, edit the AGGREGATION_SERVERS line to add a semicolon (;) and then the address of the next server.
    AGGREGATION_SERVERS=https://AggSrv1:Agg_port1;https://AggSrv2:Agg_port2;https://AggSrv3:Agg_port3

    This kind of disaster recovery (DR) works equally well when you have one Aggregation Server, or if you deployed several Aggregation Servers behind a load balancer.

    Agent connects to a different Aggregation Server if one connection fails

    For more information, see Implement Redundancy, High Availability (HA), and Failover for Aternity on-premise.

  5. Step 5 To add an Agent on a VDI (virtual desktop infrastructure like VMWare vSphere) or a virtual application server (like Citrix XenApp), use the DEVICE_TYPE parameter in the batch file or in your software distribution system.
    Types of Agent deployments
    Note

    By default, a virtual session only reports data to Aternity while a user is logged in to Windows, and stops when a user logs out. Aternity does not report boot times for virtual sessions.

    To report data even when a user is not logged in to Windows, select the Gear Icon > Settings > Advanced Settings > agent > configuration > overrideConfigurationParam > Citrix and VDI > SendMeasurementsOnUserNotLoggedOn > value and set it to True.

    Field Description
    DEVICE_TYPE=desktop

    To add it to a physical Windows computer (default).

    DEVICE_TYPE=virtualdesktop

    For VDI deployments, add it in the virtual machine disk image, so that each new virtual desktop includes a running Agent.

    DEVICE_TYPE=server

    To add on a virtual server, hosting remote sessions. For example, a virtual application server, or Microsoft RDC.

  6. Step 6 Proxy server settings are nearly always automatic. If you configured the system user in Windows to use a proxy server, or a PAC file for conditional proxy routing, the Agent automatically connects via this proxy, with zero configuration.

    However, if you want Agents to connect to the Aggregation Server using proxy server settings that are different from the system user in Windows, set the AGGREGATION_SERVERS parameter as follows:

    AGGREGATION_SERVERS=http://AggSrv:Agg_port,:@http://ProxySrv:Proxy_port

    For example:

    AGGREGATION_SERVERS=HTTP://1.2.3.4,:@http://11.12.13.14:3128

    Connecting to an Aggregation Server via a dedicated proxy server

    This format also supports secured HTTPS communication to the proxy server.

    If your proxy requires credentials, enter the username before the colon (:), and the password before the at-sign (@).

    For example:

    AGGREGATION_SERVERS=https://1.2.3.4,pxyuser:pswd@https://11.12.13.14:3128

    The system also supports a PAC or JS file for conditional proxy routing.

    Using a PAC file to route to different proxy servers

    For PAC files, use the following syntax:

    AGGREGATION_SERVERS=http://AggSrv:Agg_port,:@http://ProxySrv:Proxy_port/file.pac

    For example:

    AGGREGATION_SERVERS=https://1.2.3.4,proxyuser:pswd@https://11.12.13.14:3128/file.pac

    In this example, you specify a secured HTTPS connection to the PAC file, where access to that PAC file does not requires a username, but the proxy server declared in it does require a username (proxyuser) and password.

  7. Step 7 To report more detailed information on processes launched from the command line, select the Gear Icon > Settings > Advanced Settings > agent > configuration > templates > version_x_x > handler_configuration_info.

    Set the value of ReportProcessCommandLine to the name of the command line shell you are using, like svchost.