Introduction to Agents
  • 20 Mar 2024
  • 3 Minutes to read
  • Dark
    Light

Introduction to Agents

  • Dark
    Light

Article Summary

Overview

Decisions Agent allows communication with a Client Server that is secured via a Firewall. The Agent is downloaded on a local server and then installed onto the Client Server. This allows Decisions access to the files from the Client machine via the Agent.

Where applicable, in instances where a Firewall is present, it will not need to be adjusted.

Server – Client communications with Agent

The following diagram demonstrates communication between a Decisions server and a Client machine when an Agent is installed.

Installing an Agent
Please note that while the Agent must be installed inside a client's network, it does not need to be installed into the SQL server directly in order for the connection to be successful. 


How It Works

Administrators can define a Decisions Management Agent on a particular Decisions server. Doing so creates an install package in the form of a .zip file that contains an executable File DecisionsAgent.msi file, as well as the AgentSettings.xml and PortalPublicKey.key files.

This executable can then be run on a target machine to install the Decisions Management Agent. The Agent contains the IP address of the Decisions server where it was created; the Agent contacts that Decisions server via TCP/IP to listen for instructions. The Decisions server can then tell the Agent to do a particular Active Directory task, such as fetching the users or groups. The Agent receives the Active Directory server information from the Decisions server. It must connect to the Active Directory server as a machine on the Active Directory domain.

A username and password combination, referred to as "Elevated" credentials, would be input by the Active Directory Administrator to allow for the Agent to make its requested queries of the specified Active Directory domain server. The Elevated User Name is stored in the Decisions database, and the Elevated User Password is stored in encrypted form in the Decisions database, but it is unencrypted in RAM when being used.

The Agent carries out the Active Directory request and returns the resulting output to its Decisions server via an API call to the Decisions server's AgentService.


Port Communication

  • The Agent uses Port 4502 to talk directly to its Decisions host server. The reverse communication path (Agent client to Decisions Application Server) is what needs to be open. On the Decisions Server, a Firewall Rule should be added to allow incoming connections on Ports 4502-4534. Once that is in place, restarting the Agent should put it in Live Connection mode. If the Agent cannot connect to its HostServer on Port 4502, then it will use a polling mode on Port 80/443 instead.
  • The Client Machine communicates with the Server through Port 80 (if the server is set up to http), or the Client Machine communicates through Port 443 (if the Server is set up for HTTPS). Therefore, Port 80 or 443 should be open for outbound connections on the Client's Firewall.
  • The server communicates with a Client through the range of 4502-4534 Ports (the first in range that is not in use). Decisions Management Agent local service on the Client Machine must have permissions for the inbound connections on Client’s Firewall.

Feature Details
Introduced in Version--
Modified in Version8.11
ModificationsLogSettings.json file is moved from C:\Program Files (x86)\FileStorage\
Primary\Settings to C:\Program Files (x86)\Decisions Agent

Logs

To help users track and identify any issues with their Agents, the Decisions Agent Folder provides a Log tracking system.

Users can also use LogSettings.json located at C:\Program Files (x86)\Decisions Agent to control the behavior of Logging events at the Local level within the File System. Log Category Settings like Category Name or Level can be adjusted in this file. For more information, refer to LogSettings.json.

Similar to other Logging in Decisions, Agents display Logs in the order of LogNumber, TimeStamp, Level, LevelName, Category, Message, ThreadId, and details of the Exception. These elements can be read and used to understand why there may be any problems with the Agent or any of its processes. 


Accessing Agent Logs from Decisions 

Note on Example
The following example requires that a user has set up and is using an Agent. For more information regarding Agent setup, see Agent Setup and Testing.

If a user wishes to access the Agent Logs from within Decisions, they must:

  1. From the Decisions Studio, navigate to System > Designers > Agents.
  2. Open the respective Agent's Folder.  
  3. From the Agent's Folder, right-click one of the items in the Deployed Agents Report, then select Get Agent Log.
  4. After selecting Get Agent Log, view the resulting Logs by navigating to the Folder View for the Agent by clicking the FOLDER VIEW tab.


For further information on Integrations, visit the Decisions Forum.

Was this article helpful?