Introduction to Agents
  • 07 Jul 2022
  • 3 Minutes to read
  • Dark
  This documentation version is deprecated, please click here for the latest version.

Introduction to Agents

  • Dark


Decisions Agent Management allows communication with a client-server that is secured with a Firewall. The Decisions Agent is downloaded on the local server and then installed onto the Client server. and the firewall does not have to be changed. Decisions can then have access to the files from the client machine through an Agent and if there is a firewall in place, then it will not have to be changed.

Server – Client communications with Agent

The following diagram demonstrates communication between a Decisions Server and Client Machine where the Agent installed.

How It Works

Administrators can define a Decisions Management Agent on a particular Decisions server or Multi-Tenant instance. Doing this creates an install package in the form of a .exe (executable) file to run. That executable can then be run on a target machine to install the Decisions Management Agent. The Agent contains the IP address of the Decisions server where it was created, and it contacts that Decisions server via TCP/IP to listen for instructions. The Decisions server can then tell the Agent to do a particular Active Directory task, like fetching the users or groups. The agent receives the Active Directory server information from the Decisions server it needs to connect to the Active Directory server as a machine on the Active Directory domain.

A username and password combination referred to as "Elevated" credentials would be input by the Active Directory administrator to allow for the Agent to make its requested queries of the specified Active Directory domain server. The Elevated User Name is stored in the Decisions database and the Elevated User Password is stored in encrypted form in the Decisions database, but it is unencrypted in RAM when being used.

The Agent carries out the Active Directory request and returns the resulting output to its Decisions server via an API call to the Decisions server's AgentService.

Port Communication

  • The Agent uses Port 4502 to talk directly to its Decisions host server. The reverse communication path (Agent client to Decisions Application Server) is what needs to be open.  On the Decisions Server, a Firewall Rule should be added to allow incoming connections on Ports 4502-4534. Once that is in place, restarting the Agent should put it in Live Connection mode. If the Agent cannot connect to its Host Server on Port 4502, then it will use a polling mode on Port 80/443 instead.

  • The Client Machine communicates with the Server through Port 80, (if the server is set up to http) or the Client Machine communicates through Port 443 (if Server is set up for https). Therefore, Port 80 or 443 should be open for outbound connections on the Client’s Firewall.

  • The server communicates with a Client through the range of 4502-4534 Ports (the first in range that is not in use). Decisions Management Agent local service on the Client Machine needs to have permissions for the inbound connections on Client’s Firewall.


To help users track and identify any issues with their Agents, the Decisions Management Agent Folder provides a Log tracking system. 

Logs Location 
Logs for an Agent in v6 installations are found on the File System at C:\Program Files (x86)\Decisions Agent\Logs.

For more information on Logging, see the following documents: 

Similar to other Logging in Decisions, Agents display Logs in the order of LogNumber, TimeStamp, Level, LevelName, Category, Message, ThreadId, and details of the Exception. These elements can be read and used to understand why there may be any problems with the Agent or any of its processes. 

Accessing Agent Logs from Decisions 

Note on Example
The following example requires that a user has set up and is using an Agent. For more information regarding Agent setup, see Agent Setup and Testing.

If a user wishes to access the Agent Logs from within Decisions, they must:

  1. From the Decisions Studio, navigate to System > Designers > Agents.
  2. Open the respective Agent's Folder.  
  3. From the Agent's Folder, right-click one of the items in the Deployed Agents Report, then select Get Agent Log.
  4. After selecting Get Agent Log, view the resulting Logs by navigating to the Folder View for the Agent by clicking the Folder View tab. 


Currently in v.6, Agents are primarily used for AD Sync functionality, Login functions, Database Integration, as a method to update Database Value, and as a way to write a File to a Client Machine via Flow

Links to Additional Information 

Was this article helpful?