-
-
-
Central Config File Management
-
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Central Config File Management
The ability to retrieve configuration sets from an SMB file share is called Central Config File Management (CCFM). It has the advantage of automatic deployment via an agent-based pull mechanism and full support for uberAgent ESA Threat Detection rules and inventory tests (which cannot be distributed by Group Policy alone). With Central Config File Management, either a single configuration can be used for all endpoints, or different types of agents can be configured to pull different configurations.
Central Config File Management is an alternative to configuring uberAgent via local configuration files or Group Policy.
Requirements
File Share Access
uberAgent must have read permissions on the file share to copy the central configuration to the local cache.
Windows
The uberAgent service runs as SYSTEM. Hence, in an Active Directory domain environment, the computer account must have read permissions on the central file share.
macOS
Mount the file share as SMB share.
Azure Files
You can use Azure Files to store the central configuration in the same way that you can use it for the license file.
Availability Requirements
There is no need for the configured file share to be available all of the time. Endpoints always use the local configuration cache.
Enabling CCFM
If a base path is specified via one of the methods described in this section, Central Config File Management is enabled.
Windows
uberAgent checks the following registry values at startup. If one of them exists, the agent uses the specified value as the base path to the central configuration file share.
Via Group Policy
Specify the base path to the configuration file share in the registry value HKLM\Software\Policies\vast limits\uberAgent\Config\ConfigFilePath (REG_SZ). This setting can be deployed via uberAgent’s Group Policy settings.
Via the Registry
Specify the base path to the configuration file share in the registry value HKLM\Software\vast limits\uberAgent\Config\ConfigFilePath (REG_SZ).
macOS
-
Add the path to the config file share in the file
/Library/Application Support/uberAgent/Config Templates/uberAgent-remote-config-macOS.conf: Section:RemoteConfigurationKey:ConfigFilePath -
Copy the updated file to
/Library/Application Support/uberAgent.
How CCFM Works
If Central Config File Management is enabled, uberAgent tries to retrieve its configuration from the file share specified in the ConfigFilePath setting. It does so by looking for the configuration matching its own version the closest.
If a central configuration is found, and its timestamp differs from the previously cached configuration on the endpoint, uberAgent downloads the central configuration. It then compares the currently applied configuration with the downloaded central configuration for meaningful changes. If any are detected, the newly downloaded central configuration is applied.
Configuration Archive (uberAgent.uAConfig)
uberAgent expects the central configuration in a single file, uberAgent.uAConfig. Technically, this file is a zipped archive of all of uberAgent’s configuration files.
Base Path Subdirectory Precedence
Assuming the agent’s version is 7.1.0.5050 and the file share path is \\server\share, uberAgent looks in the following directories for the configuration archive uberAgent.uAConfig and uses the first config archive it finds:
\\server\share\7.1.0.5050\\server\share\7.1.0\\server\share\7.1\\server\share\7\\server\share
CCFM Application Matrix
The following matrix helps to understand how Central Config File Management updates the local agent configuration.
| File share accessible | Central configuration found | Local cache valid | Meaningful change detected | uberAgent behavior |
|---|---|---|---|---|
| yes | yes | no | n/a | The configuration is downloaded and applied; the local cache folder is updated. |
| no | n/a | no | n/a | uberAgent pauses for 60 s, after which it retries, repeating this until uberAgent.uAConfig is found. |
| yes | yes | yes | yes | The configuration is downloaded and applied; the local cache folder is updated. |
| yes | no | yes | n/a | uberAgent uses the cached configuration. |
| no | n/a | yes | n/a | uberAgent uses the cached configuration. |
Refresh Interval & Auto-Update
Each agent regularly checks the CCFM file share for updates and applies new configurations automatically. See this document for details.
Creating or Updating a Custom CCFM Archive (uberAgent.uAConfig)
Note: the CCFM archive of the default configuration can always be found in the config-dist subdirectory of the uberAgent Configuration GitHub repository. Creating your own CCFM archive is only necessary if customizations are to be applied to the default configuration.
Downloading the Latest Files from GitHub
We provide a PowerShell script to help automate the process of downloading a subset of uberAgent’s configuration files from GitHub.
With the help of this script, download those files that you want to update, leaving your customized config files unchanged. Then proceed to create the CCFM archive as explained below.
Creating the CCFM Archive (uberAgent.uAConfig)
Create an archive of all uberAgent configuration files you want to be part of your central configuration and name it uberAgent.uAConfig. This can either be done in Windows Explorer, macOS Finder, or on the command line. The steps to produce a configuration archive on the terminal are as follows:
- Copy all configuration files into a folder.
- Change to this folder on the command line.
- Execute one of the following commands, depending on the platform you are creating the archive on.
Windows
Compress-Archive * -DestinationPath config-temp.zip
Move-Item config-temp.zip uberAgent.uAConfig
<!--NeedCopy-->
macOS
zip -r uberAgent.uAConfig ./ -x "*.DS_Store"
<!--NeedCopy-->
Switching Between Configuration Options (CCFM ↔ Local ↔ Group Policy)
Switching from one configuration option to another at runtime is possible anytime.
From Central to Local Configuration
Windows
Remove the value ConfigFilePath where you configured it (registry or Group Policy, see above).
macOS
Remove the file uberAgent-remote-config-macOS.conf from the folder /Library/Application Support/uberAgent.
From Local to Central Configuration
Windows
Add the value ConfigFilePath either via the registry or via Group Policy (see above).
macOS
Add the path to the file share in file uberAgent-remote-config-macOS.conf (see above).
CCFM Reporting & Monitoring
uberAgent reports configuration metadata in the sourcetype uberAgent:Config:ConfigInfo (docs). The transmitted data is visualized in the uberAgent Versions Splunk dashboard.
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.