About managing credentials for agent-based targets
For a given asset the credentials are required for one of the following objectives:
For querying the information of the target computer
For querying the information of the applications such as SQL on the target computer
For agent-based assets, you can do the following:
Use centralized credentials:
You can use credentials saved in CCS credential database using the Credentials view. If local credentials are not configured, data collection job attempts to resolve credentials for the target at CCS Manager. If configured local credentials are available, they passed on to the agent along with the job for reuse.
CCS Manager fetches information from Application Server.
Besides the above-mentioned options, for Windows fallback option can be used to collect data.
Configure credentials locally on the target:
CCS provides a utility for each platform which lets you configure credentials on the target computer. You can select type of credentials for configuration, specify username and password. After you configure the credentials using the given utility, the tag Use Local Credentials is set on the target and all data collection jobs for that particular platform start using local credentials.
For agent-based assets, you can either use agent side credential for a platform, use CCS side credential, or do not use credentials at all. The agent-based credential support is available only for UNIX and Windows platform.
To configure local credentials on agents for raw data collection, you can use the following utilities per platform:
Windows = WinCredConfig.exe
SQL = SQLCredConfig.exe
UNIX = UnixCredConfig.exe
To configure local credentials on agents for message based data collection, you can refer to ESM platform information.
Use Agent Service Context for data collection, which can be configured for RBC_USE_PROCESS_CONTEXT in the agent.conf file at <InstallDir>\Symc_Enzo\ESM\config.
To perform raw data collection, specify the context as follows:
0 stands for Always use credentials, ignore process context.
1 stands for Use credentials if configured or else fallback to process context (DEFAULT).
2 stands for Always use process context, ignore credentials.