Agent Quarantine (4277104)

Agent might have been provisions without a token or is not yet approved to communicate with the SMA

All agents provisioned with out the use of a token will end up on the quarantine section of the SMA and will need to be Manually approved to be able to communicate with the SMA.

Note: that agents that have not been approved, will not be doing inventory/patching/scripting/etc. until they are approved or provisioned with a token

Note: after upgrading to SMA 11.0, all previous agents that where connecting to the SMA will be auto approved, the Quarantine detail of the device will show as “Auto Approved at upgrade”

Note: Allow legacy agents (pre-11.0) must be enabled for older agents to be approved, however a token cannot be provided to these older agents upon provisioning, only 11.0 agent can be installed with a token

To Approve/Block a device in Quarantine:

1. Login to the admin portal
2. Click on Inventory|Quarantine
3. You will be presented with a list of devices with pending actions
4. Check the device in question
5. Click on Choose Action and select the desired action
   1. Approved: will confirm this agent has permission to connect to the SMA and start executing task like Inventory/Patching/scripting/etc.
   2. Block: will avoid the agent in question to communicate with the SMA, this device can later be Unblocked or Approved as needed.

To auto approve an agent using a token, the token needs to be created.

To create a token:

1. Login to the admin portal
2. Click on Settings|Agent Tokens
3. Click on Choose Action|New
4. Input the following
   1. Name: input a name for the token, this is a required field
   2. Expires: when disabled, the token will not have an expiration date, if enabled, a date for expiration must be set (date can be changed when needed)
   3. Use Limit: when disabled, a token can be used as many times as needed, if enabled, a usage limit must be set, once reached, the token will not allow any new devices to use this token (option can be changed to increase the amount)
5. Click on the Save button when done (page will auto refresh)
6. Take note of the generated token (avoid copying any extra spaces)

Once the token has been generated it can be used to install the agent with a token, this token will auto approve the agent on connection, so no manual approval will be needed to be provided.

Note: on a multiORG SMA, each org can have its own token, when approved with this token, the device will be routed to the org in question, meaning all systems approved with a Token created in org1 will be routed to org1. if no token is provided, devices will be sent to the System portal for approval.

You can use the token the following ways:

1. Provisioning from the SMA: an additional token option will be present, from this drop down a token can be selected, once the SMA provisions the agent, it will automatically do so with a Token, this will allow the agent to be approved as soon as it reached the SMA for its first connection
2. Manual agent install: during the installation of the agent, it will prompt for the host name and token of the SMA, input the newly created token, this will allow the agent to be approved as soon as it reached the SMA for its first connection
3. Auto Install package: you can get an installer with the hostname and token already included from the SMA, you can download it from Setting|Agent Tokens, view the details of the desired token and then download the bundle needed (Agent bundle 11 is required to be updated on the SMA for this option to be present)