Configure the Trusted Agent Server

Configure the Trusted Agent Server to connect to the Trusted Agent Hub. The Trusted Agent Server is installed on a same machine in the same network as your private resources.

This task applies to on-premises and SaaS customers.

To configure the Trusted Agent Server:

  1. Go to the installation directory to run the Trebuchet.ServerConfigTool.exe. The default path from the install is: C:\Program Files\Cherwell\Cherwell Trusted Agent Server.
  2. Double-click Trebuchet.ServerConfigtool.exe to open the Server Manager.
  3. Select Trusted Agent Server from the Server drop-down list, and then select Configure.
  4. Provide a display name for the server. This will display in CSM Administrator.
  5. Provide Hub connection settings:
    Hub URLProvide the URL. This is the address that should be used to connect to the Hub from other Cherwell servers and services.

    Secure transport (HTTPS) should be used for all Hub communications in production environments.

    Shared Key Provide the Shared Key. This must be the same Shared Key that is used in the Trusted Agent Hub configuration.

    Cherwell provides this key to SaaS customers.

    TestSelect to verify that the Hub URL and shared key are valid.
  6. Provide connection to the CSM database:
    ConnectionUse the ellipsis button to browse and locate the database to connect to.
    Login to CherwellChose one of these options:
    • Windows authentication: Use the Windows credentials for the account that is used to run the Trusted Agent Service.
    • User ID and Password: Provide a CSM user ID and password. This is usually an administrative account with broad system access, but don't use the CSDAdmin default account. Provide a blank password to allow the specified user to log in without a password. This only works if the user does not have a password. This is not recommended.
    Test Select to verify login information.
  7. Enter the Hub Ping Frequency in seconds, to send a ping to the Hub. If a ping is not received by the Hub within the Agent Registration timeout period, then the Agent's registration with the Hub is considered expired. No further requests are sent to the Agent until the next registration request or ping is received from the Agent. The Hub Ping Frequency should always be lower than the Agent Registration period set for the Trusted Agent Hub. The Hub default is 180 seconds.

    Use -1 to disable pings sent to the Hub (not recommended).

  8. Select OK.
  9. Restart the Trusted Agent Server.