Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-4450: How to set registry values for DA Audit Agent

Auditing and Monitoring Service ,  

12 April,16 at 11:22 AM

Applies to:
Centrify DirectAudit on Windows platform
When deploying the DA Agent on a large scale to Windows servers is there a way to specify the agent config within the MST which would then set the appropriate registry key values? The MST offered with the agent binary only seems to have one added property value for GPDeployment.
It looks like "MaxFormat", "SpoolDir" and "DiskCheckThreshold" are the three keys which are needed.
All the registry settings customer requested are properly defined in the agent msi and can be changed by the installer transform file (.mst). And the transform file can be applied at the install time or GPO.
The registry settings are defined as following properties in msi, please note the last two properties are not listed in the msi Property table by default, we need to add new rows to modify them. And the "CurrentInstallation" is not needed to specify, agent will load the installation name by ID.
For reference, here is a typical use case to modify those settings by Orca tool to generate the transform file and apply it at the install time:
1) Download and install the Orca tool from Windows SDK
2) In Orca.exe, File->Open the Centrify Windows Agent msi file
3) Click Transform->New Transform
4) Now you are in transform edit mode, you can modify any data rows in this msi. To modify registry settings, go to "Property" table, for example, you can see the "REG_MAX_FORMAT" and "REG_DISK_CHECK_THRESHOLD" listed in the table with a default value, you can modify them directly. 
For other values like "REG_SPOOL_DIR" and "REG_INSTALLATION_ID" not listed in the table, you can Right click->Add Row to add them.
5) After all modifications, Click Transform->Generate Transform, save it, e.g. modify_reg.mst. See screenshot

Generate Transform
6) Apply this mst when you install the msi, e.g. for script installation, copy the mst file to the same folder of msi, run:
msiexec /i "Centrify Windows Agent64.msi" /qn TRANSFORMS="modify_reg.mst"
Or for the GPO deployment, add this file to the GPOE->Software Installation->Advance->Modifications tab.
After step 6, the modified settings/registry keys saved in the transform file will be applied to the machine.