Centrify DirectAudit 3.2.3 (Suite 2016) on All PlatformsQuestion:
Can you configure a DirectAudit Agent to point to a collector in the same site as the agent itself?Answer:
In Suite 2016, the DirectAudit agent can be configured to consider collectors in the local Active Directory site first; and only use collectors outside the local site when there is no active collectors in the local site.
This can be specified on a per Audit Store basis.
To specify agents to use collectors in the same site:
- Open the DirectManage Audit Manager console window.
- Expand Audit Stores, and right-click the desired audit store and select Properties.
- In the Audit Store Properties dialog box, click Advanced.
- Select Agents must prefer collectors in the same site as the agent. By default, this option is not enabled.
- Click OK to save the changes.
It may take several minutes for the changes to take effect, depending on Active Directory replication delays and policy sets.
If for some reason all collectors in a site are down, the agents use collectors in another site or configured subnet.
Once an agent fails over and uses a collector in another site, the agent continues to use that collector until a rebinding occurs.
You can do a rebinding with the dareload -b
During the time that the agent is using a collector in another site, dadiag displays a warning message.
If your installation uses agents older than 2016, those older agents ignore the collector preference setting.
For more information, please refer to Centrify Server Suite 2016 documentation, Centrify Audit Admin Guide, Configuring agents to prefer collectors, pg 61.https://docs.centrify.com/en/css/suite2016/centrify-audit-adminguide.pdf/