Environment
NetIQ AppManager 7.0.x
Situation
Resolution
By default, any Management Server/Repository can monitor an AppManager Agent.
During the initial installation of the agent the agent(s) can be initially configured to communicate with a specific management server.
- The preferred way to update the 'AllowMS' field is to use the AMAdmin_SetAllowMS knowledge script.
- To manually restrict which Management Server(s) can communicate with an agent, users can edit the registry of the agent(s) (using REGEDIT or REGEDT32) and modify the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\NetIQ\AppManager\4.0\NetIQmc\Security\AllowMS
Additional Information
Specify a comma-separated list of computer hostnames to designate the management servers that are allowed to communicate with this agent.
An asterisk (*) as a value for the AllowMS registry key authorizes all management servers to communicate with the agent. With this setting, ?anonymous? management servers, servers with which the agent has not explicitly authorized communication, can communicate with the agent. This represents the lowest-security setting. It is the default if you do not choose to designate a primary management server during agent installation.