Agent Properties - DSS 6 | Data Source Solutions Documentation

Documentation: Agent Properties - DSS 6 | Data Source Solutions Documentation

Agent Properties

An agent property specifies the characteristics/attributes of an DSS Agent. This can include agent connection parameters, user access levels, authentication mode, etc. In the Command Line interface (CLI), the repository properties can be set using the command dssagentconfig.

An array property and map property can store multiple values. The syntax for updating them from the Command Line Interface (CLI) varies.

Agent_Server_Kerberos_Keytab

Argument: keytabfile

Description: Full path to the user specified Kerberos keytab file that contains a security key for identifying the agent to the hub during authentication (when connecting hub to the agent). If defined, this keytab file will be used instead of the operating system defaults.

Agent_Server_Kerberos_Principal

Argument: principal

Description: User specified Kerberos principal name for identifying the agent to the hub during authentication (when connecting hub to the agent). If defined, this principal name will be used instead of the operating system defaults.

Agent_Server_Private_Key

Argument: base64

Description: Private key for the DSS Agent.

This property is generated when agent starts for the first time.

Agent_Server_Private_Key_Password

Argument: password

Description: Password for the Agent_Server_Private_Key

Agent_Server_Public_Certificate

Argument: base64

Description: Public certificate for the DSS Agent.

This property is generated when agent starts for the first time.

See also, Agent_Server_Public_Certificate in location properties.

All_User_Access

Argument: accesslevel

Description: Enables you to set the DSS Agent administration permissions for all agent users configuring the agent. This property supports only the following access level:

AgentAdmin: An agent user with this permission level can only configure the agent service from DSS UI or using remote CLI.

Example JSON:

{"level":"AgentAdmin"}

This is a map property that can store multiple values.

Anonymous_Access

Argument: true

Description: Anonymous access to DSS Agent. If set to true, the DSS Hub System can connect anonymously to DSS Agent without supplying a username and password. This requires the agent property Only_From_Client_Public_Certificates.

Example JSON to enable anonymous access:

{"allow": true}

This is a map property that can store multiple values.

Only_From_Client_Public_Certificates

Argument: base64

Description: The SSL public certificate of the client (DSS Hub System). When this property is set, only the client that has the specified certificate is allowed to connect to the DSS Agent. Note that multiple certificates can be defined, and the incoming connection can use one of them.

This is a map property that can store multiple values.

See also, Agent_Client_Public_Certificate in repository property.

PAM_Service

Argument: service

Description: The name of the PAM service used for authenticating the agent users with PAM authentication. This defaults to the login service.

PAM_Sudo_User

Argument: username

Description: Name of the user for running the PAM authenticator instead of the operating system user under which the DSS Agent is running.

This user must have privilege to run the following command:

sudo -n -u PAM_Sudo_User -- $DSS_HOME/lib/dssauthpam PAM_Service

If this property is set then sudo is used to elevate privileges to verify the agent users with PAM authentication.

Remote_Keepalive

**Since** v6.1.5/7

Argument: seconds

Description: Set the timeout for DSS protocol keepalive messages between the DSS hub and DSS agent. This helps prevent network devices such as load balancers from terminating idle connections, ensuring continuous communication even when no data is being transferred.

Note that defining this property may introduce a minor performance overhead.

The value specified for this property is in seconds. For example, to set a timeout of 2 minutes and 20 seconds, you need to set the value to 140.

Setup_Mode_Timed_Until

Argument: time

Description: When this property is set, the agent is in setup mode until the time specified. This property can be used with the Setup_Mode_Token_Value.

Valid date formats are:

now[+|-]NUMs - indicates the number of seconds from now
now[+|-]NUMm - indicates the number of minutes from now
now[+|-]NUMh - indicates the number of hours from now
now[+|-]NUMd - indicates the number of days from now
now[+|-]NUMw - indicates the number of weeks from now
today indicates the current day
YYYY-MM-DD[T| ]HH:MM:SS[.MSECS]+TZD - indicates the precise date and time with time zone information
YYYY-MM-DD[HH:MM:SS] - indicates the precise date and time without time zone information
an integer - indicates seconds since 1970-01-01 00:00:00 UTC

Example:

Setup_Mode_Timed_Until=now+1h

Setup_Mode_Token_Name

Argument: tokenname

Description: User friendly name/description of the setup token.

Setup_Mode_Token_Value

Argument: tokenvalue

Description: When this property is set, the agent is in setup mode, and only allows access when the token value is provided. This property can be used with the Setup_Mode_Timed_Until.

User_Access

Argument: accesslevel

Description: Enables you to set the DSS Agent administration permissions for a specific agent user configuring the agent. This property supports only the following access level:

AgentAdmin: An agent user with this permission level can only configure the agent service from UI or using remote CLI.

Example JSON:

User_Access={"user1":{"level":"AgentAdmin"},"user2":{"level":"AgentAdmin"}}

This is a map property that can store multiple values.