Pricing Request a trial or quote Downloads

Access Manager Agent - Legacy AMSv2 policies page

PreviousAccess Manager Agent - Linux polices page NextAccess Manager Agent - Password settings page

Last updated 10 months ago

Was this helpful?

Access Manager Agent - Legacy AMSv2 policies page

Access Manager Agent v2 is supported by servers running either Access Manager v2 or v3.

However, are not available in these agents.

Agent Policies configured under the Legacy AMSv2 policies page will only target devices running Access Manager Agent v2.

For more information on planning your AMS v3 migration, see our guide.

The Legacy AMSv2 policies page in the Access Manager Agent area of Access Manager allows you to configure policies for devices running Access Manager Agent (version 2.0 only).

You can create custom Access Manager Agent v2 policies that are targeted at specific computers, groups and containers defined AMS.

If no policies are configured, or an agent does not match any of the custom policies configured, the "Default V2 agent policy" will be applied to the agent.

You can view or edit the default policy for v2 agents by clicking Edit default policy... at the top of the page.

Create or edit an agent policy

You can create a new Access Manager Agent policy for v2 devices by clicking the Create new... button at the bottom of the page.

Policy settings

Policy name

Specify the name for the custom agent policy.

Note: This field is not configurable for the default policy.

Policy target group

This list allows you to target specific computers, groups and containers that the policy will be applied to.

It is important to note that Access Manager evaluates policies in the order they are presented in the UI.

When an agent checks in to the Access Manager server, the server will evaluate each policy - in order - to determine if the policy is applicable to the agent (given the configured targets). The first policy that matches will be applied to the agent.

If no policy is configured with a target that captures the given device, the device's policy will fall back to the default agent policy.

For this reason, it is important to consider the order in which your policies are organized; as a rule of thumb, policies with more specific targets should be placed higher in the list than more generically-targeted policies.

Note: This field is not configurable for the default policy.

Password settings

History

Maximum password age (days): The maximum number of days before the password must be rotated. For example, if this is set to 7, then the password would be rotated after 7 days.
Number of previous passwords to keep: The number of historical passwords to store in the Access Manager database.
Number of days to keep previous passwords: The number of days to keep historical passwords for; setting this field to "0" disables aging out of historical passwords.

Composition

The following configuration options are available to configure how Access Manager Agent v2 generates passwords for the built-in Administrator account:

Password length: The length of passwords to be generated for local administrator accounts
Password composition
- Use lower-case letters: If configured, generated passwords will contain lower-case letters
- Use upper-case letters: If configured, generated passwords will contain upper-case letters
- Use numbers: If configured, generated passwords will contain numbers
- Use symbols: If configured, generated passwords will contain symbols

PreviousAccess Manager Agent - Linux polices page NextAccess Manager Agent - Password settings page

Last updated 10 months ago

Was this helpful?

Access Manager Agent v2 is supported by servers running either Access Manager v2 or v3.

However, are not available in these agents.

Agent Policies configured under the Legacy AMSv2 policies page will only target devices running Access Manager Agent v2.

For more information on planning your AMS v3 migration, see our guide.

The Legacy AMSv2 policies page in the Access Manager Agent area of Access Manager allows you to configure policies for devices running Access Manager Agent (version 2.0 only).

You can create custom Access Manager Agent v2 policies that are targeted at specific computers, groups and containers defined AMS.

If no policies are configured, or an agent does not match any of the custom policies configured, the "Default V2 agent policy" will be applied to the agent.

You can view or edit the default policy for v2 agents by clicking Edit default policy... at the top of the page.

Create or edit an agent policy

You can create a new Access Manager Agent policy for v2 devices by clicking the Create new... button at the bottom of the page.

Policy settings

Policy name

Specify the name for the custom agent policy.

Note: This field is not configurable for the default policy.

Policy target group

This list allows you to target specific computers, groups and containers that the policy will be applied to.

It is important to note that Access Manager evaluates policies in the order they are presented in the UI.

If no policy is configured with a target that captures the given device, the device's policy will fall back to the default agent policy.

Note: This field is not configurable for the default policy.

Password settings

History

Maximum password age (days): The maximum number of days before the password must be rotated. For example, if this is set to 7, then the password would be rotated after 7 days.
Number of previous passwords to keep: The number of historical passwords to store in the Access Manager database.
Number of days to keep previous passwords: The number of days to keep historical passwords for; setting this field to "0" disables aging out of historical passwords.

See for more information how how these settings work to ensure you have the right number of passwords retained.

Composition

The following configuration options are available to configure how Access Manager Agent v2 generates passwords for the built-in Administrator account:

Password length: The length of passwords to be generated for local administrator accounts
Password composition
- Use lower-case letters: If configured, generated passwords will contain lower-case letters
- Use upper-case letters: If configured, generated passwords will contain upper-case letters
- Use numbers: If configured, generated passwords will contain numbers
- Use symbols: If configured, generated passwords will contain symbols