Hi team,
the agent-auth.exe implementation is a bit old compared with the implementation of agent-auth for Linux based systems. This creates some issues when registering agents using agent-auth.
Also, there are a lot of parameters missing in the agent-auth.exe. Most of the parameters that you can find in here don't work in the Windows version of agent-auth.
Regards.
Yes, please let's get (and keep) the Windows agent-auth.exe program caught up to the same feature set as the Linux agent-auth program. I have clients with many Windows servers that want as much love as the Linux ones. 馃槃
I was recently excited to read about the new -G option that allows the agent group to be specified by agent-auth but it appears it would only work for me in half of my use cases as agent-auth.exe does not support it yet. I sure would like to be able to use that for our Windows mass deployments.
c:\Program Files (x86)\ossec-agent>agent-auth.exe -h
Wazuh ossec-agent: Connects to the manager to extract the agent key.
Available options:
-h This help message.
-m <manager ip> Manager IP Address.
-p <port> Manager port (default 1515).
-A <agent name> Agent name (default is the hostname).
-P <pass> Authorization password.
# /var/ossec/bin/agent-auth -h
Wazuh v3.6.0 - Wazuh Inc. ([email protected])
http://www.wazuh.com
agent-auth: -[VhdtI] [-g group] [-D dir] [-m IP address] [-p port] [-A name] [-c ciphers] [-v path] [-x path] [-k path] [-P pass] [-G group] [-i IP address]
-V Version and license message
-h This help message
-d Execute in debug mode. This parameter
can be specified multiple times
to increase the debug level.
-t Test configuration
-g <group> Group to run as (default: ossec)
-D <dir> Directory to chroot into (default: /var/ossec)
-m <addr> Manager IP address
-p <port> Manager port (default: 1515)
-A <name> Agent name (default: hostname)
-c SSL cipher list (default: HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH)
-v <path> Full path to CA certificate used to verify the server
-x <path> Full path to agent certificate
-k <path> Full path to agent key
-P <pass> Authorization password
-a Auto select SSL/TLS method. Default: TLS v1.2 only.
-G <group> Set the group for centralized configuration
-I <IP> Set the agent IP address
-i Let the agent IP address be set by the manager connection
Hi, @BraulioV and @branchnetconsulting,
This issue is duplicated with #1452. Let us continue working on the mentioned one.
Thank you for your feedback.
Best regards.
Please close this issue. It has been resolved when issue #1452 was attended to and closed. Thanks for resolving the Windows agent-auth issue!
Most helpful comment
Yes, please let's get (and keep) the Windows agent-auth.exe program caught up to the same feature set as the Linux agent-auth program. I have clients with many Windows servers that want as much love as the Linux ones. 馃槃
I was recently excited to read about the new -G option that allows the agent group to be specified by agent-auth but it appears it would only work for me in half of my use cases as agent-auth.exe does not support it yet. I sure would like to be able to use that for our Windows mass deployments.