- Controller account authentication
- proxy server authentication
For environments where security policies require you to secure credentials stored on disk, you can run an unattended installation that encrypts the credentials for the .NET Agent and writes them to the Windows Credential Manager.
Storing credentials for the .NET Agent using the Windows Credential Manager updates the
config.xml file to use a schema the AppDynamics Agent Configuration utility doesn't currently support.
If you follow these instructions, you can't use the configuration utility to make configuration changes afterward. If you launch the configuration utility on a server where you have stored credentials in the Windows Credential Manager, the utility will prompt you to delete the configurations.
- You run the
AppDynamics.Agent.Coordinatorservice as the
- To modify credentials after you install, you need Windows Sysinternals.
Setup Configuration File
You must generate a setup configuration file in order to run an unattended installation. For a detailed description, see 'Setup Configuration File Properties' on Unattended Installation for .NET.
For new installations, use one of the following methods to create the setup configuration file:
Run the AppDynamics Agent Configuration utility from the command line and pass the
-sparameter to specify the setup configuration file destination. For this options, you must execute the .NET Agent MSI installer package on one machine before running the configuration utility.
- Manually create a setup configuration file from a sample template.
Remove any plain-text authentication elements from the setup configuration file. You pass the credentials as part of the unattended installation command:
- Controller Account element:
<account name="myaccount" password="myaccesskey"/>
Proxy Authentication element: If you are using a proxy authentication, use the following format in the setup configuration file.
<proxy host="myproxy.example.com" port="3128" enabled="true"> <authentication enabled="true" domain="mydomain.com"/> </proxy>
If your upgrade meets the criteria for an in-place upgrade on Upgrade the .NET Agent for Windows, you can encrypt the credentials for the .NET Agent and upgrade the agent at the same time.
Copy the AppDynamics Agent element from your existing
config.xml file to the setup configuration file. Remove any plain-text authentication elements from the setup configuration file. You pass the credentials as part of the unattended installation command:
- Controller Account element:
<account name="mycontroller.saas.appdynamics.com" password="myaccesskey"/>
- Proxy Authentication element:
<authentication enabled="true" user_name="my_proxy_user" password="password" domain="my_windows_domain"/>
Sample Setup Configuration File
The following example shows a setup configuration file that instruments: two IIS Applications,
SampleHTTPService; a Windows service,
BasicWindowsService; and a standalone application, MyStandaloneApp.exe.
Install from the Command Line
To install the .NET Agent from the command line:
- Download the .NET Agent MSI Installer Package from the AppDynamics Download Center.
Launch an elevated command prompt with full administrator privileges. See Start a Command Prompt as an Administrator.
Logging on to Windows as a member of the Administrators group does not grant sufficient permissions to run the installer.
Stop IIS and, if you're upgrading, stop instrumented Windows services and Standalone applications.
Run the following command to install the agent with encrypted credentials. See below for a description of command line options.
The MSI installer package installs the .NET Agent and encrypts the credentials and writes them to the Windows Credential Store. It adds the Controller secure attribute to the Controller element in the
config.xmlfile and sets the value to
Start IIS. Restart or start instrumented Windows services and standalone applications.
Update Credentials in the Windows Credential Manager
The .NET Agent includes a Credentials Tool so you cam modify credentials stored in the Windows Credential Manager. To change credentials under the Local System account, you need to use PsExec to launch the command prompt.
- If you have not already, download and install Windows Sysinternals.
PsExecto launch a command prompt as the Local System account.
Run the Credentials Tool and pass the updated credentials.
Command Line Options
AD_SECURED_CREDENTIALS: Set to
trueto encrypt credentials to the Windows Credential Store and configure the agent to use the encrypted credentials.
AD_CONTROLLER_ACCOUNT_NAME: The account name for the SaaS or multi-tenant Controller.
AD_CONTROLLER_ACCOUNT_ACCESS_KEY: The account access key for the SaaS or multi-tenant Controller.
AD_PROXY_USERNAME: The proxy server user account.
AD_PROXY_PASSWORD: The password for the proxy server user account.