- Controller account authentication
- Proxy server authentication
For environments where security policies require you to secure credentials stored on disk, you can run an unattended installation that encrypts the credentials for the .NET Agent and writes them to the Windows Credential Manager.
Storing credentials for the .NET Agent using the Windows Credential Manager updates the
config.xml file to use a schema which the AppDynamics Agent Configuration utility does not support. If you follow these instructions, then you cannot use the configuration utility to make configuration changes afterward. If you launch the configuration utility on a server where you have stored credentials in the Windows Credential Manager, the utility prompts you to delete the configurations.
- You must run the
AppDynamics.Agent.Coordinatorservice as the
- To modify credentials after installation, you need Windows Sysinternals.
Setup Configuration File
You must generate a setup configuration file to run an unattended installation. See 'Setup Configuration File Properties' on Unattended Installation for .NET.
For new installations, use one of these methods to create the setup configuration file:
Run the AppDynamics Agent Configuration utility from the command line and pass the
-sparameter to specify the setup configuration file destination. For this option, you must execute the .NET Agent MSI installer package on one machine before running the configuration utility.
- Manually create a setup configuration file from a sample template.
Remove any plain-text authentication elements from the setup configuration file. You pass the credentials as part of the unattended installation command:
- Controller Account element:
<account name="myaccount" password="myaccesskey"/>
Proxy Authentication element: If you are using a proxy authentication, use this format in the setup configuration file.
<proxy host="myproxy.example.com" port="3128" enabled="true"> <authentication enabled="true" domain="mydomain.com"/> </proxy>
If your upgrade meets the criteria for an in-place upgrade on Upgrade the .NET Agent for Windows, you can encrypt the credentials for the .NET Agent and upgrade the agent at the same time.
Copy the AppDynamics Agent element from your existing
config.xml file to the setup configuration file. Remove any plain-text authentication elements from the setup configuration file. You pass the credentials as part of the unattended installation command:
- Controller Account element:
<account name="mycontroller.saas.appdynamics.com" password="myaccesskey"/>
- Proxy Authentication element:
<authentication enabled="true" user_name="my_proxy_user" password="password" domain="my_windows_domain"/>
Sample Setup Configuration File
This example shows a setup configuration file that instruments: two IIS Applications,
SampleHTTPService; a Windows service,
BasicWindowsService; and a standalone application, MyStandaloneApp.exe.
Install from the Command Line
To install the .NET Agent from the command line:
- Download the .NET Agent MSI Installer Package from the AppDynamics Download Center.
Launch an elevated command prompt with full administrator privileges. See Start a Command Prompt as an Administrator.
Logging on to Windows as a member of the Administrators group does not grant sufficient permissions to run the installer.
Stop IIS and, if you are upgrading, stop instrumented Windows services and Standalone applications.
Run this command to install the agent with encrypted credentials. See command line options for descriptions.
The MSI installer package installs the .NET Agent and encrypts the credentials and writes them to the Windows Credential Store. It adds the Controller secure attribute to the Controller element in the
config.xmlfile and sets the value to
Start IIS. Restart or start instrumented Windows services and standalone applications.
Update Credentials in the Windows Credential Manager
The .NET Agent includes a Credentials Tool for you to modify credentials stored in the Windows Credential Manager. To change credentials under the Local System account, you need to use PsExec to launch the command prompt.
- If you have not already, download and install Windows Sysinternals.
PsExecto launch a command prompt as the Local System account.
Run the Credentials Tool and pass the updated credentials.
Command Line Options
AD_SECURED_CREDENTIALS: Set to
trueto encrypt credentials to the Windows Credential Store and configure the agent to use the encrypted credentials.
AD_CONTROLLER_ACCOUNT_NAME: The account name for the SaaS or multi-tenant Controller.
AD_CONTROLLER_ACCOUNT_ACCESS_KEY: The account access key for the SaaS or multi-tenant Controller.
AD_PROXY_USERNAME: The proxy server user account.
AD_PROXY_PASSWORD: The password for the proxy server user account.