Agent Reference Guide
...
Agent Policy Group Configurati...
Edit Group Properties
2 min
the user can configure some parameters specific to that agent group from this menu parameters description log saving time on local (days) retention period for logs saved on the local machine log size (kb) this size determines when an agent sends the log to the kron pam by default, when a log reaches 1024 kb agent sends it to the kron pam parameters retrieve frequency (min) this is the frequency at which the agent retrieves configurations from kron pam by default, the agent gets the police every 5 minutes message of the day the login message is displayed to the users upon authenticating to the machine local user can log in by toggling this option, local users in the endpoint can log in to the device toggling off will disable local authentication by default, local user authentication is allowed also, an exception list can be defined on the system configuration management page mentioned a few steps ahead local saving time on local (days) retention period for logs saved on the local machine device realm check when this parameter is disabled, the user and device are not mandatory to be in the same device realm by default, device realm check is enabled record session (video record of the session) on the agent group, you can configure a video recording of the session the default value is disabled do not display login options if this is enabled, only the credential provider will be kron windows agent; other credential providers will not be shown on the login screen the default value is disabled in the system configuration management page, when you define local accounts with the parameters below, these local accounts can log in when you disable the local user can log in parameter on the agent group, others cannot the same parameter can receive multiple values at a time by separating commas by default, there is no defined user win agent local account login exceptions = administrator, pamadmin, systemadmin a device realm check is a kind of security enforcement for users to see and log into endpoints on kron pam the same logic is implemented on the agent but from the agent's parameter (if we enable this parameter(by default it is enabled) you need to define device realms for every user and the device so, this brings some operational load on the system admin hence you are no longer able to do it more easily