Edit Group Properties
2 min
from this menu, users can configure some parameters specific to that agent group parameters description log saving time on local (days) retention period for logs saved on the local machine log size (kb) d etermines when an agent sends the logs to kron pam by default, agent sends logs to kron pam when the logs reach 1024 kb parameters retrieve frequency (min) the frequency at which the agent retrieves configurations from kron pam by default, the agent checks the policies every 5 minutes message of the day l ogin message displayed to the users upon authenticating to the machine local users can log in if true, local users on the endpoint can log in to the device toggling off will disable local authentication by default, local user authentication is allowed also, an exception list can be defined on the system configuration management page (read more on this at the bottom of this section) local saving time on local (days) retention period for logs saved on the local machine device realm check when false, the user and device are do not have to be in the same device realm by default, device realm check is enabled record session (video record of the session) on the agent group, you can configure a video recording of sessions disabled by default do not display login options if this is enabled, the only credential provider will be kron windows agent; other credential providers will not be shown on the login screen disabled by default offline authentication and authorization (aa) disabled by default when enabled and a numeric value is entered for the duration (in days), end users can access the endpoint by entering an otp while the agent is offline otp elevation also works during this period update to update the agent remotely details at remote operations uninstall disabled by default when enabled, it prepares all agents within the configured group for bulk uninstallation this process removes security restrictions from the agent services, allowing the agent to be uninstalled easily in the system configuration management page, when you define local accounts with the parameter below, these local accounts can log in even if the local user can login parameter on the agent group is disabled win agent local account login exceptions = administrator, pamadmin, systemadmin the same system configuration parameter can receive multiple values at a time by separating the values with commas by default, there is no defined user type a device realm check is a kind of security enforcement lets users see and log in to endpoints on kron pam (or not, if they do not share a realm with the device in question) the same logic is implemented on the agent but from the agent's parameter (by default it is disabled) you need to define device realms for every user and device if you enable this check so, this brings some operational load on the system admin