Fixed Support Center Header - Freshdesk Template
Update: Security Update Available for AD Agent 3.1.1 - Secret Double Octopus
?

Update: Security Update Available for AD Agent 3.1.1

Modified on Tue, 19 May at 8:54 PM

Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Update: Security Update Available for AD Agent 3.1.1

            Updated upgrade guidance for customers running the Remote AD Agent

            Update to previous advisory

            Following our previous communication regarding the Remote AD Agent security update, we would like to provide updated guidance. Customers are no longer required to uninstall and reinstall the Remote AD Agent. The upgrade process is now supported directly with AD Agent 3.1.1.

            Dear Customer,

            As previously communicated, the Remote AD Agent security update includes important hardening for the way the API client secret is protected on the agent host. The update replaces the previous plaintext storage mechanism with an encrypted, machine-bound secret protection model.

            We recommend that all customers running the Remote AD Agent upgrade to AD Agent 3.1.1.

            Remote AD Agent is used mainly for SaaS customers, but may also be used in some on-premises installations.

            AD Agent 3.1.1 availability

            The AD Agent 3.1.1 installer is available directly from the Management Console in the customer tenant. Customers should log in to their tenant Management Console and download the latest Remote AD Agent installer from there.

            Updated upgrade procedure

            The upgrade from an earlier AD Agent version to AD Agent 3.1.1 can now be performed as a standard upgrade. There is no need to delete the existing agent, create a new agent, or reassign the replica.

            1. Log in to the customer tenant Management Console.
            2. Download the latest AD Agent 3.1.1 installer from the Management Console.
            3. Run the installer on the existing Remote AD Agent host.
            4. Complete the upgrade wizard with the required UAC elevation.
            5. Confirm that the Remote AD Agent service is running successfully after the upgrade.
            6. Validate connectivity from the Management Console and confirm that the relevant replica continues to use the upgraded agent.

            Important notes

            • The agent service must run as LocalSystem or as an account that is a member of the local Administrators group on the host.
            • Non-administrative service accounts, including group Managed Service Accounts, are now supported.
            • A TPM reset, host re-image, or hardware replacement may invalidate the encrypted client secret. If this occurs, recovery can be completed by re-running the wizard on the host.
            • No server-side configuration change is required.

            Support and assistance

            Our support team is happy to schedule an upgrade window with you or walk through the upgrade process.

            For any questions, please contact us at support@doubleoctopus.com.

            ?️ Print

            Articles in this folder -

            You may like to read -

            Footer - Secret Double Octopus