13.1 Authentication Agent

IMPORTANT:The Authentication Agent policy is not available in Advanced Authentication as a Service (SaaS) version

In this policy, you can configure the Daemon host. The Daemon host is address of the server that contains a background service to manage connections and incoming requests from the Authentication Agent for Windows. This policy is not applicable for Authentication Agent for Web. The Daemon host is secured by default.

NOTE:For Advanced Authentication 6.3 SP4 and prior versions, to initiate an authentication process using the Authentication Agent for Windows, you must configure the Authentication Agent chain in the configuration file of the respective Clients.

For more information about how to configure the Authentication Agent in different Clients, see Linux Client, Mac Client, and Windows Client.

From Advanced Authentication 6.3 SP5, you must assign the required chains to the OOB UI Logon Event event.

To configure the Authentication Agent policy, perform the following steps:

  1. Specify the IP address of the Advanced Authentication server that manages requests from Authentication Agents in Daemon host. The loop-back address ( is set by default. The Loop-back address is self-address of a particular computer. With the loop-back address, a computer can transmit signals to itself to communicate and check network connectivity.

    For more information about how to configure DNS in the Authentication Agent to discover the daemon host, see Setting DNS for Server Discovery.

    NOTE:In a cluster, if there are multiple Advanced Authentication servers, you must specify the address of one server in Daemon host that can accept connections and manage requests from the Authentication Agents. The server stores these connection details in the memory and are not replicated. Therefore, in a cluster do not retain the default address ( in Daemon host.

  2. By default, Verify SSL is set to ON to secure the daemon host. Ensure that a valid SSL certificate is uploaded in Server Options tab of the Advanced Authentication server which is configured as daemon host.

  3. Click Save.