Skip to content
English
  • There are no suggestions because the search field is empty.

Moving Linux-Hosted ZeroLock® Agents between ZeroLock® Management Consoles

How to re-associate a ZeroLock Agent with a new ZeroLock® Management Console.

    Moving a ZeroLock Agent (ZA) from one ZeroLock Management Console (ZMC) to another requires only that both ZMCs have network connectivity to the ZA and that the Agent be version 2.0.8 or later.


    Re-associate the ZeroLock Agent with the new ZMC

    The first step is to stop the ZA that you want to move to another ZMC.  If the Lockdown Rule, “Anti-Tampering,” is enabled, it must be disabled for the service to be stopped.

    Stopping the ZeroLock service is done by opening an SSH session to the target ZA and running the command:

    sudo systemctl stop zerolock.service

    Image_1_Stop zerolock service

    To verify that the service is stopped, open another SSH session to the agent and enter the command:

    sudo systemctl status zerolock.service
    Image_2_Inactive status

     

    At this point, the new Collector IP address and token must be entered.  The IP address is the destination ZMC.  In this example, the IP address is 10.0.0.5.  The token may be found on the Deploy homepage of that ZMC.

    Image_3_Target Deploy Page Token

     

    When the ZeroLock service stops, the SSH session is terminated, so you must open another session to the agent.  From the Deploy homepage, copy the new token (see above).

    Once this has been done, enter the following commands to update the ZA with the new settings.

    sudo /usr/bin/zerolock-tyr -update -host <server2-collector> -token <server-2-token>

    Restart the ZeroLock service with:

    sudo systemctl start zerolock.service

    Image_4_Update and Start commands


    Verify Agent

    There are two (2) methods to verify if a ZeroLock Agent is active.

    1. The first is to run the ‘status’ command on the agent as we did earlier.
      Image_5_Status_Active

    2. The second method is to look at the Endpoint homepage of the destination ZeroLock Management Console.  The moved endpoint should be added, and a green indicator in the STATUS column reflects a successful ZeroLock Agent installation.
      Image_7_Endpoints Shows Active

    Key Commands:

    stop service

    sudo systemctl stop zerolock.service

    update server info

    sudo /usr/bin/zerolock-tyr -update -host <server2-collector> -token <server-2-token>

    start service

    sudo systemctl start zerolock.service

    service status

    sudo systemctl status zerolock.service