During your initial configuration of Advanced Phishing Defense, you configure a service account in Exchange to allow API calls for enforcement. From time to time you may choose to update this password. The process is the same for both Exchange on-premises and Office 365, however, you will need supports assistance with O365.
Exchange On-Premises
For any version of Exchange on-prem, the process is to SSH to the sensor, disable enforcement, restart the sensor process, and then re-enable enforcement. You should do this one sensor at a time.
SSH to your sensor
/opt/agari/bin/agari-ep enforcement-disable
/opt/agari/bin/agari-ep restart
/opt/agari/bin/agari-ep enforcement-enable
At this point, it will ask you for the credentials of the service account. Once provided the sensor should be using the new creds.
Office 365
The process is actually the same as above, however for O365 customers with hosted sensors you do not have SSH access. Please create a support request for disabling enforcement. Once disabled, in the UI there will be an Orange button in the top right under Manage > Sensors. This will send you to an Azure SSO page where you should insert your new creds.
Comments
0 comments
Please sign in to leave a comment.