Application Resilience policies for Dell Trusted Device Agent
You can activate an Application Resilience policy for Dell Trusted Device Agent to collect information about the functional status of Dell Trusted Device Agent installed on your Windows devices and view the results in reports. You can also configure the policy to attempt to reinstall the agent.
Application Resilience policies for Dell Trusted Device Agent are supported on devices running a supported version of the Windows operating system and the following version of the Dell Trusted Device Agent:
- 4.x or higher
If you select Report higher versions as Compliant, higher versions report Compliant without running health checks.
In addition to checking the version, the following table describes the health checks performed:
Component | Test performed | ||
---|---|---|---|
Services | Installed | Running | Signed by |
Dell Trusted Device Agent (Dell.TrustedDevice.Service.exe) |
P | P |
Dell Inc |
Drivers | Installed | Running | Signed by |
BIOS Verification Driver (DellBV.sys) |
P | n/a |
Dell Inc |
Dell Secure Event Log (dtdsel.sys) |
P |
You can configure an Application Resilience policy for Dell Trusted Device Agent to enable the Application Resilience (RAR) component A lightweight software component of the Secure Endpoint Agent that detects the status of third party applications installed on a device. The component may also attempt to repair the third party application if it is non-compliant. The RAR component is deployed on a device only when the device is associated with a customized policy group and that policy group's Application Resilience policy is activated. to attempt to repair Dell Trusted Device Agent if it's not functioning, or reinstall it if it's missing or can't be repaired.
NOTE Depending on the Absolute product licenses associated with your account, the Report and repair option, and the Report, repair, and reinstall option may not be available.
The RAR component of the Secure Endpoint Agent can respond to the following issues:
Issue |
Resolution |
---|---|
Repair | |
The Dell Trusted Device Agent (Dell.TrustedDevice.Service.exe) service isn't running | The RAR component restarts the service. |
The Dell Trusted Device Agent (Dell.TrustedDevice.Service.exe) service isn't installed and the service's executable can be detected on the device |
The RAR component reinstalls each missing service. |
Reinstall | |
The Dell Trusted Device Agent (Dell.TrustedDevice.Service.exe) service isn't installed and the service's executable cannot be detected on the device |
The RAR component downloads and installs the configured version of the agent. NOTE Downgrades are not supported. If the version installed on a device is higher than the expected version, no action is taken. The RAR component must uninstall Dell Trusted Device Agent, which requires a device restart, before reinstalling the configured version. The Secure Endpoint Agent doesn't force the device to restart, so a status of Not Compliant continues to show in the Application Resilience reports until the device user performs a restart and Dell Trusted Device Agent is reinstalled. You can review the report's Status details to determine if a restart is required. NOTE In some cases, the Dell Trusted Device Agent doesn't detect that the device has been restarted. In these cases, a second restart is required before the RAR component can reinstall Dell Trusted Device Agent. |
One or more of the following device drivers aren't installed:
|
|
Dell Trusted Device Agent failed to be repaired, or the expected version isn't installed |
If you want the Secure Endpoint Agent to reinstall the Dell Trusted Device Agent if it is non-functional or missing, you need to make its installer available for download. The installers are included in Trusted Device installer ZIP file. To make the installer available, you need to extract them from the ZIP file.
To prepare the installer:
- Copy the Trusted Device installer ZIP file (Trusted-Device-<version>.zip) from the installation media to your computer.
- Navigate to the location where you saved the ZIP file and extract the contents to the location you want to store the extracted contents.
The Win64R folder contains the 64-bit MSI installer. WinNtR contains the 32-bit MSI installer. The MSI files in these folders can now be uploaded to the Secure Endpoint Console or hosted on your own server.
NOTE If you host your own installers, make sure you provide the location of the MSI files, and not the location of the ZIP file or it's subfolders.
The RAR component looks for the following files names when checking pre-cached installers:
Component | File name |
---|---|
Installers | DellTrustedDeviceAgent.msi |
Before you activate an Application Resilience policy you need to configure the policy. In addition to the settings in Configuring Application Resilience policies, you need to configure the application version.
To configure the application version:
Under Dell Trusted Device Agent version, enter the version of Dell Trusted Device Agent you expect to be running on your devices.
- The target version must be a sequence of digits separated by a period.
- You can use wild card "*" characters after the major version, for example, 4.* or 4.5.*.
IMPORTANT Make sure the version you are entering is consistent with version 4.x or higher.
If you selected the Report, repair, and reinstall option, you also need to configure this setting in addition to the settings in Configuring Application Resilience policies.
To configure the Dell Trusted Device Agent additional setting:
- [Optional] Under Additional installation commands, enter the applicable installation command-line parameters to configure any settings not covered by the policy configuration. For more information on available parameters, see Dell's documentation.