Approving or Disapproving Orchestrators

When orchestrators first appear in Keyfactor Command, they have a status of New. The orchestratorClosed Keyfactor orchestrators perform a variety of functions, including managing certificate stores and SSH key stores. cannot perform any jobs while it has this status. To approve an orchestrator, highlight the row in the orchestrator management grid and click Approve at the top of the grid or right-click the orchestrator in the grid and choose Approve from the right-click menu. Once you have approved a Keyfactor Universal OrchestratorClosed The Keyfactor Universal Orchestrator, one of Keyfactor's suite of orchestrators, is used to interact with Windows servers (a.k.a. IIS certificate stores) and FTP capable devices for certificate management, run SSL discovery and management tasks, and manage synchronization of certificate authorities in remote forests. With the addition of custom extensions, it can run custom jobs to provide certificate management capabilities on a variety of platforms and devices (e.g. F5 devices, NetScaler devices, Amazon Web Services (AWS) resources) and execute tasks outside the standard list of certificate management functions. It runs on either Windows or Linux., Windows OrchestratorClosed The Windows Orchestrator, one of Keyfactor's suite of orchestrators, is used to manage synchronization of certificate authorities in remote forests, run SSL discovery and management tasks, and interact with Windows servers as well as F5 devices, NetScaler devices, Amazon Web Services (AWS) resources, and FTP capable devices, for certificate management. In addition, the AnyAgent capability of the Windows Orchestrator allows it to be extended to create custom certificate store types and management capabilities regardless of source platform or location. or Java AgentClosed The Java Agent, one of Keyfactor's suite of orchestrators, is used to perform discovery of Java keystores and PEM certificate stores, to inventory discovered stores, and to push certificates out to stores as needed., you can schedule jobs for the orchestrator. Once you have approved an SSHClosed The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. Orchestrator, you can configure server groups and servers for that orchestrator and begin scanning servers. Once you have approved a Mac enroll agent, users can enroll for certificates from that Mac. Some orchestrators may be configured for auto-approval via auto-registration (see Orchestrator Auto-Registration).

To disapprove an orchestrator, highlight the row in the orchestrator management grid and click Disapprove at the top of the grid or right-click the orchestrator in the grid and choose Disapprove from the right-click menu. When an orchestrator is disapproved, operations with Keyfactor Command can no longer be carried out by this orchestrator.