pederl asked a question.
The tag is not in the configuration file so I guss you need to add it your self. But how do you add multiple sites to the list?
Br Peder
I have never used it, but there is an example on page 32 of the User Guide that covers multiple sites.
I think, the most challenging step will be to get the thumbprint from the certificates' properties.
Hi Peder,
Yes I do use it to block sites.
Here is an extract from a working snowserver.config with comments. I have changed the sitename and thumbprints.
<Server>
<SiteNameAuthenticationList>
<!-- In this example, two thumbprints are specified for site SITE_WE_VALIDATE while no thumbprint is specified for the BLOCKEDSITES. Site THEGOODSITE is not specified so it will just work. -->
<SiteName name="SITE_WE_VALIDATE">
<Thumbprint>9C85010679CF10F8F04895914835BA06A4FB61435</Thumbprint>
<Thumbprint>156CE5D2A979267199550AF49A77DAA6BAF6D234</Thumbprint>
</SiteName>
<SiteName name="BLOCKEDSITE1" />
<SiteName name="BLOCKEDSITE2" />
<SiteName name="BLOCKEDSITE3" />
<SiteName name="BLOCKEDSITE4" />
</SiteNameAuthenticationList>
<!-- The result of this configuration would be: -->
<!-- *.snowpack files that have site name SITE_WE_VALIDATE will only be processed if they have a thumbprint that matches -->
<!-- *.snowpack files that have site name BLOCKEDSITE1 will be blocked -->
<!-- *.snowpack files that have site name BLOCKEDSITE2 will be blocked -->
<!-- *.snowpack files that have site name BLOCKEDSITE3 will be blocked -->
<!-- *.snowpack files with site name THEGOODSITE will be processed because it is not specificied -->
<!-- *.inv files from all sites will NOT be blocked as Snow does not support this for old agents -->
</Server>
Hope this helps
Tom
Hi Tom,
could you please list the steps you took on Agent site for that? Especially if there are changes to the configuration to enable the agent to send the thumbprint?
Thx and best regards
Sebastian
Hi Sebastian,
I did not have to make any changes to the agents. This change is only required in the snowserver.config
In my case I was using this feature to block Sites or customers who no longer should have access to our Snow Partner Edition (SPE) tenant.
We have some ex-customers who still have very old agents out there that are trying to upload inventory every day.
I don't actually have approval to remotely update these machines so I am just blocking them this way.
Tom
Hi Peder,
Yes I do use it to block sites.
Here is an extract from a working snowserver.config with comments. I have changed the sitename and thumbprints.
<Server>
<SiteNameAuthenticationList>
<!-- In this example, two thumbprints are specified for site SITE_WE_VALIDATE while no thumbprint is specified for the BLOCKEDSITES. Site THEGOODSITE is not specified so it will just work. -->
<SiteName name="SITE_WE_VALIDATE">
<Thumbprint>9C85010679CF10F8F04895914835BA06A4FB61435</Thumbprint>
<Thumbprint>156CE5D2A979267199550AF49A77DAA6BAF6D234</Thumbprint>
</SiteName>
<SiteName name="BLOCKEDSITE1" />
<SiteName name="BLOCKEDSITE2" />
<SiteName name="BLOCKEDSITE3" />
<SiteName name="BLOCKEDSITE4" />
</SiteNameAuthenticationList>
<!-- The result of this configuration would be: -->
<!-- *.snowpack files that have site name SITE_WE_VALIDATE will only be processed if they have a thumbprint that matches -->
<!-- *.snowpack files that have site name BLOCKEDSITE1 will be blocked -->
<!-- *.snowpack files that have site name BLOCKEDSITE2 will be blocked -->
<!-- *.snowpack files that have site name BLOCKEDSITE3 will be blocked -->
<!-- *.snowpack files with site name THEGOODSITE will be processed because it is not specificied -->
<!-- *.inv files from all sites will NOT be blocked as Snow does not support this for old agents -->
</Server>
Hope this helps
Tom