PEDM Agent Commands

This page gives information of commands related to perform operations related to PEDM agents

Overview

This section covers all the Keeper Commander commands for managing PEDM agents. Agents are installed on endpoints and communicate with the PEDM system to enforce privilege elevation policies. These commands allow administrators to view agent status, modify agent settings, and manage resource collections associated with agents.

This section supports the following commands:

Usage

pedm agent command [--options] OR pedm a command [--options]

Alias: a

Agent List Command

View all registered PEDM agents with their details including agent UID, machine name, deployment assignment, status, and creation date. Provides an overview of all endpoints with installed PEDM agents.

DotNet CLI

Command: Coming Soon

DotNet SDK

Function: Coming Soon

Power Commander

Command: Coming Soon

Python CLI

Command: pedm agent list

Aliases: pedm a l, pedm a list

Flags:

Flag
Description

-v, --verbose

Print verbose information including active status and properties

--format

Output format - json, csv, or table

--output

Save output to specified file

Example:

My Vault> pedm agent list

Agent UID: agent_abc123
Machine Name: SERVER-001
Deployment: Production
Disabled: False
Created: 2024-10-20
Python SDK

Function: 

from keepersdk.plugins.pedm import admin_plugin

plugin = admin_plugin.PedmPlugin(enterprise_loader)
agent_list = plugin.agents.get_all_entities()

Agent Edit Command

Modify PEDM agent configuration including enabling/disabling agents or moving them between deployments. This command allows administrators to update agent settings without reinstalling the agent on the endpoint.

DotNet CLI

Command: Coming Soon

DotNet SDK

Function: Coming Soon

Power Commander

Command: Coming Soon

Python CLI

Command: pedm agent edit <agent> [agent...]

Aliases: pedm a e, pedm a edit

Flags:

Flag
Description

--enable

Enable or disable agents (choices: on, off)

--deployment

Move agent to specified deployment UID

agent

Agent UID (required, can specify multiple)

Example:

My Vault> pedm agent edit agent_abc123 --enable on --deployment prod_deploy_123

Agent updated successfully
Python SDK

Function: 

from keepersdk.plugins.pedm import admin_plugin

plugin = admin_plugin.PedmPlugin(enterprise_loader)

agent_id = 'agent name or uid'
deployment_id = 'deployment name or id'
deployment = plugin.deployments.get_entity(deployment_id)

agent = plugin.agents.get_entity(agent_id)

update_agents: List[admin_types.UpdateAgent] = []
update_agents.append(admin_types.UpdateAgent(
                    agent_uid=agent.agent_uid,
                    deployment_uid=deployment.deployment_uid,
                    disabled=disabled,
                ))
                
response = plugin.modify_agents(update_agents=update_agents)

Agent Delete Command

Remove one or more PEDM agents from the system. This command permanently deletes agent registrations from the PEDM management system but does not uninstall the agent software from endpoints.

DotNet CLI

Command: Coming Soon

DotNet SDK

Function: Coming Soon

Power Commander

Command: Coming Soon

Python CLI

Command: pedm agent delete <agent> [agent...]

Aliases: pedm a delete

Flags:

Flag
Description

--force

Do not prompt for confirmation

agent

Agent UID (required, can specify multiple)

Example:

My Vault> pedm agent delete agent_old123 --force

Agent deleted successfully
Python SDK

Function: 

from keepersdk.plugins.pedm import admin_plugin

plugin = admin_plugin.PedmPlugin(enterprise_loader)

agent_id = 'agent name or uid'
agent = plugin.agents.get_entity(agent_id)

response = plugin.modify_agents( remove_agents=[agent.agent_uid])

Agent Collection Command

View resource collections associated with a specific agent. This command displays all resource types (OS builds, applications, user accounts, etc.) that have been discovered and registered for the agent.

DotNet CLI

Command: Coming Soon

DotNet SDK

Function: Coming Soon

Power Commander

Command: Coming Soon

Python CLI

Command: pedm agent collection <agent>

Aliases: pedm a c, pedm a collection

Flags:

Flag
Description

-v, --verbose

Print verbose information including collection values

--type

Filter by collection type (integer)

--format

Output format - json, csv, or table

--output

Save output to specified file

agent

Agent UID (required)

Example:

My Vault> pedm agent collection agent_abc123

Collection Type: OS_BUILD (1)
Count: 3

Collection Type: APPLICATION (2)
Count: 12
Python SDK

Function: 

from keepersdk.plugins.pedm import admin_plugin

plugin = admin_plugin.PedmPlugin(enterprise_loader)

agent_id = 'agent name or uid'
agent = plugin.agents.get_entity(agent_id)

resource_uids = {x.collection_uid for x in plugin.storage.collection_links.get_links_by_object(agent.agent_uid)}
collections = [plugin.collections.get_entity(x) or x for x in resource_uids]
PreviousPEDM Deployment CommandsNextPEDM Policy Commands

Last updated

Was this helpful?