Moveworks Agent Reconfiguration Guide

This guide describes the steps to reconfigure on-premises Moveworks Agent deployments for customers without needing to reinstall it from scratch. Whether you're updating credentials, LDAP details, or REST/Proxy configs, this guide enables you to apply configuration changes with precision.

📘

These Reconfiguration Enhancements have been introduced as part of Agent Version 2.10.4

Please upgrade your agent to the updated version to leverage this guide.

Prerequisites

  • Ensure that the Moveworks Agent is already installed and running on your on-prem network.
  • You must have access to the setup_agent.sh script in the Docker/Podman container where the agent is deployed.
  • Refer to the Moveworks Agent Installation Guide if you need to deploy a new Agent.

How To Initiate the Agent Reconfiguration Process

Via setup_agent.sh Script

You can use the --reconfigure flag to kick off the process :

  • Log into the VM or Host where the Agent Container is running. You should find the setup_agent.sh in the moveworks_agent folder
  • Using the --reconfigure flag you can initiate the process
./setup_agent.sh -r
# or
./setup_agent.sh --reconfigure

You can also use the Interactive Setup Wizard

  • This utilises the same script but allows you to check the existing config.
./setup_agent.sh --docker
...
Configuration file found. Do you want to set a new configuration? [y/n]: n
Do you want to edit the existing config file? [y/n]: y
...
Starting bond configurator with --reconfigure

Configurations which can be Modified via Reconfiguration

🔐 Secrets Provider

  • ✅ Modify values of the existing configured provider (AWS or Azure Secrets Manager). This can only be done if you have an existing provider.
  • ❌ You cannot switch providers or add a new one as part of reconfiguration if not originally configured.

🛠 Agent Config Fields

Editable Fields:

  • auth_url
  • config_url
  • access_key
  • moveworks_access_secret
  • path_to_cert
  • proxy_url

📘 LDAP Configuration

Single Host Mode

Reconfiguration options:

  • ✏️ Edit existing host configuration
  • 🔄 Switch to Forest Mode (optionally retain existing LDAP client config)

Forest Mode

Reconfiguration options:

  • ➕ Add LDAP host
  • ✏️ Edit existing host configs
  • 🗑 Remove LDAP hosts

Clients are referenced by domain name in Forest Mode. Editable Fields:

  • host
  • port
  • domain
  • service_user
  • ldap_service_password
  • use_ssl
  • use_starttls
  • path_to_cert

🌐 REST Configs

➕ Add, ✏️ Edit, or 🗑 Remove REST configs. They are Referenced by service name. Editable Fields:

  • service
  • header_decorators (add only)
  • body_decorators (add only)
  • url_decorators (add only)
  • do_not_use_rest_proxy
  • ca_cert_path
  • max_response_size
  • use_ntlmv2

🔌 Proxy Configs

➕ Add, ✏️ Edit, or 🗑 Remove Proxy entries. Each config is tied to a service. Editable Fields:

  • proxy_url
  • port

⚠️ Saving and Persisting Configurations

  • Changes are held in memory until you select [6] Save & Exit in the prompt
  • Exiting the reconfiguration mid-way will discard any saved or unsaved edits.
  • Configuration updates are written to agent_config.yml only when saved.

For questions or issues, Please reach out to your Moveworks Support Team.