Related Articles
 

Agent Installation

Installing agents is the first step to manage servers and computers. Agents can be installed manually or automatically. Installing agents manually on all the computers should be a tiring task, so you can automate the entire agent installation process in bulk. The different methods with which you can perform the agent installation is explained below.

Installing the Distribution Server

You can install the Distribution Server by following the steps mentioned below:

1. Log in to the web console and navigate to the Agent tab.

2. Choose Remote Offices under Scope of Management on the left tab.

3. Select a Remote Office and click on Download Distribution Server under Download Agent . This should be done on the computer, where the Distribution Server needs to be installed.

Download Distribution Server

4. Follow the installation instructions and the Distribution Server will be downloaded.

Installing the Distribution Server and Agents

1. Log in to the web console and navigate to the Agent tab.

2. Choose Agent installation under Scope of Management on the left tab.

3. Navigate to Other methods and choose the Download option under Command Line tab.

Agent Installation

4. From the downloaded zip file, extract these 3 files and paste them in a shared path, which is accessible by all the computers. (Files to be extracted: i) PatchManagerPlusAgent.msi ii) PatchManagerPlusAgent.mst iii) DCAgentServerInfo.json)

5. From the extracted location, Compress the following files using 7-zip

  • a) PatchManagerPlusAgent.msi
  • b) PatchManagerPlusAgent.mst
  • c) DCAgentServerInfo.json
  • d) Setup.bat
  • 5. Once the download/installation is completed, you can right-click setup.bat and run as administrator to execute it.

    execute setup.bat

    6. You will be prompted to choose the below-listed options on the command prompt

    1. Install Distribution Server in the computer
    2. Install Agent in this computer
    3. Install Distribution Server in this computer and agents in multiple computers
    4. Install Agents in multiple computers
    5. You should add computer names or IP address in the computernames.txt file and keep them ready for agent installation.

      The admin$\Temp folder of the target machine must be reachable from the computer that we are trying to deploy the agent.

      7. You can choose option 3

      command prompt

      8. Providing the administrator credentials will invoke agent installations on all the target computers.

      If you have already downloaded the Distribution Server, then at step 6 in the command prompt choose option 4.

      9. The agents will be installed in the target computers, but in case you have enabled "Waiting for Approval" then, the further communication with the server occurs only if these target computers are approved from the Waiting for Approval tab that is present at Agent -> Computers -> Waiting for Approval.

      Waiting for approval

      Note:

      • a) The Waiting for Approval feature is provided to enhance security and prevent the misuse of the product without Admin's knowledge. At this stage the target computer in which the agent is installed can also be declined by the Admin, thereby preventing further communication with the server.
      • b) If you Add Computers through the Managed Computers tab, and then install agents in these computers, the systems don't fall under the 'Waiting for Approval' tab.
      • Read this document to know more on "Waiting for Approval".
Roaming Agent Installation

You can install the Roaming Agents by following the steps mentioned below:

1. Log into web console and navigate to Agent tab.

2. Choose Remote Offices under Scope of Management on the left tab.

3. Select a Roaming agent and click Download WAN Agent under Download Agent.

For roaming agents, only the Download WAN agent option will be available.

4. Follow the on-screen installation instructions to complete the installation.

5. The agents will be installed in the target computers, but in case you have enabled "Waiting for Approval" further communication with the server occurs only if these target computers are approved from the Waiting for Approval tab that is present at Agent -> Computers -> Waiting for Approval.

Waiting for approval

Note:

  • a) The Waiting for Approval feature is provided to enhance security and prevent the misuse of the product without Admin's knowledge. At this stage the target computer in which the agent is installed can also be declined by the Admin, thereby preventing further communication with the server.
  • b) If you Add Computers through the Managed Computers tab, and then install agents in these computers, the systems don't fall under the 'Waiting for Approval' tab.
  • Read this document to know more on "Waiting for Approval".

Now you've successfully installed roaming agents on your target computers.

Agent Installation using GPO script

1. Download the Agent Zip file, extract it, and follow the steps given below:

  • a) Click the Admin tab.
  • b) In the Som Settings section, click Scope of Management.
  • c) Click Download Agent.
  • d) Select the required office.
  • Note: This can be a local office or a remote office depending on which computers you want to install agents in.

       2. Save the .msi, .mst &DCAgentServerInfo.json file in the network share that you've created.

       3. Click Start>Run.

       4. Enter gpmc.msc.

       5. Click OK.

       6. Right-click the domain and select Create and Link a GPO here.

       7. Specify a name for the GPO.

       8. Select the GPO.

       9. Note: If you want to install the agent on only a few client computers, follow the steps given below. To install the agent in all your client computers skip these steps.

  • a) Click the Scope tab.
  • b) In the Security Filtering section, click Add.
  • c) In the Select User, Computer, or Group dialog box, click Object Types.
  • d) Specify specific computer object types.
  • e) Click OK.
  • f) Specify the computer names.
  • g) Click Check Names.
  • h) Click OK.

     10. Right-click the GPO and click Edit.

     11. Expand Computer Configuration>Policies>Windows Settings>Scripts.

     12. Right-click Startup and click Properties.

     13. Click Show Files.

     14. Drag and drop the InstallAgent.vbs(download the .txt file and rename it as .vbs) PatchManagerPlusAgent.msi PatchManagerPlusAgent.mst DCAgentServerInfo.json to this location and Copy the location(Domain name\Sys Vol\Domain name\Policies\{ID}\Machine\Scripts\Startup) and close.

     15. In the Startup Properties dialog box, click Add.

     16. Browse and navigate to the location (Domain name\Sys Vol\Domain name\Policies\{ID}\Machine\Scripts\Startup) and select the InstallAgent.vbs script or specify the path (copied location) and the script as mentioned below: (Domain name\Sys Vol\Domain name\Policies\{ID}\Machine\Scripts\Startup)\InstallAgent.vbs.

     17. Specify the script parameters as mentioned below: PatchManagerPlusAgent.msi PatchManagerPlusAgent.mst.

     18. Click OK to close the Add a Script dialog box.

     19. Click OK to close the Startup Properties dialog box.

     20. Close the Group Policy Object Editor.

     21. Close the Group Policy Management dialog box.

     22. The agents will be installed in the target computers, but in case you have enabled "Waiting for Approval" then, the further communication with the server occurs only if these target computers are approved from the Waiting for Approval tab that is present at Agent -> Computers -> Waiting for Approval.

Waiting for approval

Note:

  • a) The Waiting for Approval feature is provided to enhance security and prevent the misuse of the product without Admin's knowledge. At this stage the target computer in which the agent is installed can also be declined by the Admin, thereby preventing further communication with the server.
  • b) If you Add Computers through the Managed Computers tab, and then install agents in these computers, the systems don't fall under the 'Waiting for Approval' tab.
  • Read this document to know more on "Waiting for Approval".

You've now installed an agent in client computers using GPO.

Agent Installation the agents using local AD

You can install agents using local AD by following the steps mentioned below:

Note: Distribution Server must be added and installed manually before proceeding with agent installation. To install Distribution Server manually, refer to Installing the Distribution Server and the agents.

1. Agent -> Computers -> Add Computers button. Select a AD connector and add a domain/workgroup.

2. Click the Select Computers link pertaining to a domain/workgroup. This opens the Select Computers dialog listing all the available computers of the domain/workgroup.

3. Select the computers that have to be managed through Patch Manager Plus Cloud and click Ok. You can also manually specify the computer names instead of choosing them from the list. The selected computers get added to the Selected Computers table in the Add Computers view.

4. Repeat steps 2 and 3 for adding computers from multiple domains/workgroups. Select the "Install Agent Immediately" checkbox to install the Patch Manager Plus agents in the selected computers immediately. When this option is not selected, the computers are only added. You need to install the agents later to manage them.

5. Click done to add the selected computers. All the selected computers get added to the Scope of Management.

The Computers page will list all the computers that are being managed by the Cloud along with the status of the agent installation and the agent version. Agents can also be installed at a later stage, by selecting the computers from Agent -> Computers page and clicking the Install Agent button.

Note: Roaming agents cannot be pushed and installed through the AD.

 

Agent Installation using SCCM

You can install agents using SCCM by following the steps mentioned below:

1. Go to Agent -> Agent installation -> Other Methods and click Download option under SCCM.

2. From the downloaded zip file, extract these 3 files and paste them in a shared path, which is accessible by all the computers. (Files to be extracted: i) PatchManagerPlusAgent.msi ii) PatchManagerPlusAgent.mst iii) DCAgentServerInfo.json)

3. Change the shared path location as mentioned in the batch file.

4. Create an SCCM package with this script.

5. Deploy the package.

6. The agents will be installed in the target computers, but in case you have enabled "Waiting for Approval" then, the further communication with the server occurs only if these target computers are approved from the Waiting for Approval tab that is present at Agent -> Computers -> Waiting for Approval.

Waiting for approval

Note:

a) The Waiting for Approval feature is provided to enhance security and prevent the misuse of the product without Admin's knowledge. At this stage the target computer in which the agent is installed can also be declined by the Admin, thereby preventing further communication with the server.

b) If you Add Computers through the Managed Computers tab, and then install agents in these computers, the systems don't fall under the 'Waiting for Approval' tab.

Read this document to know more on "Waiting for Approval".

Agent Installation using Microsoft Intune

You can install agents using Microsoft Intune by following the steps mentioned below:

1. Go to Agent -> Agent installation -> Other Methods and click Downloadunder the Command Line tab.

2. From the downloaded zip file, extract these 3 files and paste them in a shared path, which is accessible by all the computers. (Files to be extracted: i) PatchManagerPlusAgent.msi ii) PatchManagerPlusAgent.mst iii) DCAgentServerInfo.json)

3. From the extracted location, Compress the following files using 7-zip

  • a) PatchManagerPlusAgent.msi
  • b) PatchManagerPlusAgent.mst
  • c) DCAgentServerInfo.json
  • d) Setup.bat (NOTE : Download the Setup.bat file from the following link and use that file while compressing).

4. Name this compressed file as patchmanagerplusagent.7z.

 
  • When using 7-zip to compress the files, use the Setup.bat file downloaded from the link only. Do not use the file that is already present in the Agent folder.

5. Open the following link, Copy the contents and paste it in a text file named config.txt

6. Download the LZMA SDK package from the link, extract the contents. Go to the bin folder and locate the file 7zS2.sfx.

7. Create a folder and include the files

  • a) patchmanagerplusagent.7z
  • b) config.txt
  • c) 7zS2.sfx

8. Open Command prompt with Admin privilege in the same folder and run the command, copy /b 7zS2.sfx + config.txt + patchmanagerplusagent.7z agent.exe

9. An executable file agent.exe will be generated in the same folder.

10.Install the executable agent.exe manually in a machine without an agent (test machine). If the agent installation fails in this machine, retrace the steps again. If the installation succeeds then proceed.

11.Download the zip from this GIT page.

12.Extract IntuneWinAppUtil.exe from the downloaded zip.

13.Double click the IntuneWinAppUtil.exe and provide the following input

  • Source folder: <directory_of_agent.exe>
  • Setup file: agent.exe
  • Output folder: <output_directory>
  • Do you want to specify catalog folder (Y/N)? N

14. agent.intunewin will be created in the specified <output_directory>

15. Use the agent.intunewin app package for deployment in Intune.
To configure the app package :
Install Command : "agent.exe" /S
Uninstall Command : "agent.exe" /X
(The above are dummy commands that does not affect installation, and thus can't be used to uninstall the agent.)


Detection Rule : Manually configure detection rule.
Rule type : MSI
MSI product code : {6AD2231F-FF48-4D59-AC26-405AFAE23DB7}
MSI product version check : No

16. Now you can deploy the agent through Microsoft Intune to the machines in your network.

17.The agents will be installed in the target computers, but in case you have enabled "Waiting for Approval" then, the further communication with the server occurs only if these target computers are approved from the Waiting for Approval tab that is present at Agent -> Computers -> Waiting for Approval.

Note:

  • a) The Waiting for Approval feature is provided to enhance security and prevent the misuse of the product without Admin's knowledge. At this stage the target computer in which the agent is installed can also be declined by the Admin, thereby preventing further communication with the server.
  • b) If you Add Computers through the Managed Computers tab, and then install agents in these computers, the systems don't fall under the 'Waiting for Approval' tab.
  • Read this document to know more on "Waiting for Approval".
Bulk Installation of Agents in AWS Instances

The following are the steps to install agents in bulk in AWS Instances

  1. 1.Create S3 Bucket in the region you want to deploy the Agents.
  2. 2.Upload all files from the downloaded Agent zip folder to the created bucket and set the permission as public.
  3. 3.Create IAM role for SSM.
    • a) In the IAM console navigate to Roles -> Create Roles.
    • b) In the Select type of trusted entity, choose AWS service.
    • c) Choose the service EC2.
    • d) If the specified service has only one use case, it is selected automatically after which choose NEXT: Permissions.
    • NOTE: Use cases are defined by the service to include the trust policy that the service requires.
    • e) In the Create role window as given in the figure below, search for AmazonEC2RoleForSSM and select it.
    • Agent Installation-AWS instances

      Note: You can also add AmazonEC2RoleForSSM in the already existing IAM role.

    • f) Choose NEXT: Review.
  4. 4. Change EC2 settings.
    • a) Select the existing instance.
    • b) Choose Action at the top of the screen.
    • c) Choose Instance settings and assign the created role.
  5. 5. Run the command to install the agents in AWS Instances.
    • a) In the AWS System Manager console, choose Run Command
    • b) Run the following command :
    • Note: BUCKETPATH is object URL.
      New-Item -ItemType directory -Path C:\\LocalOffice\\localsetup
      $WebClient = New-Object System.Net.WebClient $WebClient.DownloadFile("BUCKETPATH/DCAgentServerInfo.json","LOCALPATH/DCAgentServerInfo.json") $WebClient.DownloadFile("BUCKETPATH/PatchManagerPlusAgent.msi","LOCALPATH/PatchManagerPlusAgent.msi") $WebClient.DownloadFile("BUCKETPATH/PatchManagerPlusAgent.mst","LOCALPATH/PatchManagerPlusAgent.mst") $WebClient.DownloadFile("BUCKETPATH/setup.bat","LOCALPATH/setup.bat") cmd /c msiexec /i C:\\LocalOffice\\localsetup\\PatchManagerPlusAgent.msi REBOOT="REALLYSUPPRESS" MSIRESTARTMANAGERCONTROL="Disable" TRANSFORMS=C:\\LocalOffice\\localsetup\\PatchManagerPlusAgent.mst ENABLESILENT=yes /qn
  6. 6. The agents will be installed in the target computers, but in case you have enabled "Waiting for Approval" then, the further communication with the server occurs only if these target computers are approved from the Waiting for Approval tab that is present at Agent -> Computers -> Waiting for Approval.

Waiting for approval

Note:

  • a) The Waiting for Approval feature is provided to enhance security and prevent the misuse of the product without Admin's knowledge. At this stage the target computer in which the agent is installed can also be declined by the Admin, thereby preventing further communication with the server.
  • b) If you Add Computers through the Managed Computers tab, and then install agents in these computers, the systems don't fall under the 'Waiting for Approval' tab.
  • Read this document to know more on "Waiting for Approval".