Open topic with navigation

Administer > Module Configuration > Inventory Management > HEAT Discovery Asset Management > Deploying Agents to Other Computers

Deploying Agents to Other Computers

You need to deploy agents to computers to get the most comprehensive and detailed audit, but remote scan via WMI is also an alternative. See About Running Agentless Audits.

Agents can only be deployed to computers with a minimum specification of Windows XP. Before performing the remote client installation, make sure to open the network ports for the gateway to communicate effectively with the domain controller. In your firewall settings for the service, enter port 139 or 445, and select the option UDP (for DNS) or TCP protocol. To manually open ports in your Internet connection firewall, refer to operating system help.

Before planning to deploy agents to other computers, you need to run an Active DirectoryMicrosoft's Active Directory is a service that stores and manages network-based entities such as applications, files, printers, and people. scan to make sure you have a full list of any computers that are not audited (see Running an Active Directory Scan).

Refer to Installing Agents on Remote Computers to install agents on computers that are not accessible from the gateway.
ClosedDeploying Agents
1. Within the Service Desk Console, open the Gateway workspace.
2. Click Scan Active Directory.
3. Click Yes in the confirmation window to start the scan.
4. View the task in the Agent Task list.
5. Click the task link to open the Agent Task tab from where you can view the progress of the scan.

The scan is displayed as an agent task, with a status (pending or complete). When the active directory scan has finished, all the computers that are not audited are listed.

6. Click the Configuration Item tab, then select the devices to which to deploy the agent, and click Deploy Agent.
7. Click Yes to confirm that you want to deploy to the selected computers.

When the deployment is complete, the computers are then audited in the same way as other computers to which the agent has been deployed.

Agent tasks are created for the gateway for each computer on which the agent is deployed.

ClosedInstalling Agents on Remote Computers

Agents cannot be deployed to the remote computers that are not in your intranet. However, you can install client agents on these computers.

See Folder Permissions on Windows before installing the client agent on Windows.
ClosedFolder Permissions on Windows

If the following permissions are not set correctly, the HEAT client agent service cannot run and messages cannot be sent to the server.

The default configuration for Windows is to grant the local users group read, read + execute, and list folder contents permissions to the C:\Program Files folder (and the C:\Program Files (x86) folder on 64-bit computers). This is sufficient for running the HEAT client agent service using the built-in network service user. The other services use the built-in system user, which has administrator privileges.

As part of its installation, the HEAT agent modifies the permissions of these folders:

C:\Program Files (x86)\Common Files\FRS\Logs:  

  • Network service is granted GENERIC_ALL permissions (that is, read + write + execute + delete + list folder).
  • Local users group is granted GENERIC_ALL permissions.

C:\Program Files (x86)\Common Files\FRS\SaasIMClient\ClientMsgSender\Outbox

  • Network service is granted GENERIC_ALL permissions.
  • Local users group is granted GENERIC_ALL permissions.

C:\Program Files (x86)\Frontrange Solutions\InventoryClient\AUDIT\MESSAGES

  • Network service is granted GENERIC_ALL permissions.
  • The folders are under C:\Program Files on a 32-bit computer).
ClosedConfirming that the Agent Successfully Installed
1. Log in as an administrator to the gateway computer and open the Computer workspace.
2. Filter the list by operating system.

Computer Workspace

Notice that the agent status is installed.

ClosedInstalling the Client Agent from a Command Line
1. Open the command prompt window.
2. Enter the following command line to manually download the client agent installer from the Internet:
The command line qn allows you to do a silent installation of the client agent.

msiexec/qn/i<tenant url>/IM/ClientInstaller/ClientInstallation_1.9.msi CLNTCFGCAK=<client authentication key> CLNTCFGBASEURL=<Cloud IM web service base address> CLNTCFGDEFOU<Default organizational unit name>

where:

  • <tenant url> is the URL for the HEAT Cloud instance.
  • <client authentication key> is the unique key for every tenant; obtain this key from your HEAT administrator.
  • <Cloud IM web service base address> is the base portion of the address for the web service endpoint.
  • <Default organizational unit name> is the organizational unit with which the machine is associated.

Related Information

HEAT Discovery Asset Management

Manage Inventory Settings

Manage Gateway Settings

Deploying the MDI Service

Configuring Mobile Device Inventory

Topics

Inventory

How Discovery and Inventory Auditing work

About Mobile Device Inventory (MDI)

About MDI Client and the MDI Service

Tasks

Viewing and Managing Asset Data

Using Audits

Using Inventory Discovery and Auditing

Auditing Virtual Machines

APNS Certificate Tool

Reference

Running an Active Directory Scan

Inventory Lifecycle

Troubleshooting

Copyright © 2011-2014 FrontRange Solutions USA Inc. | All Rights Reserved