Kaseya Community

Install agent from Active directory via GPO

  • Hi,
    Has anyone had any success installing the Agent to workstations from the active directory via a Domain level GPO. I am mostly looking to find out if anyone has created a .MSI package for agent install or advice on how to create one as we are looking at having to install agents on several hundred machines on a single Domain. I am fairly new to Kaseya so if anyone has a better way to do this please let me know.

    Legacy Forum Name: Install agent from Active directory via GPO,
    Legacy Posted By Username: biggreg
  • An easier way would be to run the agent install in your logon scripts. In the Agent deployment option you can add the domain creds to the installer. Agemt > Deploy Agents > Create Package.

    Alternatively you could put the file in a startup script in AD.

    Regards,
    Chris

    Legacy Forum Name: How-To,
    Legacy Posted By Username: chris@busy.co.nz
  • Chris,
    That would be good but the machines in question dont have users at them, they are used to perform specific tasks & are set up without monitor or keyboard. Is it possible for a logon script to run when the computer account logs on to the DC??

    Legacy Forum Name: How-To,
    Legacy Posted By Username: biggreg
  • Hi,

    The credentials in question should be the domain admin credentials, which will then be put in the exe file, so won't be hard to get out from a security point of view.

    If the machines have group policies applied, run a batch file on startup via group policy. In this batch file all it needs to do is call the exe.

    Lastly, if all the machines are on, look into the LAN Watch option under Agents - Deploy Agents. This pushes the agent to the machines remotely. You just have to make sure all machines are turned on. It may be easier to use startup script as this will cover future machines etc.

    Regards,
    Chris

    Legacy Forum Name: How-To,
    Legacy Posted By Username: chris@busy.co.nz
  • The problem we have is in a 2008 domain with vista clients UAC barks if a login script is run. I want to know how to call the exe like in a script but using a GPO. As far as I can see Group Policy only likes msi files.

    M

    Legacy Forum Name: How-To,
    Legacy Posted By Username: mashley
  • I am trying to do this as well. I would like to install Kaseya with via startup script in the computer configuration of a GPO.

    I have tried two simple script
    1. a VB Script
    set WshShell = WScript.CreateObject("WScript.Shell")
    WshShell.Run "\\csd1\vc3.6\kaseya\kcssetup.exe"

    2. a BAT
    start \\csd1\VC3.6\Kaseya\KcsSetup.exe

    Bolt of these will work if I type it in at the command line. The computer is running the script but kaseya will not install. Confused

    Legacy Forum Name: How-To,
    Legacy Posted By Username: Benjamin
  • Checkout this article at Microsoft: http://technet.microsoft.com/en-us/library/cc766208%28WS.10%29.aspx

    Especially the part regarding launchapp.wsf

    In order to use launchapp.wsf, configure the Logon Script like this:
    Script Name: launchapp.wsf
    Script Parameters:


    launchapp.wsf:



    Dim isVista
    Dim wshShell
    Set wshShell = CreateObject("WScript.Shell")
    GetOS
    If isVista = True Then
    runVistaLogin
    Else
    runNormalLogin
    End If

    Sub runNormalLogin
    wshShell.Run WScript.Arguments(0)
    'wscript.echo "XP/2000"
    End Sub

    Sub GetOS
    strComputer = "."
    Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
    Set colOSes = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
    For Each objOS in colOSes
    osCaption = objOS.Caption
    If instr(osCaption, "Vista") Then
    isVista = True
    End If
    Next
    End Sub

    sub runVistaLogin
    const TriggerTypeRegistration = 7
    const ActionTypeExecutable = 0
    const FlagTaskCreate = 2
    const LogonTypeInteractive = 3
    If WScript.Arguments.Length <> 1 Then
    WScript.Echo "Usage: cscript launchapp.wsf "
    WScript.Quit
    End If
    strAppPath = WScript.Arguments(0)
    '********************************************************
    ' Create the TaskService object.
    '********************************************************
    Set service = CreateObject("Schedule.Service")
    call service.Connect()
    strTaskName = "Launch App As Interactive User"
    '********************************************************
    ' Get a folder to create a task definition in.
    '********************************************************
    Dim rootFolder
    Set rootFolder = service.GetFolder("\")
    'Delete the task if already present
    On Error Resume Next
    call rootFolder.DeleteTask(strTaskName, 0)
    Err.Clear
    '********************************************************
    ' Create the new task
    '********************************************************
    Dim taskDefinition
    Set taskDefinition = service.NewTask(0)
    '********************************************************
    ' Create a registration trigger.
    '********************************************************
    Dim triggers
    Set triggers = taskDefinition.Triggers
    Dim trigger
    Set trigger = triggers.Create(TriggerTypeRegistration)
    '***********************************************************
    ' Create the action for the task to execute.
    '***********************************************************
    ' Add an action to the task. The action executes the app.
    Dim Action
    Set Action = taskDefinition.Actions.Create( ActionTypeExecutable )
    Action.Path = strAppPath
    'WScript.Echo "Task definition created. About to submit the task..."
    '***********************************************************
    ' Register (create) the task.
    '***********************************************************
    call rootFolder.RegisterTaskDefinition( _
    strTaskName, taskDefinition, FlagTaskCreate, _
    ,, LogonTypeInteractive)
    'WScript.Echo "Task submitted."
    end sub



    Legacy Forum Name: How-To,
    Legacy Posted By Username: DKData
  • I am trying to do this on XP not Vista. I am new to VB Scripting will this work on XP and where do I add my "Script Parameters: "

    The error I am getting is
    Line: 14
    Column: 1
    Error: Subscript out of range
    Code: 800A009

    Legacy Forum Name: How-To,
    Legacy Posted By Username: Benjamin
  • Yes, this is for XP.

    This line
    wshShell.Run WScript.Arguments(0)

    runs the first argument for the script.

    http://technet.microsoft.com/en-us/library/cc781361%28WS.10%29.aspx

    suggests a way of supplying the arguments using the "parameters" field when creating the GPO.

    Legacy Forum Name: How-To,
    Legacy Posted By Username: mparr
  • Bump...

    I'm attempting to do the same in a GPO using a startup script linked to a workstation OU.

    One of the common issues is that startup scripts run under the context of the local system account and do not have access to network shares.
    Benjamin - I suspect you need to give "Domain Computers" access to the share and NTFS permissions where you have the exe. That gets me further - but does not install the agent.

    You can see the GPO applied, and the script runs, the file gets copied to c:\windows\temp and it runs.

    Something fails at this point and the kasetup.log doesn't have any failure info. Anyone have any further thoughts on how to get this working? Seems like this would be one of the preferred ways to push the agent and keep a domain current. (Or if we could get the agent installer as an MSI and assign it in GPO - that would be great too.)

    Here's the KASetup.log generated from the startup script:
    Installation start time: 15:29:26 Jul 25 2009
    Installation Code Informational 0x00000000 Ok /e /g=lll.wks /c /s
    Installation Code Informational 0x00000000 Ok
    Running C:\WINDOWS\TEMP\KcsSetup-wks.exe(KcsSetup-wks.exe /e /g=lll.wks /c /s )


    ... Charles

    Legacy Forum Name: How-To,
    Legacy Posted By Username: cloui-ying@lululemon.com
  • I found that the NTFS permissions where causing problems.
    I put the installer in the \\domain.local\SysVol\domain.local\Policies\{289DD522-AFA7-4F3E-AE21-E4BECA1ABEAA}\Machine\Scripts\Startup for each GP

    I also put this VB script in the same folder and modify the Policies number.
    Option Explicit

    'Set Dimension
    DIM fso

    'Set Object
    Set fso = CreateObject("Scripting.FileSystemObject")

    'Create Condition
    If (fso.FileExists("c:\Program Files\Kaseya\Agent\AgentMon.exe")) Then
    DoNothing
    WScript.Quit()
    Else
    InstallKaseya
    End If

    Sub InstallKaseya
    Dim wshShell
    Set wshShell = CreateObject("WScript.Shell")

    'Copyie installer to local drive
    Set fso = CreateObject("Scripting.FileSystemObject")
    fso.CopyFile "\\domain.local\SysVol\domain.local\Policies\{943EC3CA-163B-4D53-9D53-8C6C71A8DB9D}\Machine\Scripts\Startup\KcsSetup.exe", "C:\",TRUE

    'Starts Kaseya installer
    WshShell.Run "c:\KcsSetup.exe"

    'pauses the script for .30
    wscript.sleep 30000
    End Sub

    sub DoNothing

    end sub


    Legacy Forum Name: How-To,
    Legacy Posted By Username: Benjamin
  • I was running into this issue as well; thanks to all who posted for this thread. I've made some changes to Benjamin's most recent VB scipt.

    Basically, I found that there was no need to copy the file locally, and with the /e switch when you build your package there is no need to check for a previous install.

    Option Explicit

    'Set Dimension
    DIM fso

    'Set Object
    Set fso = CreateObject("Scripting.FileSystemObject")

    'Starts Kaseya installer
    WshShell.Run "KcsSetup.exe"

    'pauses the script for .30
    wscript.sleep 30000


    What I've done with this is create two GPOs since I create two default installation packages for each of my clients, Workstation and Server.

    I link each GPO at the container level that holds either Workstations or Servers for that client. I then place the above VBS and the appropriate installer file in the GPO's computer startup script directory. Once a machine is placed in the OU, the agent installs at the next login. Since my agent deployment package has the /e switch, it will not overwrite a previously installed agent.

    It should be noted that I can barely spell VBS, so the code above could probably be edited to be even shorter. I merely took Benjamin's scipt and hacked off what I didn't like. Constructive criticism would be greatly appreciated.

    Legacy Forum Name: How-To,
    Legacy Posted By Username: charon79m
  • biggreg
    Hi,

    Has anyone had any success installing the Agent to workstations from the active directory via a Domain level GPO. I am mostly looking to find out if anyone has created a .MSI package for agent install or advice on how to create one as we are looking at having to install agents on several hundred machines on a single Domain. I am fairly new to Kaseya so if anyone has a better way to do this please let me know.






    See here for instructions: http://community.kaseya.com/api/forums.ashx/forums/132/threads/7881/posts/38050

    Legacy Forum Name: How-To,
    Legacy Posted By Username: Ignition_helpdesk
  • Another idea would be to have a domain controller or some other server logged in with domain admin rights run a forced install script once a day or so. You can do this with PSEXEC in the Pstools suite available here

    The script i have running is as follows: psexec \\* -c -i \\servername\sharename\installfile.exe >> Install.txt

    This will pull all computer accounts out of active directory and attempt to install the agent. If the "installfile.exe" already exists in the \\computertobeinstalled\admin$ share then it gets skipped. Otherwise it will install under the context of the currently logged on user of the server it was ran from, ie. logon as domain admin and run. I recently used this to force install 500+ agents on a domain and it only took about 15min to push them all out. Now i have a Kaseya script which runs once a day on one of the domain controllers to force this install to any new machines added to the domain. No fuss, no messing with MSIs and GPOs.

    Good luck

    Legacy Forum Name: How-To,
    Legacy Posted By Username: brotharewt