Automating client deployment



Similar documents
HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

For Active Directory Installation Guide

Adobe Acrobat 9 Deployment on Microsoft Windows Group Policy and the Active Directory service

Installation Manual (MSI Version)

IBM Connections Plug-In for Microsoft Outlook Installation Help

XMap 7 Administration Guide. Last updated on 12/13/2009

MailStore Outlook Add-in Deployment

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Sharpdesk V3.5. Push Installation Guide for system administrator Version

Deployment of Keepit for Windows

DriveLock Quick Start Guide

4cast Client Specification and Installation

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

EventTracker: Support to Non English Systems

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Autograph 3.3 Network Installation

Web-Access Security Solution

How to - Install EventTracker and Change Audit Agent

Trusted Stackware series. Rev D.O.I-Net Co., Ltd. Document No.:TST E

Universal Management Service 2015

Deploying the DisplayLink Software using the MSI files

Creating Home Directories for Windows and Macintosh Computers

Active Directory Software Deployment

Symantec AntiVirus Corporate Edition Patch Update

Distributing SMS v2.0

How To Install Outlook Addin On A 32 Bit Computer

Download/Install IDENTD

Novell ZENworks 10 Configuration Management SP3

SMART Sync Windows operating systems. System administrator s guide

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

NetSpective Logon Agent Guide for NetAuditor

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Password Manager Windows Desktop Client

Acronis Backup & Recovery 11.5 Quick Start Guide

Version 5.0. SurfControl Web Filter for Citrix Installation Guide for Service Pack 2

Symantec Enterprise Vault

OUTLOOK ADDIN V1.5 ABOUT THE ADDIN

Automatic Network Deployment

NetBackup Backup, Archive, and Restore Getting Started Guide

Moxa Device Manager 2.0 User s Guide

PowerMapper/SortSite Desktop Deployment Guide v Introduction

Promap V4 ActiveX MSI File

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

About This Guide Signature Manager Outlook Edition Overview... 5

System Area Management Software Tool Tip: Agent Deployment utilizing. the silent installation with Active Directory

Administration Quick Start

Installing LearningBay Enterprise Part 2

ACTIVE DIRECTORY DEPLOYMENT

Specops Command. Installation Guide

PC Power Down. MSI Deployment Guide

MDM Mass Configuration Tool User s Manual

Technical Support Set-up Procedure

ThinManager and Active Directory

SQL Express to SQL Server Database Migration Goliath Performance Monitor v11.5

Enterprise Vault Installing and Configuring

Project management integrated into Outlook

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

Comodo MyDLP Software Version 2.0. Endpoint Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

NetIQ Advanced Authentication Framework. FIDO U2F Authentication Provider Installation Guide. Version 5.1.0

Sophos for Microsoft SharePoint startup guide

ContentWatch Auto Deployment Tool

SpamTitan Outlook Addin V2.0

2X ApplicationServer & LoadBalancer Manual

DisplayLink Corporate Install Guide

Server Installation Guide ZENworks Patch Management 6.4 SP2

Guide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu

Getting Microsoft Outlook and Salesforce in Sync

Installing Client GPO Software

Administration guide. Océ LF Systems. Connectivity information for Scan-to-File

Active Directory integration with CloudByte ElastiStor

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Management Utilities Configuration for UAC Environments

Dell Recovery Manager for Active Directory 8.6. Quick Start Guide

SELF SERVICE RESET PASSWORD MANAGEMENT GPO DISTRIBUTION GUIDE

MSI Admin Tool User Guide

Moxa Device Manager 2.3 User s Manual

Subversion Server for Windows

How To Manage Storage With Novell Storage Manager 3.X For Active Directory

CS WinOMS Practice Management Software Server Migration Help Guide

Windows Clients and GoPrint Print Queues

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

Project management integrated into Outlook

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

Print Audit 6 Network Installation Guide

SARANGSoft WinBackup Business v2.5 Client Installation Guide

Downloading and Mass Deploying Applications

Aras Innovator.NET Client Security Policy Configuration

Welcome to the QuickStart Guide

NetIQ. How to guides: AppManager v7.04 Initial Setup for a trial. Haf Saba Attachmate NetIQ. Prepared by. Haf Saba. Senior Technical Consultant

Consolidated Monitoring, Analysis and Automated Remediation For Hybrid IT Infrastructures. Goliath Performance Monitor Installation Guide v11.

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

Create, Link, or Edit a GPO with Active Directory Users and Computers

TIBCO Spotfire Metrics Prerequisites and Installation

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

Dell Statistica Statistica Enterprise Installation Instructions

Parallels Panel. Parallels Small Business Panel 10.2: User's Guide. Revision 1.0

Installation and Deployment

Transcription:

Automating client deployment 1

Copyright Datacastle Corporation 2014. All rights reserved. Datacastle is a registered trademark of Datacastle Corporation. Microsoft Windows is either a registered trademark of Microsoft Corporation or a trademark of the Microsoft group of companies. Other product and company names including Datacastle are trademarks of their respective owners. Mac OS X, Leopard, and Snow Leopard are trademarks of Apple Inc., registered in the U.S. and other countries. Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. Distribution of this work or derivative work in any standard (paper) book form for commercial purposes are prohibited unless prior permission is obtained from the copyright holder. DOCUMENTATION IS PROVIDED «AS IS» AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON- INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. 2

Contents Automating client deployment... 4 Setting up the company for automated deployment... 4 Select policy... 4 Create activation code... 5 Create customized installation package... 6 Installing the software... 6 Pushing an MSI using Group Policy... 8 Create install point... 8 Installing management tools... 8 Create a test security group... 9 Create a Group Policy Object... 9 To retest a package... 11 Alternative deployment scenarios... 11 A few users who need different policies... 11 Big groups of users with different policies... 11 3

Automating client deployment This document describes how to automate deployment of data protection across your organization. V6.0 or above required (vault and client). Setting up the company for automated deployment The first step is to configure the company in the vault to use automated deployment. Log in to the dashboard as a user with administrative access to the company and navigate to the company details page. Select policy The company needs to be configured to use a centrally managed policy so that devices will start backing up immediately when they are installed. Check that the policy is Enterprise- Centrally Managed as in this image: If it is not, change the policy: 1. Click the Edit company button on the top right 2. Select Enterprise- Centrally Managed in the Default policy set list shown below 3. Click Save changes 4

Create activation code Deployments are managed using activation codes. These control what happens when the installation runs. 1. Click the Activation codes tab 2. Click Add activation code 3. Click Enable creating users and devices. This option allows you to push out the installation to computers and users and devices will be automatically create as needed. When users are 5

created the system needs an email address and name, so these need to be set up on your domain accounts. 4. A window will pop- up for more information on creating the users. Click Save changes to accept the default of creating the users under the All users group and to allow users to log in to the web retrieve site to access their backed up data. 5. Finally click on Add activation code to create the code. 6. Copy the activation code that was created for use in the next section. Create customized installation package To push out the installation via Active Directory Group Policy you will need an MSI package which is customized for your installation. Please contact support and give them the URL you use to connect to the dashboard and the activation code created in the previous section. They will create an MSI with the customized values. Installing the software To install the software across your organization you will want to push it using Active Directory group policy or another management system. However before you do this you should confirm that everything is working properly. Here are the steps: Install one machine interactively Install one machine silently manually Push the software automatically to a single machine Push the software out more broadly this could be to all machines or in stages depending on the size of your organization You need to use a test machine that is joined to the domain and log in as a domain user while doing these tests because the installation will get user information from the domain to use when creating the user in the vault. Install interactively Start by running the exe version of the installer. After the installation completes you will see the activation screen asking for the Activation Server URL and Activation Code. 6

Enter your vault URL in the Activation Server URL field. You should enter just the DNS name, unless you are using a trial non- SSL vault, in which case you need to enter http://vaultname. Enter the company activation code created earlier in the Activation Code entry fields (note that you can paste the whole code into the first box and it will fill them all out). If the activation was successful you will see a success message. If there was a problem you will see a message that the activation code was invalid. Some reasons why this may happen: The code was entered incorrectly sometimes when copying an extra character may be added to the beginning, or the first character not copied The code is not for the correct vault this usually happens when you are testing using a trial vault but entered the URL for the production vault It was not able to find or create the user. The software needs to find the email address for the current user on the machine. Sometimes when using a test environment this may not be possible for a number of reasons: o The machine is not domain joined, or you are logged on with a local account o The user s domain account doesn t have an email address configured (common if you are using a test user or a test domain) Less commonly the user already has a device created for this machine and it is in the reset state. In this case it assumes you really want to re- activate that device to be able to restore data rather than create a new device (which you would do by entering the activation code from the specific device). Rename the existing device if you want to allow automatically creating a new device. Once activation is successful you will be able to go to the vault dashboard and see the newly activated device, under a newly created user if the user didn t already exist. Install silently To test the silent installation, you need use the MSI. Start an elevated command prompt by using run as administrator. If you already have the customized MSI, you just need to run that silently using the following command: msiexec /qn /i DCProtectInstall.msi If you don t yet have the customized MSI, then you can specify the customizations on the command line to test first. Note that the properties need to be specified in capitals as shown here: msiexec /qn /i DCProtectInstall.msi ACTIVATIONURL=vaulturl ACTIVATIONCODE=code SILENT=1 7

Once the install and activation has been successful you can see the device and user in the vault dashboard. You can uninstall so you can test again either manually from Control Panel or from the command line: msiexec /x DCProtectInstall.msi Pushing to a single machine Next you should push out the installation automatically, but just to the one machine so you can confirm success. If you are using a software management system to do this then follow your normal procedures. If you will be automating the deployment using Active Directory Group Policy then you will need to have the customized MSI with the activation information embedded in it ready at this point. This is because we need to pass the activation details and pushing using Active Directory doesn t have any capability to pass these using a command line, they need to be embedded in the MSI. Using the Group Policy instructions below, create a security group, place the single test machine into that group and then test deploying to that single machine. Pushing to more machines Once you are happy with the deployment to a single machine you can deploy to more machines. Usually this is done in batches, so you would do this by adding machine to the security group that you have been using to manage the deployment. You can also edit the filter on the GPO to add other groups if your machines are already in groups. Pushing an MSI using Group Policy Active Directory group policy can be used to push an MSI out to computers. It can only push a single MSI with no command line parameters, so all the activation information needs to be embedded into a custom MSI for your deployment. Contact Support with your activation information to get this customized MSI. Create install point The first step is to put the MSI somewhere where it is accessible to the computers you are deploying to, as a UNC path. You may already have a software installations share available where this can be placed. If not: 1. On a server on your network, create a folder SoftwarePackages 2. Right click the folder and click Share with then Specific people 3. Choose Everyone in the list then click Add (leave the permission level as Read) 4. Click Share 5. You now have that folder shared as \\servername\softwarepackages 6. Copy the MSI into this folder Installing management tools You will need some management tools to set up and test the group policy for the installation package - Active Directory Users and Computers and Group Policy Management. If you don t have these, here is how to get them: On Windows Server 2008 R2 8

1. Open Server Manager 2. Click Features 3. Click Add Features 4. Expand Remote Server Administration Tools, Role Administration Tools, AD DS and AD LDS Tools, AD DS Tools 5. Select AD DS Snap- Ins and Command- line tools 6. Back at the top level, select Group Policy Management 7. Click Next and finish the installation On client operating systems such as Windows 7 or 8 you need to install the Remote Server Administration Tools. o For Windows 8 see http://www.microsoft.com/en- us/download/details.aspx?id=28972 o For Windows 7 see http://www.microsoft.com/en- us/download/details.aspx?id=7887 Create a test security group Identify a computer that is joined to the domain to use for testing installations. While testing we want to make sure that only the test computer gets the package installed. To do this we will create a security group and add only our test computer into that group, using Active Directory Users and Computers. To create a testing security group: 1. Open Active Directory Users and Computers 2. Select your domain 3. Right click the domain, choose New then Group. You can do this inside an OU instead this is up to how you organize your domain. 4. Give the group a name. Follow any conventions your organization has for names, but including test is a good way to indicate to others that this shouldn t generally be used. 5. Check that Security is selected as the group type 6. Click Ok to create the group To add the computer to the group 1. Open the properties for the new group 2. Click the Members tab 3. Click Add 4. Click Object Types 5. Check Computers and uncheck the other types 6. Select the test computer a. Either enter the computer name in the box and clicking Check Names to confirm it was found b. Or click Advanced to search, enter criteria and click Find Now to find matching computers. Select the test computer in the list once found and click Ok to return 7. Click Ok to add the test computer to the group Create a Group Policy Object A group policy object is how you specify that the software should be deployed. Start by creating an empty policy and restricting the computers it should apply to: 9

1. Open Group Policy Management 2. Expand the tree expand the Forest, Domains and then the domain you are deploying to 3. If the computers you are deploying to are all under an OU then select that OU, if not (if they are just in Computers) then select the domain 4. Right click the selection and choose Create a GPO in this domain, and Link it here 5. Enter a name for the GPO and click OK to create it 6. Double click the new GPO (or select it in the tree) 7. On the Scope tab you restrict the objects this GPO applies to 8. Select Authenticated Users in the Security Filtering box 9. Click Remove to remove Authenticated Users from the list, and confirm 10. Click Add 11. Select the Security group created earlier for testing (type the name in or click Advanced to search) 12. Click Ok to add the group to the Security Filtering list Add package to GPO 1. Right click the GPO and select Edit. This opens the Group Policy Management Editor for this object 2. Expand Computer Configuration, Policies, Software Settings 3. Select Software installation 4. Right click Software installation and select New, Package 5. A file selection dialog opens. Select the installation package by navigating to the share created for installations. You need to use a UNC path here, even if the package is on a local drive because computers need to be able to download the package from this path. 6. In the Deploy Software dialog, make sure that Assigned is selected and then click Ok. The package is now set in policy and will deploy when the policy is applied. Software installation policies are only applied when the computer reboots so the next step is to test that it deploys to the test computer. 1. Restart the test computer 2. As it reboots you will see a message about the policy being applied and then installing the package 3. Restarting will take a little longer than usual as it installs, but once you can log in to the computer you should see that it is installed (the icon will be on the desktop for example) 4. Log on to the test computer You need to log on as the last step here because when the computer restarts the software is installed but probably not yet be activated. If you are automatically creating users and devices, or creating devices under detected users, then the software will activate only after it can determine the user of the computer, which means after a user logs on. Activation will not happen immediately after you log on because it has built in delays. After about 1 minute the user information will be passed to the service. It will then wait up to 10 minutes to try to activate. You can restart the Data Protection service to accelerate this. 10

To retest a package Once you have deployed the package to a test computer, here is how to get back to the uninstalled state and ensure the package will be pushed to the computer again. 1. Remove the computer from the security group that applies the policy in Active Directory Users and Computer, open the computer properties, go to the Member of tab, select the security group and click Remove 2. On the test computer, login and manually uninstall the application 3. Reboot to ensure the removal of the policy has been processed Now the test computer is ready to be put back into the security group and be restarted to get a new installation. Alternative deployment scenarios The previous sections show one deployment scenario automatically creating users and devices with all devices getting the same policy. This section will identify some other scenarios and what to change to deploy in those scenarios. A few users who need different policies This scenario is common when there is a small group that needs a different policy to the majority, such as an Executives policy. To enable this scenario: Create a user group for the Executives (or whatever group needs the different policy) Set the default policy on the user group to the policy for the executives Manually create user accounts in that group for the users who should have this policy Proceed as above to deploy devices As devices activate they will look to see if the user already exists. For most users the answer will be no, and so the users will get automatically created under the main user group and will get the policy set on the company. For the executives, the user accounts will be found and devices created under those users. These devices will pick up the specialized policy from their user group. Big groups of users with different policies If more than a few users need different policies, you should follow much the same process as for a few, but you won t want to create the users manually. For this scenario you should import either all users, or all who are not on the standard policy. Create a user group for each group that you need and set their default policies Go to Import users from the Company details page Download the template spreadsheet Fill out the spreadsheet, specifying the correct user group for each user Import the list of users Proceed with the deployment as above This time you have automatically created users into groups with specific policies and so their devices will get the correct policies as they activate. Any users you didn t import will be created during the deployment and get the default policy. 11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information