Automatic Deployment and Authentication Guide



Similar documents
Step-by-Step Guide to Active Directory Bulk Import and Export

Persona Backup and OS Migration for insync Private Cloud 5.5. June 16, 15

ContentWatch Auto Deployment Tool

Deployment of Keepit for Windows

HOW TO SILENTLY INSTALL CLOUD LINK REMOTELY WITHOUT SUPERVISION

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

MailStore Outlook Add-in Deployment

Management Utilities Configuration for UAC Environments

How To - Implement Single Sign On Authentication with Active Directory

Quick Start Guide. IT Management On-Demand

ShoreTel Active Directory Import Application

Guide to deploy MyUSBOnly via Windows Logon Script Revision 1.1. Menu

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

Ad Hoc Transfer Plug-in for Outlook Installation Guide

LDAP/Active Directory Guide. Release 4.0

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Here, we will discuss step-by-step procedure for enabling LDAP Authentication.

MSI Admin Tool User Guide

Citrix EdgeSight for Load Testing Installation Guide. Citrix EdgeSight for Load Testing 3.5

eprism Enterprise Tech Notes

How To Deploy Lync 2010 Client Using SCCM 2012 R2

Pearl Echo Installation Checklist

Migrating application users and passwords with Password Manager

Using Kerberos to Authenticate a Solaris TM 10 OS LDAP Client With Microsoft Active Directory

4cast Client Specification and Installation

ZeroTurnaround License Server User Manual 1.4.0

Cloudwork Dashboard User Manual

ManageEngine Desktop Central Training

LDAP and Active Directory Guide

Secure Messaging Server Console... 2

SchoolBooking SSO Integration Guide

Hosted Connecting Steps Client Installation Instructions

Specops Command. Installation Guide

IBM Security QRadar Version (MR1) WinCollect User Guide

AD Information Sync 3.0 User Guide

Insight Video Net. LLC. CMS 2.0. Quick Installation Guide

Technical Overview. Active Directory Synchronization

How To Authenticate On An Xtma On A Pc Or Mac Or Ipad (For A Mac) On A Network With A Password Protected (For An Ipad) On An Ipa Or Ipa (For Mac) With A Log

Configuration Guide. BES12 Cloud

Citrix EdgeSight for Load Testing Installation Guide. Citrix EdgeSight for Load Testing 3.8

Quick Introduction System Requirements Main features Getting Started Connecting to Active Directory... 4

Installation Instructions for Hospital ERP System (AP) Installation Instructions for Hospital ERP System (AP)

A Transend Corporation White Paper Preparing Microsoft Exchange Server for Migration

How to - Install EventTracker and Change Audit Agent

Chapter 1 Scenario 1: Acme Corporation

PC Power Down. MSI Deployment Guide

System Center Configuration Manager 2007

TABLE OF CONTENTS. Quick Start Guide - Active Directory idataagent. Page 1 of 25 OVERVIEW NEW FEATURES SYSTEM REQUIREMENTS SUPPORTED FEATURES

Endpoint Client Installation using Group Policy (Logon Script):

NetVanta Unified Communications. NetVanta Unified Communications Server. Configuration Guide

8.6. NET SatisFAXtion Gateway Installation Guide. For NET SatisFAXtion 8.6. Contents

User Management Resource Administrator. Managing LDAP directory services with UMRA

escan SBS 2008 Installation Guide

Upgrade Guide BES12. Version 12.1

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

Installing Client GPO Software

Symantec AntiVirus Corporate Edition Patch Update

SharePoint Password Change & Expiration 3.0 User Guide

KACE Appliance LDAP Reference Guide V1.4

Synchronization Tool. Administrator Guide

Downloading and Mass Deploying Applications

Active Directory Commands ( )

HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE

Active Directory Service. Integration Parameters and Implementation

Autograph 3.3 Network Installation

Snow Active Directory Discovery

Comodo MyDLP Software Version 2.0. Endpoint Installation Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

How to deploy Arkeia Network Backup v10 on Windows Server 2008 and later with a domain

Download/Install IDENTD

How to Install Multiple Monitoring Agents on a Microsoft Operating System. Version StoneGate Firewall/VPN 2.6 and SMC 3.2

Password Manager Windows Desktop Client

M86 Authenticator USER GUIDE. Software Version: Document Version:

Table of Contents. Preface. Chapter 1: Getting Started with Endpoint Application Control. Chapter 2: Updating Components

SafeGuard Enterprise Installation best practice

ShoreTel Active Directory Import Application

nitrobit group policy

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

qliqdirect Active Directory Guide

IIS SECURE ACCESS FILTER 1.3

The following gives an overview of LDAP from a user's perspective.

Remote Filtering Software

Remote Desktop Reporter Agent Deployment Guide

VERALAB LDAP Configuration Guide

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Distributing SMS v2.0

Moxa Device Manager 2.3 User s Manual

Capture Pro Software FTP Server System Output

HP Client Automation Standard Fast Track guide

Bitrix Site Manager ASP.NET. Installation Guide

Using Logon Agent for Transparent User Identification

FaxCore 2007 Getting Started Guide (v1.0)

About This Guide Signature Manager Outlook Edition Overview... 5

App Portal 2014 Installation Guide

versasrs HelpDesk quality of service

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Transcription:

This document gives administrators an overview of automatically deploying insync. www.druva.com Table of Contents Contents Introduction... 3

insyncconfig.ini File Composition... 3 Druva Automatic Deployment Package... 4 The Process... 5 Server.conf : INI creation Modes... 5 Group/Profile Mapping... 6 Binaries Location... 6 Edit MASSDS.bat... 7 Edit SI.bat... 7 GPO Setup... 8 Help... 10 Disclaimer... 11 Page 2

Introduction Druva insync has the ability to allow an organization to automate the Account Creation, Deployment, and authentication of insync Agents. The process relies on the creation of an ini file on the target machine which contains the information needed to create and assign the account to the correct insync Server, Storage and Profile, and also the target users credentials. The auto installation of client feature helps to install the insync client package on the client computer and loads the authentication key without user s intervention. After the successful installation of insync client, the user is created on the insync server without manual Administrator input An organization can create their own scripting methods to create and save this information, or use the Automatic Deployment package provided by Druva to assist in is process. The Druva Automatic Deployment package can integrate with AD, or a CSV file to create the required ini files insyncconfig.ini File Composition The INI file contains the following information for the MSI installer to read after installation This allows the account to be configured on the insync server, and the users account to be authenticated. ADDRESS = 'IP Address of insync Server:6061' STORAGE = 'Name of Target Storage' PROFILE = 'Name of Target Profile' ADUSERNAME = 'AD UserName of user' USERNAME = 'Name of User for insync Account' MAIL = 'email address of user' WINUSERNAME = 'Windows UserName of user' WINUSERDOMAIN = 'Windows UserDomain of user' The ini file should be created in the following location on the target device C:\Windows\temp Page 3

Druva Automatic Deployment Package This article describes how to use the Microsoft Active Directory Group Policy to automatically distribute and deploy the insync Client installable (MSI) across domain computers or users and to authenticate them automatically as well. Note: The method used for MS Active Directory Group policy can be used with other third party tools such as SCCM, LANDesk etc. Currently, auto installation feature supports only Windows and Macintosh client versions. Note: The mass deployment of insync clients support new client installation only and does not support upgrade to the existing insync clients. Before you begin the auto installation of Windows client, make sure you have installed the latest insync server and configured the user profile and storage. Following is the block diagram of insync client auto-installation process for Microsoft Windows operating system. Download INI creator ZIP and Unzip to a file share accessible to all users Edit server.conf to reflect the deployment method & enter details Edit MASSDS.bat script to reflect new file share path Edit SI.bat for MSI in file share, Mass deployment token and INI file path Generate Mass Deployment Token from insync Server console Setup MASSDS.bat under GPO to execute as User Log on Script Setup SI.bat under GPO to execute as Windows Startup Script Page 4

The Process To automate the entire process we need to execute two steps using GPO Create an %username%.ini file Deploy MSI using Mass deployment token You can download the package from here www.druva.com/hotfix/tools/auto-depv1.2.zip Auto-Depv1.2.zip: This package has some libs and binaries which help creating the insync INI file. There are some editable files for customizing the package to your environment 1. Server.conf : Allows us to set Server address, default storage and profile, and select INI creation mode (AD or CSV). 2. MASSDS.bat: This is a batch script which is responsible for invoking the insync INI creator exe. Hence it is executed using User log on scripts via GPO. 3. SI.bat: This is again a batch script which is executed a machine startup script and it executes using parameters like TOKEN and INIFILE. Server.conf : INI creation Modes The insync INI creator package allows using two different modes to create INI file. These modes can be classified as below: Use LDAP: In this mode if the server.conf has variable CSV = No the exe will query the LDAP server to find the logged in user email ID. The server.conf here will look as below [DETAILS] SERVER_IP = 192.168.51.77:6061,192.168.51.78:80 STORAGE = insyncstore PROFILE = DEFAULT CSV = No BASEDN = DC=Scorpius,DC=Druva,DC=COM LDAP_IP = ldap://192.168.51.77:3268 LDAP_USERNAME = administrator@scorpius.druva.com LDAP_PASSWORD = p@ssw0rd USERDOMAIN = scorpius.druva.com Page 5

GROUPMAPPING = Yes [PROFILEMAPPINGS] Administrators = IT PROFILE1 = SALES Use CSV: In this mode if the server.conf has variable CSV = Yes the exe will try and parse through the users.csv file provided by the administrator. The users.csv format looks something like below: UserName,emailID,Storage,Profile test1,test1@gmail.com,insyncstore,it, test2,test2@gmail.com, insyncstore,it, test3,test3@gmail.com, insyncstore,it, test4,test4@gmail.com, insyncstore,it, test5,test5@gmail.com, insyncstore,it, test6,test6@gmail.com, insyncstore,it, test7,test7@gmail.com, insyncstore,it, test8,test8@gmail.com, insyncstore,it, Group/Profile Mapping The server.conf also has another section known as [PROFILEMAPPINGS]. This allows IT administrators to map their exiting AD group with insync server user profile. For example: We can use an AD group as administrators and map it insync user profile as IT. The parameters look as below [PROFILEMAPPINGS] Administrators = IT Note: Please note that INI creator will use the logged user accounts member group to execute the mappings if the user does not belong to mapped groups then the default profile will be used. Binaries Location The zip files of automatic deployment needs to be hosted on common accessible shares so that these are available to all the users to be executed. The path for share needs to be updated in MASSDS.bat as listed in next section. Page 6

Edit MASSDS.bat Once we have the file share and server.conf configured we can now edit MASSDS.bat to reflect latest paths. The file could look as below @echo on IF EXIST C:\inSyncAD goto CHECKINI mkdir C:\inSyncAD cd C:\inSyncAD copy "\\192.168.51.77\iMD\*.*" "C:\inSyncAD" > filecopy.log goto CHECKINI :CHECKINI cd C:\inSyncAD if EXIST "c:\insyncad\%username%.ini" goto END Mass_Dep.exe :END Edit SI.bat Similarly we can now edit SI.bat to reflect new paths and MSI name along with new token value from insync server web console Management Users Import Mass Deployment token @echo on copy "\\192.168.51.77\iMD\*.msi" "C:\inSyncAD" cd C:\ msiexec /qn /i C:\inSyncAD\inSync5.0.msi TOKEN="4-9eff6f87a64bb5a7614ce3f173c24e81" INIFILE="C:\inSyncAD\%USERNAME%.INI" /Lime C:\inSyncAD\MSIlog.txt if exist "c:\program files (x86)" goto WIN7 goto XP :WIN7 cd "C:\Program Files (x86)\druva\insync" Page 7

insyncgui.exe goto END :XP cd "C:\Program Files\Druva\inSync" insyncgui.exe goto END :END GPO Setup Once we have the file shares configured along with server.conf file. We can now start executing the steps below to start the automatic deployment In GPO create a policy on user logon script to execute MASSDS.bat In GPO create a policy on Windows startup script to execute SI.bat See the following screen shot. Page 8

Note: For details on how to setup GPO policies please follow Microsoft KB article here http://support.microsoft.com/kb/816102 Note: The logs are created at C:\inSyncAD and Users temp directory. Sample log from insync AD folder. Filename: AD.log 2012-07-13 15:36:15,489 INFO Using LDAP Method... 2012-07-13 15:36:15,505 INFO The logged in user is:sbhaskar@scorpius.druva.com 2012-07-13 15:36:15,505 INFO Connected to the LDAP Server 2012-07-13 15:36:15,505 INFO ldap searching.. 2012-07-13 15:36:15,505 INFO [('CN=Sirohi Bhaskar,CN=Users,DC=Scorpius,DC=druva,DC=com', {'primarygroupid': ['513'], 'cn': ['Sirohi Bhaskar'], 'objectclass': ['top', 'person', 'organizationalperson', 'user'], 'userprincipalname': ['sbhaskar@scorpius.druva.com'], 'lastlogontimestamp': ['129858174761464843'], 'instancetype': ['4'], 'distinguishedname': ['CN=Sirohi Bhaskar,CN=Users,DC=Scorpius,DC=druva,DC=com'], 'dscorepropagationdata': ['20120703202239.0Z', '16010101000000.0Z'], 'objectsid': ['\x01\x05\x00\x00\x00\x00\x00\x05\x15\x00\x00\x00\xd3f\x01\x1as\r\xe1 \xc1\xefr_\x03n\x04\x00\x00'], 'whencreated': ['20120703174520.0Z'], 'usncreated': ['21918'], 'mail': ['bhaskar@druva.com'], Page 9

'samaccountname': ['sbhaskar'], 'objectcategory': ['CN=Person,CN=Schema,CN=Configuration,DC=Scorpius,DC=druva,DC=com'], 'objectguid': ['\xed\x99\x06\x03\x8f\x1e0l\x9f\xf5]\x13%\xd3\xfa\xd0'], 'whenchanged': ['20120709125243.0Z'], 'displayname': ['Sirohi Bhaskar'], 'name': ['Sirohi Bhaskar'], 'memberof': ['CN=Galaxy,OU=LEO,DC=Scorpius,DC=druva,DC=com', 'CN=PF,OU=Pre- Sales,DC=Scorpius,DC=druva,DC=com', 'CN=Administrators,CN=Builtin,DC=Scorpius,DC=druva,DC=com'], 'useraccountcontrol': ['66048'], 'samaccounttype': ['805306368'], 'usnchanged': ['24971'], 'sn': ['Bhaskar'], 'givenname': ['Sirohi']})] 2012-07-13 15:36:15,519 INFO Groupnames are ['Galaxy', 'PF', 'Administrators'] 2012-07-13 15:36:15,519 INFO Could not find group mapping for groupname=galaxy 2012-07-13 15:36:15,519 INFO Could not find group mapping for groupname=pf 2012-07-13 15:36:15,519 INFO Found group mapping for groupname=administrators 2012-07-13 15:36:15,519 INFO Connection established with insync server 2012-07-13 15:36:15,519 INFO Creating sbhaskar.ini file 2012-07-13 15:36:15,519 INFO sbhaskar.ini file created at:c:\insyncad\sbhaskar.ini MSI Installation log: === Logging started: 7/13/2012 15:39:34 === Action start 15:39:34: INSTALL. Action start 15:39:34: SystemFolder.30729.01.Microsoft_VC90_CRT_x86.SP.D8D85FD0_537C_3A3A_9BE C_7A1B426637EC. Action ended 15:39:48: INSTALL. Return value 1. MSI (s) (10:50) [15:39:48:649]: Product: Druva insync 5.0 -- Installation completed successfully. === Logging stopped: 7/13/2012 15:39:48 === Help For more information, visit http://www.druva.com/support/ or send an email to support@druva.com. Page 10

Disclaimer Druva Inc. shall not be liable for errors contained in this document and any damages in connection with this document. Contact Support US: +1-855-349-4410 International: 800-334-30000 India: 1-800-209-3011 Page 11 www.druva.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information