Agents can be installed via multiple methods, as follows:
Console Installation - Push Method
Agents can be installed from the console, in which case all the configuration prerequisites are the same as those for an agentless patch deployment See Patch Scanning Prerequisites This includes enabling the remote registry service on the target machine and verifying that the proper TCP ports are open. During the install process, the agent machine will need to successfully resolve the console via DNS and connect to the console via TCP 3121 in order to obtain the assigned policy. An agent policy must be created and configured prior to installation.
Push Method Steps
- Create a new machine group.
- Add the agent machine to the machine group using a machine name, domain name, or IP address. You cannot use the Install / Reinstall Agent button to install agents on machines that were added as organizational units, nested groups, or IP address ranges by IP address.
- Specify the necessary, machine specific credentials.
- Select the machine, then select 'Install/Reinstall Agent'.
You can also select a previously scanned machine from the Machine View and select Install/Reinstall with Policy
Agents can be installed from the target machine, in which case the agent machine will need to successfully resolve the console via DNS and connect via TCP 3121. Additionally, valid credentials for the console machine will need to be supplied, or a passphrase will need to be supplied. In the case of a passphrase being used, the passphrase will need to have been set on the console machine via the 'Agents' tab of the 'Tools>Options' menu. An agent policy must be created and configured on the console prior to installation. The preferred method of installation is as follows:
- Ensure that the console's datafiles have been updated successfully.
- Copy the 'STPlatformUpdater.exe' file from the console machine to the agent machine. This file is located in the following folder :
- C:\ProgramData\LANDesk\Shavlik Protect\Console\DataFiles
- Login to the agent machine using credentials with administrator level privileges on the local machine.
- Launch the installer.
If the IP address is used to specify the console URL, it will be necessary to create an Alias for this same IP address on the console machine.
Agents can be installed using a script. This method of installation is very similar to a manual installation, with the exception that the target machine will run the installation using the 'Local System' account, and that the necessary installation options must be specified as command line switches. See the administration guide for further details outlining the necessary syntax.
Once the agent has been installed, the installer files for the necessary components will be downloaded and executed. The components installed will depend upon the configuration of the agent policy (i.e. if Active Protection is enabled, or a threat task is defined, the agent will download and install the threat engine component). The installer files, as well as all other necessary patch and data files, will be downloaded from the source as specified in the agent policy. If the agent is unable to obtain these files from the specified source, the agent will fail to perform as expected.
The installation log files can be located in any of the following locations, depending upon installation method:
The log files will be named as follows:
Once the agent has been successfully installed, further log files (including installation log files from component installations) can be located in the agent data files (within the '...\Logs' subdirectory).
Agent quick start guides can be found here:
Patch for Windows Server 9.3 - https://help.ivanti.com/sh/help/en_US/PWS/93/qsg-pws-9-3-agent.pdf