The purpose of this article is to show how an agent can be installed on a target machine with no policy using a manual installation script. This can be useful to make sure that the agents are installed on target machines prior to an image being cloned and installed on multiple targets. Agents with pre-existing policies cannot be cloned due to certificate and name resolution issues.
The Agent installer file is the STPlatformupdater.exe and can be found in the following location on your console machine:
C:\ProgramData\LANDesk\Shavlik Protect\Console\DataFiles\ STPlatformupdater.exe
This is a three-step process:
1. Agent Installation: (blank-slate agent install)
Run the STPlatformUpdater.exe on the machine you will create your base image on. When the agent install completes and prompts you to register (either through the cloud or to a console) you can cancel the wizard. You now have the base agent installed. You can clone the image now.
2. Agent Registration: (performed after the machine is created)
The agent must register with the console once each machine has been imaged. This should occur after the machine name changes, the SSID changes, etc. (i.e. the target machine should be a unique machine at this point before proceeding forward). You can run this command (with proper information):
"C:\Program Files (x86)\LANDESK\Shavlik Protect Agent\STAgentManagement.exe" -register -p silent=true -p authType=SharedPassphrase -p passphrase=<yourpassphrase> -p serverURI="https://yourserver:3121" -p policy="yourpolicy"
The breakdown of this command is as follows:
-register: Register the agent
-p: This denotes that a parameter will be specified
silent: Silent install with no user interaction. Can be set to true or false. False if not specified.
authType: The authentication type. Some options are:
- SharedPassphrase - Shared passphrase configured in the console. Recommended due to ease of use and ease of troubleshooting
- CurrentCredential - User credentials for whatever user the installation process is running under. User should be an administrator on the Protect Console.
- Windows - Specific Windows Credentials. Username and password will need to also be provided as separate parameters. No recommended, as the password will be in cleartext in your command.
passphrase: The shared passphrase for passphrase authentication
serverURI: The location of the protect console. Will always be "https://<your console name>:3121"
policy: Name of the agent policy. Any spaces in the policy name should be substituded with hyphens (ex. My Policy becomes My-Policy)
You can verify success by looking at the RegistrationLog.txt on the agent machine. This is what you should see in the log:
Agent Registration Operation Log.
Created DayOfTheWeek, MM DD, YYYY HH:MM:SS
Stopping agent services for configuration changes.
Agent Id is 'StringOfLettersAndNumbers'.
Checking for compatibility with existing software.
The environment is compatible with agent operation.
Registering agent with authentication type SharedPassphrase.
Registering agent with host 'https://consolename:3121'.
Received an immediate registration response. Completing registration now.
Configuration changes complete.
Restarting agent services after configuration changes.
Updating agent proxy configuration.
3. Agent Check-in: (performed after the agent has been registered)
The agent must check-in to complete the agent registration. You can either wait for the scheduled check-in interval or you can kick it off with a command. You can run this command:
"C:\Program Files (x86)\LANDESK\Shavlik Protect Agent\STAgentManagement.exe" -checkin -noconsole
You can get a full list of switches for STAgentManagement.exe by using /? from the command line.
Shavlik Protect 9.x