How do I install Security Manager Agents to remote machines? (NETIQKB2097)

Security Manager installs agents on computers you want to monitor. You can install Windows agents using the Deployment Wizard. You can also install Windows agents, as well as uninstall them, using the Configuration snap-in. The first step in installing remote Agents is to create a Managed Computer Rule.

Security Manager cannot automatically install agents on computers outside a firewall or on a non-Windows platform. For more information about manually installing agents, refer to following knowledge base article:

How do I install and configure an agent manually to communicate with the Consolidator?

https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB10239

Security Manager 4.50 supports deploying agents to Unix computers, see Security Manager Installation Guide for detail information about configuring support for Unix. 

Create Managed Computer rules

1. Launch the Monitor Console or the Development console and expand the Configuration snap-in.
2. Select the Agent Managers node.
3. Double-click the Agent Manager that appears in the right-hand pane of the MMC.
4. At the Managed Computer Rules tab, you should see the Managed Computer Rule specified during installation. Additional Managed Computer Rules can be created by clicking the Add button.
5. Computers which match Managed Computer Rules of the type Include will be made available for agent installation. Computers which match Exclude rules will not be made available for agent installation. 
6. Once your Managed Computer Rules are configured, click Apply and OK. If you want the rules to take effect immediately, click Yes. Otherwise, the rules take effect at the next scheduled Managed Computer scan.

Note:

To install Agents to computers that are not in a member of any domain or that are connecting using RAS, follow the steps provided in the following Knowledge Base article:

• https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB2100:  How can I install Operations Manager and Security Manager Agents to computers not in a domain or connecting through RAS?

Scan for prospective agents

Next, force the Agent Manager to search available computers by right-clicking the Agent Manager node in the left-hand pane and selecting Scan All Managed Computers. The status field for the Agent Manager in the right-hand pane will change periodically. You can see these changes by selecting the Agent Manager in the right-hand pane and pressing F5 to refresh the display.

When the Agent Manager is done scanning, its status will be reported as idle. You should now be able to see all computers available for installation by right-clicking the Pending Installations node in the left-hand panel and selecting Refresh.

Approve Pending Installations

To install an Agent, first right-click its entry in the right-hand panel of the Pending Installations node and select Approve Pending Action. When you have selected all the computers .
to which you wish to install agents, right-click the Pending Installations node and select Process All Approved Actions.

You can monitor the Agent Manager's progress installing agents by clicking on the Agent Managers node, selecting the Agent Manager in the right-hand panel, and then pressing F5 to update its status.

When the Agent Manager is finished, its status will again be reported as idle. At this point, the Agents should have been installed, but the computers on which they reside may need to be rebooted for the Agent to function.

Check installation outcome

To review important data logged by the Agent Manager during the installation of Agents, expand the Monitor| Security Views | Security Manager Self-monitoring | Agent Managers Security views in the Monitor Console. Any important issues logged by the Agent Manager relating to the installation of Agents will be displayed here.

To review any events releated to agent authentication failures or agent initialization process, expand the Monitor| Security Views | Security Manager Self-monitoring | Agent  Security views in the Monitor Console.