You can use the following methods to interactively install agents on computers running a Windows operating system:
Run the setup program to install the agent locally.
For more information about installing the agent locally, see Section 8.2, Installing the Windows Agent Locally.
Use Control Center to deploy agents to remote computers.
For more information about installing Control Center components for deploying agents remotely, see Section 7.0, Installing Control Center Components. For more information about using Control Center to deploy agents remotely, see the Control Center User Guide for AppManager, available on the AppManager Documentation page.
When you run the setup program to install agents on Windows computers, you install a package that consists of the following components:
NetIQ AppManager Client Resource Monitor (NetIQmc) Windows service
NetIQ AppManager Client Communication Manager (NetIQccm) Windows service
Local repository for storing data and events
AppManager for Microsoft Windows module
When you use Control Center to deploy agents to remote computers, the AppManager for Microsoft Windows module is not automatically deployed. You must also deploy the module to the computers where you deploy the agent.
After you install the agent, NetIQ Corporation recommends installing at least one module for an application you plan to monitor with the agent. For more information about installing modules, see Section 8.4, Installing Modules.
You can install the Windows agent on Microsoft Cluster Service (MSCS). For more information about installing the agent on MSCS, see Section D.0, Installing on Microsoft Cluster Service.
If you install the agent on a Microsoft Windows Server 2003 computer, do not use the Network Service account as the agent services account.
If you install the agent on a Microsoft Windows Server 2003 Service Pack 1 computer with Windows Firewall enabled, some TCP ports that enable communication between AppManager components might be closed. If so, manually open the ports to enable communication. For more information about the default ports AppManager components use and additional ports the Deployment Service requires to perform deployment tasks across a firewall, see Section 2.6, Reviewing AppManager Port Usage. Depending on your firewall requirements and management site configuration, your organization might use different ports.
If you plan to install ResponseTime modules, those modules have separate port requirements. For more information about port requirements for ResponseTime modules, see the appropriate module management guide.
The setup program places the files it uses for agent installation in a Temp directory. To avoid a failed installation, ensure the Temp directory is on a drive with sufficient space for the installation. The Temp directory the setup program uses depends on the installation method you choose:
If you run the setup program to install agents, the system TEMP environment variable on the local computer defines the TEMP directory.
If you perform a silent or remote installation to install agents, the user TEMP environment variable on the target computer defines the TEMP directory.
When you enable the agent reporting capability, report Knowledge Scripts collect monitoring data and generate reports. AppManager typically stores reports in the \Program Files\NetIQ\Common\Report folder.
Report agents can query QDBs, NetIQ Analysis Center repositories, or Microsoft Active Directory. For QDBs, the AppManager Layout engine, which the setup program installs when you select the reporting option, uses Microsoft ActiveX Data Objects (ADO) to connect to QDBs and execute SQL stored procedures to gather report data.
If you choose to enable the agent reporting capability, the agent services must run under a Windows user account. Enabling the reporting capability might result in a restart of Internet Information Services (IIS).
To optimize system resources for generating large reports, NetIQ Corporation recommends the following practices:
Do not enable the reporting capability for the agent on the management server computer.
Only enable one or two agents to generate reports. Install each report-enabled agent on a dedicated report server without any other core AppManager components installed.
If you want a report agent to query Active Directory, meet the following requirements:
Install the report agent on a computer that is a member server of the domain.
Install the QDB for the report agent on a member server of the same domain or a trusted domain.
Ensure the NetIQ AppManager Client Resource Monitor (NetIQmc) service runs under a Windows user account that meets the following requirements:
The account must have at least the Read Only User role for the QDB.
For more information about assigning AppManager roles, see the Administrator Guide for AppManager, available on the AppManager Documentation page.
The account must be an administrator on the report agent computer and a domain user.
For more information about using the standard reports AppManager provides, see the Control Center User Guide for AppManager, available on the AppManager Documentation page.
For more complex reporting, NetIQ Analysis Center extends AppManager reporting capabilities to provide more sophisticated data access and specialized report scripts. For more information about Analysis Center, see the User Guide for NetIQ Analysis Center, available on the Analysis Center Documentation page.
When you select a security level during agent installation, select the same security level you selected when you installed the QDB to which the agent will report. For more information about the options for securing communications between agents and management servers, see Section 6.1.2, Understanding QDB Security Options.
During agent installation, you have the option to enable MAPI mail to allow the agent to automatically send email messages in response to certain events as part of a Knowledge Script job. For example, you can configure the Action_MapiMail Knowledge Script to send email notifications to specific users when AppManager raises an event with a minimum severity level. For more information about the Action_MapiMail Knowledge Script, see the AppManager Knowledge Script Reference Guide, available on the AppManager Documentation page.
If you want to enable MAPI mail during agent installation, complete the following actions before the installation:
Install an Exchange client (for example, Microsoft Outlook) on the agent computer.
Set up a Windows user account for the AppManager agent services to use.
For more information about Windows user account requirements for the agent services, see Section 2.3, Reviewing Required Accounts and Permissions.
Both agent services must use the same account. When you specify the account information during agent installation, it automatically applies to both services. If you change the account after installation, change it for both services.
Set up an Exchange mailbox for the agent services account.
During agent installation, provide the Exchange Server, Exchange client profile, and mailbox alias names.
Because Microsoft has tightened security in the most recent versions of Outlook, the NetiqMAPImail helper script only works with Outlook 2000 or Outlook 2003 with Service Pack 1. That service pack is required. This action does not run on Outlook 2003 without service packs or on Outlook 2003 with Service Pack 2.
The agent services can run using either the Windows local system account or a Windows user account. In some situations, you must specify a Windows user account with the right to log on as a service. For more information about the account requirements, see Section 2.3, Reviewing Required Accounts and Permissions.
To enable AppManager to automatically discover the computer on which you install the agent and run the Discovery_AMHealth Knowledge Script to prepare AppManager components for health monitoring in Control Center, install a management server and designate a primary management server for the agent. If you install the agent and the management server on the same computer, the primary management server must be the local management server.
To provide failover support, NetIQ Corporation recommends designating a primary and secondary management server for each agent. For more information about designating primary and secondary management servers, see the Administrator Guide for AppManager, available on the AppManager Documentation page.
Once you successfully install the agent services and the AppManager for Microsoft Windows module, the setup program automatically discovers the agent and runs the Discovery_AMHealth Knowledge Script.
If the agent cannot communicate with either the primary or secondary management server, the setup program cannot automatically discover the agent and run the Discovery_AMHealth Knowledge Script. If automatic discovery fails, use the Control Center console to run the appropriate operating system Discovery Knowledge Script to discover the agent. After successful discovery, run the AMAdmin_SetPrimaryMS Knowledge Script to designate the primary and secondary management servers. After you designate the management servers, run the Discovery_AMHealth Knowledge Script. For more information about running the Knowledge Scripts, see the AppManager Knowledge Script Reference Guide, available on the AppManager Documentation page.
For more information about using Control Center to monitor the health of your AppManager components, see the Control Center User Guide for AppManager, available on the AppManager Documentation page.
If you install the agent on a computer running Microsoft Windows XP Service Pack 2 or Microsoft Windows Server 2003 Service Pack 2 with Windows Firewall enabled, configure the agent computer for discovery over Windows Firewall after installation. You cannot manually add the agent computer to Control Center.
To configure the agent computer for discovery over Windows Firewall:
In Windows Firewall, enable the ICMP protocol.
Manually open the relevant TCP ports to enable communication between AppManager components.
For more information about the default ports components use, see Section 2.6, Reviewing AppManager Port Usage.
After you change the ICMP and TCP port settings in Windows Firewall, you should be able to successfully add the agent computer to Control Center. For more information about adding computers to Control Center, see the Control Center User Guide for AppManager, available on the AppManager Documentation page.