You can install Windows agents in the following ways:
Remotely install agents using the Agent Manager. For more information, see Remote Installation.
Manually install the agent on a local computer. For more information, see Manual Installation.
NOTE:Agent Manager and the Windows agents will be in FIPS mode by default.
For information about requirements and recommendations for computers where you plan to install the agent, see the Technical Information page.
Remote installation using the Agent Manager provides a convenient and uniform method for installing one or more Windows agents.
To remotely install agents, you must first add the assets (computers) where you want to install agents. You can import assets from Active Directory or a text file, or manually add assets. After you add assets, select the assets to which you want to deploy and install the agents.
To add assets to Agent Manager:
From Change Guardian main click, Integration > Agent Manager.
Do one of the following:
(Conditional) If you have previously added assets, in Agent Manager, under Asset Groups, click All Assets and then click Add Assets.
(Conditional) If no assets are added previously, in Agent Manager, click All Assets, then Manage Assets, and then Add.
(Conditional) If you want to import assets from Active Directory, complete the following:
Click Active Directory.
Provide the domain name or IP address of the Active Directory server and credentials for connecting to the server, and then click Authenticate.
Navigate the Active Directory tree to locate the assets you want to add, select the assets, and then click Add Assets.
(Conditional) If you want to import assets from a text file, complete the following:
Create a text file with a header line containing the columns Hostname, MajorType, and Addresses. Use a tab to separate the columns. In the Hostname column, type the fully-qualified domain names of the computers where you want to deploy agents. Optionally, you can specify the IP addresses in the Addresses column. In the MajorType column, specify whether the operating system is UNIX or Windows. For example:
|
Hostname |
MajorType |
Addresses |
|---|---|---|
|
houidam101.us.netiq.corp |
Windows |
|
|
houidam102.us.netiq.corp |
Windows |
10.204.102.5 |
In the Agent Manager, click Hosts List.
Click Browse, navigate to the location where you saved the text file, and then click Open.
(Conditional) If you want to manually add an asset, do the following:
Click Host.
Specify the host name or IP address of the computer. To specify multiple IP addresses, use a comma to separate the addresses.
Select the appropriate operating system type, Windows or Linux/UNIX from the drop-down list.
Click Add Assets.
You can now select the assets where you want to deploy agents and install the agents.
To install Windows Agent using Agent Manager:
From Change Guardian main, click Integration > Agent Manager.
From the assets list, select the computers where you want to deploy the agent. If you select multiple computers, they must all use the same credentials.
For more information, see To add assets to Agent Manager:
Click Manage Installation, and then select Install.
In case of a newly added asset, log in as root, to the computer that you want to connect to and click Next.
NOTE:You must be an administrator to deploy agents.
Perform the following steps:
For the agent version, select Windows Agent Agent Version, where Agent Version is the version of the agent you want to deploy.
For the agent configuration, you can choose the default configuration. If you want to modify the default configuration, use the Edit option to customize the default configuration.
Otherwise, if required, you can add a new configuration using the Add option.
Click Start Installation
Agent Manager initiates the action that you selected. Use the In progress Tasks, Completed Tasks, and Failed Tasks tabs to monitor the progress.
NOTE:When you use the Agent Manager to install Windows agent, Agent Manager communicates with the agent via the Agent Management service.
With Change Guardian 5.0 and later, two communication profiles, legacy (profile_iqc) and the newer enhanced (profile_javos) are available. In case of the enhanced communication profile, you need to download and use host specific certificates for each agent host along with agent artifacts to complete the manual installation.
For reference, the communication profile that Change Guardian uses is determined as indicated in the table below:
Table 5-1 Change Guardian Profile Types
|
Profile Type |
Description |
|---|---|
|
profile_iqc (legacy) |
The Change Guardian server upgrade path includes version 4.2.1 or earlier, but the communication profile is not explicitly switched to profile_javos. |
|
profile_javos (enhanced) |
The Change Guardian server is a clean install of version 5.0 and later or the profile is explicitly switched to profile_javos in case of an upgrade to version 5.0 and later. |
For more information, see Secure Communication Profile
You must use CG AM to download and install agent artifacts and certificates on one or more hosts.
NOTE:You can use agent artifacts and certificates only for the server specified and one at a time.
To Download Agent Certificates and Artifacts:
In a web browser, access the Change Guardian web console at https://server:8443, where server is the IP address of the Change Guardian server.
When prompted, provide your Change Guardian user name and password.
Click Integration > Agent Manager.
Click All Assets > Manage Installation > Download.
Select the Agent certificates and artifacts package.
Specify the hostname and the IP address, and then click Start Download.
Copy and extract ChangeGuardianAgentCertificates.zip file to the agent artifact directory, before installing the agents.
To Manually Install Windows Agents:
From Change Guardian main click, Integration > Agent Manager.
Click All Assets, and then click Manage Installation and select Download.
Download the agent artifacts and certificates. See Agent Certificates and Artifacts for the procedure.
Select the package you want to download and the configuration you want to use, and then click Start Download.
Agent Manager downloads ChangeGuardianAgentforWindows.zip to your computer.
Copy ChangeGuardianAgentforWindows.zip to the computer where you want to install the Windows agent and extract the files.
Agent artifacts include: NetIQCGAgentSilentInstaller.exe and NetIQCGAgentSilentInstaller.config. The configuration file contains the configuration you chose when you downloaded agent artifacts.
NOTE:Both agent artifacts and certificates should be in the same directory to successfully complete the installation.
Change directory to the location where you extracted the files, right-click NetIQCGAgentSilentInstaller.exe file and select Run as administrator option.