Available only in the Windows console.
After you discover or manually add Windows assets to Secure Configuration Manager, you can add a Windows agent to the assets. Secure Configuration Manager provides a deployment feature that enables you to easily install and uninstall Windows agents on remote computers. You can also push service packs and hotfixes to existing Windows agents. Once you install an agent on a remote computer, Secure Configuration Manager automatically adds the agent, its corresponding endpoint, and system to the asset map.
The functionality of the deployment feature varies, depending on where you initiate the wizard. For example, the wizard can include computers found by the Discovered Systems feature. Use the following table to determine where you want to start the Deployment wizard.
|
If you want to... |
Start the deployment process from... |
|---|---|
|
Upgrade, apply a hotfix or service pack to, or uninstall an existing agent |
IT Assets > Agents IT Assets > Managed Systems |
|
Install a new agent on systems already discovered by Secure Configuration Manager |
Discovered Systems |
|
Install a new agent on systems that Secure Configuration Manager does not manage or has not discovered |
Tools menu |
Secure Configuration Manager allows you to designate agents as Deployment Agents, which serve as intermediaries between Core Services and the target computer. The Deployment Agents enable you to deploy to computers in untrusted domains or highly secure networks. The deployment process uses the credentials of the agent service account on the Deployment Agent computer for permission to deploy to the target computers. You can also designate alternate credentials for accessing the target computers. By default, the Windows agent installed on the Core Services computer is a Deployment Agent. You must have a Deployment Agent in each domain. Secure Configuration Manager designates the first registered agent in a domain as the Deployment Agent for that domain. To determine which agents have been assigned as Deployment Agents and their respective domains, run the Deployment Agents administrative report.
You must specify a fully qualified host name for the endpoint that represents the Deployment Agent. Otherwise, Core Services cannot use the agent for deployment. You specify the host name in the endpoint Properties window. To see which agents are Deployment Agents, expand IT Assets > Agents in the navigation pane. You can sort the view using the Is Deployment Agent column in the content pane.
For more information about Deployment Agents and using the deployment feature, see the Secure Configuration Manager Windows Agent Installation and Configuration Guide and the Help. For more information about finding computers to add to the asset map, see Discovering Unmanaged Assets in Your Environment.