The deployment feature in the Windows console for Secure Configuration Manager enables you to install or update the Windows agent on selected remote computers. Upon successful deployment, Secure Configuration Manager populates the asset map with those agents and their associated systems and endpoints. For more information about assets and the asset map, see the User’s Guide for Secure Configuration Manager.
Installing or updating agents on remote computers requires permissions, such as Local Administrator permissions, on the target computer. For efficient delivery, you can use the credentials of the Windows agent service running on the Deployment Agent computer. Alternatively, you can specify a separate set of credentials that the Deployment Agent uses to access the target computers.
Use the deployment feature to install a new Windows agent on a remote computer. For more information about deploying Windows agents, see the Help.
To install agents on remote computers:
Download or copy the .nap file for the latest Windows agent release to the local computer that hosts the Windows console for Secure Configuration Manager. For more information about the .nap file, see Identifying Agent Packages for Deployment.
(Conditional) If you are using a firewall, ensure that the settings meet the requirements for communication. For more information, see Understanding Firewall Requirements and Deployment Requirements.
Ensure that the required services are running on the Deployment Agent and target computers. For more information, see Deployment Requirements.
Ensure that no other users are running the Deployment wizard in a Windows console for Secure Configuration Manager.
Log in to the Windows console with an account that has the required permissions. For more information about console and remote computer permissions, see Permissions Requirements and Deployment Requirements.
Click Discovered Systems.
In the Discovered Systems content pane, select the systems on which you want to install the Windows agent.
Right-click a selected system, and then click Deploy.
(Optional) To add computers that do not appear in the Discovered Systems pane, complete the following steps:
On the Computers window of the Deployment wizard, click Add.
In the Add Computers window, click Manually Add a Computer.
Select New System.
Specify the domain and computer names.
(Optional) Specify the other settings in the Properties window.
Follow the instructions in the wizard until you finish installing the agents on the target computers.
Start the following Windows services on the target computers:
DHCP Client
Workstation
(Optional) Windows Update or Automatic Updates service, depending on the operating system
Use the deployment feature to upgrade existing Windows agents to the latest release. You can also push hotfixes and service packs to the agents in your asset map.
The deployment process uses the credentials for the agent service account that you specified when you installed the Windows agent. You cannot modify these credentials while deploying an update because the agent service is running on the target computer.
As a best practice, consider updating all Deployment Agents first, before delivering the update to other agents. Updating the Deployment Agents ensures that the agents have any new information that might be required to communicate with Core Services or remote computers. You can update Deployment Agents locally or use the deployment feature in the Windows console for Secure Configuration Manager.
To deploy updates to registered agents:
Download or copy the .nap file for the latest Windows agent update to the local Windows console computer. For more information about the .nap file, see Identifying Agent Packages for Deployment.
(Conditional) If you are using a firewall, ensure that the settings meet the requirements for communication. For more information, see Understanding Firewall Requirements and Deployment Requirements.
Ensure that the required services are running on the Deployment Agent and target computers. For more information, see Deployment Requirements.
Ensure that no other users are running the Deployment wizard in a Windows console for Secure Configuration Manager.
Log in to the Windows console with an account that has the required permissions. For more information about console and remote computer permissions, see Permissions Requirements and Deployment Requirements.
Expand IT Assets > Agents > OS > Windows.
In the content pane, select the agents that you want to update.
Right-click a selected agent, and then click Deploy or Update.
(Conditional) To update a Deployment Agent, complete the following steps:
In the Computers window, select the target agents, and then click Edit Settings.
For Deployment Method, specify Use the Existing Agent.
Click OK.
Follow the instructions in the wizard until you finish updating the agents on the target computers.