Action1 5 Documentation 5 Endpoint Discovery (Recommended)

Endpoint Discovery (Recommended)

Endpoint Discovery enables you to automatically detect networked endpoints and keep their agents up-to-date. Discover workstations and servers that reside in an Active Directory domain, an organizational unit (OU), or a workgroup.

 

Step 1. Installing the Action1 Connector

  1. Go to the Endpoint Discovery page in the Configuration section and select Install Connector.
  2. On the Download step, download the installation package. The installer name is unique and indicates your Action1 account and the organization. The Connector supports both 32- and 64-bit systems. Once the download is complete, right-click the Connector and run it as administrator.
Run as administartor
  1. Provide administrator credentials. They will be used to automatically deploy Action1 agents on your endpoints. We suggest you create a dedicated account for Action1 Connector service.
    • The account must be granted Logon as a service right (on the local computer). The installer will attempt to grant this right to the specified account.
    • The account must be a member of the local Administrators group on all of your managed endpoints. You can add a dedicated domain account to local Administrators groups via Group Policy. Note that the account itself does not require any domain administrative rights to Active Directory, only local permissions are needed.
    • In case you plan on discovering endpoints that reside in a workgroup, make sure all workgroup computers leverage the same local user with the same password. The Connector must be set up under these credentials in order to access workgroup computers.

How to add the Action1 Connector service account to local Administrators via Group Policy?

  1. On a domain controller, start Active Directory Users and Computers and navigate to your domain / Users.
  2. Create a new user for the Action1 Connector service, e.g.,  “Action1Connector”.
  3. Create a domain global security group, e.g.,  “Action1LocalAdmins” and make Action1Connector a member of this group.
  4. Start the Group Policy Management Console (GPMC).
  5. Locate an effective domain policy (most likely Default Domain Policy) or create a new Group Policy object that applies to the entire domain or just the needed OUs with your managed endpoints.
  6. Right-click a policy and select Edit.
  7. Navigate to Computer Configuration / Policies / Windows Settings / Security Settings / Restricted Group.
  8. Right-click an empty space and select Add Group. Specify the name of the group dedicated to Action1 Connector (Action1LocalAdmins). 
  9. Configure settings. In the Members of this group section, click Add and select the account you’ve created (Action1Connector). In the This group is a member of section, click Add and select Administrators.
  10. To apply these changes, run `gpupdate /force` in the command prompt.
Installing connector

Why does Action1 Connector require these settings?

IMPORTANT: Membership in local Administrators is required to copy the agent executable file to \\machinename\admin$\Action1 folder and configure a Windows service called Action1 Endpoint Agent on all managed endpoints. The Action1 Connector WILL NOT send these credentials to Action1 Cloud or anywhere else outside of the Connector installation. The only location where they will be stored is the local Service Control Manager (SCM) database maintained by the Windows operating system in the encrypted format and accessible only by the OS itself.

Action1 Connector installs itself into %ProgramFiles%\Action1\Connector or %ProgramFiles(x86)%\Action1\Connector depending on the type of the system. After the installation, the Connector will securely connect to Action1 Cloud using embedded information about your organization that includes an authentication certificate for mutual authentication and a private encryption key, specific to your organization.

4. Check that Action1 Connector has been successfully installed and connected to Action1 Cloud.

 

Step 2. Configuring Endpoint Discovery

Return to the Endpoint Discovery page to finish the configuration process and start using Action1.

  • Discover all endpoints in the domain or OU—to do it, specify one or several domains or organizational units, separated by commas (e.g., widgets.local, organization.com/Servers). You’ll have an option to exclude domain controllers or all machines running Windows Server OS.
  • Discover and connect to Action1 specific computers from the list. Note that you can discover endpoints that reside in a workgroup too. Provide computer names, separated by commas.
  • Additionally, exclude endpoints that shouldn’t be connected to Action1 Cloud.

How it works? Once you specify the scope of deployment (such as an Active Directory domain or list of computers), Connector will automatically reach out to each managed computer, copy the Action1 agent executable into \\computername\admin$\Action1 folder (which maps to %WinDir%\Action1 locally), and then create and start the Action1 Endpoint Agent service. Bypassing the Connector, the Action1 agents will connect to Action1 Cloud and discovered devices will appear in the Endpoints list.

Configuring EndPoint Discovery

If you manage multiple organizations, you should install Connectors for each organization and configure discovery settings individually. 

The Endpoints dashboard

NOTE: To disconnect an endpoint from Action1 Cloud, on the Endpoints page select an option to uninstall the Action1 agent and then add this endpoint to the excluded list on the Endpoint Discovery page. Otherwise, the Connector will try reinstalling the agent you’ve removed.