Action1 5 Documentation 5 Installation with Group Policy

Installation with Group Policy

 

With the help of Group Policy, you can install the Action1 agents on multiple computers and servers at once. Agents are distributed to the endpoints without your direct supervision. The Group Policy installation is effective if your workstations and servers reside in the corporate domain.

    To distribute Action1 agents via GPO startup script

    1. Start the Group Policy Management Console and drill down to your domain.

    2. Right-click it and select Create a GPO in this domain, and Link it here.

    3. Provide a name for a new domain policy, e.g., Action1 agent installation.

    4. In the policy settings, proceed to the Delegation tab. Select Add at the bottom of the screen.

    5. In the Select User, Computer, or Group window, set the Object Types to “Computer”. Enter the computer name and select Check Names to look up for it. Set new group’s permissions to “Edit settings, delete, modify security”.

    Note: Add all the computers where you want to install the Action1 agent.

    New Group Policy - the Delegation tab

    6. Select the new group and specify Advanced. In the dialog that opens, select the computer group and update permissions: set Apply group policy to “Allow”.

    Group Policy - Advanced permissions for a computer

    7. Right-click the newly created policy and select Edit and proceed to Computer Configuration / Policies / Windows Settings / Scripts (Startup/Shutdown) / Startup.

    8. Double-click the Startup label and select Add to upload the following CMD script:

    Note: Copy the script below and replace AGENT_DOWNLOAD_URL with your unique agent download link that you can find on the Install Agent page.

    Action1 Agent Installation Script
    @echo off
    
    set url=AGENT_DOWNLOAD_URL
    
    rem ** Replace AGENT_DOWNLOAD_URL above with your agent URL
    rem ** Copy URL from https://app.www.action1.com/console/endpoints/add/step-1
    rem ** Example:
    rem **       set url=https://app.www.action1.com/agent/12345678-1234-1234-1234-1234567890abc/Windows/agent(My_Organization).msi
    
    rem ***** DO NOT MODIFY THE REST OF THE SCRIPT ****************
    
    set msi=%TEMP%\action1_agent.msi
    if exist %WINDIR%\Action1\action1_agent.exe GOTO AlreadyInstalled
    if exist %msi% del %msi% 
    
    if exist %WINDIR%\System32\curl.exe goto Curl
    powershell.exe -Command "$ProgressPreference = 'SilentlyContinue'; Invoke-WebRequest -Uri '%url%' -OutFile $env:TEMP\action1_agent.msi | Out-Null"
    if ERRORLEVEL 1 GOTO DownloadError
    goto Install
    
    :Curl
    curl.exe -s -f -o %msi% "%url%"
    if ERRORLEVEL 1 GOTO DownloadError
    
    :Install
    msiexec /i %msi% /quiet /qn /norestart /l*v %msi%.log
    if ERRORLEVEL 1 GOTO InstallError
    del %msi%
    del %msi%.log
    echo Successfully installed Action1 agent
    exit 0
    
    :AlreadyInstalled
    echo Action1 agent is already installed
    exit 0
    
    :DownloadError
    echo Download error: %ERRORLEVEL%
    exit %ERRORLEVEL%
    
    :InstallError
    echo Install error: %ERRORLEVEL%. See %msi%.log for details.
    exit %ERRORLEVEL%
    Adding a startup script

    Notes:

    There is no need to run gpupdate /force after applying the policy. The startup script will install the Action1 agent with the next computer reboot.