You want to deploy the Security Agent (SA) in multiple workstations on a certain domain using the GPO feature.
Step 1: Create an MSI package
- On the Security Server, go to ..\PCCSRV\Admin\Utility\ClientPackager.
- Double-click ClnPack.exe and the Client Packager console opens. You must run the program from the Security Server only.
- Select the type of package you want to create.
Package Type Description Setup Select Setup to create the package as an MSI file. The package installs the SA program with the components currently available in the Security Server.
If the target has an earlier SA version installed and you want to upgrade, create the MSI from the Security Server that manages the agent. Otherwise, the agent will not be upgraded.
Update Select Update to create a package that contains the components currently available on the Security Server. The package will be created as an executable file. Use this package if there are issues updating components on the client where the SA is installed.
- On the Windows operating system type dropdown, select the operating system of the target clients. Take note of the architecture whether it is x86 or x64 bit.
- Select the Scan Method.
- Conventional Scan: A local scan engine on the client scans the client computer. Conventional Scan uses the traditional virus pattern file.
- Smart Scan: A Scan Server helps scan the client. A Scan Server is automatically installed with the Security Server. You can choose the scan method on the Security Settings screen. Scan modes use different pattern files.
- Under the Options section, choose an installation method:
- Silent Mode: Creates a package that installs on the client in the background, unnoticeable to the user. The installation status window will not appear.
- Disable Prescan (only for fresh-install): Disables the normal file scanning that WFBS performs before starting the setup. Do this if you are certain that the client is threat-free.
If prescan is enabled, the setup scans for virus/malware in the most vulnerable areas of the computer that includes the following:
- Boot area and boot directory (for boot viruses)
- Windows folder
- Program files folder
- In the Source file field, ensure that the location of the ofcscan.ini file is correct. To modify the path, click (…) to browse for the ofcscan.ini file. By default, this file is located in the ..\PCCSRV folder of the Security Server.
- In the Output file field, click (…) to specify the filename and the location to create the package.
- Click Create.
The message "Package created successfully" appears after the package is created. Verify that the package is in the directory that you specified in Step 8.
Step 2: Install the software using the Active Directory's group policy
- Go to the Group Policy management console.
- Look for the package that you created and share the folder with the following settings:
Permission Level: Reader
- Create a new GPO.
An example of a Group Policy name is "Security Agent Installer".
- Right-click the GPO that you created and click Edit.
- Go to User Configuration > Policies > Software Settings.
- Right-click Software Installation and select New > Package.
- On File Name field, find the shared folder where the client packager is.
For example: \\<ServerName>\Programs\<Shared.
- Double-click the client packager MSI file and under Deploy Software: Select Deployment Method, choose Advanced.
- On the Advanced screen, click Deployment. Make sure that the Deployment type is "Assigned".
- Under Deployment Options, tick the Install this application at logon option.
- Click OK. If you see an error message, just click OK.
- Right-click Domain and click Link an Existing GPO.
- Select the GPO that you created in Step 3.
- Under Security Filtering, remove "Authenticated Users".
- Click Add to add a group. This could be a group for the Sales Department, Audit Department, etc.
- Peform a "GPUPDATE" on a machine that is under the organizational unit (OU). Open a command prompt and type the command "gpupdate /force /boot /logoff".
This will launch the SA installation during login.
To set Group Policy Object (GPO), refer to Migrating Worry-Free Business Security (WFBS) agent to Worry-Free Business Security Services (WFBS-SVC) Agent using Windows Group Policy Object (GPO) article.
To download the Agent installer, refer to Downloading the Agent installer of Worry-Free Business Security Services (WFBS-SVC) article.