Cloud App Discovery System Center Deployment Guide
Transcription
Cloud App Discovery System Center Deployment Guide
Cloud App Discovery System Center Deployment Guide Introduction What’s covered Instructions, and critical considerations for deploying the Cloud App Discovery agent in an enterprise environment with Microsoft System Center Configuration Manager Primary audience Microsoft Windows administrators IT environment Microsoft Windows 7 and above, Windows Server 2008 R2, Windows Server 2012, Microsoft System Center 2012 R2 Configuration Manager Requirements Change permissions on the certificate file (tenant.cert) to ‘read-only’ Best Practices We strongly recommend enabling auto-updates on the agent (this is the default policy setting) to ensure that your users have the latest features and security fixes. For more information on auto-updates, see Agent Changelog Deployment Approach Enterprise software deployment requires a phased roll-out to capture and resolve any issues before deploying the software company wide. We recommend you deploy the Cloud App Discovery agent in a structured approach. Prepare your installation package The Cloud App Discovery agent includes both an executable (.exe) and a certificate file (.cert) bundled in a zipped folder. Use Microsoft System Center Configuration Manger to package, deliver, and maintain distributions of the Cloud App Discovery agent. Microsoft System Center Configuration Manager includes varying levels of logging capabilities. Depending on your need for this information, it is important to configure it to a point where you can confirm the success or failure of the installation. Installation Procedure Create a Distribution Point To publish or assign your computer program, you must create a distribution point on the server 1. Log on to the server computer as Administrator 2. Create a shared network folder where you will put the Cloud App Discovery agent executable (.exe file) and certificate (.cert file) that you want to distribute. For this purpose, the executable and certificate are located in \\serreslab1\testpkg Important: This share MUST be accessible by your client machine. The client machine will request the file from this location. Verify the share is working correctly. 3. Change a. b. c. permissions on the certificate file (tenant.cert) to ‘read-only’ Right click on the certificate file (tenant.cert) and select Properties Under the General tab in the Attributes section select ‘Read-only’ Select ‘Apply’ Create a new package in Microsoft System Center Configuration Manager 1. Launch Microsoft System Center Configuration Manager. 2. Navigate to Software Library > Application Management > Packages > Create Package 3. Provide a name for this package > Next 4. Choose the program type you want to create > Next. For this purpose Standard Program is selected 5. Specify a Name and Command Line > Next. Installation command: cmd.exe/cEndpointAgentSetup.exe/quiet Note: /quiet will perform a quiet install 6. 7. Optional – You can specify the requirement for this standard program Confirm settings > Next 8. Confirmation > Close Set Source Folder 1. Right click on the newly created package > Properties > Data Source tab 2. Check the “This package contains source files” checkbox 3. Click Set > and browse to the shared network folder you created > Ok > Apply > Ok Distribute Package 1. Right click on the newly created package > Distribute Content 2. Review selected content > Next 3. Add Distribution Point 4. Select distribution points that will host this content > Ok 5. Confirm settings > Next > Next > Close Deploy 1. Right click on the package > Deploy 2. Specify device collection 3. Select collection > Ok > Next 4. 5. 6. Optional – Specify content destination > Next Optional – Specify settings to control how this software is deployed > Next Specify the schedule for this deployment > New > Assign immediately after this event > Ok > Next 7. Optional – Specify the user experience for installation of this software on the selected devices 8. 9. > Next Optional – Specify how to run the content for this program according to the type of boundary the client is connected to > Next Deployment successfully complete