Cloud App Discovery System Center Deployment Guide

Cloud App Discovery System Center Deployment Guide
Introduction
What’s
covered
Instructions, and critical considerations for deploying the Cloud App Discovery agent
in an enterprise environment with Microsoft System Center Configuration Manager
Primary
audience
Microsoft Windows administrators
IT
environment
Microsoft Windows 7 and above, Windows Server 2008 R2, Windows Server 2012,
Microsoft System Center 2012 R2 Configuration Manager
Requirements

Change permissions on the certificate file (tenant.cert) to ‘read-only’
Best Practices

We strongly recommend enabling auto-updates on the agent (this is the default policy setting)
to ensure that your users have the latest features and security fixes.
For more information on auto-updates, see Agent Changelog
Deployment
Approach
Enterprise software deployment requires a phased roll-out to capture and resolve any issues before
deploying the software company wide. We recommend you deploy the Cloud App Discovery agent in a
structured approach.
Prepare your installation package
The Cloud App Discovery agent includes both an executable (.exe) and a certificate file (.cert) bundled in a
zipped folder. Use Microsoft System Center Configuration Manger to package, deliver, and maintain
distributions of the Cloud App Discovery agent.
Microsoft System Center Configuration Manager includes varying levels of logging capabilities.
Depending on your need for this information, it is important to configure it to a point where you can
confirm the success or failure of the installation.
Installation Procedure
Create a Distribution Point
To publish or assign your computer program, you must create a distribution point on the server
1.
Log on to the server computer as Administrator
2.
Create a shared network folder where you will put the Cloud App Discovery agent executable
(.exe file) and certificate (.cert file) that you want to distribute. For this purpose, the executable
and certificate are located in \\serreslab1\testpkg
Important: This share MUST be accessible by your client machine. The client machine will request
the file from this location. Verify the share is working correctly.
3.
Change
a.
b.
c.
permissions on the certificate file (tenant.cert) to ‘read-only’
Right click on the certificate file (tenant.cert) and select Properties
Under the General tab in the Attributes section select ‘Read-only’
Select ‘Apply’
Create a new package in Microsoft System Center Configuration Manager
1.
Launch Microsoft System Center Configuration Manager.
2.
Navigate to Software Library > Application Management > Packages > Create Package
3.
Provide a name for this package > Next
4.
Choose the program type you want to create > Next. For this purpose Standard Program is
selected
5.
Specify a Name and Command Line > Next.
Installation command: cmd.exe/cEndpointAgentSetup.exe/quiet
Note: /quiet will perform a quiet install
6.
7.
Optional – You can specify the requirement for this standard program
Confirm settings > Next
8.
Confirmation > Close
Set Source Folder
1.
Right click on the newly created package > Properties > Data Source tab
2.
Check the “This package contains source files” checkbox
3.
Click Set > and browse to the shared network folder you created > Ok > Apply > Ok
Distribute Package
1.
Right click on the newly created package > Distribute Content
2.
Review selected content > Next
3.
Add Distribution Point
4.
Select distribution points that will host this content > Ok
5.
Confirm settings > Next > Next > Close
Deploy
1.
Right click on the package > Deploy
2.
Specify device collection
3.
Select collection > Ok > Next
4.
5.
6.
Optional – Specify content destination > Next
Optional – Specify settings to control how this software is deployed > Next
Specify the schedule for this deployment > New > Assign immediately after this event > Ok >
Next
7.
Optional – Specify the user experience for installation of this software on the selected devices
8.
9.
> Next
Optional – Specify how to run the content for this program according to the type of boundary
the client is connected to > Next
Deployment successfully complete