For troubleshooting information about Change Guardian Agent for Windows, see Issues on Change Guardian Agent for Windows.
NOTE:To Enable the Hostname Lookup for Active Directory Logon and Logoff events, make the following changes for both remote and manual:
Modify the Windows configuration and change the Disable Change Guardian Hostname Lookup for Windows Agent value for Windows Agent as No in the Edit Agent Configuration window. By default, the value is Yes.
Select the modified configuration to apply/download the latest version of Change Guardian Agent for Windows.
This is applicable for both remote and manual installation.
You can install Change Guardian Agent for Windows in one of the following ways:
Install agents remotely by using Manage Agents dashboard
Install agents manually on a local computer
Install windows agent with PowerShell when SMB disabled.
NOTE:By default, Manage Agents dashboard and the Change Guardian Agent for Windows are in FIPS mode.
Remote installation using the Manage Agents dashboard provides a convenient and uniform method for installing one or more Change Guardian Agent for Windows. When you use the dashboard to install, Change Guardian communicates with the agent through the Agent Management service.
Prerequisite: Using the Manage Agents dashboard, you must first add the assets where you want to install agents. You can either import the agent from Active Directory or from a text file, or add manually. For more information, see Agents.
To install Change Guardian Agent for Windows using Manage Agents dashboard:
In the web console, navigate to CONFIGURATIONS > Agents > Manage Agents.
Select the agent and click Manage Installation > Install Agents.
For newly added assets, specify the root credentials and click Next.
NOTE:Log in to the newly added asset as an administrator to the deploy agent. The account must be a local administrator or a domain account in the Local Administrators group.
Under the Install Agents option, select the available version of the agent. You can choose to add a new agent configuration or retain the default configuration. You can also edit or delete the existing agent configuration.
Click Start Installation.
Manual installation includes installing the agent certificates and artifacts, along with the agent.
Use Manage Agents dashboard to download and install agent artifacts and certificates on one or more hosts.
NOTE:You must install agent artifacts and certificates for each host separately.
To download:
In the web console, navigate to CONFIGURATIONS > Agents > Manage Agents.
Select all agents and click Manage Installation > Download Package.
Select the Agent certificates and artifacts package.
Specify the hostname and the IP address, and then click Start Download.
Copy and extract the ChangeGuardianAgentCertificates_<hostname>.zip file to the agent artifact directory, before installing the agents.
To install:
In the web console, navigate to CONFIGURATIONS > Agents > Manage Agents. Download the available version of Change Guardian Agent for Windows.
Copy ChangeGuardianAgentforWindows.zip to the computer where you want to install the Change Guardian Agent for Windows and extract the files.
Agent artifacts include: NetIQCGAgentSilentInstaller.exe and NetIQCGAgentSilentInstaller.config. The configuration file contains the configuration you chose when you downloaded agent artifacts.
NOTE:Both agent artifacts and certificates should be in the same directory to successfully complete the installation.
Run the NetIQCGAgentSilentInstaller.exe file as an administrator.
You can install the Windows agent on a system with the SMB protocol disabled. This method bypasses AMS and deploys the agent using a PowerShell script.
NOTE:The PowerShell script is included in the Change Guardian Server tar file. To access the script, extract the installer and locate the ps1 file.
SSH into the Change Guardian server.
Navigate to the directory:
/opt/netiq/ams/ams/repository/30d42d81-xxxx-xxxx-b1b7-ebc891600fa2/
NOTE:Fetch the correct GUID corresponding to the release, and update the package guide in the WindowsAgentDeployment.ps1 script file at line 39.
Modify the package.json File.
Open the package.json file.
Add the MSI installer file name (NetIQChangeGuardianAgent.msi) to the files list.
Update the JSON file as shown below.
Before
"manualDownload" : {
"filename" : "ChangeGuardianAgentForWindows.zip",
"files" : ["NetIQCGAgentSilentInstaller.exe",
"NetIQCGAgentSilentInstaller.config"]
}
After
"manualDownload" : {
"filename" : "ChangeGuardianAgentForWindows.zip",
"files" : ["NetIQCGAgentSilentInstaller.exe",
"NetIQCGAgentSilentInstaller.config",
"NetIQChangeGuardianAgent.msi"]
}
Download the Windows Agent on the Agent Machine.
Download the Windows agent from AMS.
Place the agent file in the same directory as the script on the agent machine.
Run the PowerShell Script.
Open PowerShell with administrator privileges.
Execute the following command to deploy the agent:
.\WindowsAgentDeployment.ps1 <ip> <username> <pwd>
Replace <ip>, <username>, and <pwd> with the appropriate values for your environment.
Example 5-1 1
.\WindowsAgentDeployment.ps1 1.1.1.1 admin p@@sword
To verify:
Ensure that Change Guardian Agent is available in the list of installed programs in Windows Control Panel
Ensure that the service NetIQChangeGuardianAgent is running in Windows Services
If you used Client Agent Manager to install, ensure that Client Agent Manager is available in the list of installed programs in Windows Control Panel. Also ensure that the service NetIQClientAgentManager is running in Windows Services