Installing eG VM Agents in bulk using PowerShell Script
In large environments where multiple Windows desktops need to be monitored, manually installing a VM agent on each desktop can be time-consuming and labor-intensive, especially when administrators are restricted from using automated software distribution tools. To reduce administrator workload in such environments, eG Enterprise provides PowerShell scripts that enable administrators to install VM agents on multiple desktops in a single operation. Before proceeding with the installation, ensure the following prerequisites are met:
-
Local or domain administrators should be vested with required permissions to access the target desktops and execute the PowerShell scripts from the local system
-
PowerShell Remoting feature (that allows users to run PowerShell commands and scripts on remote computers) should be enabled on both the local system and the desktops. To know how to enable this feature via Group Policy refer to the following steps:
-
Open the Group Policy Management Console (GPMC)/Local Group Policy Editor as an administrator.
-
In the window that appears, navigate through the following menu sequence: Local Computer policy -> Computer Configuration -> Administrative Templates as shown in Figure 1.
-
Clicking on the Administrative Templates under the Computer Configuration tree in Figure 1 will list the available policy settings under the Setting column in the right-panel. Then, double-click on the Windows Components in the Setting column to view a list of configurations relating to specific Windows features and components. Now, select the Windows Remote Management (WinRM) feature as shown in Figure 2.
-
Double-clicking on the Windows Remote Management (WinRM) folder will list the WinRM Client and WinRM Service folders in the right-panel. To view the settings related to enabling and configuring Windows Remote Management (WinRM), double-click on the WinRM Service folder. This will display the list of settings as shown in Figure 3.
-
To enable PowerShell remoting feature, enable and configure the Allow remote server management through WinRM setting. Double-clicking on this setting will invoke Figure 4.
Figure 4 : Enabling the Allow remote server management through WinRM setting
In Figure 4, check the Enabled button to enable the Allow remote server management through WinRM feature and specify IP addresses or subnets that are allowed to connect remotely in the IPv4 filter and IPv6 filter fields. You can specify "*" to allow connections from any IP address.
-
Finally, click OK button in Figure 4 to save the configuration.
-
-
If the local system is protected with a firewall, you should create a firewall exception to ensure that the PowerShell access the desktops remotely. This can be done via Group Policy settings. The steps for creating an exception using Group Policy are given bellow:
-
In the Local Group Policy Editor window, navigate through the following menu sequence: Computer Configuration -> Windows Settings -> Security Settings -> Inbound Rules.
-
If no rules have been created, right-click on the right-panel in Figure 5 and select New Rule from the right-click menu to create a new rule. This will invoke the New Inbound Rule Wizard from which select Predefined as the Rule Type and click Next button. Figure 6 will then appear.
Figure 6 : Selecting rule category from Predefined list in the New Inbound Rule Wizard
In Figure 6, choose Window Remote Management as a desired category from the Predefined list and click Next button.
-
Select the rules corresponding to the chosen category from the Rules field in the Predefined Rules tab page (see Figure 7) . Then, click on the Next button.
-
To allow connection from any IP addresses or subnets, select the Allow the connection option in the Action tab age that appears. Finally, click on the Finish button to create a rule (see Figure 8).
-
The newly created inbound rules will be listed as shown in Figure 9.
-
-
If network-level firewalls are present and configured with default settings, ensure that TCP port (5985) is open to allow HTTP traffic for Windows Remote Management (WinRM).
-
The Windows Remote Management (WS-Management) service needs to be configured with Automatic Startup Mode. This can be enabled via a Group Policy. The steps for achieving this are explained below:
-
In the Local Group Policy Editor window, navigate to Computer Policies -> Windows Settings -> Security Settings -> System Services.
-
In the right-panel, scroll down and locate the Windows Remote Management (WS-Management) service (see ).
Figure 10 : Selecting Windows Remote Management (WS-Management) service
-
Double-clicking the chosen service will invoke the Windows Remote Management (WS-Management) Properties popup window where you need to check the Define this policy setting box. Then, select Automatic from the Startup Mode dropdown list (Figure 11).
Figure 11 : Setting start mode for Windows Remote Management (WS-Management) service
-
Finally, click Apply and then OK button to register the settings.
-
-
Ensure that all desktops to be monitored have HTTPS access to the eG Manager to download the eG VM Agents. In addition, the eG remote agent should also be configured to access TCP port (60010) on the desktops to collect the monitoring data. A Windows Firewall rule will be automatically created to allow this traffic during the installation process. If network firewalls are present, ensure that the firewalls allow the traffic from the eG remote agent to the TCP port (60010) on the desktops.
Once the above-mentioned pre-requisites are fulfilled, do the following steps to install the VM agents on multiple Windows desktops at one shot:
-
First, create a file named TargetList.txt containing the list of Windows desktops where the VM agents need to be installed as shown in Figure 12. Save this file locally, for example at C:\Temp\TargetList.txt.
-
Then, obtain PowerShell installation one-liner from the admin interface (see Figure 13). Refer to Using the Command Line to Install the VM Agent to know how to obtain the PowerShell one-liner for installing the VM agents.
Figure 13 : Obtaining PowerShell one-liner for VM agent installation
-
Now copy the PowerShell one-liner for VM agent installation by clicking on the Copy button in Figure 13.
-
To install the VM agents on the desktops, create a script file with the PowerShell script given below and save the file locally, for example, at C:/AgentInstall.ps1.
# Read the list of remote computers from a file
$ComputerNames = Get-Content "C:\Temp\TargetList.txt"
# Iterate through each remote computer and deploy the Software
foreach ($ComputerName in $ComputerNames) {
# Create a new PowerShell session to the remote computer
$Session = New-PSSession -ComputerName $ComputerName
# Create the destination folder if it doesn't already exist on the remote computer
Invoke-Command -Session $Session -ScriptBlock {
## Replace this line with the Installation One-liner from the eG Enterprise console
}
# Close the PowerShell session to the remote computer
Remove-PSSession $Session
}
Note:
Before running the script file, you need to replace "## Replace this line with the Installation One-liner from the eG Enterprise console" with the installation one-liner (see Figure 13), copied from the admin interface.
Once you inserted the one-liner onto the designated section of script file, open the Windows PowerShell prompt as an administrator and run the script file. When executed from the PowerShell prompt as an administrator, the script will automatically install, start, and configure the VM agents on the target desktops sequentially, one after the other.
Note:
eG Enterprise recommends first executing the script on one or two desktops to validate its functionality before proceeding deployment of the VM agents across a larger group of desktops.
