Is there any possible way to deploy IEM client into new devices which is eroll into my AD or any other possible way to deploy client in new machines automattically…
NOTE: Asset discovery method is currently we are using but we need automatic deployment of client into endpoints.
Any special settings to be aware off in the GPO? Use the MSI or EXE? I heard there were some issues with the client trying to install at every login. Maybe a quick write-up on how to make the correct policy in AD and make it sticky?
I know there are other ways of doing this (like calling the MSI directly and bypassing a Batch file) but this way I can keep the MSI in one central location and only have to update it there…
Ok here we go…
Create a Batch file (ex. BigFixGPO.bat) with the following lines:
echo off
IF “%ProgramFiles(x86)%”=="" (goto 32bit) else (goto 64bit)
:32bit echo 32bit System >> %windir%\BigFixGPOInstallLog.txt IF EXIST “%Programfiles%\BigFix Enterprise\BES Client\BESClient.exe” (goto end) else (goto BFMP)
:64bit echo 64bit System >> %windir%\BigFixGPOInstallLog.txt IF EXIST “%Programfiles(x86)%\BigFix Enterprise\BES Client\BESClient.exe” (goto end) else (goto BFMP)
:BFMP echo Starting to map drive for installation >> %windir%\BigFixGPOInstallLog.txt net use “\\server.domain.com\share” Password /user:Username /PERSISTENT:NO echo Mapped drive for installation >> %windir%\BigFixGPOInstallLog.txt goto BFinstl
Then create a new GPO and add the batch:
GPO Setting: \Computer Configuration\Policies\Windows Settings\Scripts (Startup/Shutdown)\Startup
Copy the Batch file in the policy folder (on the DC under the sysvol location). The easiest way to get there is to click the “Show Files…” button in the GPO and drag/drop the batch file in it.
Then add the batch file in the Startup Properties.
Apply the GPO to an OU containing your COMPUTERS and voila…