Deployment via Kaseya VSA
Liongard Agent MSI Name Change
Starting with version 2.0.2, the Liongard Agent MSI package was renamed to "LiongardAgent-lts" as part of our new brand messaging.
Deployment scripts using the old naming conventions (RoarAgent.msi, ROARURL, ROARACCESSKEY, etc.) will still work if necessary, but we do recommend updating the scripts when possible to ensure consistency across the platform.
New installations using the MSI will change the Windows service name to "Liongard Agent." Upgrading an existing installation will leave the service name as "Roar Agent."
On-Premises Agent Overview
On-Premises Agent Installation Best Practices
- Install On-premises Agents on Domain Controllers
- We support On-premises Agents installed on servers; however, installing an On-Premises Agent on a Domain Controller will result in more Inspector auto-discovery, and therefore, less manual work.
- Generally, install One On-premises Agent per Network
- Our Agents speak across VPN tunnels
- Our Agents DO NOT speak across Active Directory Domains, so if you have two Active Directory Domains in one network, then you'll need an Agent within each Active Directory Domain.
- Install an additional On-premises Agent on any server NOT tied to an Active Directory Domain
- The additional Agent will auto-activate an Inspector for the local Windows server, and that Inspector will auto-discover a Network Discovery, Hyper-V, and/or SQL Server Inspectors if present
- Agent Names must be unique. Include a unique identifier in the Agent script to ensure all Agents will have a unique name.
On-Premises Agent Installation = Inspector Auto-Discovery
When you roll out an On-premises Agent, there is a potential for the auto-discovery of several other Inspectors:
- Upon install, an On-premises Agent will auto-activate an Inspector for the local Windows Server
- After the Windows Inspector runs, it will auto-discover an Active Directory Inspector
- Once activated and successfully run, the Active Directory Inspector will auto-discover Inspectors for any additional Windows servers within its Domain
- Once activated and successfully run, the Windows Inspectors will auto-discover Inspectors for any installed Hyper-V or SQL Server Inspectors
- After the first Windows Inspector runs, it will also auto-discover a Network Discovery Inspector
- After the Network Discovery Inspector is activated, it will auto-discover Inspectors for several makes/models of network devices. See our Network Discovery Inspector docs for more information.
Script Overview
The script below provides for a basic install of the Liongard Windows Agent via Kaseya VSA using our MSI Installer. It takes in variables associated with your Liongard instance, such as the URL and Access Key ID and Secret, to complete the install.
- This script will be supported on a best-effort basis.
This script can:
- Install an On-Premises Agent
- Upgrade an On-Premises Agent
- (Optionally) Create a Domain Admin User
Scripted Install
Step 1: Import Script into Kaseya VSA
- In Kaseya, in the left side menu, navigate to Agent Procedures > Manage Procedures > Schedule/Create > Private
- Right click on myProcedures > Import Folder/Procedure
- Copy xml file below as prompted in Kaseya
Scripted Install
Step 1: Import Script into Kaseya VSA
- In Kaseya, in the left side menu, navigate to Agent Procedures > Manage Procedures > Schedule/Create > Private
- Right click on myProcedures > Import Folder/Procedure
- Copy xml file below as prompted in Kaseya
<?xml version="1.0" encoding="utf-8"?>
<ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting">
<Procedure name="InstallRoar" treePres="3" id="143422309" folderId="266243713799046" treeFullPath="Software.Roar">
<Body description="Set lines 2 through 7 to static variables to avoid prompt.
Set line 17 and 28 with a temporary strong password.">
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Begining" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="Roar URL xxx.app.liongard.com" />
<Parameter xsi:type="StringParameter" name="VariableName" value="roarurl" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="Roar Access Key" />
<Parameter xsi:type="StringParameter" name="VariableName" value="rkey" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="Roar Access Secret" />
<Parameter xsi:type="StringParameter" name="VariableName" value="rsecret" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="Roar Environment" />
<Parameter xsi:type="StringParameter" name="VariableName" value="environment" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="Roar Agent Service Account" />
<Parameter xsi:type="StringParameter" name="VariableName" value="account" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="Prompt" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="Roar Agent Service Password" />
<Parameter xsi:type="StringParameter" name="VariableName" value="pass" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="AgentTempDirectory" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="" />
<Parameter xsi:type="StringParameter" name="VariableName" value="temp" />
</Statement>
<Statement name="GetVariable" continueOnFail="false">
<Parameter xsi:type="EnumParameter" name="VariableType" value="ConstantValue" />
<Parameter xsi:type="StringParameter" name="SourceContent" value="#vAgentConfiguration.workgroupDomainType#" />
<Parameter xsi:type="StringParameter" name="VariableName" value="isDomain" />
</Statement>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Downloading Roar MSI..." />
</Statement>
<Statement name="GetURL" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="URL" value="https://agents.static.liongard.com/LiongardAgent-lts.msi" />
<Parameter xsi:type="StringParameter" name="ResponseFileName" value="#temp#\RoarAgent.msi" />
<Parameter xsi:type="BooleanParameter" name="WaitComplete" value="True" />
</Statement>
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="#isDomain#" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Equals" />
<Parameter xsi:type="StringParameter" name="Value" value="3" />
</Condition>
<Then>
<Statement name="Execute Shell Command - Get Results to Variable" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Parameter1" value="net user #account# /domain" />
<Parameter xsi:type="StringParameter" name="Parameter2" value="False" />
<Parameter xsi:type="StringParameter" name="Parameter3" value="System" />
</Statement>
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="#global:cmdresults#" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Contains" />
<Parameter xsi:type="StringParameter" name="Value" value="The user name could not be found." />
</Condition>
<Then>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Roar Agent service account not found." />
</Statement>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Creating Roar Agent service account..." />
</Statement>
<Statement name="Create Domain User (run on Domain Controller)" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Parameter1" value="#account#" />
<Parameter xsi:type="StringParameter" name="Parameter2" value="" />
<Parameter xsi:type="EnumParameter" name="Parameter3" value="Domain Admins" />
</Statement>
<Statement name="PauseScript" continueOnFail="false">
<Parameter xsi:type="IntegerParameter" name="Seconds" value="5" />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="net user #account# #pass# /domain" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="False" />
</Statement>
<Statement name="PauseScript" continueOnFail="false">
<Parameter xsi:type="IntegerParameter" name="Seconds" value="5" />
</Statement>
</Then>
</If>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Installing Roar..." />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="msiexec /i #temp#\RoarAgent.msi ROARURL=#roarurl# ROARACCESSKEY=#rkey# ROARACCESSSECRET=#rsecret# ROARAGENTNAME=#vAgentConfiguration.Machine_GroupID# ROARENVIRONMENT="#environment#" ROARAGENTSERVICEACCOUNT="#vAgentConfiguration.workgroupDomainName#\#account#" ROARAGENTSERVICEPASSWORD=#pass# /qn" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="True" />
</Statement>
</Then>
</If>
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="#isDomain#" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Equals" />
<Parameter xsi:type="StringParameter" name="Value" value="4" />
</Condition>
<Then>
<Statement name="Execute Shell Command - Get Results to Variable" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Parameter1" value="net user #account# /domain" />
<Parameter xsi:type="StringParameter" name="Parameter2" value="False" />
<Parameter xsi:type="StringParameter" name="Parameter3" value="System" />
</Statement>
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="#global:cmdresults#" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Contains" />
<Parameter xsi:type="StringParameter" name="Value" value="The user name could not be found." />
</Condition>
<Then>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Roar Agent service account not found." />
</Statement>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Creating Roar Agent service account..." />
</Statement>
<Statement name="Create Domain User (run on Domain Controller)" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Parameter1" value="#account#" />
<Parameter xsi:type="StringParameter" name="Parameter2" value="" />
<Parameter xsi:type="EnumParameter" name="Parameter3" value="Domain Admins" />
</Statement>
<Statement name="PauseScript" continueOnFail="false">
<Parameter xsi:type="IntegerParameter" name="Seconds" value="5" />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="net user #account# #pass# /domain" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="False" />
</Statement>
<Statement name="PauseScript" continueOnFail="false">
<Parameter xsi:type="IntegerParameter" name="Seconds" value="5" />
</Statement>
</Then>
</If>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Installing Roar..." />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="msiexec /i #temp#\RoarAgent.msi ROARURL=#roarurl# ROARACCESSKEY=#rkey# ROARACCESSSECRET=#rsecret# ROARAGENTNAME=#vAgentConfiguration.Machine_GroupID# ROARENVIRONMENT="#environment#" ROARAGENTSERVICEACCOUNT="#vAgentConfiguration.workgroupDomainName#\#account#" ROARAGENTSERVICEPASSWORD=#pass# /qn" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="True" />
</Statement>
</Then>
</If>
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="#isDomain#" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Equals" />
<Parameter xsi:type="StringParameter" name="Value" value="2" />
</Condition>
<Then>
<Statement name="Execute Shell Command - Get Results to Variable" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Parameter1" value="net user #account#" />
<Parameter xsi:type="StringParameter" name="Parameter2" value="False" />
<Parameter xsi:type="StringParameter" name="Parameter3" value="System" />
</Statement>
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="#global:cmdresults#" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Contains" />
<Parameter xsi:type="StringParameter" name="Value" value="The user name could not be found." />
</Condition>
<Then>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Roar Agent service account not found." />
</Statement>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Creating Roar Agent service account..." />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="net user #account# #pass# /add" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="False" />
</Statement>
<Statement name="PauseScript" continueOnFail="false">
<Parameter xsi:type="IntegerParameter" name="Seconds" value="5" />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="net localgroup administrators #account# /add" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="False" />
</Statement>
<Statement name="PauseScript" continueOnFail="false">
<Parameter xsi:type="IntegerParameter" name="Seconds" value="5" />
</Statement>
</Then>
</If>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Installing Roar..." />
</Statement>
<Statement name="ExecuteShellCommand" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Command" value="msiexec /i #temp#\RoarAgent.msi ROARURL=#roarurl# ROARACCESSKEY=#rkey# ROARACCESSSECRET=#rsecret# ROARAGENTNAME=#vAgentConfiguration.Machine_GroupID# ROARENVIRONMENT="#environment#" ROARAGENTSERVICEACCOUNT="#vAgentConfiguration.machName#\Roar" ROARAGENTSERVICEPASSWORD=#pass# /qn" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="Is64Bit" value="True" />
</Statement>
</Then>
</If>
<Statement name="WriteScriptLogEntry" continueOnFail="false">
<Parameter xsi:type="StringParameter" name="Comment" value="Complete" />
</Statement>
</Body>
</Procedure>
</ScriptExport>
User Account Complex Password
For this parameter in the script:
<Parameter xsi:type="StringParameter" name="Parameter2" value="" />You will need the value to be populated with a complex password in order to ensure the script runs successfully.
For additional information please see Microsoft's documentation on complex passwords.
Step 2: Choose Machine Groups and Run the Script
- Agent Procedures > Manage Procedures > Schedule/Create
- Private > right click on myProcedures > InstallRoar
- In the Schedule tab, select the checkbox(es) to the left of the machine(s) you want to deploy Liongard Agents to (preferably a domain controller)
- Select Run Now
You will be prompted with the following variables:
- Roar URL Insert your Liongard URL (e.g., mymsp.app.liongard.com)
- Roar Access Key
- Roar Secret
- Roar Environment Optional
- Roar Agent Service Account You do not need to prepend the domain name
- Roar Agent Service Password
Creating a Domain Admin User
This script either creates a Domain Admin User in Active Directory or you may pass the credentials for an existing service account.
If you would like this script to create a new service account, you can:
1. Simply provide the desired user name as well as the password and the script will create and
assign the password for you.If you have an existing Domain Admin service account, you can:
1. Provide the existing username of the service account along with the password.
Step 3: Assign the Agent to an Environment (Optional)
- If you decide to not assign the Environment at the prompt, the Agent will need to be assigned an Environment from the Admin > Agents screen in Liongard.
Using Automation with Liongard
Thanks to Liongard partner Kevin Conod for sharing the above Kaseya VSA script. If you'd like to share how your team is using automation with Liongard, email us at [email protected].
Updated about 1 year ago