Installing a Windows Agent

Agent Deployment via MSI

The following document can be used to install a Self-Managed Agent on a Windows device.

Please review our Agents Overview documentation before proceeding.

Minimum Agent Requirements

❗️

Windows Server OS Before 2012 R2

We currently do not support Windows Server older than 2012 R2 because the Liongard Agent has a dependency on a software package called NodeJS. The Agent needs a specific minimum version of that software package to work and Windows Server 2008 R2 and below do not support it.

To run the Windows Agent, the following system resources are required:

  • Operating System: Windows Server 2012 R2 or higher or Windows 10 or higher
  • Memory: 1 GB of usable RAM
  • Disk Space: 50 MB of free disk space
  • .NET Framework Version 4.6.2

To maximize system performance, we recommend the following system requirements:

  • Memory: 16 GB
  • Disk Space: 32 GB

For Virtual Machines, we recommend a minimum of 2 processors

Step 1: Record a Liongard Access Key ID and Secret

🚧

Access Tokens

Liongard Access Key Tokens and Secrets can be reused when installing Agents, or you can generate a new Access Key Token and Secret every time.

If you do decide to reuse the Access Key and Secret, it should be secured as you would any other sensitive password.

Our Access Tokens are used only to register an Agent. It is not something that the Agent stores, so if a token gets deleted, nothing will happen to Agents that were installed using that token.

  1. In Liongard, navigate to Your Name > Account Settings > Access Tokens
  • If you have an existing Access Token, you may use it to deploy the Agent.
  • If you need to generate a new token, select Generate New Token then select Agent Install Token.
  • Note: Users must be a member of the Global Admin, Global Environment Manager, or Global System Integrators groups to see the Agent Install Token option.
  1. Record a Liongard Access Key ID and Secret as you will need them in the next steps.
1795

Step 2: Download the MSI

  1. Navigate to Admin > Agents > Hover over "Download Agent Installer" > Select Windows
  2. Copy the MSI link or download the MSI
1916

Step 3: Run the MSI

  1. Open the MSI > Select Next
  2. Check "I accept the terms in the License Agreement" > Select Next
  3. Complete the following fields:
  • Your Liongard URL (e.g., "us1.app.liongard.com"): Enter the core of your Liongard URL. Do NOT include "https://"
  • Liongard Access Key ID and Secret: Enter the Access Key ID and Secret generated in Liongard from Step 1 above.
  1. Review the following field:
  • Agent Name: Liongard will populate this field using the hostname of the device the Agent is being installed on. If the Agent name already exists, Liongard will auto concatenate a numerical value (in parenthesis) to the new Agent name

🚧

Naming Your Agent

At the moment, the Agent name cannot accept =, <, >, (, ), {, }, [, ] characters. Please avoid using them in the Agent name.

  1. If desired, complete the following fields:
  • Liongard Agent Description: This field is optional, but can be used to give the Agent a description inside of Liongard.
  • Liongard Environment: This field is optional, but if skipped the Environment must be assigned in Liongard on the Admin > Agents screen. For more information review our Agent Management documentation.
504
  1. Select Next
  2. For Service Account Type, select SYSTEM

❗️

Service Account Type

Liongard recommends using the SYSTEM service account for Agent installation.

For partners who would like to use individual local or a standard domain user account in accordance with Least Privilege best practices, they should select the CUSTOM option which allows for the use of unique accounts. If doing so, please follow our Least Privileges for Windows-based On-Premises Agents and Inspectors documentation.

If performing remote inspections, please review the Windows/Active Directory Authentication section of our Permissions & Authentication documentation.

493
  1. Select Next > Select Install > Select Finish

The Agent is now successfully installed. Return to Liongard and follow our Agent Management documentation for next steps:

Inspector Auto-Discovery

In order for Liongard to perform auto-discovery and auto-activation processes, an Environment must be assigned to an Agent. Liongard will determine the Inspectors discovered based on the operating system of the Agent.

When you deploy an Agent to a Windows Server Operating System a Windows Server Inspector will appear in your list of Total Discovered Systems on the Liongard homepage. Once that Windows Server Inspector is activated, it will auto-discover Hyper-V Servers, SQL Servers, and a Network Discovery Inspector.

Keep in mind that Windows Servers are Endpoint Inspectors. Endpoint Inspectors are billed per unit according to your agreement with Liongard. Usage beyond the contracted amount will be charged on your monthly invoices.

If you would like Endpoint Inspectors to auto-activate after Auto-discovery, navigate to your Username > Company Settings and turn on the Endpoint Auto-Activation toggle as shown. After this toggle has been enabled, individual Environments can be excluded from the Endpoint auto-activation process by adding them to the list below the toggle. Enabling auto-activation means that Endpoint Inspectors will be automatically Auto-discovered, activated, and billed accordingly.

951

Please keep in mind that Endpoint Inspectors are billed per unit, and usage beyond your minimum commitment (also found on the Company Settings screen) will incur additional costs.

Additional Resources