Roar Users Guide & Documentation

Welcome! You'll find comprehensive guides and documentation to help MSPs start working with Liongard's Roar as quickly as possible, as well as support if you get stuck. Let's go #MakeITRoar!

Get Started    

Deployment via MSI Installer

On-Premise Agent Installation Best Practices

On-Premise Agent Installation Best Practices

  1. Install On-premise Agents on Domain Controllers
  • We support On-premise Agents installed on servers; however, installing an On-Premise Agent on a Domain Controller will result in more Inspector auto-discovery, and therefore, less manual work.
  • Liongard recommends using a Primary Domain Controller. The above-mentioned auto-discovery will include an Active Directory Inspector for the Agent machine. There is some Active Directory information that is only captured on the PDC, so activating the Active Directory Inspector for the PDC will ensure a full inspection.
  1. Generally, install One On-premise Agent per Network
  • Our Agents speak across VPN tunnels
  • Our Agents DO NOT speak across Active Directory Domains, so if you have two Active Directory Domains in one network, then you'll need an Agent within each Active Directory Domain.
  1. Install an additional On-premise Agent on any server NOT tied to an Active Directory Domain
  • The additional Agent will auto-activate an Inspector for the local Windows server, and that Inspector will auto-discover a Network Discovery, Hyper-V, and/or SQL Server Inspectors if present

Video isn't playing? Click here!

How to Install an On-Premise Agent via the MSI Installer

Minimum Requirements

To run the Windows Agent, the following available system resources are required:

  • Operating System: Windows Server 2012 or newer
  • Memory: 1 GB of usable RAM
  • Disk Space: 50 MB of free disk space
  • .NET Framework Version 4.5.2

To maximize system performance, we recommend the following system requirements:

  • Operating System: Windows Server 2012 or newer
  • Memory: 16 GB
  • Disk Space: 32 GB
    For Virtual Machines we recommend a minimum of 2 processors


Windows Servers Before 2012

We currently do not support Windows Server before 2012 because the Liongard Agent has a dependency on a software package called NodeJS. The Agent needs a specific minimum version of that software package to work and Windows Server 2008 R2 and below do not support it.


Windows Workstations

The Agent will work on Windows 8.1/10 workstations; however, we do not rigorously test the Agent outside of Windows servers. Also, most Inspectors have not been tested to run on Windows workstations.

If you require Active Directory, Hyper-V, SQL Server, or Windows remote inspections, we strongly encourage the use of a Windows server. If you are looking to inspect network devices or services, then using a Windows workstation Agent is likely adequate.

Step 1: Create an Active Directory User for Liongard to "Log on as"

  • In Active Directory, create a New > User
    • First Name: "Liongard Agent"
    • Username: "LiongardAgent"
    • Select Next
  • Password: Enter and document a password of your choosing. Liongard can't accept passwords longer than 128 characters.
    • Uncheck: "User must change password at next login"
    • Check: "Password never expires"
  • Select Next
  • Select Finish
  • Right click on the "Liongard Agent" user that you just created and select Properties
  • On the General Tab, label the account as a service account in the Description field. We suggest "Liongard - Service Account"
  • Select Member of
  • Select Add... and include "Domain Admins"
  • Select Apply

Step 2: Install the On-Premise Agent via the MSI Installer on a Domain Controller

  • In Liongard, navigate to Your Name > Account Settings > Access Tokens > Generate a New Token. Record the Liongard Access Key ID and Secret as you will need them in the next steps.
  • Then, navigate to Admin > Agents > Click on "Download Agent Installer" in the top right corner
    • Copy the MSI link or download the MSI installer


Access Tokens

You can document this Liongard Access Key Token and Secret to reuse when installing more Agents, or you can generate a new Access Key Token and Secret every time.

Our Access Tokens are used only to register an Agent. It is not something that the Agent stores, so if a token gets deleted, nothing will happen to Agents that were installed using that token.

  • Open the MSI and select Run
    • Check "I accept the terms in the License Agreement"
    • Select Next
  • Populate the following values:
    • Your Liongard URL (e.g., "")
      • Enter the core of your Liongard URL. Do NOT include "https://"
    • Agent Name: The Agent Name must be unique. If the Agent Name is not unique, the Agent will fail. This field will default to the name of the server.


Naming Your Agent

At the moment, the Agent name cannot accept =, <, >, (, ), {, }, [, ] characters. Please avoid using them in the Agent name.

If you choose to use a script to deploy On-Premise Agents, include a unique identifier for the Agent name.

  • A Liongard Access Key ID and Secret.
    • This can be found in Liongard by selecting your user account name in the top right corner > Account Settings > Access Tokens > Generate a New Token
  • The Environment name in which this Agent is being deployed for. This name is case sensitive.
  • If you do not wish to fill in the Environment name, you must leave this field blank. In Liongard, you must associate the Agent to an Environment once the Installer runs. To do this, navigate to the Admin > Agents.


Errors Accessing the API

If you are having issues accessing the API, copy and paste the Key directly from Liongard into the Installer.

  • Select Next
  • Select Custom
    • Enter the name of the Domain and "LiongardAgent" (the name of the user you created in Step 1)
    • Select Next
  • Ensure that Enable Autoupdate has been checked
  • Select Next
  • Select Install
  • Select Finish

Selecting the Enable Autoupdate box will create a scheduled task on the server that will run at Midnight daily, checking for a new version of the Agent, and updating the Agent if necessary.


Liongard Agent MSI Name Change

Starting with version 2.0.2, the Liongard Agent MSI package was renamed to "LiongardAgent-lts" as part of our new brand messaging.

Deployment scripts using the old naming conventions (RoarAgent.msi, ROARURL, ROARACCESSKEY, etc.) will still work if necessary, but we do recommend updating the scripts when possible to ensure consistency across the platform.

New installations using the MSI will change the Windows service name to "Liongard Agent." Upgrading an existing installation will leave the service name as "Roar Agent."

Step 3: Roll out On-premise Agents for all Environments

Liongard recommends one On-premise Agent per Environment network. Follow these steps to continue deploying On-premise Agents for Environments.

Roll out Agents via Command Line or RMM

The Agent MSI can be invoked like this for a silent install from the command line or for scripting via the RMM:

msiexec /i LiongardAgent-lts.msi LIONGARDACCESSKEY=yourkey LIONGARDACCESSSECRET=yoursecret LIONGARDAGENTNAME="Friendly Name of Your Choice" LIONGARDENVIRONMENT="Exact Environment Name, Inc." LIONGARDAGENTSERVICEACCOUNT="mydomain\domainadmin" LIONGARDAGENTSERVICEPASSWORD="mypassword" LIONGARDAGENTDESCRIPTION="optional description" /qn


You can optionally pass in LIONGARDAGENTDESCRIPTION as the last parameter if you wish to add a description to the agent.

If you don't provide LIONGARDAGENTSERVICEACCOUNT and LIONGARDAGENTSERVICEPASSWORD then the service will default to installing as Local System.

If you don’t pass in the LIONGARDENVIRONMENT parameter, you’ll have to assign that in the Liongard UI under Admin > Agents.


Install Location

You can additionally use the INSTALLLOCATION variable if you wish to choose a different directory to install into.

If your custom path has spaces or special characters, then be sure to surround the location with triple double quotes in order to allow it to escape correctly in PowerShell. Otherwise you don't need to use double quotes to escape the path.

For more information on deploying Agents via RMM script, please reference our documentation.

On-Premise Agent Auto-Discovery

When you roll out an On-Premise Agent, there is a potential for the Auto-Discovery of several other Inspectors:

  1. Upon install, an On-Premise Agent will auto-activate an Inspector for the local Windows Server
  2. After the Windows Inspector runs, it will auto-discover an Active Directory Inspector
  3. Once activated and successfully run, the Active Directory Inspector will auto-discover Inspectors for any additional Windows servers within its Domain
  4. Once activated and successfully run, the Windows Inspectors will Auto-Discover Inspectors for any Hyper-V or SQL Server Inspectors installed
  5. After the first Windows Inspector runs, it will also auto-discover a Network Discovery Inspector
  6. After the Network Discovery Inspector is activated and runs, it will auto-discover Inspectors for several makes/models of network devices. See our Network Discovery Inspector docs for more information.

Troubleshooting Agent Issues

If you are having issues with your Agent, please read our Troubleshooting Agent Issues Documentation.

Whitelisting Liongard

If any of your networks heavily filter outbound traffic, you may need to whitelist some hosts in order for the Agent to send data back to Liongard. There may be other situations where you need to whitelist your Cloud Agent or the Liongard platform itself. If so, please see How to Properly Whitelist the Liongard Platform.

Updated 20 days ago

Deployment via MSI Installer

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.