How to manually deploy a Forefront Server Security Management Console deployment agent to a remote managed serverThis article describes how to manually deploy a Forefront
Server Security Management Console deployment agent to a remote managed server. To manually deploy the Microsoft Forefront Server Security
Management Console (FSSMC) agent, follow
these steps. Note To do this, you must have Hotfix Rollup
2 for FSSMC installed.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
960814
(http://support.microsoft.com/kb/960814/
)
Description of Hotfix Rollup 2 for Forefront Server Security Management Console
- Copy the files from the following
DeployAgent directory on the FSSMC server to the
remote server:
Drive
Letter\Program Files\Microsoft Forefront Security\Server\Server
Management\Services\DeployAgent - Run the Deployagent.msi file, and then follow the wizard
instructions.
- After the installation is complete, start the Computer
Management console.
Note On a domain controller, you start the Computer Management console
from Active Directory. - On the Computer Management console, expand Local
Users and Groups, right-click Users, and then click
New User.
- In the New User window, follow these steps:
- In the User name
field, enter
SDEP_MachineName.
For example, enter
SDEP_EXCHBE01.
- In the
Description field, enter
FSSMC Deployment Account.
- In the Password
field, enter
Password@123.
- Confirm the
password when you are prompted to do
this.
Note This is a temporary password that will be
overwritten in step 9e. - Click to clear
the User Must Change Password at Next Logon check
box.
- Click to select the Password never
expires check box.
- Click Create.
- Use Windows Explorer to locate the directory that contains
the Deployment Agent files.
- Create a batch file that you name "Dcom.bat" in the
DeployAgent directory
that you copied from FSSMC server. Copy
the following code into this file:
call DComPerm.exe -ml set "SDEP_MachineName" permit level:l,r,ll,la,rl,ra
call DComPerm.exe -ma set "SDEP_MachineName" permit level:l,r
call DComPerm.exe -ma set "NT AUTHORITY\ANONYMOUS LOGON" permit level:l,r
call DComPerm.exe -ma set "Distributed COM Users" permit level:l,r
call DComPerm.exe -al {414524B7-234A-4312-99C4-43C6E1F01782} set "SDEP_MachineName" permit level:l,r,ll,la,rl,ra
call DComPerm.exe -aa {414524B7-234A-4312-99C4-43C6E1F01782} set "SDEP_MachineName" permit level:l,r
- Make sure that the Dcomperm.exe file is located in the DeployAgent
directory.
Then, run the Dcom.bat file.
- Log on to the FSSMC server, and then open the Forefront
Server Management Console. Then, follow these steps:
- Click Servers, and then click
Add Servers.
- On the Add Servers page, enter the
remote server name in
the Server Names
field, and then click Verify.
- Select your server group, and then click Add
Servers.
- Verify that
the remote server name
is selected, and then click Deploy
Agent.
- Enter the user name and password that are required for
remote installations, and then click Continue.
A
Status window appears, and it provides details about the progress of the
agent's installation. - After Agent
Installed appears in the
Status field, and after Done
appears in the Details field, click Close.
Article ID: 960876 - Last Review: January 21, 2009 - Revision: 1.0 APPLIES TO- Microsoft Forefront Server Security Management Console
| kbhowto kbexpertiseinter kbsurveynew kbinfo KB960876 |
Thank you! Your feedback is used to help us improve our support content. For more assistance options, please visit the Help and Support Home Page. | |
Back to the top
