How to install CGGP on an Unmanaged Security Manager Agent. (NETIQKB72072)

Introduction

Change Guardian for Group Policy (CGGP) supports the monitoring of Unmanaged Agents of Security Manager (SM). This document explains how the steps are applied to monitor a Domain Controller with CGGP.

For more details about SM Unmanaged Agents you can refer to SM User Guide.

Installing Unmanaged Agents

First you already have install CGGP in the SM environment.

1. Go to the Domain Controller where you want to install the agent manually.
2. Run manualagent.msi located in the Additional Setups\Manual Agent Installation folder in the installation kit.
   • Note. ? All Service Packs of SM has the manualagent.msi program in the installation kit. If you have installed SP3 of SM installed, you have to install the manualagent.msi program that SM SP3.
3. Press Next in the Welcome page of setup program.
4. Accept the License Agreement checking I accept the terms in the license agreement option.
5. Put the name of the Primary Central Computer and the computer group that you have installed in your SM environment and press Next.
6. In the Destination Folder page, if you want choose another destination folder than de default, select Browse. And press Next.
7. Press Install and wait until the Installation is completed and then press Finish.

Deploy Unmanaged Agents on the Domain Controllers

1. Launch SM Control Center.
2. In Navigation Pane, go to Configuration Groups.
3. Go to the Task Pane and select ?Launch Agent Administrator??
4. Go to ?Unmanaged Agents? tab and select ?Authorize unmanaged agents? option.
5. The recently agents installed appears on the list in the Authorize unmanaged agents page.
6. Check the Authorize option and press OK.
7. A window is opened, select ?force the change now? and press OK.
8. Go to Navigation Pane again and select ?Alerts Views?.
9. Go to ?All Open Alerts? node and wait the events related to the deployed machines to arrive to SM:
   • Success alert.- Open the source event and it should have the next description:
     
     ?The NetIQ Security Manager Agent on this computer received new rules and configuration settings from its central computer.
     Configuration Group: <group_name>?

Configuring CGGP

1. Go to CGGP Configuration Wizard, configure the domain controller where you deployed the unmanaged agent previously and configure the alerts rules that you need. Finally force the changes.
2. Get the IqcgGpProgrammableProvider.cab file of CGGP program:
   • In the installation kit of CGGP, go to Modules folder, you can find the ChangeGuardianForGp.nqm file. 
   • Change the extension to .zip to this file: ChangeGuardianForGp.nqm to ChangeGuardianForGp.zip
   • Unzip the ChangeGuardianForGp.zip file and search for the file: IqcgGpProgrammableProvider.cab
3. Copy the IqcgGpProgrammableProvider.cab file to domain controller in the following path:
   
   %Programfiles%\NetIQ Security Manager\OnePoint\Providers\<Configuration Group>\IncomingPrgProviders
   
4. Wait until SM unpack and remove the IqcgGpProgrammableProvider.cab file from this directory.

Review that the CGGP was deployed successfully.

1. In the Domain Controller:
   • Review that the sm_wp.exe process has been started (Task Manager).
     • The NetIQ folder was created in this path C:\Program Files\
2. In the SM machine:
   • Review that the events related to the deployment of CGGP arrived to SM.
     • Three information alerts arrive to SM with the next description in the events:
       1. The IQCG Agent CGGP_version was deployed successfully.
       2. The IQCG Agent service was started successfully.
       3. Successfully configuration changes for GPO auditing: Enable events generation for monitored domain objects.