Cool Solutions

A week in the Superlab: Agent deployment using Active Directory Group Policy


January 20, 2009 7:08 pm





Getting help from Active Directory

As part of the exercise I’m doing this week ( see here for background ) the ZCM agent needs deploying across Acme Corporations five WAN connected sites. What I want to do is avoid excessive WAN traffic so pushing agents out from the Primary servers London location is out. Also I’d like to make sure that any computer joining the domain falls under the management of ZCM without manual intervention.

So I’m going to leverage Active Directory Startup scripts which run under the SYSTEM account on each computer and therefore have administrative privileges along with the presence of local domain controllers at each remote location.

Stuff I need

First I’ll need a way of avoiding repeat ZCM agent installations. Two minutes with Google and I’ve located a script that can be modified to achieve our ends. The script now checks to see if the Novell ZENworks Agent Service is set to Auto start. If not, it is assumed that the agent needs installing and we run PreAgentPkg_AgentComplete.exe with parameters that have been obtained from the Startup script properties within the Group Policy.

Now I need a location which all domain computers can read from when using the SYSTEM account. They can already read the Startup script so I’ll take advantage and place PreAgentPkg_AgentComplete.exe in this location.

Lets get started

Download the client install vbscript here or see file attachments at the bottom of the posting. Extract the contents of the zip file to an easy to find folder. The desktop would be ideal.

Download PreAgentPkg_AgentComplete.exe from your ZCM primary server using http:///zenworks-setup. Place this in your favourite folder, Desktop looks good to me.

Launch Active Directory Users and Computers tool and either create a new group policy or edit an existing one.

Go to Computer Configuration -> Windows Settings -> Scripts (Startup/Shutdown)
Double click on Startup and you should see something like shown below

Figure 1

Click on Show Files and copy ClientInstall.vbs script and PreAgentPkg_AgentComplete.exe into the Explorer window. Watch out for Windows Server blocking access to PreAgentPkg_AgentComplete.exe by right clicking on PreAgentPkg_AgentComplete.exe after copying and check the File Properties windows at the bottom. If necessary click on Unblock.

Close Explorer window.

In Startup Properties window, click on Add, then select ClientInstall.vbs. Place any parameters that you want to pass to PreAgentPkg_AgentComplete.exe in the Script parameters box. You might want –q for quiet and –x to avoid reboots. Click on Ok.

Your Startup Script Properties Window should look something like this


Click on OK and close the Group Policy window.

Reboot a domain computer to which the Group Policy applies and you should see that the ZCM agent gets installed.

1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this post.

Categories: Uncategorized


Disclaimer: This content is not supported by Micro Focus. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.


  1. By:kelntaylor

    I received this error when I tried to specify an argument to the script:
    (The system cannot find the file specified. Line 17 Char 2)
    I found the resolution here:

    Also I am unable to get the computer to reboot automatically after installing the agent. I am using the -q option. Does it work for other people?

  2. By:jcerio

    I’ve set this up as described and included the fix from the last comment. Nothing seems to happen. What am I missing?