On Windows, the initial installation of Management Agents can be done either manually or by using a third-party software deployment system. Initial installation via the Management Server is not supported.
The Management Agent uses and requires the MSI installation package 2.0 format used by the Windows Installer Service. This service is included by default in Windows 2000 SP3 (and later), 2003, and XP, so there is no need to install it separately on these systems.
To install the Management Agent on Windows NT (or Windows 2000 below SP3), you must have previously installed Windows Installer Service 2.0. This also requires that Windows NT is upgraded to Service Pack 6 or later. To install Windows Installer Service, locate and run
InstMsiW.exe and follow the instructions. The installation requires rebooting for the service to become active.
On Windows Vista, .NET Framework 3.5 Service Pack 1 is reguired.
To install the Management Agent manually on Windows:
<v>is the version number).
Follow these steps in the installation wizard:
At the introduction screen, click Next.
Click the radio button to accept the license and then click Next.
Select a location where you what to install the agent and click Next.
The wizard will install the Management Agent to the selected directory.
Download a valid ICB from the Management Server administration interface (see Downloading ICBs), and copy it to the Management Agent installation directory:
C:\Program Files\SSH Communications Security\SSH Tectia Manager\icb.dat
In case of problems, see Problems with Management Agents.
Alternatively, you can use command-line options (detailed in the next section) to perform the installation.
When deploying the Management Agent to multiple machines, a silent mode of installation is available. This section lists the command-line options for performing a silent installation.
MSI packages are generally installed from the command line with the following command:
msiexec.exe /i <path_to_msi_file> [options]
A typical script for a silent installation might look like this:
msiexec.exe /i "ssh-mgmt-agent-22.214.171.124-windows-x86.msi" /L* "C:\temp\setup.log" /qn INSTALLDIR="C:\Program Files\SSH Communications Security\SSH Tectia Manager" ICBDIR="H:\Management Settings"
In this script:
/i <path_to_msi_file>specifies to
msiexec.exethe MSI file to use.
/L* <path_to_log_file>indicates that a log of the installation is written.
/qnspecifies that the installation should be silent.
ICBDIR="<path_to_icb_location>"specifies the directory name where the ICB file can be found.
INSTALLDIR="<path_to_installation_location>"specifies the directory name where the agent is installed. If this option is omitted, the default location
"C:\Program Files\SSH Communications Security\SSH Tectia Manager"is used.
When deploying the Management Agent on Windows using the command-line scripts, you should know a little about how the installer works. The following is a step-by-step description of the actions the installer typically runs in silent mode or after the Install button has been pressed in the installation wizard mode.
1. The installer shuts down any running Management Agent services:
2. The installer uninstalls any existing Management Agents. The installer removes service binary,
agent-secsh.dat, and all registry entries associated with the application.
3. The installer installs the following components to the path specified in the
the service binary:
the registry entries associated with the product
(Windows NT 4.0 only)
Psapi.dllto Windows NT 4.0 systems that do not have it
4. The installer attempts to install the ICB file based on the
If a file named
icb.datis located in the directory specified by the
ICBDIRvariable passed to the installer, it will be copied to the installation directory.
ICBDIRis specified, the installer checks the root of the
C:\drive for the file.
icb.datfile exists, nothing happens here.
5. The installer starts the Management Agent service (
The service is started when the host is rebooted, and it keeps running all the time.
See also Management Agent on Windows.