SCSP DCS How to create an image with a preinstalled Agent using powershell scripts

book

Article ID: 181776

calendar_today

Updated On:

Products

Critical System Protection Data Center Security Server Data Center Security Server Advanced

Issue/Introduction

 

Resolution

In order to avoid the issue of all agents having the same uid you must not let the agent communicate with the manager. Once the image is distributed to the machines it was built for those machines will individually contact the manager and get a unique id. When the image is distributed administrators will change the name of each computer to something unique. This does not however change the name as it will show up in the console as this was determined when the agent was installed. The script below was written to change the name that shows up in the console. This script would be run after the machine had been given a unique machine name but before the machine was allowed to talk to the SCSP Manager. This script is given for informational purposes only and is not supported.

 Save the contents of this into a text file with a .ps1 extension, and then launch the Powershell script with the following command:
powershell.exe "& "c:\temp\script.ps1"

The script can be used with either CSP or DCS:SA. It can be used with the Agent installed to any local path (it queries the path from the sisipsutil service). It sets the agent name to be the local systems hostname. This is for Windows agents only. If the agent was already registered to the manager using the old name, it will cause an additional occurrence in the manager. The old asset will become stale as it will no longer be valid, and the old asset should be deleted from the console.

#------------------------------

Set-ExecutionPolicy Unrestricted

#Determine if the filepath of the SISIPSUtil service
$fullPathName = (gwmi win32_service|?{$_.name -eq "SISIPSUtil"}).pathname

#Read environment variable
$computername = $env:computername

#Set file and path parameters
$filePath1=$fullPathName.Substring(1,$fullPathName.length-20)
$filePath2=$fullPathName.Substring(1,$fullPathName.length-16)
$fileName1='agent.ini'
$fileName2='fallback.ini'

#Use sisservicectrl to stop the sisipsservice
& ($filePath2 + "sisservicectrl.exe") stop sisipsservice

#Read and edit agent.ini
(Get-Content ($filePath1 + $fileName1)) |
Foreach-Object {$_ -replace "^agent.name.+", ("agent.name="+$computername)} |
Set-Content ($filePath1 + $fileName1)

#Read and edit fallback.ini
(Get-Content ($filePath1 + $fileName2)) |
Foreach-Object {$_ -replace "^agent.name.+", ("agent.name="+$computername)} |
Set-Content ($filePath1 + $fileName2)

#Use sisservicectrl to start sisipsservice
& ($filePath2 + "sisservicectrl.exe") start sisipsservice

#User sisipsconfig to force registry changes
& ($filePath2 + "sisipsconfig.exe") -forcereg