Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.9.1 available

The official documentation can be found on http://wiki.ocsinventory-ng.org. Read it before asking your question.

OCS Agent Service and deploy account

Note : I will replace in all below samples our company's domain by ACME.local.
We are using a windows deployserviceaccount with Local Policies > User Rights Assignment (set by GPO):

  • Act as a part of the operating system
  • Log on as a service
  • Log on as a batch job

We want to deploy the agents via GPO, using a OcsPackage.exe, created using OcsPackager.exe V2.1.1.1. and PsExec.exe V2.11 (dated 28/04/2014 - 388 KB).

I am using packager OcsPackager 2.1.1.1 and a company-specific certificate file acme.pem, to create the client deployment package OcsPackage.exe.
In this process I selected the following:

Agent Setup file:
C:\Users\E04\Downloads\OCSNG-Windows-Agent-2.1.1\OCSNG-Windows-Agent-2.1.1.1\OCS-NG-Windows-Agent-Setup.exe

Certificate file:
C:\Download\OCSNG-Windows-Agent-2.1.1\OCSNG-Windows-Packager-2.1.1.1\kszbcss.pem

Plugins : (leave as is:)
C:\Users\E04\Downloads\OCSNG-Windows-Packager-2.1.1\OCSNG-Windows-Packager-2.1.1.1\PsExec.exe

Command line options:
/SSL=1 /CA=acme.pem /NP /S /DEBUG=2 /NOW /SERVER=https://myserver.ACME.local/ocsinventory

User: ACME.local\DeployServiceAccount
Password: .....

Also tried with
User: ACME\DeployServiceAccount
Also tried with
User: DeployServiceAccount@ACME.local

In our Startup script, we are using this 1-line script:

OcsLogon.exe /INSTALL /PACKAGER /GPO /DEPLOY=2.1.1.1

In the same startup folder of this GPO, also files OcsPackage.exe (created with the OcsPackager.exe) and OcsLogon.exe are copied in here.

Contents of C:\ProgramData\OCS Inventory\ocsinventory.ini
[OCS Inventory Agent]
ComProvider=ComHTTP.dll
Debug=2
Local=
NoSoftware=0
HKCU=0
NoTAG=0
IpDisc=
[HTTP]
Server=https://myserver.acme.local/ocsinventory
SSL=1
CaBundle=acme.pem
AuthRequired=0
User=
Pwd=
ProxyType=0
Proxy=
ProxyPort=0
ProxyAuthRequired=0
ProxyUser=
ProxyPwd=
[OCS Inventory Service]
PROLOG_FREQ=1
OLD_PROLOG_FREQ=1
TTO_WAIT=3360


After deploying a first job, after installation of the OCS Inventory
Interactive Services Detection is showing : "A program running on this computer is trying to display a message":
select
--> View the message
PsExec License Agreement
'You can also use the /accepteula command-line switch to accept the EULA."
SYSINTERNALS SOFTWARE LICENSE TERMS
(...)
[Print]        [Agree] [Decline]

Details: Program(s) or device(s) requesting attention.
Message title: PsExec License Agreement
Program path: C:\Program Files (x86)\OCS Inventory Agent\plugins\PsExec.exe


PROBLEM 1:
The OCS Agent service is NOT installed with the account DeployServiceAccount, but as Local Service !
For this, I have developed a separate work-around GPO startup script, to change the service parameters, once it is installed.

PROBLEM 2:
For any deployed job, the agent stays in status "Notified", and does never go further.
In addition, the folder
C:\ProgramData\OCS Inventory NG\Agent\Download\
stays EMPTY !!!
Only after accepting [Agree] the deployment is starting !!

My understanding is that the coding syntax for PsExec.exe with the OcsPackager.exe 2.1.1.1 contains a bug as to
1) the user syntax
2) the missing /accepteula  command line option.

Any advice welcome.

in OCS Inventory NG agent for Windows by (840 points)

1 Answer

0 votes
I discovered the reason + solution for all the above problems.

Please see my extensive description in post  http://ask.ocsinventory-ng.org/2764/agent-failed-to-get-executable-plugin-psexec-exe-output

:-)
by (840 points)
 
Powered by Question2Answer
...