Note : I will replace in all below samples our company's domain by ACME.local.
We are using a windows deployserviceaccount with Local Policies > User Rights Assignment (set by GPO):
- Act as a part of the operating system
- Log on as a service
- Log on as a batch job
We want to deploy the agents via GPO, using a OcsPackage.exe, created using OcsPackager.exe V184.108.40.206. and PsExec.exe V2.11 (dated 28/04/2014 - 388 KB).
I am using packager OcsPackager 220.127.116.11 and a company-specific certificate file acme.pem, to create the client deployment package OcsPackage.exe.
In this process I selected the following:
Agent Setup file:
Plugins : (leave as is:)
Command line options:
/SSL=1 /CA=acme.pem /NP /S /DEBUG=2 /NOW /SERVER=https://myserver.ACME.local/ocsinventory
Also tried with
Also tried with
In our Startup script, we are using this 1-line script:
OcsLogon.exe /INSTALL /PACKAGER /GPO /DEPLOY=18.104.22.168
In the same startup folder of this GPO, also files OcsPackage.exe (created with the OcsPackager.exe) and OcsLogon.exe are copied in here.
Contents of C:\ProgramData\OCS Inventory\ocsinventory.ini
[OCS Inventory Agent]
[OCS Inventory Service]
After deploying a first job, after installation of the OCS Inventory
Interactive Services Detection is showing : "A program running on this computer is trying to display a message":
--> View the message
PsExec License Agreement
'You can also use the /accepteula command-line switch to accept the EULA."
SYSINTERNALS SOFTWARE LICENSE TERMS
[Print] [Agree] [Decline]
Details: Program(s) or device(s) requesting attention.
Message title: PsExec License Agreement
Program path: C:\Program Files (x86)\OCS Inventory Agent\plugins\PsExec.exe
The OCS Agent service is NOT installed with the account DeployServiceAccount, but as Local Service !
For this, I have developed a separate work-around GPO startup script, to change the service parameters, once it is installed.
For any deployed job, the agent stays in status "Notified", and does never go further.
In addition, the folder
C:\ProgramData\OCS Inventory NG\Agent\Download\
stays EMPTY !!!
Only after accepting [Agree] the deployment is starting !!
My understanding is that the coding syntax for PsExec.exe with the OcsPackager.exe 22.214.171.124 contains a bug as to
1) the user syntax
2) the missing /accepteula command line option.
Any advice welcome.