Prerequisites
- Microsoft .NET Framework 4.7.2 or above must be installed. It can be downloaded using this link https://support.microsoft.com/en-ca/help/4054530/microsoft-net-framework-4-7-2-offline-installer-for-windows
Note: As of Agent Version 2.9.2.0 we are now including a process to automatically download and install .NET Framework 4.7.2 for those systems that do not currently have it installed. -
Supported Server Operating Systems: Microsoft Windows Server 2012, 2012 R2, 2016, 2019, 2022.
- Windows Server 2008 R2 (Limited Support): Due to Microsoft's ending support for this OS not all features with Quickpass are supported including Service account rotation, Active Directory password filter and enforcement of password history in the self-serve system.
- Supported Workstation Operating Systems: Microsoft Windows 10, and 11
- Supported Server Roles: Active Directory Domain Controller, Active Directory Member Server or Standalone Windows Server
- Supported Workstation Roles: Active Directory joined or non Active Directory joined workstation
- Failover and Redundancy: Install agent on all Domain Controllers for redundancy and to ensure Quickpass catches password resets performed on directly on all domain controllers.
- Detect Password Changes on Domain Controllers: Install agent on all Domain Controllers to ensure Quickpass catches password resets performed on directly on all domain controllers.
- Active Directory functional level must be minimum Windows Server 2008 R2 or above.
-
Domain Controllers have the latest service packs installed and are fully patched.
- Domain Controllers must have both the DNS Client and DNS Server services installed and services must be allowed to run.
- Password Policy AD: By default Quickpass will take the password settings from the Password Policy that is applied to the Domain Controller via GPO.
- Password Policy Non-AD: The local security policy is used in place of a group policy
- Threat Protection Configured: https://support.getquickpass.com/hc/en-us/articles/7451130677783-Server-Agent-is-getting-blocked-by-Threat-Protection
-
Internet Access: The Agent needs to communicate with the CyberQP infrastructure over the Internet. Please see this KB to ensure outbound communication is available for the Account doing the installation as well as the Service account/System.
https://support.getquickpass.com/hc/en-us/articles/4402712146711-Firewall-Port-Exceptions-IP-Whitelisting-for-Agent-and-API-Communication
Silent / Scripted Installation
The silent or scripted installation can be done through a Command Prompt or PowerShell command line interface (CLI). Similarly you can also deploy the agent through your RMM solution. For deploying through your RMM solution please consult your vendor's documentation on how to push software remotely through their RMM agent.
Please see the Article "Export Customers List, Status, and Agent ID's" for the process to track all of your Customer Agent IDs.
Scripting your Installation
Once you have downloaded the agent executable, ensure you note the folder you saved the install into.
Command Line/DOS | Powershell |
Open a Command Prompt from the server you wish to install from and ensure you select Run as Administrator.
|
Open a PowerShell command prompt and ensure you select Run as administrator. |
In the Command Prompt change the directory to the folder you downloaded or saved the server agent to. |
|
Type in the agent installer executable followed by the following command line parameters. Quickpass-Agent-Setup.exe /quiet INSTALLTOKEN="<InstallToken>" CUSTOMERID="<AgentID>" /NORESTART
|
Type & followed by the full agent installer executable path in between "" followed by the following command line parameters. & "C:\<PATH>\Quickpass-Agent-Setup.exe" /quiet INSTALLTOKEN="<InstallToken>" CUSTOMERID="<AgentID>" /NORESTART
|
Region: The default region will always be North America if the Region value is not specified. To specify the Europe region for the silent installer you must add the REGION="EU" to your silent installer script. |
Region: The default region will always be North America if the Region value is not specified. To specify the Europe region for the silent installer you must add the REGION="EU" to your silent installer script. |
MSA Account Options | |
No Value Specified | The Local System Account will run the Quickpass Agent Service |
MSA=0 | The Local System Account will run the Quickpass Agent Service |
MSA=1 | A Managed Service Account will be created to run the Quickpass Agent Service NOTE: This is only used for Domain Controllers. All other system types this command will be ignored. |
Restart Commands | .NET lower than 4.7.2 | .NET 4.7.2 or Higher Already Installed |
No value Specified | After installation of .NET completes the system will automatically be restarted & After admin login, installation of the Agent system will complete and system will NOT be rebooted | After installation of the Agent system will NOT be rebooted |
/NORESTART | After installation of .NET completes the system will NOT automatically be restarted & After admin login, installation of the Agent will complete and system will NOT be rebooted | After installation of the Agent system will NOT be rebooted |
/FORCERESTART | After installation of .NET completes the system will automatically be restarted & After admin login, installation of the Agent will complete and system will NOT be rebooted | After installation of the Agent system will NOT be rebooted |
RESTART=1 | After installation of .NET completes the system will automatically be restarted & After admin login, installation of the Agent will complete and system will be rebooted | After installation of the Agent system will be rebooted |
Next Steps
- Powershell Script - https://support.getquickpass.com/hc/en-us/articles/4414062591639-PowerShell-Script-for-Agent-Installation
Troubleshooting
- Ensuring MSA enabled installation allows service to start.
https://support.getquickpass.com/hc/en-us/articles/17291924425111-Using-MSA-for-Agent-on-Domain-Controllers-Resolving-Inability-to-Start-Service
Comments
0 comments
Please sign in to leave a comment.