Deploying CDM silently to PC's

USAComputerServices · December 29, 2015, 10:45pm

How can I deploy CDM to a group of PC’s silently?
After it is installed silently how can I then associate the PC with a specific user in CDM?
Will users created in CDM populate to the Service Desk?

I’m trying to avoid having to email all users a link and ask them to follow directions. As simple as that may be, none of my managed users are going to do it.

Thanks

Scott · December 30, 2015, 4:35am

Hello @USAComputerServices

We have escalated this request and we will get back to you as soon as we have a resolution.

Nick · December 30, 2015, 7:53pm

Hello @USAComputerServices ,

Regarding your first questions, this can be done by using Settings > ‘Bulk Installation Package’.
Regarding your third question, the answer is no. The only way to have the users synced across modules is by adding them in ‘Staff’.
About your second question, we are still waiting for a resolution on this. Thank you for your patience!

Ilker · January 1, 2016, 11:16pm

Hi @USAComputerServices ,

As Nick mentioned, you can create deployment packages under Bulk Installation Packages menu and deploy them to all of targeted computers.
This is a feature that we are going to implement in Q1/Q2 but for now, you can see the logged on user under device details.
You don’t need to sync the users on service desk, since when users email you for a problem, they are automatically going to be added to service desk.

Larry_NSIT · January 28, 2016, 3:40am

Unfortunately, about 60% of our clients never use the ticket portal we show them how to use. They just email us or call and tell us to fix the problem. It is up to us to create the users, tickets, etc.

Matthew · January 28, 2016, 12:21pm

Hello @Larry_NSIT ,

Users will be added in Service Desk regardless if the ticket was created from the Ticketing Portal or directly by Email.

Ilker · January 31, 2016, 11:26am

Hi @Larry_NSIT

if you set your support email on service desk ( https://help.comodo.com/topic-289-1-625-7875-Email-Addresses.html ) you can capture all emails as tickets and users would be automatically created.

Also, you have an option to create when users call you over phone.

Ilker

PromptCare · February 3, 2016, 3:17pm

I feel your pain, @Larry_NSIT…but possibly worse. My clients are almost completely residential, with no connections to each other. “Deployment” isn’t a word that gets used with them.
From everything I’ve heard, I’m going to have to be doing just under a hundred remote connections to install everything manually. Even with that, I can’t just use the MSI because that requires AD so I have to manually add and then email every.single.user a link to enroll. Some might be able to handle it but a lot of my clients are elderly and will panic at the idea of installing something.

The lack of a non-AD way to silently install is very frustrating.

Larry_Core · February 3, 2016, 4:23pm

Yes, this is a similar situation. A lot of our clients get freaked out when something changes. If I can do it without them knowing I would prefer that.

Matthew · February 3, 2016, 6:20pm

Hello @PromptCare and @Larry_Core ,

We understand the necessity, but the issue here is not just a matter of silently installing an msi.
CDM, RMM, and Patch management msi installers, all support silent install commands.
For example:

for CDM: msiexec /i c:\cdm_agent_BbSBY000_installer.msi /q
for PM: msiexec /i patch_agent.msi /qn USERNAME=agent_random PASSWORD=pass CUSTOMER=custom IPADDRESS=patch.comodo.com
for RMM: msiexec /i c:\rmm-agent-x86_sD3DBD0000.msi /q

The real issue here is how can we contact non-AD machines that are behind a router, and that has no port forwarding configuration done, nor DHCP address reservation, or not even static IPs.
Then there is the issue of bypassing firewalls, transporting the msi installers, and authenticating on the target machines in order to install these MSIs.
Pushing a package from cloud and executing a silent command there, without having any aiding software installed on the target machines is the real challenge here.

Taking the above into consideration, a pull deployment (manual installation) is required.
CDM once installed on these machines, would resolve all above mentioned issues.
You can then push RMM, and through RMM you can do basically anything, silently, with System privileges.

PromptCare · February 23, 2016, 6:20pm

Yet, the RMM client, once installed, can silently install the Patch Management client.
If RMM can install PM, why can’t it install CDM the same way?

Nick · February 23, 2016, 7:03pm

Hello @PromptCare ,

I will forward your feature requests to the developers, to add CDM as an option in the drop down menu in the Application installer module. For the time being, you can use a procedure (similar to the attached print screen), that will deploy CDM Agent on the endpoints. For this, you will have to download the msi file from CDM dashboard > Settings > Bulk Installation Package. Please do not rename the file, as the file name is important for registering the devices properly. In my procedure, I have replaced the registering information with XXXXXXXX. Also, please note that the file path is in quotes. In case that you specify a different folder in File Transfer module, you will have to use the same file path in Shell Execute as well.

dougaust · March 9, 2016, 4:26am

Just interested to know if perhaps the option to generate the URL (or even a code) for installing like that is sent in the email in the console for a tech to install onsite or preinstall on a computer before it goes to a client bypassing the need to send them an email, as I find I will have to be the one to install the software so I would be required to send the email get the client to forward it back to me to preinstall on their computer. I have seen in the help somewhere being able to do that from the RMM console but the version I have doesn’t have an add device button so I cant do it like that

Scott · March 9, 2016, 5:03am

Hello @dougaust ,

If you are referring to Application Installer procedure from RMM, it is not generating an email. The procedure will run on the selected endpoints.

Harvey · March 9, 2016, 1:08pm

Hello @dougaust,

If you are referring to silently install the RMM agent, this is possible via “Install MSI/Packages” from Comodo Device Manager.

Since the integration of the RMM module into CDM, the ability of generating a separate RMM agent .msi file (or a direct enrollment from the RMM console) has been replaced by silently deploying the RMM agent from CDM.

In order to add a device in RMM, firstly you need to go into CDM and enroll the device:

> https://help.comodo.com/topic-214-1-771-9493-Enrolling-Windows-Endpoints.html or
> https://help.comodo.com/topic-214-1-771-9735-Downloading-CDM-Installation-Packages-for-Windows-Devices.html

Once enrolled and available in the CDM Devices List, check the device you want to deploy the RMM agent on, click on “Install MSI/Packages”, select “RMM agent” and hit Install.

> https://help.comodo.com/topic-214-1-771-9740-Remotely-Installing-Packages-onto-Windows-Devices.html

To access the RMM Administration console, click on “Takeover” and follow the steps from the new dialog window.

> https://help.comodo.com/topic-214-1-771-9524-Remote-Management-of-Windows-Devices.html

Should you have other questions, do no hesitate to let us know.

PromptCare · March 9, 2016, 3:57pm

I might be misreading but I read @dougaust 's post as: If I am manually installing the CDM on a client’s machine, is there any way to bypass sending the email to their account and activating from that emailed link directly. If, for example, I am connecting remotely and don’t have access to their email, how could one then still install CDM without needing client intervention? It would be more convenient to just have an activation link that we can copy/paste into the client’s browser to activate CDM on their behalf.
The few CDM installs I’ve done so far, I’ve had to contact the client and have them forward me the emails. Not super convenient.

Harvey · March 9, 2016, 4:34pm

Hello @PromptCare ,

Comodo Device Management allows administrators to download installation packages for deployment via AD server and to download installation package for offline installation and enrolling devices for specific users. > https://help.comodo.com/topic-214-1-771-9735-Downloading-CDM-Installation-Packages-for-Windows-Devices.html

Should you have other questions or if something is not clear enough, please let us know and we will provide you more details and instructions.

PromptCare · March 9, 2016, 9:52pm

Harvey, if you’ll read the first post in this thread, I point out that not everybody is in a corporate environment so don’t all have the luxury of using AD. My clients are mostly residentials with a handful of small businesses. AD is not an option.
That aside, I was trying to interpret the other fellow’s post.

Dylan · March 9, 2016, 11:18pm

Hello @PromptCare ,

Maybe this helps: you can download the offline installation package for the appropriate user (assuming that you want to enroll multiple devices under the same user) and run it on the target machines - it will silently install the CDM agent and the Endpoint Security software. Once installed, the agent will establish communication with the server and the device will be automatically enrolled.

dougaust · March 10, 2016, 12:36am

Hi Harvey,

no I mean can I enroll a device without sending out an email to a user

in an example, I am rebuilding a clients computer or am onsite at a clients so I have physical access to the machine, is there a way I can just get a URL or something that will enroll that device without needing to send an email.

at the moment I have set up a guest account that is linked to another email account of mine and I just use that to send the enrollment email

Just so you know I am in the ‘testing’ phase of using comodo one so I haven’t got it deployed on any client computers just a couple I have at home for testing