Deploy the Device Management Agent with a Group Policy Object (GPO)

To deploy the BitTitan Device Management Agent (DMA) using a Group Policy Object (GPO), complete these steps:

  1. Download the DMA setup file from MSPComplete. Do NOT change the name of the setup file.
  2. Create a network share that is accessible to all of your customer’s computers, and put the DMA setup file in the shared folder.
  3. Create a Group Policy Object that forces the domain-joined computers in a security filter to execute the DMA setup file through a scheduled task.

These three steps are explained in greater detail below. 

Important

Some environments have settings that can prevent the successful creation of GPO or the running of scheduled tasks. If you are unable to install DMA with a GPO, our recommendation would be to share the install file from step 1 below with your users either via a Shared Drive or via email in order to allow them to run it themselves.  Alternatively, you can create an MSI package that can be used to install DMA using your preferred software deployment tool, such as SCCM.

Step 1: Download the DMA Setup File from MSPComplete

  1. In MSPComplete, click on All Customers from the navigation sidebar. 
  2. Click on the customer name for which you wish to deploy DMA.
  3. On the horizontal menu bar, click Users.
  4. Click Add Users, and then click Add Users via Device Management Agent
  5. On the Add Users via Device Management panel, click the Device Management setup file to download the DMA setup file to your local drive.  Please note that this file should not be renamed or altered in any way or it could cause issues when DMA is installed.

    Important

    These instructions are more detailed than those listed in the Add Users via Device Management Agent panel.

Step 2: Create a Network Share

Create a Network Share that is accessible to all of your customer’s computers, and put the DMA setup file in the shared folder.

Important

For more information about Windows Server file and storage services, read File and Storage Services Overview.
  1. Log on to the file server as an administrator.
  2. Click Start and search for Server Manager.
  3. Click Server Manager from the search results.
  4. Click File and Storage Services
  5. Click Shares
  6. Next to Shares, click Tasks
  7. Click New Share
  8. Continue through the New Share Wizard prompts until finished, then click Create
  9. Right-click on the new share in Server Manager, and click Open Share
  10. Put the DMA setup file in the share.
  11. Write down the share's network path. This will be needed when creating the scheduled task.

Step 3: Create a Group Policy Object

Create a Group Policy Object that forces the domain-joined computers in a security filter to execute the DMA setup file through a scheduled task

  1. Log on to the Active Directory Domain Controller as an administrator.
  2. Click Start and search for Group Policy Management.
  3. Click Group Policy Management
  4. Right-click on the desired Active Directory domain, and then click Create a GPO in this domain, and link it here.
  5. Enter a name for the GPO, and then click Ok.

    Important

    By default, the GPO will apply to all users and computers that successfully authenticate to the Active Directory domain.
  6. To narrow the scope of computers that install DMA, select Authenticated Users, and click Remove
  7. To confirm the removal, click Ok.
  8. To add a new security filter, click Add.
  9. Type the name of the security group that the target computers are a member of, and click Check names
  10. Click Ok.
  11. Right-click on the new GPO, and then click Edit
  12. In the console tree, under Computer Configuration, click Preferences > Control Panel > Scheduled Tasks.
  13. Right-click Scheduled Tasks, click New, and then click on Immediate Task (At least Windows 7).

    Important

    For more information about Scheduled Task Items, read the Configure a Scheduled Task Item TechNet article.
  14. Enter a name and a description for the Scheduled Task.
  15. Click Change User or Group
  16. Type "system" in the Object name text box.
  17. Click Check Names

    Important

    Make sure that the system object name resolves to NT Authority\System.
  18. Under Security options, click Run whether a user is logged on or not and add a check next to Run with highest privileges.
  19. In the Configure for drop-down menu, select Windows 7, Windows Server 2008 R2
  20. Click the Actions tab
  21. Click on New.
  22. In the Action drop-down menu, select Start a program
  23. In the Programs/script text box, enter the network path for the DMA setup file.


    Important

     If you use the Browse button to find the location of the script, then it will add the path as c:\xxxx. This is incorrect since the script needs to include the UNC path and not the local path. Be sure to replace the c:\ format with the \\servername\sharename\ format.​
  24. If the customer's computers use a proxy, you must add a command line parameter into the Add arguments field to ensure that DMA is able to transmit data through the proxy. Read the How do I deploy the Device Management Agent on computers that use a proxy?​​ article for more information.​
  25. Click Ok.
  26. Click the Conditions tab.
  27. Add a checkmark next to Start only if the following network connection is available, and then select Any connection.
  28. Click Ok
  29. Close Group Policy Management Editor, and then close Group Policy Management.

The DMA setup file will execute on user computers at the next Group Policy refresh, typically every 90 minutes, with a random offset of 0 to 30 minutes.

​​

Was this article helpful?
13 out of 17 found this helpful