Windows Agent Deployment

You can install an ITM On-Prem (ObserveIT) Agent on any Windows-based server that you want to monitor and record.

From version 7.12.0, before deploying, you must download the JWT file with authentication details.
The downloaded file will be valid for the specified number of days. When the file expires, it cannot be used for additional installations. Make sure the file will not expire before you have time to complete the installation. It is suggested that you set the number of days to 180. For security reasons, after successful installation, it is recommended that you remove the file.
(See Configuring Service Settings.)

Windows Agent installation is performed over a standard Windows installer package (.MSI) that is well supported by software distribution applications and Group Policy (GPO). The Windows Agent can be installed by using the default installation (using a simple batch file) or by using a custom installation which allows you to configure advanced settings, including the Agent registration mode and user recording policy.

For improved security, you may also be required to provide a security password when installing or uninstalling the Agent. Requiring a password to install Agents prevents the unauthorized recording of computers and the unauthorized consumption of ITM On-Prem (ObserveIT) licenses. By also requesting a password on uninstallation of an Agent, unauthorized removal of a computer from ObserveIT's list of recorded machines is prevented.

Optionally, a system tray icon can be configured to be displayed on the machine when the Agent is running.

You can deploy as many ITM On-Prem (ObserveIT) Agents as required up to the licensing limit. For a small number of monitored servers, it is recommended that you manually install the Agent on each system.

To prevent Antivirus programs from blocking ITM On-Prem (ObserveIT) Agent executable files, ITM On-Prem (ObserveIT) works with Antivirus vendors to permanently whitelist the executable files. For details on how this is done, see Excluding ITM On-Prem (ObserveIT) Processes from Antivirus Software.

For information about the minimum system requirements for installing ITM On-Prem (ObserveIT) Windows Agents, see System Requirements for ITM On-Prem (ObserveIT) Components.

You must have a valid license file containing your purchased ITM On-Prem (ObserveIT) license. Attempting to install Agents on more systems than your license permits, or on systems that are not a part of your license (for example, attempting to install the Agent software on a Windows machine, for which you do not have a workstation-type license, or when all the existing workstation-type licenses were used up) will result with an installation failure.

Large Deployments

For large deployments, you can use a software distribution application such as Microsoft System Management Server or logon scripts to deliver the installation package. The Agent setup application is a standard Windows installer package that is well supported by software distribution applications and Group Policy (GPO).

Prerequisites

Install the Agent in its own directory. This directory cannot contain other files or folders.

Make sure that you have the following information, and have performed these tasks before installing ITM On-Prem (ObserveIT) Windows Agents:

Use the operating system update mechanism and best-practices to ensure that all servers are patched with critical updates.
Ensure your servers meet all System Requirements for the components you are installing.
Login credentials for an account with administrative privileges on the computer on which you intend to install the ITM On-Prem (ObserveIT) Windows Agents.
The IP address and host name of the computer that hosts the ITM On-Prem (ObserveIT) Application Server.

Reading & storing computer name (hostname) that are using complicated encoding character set is not supported.
If there is a firewall between the computers that run the ITM On-Prem (ObserveIT) Agents and the ITM On-Prem (ObserveIT) Application Server, you must allow traffic for the TCP ports on which the ITM On-Prem (ObserveIT) Application Server communicates through that firewall. For new ITM On-Prem (ObserveIT) installations, the default port is 4884, but this port can be changed to meet the organization's requirements. Note that you can also configure ITM On-Prem (ObserveIT) to use SSL, which will change the port to 443.

To verify, use the following command on the Windows computer:

telnet <ServerIP> <Port>

where ServerIP is the IP address or name of the ITM On-Prem (ObserveIT) Application server and Port is the TCP port used by the ITM On-Prem (ObserveIT) Application Server.

The following topics describe how to perform the following manual installations:

Agent Default Installation on Windows