Step 1. Deploy Management Agents Using Group Policy

In this article

    You must create an MST file with custom configuration parameters and use this MST file to deploy the Veeam Service Provider Console management agents on remote computers. The management agents will use parameters specified in the MST file to connect to a cloud gateway on the service provider side.

    Step 1.1. Obtain Management Agent Setup File

    Download the management agent setup file:

    1. Log in to Veeam Service Provider Console.

    For details, see Accessing Veeam Service Provider Console.

    1. In the menu on the left, click Managed Computers.
    2. At the top of the computers list, click Download Agent and select Windows OS type.
    3. In the Download Management Agent window, specify management agent settings:
    • In the OS type list, select the necessary operating system version (x32, x64).
    • In the Token expiry period field, specify time period for which you want to verify the management agent. After the specified period expires, you will have to verify the agent manually.

    Download Management Agent

    1. Click Download.

    The MSI setup file will be saved to the default download location on your computer.

    1. Copy the file to a network share.

    The network share must be accessible from all remote computers on which you want to deploy the management agent.

    Make sure you set at least Read permissions on the files.

    Step 1.2. Create MST Configuration File

    Create an MST configuration file with installation parameters that point to the necessary cloud gateway:

    1. In the directory with setup file, open the management agent setup file and for edit with Orca.

    For details on Orca, see Windows Dev Center.

    1. In the menu, choose Transform > New Transform.
    2. In the Tables pane, click Property.
    3. Add the following properties to the table:
    • ACCEPT_THIRDPARTY_LICENSES — specifies if you want to accept the terms of the license agreement for the 3rd party components.

    Specify 1 if you want to accept the terms and proceed with installation.

    • ACCEPT_EULA — specifies if you want to accept the terms of the Veeam license agreement.

    Specify 1 if you want to accept the terms and proceed with installation.

    • VAC_CERT_THUMBPRINT — thumbprint of a certificate that is installed on the Veeam Service Provider Console server, and used to secure traffic between the service provider and clients.

    The thumbprint is used to verify the authenticity of the certificate. Although this property is optional, it is recommended that you specify it.

    1. If you have changed the default port number when deploying the cloud gateway, locate the CC_GATEWAY_PORT property and change the port value.

    For details on the gateway port configuration, see section Adding Cloud Gateways of the Veeam Cloud Connect Guide.

    1. In the menu, choose Transform > Generate Transform.
    2. Save the MST file with configuration details.
    3. Close Orca.
    4. Copy the MST to a network share.

    The network share must be accessible from all remote computers on which you want to deploy the management agent.

    Make sure you set at least Read permissions on the file.

    Edit MST File

    Step 1.3. Create Group Policies

    Create a Group Policy that will install and configure the management agent on remote computers:

    1. Log on to a domain controller.
    2. Open the Group Policy Management Console.
    3. Right-click the OU which includes computers on which management agents must be deployed, and choose to create a new Group Policy Object.
    4. Right-click the Group Policy Object and choose Edit.
    5. In the left pane of the Group Policy Management Editor, expand Computer Configuration > Policies > Software Settings.
    6. Right-click Software Installation and select New > Package.
    7. In the Open window, point to the management agent setup file located on the network share.

    This must be the setup file obtained as a result of installation in the administrator mode, as described at Step 1.1.

    1. In the Deploy Software window, choose the Advanced deployment method.
    2. Open the Modifications tab, click Add and choose the MST file located on the network share.
    3. Click OK.
    4. In the left pane of the Group Policy Management Editor, expand Computer Configuration > Policies > Administrative Templates > System > Logon.
    5. Right-click the Always wait for the network at computer startup and logon policy setting and choose Edit.
    6. In the policy setting window, select Enabled and click OK.
    7. Close the Group Policy Management Editor.

    Create Group Policy

    Step 1.4. Apply Group Policies to Remote Computers

    Apply the created Group Policy to remote computers.