No. Your inventory scanner should use the core server name. But did you run brokerconfig on those devices? This will make sure the communication will go through the gateway if the device is not on the LAN.
No, I didn't, but I'll try that today.
So running broker config on one of the devices worked. however the majority of my firms devices reside in field offices. these devices are not part of the domain because they are in far flun corners of the globe with spoty internet and not network infrastructure. (Doctors without borders type of locations)
So I plan to deply LANdesk to them via burning the stand alone agent config to a disc and mailing it. How do I set itup so that the broker config runs during installation, and thus connecting to the core via the gateway without me having to manually be at that PC?
Thanks very much for this. a few issues though. I had these instructions from before. when I went to save them as a word doc I realized they were there.
I've done this already and to avail.
Possibly because I've done this months ago before upgrading from 9.0 SP3 to 9.5?
Also the part about adding this line to the ntstacfg.in# file "FILE10001=BrokerConfig.lng, %PROGRAMFILES%\LANDesk\Shared Files\cbaroot\broker\BrokerConfig.lng"
I have two issues with that.
At no point did the instructions have me copy over BrokerConfig.lng over to this location.
Also I'm using winserver 2008 64bit, so shouldn't the location be here? "C:\Program Files (x86)\LANDesk\Shared Files\cbaroot"
I've been working on the same thing. It appears that on 64 bit systems the installer will automatically put the file in the (x86) location even though the variable is the non-x86 variable.
Not the case with me. I did all the instructions. I did the rebuild all. check advanced edit.
The line shows up there in the code, but there is no file in that location.
These instructions are rather old, and yes you should modify the path to reflect the x86.
Thanks . I did that. or rather I made new envronmental variable %programfilesx86% that points to C:\program files (x86)
and rerand everything else after, but is this process supposed to put something in the
C:\Program Files (x86)\LANDesk\Shared Files\cbaroot\broker" folder?
currently my folder stands empty.
it seems like we're putting something in the config that says get a file from this location... but the instructions do no instruct us to put a file there.
and if all these steps are so that rebuilind the agents puts the file there... why is it not there when I go looking? (yes I have my folder settings os that I see ALL files.)
Did you download the exe at the bottom of the page and create the lng file?
Copy the ConfigureBroker.exe to the LANDesk Core Servers ManagementSuite folder. This folder is shared by default with the share name of LDMain.
Run "ConfigureBroker.exe" and enter in the username and password of the broker.config user that was just created and that is a member of the LANDesk Management Suite user group.
(Do not use a domain account)
The ConfigureBroker.exe creates a folder in the LDMain share/ManagementSuite folder called "noshareLDLogon".
Inside this folder a file is created called "BrokerConfig.lng".
Copy the "BrokerConfig.lng" file to the root of the LDLogon share on the core server. The LDLogon folder is under the ManagementSuite folder.
NOTE: If using the ConfigureBroker.exe, it is highly recommended that “logon” rights from the local security policy for local users be removed. This will block non domain users from logging into the LANDesk application.
LANDesk 9.0 SP2: Role-based Administration has changed in LANDesk 9.0. The following items must be changed.
- The configure.broker user is a part of the Script-Writers Group.
- Add "modify" writes for the Script-Writers Group to the C:\Program Files\LANDesk\ManagementSuite\brokerreq folder on the core server
Including the .lng file in the LANDesk Agent
The following steps will update the default LANDesk Agent Configuration so that all agents will include the .lng file, and automatically retrieve the Gateway Certificate on Agent install.
Browse to the \ManagementSuite\ldlogon folder on the LANDesk Core Server.
Open the ntstacfg.in# file with notepad. Search for the [Common Base Agent Post Copy] section.
At the end of the [Common Base Agent Post Copy] section add the following line:
FILE10001=BrokerConfig.lng, %PROGRAMFILES%\LANDesk\Shared Files\cbaroot\broker\BrokerConfig.lng
LANDesk 9.0 SP2 Update: There are two [Common Base Agent Post Copy] sections in the LANDesk 9.0 SP2 agent.ini file. Be sure to add the previous lines to the larger section that appears first. If this is not done the LNG file will not be inserted in the self-contained agent executable. A good way to check this is to search the log for "brokerconfig.lng" after the self-contained executable is created. You should see a line stating that the brokerconfig.lng file was inserted into the CAB. (This is resolved in SP2 for LDMS 9.0 CR00047107)
After saving the changes, go to Configure | Services | Inventory and restart the Inventory Service.
After the service restarts, the existing agents must be rebuilt to include the new changes.
In the LANDesk Console, go to Tools | Configuration | Agent Configuration. Click the Rebuild All button.
To verify that the agents recieved the change, right click on an agent and choose Advanced Edit.
The Agent Configuration.ini file will open for that Agent.
Look under the [Common Base Agent Post Copy] section for the two lines that were added.
Create a self-extracting executable for the configuration by right-clicking on the configuration in the console and choosing Create self-contained client installation package.
Choose the location for the self contained EXE files, and click Save.
NOTE: After creating the self contained Agent Installer, it is highly recommended to remove the BrokerConfig.lng file from the Ldlogon share.
Install the self-extracting executable to the remote machine. If the machine is connected to the internet, then a cert will be created on the client during install.
If the machine was not connected to the internet when the agent was installed, When the inventory scanner runs and it will automatically run brokerconfig.exe -r when it realizes it doesn't have a cert.
After the client is configured for the Gateway then the BrokerConfig.lng is deleted
Manually using the .lng file
Run through the steps to create the .lng file. Manually copy the .lng file to the C:\Program Files\LANDesk\Shared Files\cbaroot\broker folder on an existing client. When the inventory scan executes on the client it will consume the .lng file and the broker certificates will be retrieved.