Skip to main content

Setting up customer in the ActiveDirectory section

After receiving the AD Agent, you need to add the name of your local domain controller to your dashboard. This is necessary to authorize your AD environment in the SafeDNS account. Before adding please make sure your billing plan is one of the business plans nor reseller plans.
In this new AD Agent, the user will have access to the section "ActiveDirectory" for setting up and working with the agent:

image-1696336979182.png

1. The setup starts with "Create Domain" on the "Domains" submenu tab.

      Enter the domain name and press the "Create" button.

image-1696859199898.png

After adding the DC to the list, you can begin installing the agent.
The agent is sent a signed MSI file with added user authorization credentials.
The client installs the package via GPO for the required number of users.

Here is the guide on how to use Group Policy to remotely install software (it was taken from the official Microsoft site learn.microsoft.com)

You can use Group Policy to distribute computer programs by using the following methods:

  • Assigning software

You can assign a program distribution to users or computers. If you assign the program to a user, it's installed when the user logs on to the computer. When the user first runs the program, the installation is completed. If you assign the program to a computer, it's installed when the computer starts, and it's available to all users who log on to the computer. When a user first runs the program, the installation is completed.

  • Publishing software

You can publish a program distribution to users. When the user logs on to the computer, the published program is displayed in the Add or Remove Programs dialog box, and it can be installed from there.

 Note

Windows Server 2003 Group Policy automated program installation requires client computers that are running Microsoft Windows 2000 or a later version.

Create a distribution point

To publish or assign a computer program, create a distribution point on the publishing server by following these steps:

  1. Log on to the server as an administrator.
  2. Create a shared network folder where you'll put the Windows Installer package (.msi file) that you want to distribute.
  3. Set permissions on the share to allow access to the distribution package.
  4. Copy or install the package to the distribution point. For example, to distribute a .msi file, run the administrative installation (exe /a) to copy the files to the distribution point.

Create a Group Policy Object

To create a Group Policy Object (GPO) to use to distribute the software package, follow these steps:

  1. Start the Active Directory Users and Computers snap-in by clicking Start, pointing to Administrative Tools, and then clicking Active Directory Users and Computers.
  2. In the console tree, right-click your domain, and then click Properties.
  3. Click the Group Policy tab, and then click New.
  4. Type a name for this new policy, and then press Enter.
  5. Click Properties, and then click the Security
  6. Clear the Apply Group Policy check box for the security groups that you don't want this policy to apply to.
  7. Select the Apply Group Policy check box for the groups that you want this policy to apply to.
  8. When you're finished, click OK.

Assign a package

To assign a program to computers that are running Windows Server 2003, Windows 2000, or Windows XP Professional, or to users who are logging on to one of these workstations, follow these steps:

  1. Start the Active Directory Users and Computers snap-in by clicking Start, pointing to Administrative Tools, and then clicking Active Directory Users and Computers.
  2. In the console tree, right-click your domain, and then click Properties.
  3. Click the Group Policy tab, select the policy that you want, and then click Edit.
  4. Under Computer Configuration, expand Software Settings.
  5. Right-click Software Installation, point to New, and then click Package.
  6. In the Open dialog box, type the full Universal Naming Convention (UNC) path of the shared installer package that you want. For example, \\<file server>\<share>\<file name>.msi.

 Important

Don't use the Browse button to access the location. Make sure that you use the UNC path of the shared installer package.

  1. Click Open.
  2. Click Assigned, and then click OK. The package is listed in the right pane of the Group Policy
  3. Close the Group Policysnap-in, click OK, and then close the Active Directory Users and Computers snap-in.
  4. When the client computer starts, the managed software package is automatically installed.

Publish a package

To publish a package to computer users and make it available for installation from the Add or Remove Programs list in the Control Panel, follow these steps:

  1. Start the Active Directory Users and Computers snap-in by clicking Start, pointing to Administrative Tools, and then clicking Active Directory Users and Computers.
  2. In the console tree, right-click your domain, and then click Properties.
  3. Click the Group Policy tab, click the policy that you want, and then click Edit.
  4. Under User Configuration, expand Software Settings.
  5. Right-click Software Installation, point to New, and then click Package.
  6. In the Open dialog box, type the full UNC path of the shared installer package that you want. For example, \\file server\share\file name.msi.

 Important

Don't use the Browse button to access the location. Make sure that you use the UNC path of the shared installer package.

  1. Click Open.
  2. Click Publish, and then click OK.
  3. The package is listed in the right pane of the Group Policy
  4. Close the Group Policy snap-in, click OK, and then close the Active Directory Users and Computers snap-in.
  5. Test the package.

 Note

Because there are several versions of Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.

  1. Log on to a workstation that is running Windows 2000 Professional or Windows XP Professional by using an account that you published the package.
  2. In Windows XP, click Start, and then click Control Panel.
  3. Double-click Add or Remove Programs, and then click Add New Programs.
  4. In the Add programs from your network, click the program that you published, and then click Add. The program is installed.
  5. Click OK, and then click Close.
2. After the Agent`s installation is complete, the agent starts automatically when the user logs in and transmits information about the user to the Dashboard on the "ActiveDirectory" page, "Users" submenu. After appearing, the user is not associated if he does not belong to a group that is in any collection.

image-1696337705171.png

3. To start filtering, you need to create a Collection in the "Collections" submenu section, "New Collection" button:

image-1696859734333.png

1. Enter the name of collection;

2. Choose a domain name;

3. Press the "Save Collection" button;

image-1696860002967.png

4. When creating a collection, a name is indicated and a profile is selected, and we also begin to select users and groups that were transferred by agents.
Everything we select will be filtered by the selected profile:

image-1706796009232.png

image-1706793780210.png

5. Once selected, users are shown as associated and belong to the collection:

image-1696340073193.png

This AD Agent is known potential bugs:
The following bugs are known to exist:
1) When switching user accounts on the same device, the filtering policies set for the first user are applied.
2) A new user who hasn't logged into a computer that has previously been used by others may encounter some issues with filtering and account login.
Back to top