Background process for Agent Deployment on a Windows machine

Document ID : KB000023275
Last Modified Date : 14/02/2018
Show Technical Document Details

Question: 

What is the background process while deploying an agent on a Windows machine?

 

Environment:  

All versions of Client Automation

 

Answer: 

Deployment to Windows targets using DMDeploy is subject to a number of environmental obstacles. Many events have to occur successfully before the deployment payload becomes active on a target system. Following is the sequence of events that occur while deploying agents to a Windows machine using shares.

1.    When a dmsweep command or the deployment wizard is initiated to deploy an agent, the permissions of the user is verified against the Security Model under Security Profiles. If the user has permissions he/she can proceed further.

 

2.    The targets are scanned next to check if they are valid for deployment. During a Deployment Scan job, the MDB is queried for the presence of the target to determine the target's OS (Operating System) type. The OS type is used to optimize the DMPrimer delivery if, for instance, the target OS type is Linux then the Windows share method of delivery will be skipped. The Scan process checks the presence of the target in DNS, tries to 'ping' the target followed by "CAMPING" to the target for the presence of DMPrimer. The 'ping' is not actually an ICMP ping but rather the DMDeploy manager will attempt to connect to the echo port (port 7) of the target computer. If the target has DMPrimer installed then the version of DMPrimer is queried.

 

3.    When the target is listed after the scan, DMDeploy tries to copy dmkeydat.pmr (Transfer Manager Public Key) to the admin$ share of the target using the logged on user credentials and the credentials of user account used for previous deployments.

 

4.    Credentials have to be supplied to deploy the payload if the user account does not have admin privileges on the target or the DMDeploy manager has not successfully authenticated with the DMPrimer running on the target machine. This is verified again with the Security Model and if the user has the required privileges he/she can deploy the package.

 

5.    If a Scalability Server is specified then the package delivery will be initiated via the Scalability Server.

 

6.    The DMDeploy manager then attempts to open a share (by default admin$ ) - on the target system.

 

7.    Once connected to the admin$ share on the target, DMDeploy copies the following files to the target:
DMBoot.exe, dmkeydat.pmr, dmsetup.exe and msvcr71.dll. 
If the delivery is via a Scalability Server has been selected then dmsetup.exe will be copied from the SS and not sent from the manager.

 

8.    Once the above files are copied to the admin$ (or whatever share the user has configured the manager to use for deployment), the primer installation gets launched on the target by the MSI installer. The task manager will show at least one msiexec.exe process running.

 

9.    After the primer install finishes, you should see this registry key:

     HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\DMPrimer.

This key will show where the primer files have been installed. The usual location is: C:\Program Files\CA\Unicenter DSM\DMPrimer.

 

10.After the primer installation it is launched and dm_primer.exe should appear in the task manager. The primer log file, C:\Documents and Settings\<user name>\Local Settings\Temp\dmprimer.log, should also be created at this point.

 

11.DMDeploy then transfers the actual agent package from the payload area to the target. If the deployment via a Scalability Server has been selected, the agent package will be copied from the SS by the primer. You should see transferring xx% messages appear in the GUI or the CLI. This is quite quick in comparison to the primer upload.

 

12.After the payload is delivered, DMDeploy waits for confirmation of delivery.

 

13.Once the payload delivery confirmation is received from the target an Install command is sent to the target and the package install starts. You will see a .msi process corresponding to the package being installed in the task manager (Ex: AgtAM.msi for the Agent + Asset Management plugin package)

 

14.After the agent package is successfully installed, the package installation status is sent back to the manager and displayed in the GUI/CLI.

 

Note: The agent deployment activity is captured in the TRC_CF_DMDEPLOY_x.log file.

To set detailed DMDeploy tracing for capturing the agent deployment activity use the command below:

 

 cfTrace -c set -mp dmdeploy -l DETAIL -s 50000 -ln 10