InSync Client Automatic Deployment And . - Druva
2y ago
54 Views
1 Downloads
458.45 KB
11 Pages
Report/dmca
Download PDF

Transcription

Automatic Deployment and Authentication GuideThis document gives administrators an overview ofautomatically deploying inSync.www.druva.comTable of ContentsContentsIntroduction. 3

Automatic Deployment and Authentication GuideinSyncConfig.ini File Composition .3Druva Automatic Deployment Package . 4The Process . 5Server.conf : INI creation Modes . 5Group/Profile Mapping. 6Binaries Location. 6Edit MASSDS.bat . 7Edit SI.bat . 7GPO Setup . 8Help . 10Disclaimer . 11Page 2

Automatic Deployment and Authentication GuideIntroductionDruva inSync has the ability to allow an organization to automate the Account Creation, Deployment,and authentication of inSync Agents.The process relies on the creation of an “ini” file on the target machine which contains the informationneeded to create and assign the account to the correct inSync Server, Storage and Profile, and also thetarget users’ credentials.The auto installation of client feature helps to install the inSync client package on the client computerand loads the authentication key without user’s intervention. After the successful installation of inSyncclient, the user is created on the inSync server without manual Administrator inputAn organization can create their own scripting methods to create and save this information, or use theAutomatic Deployment package provided by Druva to assist in is process.The Druva Automatic Deployment package can integrate with AD, or a CSV file to create the required inifilesinSyncConfig.ini File CompositionThe INI file contains the following information for the MSI installer to read after installationThis allows the account to be configured on the inSync server, and the users account to beauthenticated.ADDRESS 'IP Address of inSync Server:6061'STORAGE 'Name of Target Storage'PROFILE 'Name of Target Profile'ADUSERNAME 'AD UserName of user'USERNAME 'Name of User for inSync Account'MAIL 'email address of user'WINUSERNAME 'Windows UserName of user'WINUSERDOMAIN 'Windows UserDomain of user'The ini file should be created in the following location on the target device C:\Windows\tempPage 3

Automatic Deployment and Authentication GuideDruva Automatic Deployment PackageThis article describes how to use the Microsoft Active Directory Group Policy to automatically distributeand deploy the inSync Client installable (MSI) across domain computers or users and to authenticatethem automatically as well.Note: The method used for MS Active Directory Group policy can be used with other third party toolssuch as SCCM, LANDesk etc.Currently, auto installation feature supports only Windows and Macintosh client versions.Note: The mass deployment of inSync clients support new client installation only and does notsupport upgrade to the existing inSync clients.Before you begin the auto installation of Windows client, make sure you have installed the latest inSyncserver and configured the user profile and storage.Following is the block diagram of inSync client auto-installation process for Microsoft Windowsoperating system.Download INI creator ZIPand Unzip to a file shareaccessible to all usersEdit server.conf to reflectthe deployment method& enter detailsEdit MASSDS.bat script toreflect new file share pathEdit SI.bat for MSI in fileshare, Mass deploymenttoken and INI file pathGenerate MassDeployment Token frominSync Server consoleSetup MASSDS.bat underGPO to execute as UserLog on ScriptSetup SI.bat under GPO toexecute as WindowsStartup ScriptPage 4

Automatic Deployment and Authentication GuideThe ProcessTo automate the entire process we need to execute two steps using GPO Create an %username%.INI fileDeploy MSI using Mass deployment tokenYou can download the package from here pv1.2.zip: This package has some libs and binaries which help creating the inSync INI file.There are some editable files for customizing the package to your environment1. Server.conf : Allows us to set Server address, default storage and profile, and select INI creationmode (AD or CSV).2. MASSDS.bat: This is a batch script which is responsible for invoking the inSync INI creator exe.Hence it is executed using User log on scripts via GPO.3. SI.bat: This is again a batch script which is executed a machine startup script and it executesusing parameters like TOKEN and INIFILE.Server.conf : INI creation ModesThe inSync INI creator package allows using two different modes to create INI file. These modes can beclassified as below: Use LDAP: In this mode if the “server.conf” has variable “CSV No” the exe will query the LDAPserver to find the logged in user email ID. The server.conf here will look as below[DETAILS]SERVER IP 192.168.51.77:6061,192.168.51.78:80STORAGE inSyncStorePROFILE DEFAULTCSV NoBASEDN DC Scorpius,DC Druva,DC COMLDAP IP ldap://192.168.51.77:3268LDAP USERNAME administrator@scorpius.druva.comLDAP PASSWORD p@ssw0rdUSERDOMAIN scorpius.druva.comPage 5

Automatic Deployment and Authentication GuideGROUPMAPPING Yes[PROFILEMAPPINGS]Administrators ITPROFILE1 SALES Use CSV: In this mode if the “server.conf” has variable “CSV Yes” the exe will try and parsethrough the users.csv file provided by the administrator. The users.csv format looks somethinglike gmail.com,inSyncStore,IT,test2,test2@gmail.com, inSyncStore,IT,test3,test3@gmail.com, inSyncStore,IT,test4,test4@gmail.com, inSyncStore,IT,test5,test5@gmail.com, inSyncStore,IT,test6,test6@gmail.com, inSyncStore,IT,test7,test7@gmail.com, inSyncStore,IT,test8,test8@gmail.com, inSyncStore,IT,Group/Profile MappingThe “server.conf” also has another section known as [PROFILEMAPPINGS]. This allows IT administratorsto map their exiting AD group with inSync server user profile. For example: We can use an AD group asadministrators and map it inSync user profile as IT. The parameters look as below[PROFILEMAPPINGS]Administrators ITNote: Please note that INI creator will use the logged user accounts member group to execute themappings if the user does not belong to mapped groups then the default profile will be used.Binaries LocationThe zip files of automatic deployment needs to be hosted on common accessible shares so that theseare available to all the users to be executed. The path for share needs to be updated in MASSDS.bat aslisted in next section.Page 6

Automatic Deployment and Authentication GuideEdit MASSDS.batOnce we have the file share and server.conf configured we can now edit MASSDS.bat to reflect latestpaths. The file could look as below@echo onIF EXIST C:\inSyncAD goto CHECKINImkdir C:\inSyncADcd C:\inSyncADcopy "\\192.168.51.77\iMD\*.*" "C:\inSyncAD" filecopy.loggoto CHECKINI:CHECKINIcd C:\inSyncADif EXIST "c:\inSyncAD\%username%.INI" goto ENDMass Dep.exe:ENDEdit SI.batSimilarly we can now edit SI.bat to reflect new paths and MSI name along with new token value frominSync server web console Management Users Import Mass Deployment token@echo oncopy "\\192.168.51.77\iMD\*.msi" "C:\inSyncAD"cd C:\msiexec /qn /i C:\inSyncAD\inSync5.0.msi TOKEN "4-9eff6f87a64bb5a7614ce3f173c24e81"INIFILE "C:\inSyncAD\%USERNAME%.INI" /Lime C:\inSyncAD\MSIlog.txtif exist "c:\program files (x86)" goto WIN7goto XP:WIN7cd "C:\Program Files (x86)\Druva\inSync"Page 7

Automatic Deployment and Authentication GuideinSyncGUI.exegoto END:XPcd "C:\Program Files\Druva\inSync"inSyncGUI.exegoto END:ENDGPO SetupOnce we have the file shares configured along with server.conf file. We can now start executing thesteps below to start the automatic deployment In GPO create a policy on user logon script to execute MASSDS.batIn GPO create a policy on Windows startup script to execute SI.batSee the following screen shot.Page 8

Automatic Deployment and Authentication GuideNote: For details on how to setup GPO policies please follow Microsoft KB article herehttp://support.microsoft.com/kb/816102Note: The logs are created at C:\inSyncAD and Users temp directory.Sample log from inSync AD folder.Filename: AD.log2012-07-13 15:36:15,489 INFO Using LDAP Method .2012-07-13 15:36:15,505 INFO The logged in useris:sbhaskar@SCORPIUS.DRUVA.COM2012-07-13 15:36:15,505 INFO Connected to the LDAP Server2012-07-13 15:36:15,505 INFO ldap searching.2012-07-13 15:36:15,505 INFO [('CN SirohiBhaskar,CN Users,DC Scorpius,DC druva,DC com', {'primaryGroupID':['513'], 'cn': ['Sirohi Bhaskar'], 'objectClass': ['top', 'person','organizationalPerson', 'user'], ], 'lastLogonTimestamp':['129858174761464843'], 'instanceType': ['4'], 'distinguishedName':['CN Sirohi Bhaskar,CN Users,DC Scorpius,DC druva,DC com'],'dSCorePropagationData': ['20120703202239.0Z', xe1\xc1\xefr \x03n\x04\x00\x00'], 'whenCreated': ['20120703174520.0Z'],'uSNCreated': ['21918'], 'mail': ['bhaskar@druva.com'],Page 9

Automatic Deployment and Authentication Guide'sAMAccountName': ['sbhaskar'], 'objectCategory':['CN Person,CN Schema,CN Configuration,DC Scorpius,DC druva,DC f\xf5]\x13%\xd3\xfa\xd0'],'whenChanged': ['20120709125243.0Z'], 'displayName': ['SirohiBhaskar'], 'name': ['Sirohi Bhaskar'], 'memberOf':['CN Galaxy,OU LEO,DC Scorpius,DC druva,DC com', 'CN PF,OU PreSales,DC Scorpius,DC druva,DC com','CN Administrators,CN Builtin,DC Scorpius,DC druva,DC com'],'userAccountControl': ['66048'], 'sAMAccountType': ['805306368'],'uSNChanged': ['24971'], 'sn': ['Bhaskar'], 'givenName': ['Sirohi']})]2012-07-13 15:36:15,519 INFO Groupnames are ['Galaxy', 'PF','Administrators']2012-07-13 15:36:15,519 INFO Could not find group mapping forgroupname Galaxy2012-07-13 15:36:15,519 INFO Could not find group mapping forgroupname PF2012-07-13 15:36:15,519 INFO Found group mapping forgroupname Administrators2012-07-13 15:36:15,519 INFO Connection established with inSync server2012-07-13 15:36:15,519 INFO Creating sbhaskar.ini file2012-07-13 15:36:15,519 INFO sbhaskar.ini file createdat:C:\inSyncAD\sbhaskar.INIMSI Installation log: Logging started: 7/13/201215:39:34 Action start 15:39:34: INSTALL.Action start 15:39:34:SystemFolder.30729.01.Microsoft VC90 CRT x86.SP.D8D85FD0 537C 3A3A 9BEC 7A1B426637EC.Action ended 15:39:48: INSTALL. Return value 1.MSI (s) (10:50) [15:39:48:649]: Product: Druva inSync 5.0 -Installation completed successfully. Logging stopped: 7/13/201215:39:48 HelpFor more information, visit http://www.druva.com/support/ or send an email to support@druva.com.Page 10

Automatic Deployment and Authentication GuideDisclaimerDruva Inc. shall not be liable for errors contained in this document and any damages in connection withthis document. Contact SupportUS: 1-855-349-4410International: 800-334-30000India: 1-800-209-3011Page 11www.druva.com

client, the user is created on the inSync server without manual Administrator input An organization can create their own scripting methods to create and save this information, or use the Automatic Deployment package provided by Druva to assist in is process.File Size: 458KB

Related Books

Automatic Voice/Pager Automatic Voice Dialer w/Remote .

Automatic Voice/Pager Automatic Voice Dialer w/Remote .

SAS Deployment Wizard and SAS Deployment

SAS Deployment Wizard and SAS Deployment

Infoblox Deployment Guide - Network Insight Deployment

Infoblox Deployment Guide - Network Insight Deployment

Client Security Solution 8.21 Deployment Guide

Client Security Solution 8.21 Deployment Guide

Evaluation Guide Druva inSync versus HP Connected Backup

Evaluation Guide Druva inSync versus HP Connected Backup

Druva inSync vs. HP Connected

Druva inSync vs. HP Connected

CS Druva inSync User Guide

CS Druva inSync User Guide

Druva inSync

Druva inSync

inSync: Smarter Endpoint Backup

inSync: Smarter Endpoint Backup

ESG Lab Review Druva inSync: Simplified, Robust Endpoint .

ESG Lab Review Druva inSync: Simplified, Robust Endpoint .

UBC Department of Botany inSync Backup Service

UBC Department of Botany inSync Backup Service

eScription One InSync - DeliverHealth

eScription One InSync - DeliverHealth

PopularTags

Recent Views