Firewall Ports
Before beginning the installation ensure that the required firewall ports are opened to install the agent.
- Port 22 TCP
- Port 9593 TCP
- Port 9594 TCP
- Port 9595 TCP, UDP
Modify Sudoers
Modify the sudoers file to provide the landesk account the required privileges.
WARNING: Making a mistake in the sudoers file can brick a machine. It is recommended that visudo is used to edit /etc/sudoers because upon saving, visudo checks the validity of the sudoers file.
The agent runs as the user landesk. While it has minimal privileges a few tasks such as remediating patches and software distribution do require elevated privileges. In order to function properly you must add the landesk account to the /etc/sudoers file. If you need the inventory to report the memory bank, cpu cache information and the board pci slot configuration the landesk account must be given root privileges.
- Run visudo
- Add the following to the sudoers file.
landesk ALL=(ALL) NOPASSWD: ALL
Defaults:landesk !requiretty
- Save the changes you made to sudoers;
Press ESC then type :wq and press enter.
- Once your changes are saved you will be returned to the previous screen.
Identify Core Certificate
Identify and note the filename of your Core's certificate
- The file can be found in the C:\Program Files\LANDesk\ManagementSuite\ldlogon folder.
- The name will be a random hexadecimal number with a .0 (dot zero) suffix. .ie 1a2b3c4d.0
- If two or more .0 files are found in ldlogon, check C:\Program Files\LANDesk\Shared Files\keys to find the name of the one to use.
Connect to your Linux Machine
- PUTTY can be found on the core server if you do not have a preferred application to connect to your Linux device. The PUTTY.exe can be found under Program Files\Landesk\ManagementSuite
- SSH to the Linux device you will be installing the agent on and log in as root.
Copy nixconfig.sh To Your Linux Machine
- Make a temporary directory to copy nixconfig.sh to using;
mkdir -p /tmp/ems
Navigate to your newly created directory using;
cd /tmp/ems
- Using the wget command copy the nixconfig.sh file from your core;
wget http://yourcorename.domain.com/ldlogon/unix/nixconfig.sh
Install the Agent
Note: Using this method will install the Linux Agent configuration you have marked as "Default". You can view your "Default" Agent configurations by opening the Agent Configuration tab and looking for the check mark on your Agent Configuration icons. Double clicking on an Agent Configuration will open the settings window and provide you with the option to mark an Agent Configuration as the default. If you would like to make a different Agent Configuration your default you can check the "Default Configuration" box and click save. Additionally, if you are planning on installing the Linux Agent to perform vulnerability scans make sure that the "Ivanti Vulnerability scanner" box is checked.
- Ensure that you are in the directory you copied nixconfig.sh to by using the print working directory command;
pwd You can then use the ls command to list the contents of your current directory and verify nixconfig.sh exists.
- Make nixconfig.sh executable using the chmod command;
chmod +x nixconfig.sh
- Execute nixconfig.sh to install the agent;
./nixconfig.sh -p -a yourcorename.domain.com -i all -k -cert filename.0
Informational:
-p Tells the installer to download and install prerequisites from repository
-a To specify the FQDN or IP address of the core
-i To specify what agent package to install ( all is typically used)
-k To specify the core certificate filename
- Once the install is complete you will see "nixconfig.sh done".
