Cloud App Discovery
In an enterprise environment Administrator sometime using Group Policy Management for deploying an application to client domain join devices, so what we need to do if we are want to deploy Cloud App Discovery Agent to client devices?
If you want to know what is Cloud App Discovery and how to deploy Cloud App Discovery manual you can see here:
https://fazarsusanto.wordpress.com/2016/10/22/azure-ad-cloud-app-discovery/
The Cloud App Discovery agent includes both an executable (.exe) and a certificate file (.cert) bundled in a zipped folder. Active Directory Group Policy requires a standard MSI installer.
You have the option to deploy the MSI and certificate file at the same location on a server or in different location.
Here I want to try deploy agent & cert at same location on a server.
Requirement
· Download and install the WiX Toolset
· Change permissions on the certificate file to ‘read-only’
Step by step
Extract the MSI installer from EndpointAgentSetup.exe
1. Open CMD Run as Administrator.
2. Run <system root>\Program Files (x86)\WiX Toolset v3.8\bin\dark.exe with the following command:
Dark.exe <path EndpointAgentSetup.exe> -x <path to output folder>
Example:
Dark.exe D:\EMS\Software\CAD\CAD\EndpointAgentSetup.exe -x D:\EMS\Software\CAD\CAD\ExtractCAD
3. Cloud App Discovery Agent after Extracted.
4. Put Cloud App Discovery Agent .msi file & certificate file in share folder.
5. Create one GPO for Cloud App Discovery deployment policy.
6. Choose _32 file and click Open.
7. On Deploy Software either you can choose Assigned or Advanced. I choose Advanced because I want define name of the file.
8. I put _32 & _64 in GPO for deploying it into my client devices.
9. You can wait or trigger it by using CMD command gpupdate /force like the picture below on your client devices.
10. Please check services on your client device for making sure whether Cloud App Discovery Agent successfully installed.