Installing the LMA from .bat over GPO for User Resolution

These instructions illustrate how to install the Lightspeed Management Agent from .bat over GPO as user agent for user resolution. All customers who have Rocket 3.x or higher need to use the LMA agent as their PC user resolution method.

Installation

1. Download the required agents.

Lightspeed Management Agent (LMA)

Web Filter Mobile Manager

The LMA Agent gives you the power to control certain device features that would be otherwise un-controllable.

OS Bit Version # Link
64 bit 3.1.6 LMA_Setupx64.msi
32 bit 3.1.6 LMA_Setupx86.msi
Note: Follow the installation instructions on this page in order to install the LMA over GPO.

 

2. Create a batch script that does the following:

@echo off
msiexec /i "%~dp0LMA_Setupx64.msi" co=0 mm=0 ua=1 id_server=filter.school.com /q

*Note: %~dp0 ensures the .msi is ran from the network directory the agent is hosted.
id_server=Fully Qualified Domain Name resolving to the internal Rocket NIC.

Example: Filter.school.com = 10.14.5.1

To locate the FQDN section on your rocket, navigate to Settings > Network Interfaces > Hostname

Ensure that the hostname resolves to your Rocket’s IP.

Figure 1: Network Interfaces, FQDN

1

 

3. Create a network directory to hold the LMA agent and .bat script.
*Note: Ensure only ‘read’ access is granted to your end-user security groups for this directory. Check out figure 1 for more information. Check out figure 2 for additional details.

Figure 2: Directory Rights. Directory example: \\server\Lightspeed Agents

2

4. Create the GPO inside you user OU.

  • a) From your Windows server, open up Group Policy Management and Active
    Directory Users and Computers.
  • b) From Group Policy Management, right click the OU where the agent will be
    deployed and select Create a GPO in this domain, and link it here…
  • c) Title the GPO, right click it and select Enforced.
  • d) All user accounts the GPO should apply towards will be in this OU. Figure 2 is how the Group Policy Management should look. Figure 3 displays the user accounts from AD Users and Computers pertaining to this tutorial.

*Note: For this scenario, we are testing on the Student OU using the “David” account.

Figure 3: Group Policy Management

3

Figure 4: Active Directory Users and Computers4

5. Configuring the GPO to run a login script.

  • a) From group policy management, right click the GPO you created in step 4 and
    select Edit.

Figure 4 – Edit GPO

5

  • b) From the user configuration, open Policies > Windows Settings > Scripts
    > Logon

Figure 5: Open Logon Settings

6

  • c) Click the Add button and navigate to the .bat script you created earlier. Select the .bat script and select OK and then  OK again.

Figure 6: Deploy Login Script from Network Directory

7

*Note: Ensure the .bat is being pushed out from a network directory.

Testing

1. On a test machine, login on the machine. Upon login, the script will run silently installing the user agent. Check the install directory and the registry to validate installation.

2. Validate that the install files and ID Server value are both present.

x64 install directory: C:\Program Files\Lightspeed Systems\LMA\Bin
Registry path: HKEY_LOCAL_MACHINE > Software > Lightspeed Systems > LMA
> User Agent

Figure 7: Install Files

8

Figure 8: Registry Keys

9