These instructions illustrate how to install the Lightspeed Management Agent from .bat over GPO as user agent for user resolution. All customers who have Rocket 3.x or higher need to use the LMA agent as their PC user resolution method.
1. Download the required agents.
Lightspeed Management Agent (LMA)
Web Filter Mobile Manager
The LMA Agent gives you the power to control certain device features that would be otherwise un-controllable.
Note: Follow the installation instructions on this page in order to install the LMA over GPO.
2. Create a batch script that does the following:
msiexec /i "%~dp0LMA_Setupx64.msi" co=0 mm=0 ua=1 id_server=filter.school.com /q
*Note: %~dp0 ensures the .msi is ran from the network directory the agent is hosted.
id_server=Fully Qualified Domain Name resolving to the internal Rocket NIC.
Example: Filter.school.com = 10.14.5.1
To locate the FQDN section on your rocket, navigate to Settings > Network Interfaces > Hostname
Ensure that the hostname resolves to your Rocket’s IP.
Figure 1: Network Interfaces, FQDN
3. Create a network directory to hold the LMA agent and .bat script.
*Note: Ensure only ‘read’ access is granted to your end-user security groups for this directory. Check out figure 1 for more information. Check out figure 2 for additional details.
Figure 2: Directory Rights. Directory example: \\server\Lightspeed Agents
4. Create the GPO inside you user OU.
- a) From your Windows server, open up Group Policy Management and Active
Directory Users and Computers.
- b) From Group Policy Management, right click the OU where the agent will be
deployed and select Create a GPO in this domain, and link it here…
- c) Title the GPO, right click it and select Enforced.
- d) All user accounts the GPO should apply towards will be in this OU. Figure 2 is how the Group Policy Management should look. Figure 3 displays the user accounts from AD Users and Computers pertaining to this tutorial.
*Note: For this scenario, we are testing on the Student OU using the “David” account.
Figure 3: Group Policy Management
Figure 4: Active Directory Users and Computers
5. Configuring the GPO to run a login script.
- a) From group policy management, right click the GPO you created in step 4 and
Figure 4 – Edit GPO
- b) From the user configuration, open Policies > Windows Settings > Scripts
Figure 5: Open Logon Settings
- c) Click the Add button and navigate to the .bat script you created earlier. Select the .bat script and select OK and then OK again.
Figure 6: Deploy Login Script from Network Directory
*Note: Ensure the .bat is being pushed out from a network directory.
1. On a test machine, login on the machine. Upon login, the script will run silently installing the user agent. Check the install directory and the registry to validate installation.
2. Validate that the install files and ID Server value are both present.
x64 install directory: C:\Program Files\Lightspeed Systems\LMA\Bin
Registry path: HKEY_LOCAL_MACHINE > Software > Lightspeed Systems > LMA
> User Agent
Figure 7: Install Files
Figure 8: Registry Keys