TDR Host Sensor CLI and GPO Installation

You can use the Windows command line interface (CLI) to install the TDR Host Sensor .MSI file. You can also use the command line option for deployment through Active Directory Group Policy Objects (GPO). To install the TDR Host Sensor from the Windows Command Prompt, you must download the Host Sensor .MSI installer file and get the Account ID and Controller Address for the TDR account.

For information about TDR Host Sensor OS compatibility, see the Threat Detection & Response Release Notes on the Fireware Release Notes page.

To install a TDR Host Sensor on a Windows computer, you must have:

  • Host Sensor .MSI installer file
  • TDR Account ID
  • TDR Controller Address

You must also run the installer as a Windows Administrator.

Download the Host Sensor and Account Information

To download the Windows Host Sensor .MSI installation file and account information:

  1. Log In to the TDR Web UI as a user with Operator credentials.
  2. Select Configuration > Host Sensor.
    Download instructions and links appear for each Host Sensor.
  3. Copy the Account ID and Controller Address.
  4. In the Windows section, click Download.
    The Host Sensor .MSI installer file downloads.

Install a Host Sensor from the Windows Command Prompt

To run the Host Sensor .MSI installer:

  1. In the Windows Start menu, right-click the Command Prompt and select Run as Administrator.
    A Windows Command Prompt window opens.
  2. Change directory to the location of the .MSI file.
  3. To run the Host Sensor installer, in the Command Prompt window, type:

msiexec /i [host sensor msi file] /quiet AccountUUID=[Account ID] CONTROLLER_ADDRESS=[Controller Address]

For example:

msiexec /i host_sensor_5.0.2.7180.msi /quiet AccountUUID=d4377396-ff5e-4a65-8518-4907d0492855 Controller_Address=tdr-hsc-eu.watchguard.com:443

After you install the Host Sensor, check the status on the Hosts page in the associated TDR account. For more information, see Manage TDR Hosts and Host Sensors.

Use an AD GPO to Install Host Sensors

You can use the command described in the previous procedure to remotely install Host Sensors on multiple hosts through an AD Group Policy Object (GPO). You must use an installation method that supports command line parameters.

There are two methods to set up a GPO to install an .MSI file with command line parameters:

Option 1 — Create a System Startup GPO That Runs a Batch File

Configure a GPO for a startup script or logon script that runs a batch file that installs the Host Sensor. The batch file contains only one line, which specifies the network path to the .MSI file. The other parameters are the same as described in the previous procedure for installation from the Windows Command Prompt.

msiexec /i "[path]\[host sensor msi file]" /quiet AccountUUID=[Account ID] CONTROLLER_ADDRESS=[Controller Address]

For example:

msiexec /i "\\server\share\host_sensor_5.0.2.7180.msi" /quiet AccountUUID=d4377396-ff5e-4a65-8518-4907d0492855 Controller_Address=tdr-hsc-eu.watchguard.com:443

Option 2 — Create a Software Installation GPO that Uses a Transform (MST) File

Create a transform file (.MST) that contains the required command line parameters. The Orca tool to create the .MST file is in the Windows SDK, which is available from Microsoft.

After you create the .MST file, create a Software Installation GPO that includes both the .MSI and .MST files.

See Also

TDR Host Sensor Automated Installation

Uninstall TDR Host Sensors

Give Us Feedback     Get Support     All Product Documentation     Technical Search