Onboard Windows devices with AgentP in unattended or kiosk mode
In this topic, you will learn how to run Portnox™ AgentP in unattended mode or kiosk mode.
Install AgentP in unattended mode
In this section, you will learn how to install AgentP in unattended mode. User interaction is only necessary if AgentP cannot be onboarded automatically.
If you run AgentP in unattended enrollment mode, AgentP checks if the device is a member of Active Directory or Azure, and then sends AD/Azure identification data to Portnox Cloud (for example, the tenant ID, device ID, domain, user name, computer name). If the identification data matches the data in Cloud, AgentP can onboard in Portnox Cloud automatically using this data with no need of user interaction.
-
Download the AgentP installation file from the download page.
> curl -o agentp.msi "https://clear.portnox.com/enduser/DownloadAgentPForOsAndPackageType?osType=2&packageType=Windows_x64"
Replace Windows_x64 with Windows_x86 if you have a 32-bit architecture.
-
Run the installation from the command prompt with a parameter for unattended installation.
> msiexec /i agentp.msi /qn
When the onboarding window appears, one of two things can happen:
- If AgentP finds that the device/user are already onboarded, the onboarding window disappears after 5 to 20 seconds (after enrollment is complete), and AgentP is automatically enrolled.
- Otherwise, you must follow the steps in the onboarding window to enroll the current user manually. Until then, AgentP will not be enrolled.
Install AgentP in unattended mode with no user interaction
In this section, you will install AgentP in unattended mode using the logged-in Windows user. This procedure assumes that the computer was onboarded using UEM/MDM software and already has access to the secure network.
-
Download the AgentP installation file from the download page.
> curl -o agentp.msi "https://clear.portnox.com/enduser/DownloadAgentPForOsAndPackageType?osType=2&packageType=Windows_x64"
Replace Windows_x64 with Windows_x86 if you have a 32-bit architecture.
- Optional:
Configure the Windows registry settings for AgentP to hide the icon from the notification area (system tray).
> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Portnox AgentP" /v "TrayIcon" /t REG_SZ /d "hide" /f
-
Run the installation from the command prompt with parameters for unattended installation and unattended
enrollment.
> msiexec /i agentp.msi /qn UI_LAUNCH=1
- Optional:
Check the AgentP logs to confirm that AgentP is running in unattended mode.
The log file will contain an entry: Running in unattended mode.
To learn how to access AgentP logs, see the following topic: How to collect AgentP logs for support.
Switch to unattended enrollment mode
If you already installed Agent in interactive mode, you can change its configuration so that it runs in unattended mode (without user interaction).
-
Change the Windows registry settings for AgentP to enable unattended enrollment.
> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Portnox AgentP" /v "Mode" /t REG_SZ /d "umode" /f
-
Restart the AgentP service.
> net stop PortnoxAgentP > net start PortnoxAgentP
Switch to kiosk mode
If you already have AgentP installed in default (single-user) mode, you can change its configuration so that it runs in kiosk mode.
-
Configure the Windows registry settings for AgentP to work in kiosk mode.
> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Portnox AgentP" /v "Etype" /t REG_SZ /d "computer_account" /f
-
Restart the AgentP service.
> net stop PortnoxAgentP > net start PortnoxAgentP