How to Deploy Traps Using GPO Policy

How to Deploy Traps Using GPO Policy

21199
Created On 09/25/18 18:19 PM - Last Updated 12/14/19 00:59 AM


Resolution

Steps

  1. Download and install ORCA tool to edit the MSI package to include parameters. The tool is available in the Windows SDK Components for Windows Installer Developers.
  2. Edit the Traps MSI installer using ORCA.  Go to File > Open, then select the MSI installer file. Or right click on the MSI installer file and select Edit with Orca.
  3. Create MST file. Click on Transform > New Transform
    New Transform.jpg
  4. Go to the Property table to edit CYVERA_SERVER  and USE_SSL_PRIMARY.
    Wherein:
    CYVERA_SERVER = The primary Endpoint Security Manager (ESM) server address.
    USE_SSL_PRIMARY = Choose whether or not to use SSL (https) for the primary ESM. [0-Disabled, 1-Enabled].
    Cyvera_Server.jpg
    Use_SSL.jpg
  5. Generate the MST file after editing the MSI property. Go to Transform > Generate Transform.
    Generate Transform.jpg
  6. Save the MST file.
    Save MST.jpg
  7. Go to your domain controller and launched the Group Policy Management Console. Click on Start > Administrative Tools > Group Policy Management.
  8. Expand the domain and go to Group Policy Objects. Right click and select New. Name the new GPO policy. Ex. Trapsx64.
    Trapsx64policy.jpg
  9. Right click on the new policy, and select Edit to bring up the Group Policy Management Editor.
  10. Expand Computer Configuration > Policies > Software Settings
    GPO editor.jpg
  11. Right click on Software installation and select New > Package, then select the Traps MSI installer package.
    Select msi installer.jpg
  12. For deployment method, select Advanced
    Select Advanced.jpg
  13. Click on the Modifications tab to upload the MST file.
    Modifications tab.jpg
  14. You can create WMI filters to target the machine OS version, system type on which machines the policy will be applied to.  Ex. the above policy is for 64bit client machine only. The WMI filter to target 64bit OS only
    SELECT AddressWidth FROM Win32_Processor WHERE AddressWidth ='64'
    For more information on WMI filter, refer to the following articles:
  15. Go back to the Group Policy Management console and assigned the new created policy to the domain or group you want to apply the policy to. You can just drag and drop it.
    drag and drop GPO.jpg

 

Troubleshooting:

Applied install GPO does not execute:

It can occur that the GPO is not executed on the endpoint and installation is not started.
To mitigate this issue, edit the GPO to wait for a specified period of time ( seconds ).

To apply this setting to the GPO:

1. Open the Group Policy Management Editor and select the applicable GPO.

2. Right click on the GPO and click on Edit.

3. In the list of containers, please navigate to: Computer Configuration > Administrative Templates > System > Group Policy > Startup Policy Processing wait time.

4. Define a value between 30 and 120 and click on OK.

gpo.JPG

The following step will reboot the client machine.

5. Run gpupdate /force /boot, more information regarding gpupdate can be found at : 
https://technet.microsoft.com/en-us/library/bb490983.aspx

6. The installation should start, when the system is done rebooting, however a delay might be noticed of up to 120 seconds ( depending on the value used in troubleshooting step 4. ). This only applies to the GPO, for which the setting was applied.



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClPOCA0&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language