Deploy DLP Endpoint Agent By Active Directory GPO
To deploy DLP Endpoint Agent on an enterprise environment that already has Active Directory, you can create a mst file and use Group Policy Objects (GPO) to deploy the agent.
You need to the tool named ORCA to create the MST file.
Here are the steps:
1. Right click the AgentInstall.msi, select 'Edit with Orca'.
2. Choose 'Transform' menu, select 'New Transform':
3. Select 'Property' under the 'Tables' list:
4. Choose 'Tables' menu, select 'Add Row':
5. For the value of 'Property', type 'ENDPOINTSERVER', for the value of 'Value', type the hostname or IP address of the endpoint server:
6. Click 'OK' to add this row to the 'Property' table, so, the 'Property' table should look like this:
7. Choose 'Transform' menu, select 'Generate Transform':
An .mst file will be saved.
8. Create a bat file to use the msiexec command and use the mst file:
the command of the bat file looks like this:
msiexec /i \\dc\dlp\AgentInstall.msi TRANSFORMS=\\dc\dlp\AgentInstall.mst /q
9. Edit the Group Policy of the AD, select the bat script created on step 8 for the startup script:
Then, during the startup of the client machine, the DLP Endpoint Agent will be installed by the startup script: