Deployment Preparation

For database sizing and resource load information, see SysTrack Resource Footprint.

Complete the following steps prior to installing the SysTrack Agent.

  1. The endpoint system must reside in one of the following locations.

    1. The same domain as the SysTrack server, or

    1. A domain that trusts the domain in which the SysTrack server resides.

  2. When Symantec antivirus exists on the endpoint system, file and printer sharing must be enabled in the antivirus application.

  3. For Push Deployment, file and printer sharing must be enabled on each endpoint system and a user account credential defined with proper rights for the agent to be installed on the endpoint system.

System Requirements

  • Microsoft Windows 10 (version 1507 or higher)

  • Microsoft Windows 11

  • Microsoft Windows Server 2012

  • Microsoft Windows Server 2012 R2 (with Update 2919355)

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2019 (or higher)

  • Firewall setup –See SysTrack Resource Footprint for SysTrack port information.

    IMPORTANT: You are required to run the MSI file by selecting Run as administrator.

Prerequisites

Prerequisites must be installed before Systems Management Agent.

Install in the following order:

  1. VC_redist.x86.exe (32-bit and 64-bit operating systems)

    NOTE: 32-bit Visual C++ Redistributable (At the time of download, the latest supported Visual C++ downloads 2015, 2017, 2019)

  1. VC_redist.x64.exe (64-bit operating systems only)

    NOTE: 64-bit Visual C++ Redistributable (At the time of download, the latest supported Visual C++ downloads 2015, 2017, 2019)

  1. Systems Management Agent_x32.msi

Antivirus Exclusions

Regardless of the deployment method used, certain antivirus software contains separate file and printer sharing options that may override the local machine settings and need to be configured for a successful deployment to endpoint systems.

  • File and Print Sharing should be enabled on the target endpoint systems

  • Remote Registry Service should be enabled on the target endpoint systems

Make sure to check that the following antivirus settings are excluded in the antivirus console:

  • Endpoint Systems: Exclude all items listed under\Program Files (x86) \SysTrack\LsiAgent.

IMPORTANT: Make sure to check that the following anti-virus settings are excluded in the anti-virus console:

  • <installation directory>\JETCOMP.exe

  • <installation directory>\logView.exe

  • <installation directory>\LsiAgent.exe

  • <installation directory>\lsicins.exe

  • <installation directory>\LsiCol64.exe

  • <installation directory>\LsiMods64.exe

  • <installation directory>\LsiWebCom.exe

  • <installation directory>\LsiSupervisor\<installed SysTrack version>\LsiSupervisor.exe

  • <installation directory>\LsiSupervisorFiles\LsiSupervisor.exe

  • <installation directory>\MDB\collect.lastKnownGood

  • <installation directory>\MDB\collect.mdb

  • <installation directory>\Utilities\LsiClientTrayApp.exe

  • <installation directory>\Utilities\lsinotify.exe

  • <installation directory>\Utilities\LsiOverride.exe

  • <installation directory>\Utilities\LsiPowerOverride.exe

  • <installation directory>\Utilities\LsiUser.exe

  • <installation directory>\Utilities\LsiWakeup.exe

  • <installation directory>\Utilities\lsiwebhookbroker.exe

  • <installation directory>\Utilities\message.exe

For some SEP configurations, additional steps must be taken. If theBlock Applications from running option is enabled in the SEP policy, exceptions will have to be made to the Application and Device Control settings.Additionally, the SysTrack agent and associated utilities must be allowed to run to collect data.

Master to Endpoint Certificate Migration

If the associated master is using a self-signed certificate, then you need to migrate that certificate to the endpoint systems. Complete the following steps to add the certificate to Trusted Root Certification Authorities and export it for endpoint system use.

Add the Certificate to Trusted Root on the Master

  1. Open MMC.exe.

  2. Copy and paste the certificate created fromPersonal > Certificates toTrusted Root Certification Authorities > Certificates.

Export Certificates

  1. Navigate to Personal > Certificates.

  2. Right-click All Tasks > Export.

  3. Click Next twice.

  4. Select Base-64 encoded and click Next.

  5. Select Browse.

  6. Name the file (example:<master>Cert.cer) and save it under Downloads.

  7. Click Next and then click Finish.

Copy the Certificate to Endpoint Systems

  1. Move the certificate to the endpoint machine’s file system. Using Group Policy is recommended.

  2. Open MMC.exe.

  3. Under Trusted Root Certification Authorities, right-click Certificates. Select All Tasks > Import.

  4. Click Next.

  5. Browse for the certificate you want to import.

  6. Click Next twice, and then click Finish.

Security Best Practices

For information regarding SysTrack security best practices and minimum-security requirements, see theSysTrack Security Best Practices document on the Lakeside Software customer portal.

LocalDB Database

LocalDB database may be recommended for certain Terminal Server environments (such as large load-balanced systems).  Up to 1 GB RAM overhead using LocalDB in default configuration.  Contact Lakeside Software Technical Support to discuss if it is recommended for your environment.