Adding Clients (Windows)

This chapter explains how to integrate Windows clients into the opsi environment. The first step involves adding existing clients, followed by instructions on how to add new clients.

You can also manage Linux and macOS clients with opsi. Details are provided in the two chapters Linux Clients and macOS Clients.

Integrating existing Clients

To add existing clients with an already installed operating system to opsi, install the client agent on the respective computer. The client will then appear in the client list of the management interface, even if you have not yet added it there.

There are two different methods to install the client agent:

Using the Installer on the Client: This method involves installation on the client and is suitable for individual computers.
Using opsi-deploy-client-agent: This method involves initiating installation on the server, suitable for mass rollout.

After the client agent has been installed, you can deploy opsi products to the client (see chapter Deploying Products (Client)).

Using the Installer on the Client

This variant is particularly suitable for integrating individual computers as clients in an opsi environment. Here’s how to proceed:

Log in to the client.
Download the installer from your opsi config server. You can find it at https://<fqdn_or_ip_of_the_config_server>:4447/public/opsi-client-agent/; the Windows program is named opsi-client-agent-installer.exe.
Run the installer; it unpacks itself into a temporary local directory and starts the contained oca-installation-helper. In the dialog window, enter the values for the client ID, the opsi service URL, the username, and the password. The fields are pre-filled as much as possible; adjust the values to your environment if necessary:
- The client ID usually corresponds to the FQDN of the client.
- The opsi service URL must be in the format https://<fqdn_or_ip_of_config_server>:4447.
- When installing the client for the first time, the username and password should be from an account that is a member of the opsiadmin group (see chapter Authorizations). When reinstalling, you can also use the client ID and the host key.
The installer contacts the server via the opsi web service to register the client with the server. It then calls the included opsi-script to execute the setup.opsiscript of the client agent.

Figure 1. Installing the Client Agent on Windows

When executing the installer, you can specify parameters to automate processes, among other things. Further details are available in chapter Client Agent (Windows).

Using opsi-deploy-client-agent

The opsi-deploy-client-agent tool distributes the opsi client agent directly from the opsi server to the clients. This method offers a convenient way to integrate a large number of clients directly from the server into the opsi environment.

If another software distribution option is already in place, it is advisable to perform the initial rollout via the client-agent-installer or the MSI package of the client agent.

Requirements for Windows clients:

An open c$ share.
An open admin$ share.
An administrative account.
The services RpcSs and RpcEptMapper must be running (from Windows 8, this is the default setting).
A firewall that allows File and Printer Sharing and Windows Management Instrumentation (WMI).
The registry key HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy should have the value 1.

You can find the opsi-deploy-client-agent on the opsi server in the directory /var/lib/opsi/depot/opsi-client-agent. The program requires root rights; alternatively, it is sufficient if the user is a member of the opsifileadmins group. The tool performs the following steps:

It creates clients on the server.
It copies the installation and configuration files (e.g., the host key).
It starts the installation via oca-installation-helper (non-interactive).

The opsi-deploy-client-agent tool accepts IP addresses, hostnames, and FQDNs. It attempts to automatically recognize the type of address provided by the user.

To begin, change to the main directory of the program:

cd /var/lib/opsi/depot/opsi-linux-client-agent

Invoke the program with the --help parameter to display the online help:

Figure 2. The Online Help of opsi-deploy-client-agent

You can also use opsi-deploy-client-agent to process a list of clients. To do this, either pass the clients as the last parameter or use -f followed by the filename containing the list. In such a file, list each client on a separate line.

Adding new Clients

You can also use opsi to install an operating system on new clients and subsequently integrate them. In this approach, the required client agent is installed automatically.

The following sections describe various methods of creating a client in opsi: via the graphical management interface opsi-configed, on the command line, and with our boot CD. After creating a client, you can then use opsi to install a new operating system on it.

Graphical Management Interface

To add a new client to the opsi server via the management interface opsi-configed, select Client / Create a new opsi client from the menu and enter the following information:

Client name
DNS domain (if it’s different from the default)
Client description
IP address (required if DNS can not be used to resolve the client’s address)
MAC address (required if the opsi server is the DHCP server or if you want to use PXE boot with this client)

Once you have confirmed everything, the client is registered with the opsi server. If the opsi server also functions as a DHCP server, the client is additionally set up as a PXE client in the DHCP configuration.

You can view the list of configured opsi clients at any time in Client Configuration mode on the Clients tab.

Command Line

You can also use the opsi-cli tool on the command line to create a new client. The general syntax looks like this:

opsi-cli jsonrpc execute host_createOpsiClient <client-id> [opsiHostKey] [description] [notes] [hardwareAddress] [ipAddress] [inventoryNumber] [oneTimePassword] [created] [lastSeen]

If you omit any of the optional values in the call, default values are used; as a result, most of the fields will then be empty.

Example: The following opsi-cli command creates the client testclient.domain.local with a random host key, the description testclient, without notes, with the MAC address 00:0c:29:12:34:56, and the IP address 192.0.2.1:

opsi-cli jsonrpc execute host_createOpsiClient testclient.domain.local "null" "testclient" "" 00:0c:29:12:34:56 192.0.2.1

Boot CD

You can find an ISO image of the boot CD on the opsi Tools website. Download the image and burn it to a CD. Then, boot the computer from this CD. The installer will welcome you with the following boot menu:

Figure 3. The Boot CD shows the following Boot Menu.

Select Start opsi (english) and press the [Enter] key. After a while, a dialog box will appear in which you should enter the IP address of the client, the network mask, the hostname, the domain name, the gateway, the DNS server, and the IP address of the opsi config server (optional). If your DHCP server assigns IP addresses to unknown computers, some of these fields may already show valid values.

Figure 4. The Network Settings for the new Client

Use the [Tab] key to navigate to the OK option and then press [Enter].

Figure 5. How should the client register with the opsi server?

Select Admin account to enable the client to log on to the opsi server and create itself. This process will be authorized in the following step.

Figure 6. Authenticate on the opsi server.

Enter the username and password for an account that is a member of the opsiadmin group (refer to chapter Authorizations for details). Upon successful login, the client will automatically transmit its data to the server, creating its record. You’ll then see a list of available Netboot products. Select the desired products for installation using the space bar.

Figure 7. Select a Netboot Product for Installation

You can now choose either the operating system you wish to install or opt for hardware inventory.