When installing large numbers of agents, or using virtual machines with a temporary lifespan, it can be helpful to be able to automate the creation of Deployment Manager agents. Here is one way to do so:
Install an agent manually to serve as a template
First of all, install an agent using the normal manual install process. This will ensure that you know which firewall settings you need to tweak on the target machines, and generate an X509 encryption key which can then be shared among the agents you want to automate.
Note: using this method will allow the agents to impersonate each other if one is compromised. Think carefully before using this technique to share security settings between agents with different levels of security
Run the installer silently on the target machine
Using Microsoft's Group Policy, or your organization's preferred equivalent, execute the agent installer silently on the target machine. If using a script to execute the installer, remember to set the /quiet flag for a silent install.
Update the registry keys on the new agent to the same values as the template machine
Inside "HKEY_LOCAL_MACHINE\SOFTWARE\Red Gate\Deployment Manager\", set the registry keys "Agent.Security.TrustedDmThumbprints" and "Cert-cn=Red Gate Deployment Agent" to be the values of the equivalent keys on your template machine. This will instruct the agent to use the same x509 encryption certificate to encrypt its messages and identify itself to the server. It will also instruct it to accept incoming instructions from the same server.
If you choose to roll out these registry changes using Microsoft's Group Policy, you may find the following template for a custom policy useful:
This article about setting up a custom policy in Group Policy may be of help: see part 2: "the hard way" for advice on using the above template.
Register the new Agent with the Deployment Manager
All that remains now is to tell the server where it can find the new machine. You can do this by making a POST request to:
http://<Deployment Manager server address and port>/api/environments/<EnvironmentId>/machines/add
- EnvironmentId is the ID of the environment to add the machine to. You can view Environment IDs on http://<Deployment Manager server address and port>/api/environments
- Set the header, X-RedGateDeploymentManager-ApiKey, in the POST request to the API key of the Deployment Manager user. To find your API key, see Finding your API key.
Set the following URL parameters:
|Name||test-agent-01||The user-facing name for the agent in the Deployment Manager system.|
|AgentHostName||agent-01||The host name the server should use to communicate with the agent.|
|AgentPort||10301||Unless you've specifically set this differently, it should be 10301.|
|Thumbprint||CF8676EE5BEB8AD8864A7AD5D55CBA9B97E86B3E||This should be the value of the thumbprint you used to set up your initial template machine.|
The type of target to create. Allowed values:
If you're creating a SQL Server target, the following URL parameters are also required:
Parameter Name Example Description ServerName my-machine\sql2008r2 The fully qualified address of the SQL Server instance to add. AuthMode Sql
The type of authentication to use when connecting to the SQL Server instance. Allowed values:
- Sql - use SQL Server authentication (recommended)
- Integrated - use Windows authentication
Login bob SQL Server user with sysadmin permissions. Only required when using SQL authentication. Password password1234 SQL Server password. Only required when using SQL authentication.
Using PowerShell to register a new target machine with the Deployment Manager Server
This PowerShell script adds a new target machine to Deployment Manager: