Install agent
Choose how you want to install idemeum agent.
Overview
Two types of desktop agent installation:
Command line install- execute command-line script to install idemeum. You can execute a script for a specific organization / customer, or you can automatically create customers right from command line.Integrations- we provide integration guide for most common deployment tools for Windows and macOS. Check the integrations catalog.
Prerequisites
- For Windows make sure you execute PowerShell as Administrator
- For macOS if you are deploying without MDM you need to allow privacy settings after installation (Accessibility and Full Disk Access). If you want to perform silent installation you need to deploy the profile with MDM. Check our integration guides for more details.
Command-line installation
Install for organization
- Navigate to organization / customer where you would like to install idemeum agent
- Click on
Install new agentbutton - Copy the installation command for Windows of macOS
- Execute this command as Administrator using PowerShell or bash
Unified installation
Follow this installation method if you want to automatically create organizations by passing the customer name to install script.
- Navigate to your parent organization
- Click
Install new agentbutton - Copy the installation command for Windows
- Execute this command as Administrator using PowerShell. Make sure you pass the organization name in the
-customerNameargument- You can pass the tenant Display name or the actual subdomain
- For Demo tenant → demo-tenant-<msp domain>.idemeum.com I can either pass Demo tenant or demo-tenant
Command-line arguments
Command-line arguments
Windows
-restartAfterInstall- restart is not required after the agent installation. However, you can still pass true if you prefer to restart after installation.-autofillEnabled- this setting is for desktop agents that are handling user authentication with RFID cards. If you want to enable autofill service for desktop and web applications pass true flag. The default value is false.-credentialProviderEnabled- pass true or false depending on whether you want to install idemeum credential provider. This flag is helpful when you only want to use LAPS on the workstation. Keep in mind that credential provider is required for JIT logins and EPM. The default value istrue.-elevationMode- you can enable the default elevation control mode for idemeum desktop agent: offline, audit, or rules. The default value is offline.-version- pass the desktop version that you want to install. By default the latest version will be installed. You need to pass the version with '', for instance '1.7.9'. The selector for version is supported from desktop agent 1.7.9 onward.- To configure proxy setting for desktop agent you can use the following parameters at initial installation time:
-proxyHost- (required) pass the proxy hostname to use. We support web proxies. You can pass the following values https://proxy.com, http://proxy.com, or https://1.2.3.4.-proxyPort- (required) pass the port that needs to used with proxy connection, i.e. 8080.-
-proxyUsername- (optional) if the proxy requires authentication you can pass the username and password. Basic authentication is used base64(username:password). -proxyPassword(optional) - if the proxy requires authentication you can pass the username and password. Basic authentication is used base64(username:password).
MacOS
-elevationMode- you can enable the default elevation control mode for idemeum desktop agent: offline, audit, or rules. The default value is offline.
Uninstall idemeum agent
Windows
- Open PowerShell as Administrator and execute the following commands
Start-Process -FilePath "msiexec.exe" -ArgumentList "/x {93B9CC98-6004-411E-A8BF-88F7C3BC5541} /qn /norestart" -Wait;
Start-Process -FilePath "msiexec.exe" -ArgumentList "/x {71216D26-573B-402B-A3F5-A7CB9F950CFF} /qn /norestart" -WaitMacOS
curl -LO https://asset.idemeum.com/desktoplogin/macos/idemeumMacDesktopUninstall.sh && sudo chmod +x idemeumMacDesktopUninstall.sh && ./idemeumMacDesktopUninstall.sh