Installing the agent for hybrid management

Create packages to automatically install the Endpoint Manager Agent on Windows and macOS devices during MDM enrollment, enabling hybrid management. The same packages can also be used to install the Endpoint Manager Agent on devices that are already enrolled in MDM.

ClosedWindows devices

Create an MSI package of the agent configuration. The created agent configuration package can be hosted on the core or in cloud storage, such as Microsoft Azure. To be accessible by off-network devices, the agent package must be cloud hosted. Once created, the agent package can be distributed to devices during or after enrollment. For more information about MSI packages, see Using MSI distribution packages.

To create the agent configuration package

1.Navigate to Tools > Configuration > Agent Configuration > Public configurations and click Rebuild all in the tool bar.

2.Right click the Default Windows Configuration and select Create self-contained agent MSI installation package.

3.Click Save. The agent installation package is created. This may take a few minutes.

4.Navigate to Tools > Distribution > Distribution packages.

5.Click New and select Windows > MSI.

6.Enter a name for the agent configuration package.

7.For in-network devices, select the agent configuration .msi file. The default location is http://[core address]/ldlogon/AdvanceAgent.
For off-network devices, agent .msi packages must be distributed from cloud storage, such as Microsoft Azure. For more information, see Distribution package cloud storage.

8.Click Save.

To distribute the configuration package to devices

1.Navigate to Tools > Modern Device Management > Co-management agents.

2.Enable Install windows advanced agent during enrollment.

3.Select the agent configuration MSI package from the drop-down menu.

4.Click Save.

5.Enroll the device. For more information about enrolling Windows devices, see Windows direct to core enrollment.

-OR-

If the device is already enrolled, right click the device in the inventory panel and select Mobile Sync to begin the installation.

ClosedMac devices

Create an MDM agent manifest package and distribute it to macOS devices during or after enrollment.

To create the agent manifest package:

1.In the File Explorer, navigate to C:\Program Files\LANDesk\ManagementSuite\ldmain\Install\mac.

2.Copy the ivagent-complete.man.zip file to an HTTPS server with a valid third-party certificate.

3.Extract the zip files.

4.Open the manifest.plist with a text editor.

5.Replace "insert the pkg file url here (must be https with a valid trusted cert)" with the URL location of the ivagent-complete.pkg file.

6.In the Endpoint Manager console, navigate to Distribution Packages > Public packages > New > Macintosh MDM.

7.Enter the name for the package.

8.Select the Manifest URL radio button.

9.Enter the URL for the manifest.plist.

10.Enter the Bundle ID and Bundle Version. This information depends on the version of the Ivanti Core Server.

ClosedBundle IDs and versions

11.Click Save.

To distribute the configuration package to devices:

1.Navigate to Tools > Modern Device Management > Co-management agents.

2.Enable Install mac agent during enrollment.

3.Use the arrows to select a Mac Agent Configuration and any Mac Device Profiles to install during enrollment, including the Default Mac Configuration and EPM Agent Authorization device profiles. For more information about Mac Configuration Profiles, see Distributing MDM agent settings.

IMPORTANT: You must select a single Mac Agent Configuration. If no Mac Agent Configuration is selected or if multiple are selected, the installation will fail. You can, however, select multiple Mac Device Profiles.

4.Select the MDM agent manifest package you created from the drop-down list.

5.Click Save.

6.Enroll the device. For more information about enrolling macOS devices, see Enrolling Mac devices.

-OR-

If the device is already enrolled, right click the device in the inventory panel and select Mobile Sync to begin the installation.