Microsoft Windows – Script for installation via GPO

This guide provides a step-by-step procedure to deploy the Desktop Agent and Server Agent on Microsoft Windows environments using Group Policy Object (GPO) with a startup script. This method enables centralized, automated, and silent installation across multiple devices in a domain environment.

Before starting, ensure:

• The installation package (.exe) is accessible via a network share (UNC path)
• Domain environment with Active Directory configured
• Administrative privileges to create and edit GPOs
• Target machines are domain-joined

1. Place the installer in a shared folder: \\server\folder\AgentInstaller.exe
2. Ensure:
   • Read permission for Domain Computers
   • Network path is accessible from target machines

Create a .bat file (e.g., install_agent.bat) and use the script below.

@echo off

::##################################################
::############### GPO Agent Almaden ###############
::##################################################

REM ATTENTION!
REM MODIFY LINE 12 ApplicationPath WITH THE PACKAGE PATH
REM MODIFY LINE 19 ExpectedValue WITH THE VERSION TO BE INSTALLED

REM Local or network path of the application to be installed
set "ApplicationPath=\\servidor\pasta\Nome_Do_Pacote.exe"

REM Registry path where the DisplayVersion value is stored
set "RegistryKey=HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5B62352-F120-4D57-815C-FB240F6000FC}"
set "ValueName=DisplayVersion"

REM Agent version
set "ExpectedValue=4.4.0"
set "CurrentValue="

REM Check if the registry key exists
reg query "%RegistryKey%" >nul 2>&1
if %errorlevel% equ 0 (
    REM Attempt to read the DisplayVersion value
    for /f "tokens=3*" %%a in ('reg query "%RegistryKey%" /v %ValueName% 2^>nul ^| findstr /i %ValueName%') do (
        set "CurrentValue=%%a"
    )
)

REM Compare with expected value
if /i "%CurrentValue%"=="%ExpectedValue%" goto VersionFound
goto Install

:VersionFound
echo Current version already installed, exiting script
goto End

:Install
echo Installing new version...
start "" "%ApplicationPath%"
echo Installation completed.

:End
exit /b

Before using the script in production, it is mandatory to adjust two specific lines. These parameters define where the installer is located and which version should be considered valid.

Example

set "ApplicationPath=\\fileserver\software\AlmadenAgent.exe"

Important considerations

• Must be a network path (UNC), not a local path
• Target machines must have read permission
• The file must be accessible during system startup (GPO execution)

Example

set "ExpectedValue=4.4.9"

1. Open: Group Policy Management (gpmc.msc)
2. Right-click on the desired OU
3. Select: Create a GPO in this domain, and Link it here
4. Name it: Deploy Almaden Agent

1. On a target machine, run: gpupdate /force
2. Restart the machine (startup script runs on boot)
3. Validate installation:
   • Check installed programs
   • Check registry key: HKLM\…\Uninstall\{GUID}

• Checks if the agent is already installed
• Reads the installed version from Windows Registry
• Compares with the expected version
• If different or missing → installs
• If equal → skips installation

This prevents unnecessary reinstalls and ensures version control across the environment.

• Use silent parameters in the installer when available
• Keep installer in a highly available network share
• Version control the package and script
• Test in a controlled OU before full deployment
• Monitor installation results via logs (if implemented)

After applying this configuration:

• Agents are installed automatically at system startup
• No user interaction is required
• Deployment is centralized and scalable
• Version consistency is maintained across all devices