Ask AI
All Categories
Product Information
Windows Agent Deployment

Windows Agent Deployment

The Evo Agent facilitates actions on endpoints in the field and needs to be deployed to all of the endpoints in your environment for many common Evo functions such as providing MFA to users at the Windows login screen, supporting privileged escalations for both your technicians via our Technician Elevation product and end users via our End User Elevation product.

This guide will walk you through installing it both manually and via deployment script.

Access Token

An Access Token is the key by which an Agent installer in the field authenticates and registers with Evo’s cloud infrastructure.

  1. In the Evo Partner Portal, navigate to Endpoints > Access Tokens and click New.
Notion image
  1. Give the token a name, select the Evo Endpoint Agent type, pick the Directory that the endpoints belong to, and pick an expiration time in accordance with your security policies. Then click Save.
  1. Record the details of the token in a secure storage location such as your password manager.
    1. Note: Once you leave this screen the Token values will disappear and the secret value cannot be retrieved. Be sure to securely store these values before proceeding.

Installing the Evo Agent

With an Access Token in hand, we can proceed to install the Evo Endpoint Agent.

  1. Proceed to Evo Admin > Downloads and download the Evo Agent installer. Download or copy it to the system on which you plan to install the Agent.
    1. Note: For a first time Agent install, we recommend doing this on a test workstation to understand the process before deploying to live users.
    2. Note: Make sure that the machine is connected to the Directory (i.e., joined to the Entra ID domain) associated with the Access Token or logins will not work.
Notion image
  1. Start the installer and walk through the install wizard with defaults selected. During the process, you will reach a screen to input Evo Agent configuration details including the Access Token. Fill in basic Agent registration details:
    1. Environmental URL: This is the URL of your Evo Partner Portal (e.g., mymsp.evosecurity.com)
    2. Evo Directory (Domain): This is the Directory in Evo associated with the relevant Entra ID domain.
    3. Access Token and Secret Key: These are the values from the Access Token creation process above.
Notion image
 
  1. Then pick the specific features that should be enabled for this Agent.
    1. Enable End User Elevation: Enable if you plan to use Evo End User Elevation on this workstation. This will also cause the Agent to request an EUE license from the Portal so it may impact your license allocations.
    2. Enable Just-in-Time for Tech Elevation: Enable if you would like “just-in-time” accounts to be used to process Technician Elevation events as opposed to a single shared admin account for all technicians’ login events.
    3. Require Admins to Use EUE: Enable if you would like users with administrator rights on this workstation to still go through the Evo EUE process. If disabled, local administrators will run elevated processes via the usual Windows process without Evo involved.
    4. Force All Logons to be Through Evo: Enable if you want all logins for this workstation to flow through Evo.
    5. Remember Last Login Username: Retain the last logged in user at the Windows login screen.
    6. MFA Grace Period: When a workstation is locked (not logged off), this value specifies the timeout before the user will be required to complete an MFA challenge again to unlock it.
  1. Finish the installer and complete setup.
  1. Once complete, find the Evo icon on the Windows taskbar and open the Evo Settings Editor.
Notion image

MFA Test & Next Steps

From here, we will assume that you have already setup some Users in Evo and have completed the setup of the Evo MFA product. If you are setting up only End User Elevation, you can skip this process and proceed with using and configuring that product.

  1. Complete a Connection Test and to test the MFA setup. If you are using Evo MFA, you can select the Secure mode and use the username of the Evo user that you have setup (the prefix before the @ sign in the email.)
Notion image
  1. Click Connect, which should send an MFA push notification to the Evo app on the mobile device registered to the user. Approve that MFA challenge to complete the test.
  1. If set up, you can also test the Elevated Mode as a technician might use. You will need to use your full Evo email address for this test. Click Connect and complete the MFA challenge to complete the test.
Notion image
  1. If the connection tests are successful, complete a final live test by logging out of your user session. You should now see an Evo Security Login option on your login screen. Enter your Evo user credentials, do not select Elevated Login, and sign in. Complete the MFA challenge that will follow and you should be logged into Windows.
      2. Notion image
      Notion image
 
  1. To test Elevated Login, sign out again and now select the Elevated Login option. You will notice the prompts changing from Windows username to email address. Login using your full Evo email address and password and complete the following MFA prompt.
    1. Once logged in, you should be logged in as either the shared admin account that you specified during the setup of Technician Elevation or a just-in-time admin account depending on your settings. To verify this, open the command prompt once logged in and enter the whoami command. You should see that you are now in the account of the Shared Account but using your own Evo credentials.
      2. Notion image
 

That's it! You've now installed Evo's Login Agent and tested both Secure Login and Elevated Access!

Installing the Evo Agent via Script

See our article Deploy & Uninstall Evo Agent via PowerShell for details.

Troubleshooting

If any of these tests are unsuccessful, verify you have permissions correctly configured in your Evo Portal. Refer back to the setup guide for Evo MFA and/or Evo End User Elevation and in particular confirm that these permissions were setup correctly:

  • Role Based Permissions
  • Tenant Access
  • Elevation Assignment
 
Did this answer your question?
😞
😐
🤩
Help Desk Verification with Microsoft Authenticator and Evo Secure Login LDAP Agent Settings Editor