Installing the Windows agent

To ensure that your Windows devices are compatible with the agents, you need to meet the following requirements:

• Supported operating systems:
  • Windows 11
  • Windows 10

  • Windows 8.1

    NOTE  Windows RT 8.x is not supported.

  • Windows 7
• Internet connection

If you want to ensure that the agent survives accidental or malicious tampering, confirm that your Windows devices support Persistence technology.

BitLocker Drive Encryption (BitLocker) is a full-disk encryption feature included in most versions of the Windows operating system. BitLocker is designed to protect data by providing encryption for the operating system drive and fixed data drives.

Temporary suspension of BitLocker

The Absolute agent is compatible with BitLocker. However, depending on the version of Absolute Persistence® Absolute Persistence® technology is embedded in the BIOS of most Windows devices, and the firmware of some Android devices, during the manufacturing process. The Persistence module is activated during the Absolute agent’s first call to the Absolute Monitoring Center. This software checks the status of the agent and initiates self-healing to restore the agent if it's missing, damaged, or tampered with. embedded in the device's firmware, BitLocker may need to be temporarily suspended during Persistence activation and deactivation:

• Persistence 2.0 devices

  When BitLocker is enabled on a device with Absolute Persistence 2.0, BitLocker is not suspended during Persistence activation or deactivation.

• Persistence 1.0 devices

  When BitLocker is enabled on a device with Absolute Persistence 1.0, BitLocker is temporarily suspended when Persistence is activated, which occurs during the first agent call after the agent is installed. BitLocker is enabled automatically when the device is restarted. This process is also used when Persistence is deactivated, which occurs when the device is unenrolled from your account.

  IMPORTANT  If a user is logged in to a device during activation of Persistence 1.0, the user sees a message stating that a restart is required. If the user chooses to Postpone the restart and then logs off before the restart occurs, the device restarts after the postpone action's timer runs out. Similarly, if a user is logged in during deactivation of firmware persistence, the user sees the same message.
  
  For more detailed information, see Knowledge Base article 000001587.

The agent is fully compatible with full-disk, and file and folder encryption products. If you use a full-disk encryption product other than BitLocker, such as McAfee Drive Encryption™, ensure that you install the agent before you install and enable full-disk encryption on the device. For more information, see Knowledge Base article 000001446.

To extract the installer:

1. Complete the steps to download the Windows installer of your choice.

   Account-specific installers are downloaded in the following zip files:

   • Full agent: AbsoluteWinFullAgent-<agent version>-<account_id>.zip
   • Core agent: AbsoluteWinCoreAgent-<agent version>-<account_id>.zip

2. From the location where you saved the downloaded zip file, extract its contents to a local folder, a network drive, or to removable media such as a USB device.

   Each download package contains the following files:

   Installer	Package contents
   Full agent	AbsoluteFullAgent.msi: Windows MSI installer for the full agent AbsoluteCoreAgent.msi: Windows MSI installer for the core agent AbsoluteAgent.dat: text file containing your account metadata AbsoluteAgent.sig: signature file A readme.txt file for each supported language that includes information about the contents of the agent installation package and how to install and test the agent. AbsoluteAgent.checksums: file containing the SHA-256 hash of the installers NOTE  You can use a hash verification tool, such as CertUtil, to verify that the contents of the AbsoluteFullAgent.msi and AbsoluteCoreAgent.msi installers have not been altered during download. For more information about CertUtil, see Microsoft documentation.
   Core agent	AbsoluteCoreAgent.msi: Windows MSI installer for the core agent AbsoluteAgent.dat: text file containing your account metadata AbsoluteAgent.sig: signature file AbsoluteAgent.checksums: file containing the SHA-256 hash of the installer NOTE  You can use a hash verification tool, such as CertUtil, to verify that the contents of the AbsoluteCoreAgent.msi installer has not been altered during download. For more information about CertUtil, see Microsoft documentation.

   IMPORTANT  Before you run the installer, ensure that the AbsoluteAgent.dat and AbsoluteAgent.sig files are in the same folder as the .msi file. Agent installation cannot be completed if these files are not present.

You can use the command line or the InstallShield wizard to run the installer locally on a Windows device.

NOTE  You must have Administrator privileges to install the agent.

Using the command line

Using the command line to silently install the agent on a Windows device eliminates the need to respond to prompts in the InstallShield Wizard.

To install the agent using the command line:

1. Open a Command Prompt window as an administrator. For example:
   1. Click Start and enter cmd.
   2. Right-click cmd or Command Prompt, and then click Run as administrator.
   3. On the User Access Control dialog, click Yes. The Administrator: Command Prompt window opens.

   For information about other ways to open a Command Prompt window as an administrator, refer to Windows documentation.

2. Navigate to the location where you extracted the downloaded zip file.

   IMPORTANT  If you have copied the .msi file to another location, ensure that the AbsoluteAgent.dat and AbsoluteAgent.sig files are in the same folder as the .msi file. Agent installation cannot be completed if these files are not present.

3. Do one of the following depending on the installer you want to use:

   Installer	Command
   Full agent	To run the installer in silent mode, enter: Copy msiexec.exe -i AbsoluteFullAgent.msi /qn  To run the installer and specify the installation log, type: Copy msiexec.exe -i AbsoluteFullAgent.msi /L*v <path_to_log file>
   Core agent	To run the installer in silent mode, type: Copy msiexec.exe /i AbsoluteCoreAgent.msi /qn  To run the installer and specify the installation log, type: Copy msiexec.exe /i AbsoluteCoreAgent.msi /L*v <path_to_log file>

Using the InstallShield wizard

NOTE  If you are installing the agent on a Windows 10 or 11 device, follow the steps in Using the command line.

To install the agent on a device using the InstallShield wizard:

1. Navigate to the location where you extracted the downloaded zip file.

   IMPORTANT  If you have copied the .msi file to another location, ensure that the AbsoluteAgent.dat and AbsoluteAgent.sig files are in the same folder as the .msi file. Agent installation cannot be completed if these files are not present.

2. Depending on the installer that you want to use, right-click one of the following files and click Run as administrator:

   • AbsoluteFullAgent.msi
   • AbsoluteCoreAgent.msi

   The InstallShield wizard opens.

   NOTE  If the Run as administrator option is not available in the right-click menu, follow the steps in Using the command line to install the agent.

3. If the User Account Control dialog shows, click Yes to permit the install file to be installed.
4. Click Next and then click Install to start the installation.
5. Click Finish to complete the installation and exit the InstallShield wizard.

After installation, the agent contacts the Absolute Monitoring Center and receives a unique identifier. You can verify that the agent was successfully installed in the following ways:

Using the Persistence Status Monitor

You can verify that an agent is activated by downloading the Persistence Status Monitor and triggering an agent call.

Using the Activation report

You can verify that an agent is activated by reviewing the Activation report in the Absolute console.

To verify the agent installation using the console:

1. Log in to the Absolute console as an Administrator.
2. On the navigation bar, click to open the All Reports view of the Reports page.
3. Under Categories, click Device, and then click Activation to open the Activation report.

It may take several minutes to process the device's information and make it available in the console. The data in the Activation report is sorted in descending order by Activation date, so the newly activated device should show at or near the top of the result grid. If it doesn't show, the device has failed to contact the Absolute Monitoring Center. If so, you can trigger an agent call.

You can use disk imaging to deploy an unactivated Absolute agent to new or repurposed devices.

For detailed information about including the Absolute agent in a disk image, see Working with the Windows Image Prep Tool and the following Knowledge Base article: Including the Absolute agent in a Disk Image for deployment.

You can use Microsoft System Center Configuration Manager (SCCM) to deploy the agent to a group of computers on a network. If your organization intends to use SCCM to deploy the agent to multiple Windows devices and you require assistance, contact Absolute Technical Support.

Both the full agent installer and the core agent installer conform to industry standards for MSI files, which enables network administrators to deploy the agent onto their devices using Active Directory. If your organization intends to use Active Directory to deploy the agent to multiple Windows devices and you require assistance, contact Absolute Technical Support.