Wazuh Installation using Group Policy from Domain Controller

Question

I have a DC server 2022 and some Windows 10 and Windows 11 endpoints in which I want to install Wazuh Agent. I want to do this centrally from DC, so I looked up Wazuh documentation, which suggests using orca.exe, which I don't want to use.
Is there any other way to do this?
I tried it using startup scripts to install the Wazuh MSI and connect to the manager by putting it in a shared folder, but it's not working. I have tested the script; it works fine when used individually and manually, but the agent deployment didn't work with stratup scripts.
Can anyone suggest what to do or what am I doing wrong here?

Answer 1

Hello Monika Bisht,

Thank you for posting in Microsoft Community forum.

If you want to deploy stratup scripts via GPO, you can try the steps below.

1.Create one OU and put the domain computer objects into this OU.

2.Create one GPO.

For example:

The Unique ID of this GPO is {3229CA25-D2AF-4E24-93A5-330181BDB946}. Please put the script into the share path \a.com\SysVol\a.com\Policies{3229CA25-D2AF-4E24-93A5-330181BDB946}\Machine\Scripts\Startup.

3.Link this GPO to OU above.

4.Edit this GPO and navigate to Computer Configuration\Policies\Windows Settings\Scripts (Startup/Shutdown)*Startup* and add the script, please find the script from the shared path below.

\a.com\SysVol\a.com\Policies{3229CA25-D2AF-4E24-93A5-330181BDB946}\Machine\Scripts\Startup

Using Startup, Shutdown, Logon, and Logoff Scripts in Group Policy | Microsoft Learn

After that, please on one domain client check if the GPO takes effect. Please restart this one domain client 2-3 times and check the result.

I hope the information above is helpful.

If you have any question or concern, please feel free to let us know.

Best Regards,

Daisy Zhou