Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
40215
Views
40
Helpful
10
Replies

AnyConnect deploy with SCCM help

Go to solution
rschwart
Level 1
Level 1

‎10-28-2016 07:51 AM - edited ‎03-11-2019 12:11 AM

We are in need of help deploying AnyConnect via Microsoft SCCM. Has anybody done this and willing to share how they did it. Our AD admin has not done this before. We need to deploy 4 msi files as well as a profile folder. We are using the SCCM to insure the users do not uninstall AnyConnect. We want to deploy using the domain admin credentials, as some users are not admins and can not install the software. During our initial test with the SCCM we got a message that a module was missing. The software was on the computer but wanted the user permission to run, but not being admin, they could not do this.

Thank you for any help.

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-28-2016 06:36 PM

Here's an example that I've used successfully for NAM + ISE Posture module (and no VPN tile). You would of course substitute your version for the one I used below:

msiexec /package anyconnect-win-4.2.00096-pre-deploy-k9.msi /norestart /passive PRE_DEPLOY_DISABLE_VPN=1 TRANSFORMS=anyconnect_client_novpn.mst
msiexec /package anyconnect-nam-win-4.2.00096-k9.msi /norestart /passive TRANSFORMS=nam.mst
msiexec /package anyconnect-iseposture-win-4.2.00096-pre-deploy-k9.msi /norestart /passive TRANSFORMS=iseposture.mst
XCopy /Y /F /C /E  "\\<server name>\<folder / subfolder name(s)>\profile.xml" "c:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Network Access Manager\newConfigFiles\"

 

View solution in original post

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rschwart

‎10-31-2016 08:45 AM

It's referencing the source of the profile.xml that you telling the target host to pull down. 

In SCCM usage, the <server name> is any way the target host can see that folder. It can be the NetBIOS computer name (e.g filesvr01), fully qualified domain name (something like fs01.company.com) or even IP address (e.g., 192.168.1.100). If the file is local to the SCCM server, then your would just specify drive and folder.

View solution in original post

10 Replies 10

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-28-2016 06:36 PM

Here's an example that I've used successfully for NAM + ISE Posture module (and no VPN tile). You would of course substitute your version for the one I used below:

msiexec /package anyconnect-win-4.2.00096-pre-deploy-k9.msi /norestart /passive PRE_DEPLOY_DISABLE_VPN=1 TRANSFORMS=anyconnect_client_novpn.mst
msiexec /package anyconnect-nam-win-4.2.00096-k9.msi /norestart /passive TRANSFORMS=nam.mst
msiexec /package anyconnect-iseposture-win-4.2.00096-pre-deploy-k9.msi /norestart /passive TRANSFORMS=iseposture.mst
XCopy /Y /F /C /E  "\\<server name>\<folder / subfolder name(s)>\profile.xml" "c:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Network Access Manager\newConfigFiles\"

 

Go to solution
rschwart
Level 1
Level 1
In response to Marvin Rhoads

‎10-31-2016 08:38 AM

Marvin,

In this statement could you clarify the server referenced in \\<server name>\. Not being familiar with SCCM at all, is this the SCCM or a shared folder on another server,  or a folder on the ISE server.

Thank you for your help here.

Roger

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rschwart

‎10-31-2016 08:45 AM

It's referencing the source of the profile.xml that you telling the target host to pull down. 

In SCCM usage, the <server name> is any way the target host can see that folder. It can be the NetBIOS computer name (e.g filesvr01), fully qualified domain name (something like fs01.company.com) or even IP address (e.g., 192.168.1.100). If the file is local to the SCCM server, then your would just specify drive and folder.

Go to solution
rschwart
Level 1
Level 1
In response to Marvin Rhoads

‎10-31-2016 12:22 PM

Marvion,

Another question from our SCCM admin "Could you ask him if all the msiexec commands were enclosed in one application or package in SCCM?"

Again thank you for your assistance.Roger

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rschwart

‎10-31-2016 12:50 PM

You're welcome.

One of my customers developed it originally - he was an SCCM whiz kid. :)

He had the commands I listed all in a single package that was a bat file deployed via SCCM.

0 Helpful

Go to solution
rschwart
Level 1
Level 1
In response to Marvin Rhoads

‎10-31-2016 01:52 PM

Marvin,

Could you reach out to my SCCM admin?

bterhune@uthsc.edu

Thank you

Roger

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to rschwart

‎10-31-2016 06:09 PM

We prefer to keep discussion online here in CSC. I'm just a volunteer who helps out as I can. I do this in addition to my "day job".

If you need focused Cisco support please open a TAC case. If you need partner support, please reach out to your reseller. 

Go to solution
DHaya
Level 1
Level 1
In response to Marvin Rhoads

‎05-25-2018 01:14 AM

hi,

 

Thanks for the script it was really helpful, just one question what does TRANSFORM will do?

 

Thanks & Regards,

Dhayanithi S

0 Helpful

Go to solution
christian1983
Level 1
Level 1
In response to Marvin Rhoads

‎04-30-2020 07:50 AM

Hello!

 

Is there any way yo deploy upgrade of Cisco AnyConnect Client unattended from SCCM ? 

 

So when the user is online with VPN with Cisco AnyConnect the upgrade can work then?

0 Helpful

Go to solution
OscarCalderon50193
Level 1
Level 1
In response to Marvin Rhoads

‎03-05-2021 06:08 AM

Hi Marvin

 

I want to know if this could work with Umbrella modulo? I need to copy OrgInfo.json like the last command Xcopy? I have the chance maybe you can tell me.

 

Thanks

0 Helpful
Customers Also Viewed These Support Documents