Windows Agent | Liongard Agent Mass Deployment Guide

Overview 💥

Liongard provides a PowerShell-based installer that supports unattended deployments and environment auto-registration when supplied with the appropriate API and Agent credentials.

Use the script referenced in the following KB to install the Liongard Agent:

Liongard Agent Install Script

Prerequisites 🗒️

Before deploying the agent, ensure the following:

You have Liongard API credentials:
- API Token Key
- API Token Secret
You have Agent registration credentials:
- Agent Token Key
- Agent Token Secret
The target machine:
- Is running Windows 10 / Windows Server 2016 or newer
- Has outbound HTTPS access (TCP 443)
- Can execute PowerShell scripts
Your RMM runs the script as SYSTEM or Administrator
PowerShell execution policy is not blocking script execution (the examples below bypass this explicitly)

Required Script Variables 📚

The PowerShell script expects the following variables to be populated, either directly in the script or via RMM-provided parameters:

Variable Name	Description
`$InstancePrefix`	Liongard region (for example: `us1`, `us2`, `eu1`)
`$ApiTokenKey`	Liongard API Token Key
`$ApiTokenSecret`	Liongard API Token Secret
`$AgentTokenKey`	Liongard Agent Token Key
`$AgentTokenSecret`	Liongard Agent Token Secret
`$Environment`	Liongard Environment Name (typically the customer or organization name)

✨ Best Practice:
Use RMM variables to dynamically populate the $Environment value, so agents automatically register under the correct Liongard environment.

RMM-Specific Deployment Examples 🧑‍🏫

1️⃣ Datto RMM

Create Component

Navigate to Automation → Components
Select New Component

Component Configuration

Field	Value
Category	Script
Script Type	PowerShell
Script	Paste the contents of `LGAgentScript.ps1`

Variables to Map

Datto Variable	Script Variable
InstancePrefix	`$InstancePrefix`
ApiTokenKey	`$ApiTokenKey`
ApiTokenSecret	`$ApiTokenSecret`
AgentTokenKey	`$AgentTokenKey`
AgentTokenSecret	`$AgentTokenSecret`
Environment	`$Environment`

Execution Command

powershell.exe -ExecutionPolicy Bypass -File "LGAgentScript.ps1"

2️⃣ ConnectWise Automate (CWA)

Script Setup

Create a new script
Add Execute Script → PowerShell
Run as SYSTEM

Parameter Section Example

Set-Variable InstancePrefix "us1" 
Set-Variable ApiTokenKey "YOUR_API_KEY" 
Set-Variable ApiTokenSecret "YOUR_API_SECRET" 
Set-Variable AgentTokenKey "YOUR_AGENT_KEY" 
Set-Variable AgentTokenSecret "YOUR_AGENT_SECRET" 
Set-Variable Environment "%ClientName%"

✔ %ClientName% automatically inserts the ConnectWise Automate client name and is recommended for environment consistency.

3️⃣ NinjaOne

Script Configuration

Navigate to Configuration → Scripting
Select Add Script
Paste LGAgentScript.ps1 into the editor

Parameters Example

InstancePrefix = "us1" 
ApiTokenKey = "YOUR_API_KEY" 
ApiTokenSecret = "YOUR_API_SECRET" 
AgentTokenKey = "YOUR_AGENT_KEY" 
AgentTokenSecret = "YOUR_AGENT_SECRET" 
Environment = $msg.organization_name

✔ $msg.organization_name dynamically resolves to the NinjaOne organization name.

4️⃣ Kaseya VSA

Upload the script to the agent’s temporary directory:

#vAgentConfiguration.agentTempDir#\LGAgentScript.ps1

Execute Command

powershell.exe -ExecutionPolicy Bypass -File "#vAgentConfiguration.agentTempDir#\LGAgentScript.ps1"

‼️ Note:
Ensure variables are either hard-coded in the script or injected via Kaseya script parameters prior to execution.

Post-Deployment Validation 👨‍💻

After deployment:

Confirm the agent appears in the Liongard UI
Verify:
- The agent is associated with the correct Environment
- The agent status is Online
Confirm inspections begin running according to schedule

Troubleshooting Tips 😉

Agent does not appear
- Verify API and Agent credentials
- Confirm outbound HTTPS connectivity
Agent registers to the wrong environment
- Validate the $Environment variable passed by the RMM
Script fails to run
- Ensure execution policy bypass is enabled
- Confirm script is running as SYSTEM or Administrator