North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

How to enroll Linux devices to Endpoint Manager


  • This article explains how to add Linux devices to Endpoint Manager.
     
  • Once added, you can remotely deploy configuration profiles for various device settings and implement antivirus protection.

Supported Linux Versions:

  • Ubuntu 19.x
     
  • Ubuntu 18.x
     
  • Ubuntu 16.x
     
  • Cent OS 7.x
     
  • Debian 8.8.x
     
  • Red Hat Enterprise 7

Enrollment involves the following steps:

Note - You need to add users (device owners) before you can enroll their devices. Please see this wiki if you have not yet added users: 
 

Enroll user devices to Endpoint Manager

  • Login to Comodo One/ Dragon
     
  • Click 'Applications' > 'Endpoint Manager'
     
  • Click 'Users' > 'User List' on the left
     
  • Select the users whose devices you want to add
     
  • Click the ‘Enroll Device’ button

          OR

  • Click the 'Add' button   then select 'Enroll Device'.

The device enrollment wizard starts:

Step 1 – Device Options


 

Select Device

  • Choose 'Other device'

Specify User

  • Any users you selected earlier are listed in the 'Specify User' box
     
  • You can add additional, existing users by simply typing their email address in the box. Endpoint Manager will auto-suggest users that have already been created.
     
  • Create New User – Click if you want to add a new user to Endpoint Manager. You cannot add devices unless you have first added the users that own them. The add-user process is explained here
     
  • Click 'Next' to proceed to step 2.

Step 2 – Enrollment options:


 

Select Operating System of the Device

  • Choose 'Linux'

Select Enrollment Type

EM uses two clients:

  • Communication Client (CC) - Connects the device to Endpoint Manager for central management. It is mandatory to install this client.
     
  • Comodo Client - Security (CCS) - This is the security software. Depending on the operating system, it includes antivirus, firewall, threat-containment, web-filtering, and more. It is optional to install this client.
     
  • Choose whether you want to only install CC, or both CC and CCS.
     
    • Enroll and Protect - Installs both CC and CCS.
       
    • Just Enroll - Installs only the communication client (CC). You can remotely install CCS at a later time.

Choose platform

  • Select the Linux version on the target devices. The options are:
     
    • Ubuntu / Debian (Hybrid package)
       
    • RHEL / CentOS (Hybrid package)

‘Hybrid’ just means the package is suitable for either OS.

Device Name Options

  • Do Not Change - The device’s existing name is used to identify it in the Endpoint Manager.
     
  • Change - Enter a new device name.

Click 'Next' to proceed to step 3

Step 3 - Installation Summary

  • Review your choices so far:


     
    • Click ‘Back’ or 'Change Configuration' (top-right) to revise your choices.
       
  •  Click 'Next' to proceed to step 4

Step 4 - Installation Instructions

The final step is to send the enrollment emails to the device owners:


 

  • Send To Email - Click to send enrollment mails to users with the settings you choose in steps 1, 2 and 3.
     


 

  • Click 'OK' to exit the wizard

An example email is shown below:


 

Install the client package

  • Users must open the mail on the endpoint itself.

Download and install the client

  • Open the mail on the target device and click the enrollment link. This starts the setup wizard.
     
  • Click the 'Download Linux Installer' button and save the file:


 

You can install the communication client by completing the following:

1. Change installer mode to executable - enter the following command:

     $ chmod +x {$installation file$}

2. Run installer with root privileges - enter the following command:

    $ sudo ./{$installation file$}

For example:

         chmod +x itsm_cTjIw6gG_installer.run

         sudo./itsm_cTjIw6gG_installer.run


 

  • After installation, the communication client will connect to the Endpoint Manager and enroll the device.
     
  • Comodo Client Security (CCS) will also be installed if you included it in the setup process. If not, you can remotely install CCS later, after device enrollment. See this wiki if you need help to install CCS on the device.
     
  • Any Endpoint Manager profiles assigned to the user will now be applied to the device.
     
  • If no profiles are assigned to the user, then the default Linux profiles are applied to the device.

The device can now be remotely managed from the EM console.


 

  • Click the funnel icon on the right if you want to filter the device list.