Overview
      Back to home
      1. Knowledge Base
      2. Deploy the Local Data Agent
      3. Overview

      Actifile deployment: requirements, considerations, and important links

      See Table of Contents

      The Actifile agent can be easily installed using an RMM, a logon script or even by the end user (given a tenant install key). The following collection of links and data provides the MSP or IT manager with all necessary prerequisites and considerations for the different types of deployments.

      Supported OS

      Windows Server 2012 & 2012 R2 – supported
      Windows Server 2016 – supported
      Windows Server 2019 – supported
      Windows Server 2022 – supported
      RDS server (all above version) – supported (must enable data-in-use for full desktop functionality)

      Windows 7 (All Intel Versions) – Functionality is deprecated to discovery only
      Windows 8 (All Intel Versions) – supported
      Windows 10 (All Intel based versions except IOT) – supported
      Windows 11 (All Intel based versions except IOT) – supported

      Recommended hardware for PC architecture:
      4 gigabytes of RAM
      Any Intel based CPU that supports the above OS
      (Atom works but not recommended)

      Mac OS 10 & Previous – Not supported
      Mac OS 11.0-11.5 Big Sur – supported
      MacOS 12 Monterey – supported
      MacOS 13 Ventura – supported

      Recommended hardware for Mac:
      Support is native for both Intel and Apple M1 & M2 architectures as long as they can run the above OS

      Sharepoint – All cloud versions supported
      OneDrive – supported
      Google Workspaces – In development

      NAS – all NFS mountable NAS supported

      Supported browsers for the Management Portal

      Chrome
      Edge (Chromium and Legacy)
      Firefox
      Safari
      Opera

      Deployment tools

      Manual installation

      RMM (Windows or MacOS)

      Most MSPs would use their RMM to deploy the Actifile agents to the endpoints. This facilitates automation of the installation and management of the various installation keys.

      Click here for installation guides.

      Other tools (Windows)

      Sometimes an RMM isn’t available. In these cases the following tools are great to make deployment easier (for Windows).
      PDQ Deploy – The free version supports most common deployment scenarios. Has an easy to use UI.
      PSTools PSEXEC – Tried and tested tool from Microsoft’s Sysinternals. Command Based tool does need basic batch file writing/editing.
      Logon Script – Sample installation script (AD logon script) shows how to check if Actifile is deployed and deploys if it isn’t.
      https://support.actifile.com/wp-content/uploads/2020/04/Installation.rar is a nifty batch file written by an MSP (Momentum Z – used with their permission) that is sent to a user and which automates the installation. Remember to change the install key in the key file.

      https://support.actifile.com/wp-content/uploads/2021/01/deployActifile.ps1 Powershell script that can be used to download and install Actifile on clients computers. Can be use as a logon script – it checks if already installed and quits. Logs the result into %tmp% directory. Downloads the MSI from Actifile into %tmp%.
      New version of deployActifile.ps1 script: Now sets Powershell to use TLS1.2 to download installer, preventing “unable to create SSL/TLS tunnel error”.

      Troubleshooting a failed agent deployment: https://support.actifile.com/docs/troubleshooting-an-agent-installation/

      Mac silent installation: https://support.actifile.com/docs/manual-i/#2-toc-title
      How to use MDM to set up scan permissions on MacOS: How to set up scan permissions on Mac via MDM? | Actifile Support Site

      RMM Scripts

      N-able N-central automation policy: https://support.actifile.com/docs/n-central-automation-policy-for-actifile-deployment/

      Connectwise (Labtec) Automate: https://support.actifile.com/docs/installing-actifile-using-connectwise-automate/

      Kaseya VSA (versions 9 and before): Actifile Installation Procedure for Kaseya VSA | Actifile Support Site

      Kaseya VSA-X (ver 10 and up) now uses Powershell and uses the script above: https://support.actifile.com/wp-content/uploads/2021/01/deployActifile.ps1

      Continuum: https://support.actifile.com/docs/deploying-actifile-with-continuum-rmm/

      Itarian: https://support.actifile.com/docs/deploying-the-actifile-msi-with-itarian/

      Uninstall tools

      Removal of the agent needs the same installer version that was used to deploy. For customers it isn’t a problem as they usually have 1 installer. But for MSPs the problem is that it isn’t always easy to track which version was used to install to which customer and which device.

      So we’ve created a Powershell script to remove Actifile. Intended for RMM use, it checks for proper Admin privileges, stops the services and processes, unmounts the filters, and runs the uninstaller using WMI (so don’t have to keep any version of the installer). It creates a log file (at $Env:TMP ActifileUninstall.log), and stuffs error messages into the log.

      The uninstall script is at: https://1drv.ms/u/s!AnGFvQ5rPFi4gedlJlMTErLENLSf7g

      Method used: 

      The main uninstall command used in the script leverages WMI uninstall method:

                      $vPackage = Get-WmiObject Win32_Product -Filter “Name=’Actifile Agent'”

                      $vPackage.Uninstall()

      But that isn’t sufficient as the service protects itself from removal (and will popup a request for the uninstall key). To get around that, the script first disables the services and unmounts the drivers (leveraging the admin credentials).

      Tamper resistance (uninstall-key) functionality

      The objective of the tamper-resistance offered by the uninstall key is to minimize the chances that a user will deactivate their agent when encryption policies are in effect (doing so will prevent them from being able to open encrypted files).

      The protection is provided by the system only when the services are active with the agent running and executing policies. When active, trying to uninstall the agent will require the use of the uninstall key. However, if the agent isn’t running (e.g. a failed install, failed to connect to a tenant, failed user registration, in case of an error,  etc.) the agent may be removed without a key.

      Note: While the functionality delivers some tamper resistance, the Actifile agent isn’t registered as a malware tool with Microsoft and therefore isn’t designed to be tamper proof. For tamper proofing, we believe that the use of a monitoring system that alerts the admin when an agent is tampered with is best.

      Release Notes

      See at https://support.actifile.com/system-updates/

      Installation Guides

      Administration manual (Pages 11-13): https://support.actifile.com/docs/actifile-administration-manual/
      Mac Installation: Mac Agent Download and Installation – Actifile

      Important Links

      (Important) Prevent AV/EDR caused slowdowns: https://support.actifile.com/docs/antivirus-edr-collision-performance-issues/
      Enabling the tamper resistance functionality: https://support.actifile.com/docs/actifile-tamper-resistance-uninstall-key-functionality/
      Switching agents between tenant accounts: https://support.actifile.com/docs/switching-agents-between-tenants/

      Direct link to agent installer

      https://app.actifile.com/Home/DownloadAgentMsi
      https://app.actifile.com/Home/DownloadMacAgent