Child pages
  • Manually installing the remote agent
Skip to end of metadata
Go to start of metadata

Running the Installer

If your network is not part of a Windows domain or if you are unable to remotely install the Macrium Remote Agent then you can manually install on the remote computer.

The agent MSI installer can be downloaded via the Management Console interface - the wizard mode (shown automatically if no computers have been added to the console or via the wizard button in the upper right) has links to the .msi files for installing agents as shown below:

Alternatively the agent .msi installer can be found on the Server PC in folder: C:\Program Files\Macrium\CMC\AgentFiles

Copy either 'macrium_agent_x64.msi'  (64 Bit) or 'macrium_agent_x86.msi' (32 Bit) to the client PC and run by double clicking in Windows Explorer.


Installer Options - Passphrase

During Installation, you will be prompted to select a passphrase for security purposes. The installer interface for this is shown below: 

What is a passphrase?

Communications between the Macrium Central Management Console and the Macrium Agent are encrypted using AES encryption. To prevent any malicious software using this communication system to exploit either server or client, each client has a passphrase that is used to negotiate the encryption key used for client and server communications. If the server does not have the appropriate passphrase for the client or vice versa, the two sides cannot decrypt each other's data and cannot communicate. This helps to ensure that neither the Management Console or Agent can be used by any unauthorized malicious software and that the client can only be managed by the server which the administrator of the client has allowed to manage it. 

Remote Install

In scenarios where the Management Console pushes the Agent onto the managed computer, a unique passphrase is always set for each client - this is handled completely automatically and ensures the highest level of security.


Use a unique passphrase for each client

The highest security level is to use a unique passphrase for each client. This reduces risk from a single compromised machine. The 'Generate New' button will create a random passphrase or if determined by other means (preallocated by network administrator, generated from a website etc) can be entered in the text box directly.

The passphrase must be entered on the server to enable communications. See later section for details.

It is recommended that passphrases be stored securely as they allow any Management Console to take over management of the client.

Use a network, department or company wide passphrase

For convenience the same passphrase may be used across all machines or a group of machines on the same network. The Management Console does not enforce any restriction that the passphrases must be unique. This option makes installation easier as there are fewer passphrases to record or remember at the expense of slightly increased risk from a compromised machine. When using this method, the advice in the unique passphrase section applies.

 Do not use a passphrase

For a secure network, the most convenient option is checking the the "Don't use a passphrase" button. Using this option, although communications between Agent and Management Console are still encrypted, the keys are negotiated using a default passphrase. Any Management Console can take over management of this client without knowledge of the passphrase used.

In the Management Console, no additional steps should be needed to add a client Agent using this setting.

Adding the client to the Management Console

See the page Managing Remote Computers for details on how to add manually installed machines and set passphrases in the server UI.




  • No labels