Good day, @TechArch. I know this thread is aged a bit and you probably found a solution. I wanted to post what I did for my company. The caveat is that the computers must connect to the VPN and stay connected for a bit of time so that group policy updates are requested, and at that point the policy will install. So for users that are truly remote and have no need for local resources, they are directed via email to "connect to the VPN and leave it running for all of today."
This is a PowerShell script that is deployed through a Group Policy Preference to the computers that we add to an AD group that is listed within the Security Filter of the policy.
$LsAgentVerifyFile = "${Env:ProgramFiles(x86)}\LansweeperAgent\LansweeperAgentService.exe"
$LocalLogFolder = "$ENV:windir\Temp\Lansweeper"
$RemoteLogFolder = "\\OurFileServer\OurShare\Lansweeper LsAgent installation\logs"
if (Test-Path $LocalLogFolder) {
Write-Output "$((Get-Date).ToString()) - Started LsAgent check on $ENV:computername." >> "$LocalLogFolder\LsAgent_install.log"
Write-Output "$((Get-Date).ToString()) - Started LsAgent check on $ENV:computername." >> "$RemoteLogFolder\$ENV:computername.log"
}
else
{
# The folder does not already exist, create the folder.
New-Item $LocalLogFolder -ItemType Directory
Write-Output "$((Get-Date).ToString()) - Started LsAgent check on $ENV:computername." >> "$LocalLogFolder\LsAgent_install.log"
Write-Output "$((Get-Date).ToString()) - Started LsAgent check on $ENV:computername." >> "$RemoteLogFolder\$ENV:computername.log"
}
# If LsAgent doesn't already exist, attempt the installation.
if (-not(Test-Path -Path $LsAgentVerifyFile -PathType Leaf)) {
try {
# Download and install LsAgent using a silent installation routine.
Write-Output "The Lansweeper LsAgent service is being downloaded and installed. This will take a moment."
Invoke-WebRequest -Uri "https://content.lansweeper.com/LsAgent-windows/" -OutFile "$ENV:windir\TEMP\LsAgent-windows.exe"; Start-Process -FilePath "$ENV:windir\TEMP\LsAgent-windows.exe" -ArgumentList "--mode unattended --server OurScanServerHostname --agentkey OurAgentRelayKey" -Wait
Write-Output "$((Get-Date).ToString()) - Completed LsAgent installation on $ENV:computername." >> "$LocalLogFolder\LsAgent_install.log"
Write-Output "$((Get-Date).ToString()) - Completed LsAgent installation on $ENV:computername." >> "$RemoteLogFolder\$ENV:computername.log"
}
catch {
throw $_.Exception.Message
}
}
# If LsAgent already exists, do not re-attempt the installation.
else {
Write-Output "$((Get-Date).ToString()) - Detected that LsAgent is already installed on $ENV:computername." >> "$LocalLogFolder\LsAgent_install.log"
Write-Output "$((Get-Date).ToString()) - Detected that LsAgent is already installed on $ENV:computername." >> "$RemoteLogFolder\$ENV:computername.log"
}
This has been successful thus far. This is not a cure all as you can imagine, and some users will need to be encouraged to follow the directive to hop on the VPN for a while.
If you came up with your own solution, I'd love to hear about it. Thanks.