Zecurit Connector enables seamless, silent enrollment of devices from your domain or workgroup environment by remotely discovering and deploying the agent without requiring physical access or user intervention. This method is best suited for on-premise Windows networks where Active Directory or Workgroup devices are centrally managed.
Overview
The Zecurit Connector acts as a bridge between your local network and the Zecurit cloud portal. Once installed on a network machine, it:
- Automatically discovers domain/workgroup devices
- Enables remote agent deployment using provided credentials
- Supports always-on discovery and enrollment from a single console
Step 1: Install the Zecurit Connector
To begin, the admin needs to install the Zecurit Connector on a Windows machine within the domain/workgroup network.
Prerequisites:
- A Windows 10/11 or Server machine connected to the target network
- The system should be always powered on for continuous discovery and agent deployment
- Internet access is required for the connector to communicate with the Zecurit cloud
To install:
- Log in to the Zecurit portal
- Navigate to Enrollment → Devices → Add Device
- Select “Domain-based Enrollment using Connector”
- Download the Zecurit Connector installer
- Run the installer as an administrator and follow the prompts
- Once installed, the connector will automatically register with your Zecurit account
???? Tip: For best results, install the connector on a server or high-availability workstation that remains online during business hours.
Step 2: Discover Domain or Workgroup Devices
Once the Zecurit Connector is installed and running, it will automatically discover devices on your network. The discovery process includes:
- Fetching hostnames, IP addresses and OS versions of available endpoints
- Detecting if the Zecurit agent is already installed
- Classifying devices as “Yet to Enroll” in the portal
Discovery Scope:
- All Windows devices connected to the same network or domain
- Workgroup machines reachable via subnet
- Devices must respond to remote calls (i.e., firewall/ICMP settings should allow discovery)
Note: The connector does not collect any sensitive data, it only detects eligible devices for enrollment.
Step 3: Configure Remote Deployment Credentials
For the connector to remotely deploy agents, it needs valid admin credentials that allow remote execution on discovered devices.
- In the Zecurit portal, go to Enrollment → Domains
- Click Add Domain → Select Connector
- Add the appropriate:
- Domain admin credentials for Active Directory environments
- Local admin credentials for Workgroup environments
You can securely store multiple credential sets for different domains of your network.
Credentials are encrypted and stored securely in your account.
Step 4: Select and Enroll Devices
Once devices are discovered and credentials are configured:
- Go to Enrollment → Devices → Yet to Enroll
- Use filters (e.g., OS, name, IP) to locate the target devices
- Select one or multiple devices to enroll
- Click Enroll and Deploy Agent
The connector will:
- Establish a secure connection to each selected device
- Authenticate using the stored credentials
- Silently install the Zecurit agent in the background
Enrolled devices will move from the “Yet to Enroll” tab to the active “Devices” list.
What Happens After Enrollment?
- The agent starts running as a background service
- The device reports inventory and health status to the Zecurit portal
- Any assigned alert policies or software controls are applied automatically
- You can now group, monitor and manage the device like any other enrolled asset
Troubleshooting Tips
| Issue | Possible Solution |
|---|---|
| Devices not discovered | Ensure they’re online, reachable and firewall allows discovery (ICMP/SMB) |
| Remote agent deployment fails | Double-check stored credentials and that file/print sharing is enabled on targets |
| Connector goes offline | Make sure the host machine stays powered and connected to the internet |
| “Access Denied” during install | Use domain-level admin credentials with elevated rights on endpoints |
Best Practices
- Install the connector on a dedicated, stable machine
- Keep one connector per location or network segment for distributed setups
- Regularly review and update deployment credentials
- Use tags or groups to organize newly enrolled devices