{"id":2461,"date":"2025-07-01T07:42:48","date_gmt":"2025-07-01T07:42:48","guid":{"rendered":"https:\/\/zecurit.com\/help\/docs\/asset-manager\/device-enrollment\/enrollment-via-domain-using-zecurit-connector\/"},"modified":"2025-07-22T09:33:08","modified_gmt":"2025-07-22T09:33:08","slug":"enrollment-via-domain-using-zecurit-connector","status":"publish","type":"docs","link":"https:\/\/zecurit.com\/help\/asset-management\/device-enrollment\/silent-and-bulk-enrollment\/enrollment-via-domain-using-zecurit-connector\/","title":{"rendered":"Enrollment via Domain using Zecurit Connector"},"content":{"rendered":"\n<p>Zecurit Connector enables seamless, silent enrollment of devices from your domain or workgroup environment by remotely discovering and deploying the agent without requiring physical access or user intervention. This method is best suited for on-premise Windows networks where Active Directory or Workgroup devices are centrally managed.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>The Zecurit Connector acts as a <strong>bridge<\/strong> between your local network and the Zecurit cloud portal. Once installed on a network machine, it:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Automatically discovers domain\/workgroup devices<\/li>\n\n\n\n<li>Enables <strong>remote agent deployment<\/strong> using provided credentials<\/li>\n\n\n\n<li>Supports <strong>always-on discovery and enrollment<\/strong> from a single console<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Step 1: Install the Zecurit Connector<\/h2>\n\n\n\n<p>To begin, the admin needs to install the Zecurit Connector on a Windows machine within the domain\/workgroup network.<\/p>\n\n\n\n<p><strong>Prerequisites:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A Windows 10\/11 or Server machine connected to the target network<\/li>\n\n\n\n<li>The system should be <strong>always powered on<\/strong> for continuous discovery and agent deployment<\/li>\n\n\n\n<li>Internet access is required for the connector to communicate with the Zecurit cloud<\/li>\n<\/ul>\n\n\n\n<p><strong>To install:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Log in to the <strong>Zecurit portal<\/strong><\/li>\n\n\n\n<li>Navigate to <strong>Enrollment \u2192 Devices \u2192 Add Device<\/strong><\/li>\n\n\n\n<li>Select <strong>\u201cDomain-based Enrollment using Connector\u201d<\/strong><\/li>\n\n\n\n<li>Download the <strong>Zecurit Connector installer<\/strong><\/li>\n\n\n\n<li>Run the installer as an administrator and follow the prompts<\/li>\n\n\n\n<li>Once installed, the connector will automatically register with your Zecurit account<\/li>\n<\/ol>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>???? Tip: For best results, install the connector on a server or high-availability workstation that remains online during business hours.<\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Step 2: Discover Domain or Workgroup Devices<\/h2>\n\n\n\n<p>Once the Zecurit Connector is installed and running, it will <strong>automatically discover<\/strong> devices on your network. The discovery process includes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Fetching <strong>hostnames, IP addresses<\/strong> and <strong>OS versions<\/strong> of available endpoints<\/li>\n\n\n\n<li>Detecting if the Zecurit agent is already installed<\/li>\n\n\n\n<li>Classifying devices as <strong>\u201cYet to Enroll\u201d<\/strong> in the portal<\/li>\n<\/ul>\n\n\n\n<p><strong>Discovery Scope:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>All Windows devices connected to the same network or domain<\/li>\n\n\n\n<li>Workgroup machines reachable via subnet<\/li>\n\n\n\n<li>Devices must respond to remote calls (i.e., firewall\/ICMP settings should allow discovery)<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Note: The connector does not collect any sensitive data, it only detects eligible devices for enrollment.<\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Step 3: Configure Remote Deployment Credentials<\/h2>\n\n\n\n<p>For the connector to <strong>remotely deploy agents<\/strong>, it needs valid admin credentials that allow remote execution on discovered devices.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the Zecurit portal, go to <strong>Enrollment \u2192 Domains <\/strong><\/li>\n\n\n\n<li>Click <strong>Add Domain \u2192 Select Connector <\/strong><\/li>\n\n\n\n<li>Add the appropriate:\n<ul class=\"wp-block-list\">\n<li><strong>Domain admin<\/strong> credentials for Active Directory environments<\/li>\n\n\n\n<li><strong>Local admin<\/strong> credentials for Workgroup environments<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<p>You can securely store multiple credential sets for different domains of your network.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Credentials are encrypted and stored securely in your account.<\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Step 4: Select and Enroll Devices<\/h2>\n\n\n\n<p>Once devices are discovered and credentials are configured:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Enrollment \u2192 Devices \u2192 Yet to Enroll<\/strong><\/li>\n\n\n\n<li>Use filters (e.g., OS, name, IP) to locate the target devices<\/li>\n\n\n\n<li>Select one or multiple devices to enroll<\/li>\n\n\n\n<li>Click <strong>Enroll and Deploy Agent<\/strong><\/li>\n<\/ol>\n\n\n\n<p>The connector will:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Establish a secure connection to each selected device<\/li>\n\n\n\n<li>Authenticate using the stored credentials<\/li>\n\n\n\n<li>Silently install the Zecurit agent in the background<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Enrolled devices will move from the \u201cYet to Enroll\u201d tab to the active \u201cDevices\u201d list.<\/p>\n<\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">What Happens After Enrollment?<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The agent starts running as a background service<\/li>\n\n\n\n<li>The device reports inventory and health status to the Zecurit portal<\/li>\n\n\n\n<li>Any assigned alert policies or software controls are applied automatically<\/li>\n\n\n\n<li>You can now group, monitor and manage the device like any other enrolled asset<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Troubleshooting Tips<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th><strong>Issue<\/strong><\/th><th><strong>Possible Solution<\/strong><\/th><\/tr><\/thead><tbody><tr><td>Devices not discovered<\/td><td>Ensure they\u2019re online, reachable and firewall allows discovery (ICMP\/SMB)<\/td><\/tr><tr><td>Remote agent deployment fails<\/td><td>Double-check stored credentials and that file\/print sharing is enabled on targets<\/td><\/tr><tr><td>Connector goes offline<\/td><td>Make sure the host machine stays powered and connected to the internet<\/td><\/tr><tr><td>\u201cAccess Denied\u201d during install<\/td><td>Use domain-level admin credentials with elevated rights on endpoints<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Best Practices<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Install the connector on a <strong>dedicated, stable machine<\/strong><\/li>\n\n\n\n<li>Keep one <strong>connector per location or network segment<\/strong> for distributed setups<\/li>\n\n\n\n<li>Regularly review and update <strong>deployment credentials<\/strong><\/li>\n\n\n\n<li>Use <strong>tags or groups<\/strong> to organize newly enrolled devices<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Related Topics<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.notion.so\/help-zecurit-com-21ebe43fb75a80e680ced6bf64f15817?pvs=21\" target=\"_blank\" rel=\"noopener\">Enrollment via Microsoft Azure<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.notion.so\/help-zecurit-com-21ebe43fb75a80e680ced6bf64f15817?pvs=21\" target=\"_blank\" rel=\"noopener\">Enrollment via Active Directory GPO<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.notion.so\/help-zecurit-com-21ebe43fb75a80e680ced6bf64f15817?pvs=21\" target=\"_blank\" rel=\"noopener\">Viewing and Managing Enrolled Devices<\/a><\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"featured_media":0,"parent":2456,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","doc_tag":[],"class_list":["post-2461","docs","type-docs","status-publish","hentry"],"comment_count":0,"_links":{"self":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2461","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/comments?post=2461"}],"version-history":[{"count":2,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2461\/revisions"}],"predecessor-version":[{"id":2889,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2461\/revisions\/2889"}],"up":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/2456"}],"wp:attachment":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/media?parent=2461"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/doc_tag?post=2461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}