install wazuh agent using Windows AD Domain controller

20 views
Skip to first unread message

Arsal Javed Butt

unread,
Dec 19, 2025, 4:25:14 AM (yesterday) Dec 19
to Wazuh | Mailing List
Hello Everyone,

I just wanted to know have anyone tried to install wazuh agent on windows devices using Group policy from Domain controller..?
If yes then can you share how you have installed it on child computers and how you have pushed the ip of manager in ossec.conf file of agent and then restart the agent to apply changes and to connect with wazuh manager automatically.
Hope you understand what i am trying to say. if not, then you can email me.

Regards,

ismail....@wazuh.com

unread,
Dec 19, 2025, 7:20:27 AM (22 hours ago) Dec 19
to Wazuh | Mailing List
Hi,

Yes, the Wazuh agent can be deployed on Windows endpoints using Group Policy (GPO) from the Domain Controller, and this approach also supports automatic configuration of the Wazuh Manager IP and service startup.

Please refer to the following official Wazuh document, which fully addresses your requirement: https://wazuh.com/blog/deploying-wazuh-agent-using-windows-gpo/

  • The Wazuh Windows agent is deployed using the official MSI installer via Group Policy.

  • A Microsoft Transform (MST) file is created and attached to the MSI during GPO deployment.

  • The MST file allows you to preconfigure:

    • Wazuh Manager IP / hostname

    • Communication protocol (TCP/UDP)

    • Enrollment settings (authd server, password if enabled)

  • The MSI and MST files are placed on a shared network location accessible by all domain computers.

  • The GPO is applied at the Computer Configuration level, ensuring installation on child computers automatically.

  • A separate GPO (or preference) can be used to:

    • Ensure the Wazuh Agent service starts automatically

    • Restart the service if required after installation

Additionally, if you are deploying Wazuh in a large environment, with a high number of servers or endpoints, keep in mind that this deployment might be easier using automation tools such as https://documentation.wazuh.com/current/deployment-options/deploying-with-puppet/index.html, https://github.com/wazuh/wazuh-chef, SCCM, or https://documentation.wazuh.com/current/deployment-options/deploying-with-ansible/installation-guide.html.

I hope it helps. Please let us know if you have any further queries or issues here.
Reply all
Reply to author
Forward
0 new messages