Installing Collector on Windows
Last updated
Last updated
You must install Collector on all the Windows devices you want to connect to the Nexthink platform. For small setups or specific cases, you may opt for installing Collector manually on each device. For medium to large setups, the installation of Collector usually requires automated deployment tools. To keep Collector up-to-date, either rely on the same deployment tools you used for the installation or the automated update powered by Nexthink.
Ensure that no version of Nexthink Collector is running on the Windows instance. When applicable, uninstall existing Collector version.
The fully qualified domain name (FQDN) of your Nexthink instance.
One or more Windows devices on which to install Collector.
The Nexthink Collector installer or the Collector MSI packages.
The customer key and root certificate associated with your Nexthink instance.
(optional) A third-party deployment tool.
Find the Nexthink Collector installer and the Collector MSI packages inside the Collector ZIP file available from the product downloads page of Nexthink:
Navigate to the official .
Sign in with your customer credentials.
Click the entry for the latest Nexthink Infinity Release.
Find the Collector section.
Click to download the Collector package for Windows.
Verify your download with the provided SHA-256 hash.
Extract the contents of the downloaded ZIP file.
Find the Nexthink Collector Installer in the Installer > Collector folder.
This is the recommended tool for generating an executable that embeds the Collector MSIs and the custom configuration options in a single bundle to easily deploy the Collector. Two versions are provided:
Nexthink_Collector_Installer_Silent.exe
to generate silent Collector installers. When deploying the Collector on a device, a silent installer renders the installation procedure unnoticeable to the end-user of the device.
Nexthink_Collector_Installer.exe
to generate installers that open a command-line window.
Find the Collector MSI file NEXThink_Collector.msi in the folder x64 > signed.
The Nexthink Collector installer is a tool that helps you deploy Collector by producing a standalone executable file.
To generate the executable, use the graphical interface of the installer to set the installing options of Collector:
Double-click the appropriate Nexthink Collector installer executable file for generating either:
A silent installer:
Nexthink_Collector_Installer_Silent.exe
An installer that opens a command-line window:
Nexthink_Collector_Installer.exe
Specify the configuration settings of the Nexthink instance that will receive the data under Nexthink Appliance settings:
Address Use the fully qualified domain name (FQDN) of your Nexthink instance, sometimes referred to as the destination URL.
Data over TCP Tick the option to send data over a TCP channel.
Ports (TCP) Port number to set to 443.
Ports (UDP) This feature must not be selected when using the Nexthink cloud platform.
DNS Tick the option Prefer IPv6 if you want the Collector to favor the use of IPv6 over IPv4 to communicate with the instance.
Set the General settings. Optionally tick the box for any additional setting. In particular:
Check the option Use the assignment service if you have activated the rule-based assignment of Collectors.
Select the activation of the Engage features depending on the target operating system:
Enable except on servers Collector launches campaigns only on devices that do not run a server operating system.
Enable on all devices Collector launches campaigns on devices with any type of operating system.
Disable Collector ignores campaigns.
Select the Script execution policy for remote actions that Collector will run on the device:
Signed by a trusted publisher or by Nexthink (default) Collector runs on the device, only those remote actions with a PowerShell script that is signed either by Nexthink or by a company whose certificate is listed in the Trusted Publishers certificate store.
Signed by a trusted publisher Collector runs on the device, only those remote actions with a PowerShell script that is signed by a company whose certificate is listed in the Trusted Publishers certificate store.
Disabled Collector runs no remote action on the device.
Unrestricted Collector runs any remote action on the device, regardless of the digital signature of its script.
(optional) Type in an integer number (0 to 2147483647) as Collector tag to identify the group of Collectors generated with the installer. The Collector tag is useful for defining the entities to build up hierarchies.
(optional) For more flexibility in the identification of Collectors, type in a label (max 2048 characters) as Collector string tag to identify the group of Collectors generated with the installer. The Collector string tag is useful for defining the entities to build up hierarchies.
Choose the Customer Key file that protects the connection to the Nexthink instance.
Specify a couple of directories:
Output directory Click Browse to select the folder in which the executable files of both Collector install and uninstall will be created.
(optional) Logs directory Type in the network place where Collector deployed with this method must save the installation logs.
Tick Automatic proxy to provide a PAC file for the automatic configuration of the proxy settings.
PAC address Type in the URL of the PAC file.
Tick Manual proxy to manually provide the proxy settings.
Proxy address Type in the FQDN of the proxy.
Proxy port Type in the port number where the proxy is listening.
Click Create to trigger the generation of three files:
NEXThink_Collector[Nexthink_Experience_FQDN].exe
Executable file to install the Collector.
NEXThink_Collector_Uninstaller[Nexthink_Experience_FQDN].exe
Executable file to uninstall the Collector.
NEXThink_Collector[Nexthink_Experience_FQDN].exe.txt
Text file with the list of the settings used to create the executable installer.
Click OK to close the dialog box.
The installer executable returns one of the following values:
0 Success, a reboot is not required.
-1 Success, a reboot is required.
3 Failure, the Collector installation started but msiexec failed.
The uninstaller executable returns one of the following values:
0 Success, a reboot is not required.
-1 Success, a reboot is required.
1 Success, Collector was not found and nothing was uninstalled.
3 Failure, the Collector uninstallation started but msiexec failed.
In this section, learn how to deploy Collector over groups of end-user devices using Microsoft System Center Configuration Manager (SCCM). The instructions assume that you are a systems administrator with a basic understanding of the Windows operating system and deploying enterprise software and that you are familiar with Microsoft SCCM. This documentation covers the deployment of Collector with SCCM 2012. For other versions of SCCM, the procedure may be slightly different. Please refer to the section on deploying software packages in the user manual of your specific version to deploy Collector.
The deployment of Collector using SCCM requires you to provide an executable file that is responsible for the actual installation of Collector on your devices. To generate this executable, use the Nexthink Collector installer.
Create a collection of devices:
Click the Windows Start button, go to the Microsoft System Center 2012 program group, and run the Configuration Manager console.
In the Assets and Compliance workspace on the left-hand side of the main panel, right-click Device Collections and select Create Device Collection.
On the General page of the Create Device Collection Wizard, specify the following fields:
Name Type in a unique name for the collection.
(optional) Comment Type in a comment describing the intent of the collection.
(optional) Limiting collection Click Browse to select a collection that puts a limit on the members of the current collection or select All systems in order to not limit the current collection.
Create a boundary and add it to a boundary group:
In the Configuration Manager console, go to the Administration workspace.
Right-click Boundaries and select Create Boundary.
Define the boundary by setting additional restrictions on the target devices in which to push the software installation (for example, by IP address range).
Right-click Boundary Groups and select Create Boundary Group.
Type in a name for the group.
Add the previously created boundary to this group.
(optional) Verify that you added the correct number of devices to the group by looking at the value in the column Member Count.
Create the application to install:
In the Configuration Manager console, go to the Software Library workspace.
Right-click Applications and select Create Application.
Choose the option Manually specify the application information.
Specify the location and name of the application (in our case, the name should be Nexthink_Collector_Installer_Silent.exe). The new application is added to the list of available applications.
Now the new application should appear in the list. When you click it, there is a Deployments tab at the bottom of the window. Later this tab will show a list of deployments of this application to different device groups.
Distribute and deploy the application:
In the list of Applications, right-click the previously created Collector application and select Distribute Content. The distribution wizard opens.
Confirm the correct executable file of the installer (Nexthink_Collector_Installer_Silent.exe).
As Content Destination, select Distribution Point.
Specify the shared folder that holds the installer.
(optional) Survey the distribution process from the Configuration Manager console.
In the main panel, navigate to Monitoring > Distribution Status > Content Status.
Click the application that you have just distributed. If you see Success and a green-colored graph below, you can now deploy the application.
Back in the Software Library workspace, navigate to Applications.
Right-click the Collector application and select Deploy.
Select the collection of devices that you created earlier.
If you cannot see your collection in the list, switch from User Collections to Device Collections.
Check that the distribution point is correct and click Next.
Set Action to Install and Purpose to Required and click Next.
Set the Schedule to an appropriate moment to start the deployment (for example As soon as possible) and click Next.
Tick Software installation and click Next.
Accept the default options for the rest of the wizard.
(optional) Check the status of your deployment in the Deployments tab at the bottom of the window.
To verify the deployment on a client device:
Log in to the client device and wait for the pop-up notification about the installation of new software.
To speed up this process a little bit, you can manually force the software deployment evaluation cycle in the SCCM client:
Open the Control Panel.
Navigate to Configuration Manager and click the Actions tab.
Choose Machine Policy Retrieval & Evaluation Cycle and click Run Now.
Choose Application Deployment Evaluation Cycle and click Run Now.
To debug the deployment process and see its log files, check the following:
On the server machine, open the SCCM utility to view log files
C:\Program Files\Microsoft Configuration Manager\tools\cmtrace.exe
The server logs are stored in
C:\Program Files\Microsoft Configuration Manager\Logs\
On the client machine, the logs are stored in one of these three paths:
C:\Windows\CCM\
C:\Windows\ccmsetup\
C:\Windows\ccmcache\
If your deployment is not successful, check the following troubleshooting points:
In the Configuration Manager console, navigate to Administration > Site Configuration > Servers and Site System Roles and choose your server. In the table below, right-click Distribution point and select Properties. In the Boundary Groups tab, verify that the boundary group that you previously created is listed in the Boundary Groups list. If not, add it to the list.
In the Configuration Manager console, navigate to Software Library > Applications. Right-click the Collector application and select Properties. Verify the following points:
In the Distribution Settings tab, ensure that the option Distribute the content for this package to preferred distribution points is ticked.
In the Content Locations tab, make sure that your distribution point (the path to your shared folder) is in the table. If not, add it, and click Redistribute.
If the remote installation fails with error code 0x87d00324 (displayed in Software Center on the client machine), the installation itself was in fact successful and Collector should be running. It is the mechanism for detecting the installation of the application which has failed. In this case, check the detection criteria:
In Software Library, right-click the deployed Collector application and select Properties.
In the tab Deployment Types, double-click the installer script in the list Detection Method.
Check if the detection method is configured correctly. Since you are using the Collector installer executable, the detection should be done by a registry key.
In this section, learn how to deploy Collector over large groups of devices using a Group Policy Object (GPO) for Active Directory environments. The instructions assume that you are a system administrator with a good understanding of the Windows operating system and the deployment of enterprise software.
Log in to the server as an administrator user.
Create a shared network folder.
Set permissions on this folder in order to allow access to the distribution package.
Copy the Collector MSI to the shared folder.
Generate transform files (MST) for controlling the options passed to the MSI for installation. For example, use the Orca utility from Microsoft to generate the MST.
Copy the generated MST to the shared folder.
Create a Group Policy Object:
Click on the Start button, go to All Programs, select Administrative Tools and then select Active Directory Users and Computers.
Right-click your domain name in the console tree, select New and click Organizational Unit.
In the New Object dialog box, type a descriptive name for the new organizational unit (OU), and then click OK.
In the right panel, select Computers and click on the computer that you want to add to your organizational unit.
Drag and drop these computers in the name of the organizational unit created. In the right panel, select Nexthink_Collector_Deploy, you will see all the computers tied to your organizational unit.
Click on the Start button, go to All Programs, select Administrative Tools and then select Group Policy Management.
Right-click your domain name in the console tree and select Create a GPO in this domain, and Link it here...
In the New GPO dialog box, type a descriptive name for the new policy, and then click OK.
Click on the Start button, go to All Programs, select Administrative Tools and then select Group Policy Management.
Right-click your GPO name and select Edit....
On this Group Management Editor, expand Computer Policies, Software Settings and Software Installation, select New and then click Package...
In the Open dialog box, browse to the distribution point you created for Nexthink Collector during the distribution point.
Select the MSI file containing the Collector installer you want to deploy, and then click Open.
In the Deploy Software dialog box, select Advanced, and then click OK.
In the Properties dialog box for the package you created.
Click the Deployment tab, and then select Uninstall this application when it falls out of the scope of management.
Click Advanced on the Deployment tab, choose Ignore language when deploying this package, uncheck the option Make this 32-bit X86 application available to Win64 machines, and then click OK.
On the Modifications tab, specify any modification transforms you want to apply when the package is installed by clicking Add and then opening each transform from its network location.
On the Security tab, verify the name(s) of any computer(s) to which you are assigning software.
Click OK to close the Properties dialog box.
In the Group Policy dialog box, expand Computer Configuration, Administrative Templates, and Windows Components.
In the Windows Components folder, select Windows Installer.
Select Always install with elevated privileges.
Select Properties.
In the Always install with elevated privileges Properties dialog box, click the Setting tab, select Enabled, and then click OK.
In the Windows Installer panel of the Group Policy dialog box, right-click Logging, and then select Properties.
In the Logging Properties dialog box, on the Setting tab, select Enabled.
Then, in the Logging text box, type iweaprcv.
Click OK to close the Logging Properties dialog box.
In the Group Policy dialog box, click File, and then click Exit.
The GPO must be propagated to the Active Directory Global Catalog and then to the individual computers. For this reason, allow 5-10 minutes before restarting the computers to which you are assigning Nexthink Collector, or plan to restart the client computers twice before the system policies are synchronized.
Go to a target PC that is a member of the OU you tied the policy to.
Click Start, Run and type gpupdate /force.
A logoff or a restart message will appear: type Y and Enter.
When you restart, you should see the message Installing Nexthink Collector... for about a minute depending on the speed of your network and pc.
Click Start, Run and type eventvwr.msc to show the event viewer message. In the left pane, select Application, you will see some source events MsiInstaller logged as a Success Audit event.
If you have any errors, go to C:Windows/Temp/Msi.log and see the error log generated.
Sometimes you may need to redeploy a package (for example, when doing an upgrade). To redeploy a package:
Click the Start button, go to Programs, select Administrative Tools and then select Group Policy Management.
Right-click your domain name in the console tree and select the Properties context menu.
Go to the Group Policy tab, select the object you used to deploy the package and click Edit.
Expand the Software Settings element (per user or per machine) which contains the deployed package.
Expand the Software Installation element which contains the deployed package.
Right-click the package in the right pane of the Group Policy window.
Select the All Tasks menu and click Redeploy application.
Click the Yes button to reinstall the application wherever it is installed.
Close the Group Policy Management Editor, click OK and exit the Group Policy Management.
The GPO must be propagated to the Active Directory Global Catalog and then to individual computers. For this reason, allow 5-10 minutes before restarting the computers to which you are assigning Collector, or plan to restart the client computers twice before the system policies are synchronized.
Click on the Start button, go to Programs, select Administrative Tools and then select Group Policy Management.
Right-click your domain name in the console tree and select the Properties context menu.
Go to the Group Policy tab, select the object you used to deploy the package and click Edit.
Expand the Software Settings element (per-user or per-machine) which contains the deployed package.
Expand the Software Installation element which contains the deployed package.
Right-click the package in the right pane of the Group Policy window.
Select the All Tasks menu and click Remove.
Select from the following options:
Immediately uninstall the software from users and computers.
Allow users to continue to use the software but prevent new installations.
Click the OK button to continue.
Close the Group Policy Management Editor, click OK and exit the Group Policy Management.
The GPO must be propagated to the Active Directory Global Catalog and then to individual computers. For this reason, allow 5-10 minutes before restarting the computers to which you are assigning Collector, or plan to restart the client computers twice before the system policies are synchronized.
Use the Collector MSI package to install Collector either in interactive mode or in silent mode (also sometimes referred to as unattended mode). In the latter case, no user interaction is required once the installation process is started.
This method of installing Collector individually on every device is very tedious for large enterprises. Therefore, we only recommend it for proof of concept or testing purposes.
Double-click the Nexthink Collector MSI file (NEXThink_Collector.msi) to start the installation program.
After reading the welcome message, click Next.
Fill out the form of installation settings:
Appliance Name or IP address FQDN of your Nexthink instance.
Appliance TCP Port Port number to set to 443.
Customer Key Copy to this field the content of the file that holds the customer key of the Nexthink instance:
Open the customer key file using Notepad.
Press Ctrl+A to select all the text.
Press Ctrl+C to copy the text.
Back in the Customer Key field, press Ctrl+V to paste the copied key.
Click Next.
The installer is now ready and you can click Install to begin the actual installation.
Click Finish to close the installation wizard once it has been completed.
To install Collector in silent mode, run msiexec.exe in the command-line interface (CLI). The executable program msiexec.exe comes pre-installed with every Microsoft Windows operating system. Custom parameters are provided directly in the CLI and they are not saved from one installation to another. For a single installation, it is preferable to use the graphical installation method instead. For larger deployments with automated tools, we recommend using Windows Installer Transformation Scripts (often referred to as MST files).
The mandatory parameters are:
DRV_IP FQDN of your Nexthink instance.
CRD_PORT Port number to set to 443.
CRD_KEY The customer key of the Nexthink instance.
Here is an example of an unattended installation:
Run the following command in CLI ; change <Your_Key> to the actual value:
Wait for the installation process to complete.
The MSI now installs by default on any kind of Windows device, be it a laptop, a desktop, or a server.
When including Collector in a Windows reference image, remove the UID that Collector may have generated to identify the device.
To ensure the removal of the device UID:
Log in to the Windows device with Collector as a user with administrative rights.
Press the Windows button on your keyboard.
Type in cmd to make the Command Prompt application appear as a result of the search.
Right-click the Command Prompt icon to open a context menu.
Select Run as administrator from the menu.
From the prompt, stop Collector by typing in
nxtcfg.exe /stop
Remove the UID of the device
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Nexthink Coordinator\params" /v uid
To the question Delete the registry value uid (Yes/No)? Answer by typing in yes.
Remove the license_UID of the device
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Nexthink Coordinator\params" /v license_uid
To the question Delete the registry value license_uid (Yes/No)? Answer by typing in yes.
The system confirms that the operation was successful or displays instead an error message if Collector has not generated the UID yet.
To get valuable information from a device, a component of Collector needs to run in a privileged mode as a kernel driver. Contrary to user applications, the programs that run in privileged mode can directly access the memory and the hardware of the device. These are typically the programs that control the peripherals on your devices, such as the mouse, the keyboard, the hard disks, or the network card. Other special programs, like antivirus software, may also need to run in privileged mode, at least partially. Errors in programs that run in privileged mode are not protected by the process isolation provided by the operating system and may result in system failure. Since all of these programs share the same memory space, the misbehavior of one can destabilize all of the others.
Collector has been carefully designed and thoroughly tested to avoid any kind of program errors. It has also been engineered following the best practices for the development of kernel drivers, behaving like a good citizen with respect to the other drivers that are loaded into the system. Still, in some very rare cases, an elusive programming error may defeat our rigorous testing process or a misbehaving third-party driver can trigger a fault in Collector. In these unfortunate situations, Collector may become unstable and possibly lead to a system failure of the device.
To protect against driver misbehavior, keep your Windows drivers up to date. Older versions of Windows drivers often contain bugs that can lead to instabilities. If a third-party driver consistently destabilizes Collector, the CrashGuard protection of Collector helps to prevent your device from crashing again and again.
The CrashGuard mechanism increases a counter each time a session is abruptly terminated. Abrupt termination of a session is either a system crash (bluescreen), a hard reset, or power off. If a subsequent session is terminated correctly, the counter is reset to zero. Otherwise, the counter is increased again. When the counter reaches a given number of consecutive abruptly terminated sessions, Collector cancels the loading of its drivers at system startup. Of course, the CrashGuard protection is only effective if it is really Collector or its interaction with misbehaving software that is causing the system to crash.
On the other hand, if some end-users have acquired the bad habit of shutting their devices down unsafely, they may inadvertently induce the CrashGuard protection mechanism to wrongly deactivate the loading of Collector by always ending their sessions abruptly. To prevent these users from triggering the CrashGuard protection mechanism, optionally specify a CrashGuard protection time interval that starts being measured at system startup and after which the abrupt termination of a session does not increase the CrashGuard counter. This measure is effective if misbehaving users shut down their devices only after the protection time interval has elapsed, that is, if the protection time interval is shorter than their working day. The default value for the protection time interval is four hours.
Additionally, specify a reactivation time to load back Collector that was previously deactivated by the CrashGuard protection. Take preventive measures during the period of deactivation to fix the issue that made the device crash so often. Collector is loaded back again once the reactivation time has elapsed, during the next boot of the device.
DRV_CRASHGUARD The maximum number of consecutive abruptly terminated sessions after which Collector cancels the loading of its drivers. Default is five sessions.
DRV_CGPI The time interval in minutes after system startup during which the CrashGuard protection mechanism recognizes abrupt terminations as genuine crashes. Default is 240 min (4 hours).
DRV_REACTIVATION The waiting time, expressed in hours, from the moment that the loading of Collector is deactivated because the CrashGuard counter reached its maximum specified count until the moment it is reactivated. Default is 168 hours (7 days).
Installation options that are not shown in the dialog box take their default value. Check Install configuration tool to modify them later with the . In the case of an update, the values of the non-visible settings are preserved from the previous installation.
Check the option Web and Cloud Data if you have purchased the Web and Cloud product. Furthermore, click the button Settings to the right of this option to for which you want to store the full URL paths of web requests. That is, for every web request that falls under one of the specified domains, Collector reports the full URL path and not just the domain.
Optionally provide the under the Proxy configuration section:
other Failure, the actual value corresponds to a .
other Failure, the actual value corresponds to a .
For a comprehensive list of available options for Nexthink Collector, see the .
See also: .
Specify the parameters that control the behavior of the CrashGuard as :
Modify the CrashGuard protection time interval with the on active devices after installation.
In any case, if you suspect that there is a compatibility problem between any of the drivers loaded into the end-user devices of your company and Collector, contact for more information.