Anyone with Sentinel One Agent Deployment Experience (or msi w/token)?
Hello there, I've been tasked with deploying the Sentinel One agent within our network and I keep running into a wall.
This particular agent requires a specific token string during the install process. If I just run the .msi they supplied us, it is a visual gui and asks for a token to complete the installation process. Though I believe I have set the installation up correctly within my KACE's "Scripts" area, the agent doesn't seem to install (even though it says it did). I've set up the Software entry with the .msi file so the Install KACE Script pulls the .msi and I've added the SITE_TOKEN and token string in the correct field within the Script, and when I tell it to run, it says "completed" but the agent isn't installed.
I feel like how I have it set up SHOULD work, but...I may also be doing something silly or missing something obvious. If anyone has any experience with Sentinel One agent in KACE SMA, or an MSI that needs a token for the install process, I could sure use some advice. I've also tried creating a .bat file that pulls from a network share for the msi but that also doesn't seem to work. But the msi has been verified to work if run manually. Thanks in advance.
Answers (5)
Try this Script.
Create New Script
- Name Job: SentinelOne Install or whatever you want
- Type: Online KScript
- Select Devices that you want to install on. I sometimes just leave this blank and then manually just run the script on the computers that I want to install it on.
- Select Windows Operating Systems that you will be deploying to.
- Run As Local System
- Select Allow run without a logged-in user and Run on next connection if offline
- Under Dependency upload the SentinelOneInstaller_windows_64bit_vxx_x_x_x.exe (This file should be downloaded from your SentinelOne Console)
- Under Task
- Verify: Select Always Fail
- Remediation: Launch Program
- Directory: $(KACE_DEPENDENCY_DIR)
- File: SentinelOneInstaller_windows_64bit_vxx_x_x_x.exe (This file name has to match the file name of the uploaded dependency)
- Parameters: /SITE_TOKEN=(INSERT YOUR TOKEN KEY HERE)= /SILENT
- SAVE CHANGES
Save Script
Recommend testing on a test machine before selecting multiple devices.
Comments:
-
Thank you for the information. I've been using the msi but I was able to get the .exe from the console.
One question: for the token, does it need that '=' at the end of the string? For example: /SITE_TOKEN=123456789= ? - OMIC_LS 1 year ago-
Yes, include the = at the beginning and the end = - eriksont 1 year ago
-
Thanks. Still can't get it to work. The exe is successfully dropped into the local drive structure (C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\258), and the debug log *seems* to show that it launches, but after that it, nothing happens. I know it shouldn't be this difficult, but I'm not sure what I'm doing wrong. - OMIC_LS 1 year ago
This site should answer all of your questions about installing with a GPO:
upload the MSI and then try this Powershell script:
Invoke-RestMethod -Uri "Web link to the msi" -OutFile "C:\temp\Sentinel.msi"
# --== Configuration ==-- #
$S1_MSI = "C:\temp\Sentinel.msi" # The source of the S1 MSI installer.
$SiteToken = "put token here" # Replace this with your site token - ask Secure-ISS for this.
# --== Script Start ==-- #
Start-Process -FilePath $S1_MSI -ArgumentList "SITE_TOKEN=$($SiteToken)", "/QUIET", "/NORESTART" -Wait;
save script in this example, I have saved as DemoS1.ps1
In Kace, create a new script.
1. Name: name of script
2. Type: Online KScript
Windows Run As: Local System
Dependencies: upload the DemoS1.ps1 file
Task 1:
Verify:
Launch a program...
Directory: $(KACE_SYS_DIR)\WindowsPowerShell\v1.0
File: powershell.exe
Parameters: -executionpolicy remotesigned -File $(KACE_DEPENDENCY_DIR)\DemoS1.ps1
save changes and test it on a device.