/build/static/layout/Breadcrumb_cap_w.png

Anyone with Sentinel One Agent Deployment Experience (or msi w/token)?

Hello there, I've been tasked with deploying the Sentinel One agent within our network and I keep running into a wall.

This particular agent requires a specific token string during the install process. If I just run the .msi they supplied us, it is a visual gui and asks for a token to complete the installation process. Though I believe I have set the installation up correctly within my KACE's "Scripts" area, the agent doesn't seem to install (even though it says it did). I've set up the Software entry with the .msi file so the Install KACE Script pulls the .msi and I've added the SITE_TOKEN and token string in the correct field within the Script, and when I tell it to run, it says "completed" but the agent isn't installed.

I feel like how I have it set up SHOULD work, but...I may also be doing something silly or missing something obvious. If anyone has any experience with Sentinel One agent in KACE SMA, or an MSI that needs a token for the install process, I could sure use some advice. I've also tried creating a .bat file that pulls from a network share for the msi but that also doesn't seem to work. But the msi has been verified to work if run manually. Thanks in advance.


0 Comments   [ + ] Show comments

Answers (5)

Posted by: eriksont 1 year ago
Yellow Belt
1

Try this Script.

Create New Script

  • Name Job: SentinelOne Install or whatever you want
  • Type: Online KScript
  • Select Devices that you want to install on. I sometimes just leave this blank and then manually just run the script on the computers that I want to install it on.
  • Select Windows Operating Systems that you will be deploying to.
  • Run As Local System
  • Select Allow run without a logged-in user and Run on next connection if offline
  • Under Dependency upload the SentinelOneInstaller_windows_64bit_vxx_x_x_x.exe (This file should be downloaded from your SentinelOne Console)
  • Under Task
    • Verify: Select Always Fail
    • Remediation: Launch Program
      • Directory: $(KACE_DEPENDENCY_DIR)
      • File: SentinelOneInstaller_windows_64bit_vxx_x_x_x.exe (This file name has to match the file name of the uploaded dependency)
      • Parameters: /SITE_TOKEN=(INSERT YOUR TOKEN KEY HERE)= /SILENT
      • SAVE CHANGES

Save Script


Recommend testing on a test machine before selecting multiple devices.


Comments:
  • Thank you for the information. I've been using the msi but I was able to get the .exe from the console.

    One question: for the token, does it need that '=' at the end of the string? For example: /SITE_TOKEN=123456789= ? - OMIC_LS 1 year ago
    • Yes, include the = at the beginning and the end = - eriksont 1 year ago
      • Thanks. Still can't get it to work. The exe is successfully dropped into the local drive structure (C:\ProgramData\Quest\KACE\kbots_cache\packages\kbots\258), and the debug log *seems* to show that it launches, but after that it, nothing happens. I know it shouldn't be this difficult, but I'm not sure what I'm doing wrong. - OMIC_LS 1 year ago
Posted by: WTurgeon 1 year ago
Posted by: rajee05 1 year ago
White Belt
0

upload the MSI and then try this Powershell script:


Invoke-RestMethod -Uri "Web link to the msi" -OutFile "C:\temp\Sentinel.msi"


# --== Configuration ==-- #

$S1_MSI = "C:\temp\Sentinel.msi" # The source of the S1 MSI installer.

$SiteToken = "put token here" # Replace this with your site token - ask Secure-ISS for this.

# --== Script Start ==-- #

Start-Process -FilePath $S1_MSI -ArgumentList "SITE_TOKEN=$($SiteToken)", "/QUIET", "/NORESTART" -Wait;


save script in this example, I have saved as DemoS1.ps1


In Kace, create a new script.

1. Name: name of script

2. Type: Online KScript

Windows Run As: Local System

Dependencies: upload the DemoS1.ps1 file

Task 1:

Verify: 

Launch a program...

Directory: $(KACE_SYS_DIR)\WindowsPowerShell\v1.0

File: powershell.exe

Parameters: -executionpolicy remotesigned -File $(KACE_DEPENDENCY_DIR)\DemoS1.ps1

save changes and test it on a device.

Posted by: TwinkieSlamer 1 year ago
Senior White Belt
0

On our SDA appliance I have this as a post install task. Obviously replace SITETOKEN with your own. I also changed the name of the EXE cause I got tired of trying to type in the full exe name.


S1.exe -t SITETOKEN -q 

Posted by: THimes13 1 year ago
White Belt
0

We use a managed install with exe, override default installation, full command line: (xxxx...is site token) 

sentinelagent.exe --dont_fail_on_config_preserving_failures -t xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx /qn



 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ