Creating and Using a Manual Installation Script

When manually installing Security Controls Agent on machines, one option is to create a script that will automatically pass all necessary agent information to the installation wizard. You can copy the script to a key fob or a USB flash drive and then easily move from machine to machine installing the agent.

The following scripts are provided only as examples. Do not attempt to use these scripts in your organization without modifying the input values and performing adequate testing.

Example scripts for passphrase authentication

STPlatformUpdater.exe /wi:/qn /wi:"/l*v c:\temp\install.log" /wi:SERVERURI=https://consolename:3121 /wi:POLICY=policyname /wi:AUTHENTICATIONTYPE=PASSPHRASE /wi:PASSPHRASE=secret

STPlatformUpdater.exe /wi:/qn /wi:SERVERURI=https://consolename:3121 /wi:POLICY="policy name with spaces" /wi:AUTHENTICATIONTYPE=PASSPHRASE /wi:PASSPHRASE=secret

Example script for Windows authentication

STPlatformUpdater.exe /wi:/qn /wi:"/l*v c:\temp\install.log" /wi:SERVERURI=https://consolename:3121 /wi:POLICY=policyname /wi:AUTHENTICATIONTYPE=WINDOWS /wi:SERVERUSERNAME=domainname\Your.Name /wi:PASSWORD=secret

Example script for cloud-based agent installation

STPlatformUpdater.exe /wi:"/qn /l*v install.log ACTIVATIONKEY=12345abc-2abc-3abc-4abc-123456789abc"

Where:

  • STPlatformUpdater is a bootstrap installer for the agent platform installation
  • /wi means pass this to Windows Installer.
  • /qn means no user interface activity from the installer.
  • /l*v means write a log for the installation attempt. It has one parameter that specifies the log file name.
  • SERVERURI is the address, port, and scheme (e.g. https://) used to connect to the console for registration and check-in.
  • POLICY is the name of the agent policy that will be assigned to the agent.
  • AUTHENTICATIONTYPE is either PASSPHRASE or WINDOWS (this is dictated by the Tools > Options >Agents dialog).
  • PASSPHRASE is the passphrase used to authenticate the agent to the console (used only if AUTHENTICATIONTYPE=PASSPHRASE).
  • SERVERUSERNAME is the name of a user who has rights to install an agent (used only if AUTHENTICATIONTYPE=WINDOWS).
  • PASSWORD is the password used to authenticate the user to the console (used only if AUTHENTICATIONTYPE=WINDOWS).
  • USECURRENTCREDENTIALS=1 can be used in place of SERVERUSERNAME and PASSWORD if you want to authenticate using the credentials of the person who logged on to run the script.
  • ACTIVATIONKEY is the activation key that was created from one of the following:
  • Referencing a key that was created from the console or the REST API enables you to assign the agent machines to a group at installation time.