Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 12 subscribers
  • Views 2350 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deployment via Powershell

Tom McMahon

We are in an environment where users don't attend site regular. We have opted to use our RMM software (Atera) to deploy a script out remotely to users who have just a internet connection. However it seems that the script is having issues deploying down the program to run. Sophos have recommended we post it here for assistance as I am a bit lost on where to go here , not knowing powershell at all.

###
# Author: Dave Long <dlong@cagedata.com>
# Downloads and installs Sophos
###

###
# Update the below variables to match your setup
$SophosUrl = "Our link to the install via our Sophos Central Endpoint"
$AteraAPIKey = "Obtained and Confirmed Correct API Key"

$SophosTokenCustomValueName = "346cd89ee3e290a6cf997ab28b08a794"
$InstalledProducts = "all" # Can be "all" or a comma-separated list including any of the following: antivirus, intercept, mdr, deviceEncryption, uem
###

if ($null -eq (Get-Module -ListAvailable PSAtera)) {
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module -Name PSAtera -Force
}

Set-AteraAPIKey -APIKey $AteraAPIKey

$Agent = Get-AteraAgent
$SophosToken = Get-AteraCustomValue -ObjectType Customer -ObjectID $Agent.customerID -FieldName "Sophos Token"

if ($SophosToken.ValueAsString -eq "") {
Write-Error "Sophos Token not defined on Customer Record."
exit
}

$SophosInstaller = Join-Path -Path $env:TEMP -ChildPath "SophosSetup.exe"

Invoke-WebRequest -Uri $SophosUrl -OutFile $SophosInstaller

& $sophosInstaller --customertoken="$($SophosToken.ValueAsString)" --epinstallerserver="api-cloudstation-us-east-2.prod.hydra.sophos.com" --products="all" --quiet

do {
Get-Process -Name "*SophosSetup.exe*"
Start-Sleep -Seconds 10
} while (Get-Process -Name "*SophosSetup.exe*" -ErrorAction SilentlyContinue)

Get-Service -Name "*Sophos*"

The error we get is below: 

Begining the installation
c:\temp\ already exists
Start-Process : This command cannot be run due to the error: The system cannot find the file specified.
At C:\Program Files\ATERA 
Networks\AteraAgent\Packages\AgentPackageSystemTools\96e455eb-e599-4cdd-8745-8d5780e89485_Sophos Intercept X Installer 
(copy).ps1:47 char:1
+ Start-Process -FilePath "C:\Program Files\Sophos\Sophos UI\Sophos UI. ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Start-Process], InvalidOperationException
    + FullyQualifiedErrorId : InvalidOperationException,Microsoft.PowerShell.Commands.StartProcessCommand


This thread was automatically locked due to age.
Parents
  • 0

    Hello Tom,

    Thank you for reaching out to the Sophos Community.

    If you’re looking for assistance specifically with an RMM tool, Sophos' Professional Services team is the best-suited to assist you, as they can work with you in order to get your scrips and deployments working to your desired specifications. If you wish to go that route, let me know and I can reach out to you via DM to share additional details. With that being said, we the members of the Sophos Community will do our best to assist you via this thread.

    Based on the output above, the script you've made is named "96e455eb-e599-4cdd-8745-8d5780e89485_Sophos Intercept X Installer(copy).ps1". It does not look like the script starts when it’s called by your RMM agent. Is it possible for you to check if the file exists on the endpoints you’re trying to install on?

    I would like to ask if the Atera agent will try calling the script using SYSTEM level permissions, or if this will run as the logged-in user? If the logged-in user is being leveraged, the user may not have permission to access the directory where the script resides either. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • 0

    Hello Tom,

    Thank you for reaching out to the Sophos Community.

    If you’re looking for assistance specifically with an RMM tool, Sophos' Professional Services team is the best-suited to assist you, as they can work with you in order to get your scrips and deployments working to your desired specifications. If you wish to go that route, let me know and I can reach out to you via DM to share additional details. With that being said, we the members of the Sophos Community will do our best to assist you via this thread.

    Based on the output above, the script you've made is named "96e455eb-e599-4cdd-8745-8d5780e89485_Sophos Intercept X Installer(copy).ps1". It does not look like the script starts when it’s called by your RMM agent. Is it possible for you to check if the file exists on the endpoints you’re trying to install on?

    I would like to ask if the Atera agent will try calling the script using SYSTEM level permissions, or if this will run as the logged-in user? If the logged-in user is being leveraged, the user may not have permission to access the directory where the script resides either. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data
Unfiltered HTML