This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

NinjaOne Deployment Script

Following the instructions from here:

 NinjaRMM 

--------------

Getting this error in the Ninja Console. 

Action completed: Run Sophos Central Deployment (Win) Result: FAILURE Output: Action: Run Sophos Central Deployment (Win), Result: Failed
C:\ProgramData\NinjaRMMAgent\scripting\customscript_gen_7.ps1 : A positional parameter cannot be found that accepts
argument 'and'.
+ CategoryInfo : InvalidArgument: (:) [customscript_gen_7.ps1], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : PositionalParameterNotFound,customscript_gen_7.ps1

-----------



This thread was automatically locked due to age.
Parents
  • Hi Josh,

    Thanks for reaching out to the Sophos Community Forum. 

    Could you share your customscript_gen_7.ps1 here? You can use the "Insert > Code" buttons when posting a reply so the code from your ps1 script comes through correctly. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • # -----------------------------------------------------------------------------------------------
    # Component: Sophos Central Deployment for Windows
    # Author: Stephen Weber
    # Platform: NinjaRMM
    # Purpose: Using the new Sophos Thin installer, 
    #          perform default install of Sophos Central using the defined parameters
    # Version 1.1
    # -----------------------------------------------------------------------------------------------
    
    #Setup Customer Parameters
    
    param(
    	[Parameter(Mandatory=$true)]
    	[string] $Name,
    	[Alias("c")]
    	[string] $CustomerToken,
    	[ValidateSet("CIXE", "CIXA", "CIXAXDR", "MDR", "All", "Encrypt")]
    	[Alias("p")]
    	[string] $ProductSelection
    )
    
    # Define Functions
    
    function Get-SophosInstalled {
    
    $Global:installed = (gp HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*).DisplayName -contains "Sophos Endpoint Agent"
    $Global:mcsclient = Get-Service -name "Sophos MCS Client" -ea SilentlyContinue
    $Global:mcsagent = Get-Service -name "Sophos MCS Agent" -ea SilentlyContinue
    }
    
    # Sophos Central Installation
    Start-Transcript c:\temp\SophosCentralInstallLog.txt
    Write-Host "Starting the Sophos Central Installation based on the variables defined in the site"
    Write-Host ""
    Write-Host "Checking to see if Sophos is Already Installed"
    
    Get-SophosInstalled
    if ($installed -eq "True") {
    	Write-Host "--Sophos Central Endpoint Agent Installed"
    	if ($mcsclient.Status -eq "Running"){	
    	Write-Host "--Sophos MCS Client is Running"
    	Exit 0
    	}
    }
    else {
    	Write-Host "--Sophos Central is Not Installed"
    	Write-Host "Sophos MCS Client is Not Running"
    	}
    
    # Check for the Site Variables
    Write-Host ""
    Write-Host "Checking the Variables"
    
    if (!$CustomerToken)
    	{Write-Host "--Customer Token Not Set or Missing"
        Stop-Transcript
    	Exit 1}
    else
    	{Write-Host "--CustomerToken = "$CustomerToken""}
    
    #Pull Device OS Info for Workstation or Server Detection
    
    $osInfo = Get-WmiObject -Class Win32_OperatingSystem
    
    # Sophos Workstation Product Selection
    if ($osInfo.ProductType -eq '1') {
    	if (!$ProductSelection) {
    		Write-Host "--Product Not Set or Missing"
    		Stop-Transcript
    		Exit 1
    	}  
    		elseif ($ProductSelection -eq 'CIXE') {
    		$Products = "antivirus,intercept"
    	}  
    		elseif ($ProductSelection -eq 'CIXA') {
    		$Products = "antivirus,intercept"
    	}
    		elseif ($ProductSelection -eq 'CIXAXDR') {
    		$Products = "antivirus,intercept,xdr"
    	}
    		elseif ($ProductSelection -eq 'MDR') {
    		$Products = "antivirus,intercept,xdr,mdr"
    	}
    		elseif ($ProductSelection -eq 'ALL') {
    		$Products = "all"
    	}
    		elseif ($ProductSelection -eq 'Encrypt') {
    		$Products = "DeviceEncryption"
    	}
    }
    # Sophos Server Product Selection
    else {
    	if (!$ProductSelection) {
    		Write-Host "--Product Not Set or Missing"
    		Stop-Transcript
    		Exit 1
    	}  
    		elseif ($ProductSelection -eq 'CIXE') {
    		$Products = "antivirus,intercept"
    	}  
    		elseif ($ProductSelection -eq 'CIXA') {
    		$Products = "antivirus,intercept"
    	}
    		elseif ($ProductSelection -eq 'CIXAXDR') {
    		$Products = "antivirus,intercept,xdr"
    	}
    		elseif ($ProductSelection -eq 'MDR') {
    		$Products = "antivirus,intercept,xdr,mdr"
    	}
    		elseif ($ProductSelection -eq 'ALL') {
    		$Products = "all"
    	}
    }
    
    # Sophos parameters are defined from the site specific variables
    $arguments = "--products=""" + $Products
    $arguments = $arguments + """ --quiet"
    
    # Check to see if a previous SophosSetup Process is running
    Write-Host ""
    Write-Host "Checking to see if SophosSetup.exe is already running"
    if ((get-process "sophossetup" -ea SilentlyContinue) -eq $Null){
            Write-Host "--SophosSetup Not Running" 
    }
    else {
        Write-Host "Sophos Currently Running, Will Kill the Process before Continuing"
        Stop-Process -processname "sophossetup"
     }
    
    #Force PowerShell to use TLS 1.2
    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
    
    #Check for Existing SophosSetup Installer
    if ((Test-Path c:\temp\SophosSetup.exe) -eq "True"){
    		Write-Host "--Removing the existing SophosSetup Installer"
    		Remove-Item -path c:\temp\SophosSetup.exe
    }
    
    # Download of the Central Customer Installer
    Write-Host ""
    Write-Host "Downloading Sophos Central Installer"
    Invoke-WebRequest -Uri "https://central.sophos.com/api/partners/download/windows/v1/$CustomerToken/SophosSetup.exe" -OutFile c:\temp\SophosSetup.exe
    if ((Test-Path c:\temp\SophosSetup.exe) -eq "True"){
    		Write-Host "--Sophos Setup Installer Downloaded Successfully"
    }
    else {
    	Write-Host "--Sophos Central Installer Did Not Download - Please check Firewall or Web Filter"
    	Stop-Transcript
    	Exit 1
    }
    
    # This Section starts the installer using the arguments defined above
    Write-Host ""
    Write-Host "Installing Sophos Central Endpoint:"
    Write-Host ""
    Write-Host "SophosSetup.exe "$arguments""
    Write-Host ""
    
    start-process c:\temp\SophosSetup.exe $arguments
    
    $timeout = new-timespan -Minutes 30
    $install = [diagnostics.stopwatch]::StartNew()
    while ($install.elapsed -lt $timeout){
        if ((Get-Service "Sophos MCS Client" -ea SilentlyContinue)){
    	Write-Host "Sophos MCS Client Found - Breaking the Loop"
    	Break
    	}
        start-sleep -seconds 60
    }
    Write-Host ""
    Write-Host "Sophos Setup Completed"
    
    # Verify that Sophos Central Endpoint Agent Installed
    Write-Host ""
    Write-Host "Verifying that Sophos Central Endpoint installed and is Running"
    
    Get-SophosInstalled
    if ($installed -eq "True") {
    	Write-Host "--Sophos Central Endpoint Agent Installed Successfully"
    	if ($mcsclient.Status -eq "Running"){
    	Write-Host "--Sophos MCS Client is Running"
    		if ($mcsagent.Status -eq "Running"){
    		Write-Host ""
    		Write-Host "--Sophos MCS Agent is Running"
    		Write-Host ""
    		Write-Host "Sophos Central Agent is Installed and Running"
    		Write-Host ""
    		Stop-Transcript
    		Exit 0
    		}
    	}
    }
    else {
    	Write-Host "--Sophos Central Install Failed"
    	Write-Host ""
    	Write-Host "Please check the Sophos Central Install Logs for more details"
    	Write-Host ""
    	Write-Host "Log Location - <system>\programdata\Sophos\Cloudinstaller\Logs\"
    	Stop-Transcript
    	Exit 1
    	}

    This is the contents of script inside of Ninja RMM.

    It's setup exactly how the guide describes. 

    Ninja don't offer any support for this, so I'm hoping you can help asap. 

  • I'd suggest trying to run the ps1 script locally on one of the affected devices to see if there is an issue with the script itself. 

    You'll need to manually populate the following fields into the script before running it, or after you've triggered it.
    [string] $Name = "Test",
    [string] $CustomerToken = "<Customer-Token>",
    [string] $ProductSelection = "All"

    I used the following command so I wouldn't run into issues with local policies. 
    - powershell -ExecutionPolicy ByPass -File .\ModifiedRMMScript.ps1

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • I'm needing to type in the name manually. Once I specify the name it works. 

    PS C:\test> powershell -ExecutionPolicy ByPass -File .\sophos.ps1
    
    cmdlet sophos.ps1 at command pipeline position 1
    Supply values for the following parameters:
    Name:

    Editing the script to this doesn't work. 

     

    " [string] $Name = "CustomerName",

  • Thank you for verifying. It seems the script will work just fine when run locally. Can you share the arguments you're passing to the script? 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply Children
No Data