This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Looking for script to install Central Endpoint via a user with admin privileges

I am looking for a simple way to install Sophos Central Endpoint with a script that passes on a username and password of an admin account. This was possible with earlier versions, but I cannot seem to figure it out. Here is what I have so far:

 

 

@echo off SET MCS_ENDPOINT=Sophos\Management Communications System\Endpoint\McsClient.exe IF "%PROCESSOR_ARCHITECTURE%" == "x86" GOTO X86_PROG IF NOT EXIST "%ProgramFiles(x86)%\%MCS_ENDPOINT%" GOTO INSTALL exit /b 0 :X86_PROG IF NOT EXIST "%ProgramFiles%\%MCS_ENDPOINT%" GOTO INSTALL exit /b 0 :INSTALL pushd \\DIRECTORY WITH INSTALL FILE SophosInstall.exe -q Popd



@ECHO OFF REM --> Check for permissions >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system" REM --> If error flag set, we do not have admin. if '%errorlevel%' NEQ '0' ( echo Requesting administrative privileges... goto UACPrompt ) else ( goto gotAdmin ) :UACPrompt echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs" echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs" "%temp%\getadmin.vbs" exit /B :gotAdmin if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" ) pushd "%CD%" CD /D "%~dp0" @echo off SET MCS_ENDPOINT=Sophos\Management Communications System\Endpoint\McsClient.exe IF "%PROCESSOR_ARCHITECTURE%" == "x86" GOTO X86_PROG IF NOT EXIST "%ProgramFiles(x86)%\%MCS_ENDPOINT%" GOTO INSTALL exit /b 0 :X86_PROG IF NOT EXIST "%ProgramFiles%\%MCS_ENDPOINT%" GOTO INSTALL exit /b 0 :INSTALL pushd \\DIRECTORY WITH INSTALL FILE SophosInstall.exe -q Popd

 

This does not work because it simply does a "run as administrator". How can I set it up to pass on a user and password similar to earlier versions? Example "-user USERNAME -pwd PASSWORD"

 



This thread was automatically locked due to age.
Parents
  • the on-premise installer, setup.exe, which you refer to would take arguments for a username and password but that was just to access the distribution point not to elevate the installer.  You would still need to run it as an administrator.

    I assume you're deploying this script as a logon script, hence where users aren't a local admin then it fails.  Can you not deploy as a startup script such that it runs as system and therefore has enough rights?

    Regards,

    Jak

Reply
  • the on-premise installer, setup.exe, which you refer to would take arguments for a username and password but that was just to access the distribution point not to elevate the installer.  You would still need to run it as an administrator.

    I assume you're deploying this script as a logon script, hence where users aren't a local admin then it fails.  Can you not deploy as a startup script such that it runs as system and therefore has enough rights?

    Regards,

    Jak

Children