Sophos Central Thin Installer for Kaseya (Windows)
This article will guide you through the import and then setup of the Central Thin Installer Script XML and then the creation of the Public Managed Variables.
Download the XML Script
<?xml version="1.0" encoding="utf-8"?>
<ScriptExport xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.kaseya.com/vsa/2008/12/Scripting">
<Procedure name="Sophos Central Thin Installer" treePres="3" id="1266145655" folderId="518308505424442" treeFullPath="Sophos Central">
<Body description="">
<If description="">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="<Sophos-Central-Deploy>" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Equals" />
<Parameter xsi:type="StringParameter" name="Value" value="Yes" />
</Condition>
<Then>
<If description="Checking to ensure that the Deploy Sophos Variable is set to Yes">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="<Sophos-Central-Token>" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Exists" />
<Parameter xsi:type="StringParameter" name="Value" value="" />
</Condition>
<Then>
<If description="Checking to ensure that the Token Code Variable Exists">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="<Sophos-Central-Location>" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Exists" />
<Parameter xsi:type="StringParameter" name="Value" value="" />
</Condition>
<Then>
<If description="Checking to ensure that the Location Variable Exists">
<Condition name="CheckVariable">
<Parameter xsi:type="StringParameter" name="VariableName" value="<Sophos-Central-Products>" />
<Parameter xsi:type="EnumParameter" name="Condition" value="Exists" />
<Parameter xsi:type="StringParameter" name="Value" value="" />
</Condition>
<Then>
<If description="Checking to ensure that the Products Variable Exists">
<Condition name="ServiceIsRunning">
<Parameter xsi:type="StringParameter" name="ServiceName" value="Sophos MCS Agent" />
</Condition>
<Then>
<Statement description="Checking to see if the Sophos MCS Agent is installed already" name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="Sophos Endpoint Already Installed" />
</Statement>
</Then>
<Else>
<Statement name="WriteFile" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Path" value="c:\temp\SophosSetup.exe" />
<Parameter xsi:type="StringParameter" name="ManagedFile" value="VSASharedFiles\SophosSetup.exe" />
<Parameter xsi:type="BooleanParameter" name="DeleteAfter" value="False" />
</Statement>
<If description="Transferring the SophosSetup.exe to the workstation/server">
<Condition name="TestFile">
<Parameter xsi:type="StringParameter" name="Path" value="c:\temp\SophosSetup.exe" />
<Parameter xsi:type="EnumParameter" name="Condition" value="NotExists" />
<Parameter xsi:type="StringParameter" name="Value" value="" />
</Condition>
<Then>
<Statement description="Testing to ensure that the SophosSetup.exe transferred" name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="SophosSetup.exe Failed to Transfer" />
</Statement>
</Then>
<Else>
<Statement name="ExecuteFile" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Path" value="c:\temp\SophosSetup.exe" />
<Parameter xsi:type="StringParameter" name="Arguments" value="--customertoken="<Sophos-Central-Token>" --epinstallerserver="<Sophos-Central-Location>" --products="<Sophos-Central-Products>" --quiet" />
<Parameter xsi:type="EnumParameter" name="ExecuteAccount" value="System" />
<Parameter xsi:type="BooleanParameter" name="WaitComplete" value="True" />
</Statement>
<If description="Installing Sophos Central with the Variables">
<Condition name="ServiceIsRunning">
<Parameter xsi:type="StringParameter" name="ServiceName" value="Sophos MCS Agent" />
</Condition>
<Then>
<Statement description="Post Install check to see if the Sophos MCS Service is running and Delete the Setup File" name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="Sophos Endpoint Agent Installed" />
</Statement>
<Statement name="DeleteFile" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Path" value="c:\temp\SophosSetup.exe" />
</Statement>
</Then>
<Else>
<Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="SophosSetup Failed to Installed the Sophos MSC Agent" />
</Statement>
</Else>
</If>
</Else>
</If>
</Else>
</If>
</Then>
<Else>
<Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="Sophos Central Products variable missing" />
</Statement>
</Else>
</If>
</Then>
<Else>
<Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="Sophos Central Location variable missing" />
</Statement>
</Else>
</If>
</Then>
<Else>
<Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="Sophos Central Token variable missing" />
</Statement>
</Else>
</If>
</Then>
<Else>
<Statement name="WriteScriptLogEntry" continueOnFail="false" osType="Windows">
<Parameter xsi:type="StringParameter" name="Comment" value="Sophos Central Deploy not set to 'Yes'" />
</Statement>
</Else>
</If>
</Body>
</Procedure>
</ScriptExport>
Importing the XML Script
The first step is to import the XML Agent Procedure into Kaseya.
Start by going to Agent Procedures - Schedule / Create
Right Click on Shared and Click New Folder - Folder Name: Sophos Central (You can put it where ever you want)
Then Right Click on the Sophos Central Folder and Click Import Folder/Procedure
Click on the Camera Search Button to the right, select the Sophos Central Thin Installer.xml and Click Save
At this point you have the Agent Procedure Installed
Upload the SophosSetup.exe Thin Installer
From the Sophos Partner Dashboard, Click Deployment and then Click on the Endpoint Installer
Save the SophosSetup.exe to your desktop.
Next, you'll go into Kaseya and Agent Procedures - Schedule/Create
Click on Manage Files
Click Shared files, then upload a file.
Upload the SophosSetup.exe, which will then appear under the Current Folder Contents.
Managed Variables Setup
In this next section please ensure that you copy the Managed Variables exactly or else the Script won't work.
Click on the Manage Variables
Next, we need to manually create the New Variables and Apply a few Place Holder Variables
We'll start with the Sophos-Central-Deploy variable
- On the right side under Rename/Create Variable enter Sophos-Central-Deploy
- Select the Public option
- Set Variable Value to No
- Select Unnamed.root
- Then Click Apply
Next, the Sophos-Central-Token variable.
- On the right side under Rename/Create Variable enter Sophos-Central-Token
- Select the Public option
- Set Variable Value to Token Code Here
- Select Unnamed.root
- Then Click Apply
Next, the Sophos-Central-Location variable.
- On the right side under Rename/Create Variable enter Sophos-Central-Location
- Select the Public option
- Set Variable Value to Location Here
- Select Unnamed.root
- Then Click Apply
Next, the Sophos-Central-Products variable.
- On the right side under Rename/Create Variable enter Sophos-Central-Products
- Select the Public option
- Set Variable Value to antivirus,intercept
- Select Unnamed.root
- Then Click Apply
There are a few different options for this field. This is important because it will direct the Agent on which components need to be installed.
The options are as follows:
- antivirus - This indicates that you want Endpoint Advanced or Standard depending on the license selected under Licensing.
- intercept - This indicates that you want Intercept X
- deviceencryption - This indicates that you want Device Encryption
- all - This indicates that you want to install all three components
***For Termed licenses, all will only install the components available on the License ID***
***Use a Comma not a Semi-colon to separate the products***
Customer Additions
For the Next Step, you will need to download the Customer CSV File.
In the Custom CSV File, there will be three columns that are needed. The Customer Name, Customer Token, and Management Server (Location variable).
Applying the Customer CSV Values to the correct Customer or Group
Taking a look at the Agent below, we can see that the Win10Kaseya workstation belong to the root.sophoslab
So for this Customer: sophoslab the workstations are in the root group. So on the Manage Variables set the Deploy, Customer Token, Location (Management Server), and Products
To provide different Variable Options for a Customer, you can create Machine Groups and then group those systems under that Machine Group.
For Example, if we have certain workstations or servers that don't get Sophos installed Create a Machine Group for no sophos
or if you need Intercept X only installed create a Machine Group called intercept only
Then apply the Manage Variables to those Machine Groups under the Agent Procedures. (Refer to Managed Variables Setup)
