ControlUp Community

Connect, Learn, and Grow

Automating the Deployment of ControlUp for Compliance

Posted on

A user asked about automating the deployment of ControlUp for Compliance (formerly known as Secure DX) for new physical machines. Another user shared a script that could run the installation silently. The script can be found at https://cdn.spm.controlup.com/agent. Instructions were provided on checking for the latest version and running the script if necessary.

Read the entire ‘Automating the Deployment of ControlUp for Compliance’ thread below:

Good day,

Does anyone know if there is a way to automate the deployment of Secure DX for new physical machines? Instead of the Gui method through the configuration menu of Secure DX

@member I think you wrote the script in our demo environment. Can we share that or is that old and/or no longer useful?

Arjan, the ControlUp for Compliance (formerly known as Secure DX) does not need any configuration during deployment, thus you can download the installer and run it silently:

“`[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

$file_path = "C:\Program Files\ControlUp\SRM\srmagent.exe"

$latest_version = "C:\ProgramData\ControlUp\SRM\LatestSRMversion.txt"

$urlfileversion = "https://cdn.spm.controlup.com/agent/LatestSRMversion.txt"

$folderPath = "C:\ProgramData\ControlUp\SRM"

$outputfileversion = "$folderPath\LatestSRMversion.txt"

if (-not (Test-Path $folderPath)) {

New-Item -ItemType Directory -Path $folderPath -Force

}

$AdminGroupSID = "S-1-5-32-544"

$AdminGroup = New-Object System.Security.Principal.SecurityIdentifier($AdminGroupSID)

$FolderAcl = Get-Acl -Path $folderPath

$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($AdminGroup, "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow")

$NewAcl = New-Object System.Security.AccessControl.DirectorySecurity

$NewAcl.SetAccessRuleProtection($true, $false)

$NewAcl.AddAccessRule($AccessRule)

Set-Acl -Path $folderPath -AclObject $NewAcl

(Get-Acl -Path $folderPath).AccessToString

Invoke-WebRequest -Uri $urlfileversion -OutFile $outputfileversion

$severlastversion = Get-Content "$latest_version"

if ((Test-Path $file_path)) {

$file_version = (Get-Item $file_path).VersionInfo.FileVersion

}

function install_srm {

$url = ""

$folderPath = "C:\ProgramData\ControlUp"

$output = "$folderPath\srmagentsetup.exe"

$processNames = @("brooklyn_cli","brooklyn","brooklyninstall","srmagentsetupscoutbees","srmagent","wa_3rd_party_host_32","wa_3rd_party_host_64","srmagentsetup","srmui")

$installfolder = "C:\Program Files\ControlUp\SRM"

# Iterate through the process names

ForEach ($processName in $processNames) {

# Check if the process is currently running

if (Get-Process -Name $processName -ErrorAction SilentlyContinue) {

# If the process is running, kill it

Stop-Process -Name $processName -Force

}

}

# Check if the file exists

if (Test-Path $output) {

# File exists, delete it

Remove-Item -Path $output -Recurse -Force

}

function DownloadFile($url, $output) {

$webRequest = [System.Net.HttpWebRequest]::Create($url)

$webRequest.Method = "GET"

$webResponse = $webRequest.GetResponse()

$totalBytes = $webResponse.ContentLength

$bufferSize = 4096

$bytesRead = 0

$responseStream = $webResponse.GetResponseStream()

$fileStream = [System.IO.File]::Create($output)

while ($bytesRead -lt $totalBytes) {

$buffer = New-Object byte[] $bufferSize

$read = $responseStream.Read($buffer, 0, $bufferSize)

$fileStream.Write($buffer, 0, $read)

$bytesRead += $read

$progress = [Math]::Floor(($bytesRead / $totalBytes) * 100)

Write-Host ("Progress: {0}% – {1} of {2} bytes" -f $progress, $bytesRead, $totalBytes)

}

$responseStream.Close()

$fileStream.Close()

Write-Host "Download completed."

}

# Download the file

DownloadFile $url $output

# Run the file as an administrator

Start-Process -FilePath "$output" -ArgumentList "/S"

}

Check the file version and run the corresponding function

if ($file_version -lt $severlastversion) {

install_srm

} else {

Write-Host "ok"

} “`

Continue reading and comment on the thread ‘Automating the Deployment of ControlUp for Compliance’.  Not a member? Join Here!

Categories: All Archives, ControlUp for Compliance, ControlUp Scripts & Triggers
Topics: , ,

Ask Us Anything, Connect, Learn, and Grow with the ControlUp Community!

Login to the ControlUp Community to ask us anything, stay up-to-date on what’s new and coming soon and meet other like-minded techies like you.

Not already a member? Join Today!