Tranquil IT Forum

Contact us
at https://forum.tranquil.it/

[RESOLVED] tis-with-secure-agent-desktop and MSI settings

https://forum.tranquil.it/viewtopic.php?t=4323

Page 1 of 1

[RESOLVED] tis-with-secure-agent-desktop and MSI settings

Published: June 11, 2025 - 11:34
by pierre.briec
Hello,

I'd like some information regarding the tis-withsecure-agent-desktop package.
I'm having trouble with the MSI parameters and how to integrate them into the package.
In setup.py, I modified it as follows:

properties={
"VOUCHER": "xxxx-xxxx-xxxx-xxxx-xxxx"
#"UNIQUE_SIGNUP_ID": "smbios"
}

Unfortunately, if I try to add another parameter, the installation fails after regenerating the package.
Can anyone help me with this? Thanks in advance,
Pierre

Re: tis-with-secure-agent-desktop and MSI settings

Published: June 11, 2025 - 1:27 PM
by blemoigne
Good morning,
Did you separate the "properties" with commas?

Code: Select all

properties={
"VOUCHER": "xxxx-xxxx-xxxx-xxxx-xxxx",
"UNIQUE_SIGNUP_ID": "smbios"
}

Re: tis-with-secure-agent-desktop and MSI settings

Published: June 16, 2025 - 10:14
by blemoigne
Hello,
is the problem solved?

Re: tis-with-secure-agent-desktop and MSI settings

Published: June 17, 2025 - 09:34
by t.heroult
For WithSecure, I use a powershell script provided by WithSecure.
My package therefore only contains the InstallWithSecure_S1.ps1 file, and the installation from setup.py only contains the line:

Code: Select all

run('Powershell -WindowStyle Hidden -ExecutionPolicy ByPass -File "InstallWithSecure_S1.ps1"')
Here is the content of the script (you just need to change the serial number).

Code: Select all

Clear-Host
# =======================================================
#  ********** Variables
# =======================================================

$dossierinstall = "c:\windows\temp\"
$CP = "installer"

$serie = "XXXX-XXXX-XXXX-XXXX-XXXX"
$valeur = (Get-ItemProperty -Path "HKLM:\SOFTWARE\MIcrosoft\Windows NT\CurrentVersion"  -Name ProductName).ProductName

if ($valeur -like "*Server*") {
    $serie = "XXXX-XXXX-XXXX-XXXX-XXXX"
}

$fsecurecp = $dossierinstall + $CP + ".exe"

# =======================================================
# ********** Verification deja installe
# =======================================================

$WantFile1 = "C:\Program Files (x86)\F-Secure\PSB\fshoster32.exe"
$WantFile2 = "C:\Program Files\F-Secure\PSB\fshoster32.exe"
$FileExists1 = Test-Path $WantFile1
$FileExists2 = Test-Path $WantFile2

if ( $FileExists1 -eq $True ) { Exit }
if ( $FileExists2 -eq $True ) { Exit }

# =======================================================
# ********** Telechargement
# =======================================================

$FileExists = Test-Path $dossierinstall
If ($FileExists -eq $False) { New-Item -path $dossierinstall -ItemType directory }

$ChkFile = $fsecurecp
$FileExists = Test-Path $ChkFile

If ($FileExists -eq $False) {
    Invoke-WebRequest -Uri http://download.withsecure.com/PSB/latest/ElementsAgentInstaller.exe -OutFile "$fsecurecp"
}

# =======================================================
# ********** D�sinstallation S1
# =======================================================

$ProcessSA = Get-Process SentinelAgent -ErrorAction SilentlyContinue
if ($ProcessSA) {
	#Check Administrator Privilege
	$user = [Security.Principal.WindowsIdentity]::GetCurrent();
	$admin=(New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)  

	if ($admin -eq $false) {
		"Please run the script as Administrator"
		Start-Sleep -s 10
	}

	#Define the API Token
	#To automate the script, get the API Token from management, enter it here, and save the script.
	$token = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
	$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
	$headers.Add("Authorization", "APIToken $token")
	#where $token is your API token. For example, "APIToken abcdefg...."

	#Gets Management URL
	$config = & 'C:\Program Files\SentinelOne\Sentinel*\SentinelCtl.exe' config | select-string -Pattern "server.mgmtServer"
	$mgmt = $config -split ' ' | select -last 1

	#Gets passphrase for Endpoint
	$uuid = & 'C:\Program Files\SentinelOne\Sentinel*\SentinelCtl.exe' agent_id
	$passphrase_url = $mgmt + "/web/api/v2.1/agents/passphrases?uuids="+"$uuid"
	$passphrase = (Invoke-RestMethod ("$passphrase_url") -Method 'GET' -Headers $headers).data.passphrase

	#Start the Uninstallation
	Write-Host "Starting Uninstallation Process..." 
	Write-Host "This Process may take a while. Please do not close the Window."
	& 'C:\Program Files\SentinelOne\Sentinel*\uninstall.exe' /uninstall /norestart /q /k "$passphrase"
}

# =======================================================
# ********** Install
# =======================================================

$Command_line='"' + $fsecurecp + '"'
Start-Process -FilePath $Command_line -Wait -ArgumentList "--silent", "--voucher $serie", '--skip-sidegrade "*"'

Re: tis-with-secure-agent-desktop and MSI settings

Published: July 10, 2025 - 3:09 PM
by dcardon
Hi Thomas,

that's funny, the script you published automatically uninstalls SentinelOne by retrieving the uninstallation password from the SentinelOne management server...

and it also downloads WithSecure if needed.

So basically, the provided WAPT package should do the trick if the VOUCHER value is correctly entered

. Regards,

Denis
Time zone set to UTC+02:00
Page 1 of 1

Developed by phpBB® Forum Software © phpBB Limited

Official French translation © Qiaeru