Deploy RocketAgent using GPO Scheduled Tasks

Updated 3 months ago by Carl Banzhof

This guide will walk through using the Microsoft Group Policy Objects and Scheduled Tasks to deploy the RocketCyber Agent.

First, a few notes about the deployment script:

  1. The console generates a PowerShell script per customer that automatically includes the information required to deploy the agent, specifically the license key and the url.
  2. The script first checks to see if the agent is already installed before performing an install.
  3. If the script does not detect an installed agent, it will download the agent installer package to the local machine and execute it.

Retrieve the Appropriate Powershell Script

To begin, logon to the RocketCyber console, from the left hand navigation menu click on All Customers.

Next, click Deploy for the appropriate customer.

Click the Select & Copy button to For the CLI Command script.

Locate The NETLOGON Share

Logon to the Domain Controller that you wish to utilize for deployment.

From a cmd.exe prompt run as administrator type:

net share

You will see output similar to below

In the list of shares displayed locate the share named NETLOGON

In this example the directory location is C:\Windows\SYSVOL\sysvol\\SCRIPTS

You will use this directory path in the Scheduled Task Steps for configuring the Start Directory

Create a Scheduled Task

Open the Group Policy Management App on the server.

  1. Click on the Magnifying glass in the task bar
  2. Type Group Poli
  3. Click on the Group Policy Management app

  1. Right Click on your domain in the navigation tree
  2. Click on Create a GPO in this domain and Link it here.

  1. In the New GPO dialog, enter a name for the Group Policy Object

  1. Right Click on the New GPO and click Edit

The Group Policy Management Editor will open

  1. In the left hand tree navigate to Computer Configuration->Preferences->Control Panel Settings->Scheduled Tasks

  1. In the Scheduled Tasks View, Right Click then click New->Scheduled Task

  1. Complete the fields in the New Task Properties Dialog

Action: Create

Name: RocketAgent Deploy

Run: C:\Windows\System32\cmd.exe

Arguments: /C <CLI Script Copied Above>

Note very important to add the /C before the CLI Script otherwise the task will likely not execute properly

Start In: NETLOGON Share Path identified in Locate NETLOGON Share steps

  1. Click on Schedule Tab and set the following properties.

Scheduled Task: Run Once

Start Time: Some time in the future

Run On: Select the appropriate date to execute

  1. Click the OK button to save the scheduled task
  2. To Apply this Scheduled Task to all systems in the domain from a cmd.exe prompt as administrator run:

When the task executes on the desired domain joined computers, the RocketAgent should appear in the RocketCyber Console under the appropriate customer account.

How did we do?

Powered by HelpDocs

Powered by HelpDocs