Title
#general
szippy

szippy

02/05/2019, 4:58 PM
or am I better off making a powershell script? I have to deploy on about 5-10 machines to start, all at different times, where domaining them isn't an option, so I can't just use GPO to push it out with environmental variables/custom reg keys
srozb

srozb

02/05/2019, 5:59 PM
I think
enroll_secret
is a cli flag not an config option. I'm not sure if you can provide it in the configuration. I ended up with powershell script and SCCM deployment.
defensivedepth

defensivedepth

02/05/2019, 6:10 PM
@szippy This should give some guidance on bundling the files you need , including the enroll secret file. https://defensivedepth.com/2018/04/25/bundling-custom-configs-with-osquery-msi/
6:12 PM
You would specify the enroll secret flag in the flag file, and then use the -extras option to point to the enroll_secret.
6:13 PM
That should generate a MSI that will install all the needed files
szippy

szippy

02/05/2019, 7:01 PM
Thank you guys! I got the file enrolled with the -extras flag, but hadn't realized I needed to use the flag file. Thanks! I also realized that launcher has a windows version, so I think I have a windows launcher binary that works (I'm testing now)
srozb

srozb

02/06/2019, 8:36 AM
btw: what osquery version did you compiled? 3.3.2 ? I have no luck compiling it on win10 machine.
szippy

szippy

02/06/2019, 4:56 PM
I had to use 3.3.1, and I HAD to git pull osquery in a folder on the desktop for some silly reason.