Deploy ConnectWise Automate (Formerly LabTech) Agent Remotely and Quietly with PowerShell

Deploy ConnectWise Automate (Formerly LabTech) Agent Remotely and Quietly with PowerShell

There are many different ways to deploy an RMM agent to monitor end-user machines and servers. A popular option is Group Policy, also some RMM tools have the ability to do a subnet scan, but I wanted to try and do it with PowerShell while also ensuring I do not have any false positives. I wanted PowerShell to do the following tasks:

  1. Check if a machine is online
  2. Check if WinRM is available and configured correctly
  3. Check if LabTech was already installed
  4. Copy install file locally
  5. Install program
  6. Check if program installed
  7. Keep note of the installed machine

Below is a basic tree overview of the runtime flow.

The script would also log the data so I can let it run without monitoring it. It would also run in a loop, therefore if a machine was not on at a specific time, the script would end up coming back and checking if it was online at a later date. I needed to add this to account for remote users and users coming and going at different times.

The shell will also display its current status. Below is a screenshot of the script parsing machines in Active Directory.

Features

PSJobs

You can split the script into different PowerShell jobs. This is beneficial for larger organizations as you can run multiple PSJobs in parallel, therefore installing the agent on multiple machines at one given time. You can split the computer array up giving each PSJob a different set of machines to hit.

Continuous Loop

The script will loop until the number of machines installed is equal to the total number of machines it was originally given. In 99% of cases, this will never hit 100% and that is by design. I usually let this run over the course of a week (depending on the size of the environment). By letting it run for a long period of time against a number of machines, I can make sure I am hitting users that may be on vacation, sick, out of the office at the initial run, etc. If you just were to run it once, you will only be able to hit the machines that are there and turned on at that specific time. In most cases, this is not feasible. The script will also not try to install on a machine if it’s already installed so we don’t need to worry about issues arising from double installs.

Test Connection

To check if a machine is available on the network, PowerShell will test WinRM by using the Test-WSMan cmdlet. The Test-WSMan cmdlet submits an identification request that determines whether the WinRM service is running on a local or remote computer. PowerShell uses WinRM to invoke commands on a remote machine, establish a remote PSSession, and copy files over.

Check Installation

To prevent double installs or attempts to install the program when its already present, the script will parse the registry of the remote machine to see if LabTech is already present.

Silent Install

The labtech install MSI allows for the quiet switch. By using /q the install will be completely silent to the end user.

Logging

The script will log every step of the way for each machine. Lets you check which machines the agent is already installed on, which machines it couldn’t install on, and more.

Deployment

The LabTech MSI installation file that will be deployed to all my enterprise machines is stored at, “C:\transfer\LabTech_Install.msi” which is stored in the variable, “$FiletoTransfer”. You can change the MSI file name but I recommend keeping everything as C:\Transfer. The script will take the MSI in our local C:\Transfer and move it to the target machine at C:\Transfer as well.

Next, my outputted log file will be located at “C:\Automation\”, and stored in the variable, “$LogFile”.

In the script we can see it create our transfer file on the target machine:

Below is the script block that will copy the local LabTech MSI file to our newly created C:\Transfer directory on the target machine:

To specify certain target machines you can either filter through Active Directory, import names from a file (txt, csv, etc.) or manually input them. The names are stored in an array named, “$Computers”. In my example I am grabbing all machine names from a certain Active Directory OU:

Source

As always, I have the source files hosted in GitHub which I recommend going to first, but you can also download the source code below.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: