No conteúdo a seguir, vou mostrar para vocês como fazer a instalação do BitDefender usando a linha de comando, aplicando de forma transparente, sem interação do colaborador.
Cada código será comentado para que vocês possam entender a responsabilidade de cada linha.
Requisitos:
- Ter o JumpCloud instalado
- Ter o equipamento conectado na internet.
Todo script, tem a possibilidade de ser executado em formado isolado, sem a necessidade um sistema para gerenciar isso, ou para uso em outros sistemas como Intune, Ansible, GPO e similares.
Github com os scripts aqui
Windows
Obs.: Alterar o valor do [ ID TOKEN ]
# [FAZ RODAR TODOS OS COMANDOS ABAIXO COMO NIVEL DE ADMINISTRADOR]if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] “Administrator”)) { Start-Process powershell.exe “-NoProfile -ExecutionPolicy Bypass -File `”$PSCommandPath`”” -Verb RunAs; exit} Set-Location C:\ # LINK DE DOWNLOAD PUBLICO DA BIT DEFENDER $urlBDInstaller =”https://download.bitdefender.com/SMB/Hydra/release/bst_win/downloaderWrapper/BEST_downloaderWrapper.msi” # Download de MSI Invoke-webrequest -Uri $urlBDInstaller -OutFile BEST_downloaderWrapper.msi # Inicia a instalacao cmd /c msiexec /package “BEST_downloaderWrapper.msi” /qn GZ_PACKAGE_ID=[ ID TOKEN ] REBOOT_IF_NEEDED=0 |
Linux
Obs.: Alterar o valor da [ URL ], que vem junto com o ID TOKEN
| #!/bin/sh sudo mkdir /tmp/bitdefender cd /tmp/bitdefender sudo wget [ URL ]\Bitdefender_for_Linux.tar sudo tar -xvf /tmp/bitdefender/Bitdefender_for_Linux.tar sudo chmod +x installersudo ./installer |
Mac
Obs.: Alterar o valor de [ URL ] pela url de download
Obrigatório que o arquivo XML esteja na mesma pasta que o App (no caso em /applications)
| !/bin/sh DownloadUrl=”[ URL DE DOWNLOAD ]” regex=’^https.*.dmg$’ if [[ $DownloadUrl =~ $regex ]]; then echo “URL points to direct DMG download” validLink=”True” else echo “Searching headers for download links” urlHead=$(curl -s –head $DownloadUrl) locationSearch=$(echo "$urlHead" | grep https:) if [ -n "$locationSearch" ]; then locationRaw=$(echo "$locationSearch" | cut -d' ' -f2) locationFormatted="$(echo "${locationRaw}" | tr -d '[:space:]')" regex='^https.*' if [[ $locationFormatted =~ $regex ]]; then echo "Download link found" DownloadUrl=$(echo "$locationFormatted") else echo "No https location download link found in headers" exit 1 fi else echo "No location download link found in headers" exit 1 fifi Criar pasta temporaria DATE=$(date ‘+%Y-%m-%d-%H-%M-%S’) TempFolder=”Download-$DATE” mkdir /tmp/$TempFolder Navega ate pasta Local cd /tmp/$TempFolder Download curl -s -O “$DownloadUrl” Captura o nome do arquivo DownloadFile=”$(ls)” echo “Downloaded $DownloadFile to /tmp/$TempFolder” VERIFICA O ARQUIVO DMG regex=’.dmg$’ if [[ $DownloadFile =~ $regex ]]; then DMGFile=”$(echo “$DownloadFile”)” echo “DMG File Found: $DMGFile” else echo “File: $DownloadFile is not a DMG” rm -r /tmp/$TempFolder echo “Deleted /tmp/$TempFolder” exit 1 fi MONTA A DMG MAS SEM APRESENTAR NA TELA DO COLABORADOR hdiutilAttach=$(hdiutil attach /tmp/$TempFolder/$DMGFile -nobrowse) echo “Used hdiutil to mount $DMGFile “ err=$? if [ ${err} -ne 0 ]; then echo “Could not mount $DMGFile Error: ${err}” rm -r /tmp/$TempFolder echo “Deleted /tmp/$TempFolder” exit 1 fi regex=’\/Volumes\/.*’ if [[ $hdiutilAttach =~ $regex ]]; then DMGVolume=”${BASH_REMATCH[@]}” echo “Located DMG Volume: $DMGVolume” else echo “DMG Volume not found” rm -r /tmp/$TempFolder echo “Deleted /tmp/$TempFolder” exit 1 fi IDENTIFICA O PONTO DE MONTAGEM DMGMountPoint=”$(hdiutil info | grep “$DMGVolume” | awk ‘{ print $1 }’)” echo “Located DMG Mount Point: $DMGMountPoint” CAPTURA O APP cd “$DMGVolume” AppName=”$(ls | Grep .app)” cd ~ echo “Located App: $AppName” VERIFICA SE O APP EXISTE NA PASTA APPLICATION ExistingSearch=$(find “/Applications/” -name “$AppName” -depth 1) if [ -n “$ExistingSearch” ]; then echo "$AppName already present in /Applications folder" hdiutil detach $DMGMountPoint echo "Used hdiutil to detach $DMGFile from $DMGMountPoint" rm -r /tmp/$TempFolder echo "Deleted /tmp/$TempFolder" exit 1else echo "$AppName not present in /Applications folder"fi DMGAppPath=$(find “$DMGVolume” -name “.app” -depth 1) XMLAppPath=$(find “$DMGVolume” -name “.xml” -depth 1) COPIA OS ARQUIVOS NECESSARIOS PARA A PASTA /Applications/ PRESERVAR OS ATRIBUTOS cp -pPR “$DMGAppPath” /Applications/ cp -pPR “XMLAppPath” /Applications/ err=$? if [ ${err} -ne 0 ]; then echo “Could not copy $DMGAppPath Error: ${err}” hdiutil detach $DMGMountPoint echo “Used hdiutil to detach $DMGFile from $DMGMountPoint” rm -r /tmp/$TempFolder echo “Deleted /tmp/$TempFolder” exit 1 fi echo “Copied $DMGAppPath to /Applications” DESMONTA O DMG hdiutil detach $DMGMountPoint echo “Used hdiutil to detach $DMGFile from $DMGMountPoint” err=$? if [ ${err} -ne 0 ]; then abort “Could not detach DMG: $DMGMountPoint Error: ${err}” fi REMOVE A PASTA TEMPORARIA rm -r /tmp/$TempFolder echo “Deleted /tmp/$TempFolder” EFETUA A INSTALACAO sudo /usr/sbin/spctl kext-consent add GUNFMW623Y sudo open /Applications/SetupDownloader.app sudo rm -rf /Applications/SetupDownloader.app A CHAVE DE ATIVACAO VEM NESSE XML, ELE PRECISA ESTA NA PLASTA /APPLICATION sudo rm -rf /Applications/installer.xml |
