On a recent engagement in my day job, I had a challenge to deploy Solus3 agent to Microsoft Entra joined devices. These devices were enrolled via Windows Autopilot and no longer domain joined. The existing deployment deployed the Solus3 agent via a targeted AD OU, which deploys the agent via the deployment server. This of course, isn’t possible with Entra joined devices.

To get this to work, its a wrap within a wrap. Keeping it as close the production or what your using or how you might already deploy the app as close the the existing deploymemt but with a few tweaks. Anyways for now, here are the steps to deploy the agent via Microsoft Intune. After all, it’s why you’re here 🙂

It should be noted that this approach to deployment is NOT supported. Do so at your own risk. You may still need to keep an instance of a supported deployment. This will allow you to replicate the any issue on a supported deployment for escalation.

Preparation

You’ll need to gather the relevant files and create a folder for the install files, called SIMS. In my example, I’ve placed the SIMS folder on the root of the D:\ drive. Copy the following files over to the SIMS folder.

  • SOLUS3AgentInstaller_x86.msi
  • SOLUS3AgentInstaller_x64.msi
  • Solus3.Keys.DeploymentService.Public.xml

First installer File

Create a .bat file named Solus3AgentInstaller.bat with the following commands. 

cscript.exe //nologo AgentInstaller.js "agent_installer.log" "net.tcp://localhost:52966" "net.tcp://Your-SIMS-Server:52965" "Solus3.Keys.DeploymentService.Public.xml" "SOLUS3AgentInstaller_x86.msi" "SOLUS3AgentInstaller_x64.msi"

Update the “net.tcp://Your-SIMS-Server:52965” with your server location and save the .bat file in your newly created SIMS folder.

Second installer File

Create a a .js file name AgentInstaller.js file with the following commands.

var wshShell, wshSysEnv;
var fso, f1, typeLib;

fso = new ActiveXObject("Scripting.FileSystemObject");
typeLib = new ActiveXObject("Scriptlet.TypeLib");

wshShell = WScript.CreateObject("WScript.Shell");
var logFileName = WScript.Arguments(0);
var agentAddress = WScript.Arguments(1);
var dsAddress = WScript.Arguments(2);
var keyFileName = WScript.Arguments(3);
var msi32 = WScript.Arguments(4);
var msi64 = WScript.Arguments(5);
var msi = "";
if (is64())
	msi = msi64;
else
	msi = msi32;

	wshShell.Run("msiexec.exe /qb /lv* \"" + fso.BuildPath(wshShell.Environment("SYSTEM")("TEMP"), logFileName) +
              "\" /i \"" + wshShell.CurrentDirectory + "\\" + msi +
              "\" AGENTSERVICEADDRESS=\"" + agentAddress +
              "\" AGENTID=\"" + typeLib.Guid.toString().substring(0, 38) +
              "\" DEPLOYMENTSERVERADDRESS=\"" + dsAddress +
              "\" RSAKEYPATH=\"" + wshShell.CurrentDirectory +
              //"\" PREDEFINEDAGENTTARGETS=\"Sims Fms Discover" +
              "\"", 0, true);

function is64() {

	var shell = WScript.CreateObject("WScript.Shell");
	return (wshShell.Environment("SYSTEM")("PROCESSOR_ARCHITECTURE").indexOf("64") + 1);
}

Save the AgentInstaller.js file in your newly created SIMS folder. Your folder should then look something like this.

Wrapping Time

I’ll assume you already know how to wrap packages via Microsoft Win32 Content Prep Tool. Packing the content should look something like this…

Upload Time

The install / uninstall command should be

Install Command: Solus3AgentInstaller.bat
Uninstall Command: msiexec.exe /qn /x {PRODUCT-CODE} /lv* “%TEMP%\uninstall.log”
Install behavior: System

It should look like this…

For the detection, we’ll use a file installed as part of the installer

Rule Type: File
Path: C:\Program Files\SOLUS3\AgentService
File or Folder: Infrastructure.dll
Detection Method: File or folder exists
Associated with a 32-bit app on 64-bit clients: No

It should look like this…

Deployment Time

Assign your newly created and updated app to users or devices as you desire.

Success?

You should now have the app installed.

Next Steps

Now that you have the Agent installed. You’ll need to login to the Solus3 server and deploy the Sims package to the device from the deployment server.

While this will deploy the Solus3 agent to devices, what this doesn’t take care of is ongoing updates. You’ll need to package any updates to the Solus3 agent. It’s beyond the scope of this article.

For now and until the next post, I wish you well….