Datto RMM provides several tools that allow you to leverage the power of automation in managing a large number of endpoints and with the help of components, you can push the HEIMDAL Agent on any of the endpoints in your organization. Datto RMM contains powerful functionality that allows users to create and share components (bundles of code, data, and even applications) that can be executed across multiple devices. Components are categorized as application installers, scripts, and device monitors, for this scenario, we will focus on deploying the HEIMDAL Agent through a PowerShell script. A typical component contains a script written in one of several available languages, and may also contain a program to install or an executable to run. This functionality guarantees that administrators have complete control over the technology they supervise. When creating or editing a component, scripts can be entered in the Script section. In order to deploy the HEIMDAL Agent through Datto RMM, you need to follow the next steps.
1. Prepare the PowerShell script that will install the HEIMDAL Agent
2. Creating a component
PREPARE THE POWERSHELL SCRIPT THAT WILL INSTALL THE HEIMDAL AGENT
The HEIMDAL Agent can be installed easily by downloading the latest HEIMDAL Agent version from the HEIMDAL servers and by mentioning the license key as an install argument.
1. Use the script below and insert your HEIMDAL license key in the HeimdalLicensekey variable.
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
$url = "https://prodcdn.heimdalsecurity.com/setup/HeimdalLatestVersion.msi"
$folder = "C:\Windows\Temp"
$filePath = "C:\Windows\Temp\HeimdalLatestVersion.msi"
$HeimdalLicenseKey = ""
Invoke-WebRequest -Uri $url -OutFile $filePath
msiexec /qn /i "C:\Windows\Temp\HeimdalLatestVersion.msi" HEIMDALKEY=$HeimdalLicenseKey
Exit 0
2. If you want the script to check if the HEIMDAL Agent is already installed, you can use the following script. The script checks for existing HEIMDAL services and processes, and if they are not found, it downloads and installs the latest PRODUCTION version of the HEIMDAL Agent. Also, make sure you insert your HEIMDAL license key in the HeimdalLicensekey variable:
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
# Check for the Heimdal Thor Agent
$HeimdalService = $True
$HeimdalProcess = $True
# Check to see if the Heimdal ClientHost service exists
$HeimdalClientHost_service = get-service | Where-Object {$_.Name -match "Heimdal Client Host"} | select Name
if ($HeimdalClientHost_service -ne $null) {
Write-Output "The Heimdal Client Host service is running";
Exit 0
} else {
$HeimdalService = $FALSE
}
# Check to see if Heimdal.ClientHost.exe process is running
$HeimdalClientHost_process = get-process | Where-Object {$_.ProcessName -match "Heimdal.ClientHost"} | select Name
if ($HeimdalClientHost_process -ne $null) {
Write-Output "The Heimdal.ClientHost.exe process is running";
Exit 0
} else {
$HeimdalProcess = $FALSE
}
# If the Heimdal Thor Agent is not installed, install it.
If (($HeimdalService -eq $FALSE) -and ($HeimdalProcess -eq $FALSE)) {
Write-Host "The Heimdal Thor Agent is not installed and needs to be installed"
$url = "https://prodcdn.heimdalsecurity.com/setup/HeimdalLatestVersion.msi"
$folder = "C:\Windows\Temp"
$filePath = "C:\Windows\Temp\HeimdalLatestVersion.msi"
$HeimdalLicenseKey = ""
Invoke-WebRequest -Uri $url -OutFile $filePath
msiexec /qn /i "C:\Windows\Temp\HeimdalLatestVersion.msi" HEIMDALKEY=$HeimdalLicenseKey | Write-Host -NoNewline "The Heimdal Thor Agent is being installed"
Exit 0
}
CREATING A COMPONENT
1. In the Datto RMM portal, create a component: Automation -> Components -> Create Component.
2. Enter a name for the component, click the plus icon to choose an icon to represent the component (48 pixels wide by 48 pixels high, PNG/JPG/GIF file format), enter a description, and select a level:
- Basic (1);
- Low (2);
- Medium (3);
- High (4):
- Super (5).
The component level you select will determine which users can access the component. A user will only be able to see components that are available to them based on their component level. Refer to Component Level in Users. EXAMPLE: for example, a user whose component level is set to Super (5) will be able to view all components in the Component Library; while a user whose component level is set to Medium (3) will only be able to view components with a component level of Medium (3), Low (2), or Basic (1). When editing a component's component level, a user can only select a component level that is available to them based on their component level in their user settings.
3. Select Scripts for the component category and PowerShell from the dropdown menu.
4. Copy and paste the script above and select Fit Content to view the entire script on the page or Collapse to fit the script into a smaller, scrollable window to save space.
- Timeout this script if not completed within (seconds): Allows you to set the maximum amount of time, in seconds, after which the script will time out;
- Requires Component Credentials: Only available for the categories Applications and Scripts. If installing this component requires a username and password that is unique for each site, enabling this setting will allow Datto RMM to use cached component credentials.
5. The script can be deployed to All Sites or to Select Sites, while the Variables, Files, and Post-Conditions fields can remain untouched.
6. Click Create Component to save the component.