In order to deploy a batch script using the Infinity Management module, we recommend you take a closer look at the following steps.
1. Archiving the PowerShell script
2. Adding the SFX file to Infinity Management
3. Enabling the installation in the Group Policy
Archiving the PowerShell script
If you have a PowerShell script that you want to deploy via Infinity Management, you need to use WinRar in order to create an SFX archive. Below are the steps that you need to take to make a successful deployment package.
1. Right-click on the PS1 file and select add to the archive.
2. Make sure that you check the Create SFX archive tick-box.
3. Under the Advanced tab, click the SFX options button.
4. Under the SFX options, you must first select the path where you want the PS1 file to be extracted.
5. Under Setup, you must add the following command line:
Powershell.exe -executionpolicy bypass -file C:\temp\Start.ps1
6. Under the Modes menu you can choose to hide the interface. (this is recommended).
Adding the SFX file to Infinity Management
After you finished completing all the steps above you can then create the SFX archive. The resulting file will be a .exe file that can be afterward encrypted with the HEIMDAL Encryption tool and then you can create a patch in Infinity Management with this file to deploy it in your organization.
1. Encrypt the .exe file with the HEIMDAL Encryption tool.
2. Upload the encrypted file to the Infinity Management private storage.
3. Create the application in Infinity Management.
- Specify the name of the application;
- Specify the Architecture;
- Specify the custom expression (the specified custom expression does not matter since this is not a program that will not appear in Control Panel - Programs and Features. In our case, we use new as a Custom Expression).
4. Configure the patch.
- Select the encrypted patch from the dropdown menu;
- Specify the version number (since this is not an application, the version number can be random);
- Specify /S as silent installation argument;
- Select the Operating Systems where you want to deploy the batch script and press Save Patch.
If you want to deploy the configured batch script to a Windows Server endpoint, you must know that the Windows versions are built on the same OS platforms as the Windows PC versions and are the equivalent of the following:
- Windows Server 2008 R2 (32-bit) - Win7 x86;
- Windows Server 2008 R2 (64-bit) - Win7 x64;
- Windows Server 2012 (32-bit) - Win8 x86;
- Windows Server 2012 (64-bit) - Win8 x64;
- Windows Server 2012 R2 (32-bit) - Win81 x86;
- Windows Server 2012 R2 (64-bit) - Win81 x64;
- Windows Server 2016 (32-bit) - Win10 x86;
- Windows Server 2016 (64-bit) - Win10 x64;
- Windows Server 2019 (32-bit) - Win10 x86;
- Windows Server 2019 (64-bit) - Win10 x64;
- Windows Server 2022 - Win10 x64.
Enabling the installation in the Group Policy
Once the PowerShell script is set up for deployment, you can install it by enabling it for automatic or manual installation in the Endpoint Settings -> Your Group Policy.
IMPORTANT
You must tick the first box so that the HEIMDAL Agent pushes the PowerShell script to the endpoints assigned to the specified Group Policy.