Huntress: EDR
Product: Ninja RMM
Environment: Windows Server 2008 and newer, Windows Vista and newer
Summary: Automated Huntress agent deployment via Ninja RMM
UPDATE 02/22/2021: Ninja introduced a new variable called $env:NINJA_ORGANIZATION_NAME
that eliminates the need for our API. The new way is just a simple deployment script that needs to be set up in your Ninja RMM instance.
UPDATE 05/26/2020: Huntress has updated the NinjaRMM deployment script. Please update the PowerShell script created in Download, Edit, and Import the Huntress Deployment Script for NinjaRMM.
NinjaRMM provides the ability to create Scheduled Scripts to deploy third-party software. This document provides the instructions to add a Scheduled Script to your Policies to deploy the Huntress Agent to your customer's computers. We are not able to offer comprehensive support for NinjaRMM, please refer to the NinjaRMM documentation for full details regarding the usage of NinjaRMM policies and scheduled scripts.
The Organization Name and Organization key will match the site name from NinjaRMM (the names shown in Dashboard -> Organizations).
NOTE: If you've used the previous version of this script a duplicate organization may be created if there is a name mismatch. To correct this, move the agents from the old organization into the new one matching the site name in NinjaRMM and delete the old organization from your Huntress portal.
- Retrieve Your Huntress Account Key
- Download, Edit, and Import the Huntress Deployment Script for NinjaRMM
- Add a Scheduled Script to Your Policy
- Troubleshooting
Retrieve Your Huntress Account Key
- Login to the Huntress Web Interface.
- Hover over the Huntress options menu in the upper-right corner of the dashboard.
- Select the "Download Agent" option from the menu.
- On the Installer page click the clipboard icon to copy your secret account key to your clipboard.
Download, Edit, and Import Huntress Deployment Script
- Download our PowerShell Deployment Script.
- In your NinjaRMM dashboard, click on "Administration" in the left-hand menu.
- Click on "Library" then "scripting
- Click on "Create New Script" in the upper right-hand area.
- Two basic options here:
Hardcoded key - Paste the entire PowerShell script from step 1 into the left-hand pane. Scroll down to around line 47 and paste your Huntress account secret key over the __ACCOUNT KEY__ text in the script. Scroll down to around line 50 and paste$env:NINJA_ORGANIZATION_NAME
over the __ORGANIZATION KEY__ text in the script.
Environmental key - A better alternative would be to apply a Global Custom Field inside your Ninja instance that contains your Huntress Account key (currently located in Administration > Devices > Global Custom Fields). We would suggest using the name "HuntressInstallKey" for clarity, at which point you could use the following for line 47 instead of hardcoding the key:$AccountKey = (Ninja-Property-Get HuntressInstallKey)
Line 50 would be the same in either case:$OrganizationKey = "
$env:NINJA_ORGANIZATION_NAME
" - Fill out the form on the right-hand pane with a name, description, category, scripting language, operating system, and architecture as shown below. You may set custom values for name, description, and category, but the language must be PowerShell and Architecture must be set to All.
- Click the "save" button in the upper-right corner of the script editor.
Add a Scheduled Script to Your Policy
NOTE: This section is provided as a general guideline. You may wish to add the Huntress script to one or more custom policies in your deployment. We are not able to offer comprehensive support for NinjaRMM, please refer to the NinjaRMM documentation for full details regarding the usage of NinjaRMM policies and scheduled scripts.
- Log in to NinjaRMM.
- Navigate to the policy you want to use to install the Huntress Agent by clicking configuration, policies, and the policy name. Alternatively, you can create a new policy. In this example, we're using the "Windows Workstation" policy.
- Click on the Scheduled Scripts menu in the left and then Add a scheduled Script on the right.
- In the Scheduled Script window choose an appropriate name and description for the script. Set the Schedule and Notification preferences to your preferred settings. Click the "Add Script" button.
- Navigate to the category you set for your script in Step 6 of the previous section and click on the script to import it into the schedule.
- Leave the "Preset Parameter" field blank and leave "Run As" set to "System", and click Apply.
- This will close the parameter window. Now click "Add" to add the script to the schedule.
- Click "Save" in the upper right hand corner. You are now ready to deploy the Huntress Agent via NinjaRMM!
Troubleshooting
From your Ninja dashboard click on Activities, then click on All
Find the Completed action and click on More
The resulting pop up should describe what the issue is. In the example below the organization key was not set in the script parameters (step 5 from "Download, Edit, and Import Huntress Deployment Script" above). Another common issue is incorrect/missing AcctKey (also in script parameters).
If you see a successfully installed message like the example below, and you still don't see the agent in your portal make sure you're searching from your Account-level dashboard, not your Org-level dashboard.
Troubleshooting
If you receive an output like the following:
This usually means there is an issue with WMI on this host. Our script uses WMI to retrieve some system information which is why the script is failing.
You can try restarting WMI and/or the host to see if that fixes it or you can take a look at the Microsoft troubleshooting guide for WMI if that does not work:- https://docs.microsoft.com/en-us/windows/win32/wmisdk/wmi-troubleshooting
If you're still stuck; email your Huntress log files from the affected machine's c:\Windows\temp\ and/or c:\program files\Huntress\ to support@huntress.io
Comments
0 comments
Please sign in to leave a comment.