Description
Installing the SentinelOne Windows Agents with Intune
Requirements
- Access to Intune
- Access to Guardz
The Process
If you are wanting to download manually, please see the following KB: Guardz SentinelOne Installation - Windows
To install the Windows Agent with Intune:
A: Create an Intune Win32 package
- Get the Site or Group Token
- Create an Intune Win32 package
- Upload and deploy the Intune Win32 Package
- MSI installer
msiexec /i "<AgentPackage>" SITE_TOKEN="<sitetoken>" /q
- Parameters:
- AgentPackage is the full package name.
- Example:
msiexec /i "SentinelInstaller_windows_64bit_v21_7_5_1080.msi"
- SITE_TOKEN=״<sitetoken>״ is the site token.
- /q Silent installation (no UI, no user interaction, no reboot).
- /NORESTART Optional. Prevent automatic reboot.
- Example:
msiexec /i "<AgentPackage>" SITE_TOKEN="<sitetoken>" /q /NORESTART
- Parameters:
SentinelOneInstaller
Parameters
SentinelOneInstaller.exe
is the full package name.Example
SentinelOneInstaller_windows_64bit_v22_2_1_200.exe
t site_Token or -t group_Token is the site token or group token.
-b, --reboot_on_need
Optional: Automatically reboot the endpoint when required to continue with the installation.
/q Silent installation (no UI, no user interaction, no reboot).
- MSI installer
Create a new folder with the latest package and the
install.cmd
file.Open the IntuneWinAppUtill.exe application. (Requires admin permissions)
Enter the file path to the folder created in step 4, and click Enter.
Please specify the source folder: E:\Intune\EAEnter the path to the install.cmd file created in step 3, and click enter.
Please specify the setup file: E:\Intune\EA\Install.cmdEnter the path to the output folder, and click enter.
Please specify the output folder: E:\Intune\Done\S1_agent\EAWhen prompted Do you want to specify catalog folder (Y/N)?, enter N and click enter.
Do you want to specify catalog folder (Y/N)?nOpen the output folder and make sure the install.intunewin file is created.
B: Uploading the Intune Win32 Package
Objective: Upload and deploy the Intune Win32 Package
Open a Web browser, and log in to https://endpoint.microsoft.com/.
In Apps, click Windows.
Click + Add to add the Intune Win32 package.
In the Select app type window, select Windows app (Win32).
In App information tab, click Select app package file.
In App package file, select the install.intunewin file created, and click Open.
Click OK.
In App information tab, update the application details. Click Next.
- Name: SentinelOne Agent
- Description:SentinelOne Agent version AgentVersion
- Publisher: SentinelOne
- Optional - App Version: AgentVersion
In the Program tab, enter the install and uninstall command, and set the install behavior. Click Next.
- Install Command: install.cmd
- Uninstall Command: install.cmd
- Note: As the Agent cannot be uninstalled without the passphrase or approval from the Management Console, the uninstall command must be the same as the install command.
- Install behavior: System
In the Requirements tab, select the Operating system architecture and Minimum operating system. Click Next
- Operating system architecture: Select the system architecture 32 bit or 64 bit.
- Minimum operating system: Select the minimum operating system version that can install the Agent.
In the Detection rules tab, select the Rules format, and click Manually configure detection rules.
Click + Add to create an new detection rule.
In the Detection Rule sidebar, create a new detection rule. Click OK.
- Rule Type: File
- Path: C:\Program Files\
- File or folder: SentinelOne
- Detection method: File or folder exists
- Associated with a 32 bit a or 64 bit clients: No
Click Next.
In Assignments, add the required Active Directory groups to receive the Agent and click Select.
In Review + create, click Create.
The Agent is installed the next time the selected endpoints connect with Intune.