Pages

Monday, April 5, 2021

Deploying Carbon Black Cloud via GPO with a transform (MST) file specifying the Company Code and Group Name

I was recently asked about deploying Carbon Black Cloud Sensor via Group Policy as a published MSI file and recall how much difficulty I had with incorporating the settings for the Company Code and Group Name so I decided to dig up my old notes and write this blog post in case anyone else who may be trying to find this information.

Before I begin, those who might be looking for the installation command for the deployment with, say, Workspace ONE can use the following:

installer_vista_win7_win8-64-3.6.0.1979.msi /L*vx log.txt COMPANY_CODE=XXXXXXXXXXXXXX GROUP_NAME=Monitored /qn

**Substitute the COMPANY_CODE value with your organization code and the GROUP_NAME with the name of your group.

Before publishing the Carbon Black Cloud Sensor MSI in Active Directory as GPO, you’ll need to customize the MSI file with the orca.exe tool. Trying to obtain it isn’t straight forward so I’ll outline the process here.

Obtaining orca.exe for creating a Transform file (.MST)

Navigate to the following site where Windows 10 SDK can be downloaded:

Windows 10 SDK
https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk/

Download the ISO file:

image

Mount the ISO, navigate to the following directory:

E:\Installers

… and obtain the following files:

  • a35cd6c9233b6ba3da66eecaa9190436.cab
  • 838060235bcd28bf40ef7532c50ee032.cab
  • fe38b2fd0d440e3c6740b626f51a22fc.cab
  • Orca-x86_en-us.msi

image

Proceed to install Orca by running the MSI file and you should see the application in your start menu.

Creating a Microsoft Installer Transform (.MST) File

With Orca installed, we can proceed to modify the MSI file as demonstrated in the following KB:

To Create a Microsoft Installer Transform (.MST) File

https://docs.vmware.com/en/VMware-Carbon-Black-Cloud/services/cbc-sensor-installation-guide/GUID-F28C735B-EC91-4A56-A041-3C07F9D36DE6.html

Open the MSI file with Orca and click Transform > New Transform:

image

Select the Property table, then click on Tables > New Row:

image

Click Property and enter "COMPANY_CODE" then click Value and enter the company registration code for your organization:

image

Repeat the same process for the GROUP_NAME:

image

You should now see the two parameters added:

image

Proceed to generate the transform file by clicking on Transform > Generate Transform:

image

image

Deploying Carbon Black Cloud via Group Policy

With both the MSI and transform file (MST) created, we can now publish it in a Group Policy:

image

Select Advanced as the deployment method:

image

Navigate to the Modifications tab and select the transform file:

image

Click OK and assign the GPO to the appropriate OUs containing the computer objects.

image

1 comment:

PlainGeorge said...

Hello,
Thank you for your article. I followed your instructions but the GPO fails to run because it needs to run with elevated permissions. How can I run this GPO under a user with such permissions?