Windows DriveStrike Mass Deployment Guide

DriveStrike can be deployed by IT administrators via mass deployment mechanisms (e.g., via Active Directory GPOs, or via a third-party asset management system). This document provides an overview on how to deploy DriveStrike via these mechanisms. If you are deploying on Linux please see our Linux mass deployment guide. For detailed instructions on DriveStrike mass deployment, please logon to your DriveStrike account and go to the Install page – a link to our deployment documentation can be found there.

Step 1: Create a mass deployment token

Since mass deploying DriveStrike has the potential to impact a large number of devices, we require IT administrators to create their own deployment token within DriveStrike. This process is very simple, and can be completed in just a few seconds.

The mass deployment token will not expire, so you can use it to deploy DriveStrike to machines in the future as well. If you ever find that this token has become compromised, please contact DriveStrike Support.

Step 2: Configure your deployment mechanism

You will need to configure your deployment mechanism to run the DriveStrike installer with custom parameters.

Step 3: Test your deployment

To confirm you have the proper mass deployment token, use a test machine (or VM) and run the DriveStrike installer providing the mass deployment parameters. Since the user interface will not be displayed, you can use the Windows Task Manager to monitor the state of the setup.exe process. Once the setup.exe process completes, log into the website, navigate to the Dashboard page, and confirm that you see the expected device owner, with a device that shows up in the “Ready” state.

After you confirm the machine installed correctly, you can uninstall DriveStrike from the machine and delete the device and device owner objects from the DriveStrike Dashboard.

Next, you may wish to push the DriveStrike installer to a test machine (or VM) via your preferred application deployment mechanism, to confirm the software delivery channel.

Step 4: Deploy to production machines

When you deploy to production machines, you can always monitor the status of your deployment through the Dashboard page. Machines to which DriveStrike has been deployed successfully will be visible in the Dashboard and show a status of “Ready.”

Appendix B – Installation Notes

.Net Installation

The DriveStrike installer depends on the .Net runtime version 4.6.2 or later. When the installer is launched, it first queries the .Net runtime versions present on the machine, and then downloads and installs an appropriate .Net version if necessary. Note that this requires that target machines have internet access.

If mass deployment parameters are passed to the DriveStrike installer, the .Net installer is launched in a “quiet” mode that shows no UI.

Silent Installers and the UAC

The /verysilent flag passed to the DriveStrike installer is appropriate for unattended installations, as long as the installer process is launched with appropriate admin privileges. The installer requires elevated permissions, and will query the user for such if it was not launched with elevated privileges.