Enabling Authentication for RepCLI Utility During Sensor Install
search cancel

Enabling Authentication for RepCLI Utility During Sensor Install

book

Article ID: 291750

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR

Issue/Introduction

Enable authentication for the RepCLI utility during unattended sensor install

Environment

  • Carbon Black Cloud (formerly Cb Defense) Sensor: 3.3.x.x and Higher
  • Microsoft Windows: All Supported Versions

Resolution

  1. Add the following value to the msiexec command line string
  2. Replace SID with the actual SID of an AD group or user.
    • Warning: Authenticated users will be able to run any repcli command on the device, please ensure SID only applies to a specific user or group trusted to execute repcli commands
    • Note: Only one SID can be specified
    • CLI_USERS=<DesiredSID>
  3. Complete install with the above value as part of the msiexec command line string.

Additional Information

  • The CLI_USERS option will only be honored at the time of sensor install (this option will not be honored during Sensor upgrade)
  • RepCLI authentication/authorization is not tied to any OS-side permissions, the SID could be that of a normal user with no admin permissions and they would still be able to use RepCLI functions requiring authentication
  • If an AD group SID is specified, users can be added/removed as needed to allow/deny RepCLI Authentication
  • A specific user account for RepCLI use can also be designated
  • The user or group SID will be authenticated as a RepCLI user
Powered by Wolken Software