param ( [string] [parameter(Mandatory = $true)] $Token, [switch] $StandAlone = $false, [switch] $DebugMode = $false ) #region Settings $SharePath='\\share-server\share\MorphisecInstaller.exe' # Protector full installation file path (example \\gpo-ad\share\Morphisec-Powershell\MorphisecInstaller-2.1.11.exe) $Token='morphitoken' # Token provided by Morphisec $ServerAddress='some.morphisec.server.installed.FDQN.or.IP' # Morphisec Server FQDN or IP $ServerPort='443' # Server Port, Default 443 $ShowIcon='True' # If Show System Tray Icon #endregion Settings function TestDotNet { Try { # Test-Path will return true even in case the path is not accessible due to insufficient privileges $result=Test-Path 'HKLM:SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full' -ErrorAction Stop if (!$result) { WriteEvent "TestDotNet: [ERROR] - Something wrong. Minimum dotNet 4.0 is required." 'Error' Exit 1 # custom error code } } Catch { WriteEvent ("TestDotNet: [ERROR] - Something wrong: " + $_.Exception.Message) 'Error' Exit 1 } } function TestKB { Try { if (!(Get-HotFix -Id 'KB3033929')) { WriteEvent "TestKB: [ERROR] - Something wrong. Hotfix KB3033929 is required." 'Error' Exit 1 # custom error code } } Catch { WriteEvent ("TestKB: [ERROR] - Something wrong: " + $_.Exception.Message) 'Error' Exit 1 } } function Install{ Try { if($StandAlone) { # CreateEvent when DebugMode Used if ($DebugMode) { WriteEvent 'Install: StandAlone set to TRUE. Start standalone installation.' } if (Test-Path -Path $SharePath -ErrorAction Stop){ Start-Process -Wait -FilePath $SharePath -ArgumentList "/token:$Token /exenoui /qn INST_MODE=STANDALONE" -ErrorAction Stop -NoNewWindow } else { WriteEvent "Install: [ERROR] - Something wrong. SharePath is not accessible." 'Error' } } else { # CreateEvent when DebugMode Used if ($DebugMode) { WriteEvent 'Install: StandAlone set to FALSE. Start server connected installation.' } if (Test-Path -Path $SharePath -ErrorAction Stop) { Start-Process -Wait -FilePath $SharePath -ArgumentList "/token:$Token /exenoui /qn /norestart SERVER_ADDRESS=$ServerAddress SERVER_PORT=$ServerPort SHOW_ICON=$ShowIcon" -ErrorAction Stop -NoNewWindow } else { WriteEvent "Install: [ERROR] - Something wrong. SharePath is not accessible." 'Error' } } } Catch { WriteEvent ("Install: [ERROR] - Something wrong: " + $_.Exception.Message) 'Error' Exit 1 } } function Check_Versions{ Try { # Checking Version of remote installer if (Test-Path -Path $SharePath -ErrorAction Stop) { $CandidateVersion = (Get-Item $SharePath -ErrorAction Stop).VersionInfo.ProductVersion } else { WriteEvent "Check_Versions: [ERROR] - Something wrong. SharePath is not accessible." 'Error' Exit 1 } # CreateEvent when DebugMode Used if ($DebugMode) { WriteEvent "Check_Versions: CandidateVersion = $CandidateVersion" } # Checking Version of installed agent $key = 'HKLM:SOFTWARE\Morphisec\ServerConfig' if (Test-Path $key -ErrorAction Stop) { $CurrentVersion = (Get-ItemProperty -Path $key -Name product_version_s -ErrorAction Stop).product_version_s } else { $key = 'HKLM:SOFTWARE\Wow6432Node\Morphisec\ServerConfig' if (Test-Path $key -ErrorAction Stop) { $CurrentVersion = (Get-ItemProperty -Path $key -Name product_version_s -ErrorAction Stop).product_version_s } else { if ($DebugMode) { WriteEvent "Check_Versions: failed to detect previous Morphisec Protector installation. Go to Install." 'Warning' } Install Return } } # CreateEvent when DebugMode Used if ($DebugMode) { WriteEvent "Check_Versions: CurrentVersion = $CurrentVersion" } # Comparing versions if ( [System.Version]$CurrentVersion -lt [System.Version]$CandidateVersion ) { # CreateEvent when DebugMode Used if ($DebugMode) { WriteEvent "Check_Versions: CurrentVersion:$CurrentVersion is 'Less then' CandidateVersion:$CandidateVersion. Go to Install." 'Warning' } Install } else { # CreateEvent when DebugMode Used if ($DebugMode) { WriteEvent "Check_Versions: CurrentVersion:$CurrentVersion is 'Greater then or equal' CandidateVersion:$CandidateVersion. Do not Install." 'Warning' } } } Catch { WriteEvent ("Check_Versions: [ERROR] - Something wrong: " + $_.Exception.Message) 'Error' Exit 1 } } function WriteEvent { param ( [string] [parameter(Mandatory = $true)] $Event, [string] $EventType = 'Information' ) # Check if Morphisec GPO Installer source already exists. Create if not. $logFileExists = [System.Diagnostics.EventLog]::SourceExists('Morphisec GPO Installer') if (! $logFileExists) { New-EventLog -LogName 'Application' -Source 'Morphisec GPO Installer' } # Write event message $params = @{ LogName = 'Application' Source = 'Morphisec GPO Installer' EntryType = $EventType EventId = 1000 Message = $Event } Write-EventLog @params } if ($DebugMode) { $whoami = whoami $message='MAIN: Starting GPO-Installer script. RunAsUser: ' + $whoami WriteEvent $message 'Warning' } # Check dotNet 4.0 or > is installed. Stop run script if not, and write Event. TestDotNet # Check if TestKB function (validating Hotfix KB3033929) should be entered. if ((Get-CimInstance Win32_operatingsystem).OSArchitecture -eq '64-bit') { if ([System.Environment]::OSVersion.Version -lt [System.Version]"6.2.0.0"){ TestKB } } # end of checks prerequsites Try { if(!(Test-Path -Path $SharePath -ErrorAction Stop)) { WriteEvent "MAIN: VALIDATION ERROR - Something wrong. SharePath is not accessible." 'Error' Exit 1 } } Catch { WriteEvent ("Check_Versions: [ERROR] - Something wrong: " + $_.Exception.Message) 'Error' Exit 1 } # Check_Versions - compares versions and runs the installation if product is not installed or # the currently installed version is less then the version in SharePath. Check_Versions if ($DebugMode) { WriteEvent 'MAIN: End of GPO-Installer script.' 'Warning' }