MFATimeOut = 0 ' good values are from 0-1440 minutes, 0 means no grace period, 240 = 4 hours
' Change the following value to set an MFA grace period ' Uncomment the following line to make Evo Credential Provider the sole credential provider on the system. ' Enter the Access Token provided by Evo Security ' Enter your Secret/API key provided by Evo Security if using Elevated Login or Secure + ElevatedLogin 10 = Elevated Login, 90 = Secure Login, 100 = Secure + ElevatedLogin Can be a domain user: "your.ADdomain \username" OR a local user "WORKGROUP \username or just a user "username" ' Enter your Environment URL provided by Evo Security MSIfile = " \ \ \ShareName$ \Evo \EvoCredentialProviderSetup.msi" ' Enter the full UNC path to the network share The values provided are examples only!ĭim MSIobj, MSIfile, EvoDirectory, EnvUrl, FailSafeUser, CredMode, ApiKey, SoleProvider, MFATimeOut, DebugParams ' Declare Variables - Change these for your environment. ' silently install EvoCredentialProviderSetup.msi The script variables MUST be modified for your environment. Then, copy and paste the script below into Notepad++ and modify the variables to suit your environment.
Open a text editor like Notepad or Notepad++. Copy the EvoCredentialProviderSetup.msi file to the Evo folder in the network share. Set permissions for Domain Computers to Read & execute, List folder contents, and Read. On the Select Users, Computers, Service Accounts, or Groups dialog box, type in Domain Computers and click OK. On the Object Types page, select Computers and then click OK. On the Select Users, Computers, Service Accounts, or Groups dialog box, click on Object Types…. 
Once again, on the Permissions for Shares page, click on Add. Set permissions for Domain Users to Read & execute, List folder contents, and Read. On the Select Users, Computers, Service Accounts, or Groups dialog box, type in Domain Users and click OK. On the Permissions for Shares page, click on Add. On the Share Properties page, click on the Security tab and click on Edit. Right-click the Evo folder and select Properties. Create a folder named Evo in the network share. Append a $ at end of the Share name to hide it. Note: A hidden share can also be used. Verify your network share folder has the proper network share permissions for the Everyone group. Locate the shared network folder or create one. Log on as domain administrator to the file server where the network share resides. Network Share accessible by all users and workstations with read-only permissions set. EvoCredentialProviderSetup.msi downloaded to network share. The script can be used to deploy the installation at user logon or remotely using any RMM tool such as PDQDeploy, SCCM, etc. 
This step-by-step document will describe how to deploy the provided EvoCredentialProviderSetup.msi via a VBScript.
0 kommentar(er)
