Comprehensive guide for Windows MDE Single-Run RMM Script Deployment utilizing the previously created detection/remediation combo script and a preferred RMM tool for bulk deployment to desired Windows machines.
Required Windows Versions: Windows 10 1803+, Windows 11 (All)
Deploying MDE Single-Run Script through RMM
- This deployment example will be leveraging Ninja RMM tool, while the RMM tool can vary the process should remain relatively the same.
- From the console of your desired RMM tool, we will want to access the portal that will allow the creation of scripts, here we will want to create the Scheduled Script that will verify if the agent is already present on the device and if not execute the onboarding script supplied by the organizations Microsoft Defender portal.
- Within Ninja RMM, you can either copy and paste the code into the console or leverage drag and drop functionality to upload the necessary code for script execution. We will be leveraging traditional copy and paste methodology for our example.
- Leveraging the previously created MDEOnboarding.cmd script from the MDE Single-Run Script steps, we will want to open the file directly from a preferred text editor.
- Once opened, we will want to copy all the contents of the file and then paste the contents from the text editor window into the RMM console.
- Once the script has been successfully ported over, provide a Name and Description that is relevant to the detection/remediation of the MDE agent. We will want to specify that this is a Batch file (*.bat,*.cmd,*.nt), the OS is Windows, the Architecture can be either 32-bit or 64-bit, and we want to leverage administrative privileges so specify Run As System. Once the script and additional configuration items have been configured, select Save to confirm the script creation.
- After the script have been generated, we will want to access the area of the RMM tool that allows task scheduling for devices.
- Provide a Name and Description that is relevant to the detection/remediation of the MDE agent. We will want to specify that this policy enforcement will be on Windows devices, and we will want to make sure that this policy is active once creation is completed, select Create to confirm the policy creation.
- After the creation we will need to specify what this policy is trying to achieve during execution. For this example, we will be utilizing a scheduled task. Verify that the proper sections are selected to achieve this functionality within your designated RMM tool.
- We will want to select the MDE Onboarding script we created earlier as the script that will be leveraged for task scheduling. Provide a Name and Description that is relevant to the detection/remediation of the MDE agent. Schedule the task to run at your desired timeframe. You can also specify if you want individuals to receive notifications if your RMM tool allows it. Select Add, to continue to policy finalization.
- If done correctly the task should be listed within the section, select Save to finalize the creation of the scheduled task policy for the MDE Schedules Script RMM Deployment.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.