Environment
- Carbon Black Cloud (formerly Cb Defense) Sensor: 3.3.x.x and Higher
- Microsoft Windows: All Supported Versions
Objective
Enable authentication for the RepCLI utility during unattended sensor install
Resolution
- Add the following value to the msiexec command line string
- Replace SID with the actual SID of an AD group or user.
- Warning: Authenticated users will be able to run any repcli command on the device, please ensure SID only applies to a specific user or group trusted to execute repcli commands
- Note: Only one SID can be specified
-
CLI_USERS=<DesiredSID>
- Complete install with the above value as part of the msiexec command line string.
Additional Notes
- The CLI_USERS option will only be honored at the time of sensor install (this option will not be honored during Sensor upgrade)
- RepCLI authentication/authorization is not tied to any OS-side permissions, the SID could be that of a normal user with no admin permissions and they would still be able to use RepCLI functions requiring authentication
- If an AD group SID is specified, users can be added/removed as needed to allow/deny RepCLI Authentication
- A specific user account for RepCLI use can also be designated
- The user or group SID will be authenticated as a RepCLI user
Related Content