Packaging and deploying crashplan

EmDee
New Contributor III

Morning all, I'm working on pushing out Crashplan to my machines, I've been through the 'Deploying Crashplan with JAMFpro' several times, and from what I can tell, the editing in the user info.sh script to pass the logon details to the app, just seems to grab MY username at the time of saving the script, so every machine I push the policy out to has 'emmdee' as a username, instead to the actual logged in user

I'm referring to the below - I simply uncomment the line pertaining to the user value in the user info script found in the custom installer, and then paste the below contained in step 5

1. Download the Code42 CrashPlan App Installer customization resources from your Code42 CrashPlan server by navigating to: https://YourServerAddress:4285/download/Code42CrashPlan_Custom.zip 2. On an administrator computer, extract the Code42CrashPlan_Custom.zip file. 3. Open the userInfo.sh file in the Code42CrashPlan_Custom directory with a text editor. 4. To hide the installation from users, locate the startDesktop element and modify the value so that it looks like this: 5. To pass the username to the Code42 CrashPlan server during installation, locate the user element and modify the value. Use the following command to select the user logged in last, before the deployment: You can find more information on this in the userInfo.sh file or online in the Preparing The Code42 CrashPlan App For Deployment Code42 support article. 6. Save and close the userInfo.sh file. startDesktop=false 5. To pass the username to the Code42 CrashPlan server during installation, locate the user element and modify the value. Use the following command to select the user logged in last, before the deployment: user=last | grep console | grep still | awk '{print $1}' | head -1 You can find more information on this in the userInfo.sh file or online in the Preparing The Code42 CrashPlan App For Deployment Code42 support article. 6. Save and close the userInfo.sh file.

Has anyone else experienced this?

2 ACCEPTED SOLUTIONS

a_stonham
Contributor II

Here is the script we use.
Create package in composer that deployes the vanliia ProE pkg to "/private/tmp/Install Code42 CrashPlan.pkg"

Then add the script below as a post install.

Make sure you set:
address=mybackup-dns.myserver.com:4282
secondaryAddress=111.222.333.444:4282
registrationKey=AAAA-BBBB-CCCC-DDDD

#!/bin/sh
## postinstall
CPINSTALLPKG="/private/tmp/Install Code42 CrashPlan.pkg" 
CPCUSTOMFOLDER="/Library/Application Support/CrashPlan/.Custom"

userName=$(/usr/bin/stat -f%Su /dev/console)
userUID=$( dscl . -read /Users/${userName}  UniqueID | cut -d ' ' -f 2 ) 
if [ "$userName" == "root" ]; then
    echo "ERROR: No User logged in.";
    exit 1;
fi

if [ "$userUID" -lt "1000" ]; then
    echo "ERROR: User is not an AD user";
    exit 1;
fi

if [ -e "$CPINSTALLPKG" ]; then 
    echo "Found $CPINSTALLPKG"; 
else
    echo "ERROR: $CPINSTALLPKG not found"
    exit 1
fi

mkdir -p "$CPCUSTOMFOLDER"

## Create userInfo.sh
cat <<"EOF" > "${CPCUSTOMFOLDER}/userInfo.sh"
#!/bin/sh

#
# Optional script by which you can control the user installation.
#
# Variables to set:
#   startDesktop: set to false if you don't want the desktop to start up immediately after installation 
#      CP_USER_HOME: Allows the app to start scanning the user's home folder immediately after installation
#      user:         Used to properly set file permissions
#      userGroup:    Also used for file permissions
#      CP_USER_NAME: This will become the unique ID for the user in the PROe Server database.
#                    Leave CP_USER_NAME blank to require the user to enter it.
#                    If set this value, you'll want to set the username="" attribute of <authority ... /> tag in default.service.xml to username="${username}"
#

#
# Set to false if you don't want the desktop UI to start up.
#
startDesktop=false

#
# When installing from the root account (for example) you will need to populate
# some or all of these variables differently than is done below. 
# Note: whoami *always* returns "root" for this package so we had to get creative to find the installing user.
# Also: You will want to populate CP_USER_NAME with the right email address unless you don't want your users or admins receiving reports and alerts. 
# 
#user=`basename $CP_USER_HOME`
#user=$(last -t console -1 | awk '{print $1}')
user=$(/usr/bin/stat -f%Su /dev/console)

userGroup=`id -gn "$user"`
CP_USER_HOME=`eval echo "~$user"`
CP_USER_NAME="$user"

#dsclEmail=`dscl /Search read /Users/$user mail`
#CP_USER_NAME=${dsclEmail##*mail: }

# 
# Users have suggested alternate ways of finding the user name and email address.
# The following examples may work better for your situation.
# 
#user=`last -1 | awk '{print $1}'`

# This assumes the username is the last part of the home folder name
#user=`basename "$CP_USER_HOME"`

# This parses the user from the computer hostname
# Because the APL naming convention uses the name of the owner in the computer name we will use this
# to derive the primary user name. So the primary user does not have to be logged in for this to work.
#computerName=`scutil --get ComputerName`
#user=${computerName%%-*}

# This finds the email address from AD or LDAP
#dsclEmail=`dscl /Search read /Users/$user mail`
#CP_USER_NAME=${dsclEmail##*mail: }

# Run As User
#
#touch "${TMPDIR}/.cpRunAsUser"
EOF

## Create userInfo.sh
cat <<"EOF" > "${CPCUSTOMFOLDER}/custom.properties"
###################################################################################################
##
## custom.properties
## Edit these properties to customize and/or simplify the user's experience.
## http://www.code42.com/r/support/custom.sh-3.6.1.4
##
###################################################################################################
## Authority properties
## Skip the register/login screens by providing address, registrationKey, username, and password.
##
## Authority Parameters
## ${username}
##     determined from the CP_USER_NAME command-line argument, the CP_USER_NAME environment variable,
##     or "user.name" Java system property from the user interface once it launches.
## ${computername} - system computer name
## ${generated}    - random 8 characters, typically used for password
## ${uniqueId}     - a globally unique id, a large number
## ${deferred}
##     for LDAP and Auto register only! This allows them to register without password
##     and requires user to login to CPD the first time.

## the primary address and port to the authority that manages the accounts and issues licenses
## Example:  internalhost:4282
address=mybackup-dns.myserver.com:4282

## the secondary address and port to the authority that manages the accounts and issues licenses.
## Note: This is an advanced setting. Use only if you are familiar with its use and results.
## Example:  externalhost:4282
secondaryAddress=111.222.333.444:4282

## Do not prompt or allow user to change the address (true or false)
hideAddress=false

## Lock server address setting so that user cannot change server address (true or false)
lockedAddress=true

## The organization registration key, when specified the field is hidden in the register/login screen
## Example: AAAA-BBBB-CCCC-DDDD
registrationKey=AAAA-BBBB-CCCC-DDDD

## The username to use when authorizing the computer.
## Accepts any authority parameters listed above.
username=${username}

## The password used when authorizing the computer.
## Accepts any authority parameters listed above.
password=${deferred}


##################################################################################################
## Proxy properties
## Enable the use of a proxy server when devices running the CrashPlan app must use a proxy server
## to connect to a Code 42 enterprise server instance that is external to the LAN.
## The proxy server must be accessible to all devices running the CrashPlan app.
proxy.enable=false

## The URL for the proxy server
proxy.pacUrl=test


##################################################################################################
## Sigle Sign-on properties

## SsoAuth will not be available unless this is true. Default is false.
ssoAuth.enabled=false

## Login via sso is enforced, the login with sso button is hidden. SSO must be enabled. Default is false.
ssoAuth.required=false

###################################################################################################
## END
###################################################################################################
EOF

installer -pkg "$CPINSTALLPKG" -target /

RETURN=$?

exit $RETURN

View solution in original post

EmDee
New Contributor III

Thankyou, that script is amazing!

I've got it working for me, but only when I move the pkg manually...I'm unsure how to 'place' the pkg in the tmp directory via a policy

How did you do this? For me, using Composer to monitor file system changes and moving the pkg to the appropriate place doesn't seem to do it....

View solution in original post

11 REPLIES 11

a_stonham
Contributor II

Here is the script we use.
Create package in composer that deployes the vanliia ProE pkg to "/private/tmp/Install Code42 CrashPlan.pkg"

Then add the script below as a post install.

Make sure you set:
address=mybackup-dns.myserver.com:4282
secondaryAddress=111.222.333.444:4282
registrationKey=AAAA-BBBB-CCCC-DDDD

#!/bin/sh
## postinstall
CPINSTALLPKG="/private/tmp/Install Code42 CrashPlan.pkg" 
CPCUSTOMFOLDER="/Library/Application Support/CrashPlan/.Custom"

userName=$(/usr/bin/stat -f%Su /dev/console)
userUID=$( dscl . -read /Users/${userName}  UniqueID | cut -d ' ' -f 2 ) 
if [ "$userName" == "root" ]; then
    echo "ERROR: No User logged in.";
    exit 1;
fi

if [ "$userUID" -lt "1000" ]; then
    echo "ERROR: User is not an AD user";
    exit 1;
fi

if [ -e "$CPINSTALLPKG" ]; then 
    echo "Found $CPINSTALLPKG"; 
else
    echo "ERROR: $CPINSTALLPKG not found"
    exit 1
fi

mkdir -p "$CPCUSTOMFOLDER"

## Create userInfo.sh
cat <<"EOF" > "${CPCUSTOMFOLDER}/userInfo.sh"
#!/bin/sh

#
# Optional script by which you can control the user installation.
#
# Variables to set:
#   startDesktop: set to false if you don't want the desktop to start up immediately after installation 
#      CP_USER_HOME: Allows the app to start scanning the user's home folder immediately after installation
#      user:         Used to properly set file permissions
#      userGroup:    Also used for file permissions
#      CP_USER_NAME: This will become the unique ID for the user in the PROe Server database.
#                    Leave CP_USER_NAME blank to require the user to enter it.
#                    If set this value, you'll want to set the username="" attribute of <authority ... /> tag in default.service.xml to username="${username}"
#

#
# Set to false if you don't want the desktop UI to start up.
#
startDesktop=false

#
# When installing from the root account (for example) you will need to populate
# some or all of these variables differently than is done below. 
# Note: whoami *always* returns "root" for this package so we had to get creative to find the installing user.
# Also: You will want to populate CP_USER_NAME with the right email address unless you don't want your users or admins receiving reports and alerts. 
# 
#user=`basename $CP_USER_HOME`
#user=$(last -t console -1 | awk '{print $1}')
user=$(/usr/bin/stat -f%Su /dev/console)

userGroup=`id -gn "$user"`
CP_USER_HOME=`eval echo "~$user"`
CP_USER_NAME="$user"

#dsclEmail=`dscl /Search read /Users/$user mail`
#CP_USER_NAME=${dsclEmail##*mail: }

# 
# Users have suggested alternate ways of finding the user name and email address.
# The following examples may work better for your situation.
# 
#user=`last -1 | awk '{print $1}'`

# This assumes the username is the last part of the home folder name
#user=`basename "$CP_USER_HOME"`

# This parses the user from the computer hostname
# Because the APL naming convention uses the name of the owner in the computer name we will use this
# to derive the primary user name. So the primary user does not have to be logged in for this to work.
#computerName=`scutil --get ComputerName`
#user=${computerName%%-*}

# This finds the email address from AD or LDAP
#dsclEmail=`dscl /Search read /Users/$user mail`
#CP_USER_NAME=${dsclEmail##*mail: }

# Run As User
#
#touch "${TMPDIR}/.cpRunAsUser"
EOF

## Create userInfo.sh
cat <<"EOF" > "${CPCUSTOMFOLDER}/custom.properties"
###################################################################################################
##
## custom.properties
## Edit these properties to customize and/or simplify the user's experience.
## http://www.code42.com/r/support/custom.sh-3.6.1.4
##
###################################################################################################
## Authority properties
## Skip the register/login screens by providing address, registrationKey, username, and password.
##
## Authority Parameters
## ${username}
##     determined from the CP_USER_NAME command-line argument, the CP_USER_NAME environment variable,
##     or "user.name" Java system property from the user interface once it launches.
## ${computername} - system computer name
## ${generated}    - random 8 characters, typically used for password
## ${uniqueId}     - a globally unique id, a large number
## ${deferred}
##     for LDAP and Auto register only! This allows them to register without password
##     and requires user to login to CPD the first time.

## the primary address and port to the authority that manages the accounts and issues licenses
## Example:  internalhost:4282
address=mybackup-dns.myserver.com:4282

## the secondary address and port to the authority that manages the accounts and issues licenses.
## Note: This is an advanced setting. Use only if you are familiar with its use and results.
## Example:  externalhost:4282
secondaryAddress=111.222.333.444:4282

## Do not prompt or allow user to change the address (true or false)
hideAddress=false

## Lock server address setting so that user cannot change server address (true or false)
lockedAddress=true

## The organization registration key, when specified the field is hidden in the register/login screen
## Example: AAAA-BBBB-CCCC-DDDD
registrationKey=AAAA-BBBB-CCCC-DDDD

## The username to use when authorizing the computer.
## Accepts any authority parameters listed above.
username=${username}

## The password used when authorizing the computer.
## Accepts any authority parameters listed above.
password=${deferred}


##################################################################################################
## Proxy properties
## Enable the use of a proxy server when devices running the CrashPlan app must use a proxy server
## to connect to a Code 42 enterprise server instance that is external to the LAN.
## The proxy server must be accessible to all devices running the CrashPlan app.
proxy.enable=false

## The URL for the proxy server
proxy.pacUrl=test


##################################################################################################
## Sigle Sign-on properties

## SsoAuth will not be available unless this is true. Default is false.
ssoAuth.enabled=false

## Login via sso is enforced, the login with sso button is hidden. SSO must be enabled. Default is false.
ssoAuth.required=false

###################################################################################################
## END
###################################################################################################
EOF

installer -pkg "$CPINSTALLPKG" -target /

RETURN=$?

exit $RETURN

EmDee
New Contributor III

Thankyou, that script is amazing!

I've got it working for me, but only when I move the pkg manually...I'm unsure how to 'place' the pkg in the tmp directory via a policy

How did you do this? For me, using Composer to monitor file system changes and moving the pkg to the appropriate place doesn't seem to do it....

EmDee
New Contributor III

^The above was simple enough to get around, I just dragged the relevant folders into the 'source' pane of composer..one thing is still bugging me though

Whenever CrashPlan opens up, it's always MY username in the username field....have you come across this?

a_stonham
Contributor II

@EmDee

Yep thats the way to do it.

No i have not come across the issue where it is always the same name in the username and password field.

Those values are set by the script.

Check what the results of this run as root are
/usr/bin/stat -f%Su /dev/console

spreston
New Contributor III

What version was this for? I'm trying to package 6.5.1 using their new tools/wizard and am not clear on what has changed.

MandyDroid
New Contributor II

I am trying to figure out 6.5.2 this does not seem to be for the 6.5 versions.

gachowski
Valued Contributor II

@MandyDroid

I think with 6.5 they changed how to set up the custom config files. I stuck with the older version until I find time to read and test the new config files process...

Sorry

C

spreston
New Contributor III

@MandyDroid and @gachowski

I just went through this process in my environment since we needed to get 6.5.2 out the door. Here's what I did with the assistance of Code42 support, hopefully it'll help:

  1. In the Code42 console, set up a Deployment Policy under Client Management --> Deployment, and save the deployment.properties file that you can find under the "Installation Properties" section. You will need this file shortly, do not rename it!
  2. Run Composer on a system that has never had CrashPlan installed. (I did this on a VirtualBox VM and this worked just fine.)
  3. Take a Snapshot in Composer.
  4. Create a directory in /Library/Application Support/CrashPlan - you can do this via terminal
    mkdir /Library/Application Support/CrashPlan/
  5. Copy the deploy.properties file (again, you do not want to rename it) to this new directory.
  6. Complete the Snapshot, and review what files may have changed in the Composer build. Ultimately you will only want the file in the directory above to be included. Once that's set, Build a DMG in Composer. Once it's done, you can rename the generated DMG if you choose (especially if you're going to have multiple configs).
  7. Download the latest Code42 installer that you wish to package from the "App Downloads" section of your Code42 console. Open the DMG, and drag the "Install Code42 CrashPlan" PKG to your desktop. I'd then rename it to the version number, maybe something like Code42_CrashPlan_6.5.2.pkg , makes it easier to locate in Jamf Admin later on.
  8. Open Jamf Admin, and upload both the deploy properties dmg file built in step 6, and the app PKG from step 7.
  9. Change the priority of the properties dmg file to a lower number (I usually do 8, since that was in Jamf's original documentation from 2016), and Index both files.
  10. Open the JSS and create a new policy, including both files (the config and the installer), and deploy. (We have it as a Self-Service policy, and this seems to work fairly well for us.)

That should be all you need. When the next version of CrashPlan comes out, presuming you do not make any changes to your Deployment Policy customizations (and the deployment policy token doesn't change), you should be able to clone the existing policy and swap out the Installer PKG with the newer one.

gachowski
Valued Contributor II

@spreston

Thanks you !!! before you had to create/edit the deploy.properties file manually. : ) Great to know it's easier !!!!

C

evan_heringer
New Contributor II

@spreston

Great tips! Just out of curiosity, did you do a silent deploy?

spreston
New Contributor III

@evan.heringer - yes we do, works very well.