From 882794ec34cb7dca0899807afe93852b56e6ce35 Mon Sep 17 00:00:00 2001 From: dkattan <1424395+dkattan@users.noreply.github.com> Date: Tue, 28 Nov 2023 21:50:48 +0000 Subject: [PATCH] =?UTF-8?q?Deploying=20to=20gh-pages=20from=20@=20immense/?= =?UTF-8?q?immybot-documentation@7c9268596b55f8019eac48368dafe037badb331d?= =?UTF-8?q?=20=F0=9F=9A=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 404.html | 2 +- FAQ.html | 2 +- README.html | 2 +- assets/getting-started.md.44572acc.js | 61 ------------------- assets/getting-started.md.f6513b7d.js | 61 +++++++++++++++++++ ...js => getting-started.md.f6513b7d.lean.js} | 2 +- azure-graph-permissions-setup.html | 2 +- build-your-own-integration.html | 2 +- connectwise-automate-integration-setup.html | 2 +- connectwise-control-integration-setup.html | 2 +- connectwise-manage-integration-setup.html | 2 +- getting-started.html | 6 +- halo-integration-setup.html | 2 +- hashmap.json | 2 +- immy-commands.html | 2 +- index.html | 2 +- markdown-examples.html | 2 +- ncentral-integration-setup.html | 2 +- onboarding.html | 2 +- releases.html | 2 +- scripts.html | 2 +- 21 files changed, 82 insertions(+), 82 deletions(-) delete mode 100644 assets/getting-started.md.44572acc.js create mode 100644 assets/getting-started.md.f6513b7d.js rename assets/{getting-started.md.44572acc.lean.js => getting-started.md.f6513b7d.lean.js} (86%) diff --git a/404.html b/404.html index 94662f66..f6eba618 100644 --- a/404.html +++ b/404.html @@ -15,7 +15,7 @@
immy.bot

Appearance

404

PAGE NOT FOUND

But if you don't change your direction, and if you keep looking, you may end up where you are heading.
Take me home
- + \ No newline at end of file diff --git a/FAQ.html b/FAQ.html index 140761f9..261bad3e 100644 --- a/FAQ.html +++ b/FAQ.html @@ -51,7 +51,7 @@ $product.IdentifyingNumber msiexec /x $product.IdentifyingNumber /quiet /noreboot

How/are we able to define which version of Windows is installed during the initial setup?

ImmyBot doesn't install Windows on bare metal. The workflow is you unbox the system from Dell, HP, Lenovo, Microsoft, or your manufacturer of choice and insert the USB with the ImmyBot.ppkg file at the root while the machine is at the out of box screen.

We don't image the machine, we script the factory image into compliance.

We can, however, install Feature Updates during Onboarding (as well as after Onboarding)

Since Immy.Bot doesn’t use an ISO, does it require a device to have the ability to have 2 USB devices plugged in? One for a Windows ISO and one for the ImmyBot ppkg?

If you want to wipe the computer you can use the Media Creation Tool to create a Windows Setup flash drive and then put our .ppkg file on it. After installing Windows, it will automatically apply the .ppkg

Does Immy rely on the Windows preboot for drivers during initial deployment, or does the ImmyBot agent installer have drivers?

Since we are working with the manufacturer's image, all drivers are typically installed. We will automatically install Dell, HP, and Lenovo driver and BIOS updates via those manufacturer's tools (Dell Command, HP Image Assistant, Lenovo System Update)

Does Immy’s setup process support a USB NIC for WiFi? If so, how do we present those drivers to Immy, or do we even need to?

I've found Windows has built in drivers for most USB NICs. If yours doesn't have drivers built into Windows, I'd suggest purchasing one that does.

SentinelOne - How do we define which site Immy.Bot places the agent in during installation of the S1 agent?

Supply ImmyBot with an API Key to SentinelOne, and Immy will look for a Site in your SentinelOne instance that matches the name of the Tenant you are onboarding the computer for.

Are there any repository limits for software deployments? Either to the size of custom software or number of custom installers we can upload?

There are currently no limits. Everything you upload goes into an Azure Storage Account created just for your ImmyBot instance. Don't be the reason we can't have nice things.

For computer rename, are there any other operators we can use when naming devices other then the ones shown? Can we add operators?

You can duplicate the Task into your instance an manipulate it however you like. If it's something you think other MSPs could use, I'd encourage you to submit a ticket to support@immy.bot and we can add it.

Employee profile caching during on-boarding - is this supported? If so/how?

ImmyBot will create a profile for the Primary Person you selected for this machine on the Onboarding screen (It does this via the "Create Profile for Primary Person" task)

We do this so subsequent tasks that set user level settings like default PDF handler and default browser, have the profile for the primary person and thus that user's HKCU where those settings live.

For purchasing Immy, do you guys prefer Credit card or invoice? Would you rather us pay monthly, or can we pay all upfront?

We prefer monthly credit card or ACH.

Is Immy able to group devices and then do role based deployments to them? I assume this is done by tags?

Yes, you would accomplish this with tags

BitLocker - does this write the key to Azure AD by chance?

Yes, but we can't verify that it is written to Azure AD as that would require additional privileges that our App Registration doesn't request.

We also write the Bitlocker Recovery Key to Active Directory for Domain Joined machines. This doesn't require any Group Policy setup, or line of site to the domain controller. This works as long as the machine is joined to a domain and there is a domain controller for that domain in ImmyBot.

Is Immy able to reset Windows / Wipe and Reload a computer?

Yes, the current process will be simplified but here's how to do it:

  1. Click Download ImmyAgent on the left to create a PPKG with the Windows Reset option selected

image

image

  1. Create a Deployment for "Apply Provisioning Package (PPKG)" to deploy the PPKG to the specified machine

image

ImmyBot Agent logs show an error of "The specified SAS token is expired"

This will occur if the device's system time is incorrect. Ensure that the system time is correct and then restart the ImmyBot Agent Service.

What are trusted manufacturers?

Dell, HP, and Lenovo are considered trusted manufacturers. A trusted manufacturer is expected to provide unique serial numbers for their devices. We rely on trusted manufactuers and device serial numbers during device identification. If the agent reports it comes from a trusted manufacturer and a computer already exists inside ImmyBot with the same manufacturer and serial number, then we will automatically associated the agent with the existing computer.

Can I embed the ImmyAgent into an image?

Create a PPKG and place it in C:\Recovery\Customizations, create the folder if it doesn't exist.

- + \ No newline at end of file diff --git a/README.html b/README.html index 9aad8051..4a26a9fa 100644 --- a/README.html +++ b/README.html @@ -39,7 +39,7 @@
immy.bot

Appearance

Welcome to ImmyBot Docs Github Repo

Changes made to the main branch here are pushed to https://docs.immy.bot/ automatically.

Feel free to contribute! We may even make you a contributor

To test locally, start by cloning this repo then opening the folder in VS Code.

VS Code will recommend certain extensions when opening it the first time, we recommend you install these.

Then run the following to install the required dependencies

yarn install
yarn install

To host locally, run

yarn docs:dev
yarn docs:dev
- + \ No newline at end of file diff --git a/assets/getting-started.md.44572acc.js b/assets/getting-started.md.44572acc.js deleted file mode 100644 index a9e558db..00000000 --- a/assets/getting-started.md.44572acc.js +++ /dev/null @@ -1,61 +0,0 @@ -import{_ as c,C as p,o as n,c as d,b as o,w as t,a0 as i,k as e,a,Q as l,H as r}from"./chunks/framework.392dd896.js";const u="/assets/2021-03-15-08-26-56.2fb0251e.png",h="/assets/2021-03-15-08-27-10.f06a1b7d.png",m="/assets/2021-03-15-08-27-20.9abc2370.png",g="/assets/2021-03-15-08-27-29.3495b43a.png",f="/assets/2021-03-15-08-29-07.c9d36958.png",y="/assets/2021-03-15-08-29-35.7ba594f8.png",b="/assets/2021-03-15-08-29-41.6717b610.png",A="/assets/2021-03-15-08-30-29.e8f8369b.png",w="/assets/2021-03-15-08-47-28.29c6e137.png",C="/assets/2021-03-15-08-37-50.56c2d07c.png",k="/assets/LoginImg1.d2afdd32.png",q="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMcAAACLCAMAAADiQX3jAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADbUExURTpCSPHy8hIVJvn5+yImKv///y40OCCp2SQoLC40OiDf+SSt3v/0zv/79YWp2hkcKfH//jGRzt3//oGHiYTp/f/x8dvd2/Dp6vHJiyCq77y+w6nd+eDh45FCSInN5dqtLsfR3PzgtSLN9Di45PL/4YEoLMX5/83z/4nN9DpEm6/r/2vI5d+3SMaGLOrJoKmq2qLD383p+LNCSCQorVK+5P//+WCq152iqqgoLHF3fkBPZR4iMiQwfaqxtzN7tjpCuXJfUMGjb5MooseOLLaqlFXW9ZNCm/n15VJCSJfHF6wAAATxSURBVHja7ZyLW6pIGMZBZoRUAgzB1FWxMtPyskVl1unUnl39//+i/Ybxghd2fbwynu+FvDAG8/P93hnQ51FST0MSciAHciAHciAHciBH3DgsYW+xrgTiuOoWLYEwyhEcf1Pq610hENjbXXaXOZ56jlXLUgBx1XSz9DzXmNIVXXci95kanh/FDVle4rgEBCdFmfTzOoOZ62juXK2ZkSA1/RgcZXcFB7PCqZmMI/cEHLkFP6CjthvpR+78OBhjjnCkbdN9TjcZRxXeeqW73NGmC67pOqOpQ51V4X+Gtq7nOOak6aAYy36orVbrWU3bAcETexwmZR2tmdXLrAP9LVzWWd9zHdWGnl/WXYY5bjrYLMgxljmYE6WnYllNN4pQV9SvzvnhUx+2BLbYbs3sQKDqjmrnuFeAOW46ZMZl2V3iYDEv2Wy0gg7T7mLQUzzINjRDfngcoMwCjprMOMZN6mFBwhzWmENpBCkPkg5E7oogp3g/Az/U5sQPnftxxJyHp49Wy6ZTdaYBmfODhYDdBfnQWT6qwbZxPg4/fcir5vMZh9+JGFhrps+Sk677PnuNnav7zDg+DPgLoTrKPBhMIYqpKOzPfV5vR/bBi2kRZDfnu8fmiDxPFI1j7euPDU/i9zb/LV4QStv0Eq8HxeGwjsdh/U5+WOJzWDGmkba1wIoYZY/OYcU/1CsOLR3iMPv5NNRap67WKRErhvkQfUY/xXlQaD8k6QyW4Ga2hNfoZfPG3S5sRaFQKBQKhUKhUKjjyzKVfLc0UXskLgdtF6ffFGb+mGu8Cp5/Zu/jz/HDKX09FwqFj2D9NVrBEYK+/jPGKCMpGdEiEAfzo38xUX8Vx93tPSs/en8FlefFOB/N6RfpK/MBHAzl8yvOfgBHvpFTFL56kRzt+OcjWrO6urv1vVhzvF1c/FyDA9T0Yl5X7aIyUVRdfYIZDW8U83wE86DC1sWcB3PjP5CPOp8jm7Edr+4Kha+3qHEXhUKhUCgUCoVCoX5faach5EAO5EAO5EAO5EAO5EAO5BCf4/3l180pcKSpWTFOgoNWVm7Os7tiXnSO3PXrKXComZ4nCsd713GcHqVDuGuPCJnDy3xnK5zjMUuhyNKZG82S/yKP2Ycd9o4wGYZBIrQWx4/xz38o7KvyV7Lgx016+DoAjsdshXUeVtKgecPK3OyYQzMKH8ZWHNnZ738scrC3HyCK3AitnCfFCilWPQKPyI79SFDF0LbgGMzyMeBP5vwglvlQzIMJTJ5W9h6d7+vv3gPZtR8JShPb+PGf4xVwkEamlx+kPcKOp1nXHTCl7bxq2s79oAltTxzghzZ4v6VBPgLz3nuQclX2tL1wRER9F37AUSwzD0aYPtUfmDus1CpkLxwfL4YkAYu2GQchljxcOZCyXRBjEOx4dkhCyH78gFUpcZSN/Fijb2T6Um3XGGGOAUfRNqwrou24a1twDJYGLlGuPyYcBqUS59CE5ihRKlNaENcPGHDZPDiVoH4YBbmfmOMggnJANUnC+0EGZy6lrvh+EONNCVFQRVAOAOmHOUqi+gEgLyGOD0NUPwDEmXFIRNT5HDgkeYLxYmiaqHXFBq0qx7hIbHreHgM/NPaBSb/qFF4kIwAT9fwqmA8ToMESRpjjLM5KJpNww+4C8S0hzV4Zf47kFCREJB4HB+Gr0By8+6soxOM4+1+OfwEpAm/RE8H59wAAAABJRU5ErkJggg==",S="/assets/LoginImg3.0cee540d.png",P="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAuoAAAA3CAMAAABthp9MAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAAGDUExURfX19SCp2Tqx2/Pz8/Hx8TJ6t/lsa93d3f1CQv///yer2fd5eCOp2flvbjev2vV7ezIyMi6t2TSv2vd1de/v7+rq6mqr4vdxcPhzcvb1y+OrayKj0a3h9TKNy4vH9cv2+SGYwsuNMvf25TKv2vXHi8fHyKtqMuP19jNrqhdylPfhrNDQ0BRkgbGxsR+Ms9XV1RyBpKipqbm5ueLi4osyMosyao+Pj6Chodva24iJjL++wPd8e5WWlpubm//p6P76/Ojn5xtgeuVMTvZ/fLBpbOD//Z91fIrO5uXm5vaytTJ614iGh2wyizep0TIyi7Pt//Pd2WoyMjG07c9XW7F7tt/Nt/WhoTJ644vh+8y0tfPDzv//+Tc/aoODhfpZWfT/9Mdpa5Sy0vpHR/RFRo96vECgxPeEiVqPs81KTi7R9W1ZZXOSqPH//8bn759LVTpqc2huoGoyakvL8HXC3fd0x6BcY/7OqP/HcKvHq/d0s/fX0t/g6PPu8t3f2auNMv3v/a+bmx/vpTsAAAtASURBVHja7Z2LQ9rIFsaDE0WRp/JQo6CIT1DwsYquiosoIJu21j6sVmtFq9ZXb7vbe9uu2/7p95zJa1D04q0IuvMlMZNhkp3O/PhyJglZQWRk5uJ6sBIKUBe4GJl51R5UfTnqHHWOOkedV42jzlHnVeOoc9Q56hx13j8cdY467x+OOked88RR56hz1O9/UxIqjjrn6YGjDpBns38R4S5g56hz1CtXX0JE8UV93VfxLpydo85R/0kRTTeuLwH83O/q6+tfzP9VftY56hz1nwZdVCdG19Q37TLpkiQpBajXJ/clCbdd6eLlLokpSLItdcXly3LUOeq3B7r41bG1tWVbePEiu/7EI16E/lJ90xZ7jSZZlvdW84B6vj4ly5Bht6SLlbsspmDW5lhwLCwUWRy+LOGoc9Rvh3SMtVntbPkU6N0ig7yZ8fkCguU9KanumZySa2RAuGi5YqxrBW0OB7JebGq0cVfnqN8S6e51CjjDuvZnp65Ohz7O+Lypxs6aeqex7/Z+jd1u1Q5uqrleJq1g3YLjyqmOo34TnmpL1j/uWyi65x311wpA3qHQZwF66vNSjWxM8l4tU3YnJ8smzf6tdjt8KajTq6XZtd1uoP6r47J+VRaOOkf9dkzd7cls5etLFFC/Ved7tzl1tL9XI9sBV3D1zn0aqWta3ZdENdYx2UE0VFHPAuwaFgN1x9XiqHPUbwV1MPX4FkU0r82lKrm6vbQE0O9/uPB9WJoXlcDear9eBuqNjisnjjpH/ZZMfSzuu8B3nlmuY3+HfpzXihglt7JuCrupdNSvFkedo35LqJujP/6ngd/U8XcWniDrpqYme1OT3ASSP7afpJvUDW1dFPX1ubmvCzdBvcv7/zdAyOkt/RDBXv89QP1xAyi4W42oYzO3jndUKn7xmMPT29cxfu32hXzj452sRxRNcneTy96NVH88TmxsjEGim3LeTdeSEas3I9XNX74nEgnoqY2NRMgB247G5jKjfvZ7oPAQbVf2BLknqD8BjB9vvKpO1IO9RlMPYtu33RX5gHo8PD20vZrXbPty5FIq7hcK1X11S00umJpc3fJT6jWJt7jtcnXTfFe34erNjc0wN/6R0PW5keY1NpcX9f6/O0iJqAv3CPXatbnqRL2LaV5AndwZ6jSAAdRHZiaWllKp7dWDZIkgG2HNBUc39s+/kGSXrED9dBFR3+hxNX08eWvp7qa5bACjsN6cnVP12dFM80pz9dZf/rPi9LaOOx8FCtJwunRiiNLW0aWsnZgb7HU6lQYmof7Wcb92ZsUiUM6ZRqSxT6AbMJfuMrnSn4H8wRVapr+vylF/+uZZ7Ro0+fPa5cC348Tu4knDXO1L6IUnkBFfbADXrwTqCtghJzY1/sV+cfqxX+Av7TnstfKwDsPSaM/oyOzMxNTU5mYutwkC6FMU+nyxcWoJ3p7XrzvKLirD1WvW4A8KzN3FuLqqdRq/gFq1nJJcvXW8v29w5VEAT4+FaWzAdmhKvxB63Y5nzHX6gWbQof6+0KMA6WKKdgiEIg5t3uVvHccvSH9fsLd/EQOYwRU/7iOs95HqRv3l4qvlk93ateDuciCxC5tzmPec5gcSz2ofB3crgPp7xSJ+BARsdd3Vg8/6sJGx54K95XJ5vNhoDgPrI5OzszOgiYmJXG4qh9rMFXH6/PUuf1FLey6F9o/HwO83+2HfYsN3j1fuppnWy6h/V0hv+Hoz1H9pJ0gwhZRJI5VCm5fyi6D+qx3+yTREDHWort6HnMPMFBUGP/QNHqXaW38P0Fw4IuxM4PvxCU8B2EvVBrrOEzFQV819OfBc3TzEwerak5eYAR9UAPUz7ABBmCO0l/RYnbyh0Qw6DQmV64RJbyHFgfXRoRHAHTWrMw9Gj8Cj1S8t/QnQJ5P5y0Tnrx2fJo8slGoLXoFxdR+Cax8Liq8Xc/U/VNIbBptbboY6rP1KyMGk8cSIwQq1DqB1cAXtnWYqLYqowxcADsEWhUO0+du8IWUL96RnAQh8vMr593U7Earb1TGAOdyAmJFBfY227Nxy5VD3hmjLQTdgExqxOnbJI0SdCGVDndr62Hk03DM9PQoaAo0Ug55GNpsU+lTq9PTgIH9lPMNmJ5f2JRlgX+sjJ+2BxLdPlrWGt3aLRUWd6Kj76MSg3tLcouTdEHXCoh7q0MeahBozgTgFPJsZlqKX9//tZYsKYPRLgcEPbYrXk2AKXR2P8Hacsk4GFXeqStTbKeoA/OHcLhL9Ukf9ozJUrSTqpA3iQnTzAlenhqO4ejlRx+uNGYA9Gg6He1DT05T6C9DP5HToc5u/UZ29fp9aPb1qIItfhYMPtZ2dkuSyUD/BKJx4lVjdQifN1QmgrnDNoq7k+EoNYBhXN9Ljfp1foDXkVxzay6JOFLdmiwqhs/3vwdT7dsGI1f3kTbA3jdtt7cp/o4pdfTkAsQpehFljXR1j9QqjDguMjoDmEOvqdCm7q1PW3fPzmbGx8/N4nBJfyLwK/eyIavTg9JFIhMIemdr8LbKZKrjPZBj69o9YbLizU5ZcyvUXqqhJB93CuDqSjssXLVb/d4uvRcn7mQBGPVXqsfoKjvwJXlVx+g1XJ3hZRSsKH/rR+wnponH6OMY6ourqeAWmP6TvXb23kJ7TcL0h8Rcbq9c+hQHTxquXlUQdGvHRSa/TOQC9JHY56SUuPzbyZtldXf3JnNvjmfcA8BlAfsx8bj4Hm1ew16AfMZx+cgAUGYhEBo4mIpGzP4tde19dmpidHEDUJclyeKyjfm6B6EVdLEys7lP0JWGg7qPw+0p6MIBckWa2iUBKaIsrsuk4VP30uPrGpMK9ejDgDZ1JYXv33clbJ+gP7pB3tweQRyH0wDwgHz+PKlY/yjh9bAAnmJH72e1L49JkKpebmJkcAdSH9yCAuYA6gG6lsFsZV/f5EO53uqsr274SUb9LVSXp/BmYG8BOeUfkkXmdehX6sfMepF5x+p5hUGw4FovtTR4dHa0WDkYPTs9yUxMzs5MjQ2jq4OpWU7pdk5eiblUWw9V9mtR7SJ9teg5/3IujXg67IsrZmv6sWmVehT7sgXg+Q53e3Nk5jBNVbOCAudOUP30PITw4+uTQ0Oj0MMYvskR93OKSLS5Jtko66JLFegl1m6/OZ7PZaMrGUeeo34nH64ENNXoxyoQ3UidOVODtST14OXiPY9VIBAx9dHo6HFY8HZC2wozCFFAuwQqRN1y9zsdONhSuYcPGUb/vPN2XnlJ8XiBx5e0Z1OklTZT1vOLqydPX9KoMDFkB9J5wNH7eiWUsVp10dW2xavAbrn7NxFHnqN8p8WYttAGnl8CTJZwR9hgF/VQ1dAA9FusJh6Pn5owHLd2Ks5U6uZJiVODqOKsrNaUmOeoc9YrV12KipALIgHo/jkSpnyucQ/wejZsz8x6322qS1IImK+5iUnHXsdcO6FPfb6QubKrOx1HnqFesvmlgGODFV3t1Dn9InUWokHMEffjTWMYDoIvutLXgdV5WJkXT2iuPSJZBW1+r6SxHnaNeufqmLYg5fYkdBOsDVDEKOgxEP6Ghi/THpWmLVVLedqfNSpoulrR+hVphvfiL7ESOOke98vUVPZloeJreRVVGouZvGRV05m4YYQe5Wja5cNFHIIVSswrLcdQ56pVCnf6yA++h4kjUTAMXsYw3eDnqHPUK1ZeArZ/jDdRoND6WyaiBi8BR5zw9PNTd8xl8PGxsbN7jEUWxzE/scNQ56pVCndBnIiE+ZwJ0jjrn6QGijr6OKrufc9Q56hWur/JoGP8/3HGeHjzqpf3kgaPOUedNyVHnqPP6ctQ56hx1jjpH/R+EOhfXg1Uh6g1cjMy8ag+pvv8F+STF7qscAzoAAAAASUVORK5CYII=",I="/assets/LoginImg6-1024x100.6ccd59bd.png",v="/assets/LoginImg7.89b175ee.png",D="/assets/2021-03-01-08-42-41.f112850c.png",T="/assets/2021-03-01-08-44-19.fd314a6e.png",x="/assets/2021-03-01-08-51-38.fd381118.png",E="/assets/2021-02-23-08-47-36.73267607.png",B="/assets/2021-02-23-08-46-09.2ba153f5.png",R="/assets/2021-02-23-09-44-51.fc7d2e9a.png",M="/assets/2021-02-23-06-14-05.c6df2604.png",O="/assets/2021-02-23-09-18-04.f3cfeb71.png",N="/assets/2021-02-23-09-15-27.9d3e5275.png",_="/assets/2021-03-01-14-17-29.551c1482.png",U="/assets/2021-02-23-06-18-23.eb252864.png",L="/assets/2021-02-23-06-34-22.e8ca6b95.png",F="/assets/2021-02-23-06-44-25.97ec0970.png",W="/assets/2021-02-23-06-45-47.69b854b1.png",Ae=JSON.parse('{"title":"Getting Started","description":"","frontmatter":{},"headers":[],"relativePath":"getting-started.md","filePath":"getting-started.md"}'),H={name:"getting-started.md"},G=e("h1",{id:"getting-started",tabindex:"-1"},[a("Getting Started "),e("a",{class:"header-anchor",href:"#getting-started","aria-label":'Permalink to "Getting Started"'},"​")],-1),j=e("h2",{id:"preface",tabindex:"-1"},[a("Preface "),e("a",{class:"header-anchor",href:"#preface","aria-label":'Permalink to "Preface"'},"​")],-1),V=e("p",null,"ImmyBot is a desired-state enforcement tool.",-1),Y=e("p",null,"The goal of ImmyBot is to setup a computer knowing only the customer and the end user.",-1),X=e("h3",{id:"thinking-with-immy",tabindex:"-1"},[a("Thinking with Immy "),e("a",{class:"header-anchor",href:"#thinking-with-immy","aria-label":'Permalink to "Thinking with Immy"'},"​")],-1),z=e("p",null,'Thinking with Immy means thinking in terms of how things "Should" be.',-1),J=e("p",null,'You teach Immy how things "should" be by creating Deployments.',-1),Z=e("p",null,'How things "Should" be is often dependent on external factors. For example',-1),K=e("ul",null,[e("li",null,"Customer A should have SentinelOne because they pay for it"),e("li",null,"Person A should have Visio 365 because he has a license for it")],-1),Q=e("p",null,"Luckily, deployments can be conditionally applied based on the result of scripts that reach out to external sources",-1),$=l('

This is out of the box functionality in ImmyBot. I'm just showing you how it works to illustrate the power of the rules engine.

Overview

ImmyBot deploys 2 things:

  1. Software
  2. Tasks

Tasks are for anything that isn’t software, think Bitlocker, Power Options, etc.

ImmyBot tests everything it does before and after it does it.

Example: Adobe Reader

We find that most MSPs install Adobe Reader by default so ImmyBot includes a Recommended Deployment that states

When this rule applies (i.e. it isn't disabled or overridden by a more specific rule) ImmyBot will do the following:

  1. Find the latest available version of Adobe Reader by running the Adobe Reader "dynamic version" script that uses a public API to return the latest full version number of Adobe Reader, as well as the URL to download it, the latest patch version of Adobe Reader, and the URL to download it.
  2. Determine the installed version (if any) by looking for Adobe Reader in Add/Remove Programs on the machine
  3. Queue an Install or Upgrade task (depending on the previous step)
  4. Set Adobe Reader to be the default PDF handler by running the "configuration task" that verifies that Reader is the default handler for .PDF files for each user on the machine.

Create your trial instance

If you don't already have an ImmyBot instance, sign-up for a trial at https://www.immy.bot/pricing

Make sure you use a valid Office 365 Email address otherwise you will not be able to login as we require SSO to Azure AD. You're welcome

You will receive a welcome email, click Setup ImmyBot:

Do something else for 6 minutes. Or 9 minutes if you are in Australia. It takes longer there for some reason.

You’ll receive this email when your instance is ready:

Setup your first Computer

When you first login to ImmyBot the Getting Started Wizard will be prompt you to create your ImmyBot flash drive, and plug it into the new computer.

THIS IS A ONE TIME PROCESS, YOU DO NOT NEED TO CREATE A FLASH DRIVE FOR EACH CLIENT. YOU WILL CHANGE THE CLIENT AFTER THE MACHINE IS IN IMMYBOT

image

We recommend unboxing a physical computer (Dell, HP, or Lenovo) so we can demonstrate applying the latest manufacturer BIOS and driver updates.

If you insist on testing on a virtual machine, do the following to receive the PPKG inside an ISO, then mount it to the VM, and press the Windows Key 5 times when you are at the Region Selection screen. If you are past the region selection screen, simply double click the PPKG from the mounted disk

image

image

Once the computer is identified, you will be directed to that computer to begin the Onboarding process:

image

ImmyBot needs:

  1. Customer
  2. Primary User (That will be using the computer, optional but recommended)

image

You only have one customer and one person right now, and it’s your MSP and you. That’s fine, we’ll pretend we’re setting up a computer for you and your MSP.

TIP

Customers can be imported from your RMM or PSA, or by setting up the Azure integration

TIP

People are imported from your customers' Azure AD via the Azure integration

An "Onboarding" session will be created for this computer, and ImmyBot will apply the "Recommended Deployments"

TIP

You can add your own Deployments and re-run this session as many times as you like until everything is to your liking.

Onboarding

Onboarding is the process of specifying inputs like Customer and Primary user, and running the a Maintenance Session to bring a machine into compliance with the Deployments associated with those inputs.

TIP

You may have customers that setup their own machines and install your RMM agent. To prevent these machines from building up in the New Computers area, you can disable Onboarding for that customer by going to Tenants -> Tenant Name -> Preferences -> Onboarding.

Tenants

These are your Customers. We recommend syncing Tenants from CW Automate or Azure.

User Computer Affinity

ImmyBot periodically runs whoami /upn on all computers and keeps a rolling list of the last 10 UPNs. It assigns the Primary User of the computer to the "Person" (Synced from Azure) with the matching UPN.

For environments without AzureAD, ImmyBot will lookup the UPN of the Person from a Domain Controller in the computer's Tenant

Create Profile for Primary User

This allows Immy to set default browser and pdf editors.

Remember how Microsoft made default PDF handler and default browser user level settings? These settings are stored in the profile of the user. Specifically in the user’s registry. But this is a new computer, and there is no user registry because the user hasn’t logged into the computer, and therefore a profile doesn’t exist for us to specify those settings. Rather than requiring you to ask the user for their password, we fetch their SID from AzureAD. If we find that the user is synced from Active Directory, we will use the SID from Active Directory. If the user is cloud only, we use their Azure AD SID. For the more discerning you may be wondering how we deal with the UserChoice hash, the anti-tamper mechanism preventing the automatic setting of these preferences.

Microsoft 365 Apps

Immy installs the apps the selected user is licensed for. Immy contains recommended deployments for

You may be tempted to disable these because you are afraid Immy will install all of these apps on every computer. These deployments are limited using a “Metascript” filter that reaches out to the Microsoft Graph API to determine whether the selected user has a license for the product in question.

Dell/Lenovo/HP Updates

ImmyBot will install the latest updates from Dell, HP, and Lenovo, including driver updates and BIOS updates.

You may be tempted to disable these Deployments as you don’t want HP updates applying to your Dell. This won’t happen. Each deployment uses a Filter script to ensure that these updates only apply to the appropriate machines

Adobe Reader

You may be tempted to disable this deployment because not all of your customers use Adobe Reader. You should instead leave it enabled and handle exceptions to the rule. See more under “Deployment Resolution”

Set Computer Name and Domain Join

This is one that I’d advise you to turn off, and instead customize for each customer. We leave it as a recommended deployment mostly to raise awareness that ImmyBot has the capability, but fully expect you to override it to suit your needs.

Testing with Windows Sandbox

Windows Sandbox is a fast loading disposable container in Windows that loses all settings when shutdown or restarted. It is very convenient for testing software deployments. It should be noted that not all software is compatible with Windows Sandbox, particular software that installs drivers or requires restarts.

If you haven't used Windows Sandbox before, you can enable it by opening Windows PowerShell as Admin and running the following command:

powershell
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart

Download Windows Sandbox file (.wsb)

Wait for ImmyBot Agent to install

Onboard the Sandbox

This will create an "Onboarding" Session (sessions are like running gpupdate) that will apply all applicable Deployments (deployments are like Group Policies)

Adding Users

Access Request

Have the person attempt to login to ImmyBot. Have them request access:

image

Approve that access from a yellow indicator at the top of the screen.

image

Manual

If you haven't consented to allow Immy to read your AzureAD, you'll need to know the users' Object ID:

Second, Make the Person a user

(Optional) Make that User an Admin.

User Roles

MSP Admin

MSP Non-Admin

Customer (Tenant) Admin

Customer (Tenant) Non-Admin

Terminology

Deployment

Deployments were originally called "Assignments" and are still called Assignments under the hood.

Note: You won't see the word "Assignment" in the user interface anywhere, but we plan to re-rename "Deployment" back to "Assignment" it in a future release.

A deployment is a rule that assigns Software or Tasks (Collectively known as "Maintenance Items") to a Target.

Deployments are conceptually similar to Group Policies in that they assign settings to a group of users or computers.

DO NOT BE AFRAID TO SAVE YOUR DEPLOYMENTS. THEY DO NOT APPLY AUTOMATICALLY.

If you DO want your Deployments to be applied automatically, you need to create a Schedule.

Deployment Resolution

Also known as

Like Group Policies have a "Winning Policy", ImmyBot must have a "Winning Deployment" for a given Maintenance Item on a computer.

Let's say you have a customer "Contoso" that uses Adobe Acrobat instead of Adobe Reader, and you would like that to be installed instead.

First, create a Deployment that sets the desired state of Adobe Reader to Uninstalled for Contoso

Then, create a Deployment that Installs Adobe Acrobat for their computers

Target

A "Target" is a grouping of computers (or Tenants in the case of "Cloud Tasks")

ImmyBot's ability to resolve Targets to a group of computers is perhaps its most powerful feature.

For example, you can select a Group of users from AzureAD (which includes on-prem synced groups, and Teams) and ImmyBot will automatically resolve that to the list of computers in use by the people in that group.

If you enable PSA integration, a Target could be all computers covered under a certain type of Agreement, or computers covered by an Agreement that includes a certain product.

This is particularly useful for security software, help desk portals, or anything else in your stack that you may only want to be installed for customers that are paying you for it.

Conversely, you could use this feature remove your stack for customers you are offboarding. Simply create an "Offboarding" product in your PSA, and create a deployment for each of the pieces of software you would like removed setting the desired state to Uninstalled for all customers with the "Offboarding" product on their agreement. Note: ImmyBot even honors the date range on additions, making scheduled offboarding easier if say the customer wants your software removed on the last day of the month.

Maintenance Session

A Maintenance Session is conceptually similar to running gpupdate /force

In other systems, different types of maintenance happen on their own schedule. Windows Updates may run on Tuesday night, but Third Party updates may run on Wednesday night, and auto-fix tasks may run whenever an alert is fired for a failed monitor, which has its own polling interval.

By forcing all automation to happen in a sequential set of actions we call a Maintenance Session, we can deliver predictability not only as to what changes will be made, but also when.

This also provides a cohesive mechanism for setting up a new computer. At best in traditional RMMs you can assign Monitors that detect the absence of required software and run Install scripts when they are missing, but this doesn't scale as pre-requisites and exclusions are required.

Imagine if Group Policy could reliably deploy any type of software, and gpupdate /force worked reliably off-net, and when you ran it, it gave you real-time feedback about exactly what it was doing. Also imagine that it could optionally notify the end user before and after with a branded email telling them exactly what is being done, that optionally lets them cancel.

That's a Maintenance Session.

You can view Maintenance Sessions for all computers under Computers->Sessions

Or, you can view Maintenance Sessions for a specific Computer under the Sessions tab for that Computer

Maintenance Session Stages

Detection Stage

During the Detection Stage, ImmyBot "Detects" which Maintenance Actions are necessary to bring the computer into compliance. These Actions are added to the Maintenance Session.

This is a read-only process, and typically done while the user is active. This is so ImmyBot can notify the user of changes that will occur later during the Execution Stage. By doing this during the day, and scheduling Execution for later, we are giving the end user the best possible chance to be aware of the upcoming maintenance, Postponing if you allow. The Postpone feature is very popular among engineers that do may need to leave renderings and analysis tasks running overnight.

Execution Stage

Maintenance Action

',144),ee=l('

A Maintenance Session has one or more Maintenance Actions. A Maintenance Action could be to install software, apply a Windows Update, or run a Task.

The image below depicts a typical Maintenance Session with many Maintenance Actions

Software

Software, in the context of ImmyBot refers to Software objects in My Software or Global Software.

My Software - Initially empty. When you upload your own software to ImmyBot, it goes into My Software

Global Software - Read-Only, managed by the ImmyBot team.

At the bare minimum, Software requires a Detection Method. Software can have many Software Versions.

',8),te=l('

Pre-Requisities

This is a VERY powerful, and critically underrated feature in ImmyBot. ImmyBot resolves dependencies recursively, with built-in circular reference detection.

Common uses for Pre-Requisites include

Install required dependencies

Ordering Maintenance Actions

Detection Method

A Detection Method is required in order to know whether or not a piece of Software is installed on a machine.

For Software, the detection method must returns the version of the software installed on the machine, if any.

For Tasks, the Detection Method is the "test" mechanism, which must return true or false to indicate whether or not the machine is in compliance.

Software Version

',13),ae=e("h3",{id:"task",tabindex:"-1"},[a("Task "),e("a",{class:"header-anchor",href:"#task","aria-label":'Permalink to "Task"'},"​")],-1),ne=e("p",null,"A Task (aka Mainenance Task) is a catch-all for anything that isn't software.",-1),se=e("p",null,"or",-1),oe=l('

Task Modes

Enforce

Runs the "test" script, if the test returns false, runs "set", then runs "test" again to verify.

Audit

Runs the "test" script which should return true or false. It can output whatever it wants, but the last output should be boolean.

Monitor

Runs the "get" script, which can return anything. Useful for collecting data like Bitlocker Keys, Quickbooks Licenses, or any other piece of information you are interested in.

Scripts

From the above diagrams, you can see that scripts are the building blocks for higher level objects like Software and Tasks.

Execution Context

System

Run as a service on the machine

User

Will attempt to run as the logged on user

Metascript

Runs in the ImmyBot backend, and can spawn code on the system by using Invoke-ImmyCommand

Cloud Script

Runs in the ImmyBot backend, but intended to be run against a Tenant (perhaps for the purpose of getting or setting some setting in 365/Azure or some other system with an API). These are used exclusively in Tasks targetting "Tenants".

Schedules

Used to run maintenance periodically on machines. Can optionally be limited to a single Maintenance Item.

NOTE You must also have a Deployment for the Maintenance Item to set the desired state. Imagine a scenario where you need to ensure a single piece of software is up-to-date on all computers except for a CNC machine. Create 2 deployments, the first setting the desired state to Installed->Latest for all computers, then a second stating that the desired state is Ignored for the CNC machine. When you create the schedule, the software will be ignored for the CNC machine.

Integrations

To ImmyBot, an RMM is a system that provides a list of computers, and a mechanism to run PowerShell scripts on them.

To avoid having to deploy the ImmyAgent to existing machines, ImmyBot optionally integrates with RMMs like ConnectWise Automate and ConnectWise Control and uses their agents instead. These systems are not as performant as the ImmyAgent, but can suppliment ImmyBot functionality.

For example, if you add an RMM Link for ConnectWise Control, you can open a remote session to the computer directly within ImmyBot:

If you add an RMM integration for ConnectWise Automate, Scheduled Maintenance Sessions will apply all Approved Windows Updates using the ConnectWise Automate API based on your Approval Policies in Automate Patch Manager.

You can even add multiple RMMs of the same type, which is often useful in merger and acquisition scenarios. You may choose to use ImmyBot as your single pane of glass to manage both, or simply let ImmyBot be a neutral third party for facilitating the consolidation of RMM agents to the parent company's RMM.

Identification

Because the same computer often exists in multiple RMMs (Like how CW Automate typically installs CW Control Automatically), ImmyBot prevents duplicates by identifying the computer by a unique id. We DO NOT use MAC Address! This unique id persists even if you wipe and reload the machine.

When a new machine is detected, it first goes to New Computers->Actively Identifying

It uses the following script to collect the UUID from the machine:

gwmi Win32_ComputerSystemProduct | select -expand UUID
gwmi Win32_ComputerSystemProduct | select -expand UUID

This value is static even if you wipe and reload the machine, although we have VERY rarely seen this value change following a BIOS upgrade or due to a mainboard fault. We chose this value instead of Mac Address or Hard Drive serial number because of issues other systems have with USB Ethernet cables and hard drive replacement. We did not use serialnumber because we learned that many computers do not have serial numbers.

In practice, this value works almost too well. Machines you just wiped and expect to find in New Computers, are often associated to their pre-wiped computer objects. To find them, you often have to search for the serial number of the computer in the Computer List. In 0.40.1 we began using the Windows OfflineInstallationID value to identify when an existing computer has been wiped so we can set its status to "Needs Onboarding" which causes it to show up under New Computers as expected.

If it is a machine ImmyBot has seen before, it will be associated to the existing Computer, and you will find a new entry under the Computer's Agents tab. Under the hood we call these entries "RmmComputers".

Computers can have one or more RmmComputers(Agents). You can think of these as logical "pathways" to the computer. We only need one to be online to function.

Identification Failures

Needs a Manual Decision

Generally you will click "Agent Re-installed"

Often when an RMM Agent gets re-installed, it will get a new id in the RMM (ComputerId in Automate, SessionID in Control). ImmyBot will recognize that it is the same computer, but due to the fact that virtualization technologies and hard drive cloning can lead to the same scenario, we require you to tell us whether we should overwrite the existing RmmComputer, or keep both. 99% of the time you will click "Overwrite Existing". If the machine was in fact cloned, you would click Keep Both, in which case Immy shims the duplicate UUID with its own to prevent collisions.

Pending Computers

Computers in the pending status have yet to be identified.

Computers may get stuck here if we are unable to run our Ephemeral Agent

',47),ie=e("p",null,"Top 3 reasons for Identification Failures",-1),re=e("ol",null,[e("li",null,"SSL Inspection blocking our websocket"),e("li",null,"Security Software blocking PowerShell"),e("li",null,"Incorrect time is preventing SSL/TLS connection")],-1),le=e("p",null,"To understand the various reasons identification can fail, it helps to understand how ImmyBot executions PowerShell",-1),ce=e("ol",null,[e("li",null,"RMM or ImmyAgent runs Immybot.Agent.Ephemeral.exe"),e("li",null,"Immybot.Agent.Ephemeral.exe establishes a secure websocket to wss://subdomain.immy.bot and runs Invoke-PSPipeHost.ps1"),e("li",null,"Immybot.Agent.Ephemeral.exe feeds Invoke-PSPipeHost.ps1 PowerShell over a pipe from the websocket session")],-1),pe=l(`

The most common cause of identification failure is security software.

To know if this is the case, pull the logs from C:\\ProgramData\\ImmyBotAgentService*.log

image

Normal Immybot Agent logs look like this:

2022-06-14 00:02:25.560 -05:00 [DBG] Hosting starting
-2022-06-14 00:02:25.799 -05:00 [INF] Starting Immybot Agent
-2022-06-14 00:02:25.943 -05:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
-2022-06-14 00:02:26.875 -05:00 [DBG] Initializing IoT Hub connection
-2022-06-14 00:02:35.023 -05:00 [INF] Application started. Hosting environment: Production; Content root path: C:\\WINDOWS\\TEMP\\.net\\Immybot.Agent.Service\\lreaszzz.wwx\\
-2022-06-14 00:02:35.024 -05:00 [DBG] Hosting started
-2022-06-14 00:02:40.552 -05:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
-2022-06-14 02:06:32.159 -05:00 [DBG] Process started; ID: 12724
-2022-06-14 02:06:37.358 -05:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763 --BackendAddress wss://immense.immy.bot/ --SessionID c946e1d1-f5fd-d36d-0489-d2a9ad9084e0
-2022-06-14 02:06:38.335 -05:00 [DBG] PID 16184 <----- Indicates successful execution
-2022-06-14 02:06:38.372 -05:00 [DBG] Process exited; Code: 0
2022-06-14 00:02:25.560 -05:00 [DBG] Hosting starting
-2022-06-14 00:02:25.799 -05:00 [INF] Starting Immybot Agent
-2022-06-14 00:02:25.943 -05:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
-2022-06-14 00:02:26.875 -05:00 [DBG] Initializing IoT Hub connection
-2022-06-14 00:02:35.023 -05:00 [INF] Application started. Hosting environment: Production; Content root path: C:\\WINDOWS\\TEMP\\.net\\Immybot.Agent.Service\\lreaszzz.wwx\\
-2022-06-14 00:02:35.024 -05:00 [DBG] Hosting started
-2022-06-14 00:02:40.552 -05:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
-2022-06-14 02:06:32.159 -05:00 [DBG] Process started; ID: 12724
-2022-06-14 02:06:37.358 -05:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763 --BackendAddress wss://immense.immy.bot/ --SessionID c946e1d1-f5fd-d36d-0489-d2a9ad9084e0
-2022-06-14 02:06:38.335 -05:00 [DBG] PID 16184 <----- Indicates successful execution
-2022-06-14 02:06:38.372 -05:00 [DBG] Process exited; Code: 0

Windows Defender will make the logs look like this:

2022-11-17 13:13:36.604 +11:00 [DBG] Hosting starting
-2022-11-17 13:13:36.817 +11:00 [INF] Starting Immybot Agent
-2022-11-17 13:13:36.840 +11:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
-2022-11-17 13:13:37.590 +11:00 [DBG] Initializing IoT Hub connection
-2022-11-17 13:13:37.860 +11:00 [DBG] Hosting started
-2022-11-17 13:13:38.598 +11:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
-2022-11-17 13:13:39.157 +11:00 [WRN] Dirty-Shutdown detected! Dirty-File created at: "2022-11-07T04:11:59.3975026Z" UTC
-2022-11-17 13:13:41.686 +11:00 [DBG] Process started; ID: 5660
-2022-11-17 13:13:44.674 +11:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb --BackendAddress wss://ericom.immy.bot/ --SessionID a92c0ed1-ea3b-7f8a-d9c6-946d9b44ccc5
-2022-11-17 13:13:49.577 +11:00 [DBG] WMI Error 2
2022-11-17 13:13:36.604 +11:00 [DBG] Hosting starting
-2022-11-17 13:13:36.817 +11:00 [INF] Starting Immybot Agent
-2022-11-17 13:13:36.840 +11:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
-2022-11-17 13:13:37.590 +11:00 [DBG] Initializing IoT Hub connection
-2022-11-17 13:13:37.860 +11:00 [DBG] Hosting started
-2022-11-17 13:13:38.598 +11:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
-2022-11-17 13:13:39.157 +11:00 [WRN] Dirty-Shutdown detected! Dirty-File created at: "2022-11-07T04:11:59.3975026Z" UTC
-2022-11-17 13:13:41.686 +11:00 [DBG] Process started; ID: 5660
-2022-11-17 13:13:44.674 +11:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb --BackendAddress wss://ericom.immy.bot/ --SessionID a92c0ed1-ea3b-7f8a-d9c6-946d9b44ccc5
-2022-11-17 13:13:49.577 +11:00 [DBG] WMI Error 2

DNS Filtering/Issues make the logs look like this

2022-09-20 20:39:59.712 +10:00 [INF] RESPONSE: {
-  "Resource": "installer/challenge/request",
-  "Method": "POST",
-  "StatusCode": 0,
-  "ErrorException": {
-    "ClassName": "System.Net.WebException",
-    "Message": "No such host is known. (XXXX.immy.bot:443)"
2022-09-20 20:39:59.712 +10:00 [INF] RESPONSE: {
-  "Resource": "installer/challenge/request",
-  "Method": "POST",
-  "StatusCode": 0,
-  "ErrorException": {
-    "ClassName": "System.Net.WebException",
-    "Message": "No such host is known. (XXXX.immy.bot:443)"

To correct it, you need to exclude DNS filtering for your instances hostnames, which are found under Show more > integrations > Fetch IP Address and Hostnames

If Powershell is failing to start on the endpoint within 60 seconds a timeout will occur.

Here is a suggestion on a cause and possible fix for that one https://www.reddit.com/r/PowerShell/comments/rx68fw/powershell_slow_to_open_long_load_timesfixed

Security Software Exclusions

Ideally you would instruct your security software would support excluding code signed by

CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US
CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US

Exclusions based on code signing certificate are an industry standard feature and should be a standard feature in any best-in-class security software. However, if your security software is unable to exclude based on code signing certificate, create an exclusion for your instance's Script Path.

Your script path can be found under Settings->Preferences->Script Path

image

ThreatLocker

  1. Application Control-> Applications
  2. Create New Application
  3. Put the following value into Certificate and click Add
CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US
CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US
  1. Add your instance’s script pathimage Ultimately it should look like this: image
  2. Create a New Application Policy image

BitDefender

BitDefender will intermittently block script execution unless you disable Aggressive scanning mode or add a your instance's Script Path to your policy's exclusion list.

CrowdStrike

CrowdStrike uses AI to decide what to allow and disallow. Periodically this AI will mark the ImmyBot Agent or ImmyBot Ephemeral Agent as malicious. This usually happens after we update it. Marking it as a false positive in your CrowdStrike portal will train the global AI to not treat it as malicious.

Microsoft Defender for Endpoint

Add a your instance's Script Path to your policy's exclusion list. https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-configure#create-the-profile

Cylance

Cylance blocks our websocket making the ImmybotAgent log look like this:

2022-09-21 12:24:26.562 -04:00 [INF] Process exiting.
-2022-09-21 12:24:40.106 -04:00 [DBG] Closing Websocket...
-2022-09-21 12:24:49.743 -04:00 [INF] Marked ConnectionState as disconnected.
-2022-09-21 12:24:50.171 -04:00 [ERR] Application shutting down (App lifetime token cancelled)
-System.IO.IOException: Cannot access a closed stream.
-at System.Net.Http.HttpConnection.RawConnectionStream.WriteAsync(ReadOnlyMemory\`1 buffer, CancellationToken cancellationToken)
2022-09-21 12:24:26.562 -04:00 [INF] Process exiting.
-2022-09-21 12:24:40.106 -04:00 [DBG] Closing Websocket...
-2022-09-21 12:24:49.743 -04:00 [INF] Marked ConnectionState as disconnected.
-2022-09-21 12:24:50.171 -04:00 [ERR] Application shutting down (App lifetime token cancelled)
-System.IO.IOException: Cannot access a closed stream.
-at System.Net.Http.HttpConnection.RawConnectionStream.WriteAsync(ReadOnlyMemory\`1 buffer, CancellationToken cancellationToken)

To correct it, you need to bypass SSL Inspection for your instances hostnames/IPs, which are found under Show more > integrations > Fetch IP Address and Hostnames

Group Policy Objects

Computer Configuration | Policies | Administrative Templates | Windows Components | Windows PowerShell | Turn on Script Execution (Enabled)

User Configuration | Policies | Administrative Templates | Windows Components | Windows PowerShell | Turn on Script Execution (Enabled)

These GPOs have been known to cause issues with running scripts.

`,37);function de(ue,he,me,ge,fe,ye){const s=p("Mermaid");return n(),d("div",null,[G,j,V,Y,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-12",class:"eita",graph:"graph%20LR%0Asubgraph%20Input%0A%20%20%20%20User%5B%22End%20User%20(Optional)%22%5D%0A%20%20%20%20Customer%5BCustomer%5D%0Aend%0AUser%20--%3E%20Magic%20--%3E%20F%0Asubgraph%20Output%0A%20%20%20%20Customer%20--%3E%20User%0A%20%20%20%20F%5BPerfectly%20Setup%20Computer%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),X,z,J,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-22",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Deployment%22%0A%20%20%20%20Input%5B%22Software%20or%20Task%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState%5B%22Desired%20State%22%5D%20--%3E%7Con%7C%20Group%5B%22One%20or%20More%20Computers%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-23",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Adobe%20Reader%22%0A%20%20%20%20Input1%5B%22Adobe%20Reader%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState1%5B%22Installed%22%5D%20--%3E%7Con%7C%20Group1%5B%22All%20Workstations%20and%20Portable%20Devices%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),Z,K,Q,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-42",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Deployment%20Apply%3F%22%0A%20%20%20%20Input%20--%3E%20Metascript%0A%20%20%20%20Metascript%20--%3E%20True%0A%20%20%20%20Metascript%20--%3E%20False%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-43",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Visio%20Install%3F%22%0A%20%20%20%20EndUser%5B%22Input%3A%20End%20User%22%5D%20--%3E%20Script%5B%22Graph%20API%20Script%3A%20Does%20End%20User%20have%20Visio%20License%3F%22%5D%0A%20%20%20%20Script%20--%3E%20True1%5BTrue%5D%0A%20%20%20%20Script%20--%3E%20False1%5BFalse%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),$,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-724",class:"eita",graph:"flowchart%20TD%0A%20SoftwareInstall%20--%3E%20Detect%7BSoftware%20Installed%3F%7D%0A%20Detect%20--%3E%20%7CNo%7C%20Install%0A%20Detect%20--%3E%20%7CYes%7C%20HasConfigurationTask%7BHas%20Configuration%20Task%3F%7D%0A%20Install%20--%3E%20PostInstallDetect%7BSoftware%20Installed%3F%7D%0A%20PostInstallDetect%20--%3E%20%7CYes%7CHasConfigurationTask%0A%20HasConfigurationTask%20--%3E%20%7CYes%7C%20MaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20RunSetScript(Run%20Set%20Script)%0A%20RunSetScript%20--%3E%20PostMaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20Non-Compliant%0A%20PostInstallDetect%20--%3E%20%7CNo%7C%20Non-Compliant%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ee,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-749",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%5D%20--%3E%20D%5BCustom%20Detection%20Script%5D%0A%20%20%20%20C%20--%3EE%5BDefault%20Uninstall%20Script%5D%0A%20%20%20%20C%20--%3E%20F%5BAuto-Update%20Script%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),te,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-817",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%20Version%5D%20--%3E%20Install%0A%20%20%20%20C%20--%3E%20Uninstall%0A%20%20%20%20C%20--%3E%20Upgrade%0A%20%20%20%20C%20--%3E%20Repair%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ae,ne,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-824",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20Get%0A%20%20%20%20C%20--%3E%20Set%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),se,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-828",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20S%5BCombined%20Script%20with%20%24method%20parameter%20containing%20'get'%2C'set'%2C%20or%20'test'%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),oe,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-968",class:"eita",graph:"graph%20TD%0A%20%20%20%20CheckImmyAgentLogs%5BCheck%20ImmyAgent%20Logs%20in%20C%3A%5CProgramData%5CImmyBot%5CLogs%5D%20--%3E%20DidEphemeralAgentStart%5BImmybot.Agent.Ephemeral.exe%20start%3F%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CYes%7CCheckEphemeralAgentLogs%5BCheck%20Ephemeral%20Agent%20logs%20in%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.log%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CNo%7CBlockedBySecuritySoftware%5BExclude%20Script%20Path%20from%20Security%20Software%5D%0A%20%20%20%20CheckEphemeralAgentLogs%20--%3E%20EphemeralAgentConnect%5BDid%20Ephemeral%20Agent%20Websocket%20Connect%3F%5D%0A%20%20%20%20EphemeralAgentConnect%20--%3E%7CYes%7CDidSuccessfullyIdentifyAfterFix%0A%20%20%20%20EphemeralAgentConnect%20--%3E%20%7CNo%7CTryNoSSLInspect%5BPut%20on%20network%20without%20SSL%20Inspection%5D%0A%20%20%20%20TryNoSSLInspect%20--%3E%20DidSuccessfullyIdentifyAfterFix%5BEphemeral%20Agent%20Connect%20After%20Fix%3F%5D%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CNo%7CEmailSupport%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CYes%7CDone%0A%20%20%20%20EmailSupport%5B%22Email%20logs%20from%20C%3A%5CProgramData%5CImmyBot%5CLogs%20and%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.logs%20to%20support%40immy.bot%22%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ie,re,le,ce,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-1009",class:"eita",graph:"graph%20LR%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CAutomate%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Automate%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CControl%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Control%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CImmyAgent%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20ImmyAgent%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CN-Central%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20N-Central%5D%0A%20%20%20%20Automate%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Control%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20ImmyAgent%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20N-Central%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Immybot.Agent.Ephemeral.exe%20--%3E%20cmd.exe%20--%3E%20powershell.exe%20--%3E%20Invoke-PSPipeHost.ps1%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),pe])}const we=c(H,[["render",de]]);export{Ae as __pageData,we as default}; diff --git a/assets/getting-started.md.f6513b7d.js b/assets/getting-started.md.f6513b7d.js new file mode 100644 index 00000000..8d61b005 --- /dev/null +++ b/assets/getting-started.md.f6513b7d.js @@ -0,0 +1,61 @@ +import{_ as c,C as p,o as n,c as d,b as o,w as t,a0 as i,k as e,a,Q as l,H as r}from"./chunks/framework.392dd896.js";const u="/assets/2021-03-15-08-26-56.2fb0251e.png",h="/assets/2021-03-15-08-27-10.f06a1b7d.png",m="/assets/2021-03-15-08-27-20.9abc2370.png",g="/assets/2021-03-15-08-27-29.3495b43a.png",f="/assets/2021-03-15-08-29-07.c9d36958.png",y="/assets/2021-03-15-08-29-35.7ba594f8.png",b="/assets/2021-03-15-08-29-41.6717b610.png",A="/assets/2021-03-15-08-30-29.e8f8369b.png",w="/assets/2021-03-15-08-47-28.29c6e137.png",C="/assets/2021-03-15-08-37-50.56c2d07c.png",k="/assets/LoginImg1.d2afdd32.png",q="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMcAAACLCAMAAADiQX3jAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADbUExURTpCSPHy8hIVJvn5+yImKv///y40OCCp2SQoLC40OiDf+SSt3v/0zv/79YWp2hkcKfH//jGRzt3//oGHiYTp/f/x8dvd2/Dp6vHJiyCq77y+w6nd+eDh45FCSInN5dqtLsfR3PzgtSLN9Di45PL/4YEoLMX5/83z/4nN9DpEm6/r/2vI5d+3SMaGLOrJoKmq2qLD383p+LNCSCQorVK+5P//+WCq152iqqgoLHF3fkBPZR4iMiQwfaqxtzN7tjpCuXJfUMGjb5MooseOLLaqlFXW9ZNCm/n15VJCSJfHF6wAAATxSURBVHja7ZyLW6pIGMZBZoRUAgzB1FWxMtPyskVl1unUnl39//+i/Ybxghd2fbwynu+FvDAG8/P93hnQ51FST0MSciAHciAHciAHciBH3DgsYW+xrgTiuOoWLYEwyhEcf1Pq610hENjbXXaXOZ56jlXLUgBx1XSz9DzXmNIVXXci95kanh/FDVle4rgEBCdFmfTzOoOZ62juXK2ZkSA1/RgcZXcFB7PCqZmMI/cEHLkFP6CjthvpR+78OBhjjnCkbdN9TjcZRxXeeqW73NGmC67pOqOpQ51V4X+Gtq7nOOak6aAYy36orVbrWU3bAcETexwmZR2tmdXLrAP9LVzWWd9zHdWGnl/WXYY5bjrYLMgxljmYE6WnYllNN4pQV9SvzvnhUx+2BLbYbs3sQKDqjmrnuFeAOW46ZMZl2V3iYDEv2Wy0gg7T7mLQUzzINjRDfngcoMwCjprMOMZN6mFBwhzWmENpBCkPkg5E7oogp3g/Az/U5sQPnftxxJyHp49Wy6ZTdaYBmfODhYDdBfnQWT6qwbZxPg4/fcir5vMZh9+JGFhrps+Sk677PnuNnav7zDg+DPgLoTrKPBhMIYqpKOzPfV5vR/bBi2kRZDfnu8fmiDxPFI1j7euPDU/i9zb/LV4QStv0Eq8HxeGwjsdh/U5+WOJzWDGmkba1wIoYZY/OYcU/1CsOLR3iMPv5NNRap67WKRErhvkQfUY/xXlQaD8k6QyW4Ga2hNfoZfPG3S5sRaFQKBQKhUKhUKjjyzKVfLc0UXskLgdtF6ffFGb+mGu8Cp5/Zu/jz/HDKX09FwqFj2D9NVrBEYK+/jPGKCMpGdEiEAfzo38xUX8Vx93tPSs/en8FlefFOB/N6RfpK/MBHAzl8yvOfgBHvpFTFL56kRzt+OcjWrO6urv1vVhzvF1c/FyDA9T0Yl5X7aIyUVRdfYIZDW8U83wE86DC1sWcB3PjP5CPOp8jm7Edr+4Kha+3qHEXhUKhUCgUCoVCoX5faach5EAO5EAO5EAO5EAO5EAO5BCf4/3l180pcKSpWTFOgoNWVm7Os7tiXnSO3PXrKXComZ4nCsd713GcHqVDuGuPCJnDy3xnK5zjMUuhyNKZG82S/yKP2Ycd9o4wGYZBIrQWx4/xz38o7KvyV7Lgx016+DoAjsdshXUeVtKgecPK3OyYQzMKH8ZWHNnZ738scrC3HyCK3AitnCfFCilWPQKPyI79SFDF0LbgGMzyMeBP5vwglvlQzIMJTJ5W9h6d7+vv3gPZtR8JShPb+PGf4xVwkEamlx+kPcKOp1nXHTCl7bxq2s79oAltTxzghzZ4v6VBPgLz3nuQclX2tL1wRER9F37AUSwzD0aYPtUfmDus1CpkLxwfL4YkAYu2GQchljxcOZCyXRBjEOx4dkhCyH78gFUpcZSN/Fijb2T6Um3XGGGOAUfRNqwrou24a1twDJYGLlGuPyYcBqUS59CE5ihRKlNaENcPGHDZPDiVoH4YBbmfmOMggnJANUnC+0EGZy6lrvh+EONNCVFQRVAOAOmHOUqi+gEgLyGOD0NUPwDEmXFIRNT5HDgkeYLxYmiaqHXFBq0qx7hIbHreHgM/NPaBSb/qFF4kIwAT9fwqmA8ToMESRpjjLM5KJpNww+4C8S0hzV4Zf47kFCREJB4HB+Gr0By8+6soxOM4+1+OfwEpAm/RE8H59wAAAABJRU5ErkJggg==",S="/assets/LoginImg3.0cee540d.png",P="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAuoAAAA3CAMAAABthp9MAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAAGDUExURfX19SCp2Tqx2/Pz8/Hx8TJ6t/lsa93d3f1CQv///yer2fd5eCOp2flvbjev2vV7ezIyMi6t2TSv2vd1de/v7+rq6mqr4vdxcPhzcvb1y+OrayKj0a3h9TKNy4vH9cv2+SGYwsuNMvf25TKv2vXHi8fHyKtqMuP19jNrqhdylPfhrNDQ0BRkgbGxsR+Ms9XV1RyBpKipqbm5ueLi4osyMosyao+Pj6Chodva24iJjL++wPd8e5WWlpubm//p6P76/Ojn5xtgeuVMTvZ/fLBpbOD//Z91fIrO5uXm5vaytTJ614iGh2wyizep0TIyi7Pt//Pd2WoyMjG07c9XW7F7tt/Nt/WhoTJ644vh+8y0tfPDzv//+Tc/aoODhfpZWfT/9Mdpa5Sy0vpHR/RFRo96vECgxPeEiVqPs81KTi7R9W1ZZXOSqPH//8bn759LVTpqc2huoGoyakvL8HXC3fd0x6BcY/7OqP/HcKvHq/d0s/fX0t/g6PPu8t3f2auNMv3v/a+bmx/vpTsAAAtASURBVHja7Z2LQ9rIFsaDE0WRp/JQo6CIT1DwsYquiosoIJu21j6sVmtFq9ZXb7vbe9uu2/7p95zJa1D04q0IuvMlMZNhkp3O/PhyJglZQWRk5uJ6sBIKUBe4GJl51R5UfTnqHHWOOkedV42jzlHnVeOoc9Q56hx13j8cdY467x+OOked88RR56hz1O9/UxIqjjrn6YGjDpBns38R4S5g56hz1CtXX0JE8UV93VfxLpydo85R/0kRTTeuLwH83O/q6+tfzP9VftY56hz1nwZdVCdG19Q37TLpkiQpBajXJ/clCbdd6eLlLokpSLItdcXly3LUOeq3B7r41bG1tWVbePEiu/7EI16E/lJ90xZ7jSZZlvdW84B6vj4ly5Bht6SLlbsspmDW5lhwLCwUWRy+LOGoc9Rvh3SMtVntbPkU6N0ig7yZ8fkCguU9KanumZySa2RAuGi5YqxrBW0OB7JebGq0cVfnqN8S6e51CjjDuvZnp65Ohz7O+Lypxs6aeqex7/Z+jd1u1Q5uqrleJq1g3YLjyqmOo34TnmpL1j/uWyi65x311wpA3qHQZwF66vNSjWxM8l4tU3YnJ8smzf6tdjt8KajTq6XZtd1uoP6r47J+VRaOOkf9dkzd7cls5etLFFC/Ved7tzl1tL9XI9sBV3D1zn0aqWta3ZdENdYx2UE0VFHPAuwaFgN1x9XiqHPUbwV1MPX4FkU0r82lKrm6vbQE0O9/uPB9WJoXlcDear9eBuqNjisnjjpH/ZZMfSzuu8B3nlmuY3+HfpzXihglt7JuCrupdNSvFkedo35LqJujP/6ngd/U8XcWniDrpqYme1OT3ASSP7afpJvUDW1dFPX1ubmvCzdBvcv7/zdAyOkt/RDBXv89QP1xAyi4W42oYzO3jndUKn7xmMPT29cxfu32hXzj452sRxRNcneTy96NVH88TmxsjEGim3LeTdeSEas3I9XNX74nEgnoqY2NRMgB247G5jKjfvZ7oPAQbVf2BLknqD8BjB9vvKpO1IO9RlMPYtu33RX5gHo8PD20vZrXbPty5FIq7hcK1X11S00umJpc3fJT6jWJt7jtcnXTfFe34erNjc0wN/6R0PW5keY1NpcX9f6/O0iJqAv3CPXatbnqRL2LaV5AndwZ6jSAAdRHZiaWllKp7dWDZIkgG2HNBUc39s+/kGSXrED9dBFR3+hxNX08eWvp7qa5bACjsN6cnVP12dFM80pz9dZf/rPi9LaOOx8FCtJwunRiiNLW0aWsnZgb7HU6lQYmof7Wcb92ZsUiUM6ZRqSxT6AbMJfuMrnSn4H8wRVapr+vylF/+uZZ7Ro0+fPa5cC348Tu4knDXO1L6IUnkBFfbADXrwTqCtghJzY1/sV+cfqxX+Av7TnstfKwDsPSaM/oyOzMxNTU5mYutwkC6FMU+nyxcWoJ3p7XrzvKLirD1WvW4A8KzN3FuLqqdRq/gFq1nJJcvXW8v29w5VEAT4+FaWzAdmhKvxB63Y5nzHX6gWbQof6+0KMA6WKKdgiEIg5t3uVvHccvSH9fsLd/EQOYwRU/7iOs95HqRv3l4qvlk93ateDuciCxC5tzmPec5gcSz2ofB3crgPp7xSJ+BARsdd3Vg8/6sJGx54K95XJ5vNhoDgPrI5OzszOgiYmJXG4qh9rMFXH6/PUuf1FLey6F9o/HwO83+2HfYsN3j1fuppnWy6h/V0hv+Hoz1H9pJ0gwhZRJI5VCm5fyi6D+qx3+yTREDHWort6HnMPMFBUGP/QNHqXaW38P0Fw4IuxM4PvxCU8B2EvVBrrOEzFQV819OfBc3TzEwerak5eYAR9UAPUz7ABBmCO0l/RYnbyh0Qw6DQmV64RJbyHFgfXRoRHAHTWrMw9Gj8Cj1S8t/QnQJ5P5y0Tnrx2fJo8slGoLXoFxdR+Cax8Liq8Xc/U/VNIbBptbboY6rP1KyMGk8cSIwQq1DqB1cAXtnWYqLYqowxcADsEWhUO0+du8IWUL96RnAQh8vMr593U7Earb1TGAOdyAmJFBfY227Nxy5VD3hmjLQTdgExqxOnbJI0SdCGVDndr62Hk03DM9PQoaAo0Ug55GNpsU+lTq9PTgIH9lPMNmJ5f2JRlgX+sjJ+2BxLdPlrWGt3aLRUWd6Kj76MSg3tLcouTdEHXCoh7q0MeahBozgTgFPJsZlqKX9//tZYsKYPRLgcEPbYrXk2AKXR2P8Hacsk4GFXeqStTbKeoA/OHcLhL9Ukf9ozJUrSTqpA3iQnTzAlenhqO4ejlRx+uNGYA9Gg6He1DT05T6C9DP5HToc5u/UZ29fp9aPb1qIItfhYMPtZ2dkuSyUD/BKJx4lVjdQifN1QmgrnDNoq7k+EoNYBhXN9Ljfp1foDXkVxzay6JOFLdmiwqhs/3vwdT7dsGI1f3kTbA3jdtt7cp/o4pdfTkAsQpehFljXR1j9QqjDguMjoDmEOvqdCm7q1PW3fPzmbGx8/N4nBJfyLwK/eyIavTg9JFIhMIemdr8LbKZKrjPZBj69o9YbLizU5ZcyvUXqqhJB93CuDqSjssXLVb/d4uvRcn7mQBGPVXqsfoKjvwJXlVx+g1XJ3hZRSsKH/rR+wnponH6OMY6ourqeAWmP6TvXb23kJ7TcL0h8Rcbq9c+hQHTxquXlUQdGvHRSa/TOQC9JHY56SUuPzbyZtldXf3JnNvjmfcA8BlAfsx8bj4Hm1ew16AfMZx+cgAUGYhEBo4mIpGzP4tde19dmpidHEDUJclyeKyjfm6B6EVdLEys7lP0JWGg7qPw+0p6MIBckWa2iUBKaIsrsuk4VP30uPrGpMK9ejDgDZ1JYXv33clbJ+gP7pB3tweQRyH0wDwgHz+PKlY/yjh9bAAnmJH72e1L49JkKpebmJkcAdSH9yCAuYA6gG6lsFsZV/f5EO53uqsr274SUb9LVSXp/BmYG8BOeUfkkXmdehX6sfMepF5x+p5hUGw4FovtTR4dHa0WDkYPTs9yUxMzs5MjQ2jq4OpWU7pdk5eiblUWw9V9mtR7SJ9teg5/3IujXg67IsrZmv6sWmVehT7sgXg+Q53e3Nk5jBNVbOCAudOUP30PITw4+uTQ0Oj0MMYvskR93OKSLS5Jtko66JLFegl1m6/OZ7PZaMrGUeeo34nH64ENNXoxyoQ3UidOVODtST14OXiPY9VIBAx9dHo6HFY8HZC2wozCFFAuwQqRN1y9zsdONhSuYcPGUb/vPN2XnlJ8XiBx5e0Z1OklTZT1vOLqydPX9KoMDFkB9J5wNH7eiWUsVp10dW2xavAbrn7NxFHnqN8p8WYttAGnl8CTJZwR9hgF/VQ1dAA9FusJh6Pn5owHLd2Ks5U6uZJiVODqOKsrNaUmOeoc9YrV12KipALIgHo/jkSpnyucQ/wejZsz8x6322qS1IImK+5iUnHXsdcO6FPfb6QubKrOx1HnqFesvmlgGODFV3t1Dn9InUWokHMEffjTWMYDoIvutLXgdV5WJkXT2iuPSJZBW1+r6SxHnaNeufqmLYg5fYkdBOsDVDEKOgxEP6Ghi/THpWmLVVLedqfNSpoulrR+hVphvfiL7ESOOke98vUVPZloeJreRVVGouZvGRV05m4YYQe5Wja5cNFHIIVSswrLcdQ56pVCnf6yA++h4kjUTAMXsYw3eDnqHPUK1ZeArZ/jDdRoND6WyaiBi8BR5zw9PNTd8xl8PGxsbN7jEUWxzE/scNQ56pVCndBnIiE+ZwJ0jjrn6QGijr6OKrufc9Q56hWur/JoGP8/3HGeHjzqpf3kgaPOUedNyVHnqPP6ctQ56hx1jjpH/R+EOhfXg1Uh6g1cjMy8ag+pvv8F+STF7qscAzoAAAAASUVORK5CYII=",I="/assets/LoginImg6-1024x100.6ccd59bd.png",D="/assets/LoginImg7.89b175ee.png",v="/assets/2021-03-01-08-42-41.f112850c.png",x="/assets/2021-03-01-08-44-19.fd314a6e.png",T="/assets/2021-03-01-08-51-38.fd381118.png",E="/assets/2021-02-23-08-47-36.73267607.png",B="/assets/2021-02-23-08-46-09.2ba153f5.png",R="/assets/2021-02-23-09-44-51.fc7d2e9a.png",_="/assets/2021-02-23-06-14-05.c6df2604.png",M="/assets/2021-02-23-09-18-04.f3cfeb71.png",N="/assets/2021-02-23-09-15-27.9d3e5275.png",O="/assets/2021-03-01-14-17-29.551c1482.png",U="/assets/2021-02-23-06-18-23.eb252864.png",L="/assets/2021-02-23-06-34-22.e8ca6b95.png",F="/assets/2021-02-23-06-44-25.97ec0970.png",W="/assets/2021-02-23-06-45-47.69b854b1.png",Ae=JSON.parse('{"title":"Getting Started","description":"","frontmatter":{},"headers":[],"relativePath":"getting-started.md","filePath":"getting-started.md"}'),H={name:"getting-started.md"},G=e("h1",{id:"getting-started",tabindex:"-1"},[a("Getting Started "),e("a",{class:"header-anchor",href:"#getting-started","aria-label":'Permalink to "Getting Started"'},"​")],-1),j=e("h2",{id:"preface",tabindex:"-1"},[a("Preface "),e("a",{class:"header-anchor",href:"#preface","aria-label":'Permalink to "Preface"'},"​")],-1),V=e("p",null,"ImmyBot is a desired-state enforcement tool.",-1),X=e("p",null,"The goal of ImmyBot is to setup a computer knowing only the customer and the end user.",-1),Y=e("h3",{id:"thinking-with-immy",tabindex:"-1"},[a("Thinking with Immy "),e("a",{class:"header-anchor",href:"#thinking-with-immy","aria-label":'Permalink to "Thinking with Immy"'},"​")],-1),z=e("p",null,'Thinking with Immy means thinking in terms of how things "Should" be.',-1),Z=e("p",null,'You teach Immy how things "should" be by creating Deployments.',-1),J=e("p",null,'How things "Should" be is often dependent on external factors. For example',-1),K=e("ul",null,[e("li",null,"Customer A should have SentinelOne because they pay for it"),e("li",null,"Person A should have Visio 365 because he has a license for it")],-1),Q=e("p",null,"Luckily, deployments can be conditionally applied based on the result of scripts that reach out to external sources",-1),$=l('

This is out of the box functionality in ImmyBot. I'm just showing you how it works to illustrate the power of the rules engine.

Overview

ImmyBot deploys 2 things:

  1. Software
  2. Tasks

Tasks are for anything that isn’t software, think Bitlocker, Power Options, etc.

ImmyBot tests everything it does before and after it does it.

Example: Adobe Reader

We find that most MSPs install Adobe Reader by default so ImmyBot includes a Recommended Deployment that states

When this rule applies (i.e. it isn't disabled or overridden by a more specific rule) ImmyBot will do the following:

  1. Find the latest available version of Adobe Reader by running the Adobe Reader "dynamic version" script that uses a public API to return the latest full version number of Adobe Reader, as well as the URL to download it, the latest patch version of Adobe Reader, and the URL to download it.
  2. Determine the installed version (if any) by looking for Adobe Reader in Add/Remove Programs on the machine
  3. Queue an Install or Upgrade task (depending on the previous step)
  4. Set Adobe Reader to be the default PDF handler by running the "configuration task" that verifies that Reader is the default handler for .PDF files for each user on the machine.

Create your trial instance

If you don't already have an ImmyBot instance, sign-up for a trial at https://www.immy.bot/pricing

Make sure you use a valid Office 365 Email address otherwise you will not be able to login as we require SSO to Azure AD. You're welcome

You will receive a welcome email, click Setup ImmyBot:

Do something else for 6 minutes. Or 9 minutes if you are in Australia. It takes longer there for some reason.

You’ll receive this email when your instance is ready:

Tenants

These are your Customers. We recommend syncing Tenants from CW Automate or Azure.

User Computer Affinity

ImmyBot periodically runs whoami /upn on all computers and keeps a rolling list of the last 10 UPNs. It assigns the Primary User of the computer to the "Person" (Synced from Azure) with the matching UPN.

For environments without AzureAD, ImmyBot will lookup the UPN of the Person from a Domain Controller in the computer's Tenant

Testing with Windows Sandbox

Windows Sandbox is a fast loading disposable container in Windows that loses all settings when shutdown or restarted. It is very convenient for testing software deployments. It should be noted that not all software is compatible with Windows Sandbox, particular software that installs drivers or requires restarts.

If you haven't used Windows Sandbox before, you can enable it by opening Windows PowerShell as Admin and running the following command:

powershell
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart

Download Windows Sandbox file (.wsb)

Wait for ImmyBot Agent to install

Onboard the Sandbox

This will create an "Onboarding" Session (sessions are like running gpupdate) that will apply all applicable Deployments (deployments are like Group Policies)

Adding Users

Access Request

Have the person attempt to login to ImmyBot. Have them request access:

image

Approve that access from a yellow indicator at the top of the screen.

image

Manual

If you haven't consented to allow Immy to read your AzureAD, you'll need to know the users' Object ID:

Second, Make the Person a user

(Optional) Make that User an Admin.

User Roles

MSP Admin

MSP Non-Admin

Customer (Tenant) Admin

Customer (Tenant) Non-Admin

Terminology

Deployment

Deployments were originally called "Assignments" and are still called Assignments under the hood.

Note: You won't see the word "Assignment" in the user interface anywhere, but we plan to re-rename "Deployment" back to "Assignment" it in a future release.

A deployment is a rule that assigns Software or Tasks (Collectively known as "Maintenance Items") to a Target.

Deployments are conceptually similar to Group Policies in that they assign settings to a group of users or computers.

DO NOT BE AFRAID TO SAVE YOUR DEPLOYMENTS. THEY DO NOT APPLY AUTOMATICALLY.

If you DO want your Deployments to be applied automatically, you need to create a Schedule.

Deployment Resolution

Also known as

Like Group Policies have a "Winning Policy", ImmyBot must have a "Winning Deployment" for a given Maintenance Item on a computer.

Let's say you have a customer "Contoso" that uses Adobe Acrobat instead of Adobe Reader, and you would like that to be installed instead.

First, create a Deployment that sets the desired state of Adobe Reader to Uninstalled for Contoso

Then, create a Deployment that Installs Adobe Acrobat for their computers

Target

A "Target" is a grouping of computers (or Tenants in the case of "Cloud Tasks")

ImmyBot's ability to resolve Targets to a group of computers is perhaps its most powerful feature.

For example, you can select a Group of users from AzureAD (which includes on-prem synced groups, and Teams) and ImmyBot will automatically resolve that to the list of computers in use by the people in that group.

If you enable PSA integration, a Target could be all computers covered under a certain type of Agreement, or computers covered by an Agreement that includes a certain product.

This is particularly useful for security software, help desk portals, or anything else in your stack that you may only want to be installed for customers that are paying you for it.

Conversely, you could use this feature remove your stack for customers you are offboarding. Simply create an "Offboarding" product in your PSA, and create a deployment for each of the pieces of software you would like removed setting the desired state to Uninstalled for all customers with the "Offboarding" product on their agreement. Note: ImmyBot even honors the date range on additions, making scheduled offboarding easier if say the customer wants your software removed on the last day of the month.

Maintenance Session

A Maintenance Session is conceptually similar to running gpupdate /force

In other systems, different types of maintenance happen on their own schedule. Windows Updates may run on Tuesday night, but Third Party updates may run on Wednesday night, and auto-fix tasks may run whenever an alert is fired for a failed monitor, which has its own polling interval.

By forcing all automation to happen in a sequential set of actions we call a Maintenance Session, we can deliver predictability not only as to what changes will be made, but also when.

This also provides a cohesive mechanism for setting up a new computer. At best in traditional RMMs you can assign Monitors that detect the absence of required software and run Install scripts when they are missing, but this doesn't scale as pre-requisites and exclusions are required.

Imagine if Group Policy could reliably deploy any type of software, and gpupdate /force worked reliably off-net, and when you ran it, it gave you real-time feedback about exactly what it was doing. Also imagine that it could optionally notify the end user before and after with a branded email telling them exactly what is being done, that optionally lets them cancel.

That's a Maintenance Session.

You can view Maintenance Sessions for all computers under Computers->Sessions

Or, you can view Maintenance Sessions for a specific Computer under the Sessions tab for that Computer

Maintenance Session Stages

Detection Stage

During the Detection Stage, ImmyBot "Detects" which Maintenance Actions are necessary to bring the computer into compliance. These Actions are added to the Maintenance Session.

This is a read-only process, and typically done while the user is active. This is so ImmyBot can notify the user of changes that will occur later during the Execution Stage. By doing this during the day, and scheduling Execution for later, we are giving the end user the best possible chance to be aware of the upcoming maintenance, Postponing if you allow. The Postpone feature is very popular among engineers that do may need to leave renderings and analysis tasks running overnight.

Execution Stage

Maintenance Action

',108),ee=l('

A Maintenance Session has one or more Maintenance Actions. A Maintenance Action could be to install software, apply a Windows Update, or run a Task.

The image below depicts a typical Maintenance Session with many Maintenance Actions

Software

Software, in the context of ImmyBot refers to Software objects in My Software or Global Software.

My Software - Initially empty. When you upload your own software to ImmyBot, it goes into My Software

Global Software - Read-Only, managed by the ImmyBot team.

At the bare minimum, Software requires a Detection Method. Software can have many Software Versions.

',8),te=l('

Pre-Requisities

This is a VERY powerful, and critically underrated feature in ImmyBot. ImmyBot resolves dependencies recursively, with built-in circular reference detection.

Common uses for Pre-Requisites include

Install required dependencies

Ordering Maintenance Actions

Detection Method

A Detection Method is required in order to know whether or not a piece of Software is installed on a machine.

For Software, the detection method must returns the version of the software installed on the machine, if any.

For Tasks, the Detection Method is the "test" mechanism, which must return true or false to indicate whether or not the machine is in compliance.

Software Version

',13),ae=e("h3",{id:"task",tabindex:"-1"},[a("Task "),e("a",{class:"header-anchor",href:"#task","aria-label":'Permalink to "Task"'},"​")],-1),ne=e("p",null,"A Task (aka Mainenance Task) is a catch-all for anything that isn't software.",-1),se=e("p",null,"or",-1),oe=l('

Task Modes

Enforce

Runs the "test" script, if the test returns false, runs "set", then runs "test" again to verify.

Audit

Runs the "test" script which should return true or false. It can output whatever it wants, but the last output should be boolean.

Monitor

Runs the "get" script, which can return anything. Useful for collecting data like Bitlocker Keys, Quickbooks Licenses, or any other piece of information you are interested in.

Scripts

From the above diagrams, you can see that scripts are the building blocks for higher level objects like Software and Tasks.

Execution Context

System

Run as a service on the machine

User

Will attempt to run as the logged on user

Metascript

Runs in the ImmyBot backend, and can spawn code on the system by using Invoke-ImmyCommand

Cloud Script

Runs in the ImmyBot backend, but intended to be run against a Tenant (perhaps for the purpose of getting or setting some setting in 365/Azure or some other system with an API). These are used exclusively in Tasks targetting "Tenants".

Schedules

Used to run maintenance periodically on machines. Can optionally be limited to a single Maintenance Item.

NOTE You must also have a Deployment for the Maintenance Item to set the desired state. Imagine a scenario where you need to ensure a single piece of software is up-to-date on all computers except for a CNC machine. Create 2 deployments, the first setting the desired state to Installed->Latest for all computers, then a second stating that the desired state is Ignored for the CNC machine. When you create the schedule, the software will be ignored for the CNC machine.

Integrations

To ImmyBot, an RMM is a system that provides a list of computers, and a mechanism to run PowerShell scripts on them.

To avoid having to deploy the ImmyAgent to existing machines, ImmyBot optionally integrates with RMMs like ConnectWise Automate and ConnectWise Control and uses their agents instead. These systems are not as performant as the ImmyAgent, but can suppliment ImmyBot functionality.

For example, if you add an RMM Link for ConnectWise Control, you can open a remote session to the computer directly within ImmyBot:

If you add an RMM integration for ConnectWise Automate, Scheduled Maintenance Sessions will apply all Approved Windows Updates using the ConnectWise Automate API based on your Approval Policies in Automate Patch Manager.

You can even add multiple RMMs of the same type, which is often useful in merger and acquisition scenarios. You may choose to use ImmyBot as your single pane of glass to manage both, or simply let ImmyBot be a neutral third party for facilitating the consolidation of RMM agents to the parent company's RMM.

Identification

Because the same computer often exists in multiple RMMs (Like how CW Automate typically installs CW Control Automatically), ImmyBot prevents duplicates by identifying the computer by a unique id. We DO NOT use MAC Address! This unique id persists even if you wipe and reload the machine.

When a new machine is detected, it first goes to New Computers->Actively Identifying

It uses the following script to collect the UUID from the machine:

gwmi Win32_ComputerSystemProduct | select -expand UUID
gwmi Win32_ComputerSystemProduct | select -expand UUID

This value is static even if you wipe and reload the machine, although we have VERY rarely seen this value change following a BIOS upgrade or due to a mainboard fault. We chose this value instead of Mac Address or Hard Drive serial number because of issues other systems have with USB Ethernet cables and hard drive replacement. We did not use serialnumber because we learned that many computers do not have serial numbers.

In practice, this value works almost too well. Machines you just wiped and expect to find in New Computers, are often associated to their pre-wiped computer objects. To find them, you often have to search for the serial number of the computer in the Computer List. In 0.40.1 we began using the Windows OfflineInstallationID value to identify when an existing computer has been wiped so we can set its status to "Needs Onboarding" which causes it to show up under New Computers as expected.

If it is a machine ImmyBot has seen before, it will be associated to the existing Computer, and you will find a new entry under the Computer's Agents tab. Under the hood we call these entries "RmmComputers".

Computers can have one or more RmmComputers(Agents). You can think of these as logical "pathways" to the computer. We only need one to be online to function.

Identification Failures

Needs a Manual Decision

Generally you will click "Agent Re-installed"

Often when an RMM Agent gets re-installed, it will get a new id in the RMM (ComputerId in Automate, SessionID in Control). ImmyBot will recognize that it is the same computer, but due to the fact that virtualization technologies and hard drive cloning can lead to the same scenario, we require you to tell us whether we should overwrite the existing RmmComputer, or keep both. 99% of the time you will click "Overwrite Existing". If the machine was in fact cloned, you would click Keep Both, in which case Immy shims the duplicate UUID with its own to prevent collisions.

Pending Computers

Computers in the pending status have yet to be identified.

Computers may get stuck here if we are unable to run our Ephemeral Agent

',47),ie=e("p",null,"Top 3 reasons for Identification Failures",-1),re=e("ol",null,[e("li",null,"SSL Inspection blocking our websocket"),e("li",null,"Security Software blocking PowerShell"),e("li",null,"Incorrect time is preventing SSL/TLS connection")],-1),le=e("p",null,"To understand the various reasons identification can fail, it helps to understand how ImmyBot executions PowerShell",-1),ce=e("ol",null,[e("li",null,"RMM or ImmyAgent runs Immybot.Agent.Ephemeral.exe"),e("li",null,"Immybot.Agent.Ephemeral.exe establishes a secure websocket to wss://subdomain.immy.bot and runs Invoke-PSPipeHost.ps1"),e("li",null,"Immybot.Agent.Ephemeral.exe feeds Invoke-PSPipeHost.ps1 PowerShell over a pipe from the websocket session")],-1),pe=l(`

The most common cause of identification failure is security software.

To know if this is the case, pull the logs from C:\\ProgramData\\ImmyBotAgentService*.log

image

Normal Immybot Agent logs look like this:

2022-06-14 00:02:25.560 -05:00 [DBG] Hosting starting
+2022-06-14 00:02:25.799 -05:00 [INF] Starting Immybot Agent
+2022-06-14 00:02:25.943 -05:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
+2022-06-14 00:02:26.875 -05:00 [DBG] Initializing IoT Hub connection
+2022-06-14 00:02:35.023 -05:00 [INF] Application started. Hosting environment: Production; Content root path: C:\\WINDOWS\\TEMP\\.net\\Immybot.Agent.Service\\lreaszzz.wwx\\
+2022-06-14 00:02:35.024 -05:00 [DBG] Hosting started
+2022-06-14 00:02:40.552 -05:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
+2022-06-14 02:06:32.159 -05:00 [DBG] Process started; ID: 12724
+2022-06-14 02:06:37.358 -05:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763 --BackendAddress wss://immense.immy.bot/ --SessionID c946e1d1-f5fd-d36d-0489-d2a9ad9084e0
+2022-06-14 02:06:38.335 -05:00 [DBG] PID 16184 <----- Indicates successful execution
+2022-06-14 02:06:38.372 -05:00 [DBG] Process exited; Code: 0
2022-06-14 00:02:25.560 -05:00 [DBG] Hosting starting
+2022-06-14 00:02:25.799 -05:00 [INF] Starting Immybot Agent
+2022-06-14 00:02:25.943 -05:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
+2022-06-14 00:02:26.875 -05:00 [DBG] Initializing IoT Hub connection
+2022-06-14 00:02:35.023 -05:00 [INF] Application started. Hosting environment: Production; Content root path: C:\\WINDOWS\\TEMP\\.net\\Immybot.Agent.Service\\lreaszzz.wwx\\
+2022-06-14 00:02:35.024 -05:00 [DBG] Hosting started
+2022-06-14 00:02:40.552 -05:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
+2022-06-14 02:06:32.159 -05:00 [DBG] Process started; ID: 12724
+2022-06-14 02:06:37.358 -05:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\840290f2bd2142e2bd2c612542436763 --BackendAddress wss://immense.immy.bot/ --SessionID c946e1d1-f5fd-d36d-0489-d2a9ad9084e0
+2022-06-14 02:06:38.335 -05:00 [DBG] PID 16184 <----- Indicates successful execution
+2022-06-14 02:06:38.372 -05:00 [DBG] Process exited; Code: 0

Windows Defender will make the logs look like this:

2022-11-17 13:13:36.604 +11:00 [DBG] Hosting starting
+2022-11-17 13:13:36.817 +11:00 [INF] Starting Immybot Agent
+2022-11-17 13:13:36.840 +11:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
+2022-11-17 13:13:37.590 +11:00 [DBG] Initializing IoT Hub connection
+2022-11-17 13:13:37.860 +11:00 [DBG] Hosting started
+2022-11-17 13:13:38.598 +11:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
+2022-11-17 13:13:39.157 +11:00 [WRN] Dirty-Shutdown detected! Dirty-File created at: "2022-11-07T04:11:59.3975026Z" UTC
+2022-11-17 13:13:41.686 +11:00 [DBG] Process started; ID: 5660
+2022-11-17 13:13:44.674 +11:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb --BackendAddress wss://ericom.immy.bot/ --SessionID a92c0ed1-ea3b-7f8a-d9c6-946d9b44ccc5
+2022-11-17 13:13:49.577 +11:00 [DBG] WMI Error 2
2022-11-17 13:13:36.604 +11:00 [DBG] Hosting starting
+2022-11-17 13:13:36.817 +11:00 [INF] Starting Immybot Agent
+2022-11-17 13:13:36.840 +11:00 [INF] Using configuration file stored at: C:\\ProgramData\\ImmyBotAgentService\\config.json
+2022-11-17 13:13:37.590 +11:00 [DBG] Initializing IoT Hub connection
+2022-11-17 13:13:37.860 +11:00 [DBG] Hosting started
+2022-11-17 13:13:38.598 +11:00 [WRN] IoT Hub connection status Changed Status => [Connected] Reason => [Connection_Ok]
+2022-11-17 13:13:39.157 +11:00 [WRN] Dirty-Shutdown detected! Dirty-File created at: "2022-11-07T04:11:59.3975026Z" UTC
+2022-11-17 13:13:41.686 +11:00 [DBG] Process started; ID: 5660
+2022-11-17 13:13:44.674 +11:00 [DBG] Running C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb\\Immybot.Agent.Ephemeral.exe --ImmyScriptPath C:\\ProgramData\\ImmyBot\\Scripts\\4303da9b790b41c6978b50b872fe17cb --BackendAddress wss://ericom.immy.bot/ --SessionID a92c0ed1-ea3b-7f8a-d9c6-946d9b44ccc5
+2022-11-17 13:13:49.577 +11:00 [DBG] WMI Error 2

DNS Filtering/Issues make the logs look like this

2022-09-20 20:39:59.712 +10:00 [INF] RESPONSE: {
+  "Resource": "installer/challenge/request",
+  "Method": "POST",
+  "StatusCode": 0,
+  "ErrorException": {
+    "ClassName": "System.Net.WebException",
+    "Message": "No such host is known. (XXXX.immy.bot:443)"
2022-09-20 20:39:59.712 +10:00 [INF] RESPONSE: {
+  "Resource": "installer/challenge/request",
+  "Method": "POST",
+  "StatusCode": 0,
+  "ErrorException": {
+    "ClassName": "System.Net.WebException",
+    "Message": "No such host is known. (XXXX.immy.bot:443)"

To correct it, you need to exclude DNS filtering for your instances hostnames, which are found under Show more > integrations > Fetch IP Address and Hostnames

If Powershell is failing to start on the endpoint within 60 seconds a timeout will occur.

Here is a suggestion on a cause and possible fix for that one https://www.reddit.com/r/PowerShell/comments/rx68fw/powershell_slow_to_open_long_load_timesfixed

Security Software Exclusions

Ideally you would instruct your security software would support excluding code signed by

CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US
CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US

Exclusions based on code signing certificate are an industry standard feature and should be a standard feature in any best-in-class security software. However, if your security software is unable to exclude based on code signing certificate, create an exclusion for your instance's Script Path.

Your script path can be found under Settings->Preferences->Script Path

image

ThreatLocker

  1. Application Control-> Applications
  2. Create New Application
  3. Put the following value into Certificate and click Add
CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US
CN=Immense Networks LLC, O=Immense Networks, L=Baton Rouge, S=Louisiana, C=US
  1. Add your instance’s script pathimage Ultimately it should look like this: image
  2. Create a New Application Policy image

BitDefender

BitDefender will intermittently block script execution unless you disable Aggressive scanning mode or add a your instance's Script Path to your policy's exclusion list.

CrowdStrike

CrowdStrike uses AI to decide what to allow and disallow. Periodically this AI will mark the ImmyBot Agent or ImmyBot Ephemeral Agent as malicious. This usually happens after we update it. Marking it as a false positive in your CrowdStrike portal will train the global AI to not treat it as malicious.

Microsoft Defender for Endpoint

Add a your instance's Script Path to your policy's exclusion list. https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-configure#create-the-profile

Cylance

Cylance blocks our websocket making the ImmybotAgent log look like this:

2022-09-21 12:24:26.562 -04:00 [INF] Process exiting.
+2022-09-21 12:24:40.106 -04:00 [DBG] Closing Websocket...
+2022-09-21 12:24:49.743 -04:00 [INF] Marked ConnectionState as disconnected.
+2022-09-21 12:24:50.171 -04:00 [ERR] Application shutting down (App lifetime token cancelled)
+System.IO.IOException: Cannot access a closed stream.
+at System.Net.Http.HttpConnection.RawConnectionStream.WriteAsync(ReadOnlyMemory\`1 buffer, CancellationToken cancellationToken)
2022-09-21 12:24:26.562 -04:00 [INF] Process exiting.
+2022-09-21 12:24:40.106 -04:00 [DBG] Closing Websocket...
+2022-09-21 12:24:49.743 -04:00 [INF] Marked ConnectionState as disconnected.
+2022-09-21 12:24:50.171 -04:00 [ERR] Application shutting down (App lifetime token cancelled)
+System.IO.IOException: Cannot access a closed stream.
+at System.Net.Http.HttpConnection.RawConnectionStream.WriteAsync(ReadOnlyMemory\`1 buffer, CancellationToken cancellationToken)

To correct it, you need to bypass SSL Inspection for your instances hostnames/IPs, which are found under Show more > integrations > Fetch IP Address and Hostnames

Group Policy Objects

Computer Configuration | Policies | Administrative Templates | Windows Components | Windows PowerShell | Turn on Script Execution (Enabled)

User Configuration | Policies | Administrative Templates | Windows Components | Windows PowerShell | Turn on Script Execution (Enabled)

These GPOs have been known to cause issues with running scripts.

`,37);function de(ue,he,me,ge,fe,ye){const s=p("Mermaid");return n(),d("div",null,[G,j,V,X,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-12",class:"eita",graph:"graph%20LR%0Asubgraph%20Input%0A%20%20%20%20User%5B%22End%20User%20(Optional)%22%5D%0A%20%20%20%20Customer%5BCustomer%5D%0Aend%0AUser%20--%3E%20Magic%20--%3E%20F%0Asubgraph%20Output%0A%20%20%20%20Customer%20--%3E%20User%0A%20%20%20%20F%5BPerfectly%20Setup%20Computer%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),Y,z,Z,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-22",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Deployment%22%0A%20%20%20%20Input%5B%22Software%20or%20Task%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState%5B%22Desired%20State%22%5D%20--%3E%7Con%7C%20Group%5B%22One%20or%20More%20Computers%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-23",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Adobe%20Reader%22%0A%20%20%20%20Input1%5B%22Adobe%20Reader%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState1%5B%22Installed%22%5D%20--%3E%7Con%7C%20Group1%5B%22All%20Workstations%20and%20Portable%20Devices%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),J,K,Q,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-42",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Deployment%20Apply%3F%22%0A%20%20%20%20Input%20--%3E%20Metascript%0A%20%20%20%20Metascript%20--%3E%20True%0A%20%20%20%20Metascript%20--%3E%20False%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-43",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Visio%20Install%3F%22%0A%20%20%20%20EndUser%5B%22Input%3A%20End%20User%22%5D%20--%3E%20Script%5B%22Graph%20API%20Script%3A%20Does%20End%20User%20have%20Visio%20License%3F%22%5D%0A%20%20%20%20Script%20--%3E%20True1%5BTrue%5D%0A%20%20%20%20Script%20--%3E%20False1%5BFalse%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),$,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-580",class:"eita",graph:"flowchart%20TD%0A%20SoftwareInstall%20--%3E%20Detect%7BSoftware%20Installed%3F%7D%0A%20Detect%20--%3E%20%7CNo%7C%20Install%0A%20Detect%20--%3E%20%7CYes%7C%20HasConfigurationTask%7BHas%20Configuration%20Task%3F%7D%0A%20Install%20--%3E%20PostInstallDetect%7BSoftware%20Installed%3F%7D%0A%20PostInstallDetect%20--%3E%20%7CYes%7CHasConfigurationTask%0A%20HasConfigurationTask%20--%3E%20%7CYes%7C%20MaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20RunSetScript(Run%20Set%20Script)%0A%20RunSetScript%20--%3E%20PostMaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20Non-Compliant%0A%20PostInstallDetect%20--%3E%20%7CNo%7C%20Non-Compliant%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ee,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-605",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%5D%20--%3E%20D%5BCustom%20Detection%20Script%5D%0A%20%20%20%20C%20--%3EE%5BDefault%20Uninstall%20Script%5D%0A%20%20%20%20C%20--%3E%20F%5BAuto-Update%20Script%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),te,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-673",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%20Version%5D%20--%3E%20Install%0A%20%20%20%20C%20--%3E%20Uninstall%0A%20%20%20%20C%20--%3E%20Upgrade%0A%20%20%20%20C%20--%3E%20Repair%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ae,ne,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-680",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20Get%0A%20%20%20%20C%20--%3E%20Set%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),se,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-684",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20S%5BCombined%20Script%20with%20%24method%20parameter%20containing%20'get'%2C'set'%2C%20or%20'test'%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),oe,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-824",class:"eita",graph:"graph%20TD%0A%20%20%20%20CheckImmyAgentLogs%5BCheck%20ImmyAgent%20Logs%20in%20C%3A%5CProgramData%5CImmyBot%5CLogs%5D%20--%3E%20DidEphemeralAgentStart%5BImmybot.Agent.Ephemeral.exe%20start%3F%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CYes%7CCheckEphemeralAgentLogs%5BCheck%20Ephemeral%20Agent%20logs%20in%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.log%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CNo%7CBlockedBySecuritySoftware%5BExclude%20Script%20Path%20from%20Security%20Software%5D%0A%20%20%20%20CheckEphemeralAgentLogs%20--%3E%20EphemeralAgentConnect%5BDid%20Ephemeral%20Agent%20Websocket%20Connect%3F%5D%0A%20%20%20%20EphemeralAgentConnect%20--%3E%7CYes%7CDidSuccessfullyIdentifyAfterFix%0A%20%20%20%20EphemeralAgentConnect%20--%3E%20%7CNo%7CTryNoSSLInspect%5BPut%20on%20network%20without%20SSL%20Inspection%5D%0A%20%20%20%20TryNoSSLInspect%20--%3E%20DidSuccessfullyIdentifyAfterFix%5BEphemeral%20Agent%20Connect%20After%20Fix%3F%5D%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CNo%7CEmailSupport%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CYes%7CDone%0A%20%20%20%20EmailSupport%5B%22Email%20logs%20from%20C%3A%5CProgramData%5CImmyBot%5CLogs%20and%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.logs%20to%20support%40immy.bot%22%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ie,re,le,ce,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-865",class:"eita",graph:"graph%20LR%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CAutomate%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Automate%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CControl%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Control%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CImmyAgent%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20ImmyAgent%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CN-Central%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20N-Central%5D%0A%20%20%20%20Automate%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Control%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20ImmyAgent%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20N-Central%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Immybot.Agent.Ephemeral.exe%20--%3E%20cmd.exe%20--%3E%20powershell.exe%20--%3E%20Invoke-PSPipeHost.ps1%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),pe])}const we=c(H,[["render",de]]);export{Ae as __pageData,we as default}; diff --git a/assets/getting-started.md.44572acc.lean.js b/assets/getting-started.md.f6513b7d.lean.js similarity index 86% rename from assets/getting-started.md.44572acc.lean.js rename to assets/getting-started.md.f6513b7d.lean.js index 140bb55d..132387f8 100644 --- a/assets/getting-started.md.44572acc.lean.js +++ b/assets/getting-started.md.f6513b7d.lean.js @@ -1 +1 @@ -import{_ as c,C as p,o as n,c as d,b as o,w as t,a0 as i,k as e,a,Q as l,H as r}from"./chunks/framework.392dd896.js";const u="/assets/2021-03-15-08-26-56.2fb0251e.png",h="/assets/2021-03-15-08-27-10.f06a1b7d.png",m="/assets/2021-03-15-08-27-20.9abc2370.png",g="/assets/2021-03-15-08-27-29.3495b43a.png",f="/assets/2021-03-15-08-29-07.c9d36958.png",y="/assets/2021-03-15-08-29-35.7ba594f8.png",b="/assets/2021-03-15-08-29-41.6717b610.png",A="/assets/2021-03-15-08-30-29.e8f8369b.png",w="/assets/2021-03-15-08-47-28.29c6e137.png",C="/assets/2021-03-15-08-37-50.56c2d07c.png",k="/assets/LoginImg1.d2afdd32.png",q="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMcAAACLCAMAAADiQX3jAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADbUExURTpCSPHy8hIVJvn5+yImKv///y40OCCp2SQoLC40OiDf+SSt3v/0zv/79YWp2hkcKfH//jGRzt3//oGHiYTp/f/x8dvd2/Dp6vHJiyCq77y+w6nd+eDh45FCSInN5dqtLsfR3PzgtSLN9Di45PL/4YEoLMX5/83z/4nN9DpEm6/r/2vI5d+3SMaGLOrJoKmq2qLD383p+LNCSCQorVK+5P//+WCq152iqqgoLHF3fkBPZR4iMiQwfaqxtzN7tjpCuXJfUMGjb5MooseOLLaqlFXW9ZNCm/n15VJCSJfHF6wAAATxSURBVHja7ZyLW6pIGMZBZoRUAgzB1FWxMtPyskVl1unUnl39//+i/Ybxghd2fbwynu+FvDAG8/P93hnQ51FST0MSciAHciAHciAHciBH3DgsYW+xrgTiuOoWLYEwyhEcf1Pq610hENjbXXaXOZ56jlXLUgBx1XSz9DzXmNIVXXci95kanh/FDVle4rgEBCdFmfTzOoOZ62juXK2ZkSA1/RgcZXcFB7PCqZmMI/cEHLkFP6CjthvpR+78OBhjjnCkbdN9TjcZRxXeeqW73NGmC67pOqOpQ51V4X+Gtq7nOOak6aAYy36orVbrWU3bAcETexwmZR2tmdXLrAP9LVzWWd9zHdWGnl/WXYY5bjrYLMgxljmYE6WnYllNN4pQV9SvzvnhUx+2BLbYbs3sQKDqjmrnuFeAOW46ZMZl2V3iYDEv2Wy0gg7T7mLQUzzINjRDfngcoMwCjprMOMZN6mFBwhzWmENpBCkPkg5E7oogp3g/Az/U5sQPnftxxJyHp49Wy6ZTdaYBmfODhYDdBfnQWT6qwbZxPg4/fcir5vMZh9+JGFhrps+Sk677PnuNnav7zDg+DPgLoTrKPBhMIYqpKOzPfV5vR/bBi2kRZDfnu8fmiDxPFI1j7euPDU/i9zb/LV4QStv0Eq8HxeGwjsdh/U5+WOJzWDGmkba1wIoYZY/OYcU/1CsOLR3iMPv5NNRap67WKRErhvkQfUY/xXlQaD8k6QyW4Ga2hNfoZfPG3S5sRaFQKBQKhUKhUKjjyzKVfLc0UXskLgdtF6ffFGb+mGu8Cp5/Zu/jz/HDKX09FwqFj2D9NVrBEYK+/jPGKCMpGdEiEAfzo38xUX8Vx93tPSs/en8FlefFOB/N6RfpK/MBHAzl8yvOfgBHvpFTFL56kRzt+OcjWrO6urv1vVhzvF1c/FyDA9T0Yl5X7aIyUVRdfYIZDW8U83wE86DC1sWcB3PjP5CPOp8jm7Edr+4Kha+3qHEXhUKhUCgUCoVCoX5faach5EAO5EAO5EAO5EAO5EAO5BCf4/3l180pcKSpWTFOgoNWVm7Os7tiXnSO3PXrKXComZ4nCsd713GcHqVDuGuPCJnDy3xnK5zjMUuhyNKZG82S/yKP2Ycd9o4wGYZBIrQWx4/xz38o7KvyV7Lgx016+DoAjsdshXUeVtKgecPK3OyYQzMKH8ZWHNnZ738scrC3HyCK3AitnCfFCilWPQKPyI79SFDF0LbgGMzyMeBP5vwglvlQzIMJTJ5W9h6d7+vv3gPZtR8JShPb+PGf4xVwkEamlx+kPcKOp1nXHTCl7bxq2s79oAltTxzghzZ4v6VBPgLz3nuQclX2tL1wRER9F37AUSwzD0aYPtUfmDus1CpkLxwfL4YkAYu2GQchljxcOZCyXRBjEOx4dkhCyH78gFUpcZSN/Fijb2T6Um3XGGGOAUfRNqwrou24a1twDJYGLlGuPyYcBqUS59CE5ihRKlNaENcPGHDZPDiVoH4YBbmfmOMggnJANUnC+0EGZy6lrvh+EONNCVFQRVAOAOmHOUqi+gEgLyGOD0NUPwDEmXFIRNT5HDgkeYLxYmiaqHXFBq0qx7hIbHreHgM/NPaBSb/qFF4kIwAT9fwqmA8ToMESRpjjLM5KJpNww+4C8S0hzV4Zf47kFCREJB4HB+Gr0By8+6soxOM4+1+OfwEpAm/RE8H59wAAAABJRU5ErkJggg==",S="/assets/LoginImg3.0cee540d.png",P="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAuoAAAA3CAMAAABthp9MAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAAGDUExURfX19SCp2Tqx2/Pz8/Hx8TJ6t/lsa93d3f1CQv///yer2fd5eCOp2flvbjev2vV7ezIyMi6t2TSv2vd1de/v7+rq6mqr4vdxcPhzcvb1y+OrayKj0a3h9TKNy4vH9cv2+SGYwsuNMvf25TKv2vXHi8fHyKtqMuP19jNrqhdylPfhrNDQ0BRkgbGxsR+Ms9XV1RyBpKipqbm5ueLi4osyMosyao+Pj6Chodva24iJjL++wPd8e5WWlpubm//p6P76/Ojn5xtgeuVMTvZ/fLBpbOD//Z91fIrO5uXm5vaytTJ614iGh2wyizep0TIyi7Pt//Pd2WoyMjG07c9XW7F7tt/Nt/WhoTJ644vh+8y0tfPDzv//+Tc/aoODhfpZWfT/9Mdpa5Sy0vpHR/RFRo96vECgxPeEiVqPs81KTi7R9W1ZZXOSqPH//8bn759LVTpqc2huoGoyakvL8HXC3fd0x6BcY/7OqP/HcKvHq/d0s/fX0t/g6PPu8t3f2auNMv3v/a+bmx/vpTsAAAtASURBVHja7Z2LQ9rIFsaDE0WRp/JQo6CIT1DwsYquiosoIJu21j6sVmtFq9ZXb7vbe9uu2/7p95zJa1D04q0IuvMlMZNhkp3O/PhyJglZQWRk5uJ6sBIKUBe4GJl51R5UfTnqHHWOOkedV42jzlHnVeOoc9Q56hx13j8cdY467x+OOked88RR56hz1O9/UxIqjjrn6YGjDpBns38R4S5g56hz1CtXX0JE8UV93VfxLpydo85R/0kRTTeuLwH83O/q6+tfzP9VftY56hz1nwZdVCdG19Q37TLpkiQpBajXJ/clCbdd6eLlLokpSLItdcXly3LUOeq3B7r41bG1tWVbePEiu/7EI16E/lJ90xZ7jSZZlvdW84B6vj4ly5Bht6SLlbsspmDW5lhwLCwUWRy+LOGoc9Rvh3SMtVntbPkU6N0ig7yZ8fkCguU9KanumZySa2RAuGi5YqxrBW0OB7JebGq0cVfnqN8S6e51CjjDuvZnp65Ohz7O+Lypxs6aeqex7/Z+jd1u1Q5uqrleJq1g3YLjyqmOo34TnmpL1j/uWyi65x311wpA3qHQZwF66vNSjWxM8l4tU3YnJ8smzf6tdjt8KajTq6XZtd1uoP6r47J+VRaOOkf9dkzd7cls5etLFFC/Ved7tzl1tL9XI9sBV3D1zn0aqWta3ZdENdYx2UE0VFHPAuwaFgN1x9XiqHPUbwV1MPX4FkU0r82lKrm6vbQE0O9/uPB9WJoXlcDear9eBuqNjisnjjpH/ZZMfSzuu8B3nlmuY3+HfpzXihglt7JuCrupdNSvFkedo35LqJujP/6ngd/U8XcWniDrpqYme1OT3ASSP7afpJvUDW1dFPX1ubmvCzdBvcv7/zdAyOkt/RDBXv89QP1xAyi4W42oYzO3jndUKn7xmMPT29cxfu32hXzj452sRxRNcneTy96NVH88TmxsjEGim3LeTdeSEas3I9XNX74nEgnoqY2NRMgB247G5jKjfvZ7oPAQbVf2BLknqD8BjB9vvKpO1IO9RlMPYtu33RX5gHo8PD20vZrXbPty5FIq7hcK1X11S00umJpc3fJT6jWJt7jtcnXTfFe34erNjc0wN/6R0PW5keY1NpcX9f6/O0iJqAv3CPXatbnqRL2LaV5AndwZ6jSAAdRHZiaWllKp7dWDZIkgG2HNBUc39s+/kGSXrED9dBFR3+hxNX08eWvp7qa5bACjsN6cnVP12dFM80pz9dZf/rPi9LaOOx8FCtJwunRiiNLW0aWsnZgb7HU6lQYmof7Wcb92ZsUiUM6ZRqSxT6AbMJfuMrnSn4H8wRVapr+vylF/+uZZ7Ro0+fPa5cC348Tu4knDXO1L6IUnkBFfbADXrwTqCtghJzY1/sV+cfqxX+Av7TnstfKwDsPSaM/oyOzMxNTU5mYutwkC6FMU+nyxcWoJ3p7XrzvKLirD1WvW4A8KzN3FuLqqdRq/gFq1nJJcvXW8v29w5VEAT4+FaWzAdmhKvxB63Y5nzHX6gWbQof6+0KMA6WKKdgiEIg5t3uVvHccvSH9fsLd/EQOYwRU/7iOs95HqRv3l4qvlk93ateDuciCxC5tzmPec5gcSz2ofB3crgPp7xSJ+BARsdd3Vg8/6sJGx54K95XJ5vNhoDgPrI5OzszOgiYmJXG4qh9rMFXH6/PUuf1FLey6F9o/HwO83+2HfYsN3j1fuppnWy6h/V0hv+Hoz1H9pJ0gwhZRJI5VCm5fyi6D+qx3+yTREDHWort6HnMPMFBUGP/QNHqXaW38P0Fw4IuxM4PvxCU8B2EvVBrrOEzFQV819OfBc3TzEwerak5eYAR9UAPUz7ABBmCO0l/RYnbyh0Qw6DQmV64RJbyHFgfXRoRHAHTWrMw9Gj8Cj1S8t/QnQJ5P5y0Tnrx2fJo8slGoLXoFxdR+Cax8Liq8Xc/U/VNIbBptbboY6rP1KyMGk8cSIwQq1DqB1cAXtnWYqLYqowxcADsEWhUO0+du8IWUL96RnAQh8vMr593U7Earb1TGAOdyAmJFBfY227Nxy5VD3hmjLQTdgExqxOnbJI0SdCGVDndr62Hk03DM9PQoaAo0Ug55GNpsU+lTq9PTgIH9lPMNmJ5f2JRlgX+sjJ+2BxLdPlrWGt3aLRUWd6Kj76MSg3tLcouTdEHXCoh7q0MeahBozgTgFPJsZlqKX9//tZYsKYPRLgcEPbYrXk2AKXR2P8Hacsk4GFXeqStTbKeoA/OHcLhL9Ukf9ozJUrSTqpA3iQnTzAlenhqO4ejlRx+uNGYA9Gg6He1DT05T6C9DP5HToc5u/UZ29fp9aPb1qIItfhYMPtZ2dkuSyUD/BKJx4lVjdQifN1QmgrnDNoq7k+EoNYBhXN9Ljfp1foDXkVxzay6JOFLdmiwqhs/3vwdT7dsGI1f3kTbA3jdtt7cp/o4pdfTkAsQpehFljXR1j9QqjDguMjoDmEOvqdCm7q1PW3fPzmbGx8/N4nBJfyLwK/eyIavTg9JFIhMIemdr8LbKZKrjPZBj69o9YbLizU5ZcyvUXqqhJB93CuDqSjssXLVb/d4uvRcn7mQBGPVXqsfoKjvwJXlVx+g1XJ3hZRSsKH/rR+wnponH6OMY6ourqeAWmP6TvXb23kJ7TcL0h8Rcbq9c+hQHTxquXlUQdGvHRSa/TOQC9JHY56SUuPzbyZtldXf3JnNvjmfcA8BlAfsx8bj4Hm1ew16AfMZx+cgAUGYhEBo4mIpGzP4tde19dmpidHEDUJclyeKyjfm6B6EVdLEys7lP0JWGg7qPw+0p6MIBckWa2iUBKaIsrsuk4VP30uPrGpMK9ejDgDZ1JYXv33clbJ+gP7pB3tweQRyH0wDwgHz+PKlY/yjh9bAAnmJH72e1L49JkKpebmJkcAdSH9yCAuYA6gG6lsFsZV/f5EO53uqsr274SUb9LVSXp/BmYG8BOeUfkkXmdehX6sfMepF5x+p5hUGw4FovtTR4dHa0WDkYPTs9yUxMzs5MjQ2jq4OpWU7pdk5eiblUWw9V9mtR7SJ9teg5/3IujXg67IsrZmv6sWmVehT7sgXg+Q53e3Nk5jBNVbOCAudOUP30PITw4+uTQ0Oj0MMYvskR93OKSLS5Jtko66JLFegl1m6/OZ7PZaMrGUeeo34nH64ENNXoxyoQ3UidOVODtST14OXiPY9VIBAx9dHo6HFY8HZC2wozCFFAuwQqRN1y9zsdONhSuYcPGUb/vPN2XnlJ8XiBx5e0Z1OklTZT1vOLqydPX9KoMDFkB9J5wNH7eiWUsVp10dW2xavAbrn7NxFHnqN8p8WYttAGnl8CTJZwR9hgF/VQ1dAA9FusJh6Pn5owHLd2Ks5U6uZJiVODqOKsrNaUmOeoc9YrV12KipALIgHo/jkSpnyucQ/wejZsz8x6322qS1IImK+5iUnHXsdcO6FPfb6QubKrOx1HnqFesvmlgGODFV3t1Dn9InUWokHMEffjTWMYDoIvutLXgdV5WJkXT2iuPSJZBW1+r6SxHnaNeufqmLYg5fYkdBOsDVDEKOgxEP6Ghi/THpWmLVVLedqfNSpoulrR+hVphvfiL7ESOOke98vUVPZloeJreRVVGouZvGRV05m4YYQe5Wja5cNFHIIVSswrLcdQ56pVCnf6yA++h4kjUTAMXsYw3eDnqHPUK1ZeArZ/jDdRoND6WyaiBi8BR5zw9PNTd8xl8PGxsbN7jEUWxzE/scNQ56pVCndBnIiE+ZwJ0jjrn6QGijr6OKrufc9Q56hWur/JoGP8/3HGeHjzqpf3kgaPOUedNyVHnqPP6ctQ56hx1jjpH/R+EOhfXg1Uh6g1cjMy8ag+pvv8F+STF7qscAzoAAAAASUVORK5CYII=",I="/assets/LoginImg6-1024x100.6ccd59bd.png",v="/assets/LoginImg7.89b175ee.png",D="/assets/2021-03-01-08-42-41.f112850c.png",T="/assets/2021-03-01-08-44-19.fd314a6e.png",x="/assets/2021-03-01-08-51-38.fd381118.png",E="/assets/2021-02-23-08-47-36.73267607.png",B="/assets/2021-02-23-08-46-09.2ba153f5.png",R="/assets/2021-02-23-09-44-51.fc7d2e9a.png",M="/assets/2021-02-23-06-14-05.c6df2604.png",O="/assets/2021-02-23-09-18-04.f3cfeb71.png",N="/assets/2021-02-23-09-15-27.9d3e5275.png",_="/assets/2021-03-01-14-17-29.551c1482.png",U="/assets/2021-02-23-06-18-23.eb252864.png",L="/assets/2021-02-23-06-34-22.e8ca6b95.png",F="/assets/2021-02-23-06-44-25.97ec0970.png",W="/assets/2021-02-23-06-45-47.69b854b1.png",Ae=JSON.parse('{"title":"Getting Started","description":"","frontmatter":{},"headers":[],"relativePath":"getting-started.md","filePath":"getting-started.md"}'),H={name:"getting-started.md"},G=e("h1",{id:"getting-started",tabindex:"-1"},[a("Getting Started "),e("a",{class:"header-anchor",href:"#getting-started","aria-label":'Permalink to "Getting Started"'},"​")],-1),j=e("h2",{id:"preface",tabindex:"-1"},[a("Preface "),e("a",{class:"header-anchor",href:"#preface","aria-label":'Permalink to "Preface"'},"​")],-1),V=e("p",null,"ImmyBot is a desired-state enforcement tool.",-1),Y=e("p",null,"The goal of ImmyBot is to setup a computer knowing only the customer and the end user.",-1),X=e("h3",{id:"thinking-with-immy",tabindex:"-1"},[a("Thinking with Immy "),e("a",{class:"header-anchor",href:"#thinking-with-immy","aria-label":'Permalink to "Thinking with Immy"'},"​")],-1),z=e("p",null,'Thinking with Immy means thinking in terms of how things "Should" be.',-1),J=e("p",null,'You teach Immy how things "should" be by creating Deployments.',-1),Z=e("p",null,'How things "Should" be is often dependent on external factors. For example',-1),K=e("ul",null,[e("li",null,"Customer A should have SentinelOne because they pay for it"),e("li",null,"Person A should have Visio 365 because he has a license for it")],-1),Q=e("p",null,"Luckily, deployments can be conditionally applied based on the result of scripts that reach out to external sources",-1),$=l("",144),ee=l("",8),te=l("",13),ae=e("h3",{id:"task",tabindex:"-1"},[a("Task "),e("a",{class:"header-anchor",href:"#task","aria-label":'Permalink to "Task"'},"​")],-1),ne=e("p",null,"A Task (aka Mainenance Task) is a catch-all for anything that isn't software.",-1),se=e("p",null,"or",-1),oe=l("",47),ie=e("p",null,"Top 3 reasons for Identification Failures",-1),re=e("ol",null,[e("li",null,"SSL Inspection blocking our websocket"),e("li",null,"Security Software blocking PowerShell"),e("li",null,"Incorrect time is preventing SSL/TLS connection")],-1),le=e("p",null,"To understand the various reasons identification can fail, it helps to understand how ImmyBot executions PowerShell",-1),ce=e("ol",null,[e("li",null,"RMM or ImmyAgent runs Immybot.Agent.Ephemeral.exe"),e("li",null,"Immybot.Agent.Ephemeral.exe establishes a secure websocket to wss://subdomain.immy.bot and runs Invoke-PSPipeHost.ps1"),e("li",null,"Immybot.Agent.Ephemeral.exe feeds Invoke-PSPipeHost.ps1 PowerShell over a pipe from the websocket session")],-1),pe=l("",37);function de(ue,he,me,ge,fe,ye){const s=p("Mermaid");return n(),d("div",null,[G,j,V,Y,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-12",class:"eita",graph:"graph%20LR%0Asubgraph%20Input%0A%20%20%20%20User%5B%22End%20User%20(Optional)%22%5D%0A%20%20%20%20Customer%5BCustomer%5D%0Aend%0AUser%20--%3E%20Magic%20--%3E%20F%0Asubgraph%20Output%0A%20%20%20%20Customer%20--%3E%20User%0A%20%20%20%20F%5BPerfectly%20Setup%20Computer%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),X,z,J,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-22",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Deployment%22%0A%20%20%20%20Input%5B%22Software%20or%20Task%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState%5B%22Desired%20State%22%5D%20--%3E%7Con%7C%20Group%5B%22One%20or%20More%20Computers%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-23",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Adobe%20Reader%22%0A%20%20%20%20Input1%5B%22Adobe%20Reader%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState1%5B%22Installed%22%5D%20--%3E%7Con%7C%20Group1%5B%22All%20Workstations%20and%20Portable%20Devices%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),Z,K,Q,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-42",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Deployment%20Apply%3F%22%0A%20%20%20%20Input%20--%3E%20Metascript%0A%20%20%20%20Metascript%20--%3E%20True%0A%20%20%20%20Metascript%20--%3E%20False%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-43",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Visio%20Install%3F%22%0A%20%20%20%20EndUser%5B%22Input%3A%20End%20User%22%5D%20--%3E%20Script%5B%22Graph%20API%20Script%3A%20Does%20End%20User%20have%20Visio%20License%3F%22%5D%0A%20%20%20%20Script%20--%3E%20True1%5BTrue%5D%0A%20%20%20%20Script%20--%3E%20False1%5BFalse%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),$,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-724",class:"eita",graph:"flowchart%20TD%0A%20SoftwareInstall%20--%3E%20Detect%7BSoftware%20Installed%3F%7D%0A%20Detect%20--%3E%20%7CNo%7C%20Install%0A%20Detect%20--%3E%20%7CYes%7C%20HasConfigurationTask%7BHas%20Configuration%20Task%3F%7D%0A%20Install%20--%3E%20PostInstallDetect%7BSoftware%20Installed%3F%7D%0A%20PostInstallDetect%20--%3E%20%7CYes%7CHasConfigurationTask%0A%20HasConfigurationTask%20--%3E%20%7CYes%7C%20MaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20RunSetScript(Run%20Set%20Script)%0A%20RunSetScript%20--%3E%20PostMaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20Non-Compliant%0A%20PostInstallDetect%20--%3E%20%7CNo%7C%20Non-Compliant%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ee,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-749",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%5D%20--%3E%20D%5BCustom%20Detection%20Script%5D%0A%20%20%20%20C%20--%3EE%5BDefault%20Uninstall%20Script%5D%0A%20%20%20%20C%20--%3E%20F%5BAuto-Update%20Script%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),te,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-817",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%20Version%5D%20--%3E%20Install%0A%20%20%20%20C%20--%3E%20Uninstall%0A%20%20%20%20C%20--%3E%20Upgrade%0A%20%20%20%20C%20--%3E%20Repair%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ae,ne,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-824",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20Get%0A%20%20%20%20C%20--%3E%20Set%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),se,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-828",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20S%5BCombined%20Script%20with%20%24method%20parameter%20containing%20'get'%2C'set'%2C%20or%20'test'%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),oe,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-968",class:"eita",graph:"graph%20TD%0A%20%20%20%20CheckImmyAgentLogs%5BCheck%20ImmyAgent%20Logs%20in%20C%3A%5CProgramData%5CImmyBot%5CLogs%5D%20--%3E%20DidEphemeralAgentStart%5BImmybot.Agent.Ephemeral.exe%20start%3F%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CYes%7CCheckEphemeralAgentLogs%5BCheck%20Ephemeral%20Agent%20logs%20in%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.log%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CNo%7CBlockedBySecuritySoftware%5BExclude%20Script%20Path%20from%20Security%20Software%5D%0A%20%20%20%20CheckEphemeralAgentLogs%20--%3E%20EphemeralAgentConnect%5BDid%20Ephemeral%20Agent%20Websocket%20Connect%3F%5D%0A%20%20%20%20EphemeralAgentConnect%20--%3E%7CYes%7CDidSuccessfullyIdentifyAfterFix%0A%20%20%20%20EphemeralAgentConnect%20--%3E%20%7CNo%7CTryNoSSLInspect%5BPut%20on%20network%20without%20SSL%20Inspection%5D%0A%20%20%20%20TryNoSSLInspect%20--%3E%20DidSuccessfullyIdentifyAfterFix%5BEphemeral%20Agent%20Connect%20After%20Fix%3F%5D%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CNo%7CEmailSupport%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CYes%7CDone%0A%20%20%20%20EmailSupport%5B%22Email%20logs%20from%20C%3A%5CProgramData%5CImmyBot%5CLogs%20and%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.logs%20to%20support%40immy.bot%22%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ie,re,le,ce,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-1009",class:"eita",graph:"graph%20LR%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CAutomate%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Automate%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CControl%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Control%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CImmyAgent%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20ImmyAgent%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CN-Central%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20N-Central%5D%0A%20%20%20%20Automate%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Control%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20ImmyAgent%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20N-Central%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Immybot.Agent.Ephemeral.exe%20--%3E%20cmd.exe%20--%3E%20powershell.exe%20--%3E%20Invoke-PSPipeHost.ps1%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),pe])}const we=c(H,[["render",de]]);export{Ae as __pageData,we as default}; +import{_ as c,C as p,o as n,c as d,b as o,w as t,a0 as i,k as e,a,Q as l,H as r}from"./chunks/framework.392dd896.js";const u="/assets/2021-03-15-08-26-56.2fb0251e.png",h="/assets/2021-03-15-08-27-10.f06a1b7d.png",m="/assets/2021-03-15-08-27-20.9abc2370.png",g="/assets/2021-03-15-08-27-29.3495b43a.png",f="/assets/2021-03-15-08-29-07.c9d36958.png",y="/assets/2021-03-15-08-29-35.7ba594f8.png",b="/assets/2021-03-15-08-29-41.6717b610.png",A="/assets/2021-03-15-08-30-29.e8f8369b.png",w="/assets/2021-03-15-08-47-28.29c6e137.png",C="/assets/2021-03-15-08-37-50.56c2d07c.png",k="/assets/LoginImg1.d2afdd32.png",q="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMcAAACLCAMAAADiQX3jAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAADbUExURTpCSPHy8hIVJvn5+yImKv///y40OCCp2SQoLC40OiDf+SSt3v/0zv/79YWp2hkcKfH//jGRzt3//oGHiYTp/f/x8dvd2/Dp6vHJiyCq77y+w6nd+eDh45FCSInN5dqtLsfR3PzgtSLN9Di45PL/4YEoLMX5/83z/4nN9DpEm6/r/2vI5d+3SMaGLOrJoKmq2qLD383p+LNCSCQorVK+5P//+WCq152iqqgoLHF3fkBPZR4iMiQwfaqxtzN7tjpCuXJfUMGjb5MooseOLLaqlFXW9ZNCm/n15VJCSJfHF6wAAATxSURBVHja7ZyLW6pIGMZBZoRUAgzB1FWxMtPyskVl1unUnl39//+i/Ybxghd2fbwynu+FvDAG8/P93hnQ51FST0MSciAHciAHciAHciBH3DgsYW+xrgTiuOoWLYEwyhEcf1Pq610hENjbXXaXOZ56jlXLUgBx1XSz9DzXmNIVXXci95kanh/FDVle4rgEBCdFmfTzOoOZ62juXK2ZkSA1/RgcZXcFB7PCqZmMI/cEHLkFP6CjthvpR+78OBhjjnCkbdN9TjcZRxXeeqW73NGmC67pOqOpQ51V4X+Gtq7nOOak6aAYy36orVbrWU3bAcETexwmZR2tmdXLrAP9LVzWWd9zHdWGnl/WXYY5bjrYLMgxljmYE6WnYllNN4pQV9SvzvnhUx+2BLbYbs3sQKDqjmrnuFeAOW46ZMZl2V3iYDEv2Wy0gg7T7mLQUzzINjRDfngcoMwCjprMOMZN6mFBwhzWmENpBCkPkg5E7oogp3g/Az/U5sQPnftxxJyHp49Wy6ZTdaYBmfODhYDdBfnQWT6qwbZxPg4/fcir5vMZh9+JGFhrps+Sk677PnuNnav7zDg+DPgLoTrKPBhMIYqpKOzPfV5vR/bBi2kRZDfnu8fmiDxPFI1j7euPDU/i9zb/LV4QStv0Eq8HxeGwjsdh/U5+WOJzWDGmkba1wIoYZY/OYcU/1CsOLR3iMPv5NNRap67WKRErhvkQfUY/xXlQaD8k6QyW4Ga2hNfoZfPG3S5sRaFQKBQKhUKhUKjjyzKVfLc0UXskLgdtF6ffFGb+mGu8Cp5/Zu/jz/HDKX09FwqFj2D9NVrBEYK+/jPGKCMpGdEiEAfzo38xUX8Vx93tPSs/en8FlefFOB/N6RfpK/MBHAzl8yvOfgBHvpFTFL56kRzt+OcjWrO6urv1vVhzvF1c/FyDA9T0Yl5X7aIyUVRdfYIZDW8U83wE86DC1sWcB3PjP5CPOp8jm7Edr+4Kha+3qHEXhUKhUCgUCoVCoX5faach5EAO5EAO5EAO5EAO5EAO5BCf4/3l180pcKSpWTFOgoNWVm7Os7tiXnSO3PXrKXComZ4nCsd713GcHqVDuGuPCJnDy3xnK5zjMUuhyNKZG82S/yKP2Ycd9o4wGYZBIrQWx4/xz38o7KvyV7Lgx016+DoAjsdshXUeVtKgecPK3OyYQzMKH8ZWHNnZ738scrC3HyCK3AitnCfFCilWPQKPyI79SFDF0LbgGMzyMeBP5vwglvlQzIMJTJ5W9h6d7+vv3gPZtR8JShPb+PGf4xVwkEamlx+kPcKOp1nXHTCl7bxq2s79oAltTxzghzZ4v6VBPgLz3nuQclX2tL1wRER9F37AUSwzD0aYPtUfmDus1CpkLxwfL4YkAYu2GQchljxcOZCyXRBjEOx4dkhCyH78gFUpcZSN/Fijb2T6Um3XGGGOAUfRNqwrou24a1twDJYGLlGuPyYcBqUS59CE5ihRKlNaENcPGHDZPDiVoH4YBbmfmOMggnJANUnC+0EGZy6lrvh+EONNCVFQRVAOAOmHOUqi+gEgLyGOD0NUPwDEmXFIRNT5HDgkeYLxYmiaqHXFBq0qx7hIbHreHgM/NPaBSb/qFF4kIwAT9fwqmA8ToMESRpjjLM5KJpNww+4C8S0hzV4Zf47kFCREJB4HB+Gr0By8+6soxOM4+1+OfwEpAm/RE8H59wAAAABJRU5ErkJggg==",S="/assets/LoginImg3.0cee540d.png",P="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAuoAAAA3CAMAAABthp9MAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAAGDUExURfX19SCp2Tqx2/Pz8/Hx8TJ6t/lsa93d3f1CQv///yer2fd5eCOp2flvbjev2vV7ezIyMi6t2TSv2vd1de/v7+rq6mqr4vdxcPhzcvb1y+OrayKj0a3h9TKNy4vH9cv2+SGYwsuNMvf25TKv2vXHi8fHyKtqMuP19jNrqhdylPfhrNDQ0BRkgbGxsR+Ms9XV1RyBpKipqbm5ueLi4osyMosyao+Pj6Chodva24iJjL++wPd8e5WWlpubm//p6P76/Ojn5xtgeuVMTvZ/fLBpbOD//Z91fIrO5uXm5vaytTJ614iGh2wyizep0TIyi7Pt//Pd2WoyMjG07c9XW7F7tt/Nt/WhoTJ644vh+8y0tfPDzv//+Tc/aoODhfpZWfT/9Mdpa5Sy0vpHR/RFRo96vECgxPeEiVqPs81KTi7R9W1ZZXOSqPH//8bn759LVTpqc2huoGoyakvL8HXC3fd0x6BcY/7OqP/HcKvHq/d0s/fX0t/g6PPu8t3f2auNMv3v/a+bmx/vpTsAAAtASURBVHja7Z2LQ9rIFsaDE0WRp/JQo6CIT1DwsYquiosoIJu21j6sVmtFq9ZXb7vbe9uu2/7p95zJa1D04q0IuvMlMZNhkp3O/PhyJglZQWRk5uJ6sBIKUBe4GJl51R5UfTnqHHWOOkedV42jzlHnVeOoc9Q56hx13j8cdY467x+OOked88RR56hz1O9/UxIqjjrn6YGjDpBns38R4S5g56hz1CtXX0JE8UV93VfxLpydo85R/0kRTTeuLwH83O/q6+tfzP9VftY56hz1nwZdVCdG19Q37TLpkiQpBajXJ/clCbdd6eLlLokpSLItdcXly3LUOeq3B7r41bG1tWVbePEiu/7EI16E/lJ90xZ7jSZZlvdW84B6vj4ly5Bht6SLlbsspmDW5lhwLCwUWRy+LOGoc9Rvh3SMtVntbPkU6N0ig7yZ8fkCguU9KanumZySa2RAuGi5YqxrBW0OB7JebGq0cVfnqN8S6e51CjjDuvZnp65Ohz7O+Lypxs6aeqex7/Z+jd1u1Q5uqrleJq1g3YLjyqmOo34TnmpL1j/uWyi65x311wpA3qHQZwF66vNSjWxM8l4tU3YnJ8smzf6tdjt8KajTq6XZtd1uoP6r47J+VRaOOkf9dkzd7cls5etLFFC/Ved7tzl1tL9XI9sBV3D1zn0aqWta3ZdENdYx2UE0VFHPAuwaFgN1x9XiqHPUbwV1MPX4FkU0r82lKrm6vbQE0O9/uPB9WJoXlcDear9eBuqNjisnjjpH/ZZMfSzuu8B3nlmuY3+HfpzXihglt7JuCrupdNSvFkedo35LqJujP/6ngd/U8XcWniDrpqYme1OT3ASSP7afpJvUDW1dFPX1ubmvCzdBvcv7/zdAyOkt/RDBXv89QP1xAyi4W42oYzO3jndUKn7xmMPT29cxfu32hXzj452sRxRNcneTy96NVH88TmxsjEGim3LeTdeSEas3I9XNX74nEgnoqY2NRMgB247G5jKjfvZ7oPAQbVf2BLknqD8BjB9vvKpO1IO9RlMPYtu33RX5gHo8PD20vZrXbPty5FIq7hcK1X11S00umJpc3fJT6jWJt7jtcnXTfFe34erNjc0wN/6R0PW5keY1NpcX9f6/O0iJqAv3CPXatbnqRL2LaV5AndwZ6jSAAdRHZiaWllKp7dWDZIkgG2HNBUc39s+/kGSXrED9dBFR3+hxNX08eWvp7qa5bACjsN6cnVP12dFM80pz9dZf/rPi9LaOOx8FCtJwunRiiNLW0aWsnZgb7HU6lQYmof7Wcb92ZsUiUM6ZRqSxT6AbMJfuMrnSn4H8wRVapr+vylF/+uZZ7Ro0+fPa5cC348Tu4knDXO1L6IUnkBFfbADXrwTqCtghJzY1/sV+cfqxX+Av7TnstfKwDsPSaM/oyOzMxNTU5mYutwkC6FMU+nyxcWoJ3p7XrzvKLirD1WvW4A8KzN3FuLqqdRq/gFq1nJJcvXW8v29w5VEAT4+FaWzAdmhKvxB63Y5nzHX6gWbQof6+0KMA6WKKdgiEIg5t3uVvHccvSH9fsLd/EQOYwRU/7iOs95HqRv3l4qvlk93ateDuciCxC5tzmPec5gcSz2ofB3crgPp7xSJ+BARsdd3Vg8/6sJGx54K95XJ5vNhoDgPrI5OzszOgiYmJXG4qh9rMFXH6/PUuf1FLey6F9o/HwO83+2HfYsN3j1fuppnWy6h/V0hv+Hoz1H9pJ0gwhZRJI5VCm5fyi6D+qx3+yTREDHWort6HnMPMFBUGP/QNHqXaW38P0Fw4IuxM4PvxCU8B2EvVBrrOEzFQV819OfBc3TzEwerak5eYAR9UAPUz7ABBmCO0l/RYnbyh0Qw6DQmV64RJbyHFgfXRoRHAHTWrMw9Gj8Cj1S8t/QnQJ5P5y0Tnrx2fJo8slGoLXoFxdR+Cax8Liq8Xc/U/VNIbBptbboY6rP1KyMGk8cSIwQq1DqB1cAXtnWYqLYqowxcADsEWhUO0+du8IWUL96RnAQh8vMr593U7Earb1TGAOdyAmJFBfY227Nxy5VD3hmjLQTdgExqxOnbJI0SdCGVDndr62Hk03DM9PQoaAo0Ug55GNpsU+lTq9PTgIH9lPMNmJ5f2JRlgX+sjJ+2BxLdPlrWGt3aLRUWd6Kj76MSg3tLcouTdEHXCoh7q0MeahBozgTgFPJsZlqKX9//tZYsKYPRLgcEPbYrXk2AKXR2P8Hacsk4GFXeqStTbKeoA/OHcLhL9Ukf9ozJUrSTqpA3iQnTzAlenhqO4ejlRx+uNGYA9Gg6He1DT05T6C9DP5HToc5u/UZ29fp9aPb1qIItfhYMPtZ2dkuSyUD/BKJx4lVjdQifN1QmgrnDNoq7k+EoNYBhXN9Ljfp1foDXkVxzay6JOFLdmiwqhs/3vwdT7dsGI1f3kTbA3jdtt7cp/o4pdfTkAsQpehFljXR1j9QqjDguMjoDmEOvqdCm7q1PW3fPzmbGx8/N4nBJfyLwK/eyIavTg9JFIhMIemdr8LbKZKrjPZBj69o9YbLizU5ZcyvUXqqhJB93CuDqSjssXLVb/d4uvRcn7mQBGPVXqsfoKjvwJXlVx+g1XJ3hZRSsKH/rR+wnponH6OMY6ourqeAWmP6TvXb23kJ7TcL0h8Rcbq9c+hQHTxquXlUQdGvHRSa/TOQC9JHY56SUuPzbyZtldXf3JnNvjmfcA8BlAfsx8bj4Hm1ew16AfMZx+cgAUGYhEBo4mIpGzP4tde19dmpidHEDUJclyeKyjfm6B6EVdLEys7lP0JWGg7qPw+0p6MIBckWa2iUBKaIsrsuk4VP30uPrGpMK9ejDgDZ1JYXv33clbJ+gP7pB3tweQRyH0wDwgHz+PKlY/yjh9bAAnmJH72e1L49JkKpebmJkcAdSH9yCAuYA6gG6lsFsZV/f5EO53uqsr274SUb9LVSXp/BmYG8BOeUfkkXmdehX6sfMepF5x+p5hUGw4FovtTR4dHa0WDkYPTs9yUxMzs5MjQ2jq4OpWU7pdk5eiblUWw9V9mtR7SJ9teg5/3IujXg67IsrZmv6sWmVehT7sgXg+Q53e3Nk5jBNVbOCAudOUP30PITw4+uTQ0Oj0MMYvskR93OKSLS5Jtko66JLFegl1m6/OZ7PZaMrGUeeo34nH64ENNXoxyoQ3UidOVODtST14OXiPY9VIBAx9dHo6HFY8HZC2wozCFFAuwQqRN1y9zsdONhSuYcPGUb/vPN2XnlJ8XiBx5e0Z1OklTZT1vOLqydPX9KoMDFkB9J5wNH7eiWUsVp10dW2xavAbrn7NxFHnqN8p8WYttAGnl8CTJZwR9hgF/VQ1dAA9FusJh6Pn5owHLd2Ks5U6uZJiVODqOKsrNaUmOeoc9YrV12KipALIgHo/jkSpnyucQ/wejZsz8x6322qS1IImK+5iUnHXsdcO6FPfb6QubKrOx1HnqFesvmlgGODFV3t1Dn9InUWokHMEffjTWMYDoIvutLXgdV5WJkXT2iuPSJZBW1+r6SxHnaNeufqmLYg5fYkdBOsDVDEKOgxEP6Ghi/THpWmLVVLedqfNSpoulrR+hVphvfiL7ESOOke98vUVPZloeJreRVVGouZvGRV05m4YYQe5Wja5cNFHIIVSswrLcdQ56pVCnf6yA++h4kjUTAMXsYw3eDnqHPUK1ZeArZ/jDdRoND6WyaiBi8BR5zw9PNTd8xl8PGxsbN7jEUWxzE/scNQ56pVCndBnIiE+ZwJ0jjrn6QGijr6OKrufc9Q56hWur/JoGP8/3HGeHjzqpf3kgaPOUedNyVHnqPP6ctQ56hx1jjpH/R+EOhfXg1Uh6g1cjMy8ag+pvv8F+STF7qscAzoAAAAASUVORK5CYII=",I="/assets/LoginImg6-1024x100.6ccd59bd.png",D="/assets/LoginImg7.89b175ee.png",v="/assets/2021-03-01-08-42-41.f112850c.png",x="/assets/2021-03-01-08-44-19.fd314a6e.png",T="/assets/2021-03-01-08-51-38.fd381118.png",E="/assets/2021-02-23-08-47-36.73267607.png",B="/assets/2021-02-23-08-46-09.2ba153f5.png",R="/assets/2021-02-23-09-44-51.fc7d2e9a.png",_="/assets/2021-02-23-06-14-05.c6df2604.png",M="/assets/2021-02-23-09-18-04.f3cfeb71.png",N="/assets/2021-02-23-09-15-27.9d3e5275.png",O="/assets/2021-03-01-14-17-29.551c1482.png",U="/assets/2021-02-23-06-18-23.eb252864.png",L="/assets/2021-02-23-06-34-22.e8ca6b95.png",F="/assets/2021-02-23-06-44-25.97ec0970.png",W="/assets/2021-02-23-06-45-47.69b854b1.png",Ae=JSON.parse('{"title":"Getting Started","description":"","frontmatter":{},"headers":[],"relativePath":"getting-started.md","filePath":"getting-started.md"}'),H={name:"getting-started.md"},G=e("h1",{id:"getting-started",tabindex:"-1"},[a("Getting Started "),e("a",{class:"header-anchor",href:"#getting-started","aria-label":'Permalink to "Getting Started"'},"​")],-1),j=e("h2",{id:"preface",tabindex:"-1"},[a("Preface "),e("a",{class:"header-anchor",href:"#preface","aria-label":'Permalink to "Preface"'},"​")],-1),V=e("p",null,"ImmyBot is a desired-state enforcement tool.",-1),X=e("p",null,"The goal of ImmyBot is to setup a computer knowing only the customer and the end user.",-1),Y=e("h3",{id:"thinking-with-immy",tabindex:"-1"},[a("Thinking with Immy "),e("a",{class:"header-anchor",href:"#thinking-with-immy","aria-label":'Permalink to "Thinking with Immy"'},"​")],-1),z=e("p",null,'Thinking with Immy means thinking in terms of how things "Should" be.',-1),Z=e("p",null,'You teach Immy how things "should" be by creating Deployments.',-1),J=e("p",null,'How things "Should" be is often dependent on external factors. For example',-1),K=e("ul",null,[e("li",null,"Customer A should have SentinelOne because they pay for it"),e("li",null,"Person A should have Visio 365 because he has a license for it")],-1),Q=e("p",null,"Luckily, deployments can be conditionally applied based on the result of scripts that reach out to external sources",-1),$=l("",108),ee=l("",8),te=l("",13),ae=e("h3",{id:"task",tabindex:"-1"},[a("Task "),e("a",{class:"header-anchor",href:"#task","aria-label":'Permalink to "Task"'},"​")],-1),ne=e("p",null,"A Task (aka Mainenance Task) is a catch-all for anything that isn't software.",-1),se=e("p",null,"or",-1),oe=l("",47),ie=e("p",null,"Top 3 reasons for Identification Failures",-1),re=e("ol",null,[e("li",null,"SSL Inspection blocking our websocket"),e("li",null,"Security Software blocking PowerShell"),e("li",null,"Incorrect time is preventing SSL/TLS connection")],-1),le=e("p",null,"To understand the various reasons identification can fail, it helps to understand how ImmyBot executions PowerShell",-1),ce=e("ol",null,[e("li",null,"RMM or ImmyAgent runs Immybot.Agent.Ephemeral.exe"),e("li",null,"Immybot.Agent.Ephemeral.exe establishes a secure websocket to wss://subdomain.immy.bot and runs Invoke-PSPipeHost.ps1"),e("li",null,"Immybot.Agent.Ephemeral.exe feeds Invoke-PSPipeHost.ps1 PowerShell over a pipe from the websocket session")],-1),pe=l("",37);function de(ue,he,me,ge,fe,ye){const s=p("Mermaid");return n(),d("div",null,[G,j,V,X,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-12",class:"eita",graph:"graph%20LR%0Asubgraph%20Input%0A%20%20%20%20User%5B%22End%20User%20(Optional)%22%5D%0A%20%20%20%20Customer%5BCustomer%5D%0Aend%0AUser%20--%3E%20Magic%20--%3E%20F%0Asubgraph%20Output%0A%20%20%20%20Customer%20--%3E%20User%0A%20%20%20%20F%5BPerfectly%20Setup%20Computer%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),Y,z,Z,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-22",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Deployment%22%0A%20%20%20%20Input%5B%22Software%20or%20Task%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState%5B%22Desired%20State%22%5D%20--%3E%7Con%7C%20Group%5B%22One%20or%20More%20Computers%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-23",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Adobe%20Reader%22%0A%20%20%20%20Input1%5B%22Adobe%20Reader%22%5D%20--%3E%7C%22Should%20Be%22%7C%20DesiredState1%5B%22Installed%22%5D%20--%3E%7Con%7C%20Group1%5B%22All%20Workstations%20and%20Portable%20Devices%22%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),J,K,Q,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-42",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Deployment%20Apply%3F%22%0A%20%20%20%20Input%20--%3E%20Metascript%0A%20%20%20%20Metascript%20--%3E%20True%0A%20%20%20%20Metascript%20--%3E%20False%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-43",class:"eita",graph:"graph%20LR%0Asubgraph%20%22Should%20Visio%20Install%3F%22%0A%20%20%20%20EndUser%5B%22Input%3A%20End%20User%22%5D%20--%3E%20Script%5B%22Graph%20API%20Script%3A%20Does%20End%20User%20have%20Visio%20License%3F%22%5D%0A%20%20%20%20Script%20--%3E%20True1%5BTrue%5D%0A%20%20%20%20Script%20--%3E%20False1%5BFalse%5D%0Aend%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),$,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-580",class:"eita",graph:"flowchart%20TD%0A%20SoftwareInstall%20--%3E%20Detect%7BSoftware%20Installed%3F%7D%0A%20Detect%20--%3E%20%7CNo%7C%20Install%0A%20Detect%20--%3E%20%7CYes%7C%20HasConfigurationTask%7BHas%20Configuration%20Task%3F%7D%0A%20Install%20--%3E%20PostInstallDetect%7BSoftware%20Installed%3F%7D%0A%20PostInstallDetect%20--%3E%20%7CYes%7CHasConfigurationTask%0A%20HasConfigurationTask%20--%3E%20%7CYes%7C%20MaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20MaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20RunSetScript(Run%20Set%20Script)%0A%20RunSetScript%20--%3E%20PostMaintenanceTaskTest%7BRun%20Test%20Script%7D%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24true%7C%20Compliant%0A%20PostMaintenanceTaskTest%20--%3E%20%7Creturn%20%24false%7C%20Non-Compliant%0A%20PostInstallDetect%20--%3E%20%7CNo%7C%20Non-Compliant%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ee,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-605",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%5D%20--%3E%20D%5BCustom%20Detection%20Script%5D%0A%20%20%20%20C%20--%3EE%5BDefault%20Uninstall%20Script%5D%0A%20%20%20%20C%20--%3E%20F%5BAuto-Update%20Script%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),te,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-673",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BSoftware%20Version%5D%20--%3E%20Install%0A%20%20%20%20C%20--%3E%20Uninstall%0A%20%20%20%20C%20--%3E%20Upgrade%0A%20%20%20%20C%20--%3E%20Repair%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ae,ne,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-680",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20Get%0A%20%20%20%20C%20--%3E%20Set%0A%20%20%20%20C%20--%3E%20Test%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),se,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-684",class:"eita",graph:"graph%20TD%0A%20%20%20%20C%5BTask%5D%0A%20%20%20%20C%20--%3E%20S%5BCombined%20Script%20with%20%24method%20parameter%20containing%20'get'%2C'set'%2C%20or%20'test'%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),oe,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-824",class:"eita",graph:"graph%20TD%0A%20%20%20%20CheckImmyAgentLogs%5BCheck%20ImmyAgent%20Logs%20in%20C%3A%5CProgramData%5CImmyBot%5CLogs%5D%20--%3E%20DidEphemeralAgentStart%5BImmybot.Agent.Ephemeral.exe%20start%3F%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CYes%7CCheckEphemeralAgentLogs%5BCheck%20Ephemeral%20Agent%20logs%20in%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.log%5D%0A%20%20%20%20DidEphemeralAgentStart%20--%3E%20%7CNo%7CBlockedBySecuritySoftware%5BExclude%20Script%20Path%20from%20Security%20Software%5D%0A%20%20%20%20CheckEphemeralAgentLogs%20--%3E%20EphemeralAgentConnect%5BDid%20Ephemeral%20Agent%20Websocket%20Connect%3F%5D%0A%20%20%20%20EphemeralAgentConnect%20--%3E%7CYes%7CDidSuccessfullyIdentifyAfterFix%0A%20%20%20%20EphemeralAgentConnect%20--%3E%20%7CNo%7CTryNoSSLInspect%5BPut%20on%20network%20without%20SSL%20Inspection%5D%0A%20%20%20%20TryNoSSLInspect%20--%3E%20DidSuccessfullyIdentifyAfterFix%5BEphemeral%20Agent%20Connect%20After%20Fix%3F%5D%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CNo%7CEmailSupport%0A%20%20%20%20DidSuccessfullyIdentifyAfterFix%5BMachine%20Identify%20Successfully%3F%5D%20--%3E%20%7CYes%7CDone%0A%20%20%20%20EmailSupport%5B%22Email%20logs%20from%20C%3A%5CProgramData%5CImmyBot%5CLogs%20and%20C%3A%5CProgramData%5CImmyBot%5CScripts%5C*%5C*.logs%20to%20support%40immy.bot%22%5D%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),ie,re,le,ce,(n(),o(i,null,{default:t(()=>[r(s,{id:"mermaid-865",class:"eita",graph:"graph%20LR%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CAutomate%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Automate%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CControl%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20Control%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CImmyAgent%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20ImmyAgent%5D%0A%20%20%20%20ImmyBot%20--%3E%20%7CParallel%7CN-Central%5BRun%20script%20to%20download%20and%20run%20Ephemeral%20Agent%20via%20N-Central%5D%0A%20%20%20%20Automate%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Control%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20ImmyAgent%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20N-Central%20--%3E%20Immybot.Agent.Ephemeral.exe%0A%20%20%20%20Immybot.Agent.Ephemeral.exe%20--%3E%20cmd.exe%20--%3E%20powershell.exe%20--%3E%20Invoke-PSPipeHost.ps1%0A"})]),fallback:t(()=>[a(" Loading... ")]),_:1})),pe])}const we=c(H,[["render",de]]);export{Ae as __pageData,we as default}; diff --git a/azure-graph-permissions-setup.html b/azure-graph-permissions-setup.html index 84112ac0..d4da99c3 100644 --- a/azure-graph-permissions-setup.html +++ b/azure-graph-permissions-setup.html @@ -39,7 +39,7 @@
immy.bot

Appearance

AzureAD/365 Graph Permissions

Your first ImmyBot tenant will be automatically linked to the Azure tenant that you signed up for ImmyBot with. You can link other ImmyBot tenants to Azure from the tenant Azure tab.

Linking to an Azure Tenant

After creating an ImmyBot tenant, link it to an Azure tenant by navigating to the Azure tab in ImmyBot and entering the Azure tenant's principal id or domain and clicking Save.

Azure Permission Level

Once your ImmyBot tenant has been linked to Azure, you can set the Azure Permission Level from the tenant Azure tab. This allows ImmyBot to:

  1. Sync all users from the Azure tenant
  2. Sync all users from your customer's tenants (if your Azure tenant is a Partner tenant)
  3. Install the 365 applications a user is licensed for (Apps for business/Apps for entrprise/Project/Visio)
  4. Deploy software to Teams, On-Premises Security Groups (Ex. Everyone in the Engineering Team gets AutoCAD 2022)

The Azure Permission Level has two modes: Default and Custom

NB: In both the Default and Custom modes, you must manually provide consent for each customer you want to sync!
NB: When consenting to an Azure customer, you must authenticate using an administrator account from that customer!
Consent can be initiated from within ImmyBot by clicking on the Consent (or Reconsent) button for the customer on either the Azure Settings page or on the Azure tab of the ImmyBot tenant linked to the customer.

Default

In this mode, you don't need to create an app registration. You consent as an administrator, allowing ImmyBot access users in your tenant and your customers tenants (if you have established GDAP relationships with your customers and have consented with an admin from that customer).

Custom

In this mode, you create an App Registration and provide its Application (client) Id and Secret to ImmyBot, allowing you to customize the permissions Immy has to you and your customer's environments.

Create an App Registration

Navigate to: https://aad.portal.azure.com/

Important! Your app registration must have a Web redirect uri of https://<your-domain>.immy.bot/consent-callback, replacing <your-domain> appropriately

Grant Permissions

See the screenshots below for the minimum permissions.

image

image

Create Client Secret

Assign GDAP Permissions to ImmyBot Service Principal

  • Create a Security Group in Azure AD called "ImmyBot Security Group"
  • Add the ImmyBot Service Principal to that group
  • For each customer in the Partner Center, add the "ImmyBot Security Group" and add the "Directory Readers" and "Global Reader" role.

Copy the Application (client) ID and Client Secret Value into the form in ImmyBot.

Common Issues

AADSTS500113: No reply address is registered for the application

This error occurs when the redirect uri is not set correctly on the custom app registration. Please follow these steps to set the redirect uri correctly:

  1. Navigate to the Azure Portal
  2. Navigate to the Microsoft Entra ID blade
  3. Navigate to the App Registrations blade
  4. Select the app registration you created for ImmyBot
    • You may need to change the filter to "All Applications"
    • You can paste the Application (client) ID of your custom app registration into the search box to find it
  5. Navigate to the Authentication blade
  6. Add a new redirect uri
    • Select "Web" as the type
    • Enter https://<your-domain>.immy.bot/consent-callback as the redirect uri, replacing <your-domain> appropriately
  7. Click "Save"
- + \ No newline at end of file diff --git a/build-your-own-integration.html b/build-your-own-integration.html index fd83873b..ce9f5de2 100644 --- a/build-your-own-integration.html +++ b/build-your-own-integration.html @@ -885,7 +885,7 @@ } $Integrationimage - + \ No newline at end of file diff --git a/connectwise-automate-integration-setup.html b/connectwise-automate-integration-setup.html index 3cbac6b5..428840d9 100644 --- a/connectwise-automate-integration-setup.html +++ b/connectwise-automate-integration-setup.html @@ -41,7 +41,7 @@
immy.bot

Appearance

ConnectWise Automate

Setting up this integration allows you to

  1. Import customers from Automate
  2. Import computers from Automate
  3. Manage all computers in Automate without deploying the ImmyBot Agent
  4. Map customers from Manage to ImmyBot tenant based on existing Automate<->Manage relationship

Create ImmyBot Role

ImmyBot requires the following permissions in Automate

  • Core
    • Clients.Read
    • Clients.Show All
    • Computers.Show All
    • Computers.Edit (For moving existing computers to new locations
    • Computers.Delete (For retiring duplicate computers)
    • Groups.Show All
    • Locations.Show All
    • Patch Manager.Read (Required if you want Immy to apply approved Windows Updates)

Immy-CWA-User Class Manager-Permissions

Create ImmyBot User

Enable Google MFA for ImmyBot User

The integration requires Google for MFA. Duo is not supported as Duo does not expose the MFA token anywhere for us to use and doesn't appear to be the standard TOTP like Google uses. You will need to exclude the integration user from your Duo deployment if using Duo and configure the Google MFA plugin for Automate for this user.

image

Import your customers

Alternatively, you can create/map only certain customers.

When you map a customer from an RMM, the computers will undergo Identification

- + \ No newline at end of file diff --git a/connectwise-control-integration-setup.html b/connectwise-control-integration-setup.html index d53c9f9e..d0637c4d 100644 --- a/connectwise-control-integration-setup.html +++ b/connectwise-control-integration-setup.html @@ -58,7 +58,7 @@ DELETE FROM SessionConnectionEvent WHERE (EventType = 70) AND (Time < DATETIME('now', '-7 day')) - + \ No newline at end of file diff --git a/connectwise-manage-integration-setup.html b/connectwise-manage-integration-setup.html index 581bb6d9..8d3a0faa 100644 --- a/connectwise-manage-integration-setup.html +++ b/connectwise-manage-integration-setup.html @@ -39,7 +39,7 @@
immy.bot

Appearance

ConnectWise Manage

Setting up this integration allows you to

  1. Deploy Software to machines covered by a certain agreement type
  • Example: Deploy Huntress to all customers with a Managed Security Agreement
  1. (Preferred) Deploy Software to machines covered by an Agreement with a specific Addition
  • Example: Deploy SentinelOne to all computers that have SentinelOne as an Addition on their agreement

If you use Automate, setup the Automate integration first and import your customers from there. Importing customers from Manage generally results in many unnecessary Tenants being created in ImmyBot. You can link Automate to Manage to leverage the existing mappings between Automate<->Manage instead of manually mapping your Manage customers

Create an ImmyBot Role with the following permissions

  • Company -> Company Maintenance -> Inquire Level (All)
  • Finance -> Agreements -> Inquire Level (All)
  • Procurement -> Product Catalog -> Inquire Level (All)
  • Procurement -> Product -> Inquire Level (All)
  • System -> API Reports -> Inquire Level (All)

Create an API Member

Go to System -> Members and create a new API Member

Create a new API key

Plugin the API Keys in ImmyBot

Create a new PSA Link and fill in the Provider Info

- + \ No newline at end of file diff --git a/getting-started.html b/getting-started.html index 3f597380..b3f77925 100644 --- a/getting-started.html +++ b/getting-started.html @@ -32,13 +32,13 @@ - + -
immy.bot

Appearance

Getting Started

Preface

ImmyBot is a desired-state enforcement tool.

The goal of ImmyBot is to setup a computer knowing only the customer and the end user.

null

Thinking with Immy

Thinking with Immy means thinking in terms of how things "Should" be.

You teach Immy how things "should" be by creating Deployments.

null
null

How things "Should" be is often dependent on external factors. For example

  • Customer A should have SentinelOne because they pay for it
  • Person A should have Visio 365 because he has a license for it

Luckily, deployments can be conditionally applied based on the result of scripts that reach out to external sources

null
null

This is out of the box functionality in ImmyBot. I'm just showing you how it works to illustrate the power of the rules engine.

Overview

ImmyBot deploys 2 things:

  1. Software
  2. Tasks

Tasks are for anything that isn’t software, think Bitlocker, Power Options, etc.

  • You can use Tasks to configure software by selecting a "Configuration Task" for the software
  • Configuration Tasks are useful for configuring the application (even if the application wasn't installed by ImmyBot)
  • Configuration Tasks run after Immy determines the software is installed
  • Configuration Task parameters are available in all scripts related to the software

ImmyBot tests everything it does before and after it does it.

  • Software
    • Version Detection - Runs before install to determine if installation is necessary, and after to verify the desired version is installed
      • DisplayName
        • Contains
        • Regex
        • Traditional (Wildcard *)
      • UpgradeCode (For MSI based installs)
      • Script
        • Must return a version or null
    • Test Script - If software is installed, the failure of this test (the test script returning $false) will trigger a "Repair" action (default Uninstall/Install) of the application
      • Example: Check to verify Foxit PDF Editor is the Preview handler extension is working in Windows Explorer, reinstalling the PDF Editor usually corrects this scenario
  • Tasks
    • Test script (When using separate scripts)
    • Combined script returns $false when $method is 'test'

Example: Adobe Reader

We find that most MSPs install Adobe Reader by default so ImmyBot includes a Recommended Deployment that states

  • "the latest version of Adobe Reader should be installed for all Workstations and Portable Devices"

When this rule applies (i.e. it isn't disabled or overridden by a more specific rule) ImmyBot will do the following:

  1. Find the latest available version of Adobe Reader by running the Adobe Reader "dynamic version" script that uses a public API to return the latest full version number of Adobe Reader, as well as the URL to download it, the latest patch version of Adobe Reader, and the URL to download it.
  2. Determine the installed version (if any) by looking for Adobe Reader in Add/Remove Programs on the machine
  3. Queue an Install or Upgrade task (depending on the previous step)
  4. Set Adobe Reader to be the default PDF handler by running the "configuration task" that verifies that Reader is the default handler for .PDF files for each user on the machine.

Create your trial instance

If you don't already have an ImmyBot instance, sign-up for a trial at https://www.immy.bot/pricing

Make sure you use a valid Office 365 Email address otherwise you will not be able to login as we require SSO to Azure AD. You're welcome

You will receive a welcome email, click Setup ImmyBot:

Do something else for 6 minutes. Or 9 minutes if you are in Australia. It takes longer there for some reason.

You’ll receive this email when your instance is ready:

Setup your first Computer

When you first login to ImmyBot the Getting Started Wizard will be prompt you to create your ImmyBot flash drive, and plug it into the new computer.

THIS IS A ONE TIME PROCESS, YOU DO NOT NEED TO CREATE A FLASH DRIVE FOR EACH CLIENT. YOU WILL CHANGE THE CLIENT AFTER THE MACHINE IS IN IMMYBOT

image

We recommend unboxing a physical computer (Dell, HP, or Lenovo) so we can demonstrate applying the latest manufacturer BIOS and driver updates.

If you insist on testing on a virtual machine, do the following to receive the PPKG inside an ISO, then mount it to the VM, and press the Windows Key 5 times when you are at the Region Selection screen. If you are past the region selection screen, simply double click the PPKG from the mounted disk

image

image

Once the computer is identified, you will be directed to that computer to begin the Onboarding process:

image

ImmyBot needs:

  1. Customer
  2. Primary User (That will be using the computer, optional but recommended)

image

You only have one customer and one person right now, and it’s your MSP and you. That’s fine, we’ll pretend we’re setting up a computer for you and your MSP.

TIP

Customers can be imported from your RMM or PSA, or by setting up the Azure integration

TIP

People are imported from your customers' Azure AD via the Azure integration

An "Onboarding" session will be created for this computer, and ImmyBot will apply the "Recommended Deployments"

TIP

You can add your own Deployments and re-run this session as many times as you like until everything is to your liking.

Onboarding

Onboarding is the process of specifying inputs like Customer and Primary user, and running the a Maintenance Session to bring a machine into compliance with the Deployments associated with those inputs.

TIP

You may have customers that setup their own machines and install your RMM agent. To prevent these machines from building up in the New Computers area, you can disable Onboarding for that customer by going to Tenants -> Tenant Name -> Preferences -> Onboarding.

Tenants

These are your Customers. We recommend syncing Tenants from CW Automate or Azure.

User Computer Affinity

ImmyBot periodically runs whoami /upn on all computers and keeps a rolling list of the last 10 UPNs. It assigns the Primary User of the computer to the "Person" (Synced from Azure) with the matching UPN.

For environments without AzureAD, ImmyBot will lookup the UPN of the Person from a Domain Controller in the computer's Tenant

Create Profile for Primary User

This allows Immy to set default browser and pdf editors.

Remember how Microsoft made default PDF handler and default browser user level settings? These settings are stored in the profile of the user. Specifically in the user’s registry. But this is a new computer, and there is no user registry because the user hasn’t logged into the computer, and therefore a profile doesn’t exist for us to specify those settings. Rather than requiring you to ask the user for their password, we fetch their SID from AzureAD. If we find that the user is synced from Active Directory, we will use the SID from Active Directory. If the user is cloud only, we use their Azure AD SID. For the more discerning you may be wondering how we deal with the UserChoice hash, the anti-tamper mechanism preventing the automatic setting of these preferences.

Microsoft 365 Apps

Immy installs the apps the selected user is licensed for. Immy contains recommended deployments for

  • Apps for business
  • Apps for enterprise
  • Project
  • Visio

You may be tempted to disable these because you are afraid Immy will install all of these apps on every computer. These deployments are limited using a “Metascript” filter that reaches out to the Microsoft Graph API to determine whether the selected user has a license for the product in question.

Dell/Lenovo/HP Updates

ImmyBot will install the latest updates from Dell, HP, and Lenovo, including driver updates and BIOS updates.

You may be tempted to disable these Deployments as you don’t want HP updates applying to your Dell. This won’t happen. Each deployment uses a Filter script to ensure that these updates only apply to the appropriate machines

Adobe Reader

You may be tempted to disable this deployment because not all of your customers use Adobe Reader. You should instead leave it enabled and handle exceptions to the rule. See more under “Deployment Resolution”

Set Computer Name and Domain Join

This is one that I’d advise you to turn off, and instead customize for each customer. We leave it as a recommended deployment mostly to raise awareness that ImmyBot has the capability, but fully expect you to override it to suit your needs.

Testing with Windows Sandbox

Windows Sandbox is a fast loading disposable container in Windows that loses all settings when shutdown or restarted. It is very convenient for testing software deployments. It should be noted that not all software is compatible with Windows Sandbox, particular software that installs drivers or requires restarts.

If you haven't used Windows Sandbox before, you can enable it by opening Windows PowerShell as Admin and running the following command:

powershell
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart

Download Windows Sandbox file (.wsb)

Wait for ImmyBot Agent to install

Onboard the Sandbox

This will create an "Onboarding" Session (sessions are like running gpupdate) that will apply all applicable Deployments (deployments are like Group Policies)

Adding Users

Access Request

Have the person attempt to login to ImmyBot. Have them request access:

image

Approve that access from a yellow indicator at the top of the screen.

image

Manual

If you haven't consented to allow Immy to read your AzureAD, you'll need to know the users' Object ID:

Second, Make the Person a user

(Optional) Make that User an Admin.

User Roles

MSP Admin

  • Full Access, no restrictions

MSP Non-Admin

  • Cannot create/edit/delete Schedules
  • Cannot create/edit/delete Users
  • Cannot create/edit/delete Cross Tenant Deployments
  • Can create/edit/delete Single-Tenant and Individual Deployments
    • NOTE: You can disable this in Settings->Preferences with the "Allow Non-Admin Users to Manage Deployments" setting

Customer (Tenant) Admin

  • Can view/edit Computers, Schedules, Licenses and Deployments for their Tenant
  • Can create users in their tenant
  • Software they upload is owned by their tenant and are not visible to other tenants
  • Licenses they create are owned by their tenant and are not visible to other tenants

Customer (Tenant) Non-Admin

  • Cannot create Schedules
  • Cannot create Cross Tenant Deployments
  • Cannot create Users
  • Can create Deployments scoped to individual Computers and People

Terminology

Deployment

Deployments were originally called "Assignments" and are still called Assignments under the hood.

Note: You won't see the word "Assignment" in the user interface anywhere, but we plan to re-rename "Deployment" back to "Assignment" it in a future release.

A deployment is a rule that assigns Software or Tasks (Collectively known as "Maintenance Items") to a Target.

Deployments are conceptually similar to Group Policies in that they assign settings to a group of users or computers.

DO NOT BE AFRAID TO SAVE YOUR DEPLOYMENTS. THEY DO NOT APPLY AUTOMATICALLY.

If you DO want your Deployments to be applied automatically, you need to create a Schedule.

Deployment Resolution

Also known as

  • Creating Exceptions
  • "Winning" Deployments
  • Dealing with Snowflakes

Like Group Policies have a "Winning Policy", ImmyBot must have a "Winning Deployment" for a given Maintenance Item on a computer.

Let's say you have a customer "Contoso" that uses Adobe Acrobat instead of Adobe Reader, and you would like that to be installed instead.

First, create a Deployment that sets the desired state of Adobe Reader to Uninstalled for Contoso

Then, create a Deployment that Installs Adobe Acrobat for their computers

Target

A "Target" is a grouping of computers (or Tenants in the case of "Cloud Tasks")

ImmyBot's ability to resolve Targets to a group of computers is perhaps its most powerful feature.

For example, you can select a Group of users from AzureAD (which includes on-prem synced groups, and Teams) and ImmyBot will automatically resolve that to the list of computers in use by the people in that group.

If you enable PSA integration, a Target could be all computers covered under a certain type of Agreement, or computers covered by an Agreement that includes a certain product.

This is particularly useful for security software, help desk portals, or anything else in your stack that you may only want to be installed for customers that are paying you for it.

Conversely, you could use this feature remove your stack for customers you are offboarding. Simply create an "Offboarding" product in your PSA, and create a deployment for each of the pieces of software you would like removed setting the desired state to Uninstalled for all customers with the "Offboarding" product on their agreement. Note: ImmyBot even honors the date range on additions, making scheduled offboarding easier if say the customer wants your software removed on the last day of the month.

Maintenance Session

A Maintenance Session is conceptually similar to running gpupdate /force

In other systems, different types of maintenance happen on their own schedule. Windows Updates may run on Tuesday night, but Third Party updates may run on Wednesday night, and auto-fix tasks may run whenever an alert is fired for a failed monitor, which has its own polling interval.

By forcing all automation to happen in a sequential set of actions we call a Maintenance Session, we can deliver predictability not only as to what changes will be made, but also when.

This also provides a cohesive mechanism for setting up a new computer. At best in traditional RMMs you can assign Monitors that detect the absence of required software and run Install scripts when they are missing, but this doesn't scale as pre-requisites and exclusions are required.

Imagine if Group Policy could reliably deploy any type of software, and gpupdate /force worked reliably off-net, and when you ran it, it gave you real-time feedback about exactly what it was doing. Also imagine that it could optionally notify the end user before and after with a branded email telling them exactly what is being done, that optionally lets them cancel.

That's a Maintenance Session.

You can view Maintenance Sessions for all computers under Computers->Sessions

Or, you can view Maintenance Sessions for a specific Computer under the Sessions tab for that Computer

Maintenance Session Stages

Detection Stage

During the Detection Stage, ImmyBot "Detects" which Maintenance Actions are necessary to bring the computer into compliance. These Actions are added to the Maintenance Session.

This is a read-only process, and typically done while the user is active. This is so ImmyBot can notify the user of changes that will occur later during the Execution Stage. By doing this during the day, and scheduling Execution for later, we are giving the end user the best possible chance to be aware of the upcoming maintenance, Postponing if you allow. The Postpone feature is very popular among engineers that do may need to leave renderings and analysis tasks running overnight.

Execution Stage

Maintenance Action

null

A Maintenance Session has one or more Maintenance Actions. A Maintenance Action could be to install software, apply a Windows Update, or run a Task.

The image below depicts a typical Maintenance Session with many Maintenance Actions

Software

Software, in the context of ImmyBot refers to Software objects in My Software or Global Software.

My Software - Initially empty. When you upload your own software to ImmyBot, it goes into My Software

Global Software - Read-Only, managed by the ImmyBot team.

At the bare minimum, Software requires a Detection Method. Software can have many Software Versions.

null

Pre-Requisities

This is a VERY powerful, and critically underrated feature in ImmyBot. ImmyBot resolves dependencies recursively, with built-in circular reference detection.

Common uses for Pre-Requisites include

  • Ensuring a piece of software is installed before installing another
    • C++ Redistributables before 3CX Client
    • Office is installed before an Outlook Add-in
  • Ensuring a piece of software is uninstalled before install another
    • Removing Adobe Acrobat Reader before installing Adobe Acrobat Professional

Install required dependencies

Ordering Maintenance Actions

Detection Method

A Detection Method is required in order to know whether or not a piece of Software is installed on a machine.

For Software, the detection method must returns the version of the software installed on the machine, if any.

For Tasks, the Detection Method is the "test" mechanism, which must return true or false to indicate whether or not the machine is in compliance.

Software Version

null

Task

A Task (aka Mainenance Task) is a catch-all for anything that isn't software.

null

or

null

Task Modes

Enforce

Runs the "test" script, if the test returns false, runs "set", then runs "test" again to verify.

Audit

Runs the "test" script which should return true or false. It can output whatever it wants, but the last output should be boolean.

Monitor

Runs the "get" script, which can return anything. Useful for collecting data like Bitlocker Keys, Quickbooks Licenses, or any other piece of information you are interested in.

Scripts

From the above diagrams, you can see that scripts are the building blocks for higher level objects like Software and Tasks.

Execution Context

System

Run as a service on the machine

User

Will attempt to run as the logged on user

Metascript

Runs in the ImmyBot backend, and can spawn code on the system by using Invoke-ImmyCommand

Cloud Script

Runs in the ImmyBot backend, but intended to be run against a Tenant (perhaps for the purpose of getting or setting some setting in 365/Azure or some other system with an API). These are used exclusively in Tasks targetting "Tenants".

Schedules

Used to run maintenance periodically on machines. Can optionally be limited to a single Maintenance Item.

NOTE You must also have a Deployment for the Maintenance Item to set the desired state. Imagine a scenario where you need to ensure a single piece of software is up-to-date on all computers except for a CNC machine. Create 2 deployments, the first setting the desired state to Installed->Latest for all computers, then a second stating that the desired state is Ignored for the CNC machine. When you create the schedule, the software will be ignored for the CNC machine.

Integrations

To ImmyBot, an RMM is a system that provides a list of computers, and a mechanism to run PowerShell scripts on them.

To avoid having to deploy the ImmyAgent to existing machines, ImmyBot optionally integrates with RMMs like ConnectWise Automate and ConnectWise Control and uses their agents instead. These systems are not as performant as the ImmyAgent, but can suppliment ImmyBot functionality.

For example, if you add an RMM Link for ConnectWise Control, you can open a remote session to the computer directly within ImmyBot:

If you add an RMM integration for ConnectWise Automate, Scheduled Maintenance Sessions will apply all Approved Windows Updates using the ConnectWise Automate API based on your Approval Policies in Automate Patch Manager.

You can even add multiple RMMs of the same type, which is often useful in merger and acquisition scenarios. You may choose to use ImmyBot as your single pane of glass to manage both, or simply let ImmyBot be a neutral third party for facilitating the consolidation of RMM agents to the parent company's RMM.

Identification

Because the same computer often exists in multiple RMMs (Like how CW Automate typically installs CW Control Automatically), ImmyBot prevents duplicates by identifying the computer by a unique id. We DO NOT use MAC Address! This unique id persists even if you wipe and reload the machine.

When a new machine is detected, it first goes to New Computers->Actively Identifying

It uses the following script to collect the UUID from the machine:

gwmi Win32_ComputerSystemProduct | select -expand UUID
gwmi Win32_ComputerSystemProduct | select -expand UUID

This value is static even if you wipe and reload the machine, although we have VERY rarely seen this value change following a BIOS upgrade or due to a mainboard fault. We chose this value instead of Mac Address or Hard Drive serial number because of issues other systems have with USB Ethernet cables and hard drive replacement. We did not use serialnumber because we learned that many computers do not have serial numbers.

In practice, this value works almost too well. Machines you just wiped and expect to find in New Computers, are often associated to their pre-wiped computer objects. To find them, you often have to search for the serial number of the computer in the Computer List. In 0.40.1 we began using the Windows OfflineInstallationID value to identify when an existing computer has been wiped so we can set its status to "Needs Onboarding" which causes it to show up under New Computers as expected.

If it is a machine ImmyBot has seen before, it will be associated to the existing Computer, and you will find a new entry under the Computer's Agents tab. Under the hood we call these entries "RmmComputers".

Computers can have one or more RmmComputers(Agents). You can think of these as logical "pathways" to the computer. We only need one to be online to function.

Identification Failures

Needs a Manual Decision

Generally you will click "Agent Re-installed"

Often when an RMM Agent gets re-installed, it will get a new id in the RMM (ComputerId in Automate, SessionID in Control). ImmyBot will recognize that it is the same computer, but due to the fact that virtualization technologies and hard drive cloning can lead to the same scenario, we require you to tell us whether we should overwrite the existing RmmComputer, or keep both. 99% of the time you will click "Overwrite Existing". If the machine was in fact cloned, you would click Keep Both, in which case Immy shims the duplicate UUID with its own to prevent collisions.

Pending Computers

Computers in the pending status have yet to be identified.

Computers may get stuck here if we are unable to run our Ephemeral Agent

null

Top 3 reasons for Identification Failures

  1. SSL Inspection blocking our websocket
  2. Security Software blocking PowerShell
  3. Incorrect time is preventing SSL/TLS connection

To understand the various reasons identification can fail, it helps to understand how ImmyBot executions PowerShell

  1. RMM or ImmyAgent runs Immybot.Agent.Ephemeral.exe
  2. Immybot.Agent.Ephemeral.exe establishes a secure websocket to wss://subdomain.immy.bot and runs Invoke-PSPipeHost.ps1
  3. Immybot.Agent.Ephemeral.exe feeds Invoke-PSPipeHost.ps1 PowerShell over a pipe from the websocket session
null

The most common cause of identification failure is security software.

To know if this is the case, pull the logs from C:\ProgramData\ImmyBotAgentService*.log

image

Normal Immybot Agent logs look like this:

2022-06-14 00:02:25.560 -05:00 [DBG] Hosting starting
+    
immy.bot
Appearance
Getting Started 
Preface 
ImmyBot is a desired-state enforcement tool.
The goal of ImmyBot is to setup a computer knowing only the customer and the end user.
null
Thinking with Immy 
Thinking with Immy means thinking in terms of how things "Should" be.
You teach Immy how things "should" be by creating Deployments.
null
null
How things "Should" be is often dependent on external factors. For example
  • Customer A should have SentinelOne because they pay for it
  • Person A should have Visio 365 because he has a license for it
Luckily, deployments can be conditionally applied based on the result of scripts that reach out to external sources
null
null
This is out of the box functionality in ImmyBot. I'm just showing you how it works to illustrate the power of the rules engine.
Overview 
ImmyBot deploys 2 things:
  1. Software
  2. Tasks
Tasks are for anything that isn’t software, think Bitlocker, Power Options, etc.
  • You can use Tasks to configure software by selecting a "Configuration Task" for the software
  • Configuration Tasks are useful for configuring the application (even if the application wasn't installed by ImmyBot)
  • Configuration Tasks run after Immy determines the software is installed
  • Configuration Task parameters are available in all scripts related to the software
ImmyBot tests everything it does before and after it does it.
  • Software 
    • Version Detection - Runs before install to determine if installation is necessary, and after to verify the desired version is installed 
      • DisplayName 
        • Contains
        • Regex
        • Traditional (Wildcard *)
      • UpgradeCode (For MSI based installs)
      • Script 
        • Must return a version or null
    • Test Script - If software is installed, the failure of this test (the test script returning $false) will trigger a "Repair" action (default Uninstall/Install) of the application 
      • Example: Check to verify Foxit PDF Editor is the Preview handler extension is working in Windows Explorer, reinstalling the PDF Editor usually corrects this scenario
  • Tasks 
    • Test script (When using separate scripts)
    • Combined script returns $false when $method is 'test'
Example: Adobe Reader 
We find that most MSPs install Adobe Reader by default so ImmyBot includes a Recommended Deployment that states
  • "the latest version of Adobe Reader should be installed for all Workstations and Portable Devices"
When this rule applies (i.e. it isn't disabled or overridden by a more specific rule) ImmyBot will do the following:
  1. Find the latest available version of Adobe Reader by running the Adobe Reader "dynamic version" script that uses a public API to return the latest full version number of Adobe Reader, as well as the URL to download it, the latest patch version of Adobe Reader, and the URL to download it.
  2. Determine the installed version (if any) by looking for Adobe Reader in Add/Remove Programs on the machine
  3. Queue an Install or Upgrade task (depending on the previous step)
  4. Set Adobe Reader to be the default PDF handler by running the "configuration task" that verifies that Reader is the default handler for .PDF files for each user on the machine.
Create your trial instance 
If you don't already have an ImmyBot instance, sign-up for a trial at https://www.immy.bot/pricing
Make sure you use a valid Office 365 Email address otherwise you will not be able to login as we require SSO to Azure AD. You're welcome
You will receive a welcome email, click Setup ImmyBot:
Do something else for 6 minutes. Or 9 minutes if you are in Australia. It takes longer there for some reason.
You’ll receive this email when your instance is ready:
Tenants 
These are your Customers. We recommend syncing Tenants from CW Automate or Azure.
User Computer Affinity 
ImmyBot periodically runs whoami /upn on all computers and keeps a rolling list of the last 10 UPNs. It assigns the Primary User of the computer to the "Person" (Synced from Azure) with the matching UPN.
For environments without AzureAD, ImmyBot will lookup the UPN of the Person from a Domain Controller in the computer's Tenant
Testing with Windows Sandbox 
Windows Sandbox is a fast loading disposable container in Windows that loses all settings when shutdown or restarted. It is very convenient for testing software deployments. It should be noted that not all software is compatible with Windows Sandbox, particular software that installs drivers or requires restarts.
If you haven't used Windows Sandbox before, you can enable it by opening Windows PowerShell as Admin and running the following command:
powershell
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart
Enable-WindowsOptionalFeature -FeatureName "Containers-DisposableClientVM" -All -Online -NoRestart
Download Windows Sandbox file (.wsb) 
Wait for ImmyBot Agent to install 
Onboard the Sandbox 
This will create an "Onboarding" Session (sessions are like running gpupdate) that will apply all applicable Deployments (deployments are like Group Policies)
Adding Users 
Access Request 
Have the person attempt to login to ImmyBot. Have them request access:
image
Approve that access from a yellow indicator at the top of the screen.
image
Manual 
If you haven't consented to allow Immy to read your AzureAD, you'll need to know the users' Object ID:
Second, Make the Person a user
(Optional) Make that User an Admin.
User Roles 
MSP Admin 
  • Full Access, no restrictions
MSP Non-Admin 
  • Cannot create/edit/delete Schedules
  • Cannot create/edit/delete Users
  • Cannot create/edit/delete Cross Tenant Deployments
  • Can create/edit/delete Single-Tenant and Individual Deployments 
    • NOTE: You can disable this in Settings->Preferences with the "Allow Non-Admin Users to Manage Deployments" setting
Customer (Tenant) Admin 
  • Can view/edit Computers, Schedules, Licenses and Deployments for their Tenant
  • Can create users in their tenant
  • Software they upload is owned by their tenant and are not visible to other tenants
  • Licenses they create are owned by their tenant and are not visible to other tenants
Customer (Tenant) Non-Admin 
  • Cannot create Schedules
  • Cannot create Cross Tenant Deployments
  • Cannot create Users
  • Can create Deployments scoped to individual Computers and People
Terminology 
Deployment 
Deployments were originally called "Assignments" and are still called Assignments under the hood.
Note: You won't see the word "Assignment" in the user interface anywhere, but we plan to re-rename "Deployment" back to "Assignment" it in a future release.
A deployment is a rule that assigns Software or Tasks (Collectively known as "Maintenance Items") to a Target.
Deployments are conceptually similar to Group Policies in that they assign settings to a group of users or computers.
DO NOT BE AFRAID TO SAVE YOUR DEPLOYMENTS. THEY DO NOT APPLY AUTOMATICALLY.
If you DO want your Deployments to be applied automatically, you need to create a Schedule.
Deployment Resolution 
Also known as
  • Creating Exceptions
  • "Winning" Deployments
  • Dealing with Snowflakes
Like Group Policies have a "Winning Policy", ImmyBot must have a "Winning Deployment" for a given Maintenance Item on a computer.
Let's say you have a customer "Contoso" that uses Adobe Acrobat instead of Adobe Reader, and you would like that to be installed instead.
First, create a Deployment that sets the desired state of Adobe Reader to Uninstalled for Contoso
Then, create a Deployment that Installs Adobe Acrobat for their computers
Target 
A "Target" is a grouping of computers (or Tenants in the case of "Cloud Tasks")
ImmyBot's ability to resolve Targets to a group of computers is perhaps its most powerful feature.
For example, you can select a Group of users from AzureAD (which includes on-prem synced groups, and Teams) and ImmyBot will automatically resolve that to the list of computers in use by the people in that group.
If you enable PSA integration, a Target could be all computers covered under a certain type of Agreement, or computers covered by an Agreement that includes a certain product.
This is particularly useful for security software, help desk portals, or anything else in your stack that you may only want to be installed for customers that are paying you for it.
Conversely, you could use this feature remove your stack for customers you are offboarding. Simply create an "Offboarding" product in your PSA, and create a deployment for each of the pieces of software you would like removed setting the desired state to Uninstalled for all customers with the "Offboarding" product on their agreement. Note: ImmyBot even honors the date range on additions, making scheduled offboarding easier if say the customer wants your software removed on the last day of the month.
Maintenance Session 
A Maintenance Session is conceptually similar to running gpupdate /force
In other systems, different types of maintenance happen on their own schedule. Windows Updates may run on Tuesday night, but Third Party updates may run on Wednesday night, and auto-fix tasks may run whenever an alert is fired for a failed monitor, which has its own polling interval.
By forcing all automation to happen in a sequential set of actions we call a Maintenance Session, we can deliver predictability not only as to what changes will be made, but also when.
This also provides a cohesive mechanism for setting up a new computer. At best in traditional RMMs you can assign Monitors that detect the absence of required software and run Install scripts when they are missing, but this doesn't scale as pre-requisites and exclusions are required.
Imagine if Group Policy could reliably deploy any type of software, and gpupdate /force worked reliably off-net, and when you ran it, it gave you real-time feedback about exactly what it was doing. Also imagine that it could optionally notify the end user before and after with a branded email telling them exactly what is being done, that optionally lets them cancel.
That's a Maintenance Session.
You can view Maintenance Sessions for all computers under Computers->Sessions
Or, you can view Maintenance Sessions for a specific Computer under the Sessions tab for that Computer
Maintenance Session Stages 
Detection Stage 
During the Detection Stage, ImmyBot "Detects" which Maintenance Actions are necessary to bring the computer into compliance. These Actions are added to the Maintenance Session.
This is a read-only process, and typically done while the user is active. This is so ImmyBot can notify the user of changes that will occur later during the Execution Stage. By doing this during the day, and scheduling Execution for later, we are giving the end user the best possible chance to be aware of the upcoming maintenance, Postponing if you allow. The Postpone feature is very popular among engineers that do may need to leave renderings and analysis tasks running overnight.
Execution Stage 
Maintenance Action 
null
A Maintenance Session has one or more Maintenance Actions. A Maintenance Action could be to install software, apply a Windows Update, or run a Task.
The image below depicts a typical Maintenance Session with many Maintenance Actions
Software 
Software, in the context of ImmyBot refers to Software objects in My Software or Global Software.
My Software - Initially empty. When you upload your own software to ImmyBot, it goes into My Software
Global Software - Read-Only, managed by the ImmyBot team.
At the bare minimum, Software requires a Detection Method. Software can have many Software Versions.
null
Pre-Requisities 
This is a VERY powerful, and critically underrated feature in ImmyBot. ImmyBot resolves dependencies recursively, with built-in circular reference detection.
Common uses for Pre-Requisites include
  • Ensuring a piece of software is installed before installing another 
    • C++ Redistributables before 3CX Client
    • Office is installed before an Outlook Add-in
  • Ensuring a piece of software is uninstalled before install another 
    • Removing Adobe Acrobat Reader before installing Adobe Acrobat Professional
Install required dependencies 
Ordering Maintenance Actions 
Detection Method 
A Detection Method is required in order to know whether or not a piece of Software is installed on a machine.
For Software, the detection method must returns the version of the software installed on the machine, if any.
For Tasks, the Detection Method is the "test" mechanism, which must return true or false to indicate whether or not the machine is in compliance.
Software Version 
null
Task 
A Task (aka Mainenance Task) is a catch-all for anything that isn't software.
null
or
null
Task Modes 
Enforce 
Runs the "test" script, if the test returns false, runs "set", then runs "test" again to verify.
Audit 
Runs the "test" script which should return true or false. It can output whatever it wants, but the last output should be boolean.
Monitor 
Runs the "get" script, which can return anything. Useful for collecting data like Bitlocker Keys, Quickbooks Licenses, or any other piece of information you are interested in.
Scripts 
From the above diagrams, you can see that scripts are the building blocks for higher level objects like Software and Tasks.
Execution Context 
System 
Run as a service on the machine
User 
Will attempt to run as the logged on user
Metascript 
Runs in the ImmyBot backend, and can spawn code on the system by using Invoke-ImmyCommand
Cloud Script 
Runs in the ImmyBot backend, but intended to be run against a Tenant (perhaps for the purpose of getting or setting some setting in 365/Azure or some other system with an API). These are used exclusively in Tasks targetting "Tenants".
Schedules 
Used to run maintenance periodically on machines. Can optionally be limited to a single Maintenance Item.
NOTE You must also have a Deployment for the Maintenance Item to set the desired state. Imagine a scenario where you need to ensure a single piece of software is up-to-date on all computers except for a CNC machine. Create 2 deployments, the first setting the desired state to Installed->Latest for all computers, then a second stating that the desired state is Ignored for the CNC machine. When you create the schedule, the software will be ignored for the CNC machine.
Integrations 
To ImmyBot, an RMM is a system that provides a list of computers, and a mechanism to run PowerShell scripts on them.
To avoid having to deploy the ImmyAgent to existing machines, ImmyBot optionally integrates with RMMs like ConnectWise Automate and ConnectWise Control and uses their agents instead. These systems are not as performant as the ImmyAgent, but can suppliment ImmyBot functionality.
For example, if you add an RMM Link for ConnectWise Control, you can open a remote session to the computer directly within ImmyBot:
If you add an RMM integration for ConnectWise Automate, Scheduled Maintenance Sessions will apply all Approved Windows Updates using the ConnectWise Automate API based on your Approval Policies in Automate Patch Manager.
You can even add multiple RMMs of the same type, which is often useful in merger and acquisition scenarios. You may choose to use ImmyBot as your single pane of glass to manage both, or simply let ImmyBot be a neutral third party for facilitating the consolidation of RMM agents to the parent company's RMM.
Identification 
Because the same computer often exists in multiple RMMs (Like how CW Automate typically installs CW Control Automatically), ImmyBot prevents duplicates by identifying the computer by a unique id. We DO NOT use MAC Address! This unique id persists even if you wipe and reload the machine.
When a new machine is detected, it first goes to New Computers->Actively Identifying 
It uses the following script to collect the UUID from the machine:
gwmi Win32_ComputerSystemProduct | select -expand UUID
gwmi Win32_ComputerSystemProduct | select -expand UUID
This value is static even if you wipe and reload the machine, although we have VERY rarely seen this value change following a BIOS upgrade or due to a mainboard fault. We chose this value instead of Mac Address or Hard Drive serial number because of issues other systems have with USB Ethernet cables and hard drive replacement. We did not use serialnumber because we learned that many computers do not have serial numbers.
In practice, this value works almost too well. Machines you just wiped and expect to find in New Computers, are often associated to their pre-wiped computer objects. To find them, you often have to search for the serial number of the computer in the Computer List. In 0.40.1 we began using the Windows OfflineInstallationID value to identify when an existing computer has been wiped so we can set its status to "Needs Onboarding" which causes it to show up under New Computers as expected.
If it is a machine ImmyBot has seen before, it will be associated to the existing Computer, and you will find a new entry under the Computer's Agents tab. Under the hood we call these entries "RmmComputers".
Computers can have one or more RmmComputers(Agents). You can think of these as logical "pathways" to the computer. We only need one to be online to function.
Identification Failures 
Needs a Manual Decision 
Generally you will click "Agent Re-installed"
Often when an RMM Agent gets re-installed, it will get a new id in the RMM (ComputerId in Automate, SessionID in Control). ImmyBot will recognize that it is the same computer, but due to the fact that virtualization technologies and hard drive cloning can lead to the same scenario, we require you to tell us whether we should overwrite the existing RmmComputer, or keep both. 99% of the time you will click "Overwrite Existing". If the machine was in fact cloned, you would click Keep Both, in which case Immy shims the duplicate UUID with its own to prevent collisions.
Pending Computers 
Computers in the pending status have yet to be identified.
Computers may get stuck here if we are unable to run our Ephemeral Agent
null
Top 3 reasons for Identification Failures
  1. SSL Inspection blocking our websocket
  2. Security Software blocking PowerShell
  3. Incorrect time is preventing SSL/TLS connection
To understand the various reasons identification can fail, it helps to understand how ImmyBot executions PowerShell
  1. RMM or ImmyAgent runs Immybot.Agent.Ephemeral.exe
  2. Immybot.Agent.Ephemeral.exe establishes a secure websocket to wss://subdomain.immy.bot and runs Invoke-PSPipeHost.ps1
  3. Immybot.Agent.Ephemeral.exe feeds Invoke-PSPipeHost.ps1 PowerShell over a pipe from the websocket session
null
The most common cause of identification failure is security software.
To know if this is the case, pull the logs from C:\ProgramData\ImmyBotAgentService*.log
image
Normal Immybot Agent logs look like this:
2022-06-14 00:02:25.560 -05:00 [DBG] Hosting starting
 2022-06-14 00:02:25.799 -05:00 [INF] Starting Immybot Agent
 2022-06-14 00:02:25.943 -05:00 [INF] Using configuration file stored at: C:\ProgramData\ImmyBotAgentService\config.json
 2022-06-14 00:02:26.875 -05:00 [DBG] Initializing IoT Hub connection
@@ -99,7 +99,7 @@
 2022-09-21 12:24:50.171 -04:00 [ERR] Application shutting down (App lifetime token cancelled)
 System.IO.IOException: Cannot access a closed stream.
 at System.Net.Http.HttpConnection.RawConnectionStream.WriteAsync(ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
To correct it, you need to bypass SSL Inspection for your instances hostnames/IPs, which are found under Show more > integrations > Fetch IP Address and Hostnames
Group Policy Objects 
Computer Configuration | Policies | Administrative Templates | Windows Components | Windows PowerShell | Turn on Script Execution (Enabled)
User Configuration | Policies | Administrative Templates | Windows Components | Windows PowerShell | Turn on Script Execution (Enabled)
These GPOs have been known to cause issues with running scripts.

-    
+    
     
   
 
\ No newline at end of file
diff --git a/halo-integration-setup.html b/halo-integration-setup.html
index 730ac44e..f938f49f 100644
--- a/halo-integration-setup.html
+++ b/halo-integration-setup.html
@@ -39,7 +39,7 @@
   
   
     
immy.bot
Appearance
HaloPSA 
Setting up this integration allows you to
  1. Deploy Software to machines covered by a certain contract type
  • Example: Deploy Huntress to all customers with a Managed Security Contract
  1. (Preferred) Deploy Software to machines covered by an Contract with a specific recurring invoice item
  • Example: Deploy SentinelOne to all computers that have SentinelOne on a recurring invoice as a recurring invoice item on their contract
Create an ImmyBot Application under /config/integrations/api/applications 
  • Under the details section, select the Client ID and Secret Authentication Method
  • Generate and copy the Client ID and Client Secret
  • The Login Type should be "Agent", and you should select an "Agent to log in as"
Permissions: 
  • read:customers -> Yes
  • read:contracts -> Yes
  • read:items -> Yes
  • edit:items -> Yes (*should not be needed > 2.99, API bug will not allow listing items without edit rights)
  • read:invoices -> Yes
  • read:software -> Yes
  • read:assets -> Yes (*future feature of the integration will include asset population, not currently necessary)
  • edit:assets -> Yes (*future feature of the integration will include asset population, not currently necessary)
Plug in the Client ID and Client Secret in ImmyBot 
Create a HaloPSA Integration Link and fill in the Integration Settings
image

-    
+    
     
   
 
\ No newline at end of file
diff --git a/hashmap.json b/hashmap.json
index 0d190cd0..0ed54bab 100644
--- a/hashmap.json
+++ b/hashmap.json
@@ -1 +1 @@
-{"index.md":"96f96509","ncentral-integration-setup.md":"3ada0ca9","readme.md":"438fc68f","connectwise-manage-integration-setup.md":"58b19d56","connectwise-automate-integration-setup.md":"8e02436d","halo-integration-setup.md":"88bc1610","connectwise-control-integration-setup.md":"b4f58595","immy-commands.md":"3f95c339","getting-started.md":"44572acc","faq.md":"5655e9f1","markdown-examples.md":"00357284","onboarding.md":"b74e2843","scripts.md":"fd0ba4eb","azure-graph-permissions-setup.md":"7788cfa1","build-your-own-integration.md":"b4fea51b","releases.md":"8453c9b0"}
+{"azure-graph-permissions-setup.md":"7788cfa1","readme.md":"438fc68f","connectwise-automate-integration-setup.md":"8e02436d","index.md":"96f96509","releases.md":"8453c9b0","immy-commands.md":"3f95c339","build-your-own-integration.md":"b4fea51b","getting-started.md":"f6513b7d","ncentral-integration-setup.md":"3ada0ca9","connectwise-control-integration-setup.md":"b4f58595","halo-integration-setup.md":"88bc1610","onboarding.md":"b74e2843","connectwise-manage-integration-setup.md":"58b19d56","faq.md":"5655e9f1","markdown-examples.md":"00357284","scripts.md":"fd0ba4eb"}
diff --git a/immy-commands.html b/immy-commands.html
index 6f64127c..02db49d4 100644
--- a/immy-commands.html
+++ b/immy-commands.html
@@ -193,7 +193,7 @@
 $versionString = $url -split '/' | select -Last 1 -Skip 1
 $latestVersion = $SoftwareVersions | sort SemanticVersion | select -last 1
 $createdVersion = Add-SoftwareVersion -SoftwareVersion $latestVersion -SemanticVersion  $versionString -Url $url

Get-AllLocalScripts

Coming Soon

Get-AllGlobalScripts

Coming Soon

CW Automate Commands

Invoke-CWAQuery

Coming Soon

Invoke-CWARestMethod

Coming Soon

Get-CWARestPages

Coming Soon

- + \ No newline at end of file diff --git a/index.html b/index.html index 70dd0d3d..98e3aa4b 100644 --- a/index.html +++ b/index.html @@ -39,7 +39,7 @@
immy.bot

Appearance

- + \ No newline at end of file diff --git a/markdown-examples.html b/markdown-examples.html index 603d35a4..b8f0e188 100644 --- a/markdown-examples.html +++ b/markdown-examples.html @@ -103,7 +103,7 @@ ::: details This is a details block. :::

Output

INFO

This is an info box.

TIP

This is a tip.

WARNING

This is a warning.

DANGER

This is a dangerous warning.

Details

This is a details block.

More

Check out the documentation for the full list of markdown extensions.

- + \ No newline at end of file diff --git a/ncentral-integration-setup.html b/ncentral-integration-setup.html index 76cc1636..246f5d6a 100644 --- a/ncentral-integration-setup.html +++ b/ncentral-integration-setup.html @@ -41,7 +41,7 @@
immy.bot

Appearance

N-Central Integration

Setting up this integration allows you to

  1. Import customers from N-Central
  2. Import computers from N-Central
  3. Manage all computers in N-Central without deploying the ImmyBot Agent

Create ImmyBot Role in N-Central

ImmyBot currently requires the following role permissions to operate correctly:

Devices

  • Devices View
    • All Devices -> Read Only
  • Direct Support
    • Command Prompt -> Manage
    • File System -> Manage
  • Remote Control
    • Custom -> Manage
    • Take Control -> Manage
  • Network Devices
    • Add/Import Devices -> Manage
    • Edit Device Settings -> Manage

Create an "ImmyBot" role in your N-Central instance using above roles.

Create ImmyBot user in N-Central

Create a new "ImmyBot" user in the instance with the "ImmyBot" role applied.

Login to the new ImmyBot user to get MFA code and accept EULA

Once you have created the new ImmyBot user account, you must attempt to login so that you may retrieve the MFA key, and complete any initial setup. After entering the accounts email and password, there will be a MFA QR code displayed. You MUST press the "CAN'T SCAN IT?" button to get the Base32-encoded MFA key. After saving the key, use a site such as this to get the current token from the key, or temporarily scan the QR code on a device to complete sign-in.

TIP

Make sure you accept the EULA when you login, otherwise the computers will not import!

Add integration for N-Central

After completing setup in N-Central, it's time to add the integration to ImmyBot. Navigate to the "Integrations" page in ImmyBot, and create a new "N-Central" integration. Input all the N-Central user account data to the fields on the right.

Press the "Verify Credentials" button, then, if completed successfully, press the button again to save the integration.

Import your customers

Alternatively, you can create/map only certain customers.

When you map a customer from an RMM, the computers will undergo Identification

Troubleshooting

My customers are showing up but no computers

Login to N-Central as the ImmyBot User and accept the EULA

- + \ No newline at end of file diff --git a/onboarding.html b/onboarding.html index e64f0008..10ea0fc1 100644 --- a/onboarding.html +++ b/onboarding.html @@ -39,7 +39,7 @@
immy.bot

Appearance

Setup your first Computer

When you first login to ImmyBot the Getting Started Wizard will be prompt you to create your ImmyBot flash drive, and plug it into the new computer.

THIS IS A ONE TIME PROCESS, YOU DO NOT NEED TO CREATE A FLASH DRIVE FOR EACH CLIENT. YOU WILL CHANGE THE CLIENT AFTER THE MACHINE IS IN IMMYBOT

image

We recommend unboxing a physical computer (Dell, HP, or Lenovo) so we can demonstrate applying the latest manufacturer BIOS and driver updates.

If you insist on testing on a virtual machine, do the following to receive the PPKG inside an ISO, then mount it to the VM, and press the Windows Key 5 times when you are at the Region Selection screen. If you are past the region selection screen, simply double click the PPKG from the mounted disk

image

image

Once the computer is identified, you will be directed to that computer to begin the Onboarding process:

image

ImmyBot needs:

  1. Customer
  2. Primary User (That will be using the computer, optional but recommended)

image

You only have one customer and one person right now, and it’s your MSP and you. That’s fine, we’ll pretend we’re setting up a computer for you and your MSP.

TIP

Customers can be imported from your RMM or PSA, or by setting up the Azure integration

TIP

People are imported from your customers' Azure AD via the Azure integration

An "Onboarding" session will be created for this computer, and ImmyBot will apply the "Recommended Deployments"

TIP

You can add your own Deployments and re-run this session as many times as you like until everything is to your liking.

- + \ No newline at end of file diff --git a/releases.html b/releases.html index e8ca7615..45a9190a 100644 --- a/releases.html +++ b/releases.html @@ -89,7 +89,7 @@ Invoke-RestMethod 'https://<yourvault>.vault.azure.net/secrets/secretname?api-version=7.1' -Header $Headers | Select -Expand Value

image

Access arbitrary Azure authenticated resource URIs

powershell
$Headers = Get-ImmyAzureAuthHeader -ResourceUri 'https://vault.azure.net'
 Invoke-RestMethod 'https://<yourvault>.vault.azure.net/secrets/secretname?api-version=7.1' -Header $Headers
$Headers = Get-ImmyAzureAuthHeader -ResourceUri 'https://vault.azure.net'
 Invoke-RestMethod 'https://<yourvault>.vault.azure.net/secrets/secretname?api-version=7.1' -Header $Headers

Improvements

Bug Fixes

0.37.10

Released 2020-12-15

Bug Fixes

0.37.9

Released 2020-12-14

Bug Fixes

0.37.8

Released 2020-12-12

New Features

Bug Fixes

0.37.7

Released 2020-12-10

Enhancements

Bug Fixes

0.37.6

Released 2020-12-09

Bug Fixes

Enhancements

0.37.5

Released 2020-12-08

New Features

Bug Fixes

Enhancements

0.37.4

Released 2020-12-08

Bug Fixes

0.37.3

Released 2020-12-01

Bug Fixes

0.37.2

Released 2020-11-24

Hotfixes

0.37.1

Released 2020-11-23

Hotfixes

0.37.0

Released 2020-11-23

Enhancements

Check out our new documentation site! https://docs.immy.bot/

Actionable Software Inventory
Automatic Onboarding
Script Engine

Stability

Hotfixes

Security

0.36.4

Released 2020-11-19

Bug Fixes

0.36.3

Released 2020-11-13

Bug Fixes

0.36.2

Released 2020-11-04

Bug Fixes

0.36.1

Released 2020-11-02

Bug Fixes

0.36.0

Released 2020-10-26

Features

Enhancements

Bug fixes

0.35.16

Released 2020-10-23

This is the first release in the release cycle

- + \ No newline at end of file diff --git a/scripts.html b/scripts.html index 0ac6a502..2c071b3c 100644 --- a/scripts.html +++ b/scripts.html @@ -121,7 +121,7 @@ extraQueryParameters = $null)] $OAuthInfo ) - + \ No newline at end of file