mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
a85a66272d
- @noahtalerman: I think we can merge in this PR before we dogfood the scripts ourselves. Dogfood request is here: https://github.com/fleetdm/fleet/issues/33170 --- - @noahtalerman: `customer-montague` was frustrated that they had to re-deploy fleetd to enable scripts. At organizations that have a third-party tool that can run scripts (other than Fleet), this is avoidable! We want to document how to enable scripts remotely w/o re-deploying fleetd. More context: https://github.com/fleetdm/fleet/issues/29193#issuecomment-3137337041
22 lines
1 KiB
PowerShell
22 lines
1 KiB
PowerShell
# Please don't delete. This script is used in the guide here: https://fleetdm.com/guides/scripts
|
|
|
|
# Error if not run as admin
|
|
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
|
|
Write-Error "This script must be run as an administrator."
|
|
exit 1
|
|
}
|
|
# Get the BinaryPathName using Get-WmiObject
|
|
$service = Get-WmiObject -Class Win32_Service -Filter "Name='Fleet osquery'"
|
|
if (-not $service) {
|
|
Write-Error "Service '$serviceName' not found."
|
|
exit 1
|
|
}
|
|
$binaryPath = $service.PathName
|
|
# Replace any existing --enable-scripts flag with --enable-scripts="True"
|
|
$modifiedPath = $binaryPath -replace '--enable-scripts(=".*?")?', '--enable-scripts="True"'
|
|
# Update the service configuration
|
|
$setServiceCmd = "sc.exe config `"$serviceName`" binPath= `"$modifiedPath`""
|
|
Invoke-Expression $setServiceCmd
|
|
# Restart the service
|
|
Restart-Service -Name $serviceName
|
|
Write-Host "Fleet Desktop feature enabled and service restarted."
|