Exoprise has built several tools to facilitate large scale deployments of the Exoprise Secure Service. The Secure Service can be silently installed across a large number of machines using tools like BigFix or System Center Configuration Manager. The silent install automatically configures the target machine via a join key. The join key is generated at secure.exoprise.com and associates a public key with a new installation of the secure service.
Bulk deployment workflow:
Example installation of the Secure Service using a join key:
NOTE: Please confirm that the .NET 3.5 service is installed and running on each target machine before installing the Secure Service.
Reference for additional command line options that the Exoprise Secure Service Installer (exosvc_secure.exoprise.com_setup.exe):
To support installing the Secure Service Shell have the service run as a different user (other then LocalSystem), pass the arguments /USER and /PASSWORD to the installer. The installer will install the Secure Service Shell to run as the user account with the supplied password. You can specify a domain user (domain\user) or a local user.
To properly initialize a Secure Service Shell instance and join it with CloudReady you must provide a unique join key that is supplied by the CloudReady system. The join key uniquely identifies the incoming instance of the Secure Service Shell during initialization. Unique join keys supplied by CloudReady last a finite period of time and the service installer must be run before the join key expires.
To support public key encryption the Secure Service Shell installer can copy a PEM file to its local execution directory. This PEM file will be used to encrypt the credentials needed for automation and monitoring. Pass the PEM file path as an argument to the installer.
password to decrypt the private key. The password is encrypted and stored locally. The password is not required if the key was created without a password.
If a location string is supplied to the installer, this location string will be passed on during initialization to the CloudReady servers for identification. If a location string is not supplied then during initialization the name of the machine will be used.