Skip to main content

This article applies to version 6.

Other available versions:

Cloudicon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business
Code42 Support

Deploy Code42 apps silently with SSO

This article applies to version 6.

Other available versions:

Cloudicon.qnmark.png

Available in:

StandardPremiumEnterprise
Small Business

Overview

For Code42 environments that control usernames and authentication with an SSO provider, this article describes how to configure deployment packages that install Code42 apps and start backups automatically, silently, with no user intervention.

Considerations

This article assumes you understand the introduction to deployment provided by the article Prepare to deploy Code42 client apps.

These instructions apply to administrators deploying Code42 apps version 6.5 or later with on-premises authority servers version 6.5 or later.

If you are using older servers or clients, select the appropriate instructions from Manage app installations in your Code42 environment.

To use these deployment tools, you need to sign in to your administration console as a user with one of these roles:

Synchronize usernames

Usernames on endpoint devices need to match usernames in SSO data.

In some cases, provide a custom script to modify the username from the device, and so provide Code42 with a match to the SSO data. See Step 2, below.

Mismatched usernames cause serious errors.
If the detection script cannot provide a precise match with SSO data, Code42 creates a user that matches the device username. That user has no password, however, and cannot restore backup data or access the administration console.

If you cannot create a reliable script, do not attempt silent deployment. See instead Deploy Code42 apps for manual sign on.

Step 1: Identify the deployment organization

In your administration console, create or identify an organization that:

Check configuration of the organization, as follows:

  1. Sign in to the administration console.
  2. Select Administration > Organizations > Active.
  3. Select an organization.
  4. Note the organization name; you will need it later.
  5. Select ORG INFO > Security.
    • The Authentication needs to be SSO.
    • The Directory service needs to be Local.
  6. Select DEVICE BACKUP DEFAULTS > Backup
    • DESTINATIONS must list at least one destination name and Yes.
      Device backup destinations yes
    • The other possible value, DESTINATIONS ... Auto-start, is not acceptable. It means silent deployment is not possible.
      device backup destinations auto
    • To set a destination to Yes, go to the organization's action menu and select Device Backup Defaults, then click Backup and scroll to Destinations.

 

  1. Select DEVICE BACKUP DEFAULTS > Network.
  2. Note whether PROXY is enabled; you will need that information later.
  3. If necessary, change organization configuration. In the action menu in the upper-right, select Edit.

Step 2: Create the deployment policy

Define the deployment policy for the organization you identified in Step 1.

  1. In the administration console, select Administration > Client Management > Deployment.
  2. Select Create New Deployment Policy or Create New Policy.
    The prompt differs depending on whether you see the initial welcome screen or your list of existing policies.
  3. Enter a Policy Name to describe this policy.
  4. At How should new users register? select the organization you identified at Step 1, above.
    If your organization's name is grayed out in the menu, that organization already has a policy.
    You may edit or delete that existing policy.
  5. At Do you want to automatically register users?, select Yes.
  6. At Which operating systems, select the systems you will deploy Code42 apps to.
  7. For each operating system you select, select either:
    • Use default script (for deployment to Windows and Mac only)
      Use the default script if last-logged-in usernames on your endpoint devices exactly match your SSO data.
    • Add a custom batch/bash script (required for deployment to Linux and for any connection to the Code42 cloud)
      Provide a script that identifies the username and home directory that the Code42 app will provide when it registers with your Code42 environment. For details, see the script reference. The script must end by echoing the username and user home directory:
      echo C42_USERNAME=<value>
      echo C42_USER_HOME=<value>
      
  8. At Do your clients need a proxy URL, select No or Yes, depending on what you determined at Step 1, above.
  9. At Launch desktop app after initial install, select No for silent deployment.
  10. Click Save.
    The Policy Saved dialog appears.
  11. Click Done.
    You can return to the policy and copy the installation properties at any time.

Step 3: Deploy Code42 apps to user devices

Retrieve installation properties from your deployment policy as follows:

  1. Sign in to the administration console.
  2. Select Administration > Client Management > Deployment.
  3. In the list of policies, click on the name of the policy you want to use.
  4. Copy your Windows or Linux properties and paste them into your deployment software.
    Or download the deploy.properties file for Mac, and provide it to your deployment process.

Distribute installation properties and Code42 app installers to your target devices. Then run the installers.
Details for those two tasks depend on your device management tool and endpoint operating systems:

Step 4: Verify success

Review device data in the administration console

At your authority server, check that deployments succeed by reviewing the number of devices signed in to your organization and backing up data.

  1. Sign in to the administration console.
  2. Select Administration > Organizations > Active.
  3. Select the organization you deployed to.
  4. At the top of the window, click the value under Devices.
    The number of devices listed for your org should match the number of devices you deployed Code42 apps to. The quantity of data stored for each device should be greater than zero.

Review client logs

At your test devices, or a selection of your production devices, check the Code42 app service.log.0

  1. Find service.log.0 in one of these locations:
    • Windows: C:\ProgramData\CrashPlan\log
      To view this hidden folder, open a file browser and paste the path in the address bar. If you installed per user, see the file and folder hierarchy.
    • Mac: /Library/Logs/CrashPlan
      If you installed per user, see the file and folder hierarchy.
    • Linux: /usr/local/crashplan/log
  2. Open service.log.0 with a text editor.
  3. Search for CP_ARGS=DEPLOYMENT
    Find a line like the following and verify that the installer arguments are correct.
    CP_ARGS=DEPLOYMENT_URL=https://authority.example.com:4285&DEPLOYMENT_POLICY_TOKEN=e675f3e1-ebb3-496e-9cef-c669db6ffac6&SSL_WHITELIST=7746278a857f64717094c44eeb2bbc32357ece44
    
  4. Search for Results of running user script.
    Find lines like the following that verify the Code42 app retrieved the deployment policy and ran the detection script without error.
    Deploy:: Successfully retrieved deployment package
    Results of running user script: UserScriptExecutionResults [username=exampleUser, userHomeDirectory=/home/exampleUser]
    
  5. Search for LoginRequest
    Find lines like the following that verify that the Code42 app logged in to authority server and is authorized to backup data.
    UserActionRequest: LoginRequestMessage[809641607873065038] LOGIN: username=exampleUser, password=****, serverAddress=authority.example.com:4287
    AUTH:: CPC session is LOGGED_IN
    

Troubleshooting

If a user opens the desktop UI for a newly deployed Code42 app, but the UI never progresses beyond the message Connecting... , then the deployment has probably failed.

Connecting error

Confirm the error as follows:

  1. Find service.log.0 in one of these locations:
    • Windows: C:\ProgramData\CrashPlan\log
      To view this hidden folder, open a file browser and paste the path in the address bar. If you installed per user, see the file and folder hierarchy.
    • Mac: /Library/Logs/CrashPlan
      If you installed per user, see the file and folder hierarchy.
    • Linux: /usr/local/crashplan/log
  2. Open service.log.0 with a text editor.
  3. Find deployment errors by searching for Deploy::, for example:
    deploy:: Unable to make request
    Deploy:: Unable to process deployment package, USERNAME_NOT_IN_OUTPUT
    
  • Was this article helpful?