Deploy Code42 apps silently with local authentication
Overview
For Code42 environments that control users with Code42 local authentication, this article describes how to configure deployment packages that install Code42 apps and start backups automatically, silently, with no user intervention.
Considerations
This article assumes you understand the introduction to deployment provided by the article Prepare to deploy Code42 client apps.
- These instructions apply to the Code42 cloud. If you work in an on-premises Code42 environment, see Manage app installations in your Code42 environment.
- To use these deployment tools, you need to sign in to your Code42 console as a user with the Customer Cloud Admin role.
- In the Code42 federal environment, app installations must be deployed with a deployment policy to ensure the use of FIPS encryption in the Code42 app. Users cannot download the installation package from the Code42 console or an email message.
Usernames must be addresses
In the Code42 cloud, usernames must be email addresses. In your Code42 deployment policy, you need to modify the default user detection script. The script needs to take in device usernames and output email addresses. See Step 2, below.
In the Code42 cloud, usernames must be email addresses. In your Code42 deployment policy, you need to modify the default user detection script. The script needs to take in device usernames and output email addresses. See Step 2, below.
Users cannot access the Code42 app or the Code42 console
The process described here generates Code42 passwords automatically. Those passwords are not available to users or administrators. To grant a user access to the Code42 app or the Code42 console, an administrator needs to sign in to the Code42 console and edit the user data to set a new password.
The process described here generates Code42 passwords automatically. Those passwords are not available to users or administrators. To grant a user access to the Code42 app or the Code42 console, an administrator needs to sign in to the Code42 console and edit the user data to set a new password.
Step 1: Identify the deployment organization
In your Code42 console, create or identify an organization that:
- Uses local authentication
- Has at least one destination where backups can auto-start.
To verify the organization's configuration:
- Sign in to the Code42 console.
- Select Administration > Environment > Organizations.
- Select an organization.
Note the organization name; you will need it later. - On the organization details page, scroll down to ORG INFO, and select Security.
- The Authentication must be Local.
- The Directory service must be blank.
- Scroll down to DEVICE BACKUP DEFAULTS, and select Backup.
- DESTINATIONS must list at least one destination name and Yes.
- The other possible value, DESTINATIONS ... Auto-start, is not acceptable. It means silent deployment is not possible.
- To set a destination to Yes, go to the organization's action menu and select Device Backup Defaults, then click Backup and scroll to Destinations.
- DESTINATIONS must list at least one destination name and Yes.
- In the DEVICE BACKUP DEFAULTS section, select Network. Note whether PROXY is enabled; you will need that information later.
- If necessary, change organization configuration. In the action menu in the upper-right, select Edit.
Step 2: Create the deployment policy
Define the deployment policy for the organization you identified in Step 1.
- In the Code42 console, select Administration > Client Management > Deployment.
- Select Create New Deployment Policy or Create New Policy.
The prompt differs depending on whether you see the initial welcome screen or your list of existing policies. - Enter a Policy Name to describe this policy.
- At How should new users register select the organization you identified in Step 1 above.
If your organization's name is dimmed in the menu, that organization already has a policy. You can edit or delete that existing policy. - At Do you want to automatically register users, select Yes.
- At Which operating systems, select the systems you will deploy Code42 apps to.
- For each operating system you select, select Add a custom batch/bash script
Provide a script that identifies the username and home directory that the Code42 app will provide when it registers with your Code42 environment. For details, see the script reference. The script must end by echoing the username and user home directory:echo C42_USERNAME=<email@address.tld> echo C42_USER_HOME=<value>
- At Do your clients need a proxy URL, select No or Yes, depending on what you determined in Step 1: Identify the deployment organization.
- At Launch desktop app after initial install, select No for silent deployment.
- Click Save.
The Policy Saved dialog appears. - Click Done.
You can return to the policy and copy the installation properties at any time.
Example username detection scripts for the Code42 cloud
Step 3: Deploy Code42 apps to user devices
Step 4: Verify success
Review device data in Code42 console
Check that deployments succeed by reviewing the number of devices signed in to your organization and backing up data.
- Sign in to the Code42 console.
- Select Administration > Environment > Organizations.
- Select the organization you deployed to.
- At the top of the window, click the value under Devices.
The number of devices listed for your org should match the number of devices you deployed Code42 apps to. The quantity of data stored for each device should be greater than zero.
Review client logs
At your test devices, or a selection of your production devices, check the Code42 app service.log.0
- Find service.log.0 in one of these locations:
- Windows: C:\ProgramData\CrashPlan\log
To view this hidden folder, open a file browser and paste the path in the address bar. If you installed per user, see the file and folder hierarchy. - Mac: /Library/Logs/CrashPlan
If you installed per user, see the file and folder hierarchy. - Linux: /usr/local/crashplan/log
- Windows: C:\ProgramData\CrashPlan\log
- Open service.log.0 with a text editor.
- Search for
CP_ARGS=DEPLOYMENT
Find a line like the following and verify that the installer arguments are correct.CP_ARGS=DEPLOYMENT_URL=https://authority.example.com:4285&DEPLOYMENT_POLICY_TOKEN=e675f3e1-ebb3-496e-9cef-c669db6ffac6&SSL_WHITELIST=7746278a857f64717094c44eeb2bbc32357ece44
- Search for
Results of running user script.
Find lines like the following that verify the Code42 app retrieved the deployment policy and ran the detection script without error.Deploy:: Successfully retrieved deployment package Results of running user script: UserScriptExecutionResults [username=exampleUser, userHomeDirectory=/home/exampleUser]
- Search for
LoginRequest
Find lines like the following that verify that the Code42 app logged in and is authorized to backup data.UserActionRequest: LoginRequestMessage[809641607873065038] LOGIN: username=exampleUser, password=****, serverAddress=authority.example.com:4287 AUTH:: CPC session is LOGGED_IN
Troubleshooting
If a user opens the desktop UI for a newly deployed Code42 app, but the UI never progresses beyond the message Connecting... , then the deployment has probably failed.
Confirm the error as follows:
- Find service.log.0 in one of these locations:
- Windows: C:\ProgramData\CrashPlan\log
To view this hidden folder, open a file browser and paste the path in the address bar. If you installed per user, see the file and folder hierarchy. - Mac: /Library/Logs/CrashPlan
If you installed per user, see the file and folder hierarchy. - Linux: /usr/local/crashplan/log
- Windows: C:\ProgramData\CrashPlan\log
- Open service.log.0 with a text editor.
- Find deployment errors by searching for
Deploy::, for example:deploy:: Unable to make request
Deploy:: Unable to process deployment package, USERNAME_NOT_IN_OUTPUT