sync: auto-sync from HOWARD-HOME at 2026-06-21 12:58:42
Author: Howard Enos Machine: HOWARD-HOME Timestamp: 2026-06-21 12:58:42
This commit is contained in:
25
.claude/memory/feedback_bitdefender_unattended_install.md
Normal file
25
.claude/memory/feedback_bitdefender_unattended_install.md
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
---
|
||||||
|
name: feedback_bitdefender_unattended_install
|
||||||
|
description: Bitdefender unattended RMM install must use the FULL KIT as SYSTEM (silent, no UAC) — the downloader stub fails headless and triggers UAC
|
||||||
|
metadata:
|
||||||
|
type: feedback
|
||||||
|
---
|
||||||
|
|
||||||
|
Deploying Bitdefender (GravityZone) via an RMM/automation MUST be fully silent
|
||||||
|
with NO UAC prompt and NO end-user interaction. Howard hard-stopped a deploy
|
||||||
|
when a UAC prompt appeared on the user's screen (2026-06-21).
|
||||||
|
|
||||||
|
**Why:** the lightweight **setupdownloader stub** (`setupdownloader_[hash].exe`,
|
||||||
|
the `installLinkWindows` URL) is the WRONG tool for unattended deploy:
|
||||||
|
- Run as SYSTEM (no UAC) it exits **3** and never installs (0-byte installer.xml;
|
||||||
|
needs an interactive/elevated session).
|
||||||
|
- Run in `context: user_session` it triggers a **UAC prompt** (WTS-impersonated
|
||||||
|
admin token isn't auto-elevated) — unacceptable for end users.
|
||||||
|
|
||||||
|
**How to apply:** use the **FULL KIT** (`fullKitWindowsX64`, ~696MB
|
||||||
|
`epskit_x64_*.zip`; downloads with the GZ API key as HTTP Basic auth) and run its
|
||||||
|
installer as SYSTEM with `/bdparams /silent`. SYSTEM is already elevated (no UAC)
|
||||||
|
and the kit is self-contained (no CDN fetch → no exit 3). This is how Syncro /
|
||||||
|
proper RMM BD deployments work. To avoid the API key on the endpoint, stage the
|
||||||
|
kit on an internal HTTP host (e.g. GuruRMM downloads server) for anonymous pull.
|
||||||
|
See [[reference_gravityzone_support]] and the `bitdefender` skill.
|
||||||
Reference in New Issue
Block a user