Zluri Agents

Zluri Agents

  • Browser/Desktop Agents

    Apart from SSOs & direct integrations, Zluri also collects data through browser extensions & desktop agents. The agent's dashboard displays all the agents & their status.


    Clicking on Agents will display the following details:

    • The number of people who have at least one agent installed.

    • The number of people who have at least one Browser agent installed.

    • The number of people who have at least one Desktop Agent installed.

    • You can also view the number of people using various Browser Agents like Google Chrome, Mozilla Firefox, and Microsoft Edge.



    Clicking on Users, you can see the following details:

    • You can view who installed which Browser Agent and their last active date.



    • You can also ask them to install the Browser Agent by sending them a prompt.



  • Firefox Browser Agent

    Overview:

    Get actionable insights on your organization's SaaS usage

    Zluri is an enterprise SaaS Management Platform(SMP). It helps you discover, manage, and optimize your SaaS stack from a single dashboard. 


    What Zluri Does:

    • Zluri puts the IT Teams back in control of their new Saas-ified landscape.

    • managesZluri helps to bring shadow IT to light, proactively monitors and manage SaaS spend, automates end-to-end SaaS app renewal management. and and 

    • Zluri is data-driven and helps IT teams simplify, plan, secure, and get the most out of their SaaS apps portfolio.

    • Zluri uses various ways to discover SaaS applications. The browser extension is one of them.

    • Zluri browser extension helps IT administrators discover the SaaS applications & used by employees of the organization.


    The browser extension runs locally on the client side to read browser activities & reports them to the Zluri server for analysis, where we identify & analyze the SaaS application-related activities & present them on the Zluri dashboard.


    Version2.3.1


    How it works:

    1. Identifying as a SaaS app:
    When an application is opened in the Browser, We track the basic metadata of the application, like the application name, the server URL from where the data is fetched, etc., and identify the SaaS application from it.

    2. Each visit is counted as an activity:
    Each time the application is opened, it is counted as an activity.

    3. Analyzing the activity data:

    Once we have the activities attributed to users, we aggregate that at least at a daily level for the organization & calculate how frequently the user is using an application compared to other users of the same application. This gives us a percentile score for a specific user for an application within that organization.


    Data Collected:

    We collect only non-sensitive information from your system, which is listed below.

    • The URL opened in the tab

    • The title of the webpage

    • The timestamp of open/closing of the tab

    We do not read the cookies saved in the browser, browser history or any content from the websites visited.


    How To Install:

    Step 1) Download the agent by clicking here
    Step 2) Click on Extensions 


    Step 3) Click On Settings and the Click On Install Add-On from File




    Step 4) Choose the Firefox file that is downloaded, and click on Open.


    Step 5)You get a Pop-up on the top right of the window. Click on Add.



    Step 6) Enter your work email.



    Step 7) We will send you a verification code to your email address. Enter the code, and you will be able to sign in.




    Lastly, you can enter the website URLs for which you do not wish to be tracked. (This Step Is Optional)

  • Windows Desktop Agent

    Overview:

    Get actionable insights on your organization's SaaS usage

    Zluri is an enterprise SaaS Management Platform(SMP). It helps you discover, manage, and optimize your SaaS stack from a single dashboard. 


    What Zluri Does:

    • Zluri puts the IT Teams back in control of their new Saas-ified landscape.

    • Zluri helps to bring shadow IT to light, proactively monitors and manages SaaS spend, and automates end-to-end SaaS app renewal management.

    • Zluri is data-driven and helps IT teams simplify, plan, secure, and get the most out of their SaaS apps portfolio.

    • Zluri uses various ways to discover SaaS applications. The browser extension is one of them.

    • Zluri browser extension helps IT administrators discover the SaaS applications & used by employees of the organization.


    The Zluri desktop agent is a lightweight application that lives in your computer's toolbar. This application reads SaaS usage & activities and sends them to the Zluri server for further analysis, which is then presented on the Zluri dashboard.

    Version: 3.3.0


    How it works

    1. Identifying as a SaaS app:
      When an application is opened on the Desktop, we fetch the application name and identify the SaaS application from it.

    2. Each visit is counted as an activity:
      Each time the application is opened, it is counted as an activity.

    3. Analyzing the activity data:
      Once we have the activities attributed to users, we aggregate that at least at a daily level for the organization & calculate how frequently the user is using an application compared to other users of the same application. This gives us a percentile score for a specific user for an application within that organization.


    Data Collected:

    We collect only non-sensitive information from your system, which is listed below.

    • Device Information

    • List of Applications running in the background

    • All software/applications are installed on the device

    • The time for the application has been running

    • Launching & closing an application


    How to Install:


    Step 1) Download the agent by clicking here for the .exe file and here for the .msi file.


    Step 2) Install The Agent(double-click on the downloaded file)

    Step 3) Authentication 

    This can be done in two ways:
    Option 1: Using your email address
    Step 3.1. a) Enter your email address.

    Step 3.1.b)  We will send you a verification code on your email address. Enter the code and you will be able to sign in.

    Option 2: Using your Organization Token

    The Organization token is sent to you via email.

    Step 3.2. a) Enter your organization token, and you will see the "Waiting for authentication Screen." 

    Step3.2.b)  The IT Administrator of your company will authenticate you with your user email; after that, you will be able to see the authenticated screen.

    Step 4) Now the Agent is all set, it will continue to send data to Zluri servers in the background.



  • Linux Desktop Agent

    Overview:

    Get actionable insights on your organization's SaaS usage

    Zluri is an enterprise SaaS Management Platform(SMP). It helps you discover, manage, and optimize your SaaS stack from a single dashboard. 


    What Zluri Does:

    • Zluri puts the IT Teams back in control of their new Saas-ified landscape.

    • Zluri helps to bring shadow IT to light, proactively monitors and manages SaaS spend, and automates end-to-end SaaS apps renewal management.

    • Zluri is data-driven and helps IT teams simplify, plan, secure, and get the most out of their SaaS apps portfolio.

    • Zluri uses various ways to discover SaaS applications. The browser extension is one of them.

    • Zluri browser extension helps IT administrators discover the SaaS applications & used by employees of the organization.


    The Zluri desktop agent is a lightweight application that lives in your computer's toolbar. This application reads SaaS usage & activities and sends them to the Zluri server for further analysis, which is then presented on the Zluri dashboard.

    Version2.1.0

    Download this build: https://drive.google.com/file/d/1BOpUnc4fqQ9DImenqIvf-X1H7IqMUI_o/view?usp=share_link


    How it works:

    1. Identifying as a SaaS app
      When an application is opened on the Desktop, we fetch the application name and identify the SaaS application from it.

    2. Each visit is counted as an activity. 
      Each time the application is opened, it is counted as an activity.

    3. Analyzing the activity data
      Once we have the activities attributed to users, we aggregate that at least at a daily level for the organization & calculate how frequently the user is using an application compared to other users of the same application. This gives us a percentile score for a specific user for an application within that organization.

      Data Collected:

    We collect only non-sensitive information from your system, which is listed below.

    • Device Information

    • List of Applications running in the background

    • All software/applications are installed on the device

    • The time for the application has been running

    • Launching & closing an application


    How to Install:


    Step 1) Download the agent by clicking on the download link received through email.


    Step 2) Install The Agent


    Step 3)Enter your work email (You will get a Validation Code on your email address.)



    Step 4) Enter the Validation Code & you will be signed in.



    Step 5)Now the Agent is all set, it will continue to send data to Zluri servers in the background.


  • Mac OS Desktop Agent

    Overview:

    Get actionable insights on your organization's SaaS usage

    Zluri is an enterprise SaaS Management Platform(SMP). It helps you discover, manage, and optimize your SaaS stack from a single dashboard. 


    What Zluri Does:

    • Zluri puts the IT Teams back in control of their new Saas-ified landscape.

    • Zluri helps to bring shadow IT to light, proactively monitors and manages SaaS spend, and automates end-to-end SaaS app renewal management.

    • Zluri is data-driven and helps IT teams simplify, plan, secure, and get the most out of their SaaS apps portfolio.

    • Zluri uses various ways to discover SaaS applications. The browser extension is one of them.

    • Zluri browser extension helps IT administrators discover the SaaS applications & used by employees of the organization.


    The Zluri desktop agent is a lightweight application that lives in your computer's toolbar. This application reads SaaS usage & activities and sends them to the Zluri server for further analysis, which is then presented on the Zluri dashboard.

    Version: 3.6.3

    How it works

    1. Identifying as a SaaS app
      When an application is opened on the Desktop, we fetch the application name and identify the SaaS application from it.

    2. Each visit is counted as an activity.
      Each time the application is opened, it is counted as an activity.

    3. Analyzing the activity data
      Once we have the activities attributed to users, we aggregate that at least at a daily level for the organization & calculate how frequently the user is using an application compared to other users of the same application. This gives us a percentile score for a specific user for an application within that organization.


    Data Collected:

    We collect only non-sensitive information from your system, which is listed below.

    • Device Information

    • List of Applications running in the background

    • All software/applications are installed on the device

    • The time for the application has been running

    • Launching & closing an application


    How to Install:


    Step 1) Download the agent by clicking here for the .pkg file


    Step 2) Install The Agent

    Step 3) Authentication 

    This can be done in two ways:

    Option 1: Using your email address

    Step 3.1. a) Enter your email address.

    Step 3.1.b)  We will send you a verification code on your email address. Enter the code, and you will be able to sign in

    Option 2: Using your Organization Token

    The Organization token is sent to you via email 

    Step 3.2. a) Enter your organization token and you will see the "Waiting for authentication Screen." 

    Step3.2.b)  The IT Administrator of your company will authenticate you with your user email; after that, you will be able to see the authenticated screen


    Step 4) Now the Agent is all set, it will continue to send data to Zluri servers in the background.


    Step 5) Restart your system.


    Permissions Zluri Mac agent requires:

    1. Screen Recording Permissions -- - THIS IS A NOT A MANDATORY PERMISSION

    For details on why you may consider giving this permission, click here.



  • Deployment of Zluri Mac Agent using Kandji

    Mac Agent Version3.2.3


    Mac Versions tested on: Ventura[13.4], Big Sur[11.0], Monterey[12.6]


    Permissions: Screen Recording Permissions - Optional Permission


    Notifications to end users: “Login Item Added- zluri” might come up in some systems; it is a behaviour in control of MacOS


     Creation of Blueprint and adding the scripts

    1. Click ‘Blueprints’ from the left navigation menu.


    2. Click ‘New Blueprint’

    3. Click ‘start from scratch’


    4. Enter name & description


    5. Click ‘Library’


    6. Click ‘Add New’

    7. Select ‘Mac’ & Click ‘Custom Apps’


    8. Click ‘Add & Configure’


    9. Add Title; select the Blueprint created above.


    10. In the installation, select ‘Audit & Enforce.’

    Audit script:


    #!/bin/bash


    # version comparison logic


    function version_compare { printf "%03d%03d%03d%03d" $(echo "$1" | tr '.' ' '); }




    # perform version comparision


    function perf_comparison {


    installedVersion=$(defaults read /Applications/zluri.app/Contents/Info.plist CFBundleShortVersionString) # ask installed version of the app from system


    echo "installed zluri app version: $installedVersion"


    expectedVersion="3.2.3" # admin should update the expectedVersion value to the latest version available


    [ $(version_compare $installedVersion) -lt $(version_compare $expectedVersion) ] && echo "1"


    [[ $(version_compare $installedVersion) -gt $(version_compare $expectedVersion) || $(version_compare $installedVersion) -eq $(version_compare $expectedVersion) ]] && echo "0"


    }




    shouldUpdate="0"


    finalResult="0"


    ZLURI_APP="/Applications/zluri.app"


    if [ -e $ZLURI_APP ]


      then


         echo "zluri app found in /Applications/ dir"


        finalResult="0"


        perf_comparison


        shouldUpdate=$?


        echo "shouldUpdate again $shouldUpdate"


      else


        echo "zluri app NOT found in /Applications/ dir"


        finalResult="1"


    fi




    if [[ $shouldUpdate -eq "1" ]] || [[ $finalResult -eq "1" ]]


      then


      echo "it should update or exit with code 1"


      # first kill the app if running


      # needed for auto-update


      ZLURI_PROCESS=$(ps aux | grep -v grep | grep -ci zluri)


      OSQUERY_PROCESS=$(ps aux | grep -v grep | grep -ci osquery)


      if [[ $ZLURI_PROCESS -gt 0 ]] && [[ $OSQUERY_PROCESS -gt 0 ]]


        then


        echo "trying to kill the process"


          pkill -x "zluri"


          pkill -x "osquery"


      fi


      exit 1


    fi




    if [[ $finalResult -eq 0 ]] || [[ $shouldUpdate -eq 0 ]]


        then


        echo "all ok"


        exit 0


    fi


    11. Add the pre-install script and upload the package and post-install script.

    Pre-install:

    #!/bin/bash


    CURRENT_USER=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ && ! /loginwindow/ { print $3 }' )


    HOMEDIR=$(/usr/bin/dscl . -read /Users/"$CURRENT_USER" NFSHomeDirectory | /usr/bin/cut -d' ' -f2)


    ORG_TOKEN=<orgToken>


    INTERVAL= 3600000


    SCREEN_RECORD=off


    echo "$ORG_TOKEN"


    echo "$CURRENT_USER"


    echo "$HOMEDIR"




    # Deleting App components from Application folder


    echo "Deleting zluri Logs"


    logsPath=$HOMEDIR/Library/Logs/zluri


    if [ -d "$logsPath" ]


    then


    rm -rf $HOMEDIR/Library/Logs/zluri


    echo "***Deleted Zluri Logs Successfully***"


    fi




    echo "Deleting Zluri Application Support"


    applicationSupportPath=$HOMEDIR/Library/Application\ Support/zluri


    if [ -d "$applicationSupportPath" ]


    then


    rm -rf $HOMEDIR/Library/Application\ Support/zluri


    echo "***Deleted Zluri Application Support Successfully***"


    fi




    echo "Finished:preflight"




    echo "writing zluri generic-MDM config file"




    if [ ! -d /tmp/zluritemp ]; then


        mkdir -p /tmp/zluritemp


    else


        echo "zluritemp dir exists"


    fi


    echo "{\"org_token\": \"$ORG_TOKEN\", \"interval\": \"$INTERVAL\", \"screen_recording\": \"$SCREEN_RECORD\", \"silent_auth\": \"on\"}" > /tmp/zluritemp/client-config.json


    echo "====written the client config json file required configurations in temp directory===="




    # Handle the rosetta-related issues in preinstall script


    # Determine the processor brand


    processor_brand=$(/usr/sbin/sysctl -n machdep.cpu.brand_string)




    # Determine the processor brand


    if [[ "$processor_brand" == *"Apple"* ]]; then


        /bin/echo "Apple Processor is present..."




        # Check if the Rosetta service is running


        check_rosetta_status=$(/usr/bin/pgrep oahd)




        # Rosetta Folder location


        # Condition to check to see if the Rosetta folder exists. This check was added


        # because the Rosetta2 service is already running in macOS versions 11.5 and


        # greater without Rosseta2 actually being installed.


        rosetta_folder="/Library/Apple/usr/share/rosetta"




        if [[ -n $check_rosetta_status ]] && [[ -e $rosetta_folder ]]; then


            /bin/echo "Rosetta2 is installed... no action needed"


        else


            # Installs Rosetta


            /bin/echo "Rosetta is not installed... installing now"


            /usr/sbin/softwareupdate --install-rosetta --agree-to-license


        fi




    elsex


        /bin/echo "Apple Processor is not present...Rosetta2 is not needed"


    fi




    sudo mkdir -p $HOMEDIR/Library/Application\ Support/zluri




    echo "{\"org_token\": \"$ORG_TOKEN\", \"interval\": \"$INTERVAL\", \"screen_recording\": \"$SCREEN_RECORD\", \"silent_auth\": \"on\"}" > $HOMEDIR/Library/Application\ Support/zluri/client-config.json


    echo "====written the client config json file required configurations in temp directory===="




    exit 0

    Post Install:

    #!/bin/bash


    # writing config json file to appData directory


    # CURRENT_USER=$(/bin/ls -l /dev/console | awk '{print $3}')


    CURRENT_USER=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ && ! /loginwindow/ { print $3 }' )


    HOMEDIR=$(/usr/bin/dscl . -read /Users/"$CURRENT_USER" NFSHomeDirectory | /usr/bin/cut -d' ' -f2)


    ORG_TOKEN=<orgToken>


    INTERVAL= 3600000


    SCREEN_RECORD=off




    echo "ORG TOKEN: $ORG_TOKEN"


    echo "API INTERVAL: $INTERVAL"


    echo "SCREEN RECORD: $SCREEN_RECORD"


    echo "CURRENT USER: $CURRENT_USER"


    echo "HOMEDIR: $HOMEDIR"




    sleep 300




    ZLURIDIR="$HOMEDIR/Library/Application Support/zluri"




    echo "ZLURIDIR: $ZLURIDIR"


    # cd $ZLURIDIR




    if [ -d "$ZLURIDIR" ]; then


        echo "{\"org_token\": \"$ORG_TOKEN\", \"interval\": \"$INTERVAL\", \"screen_recording\": \"$SCREEN_RECORD\", \"silent_auth\": \"on\"}" > "$ZLURIDIR"/client-config.json


        echo "===writing config json file to appData directory==="


        else


            echo "zluri folder doesn't exist, cannot write config json file"


    fi


    Replace <orgToken> with your Organisation Token


    12. Save the Blueprint.

    13. Assign the Blueprint to the devices you want to install the Zluri agent

    User Experience

    • The Zluri Agent will silently install and authenticate and sit on the system tray

    • On some systems, the notification for the addition of a login item might come up [Under the control of MacOS]

    • After authentication, the agent will start sending the data to the Zluri servers silently

    Authentication:

    On installation of the scripts first and then the application, all the devices are {org_token} authenticated and are listed in the Sources → Agents → Desktop Agents Page



    The mapping of the device to the user can be done in 3 ways:

    1. Integration with Kandji: 
      We will get the user to device mapping, and the user authentication is handled with this data by Zluri

    2. Manually

    3. In development: 
      An option to Bulk Upload a CSV with user-to-device mapping on the UI. For the time being, we can handle the bulk mapping from Zluri’s support team.


    Once the User is authenticated with the Organization Token, the agent looks something like this until the user authentication is complete by the admin:


    • An admin mode is introduced, which is activated with a hotkey; only then logout, quit, and force restart the agent is possible → preferred not to be shared with all the users.






  • Deploy the Chrome Agent using Google Workspace (GSuite) Admin

    Learn about rolling Zluri's Chrome extension to the entire organisation directly from your Google Workspace admin. 


    Follow these steps to roll out Zluri's browser extension to the entire organization using your Google Workspace admin:

    Sign in to your Google Workspace (GSuite) admin here https://admin.google.com

    • Go to: Devices >> Chrome >> Apps & Extensions

    In the Users & browsers tab, hover over the icon and click the chrome icon -

     



    • Zluri’s Extension is not searchable on the Chrome Store >> Extensions >> View app by ID; paste the Extension ID: 

      cmobkdiplndgpjodaioofofmcikimbdb


      Zluri Web Extension will display; click Select.


    • Once Zluri Web Extension has been displayed, open the dropdown >> select Force install and click Save.

       


     

    The extension will be installed in the end-user browser without a removal option and will silently authenticate with the corporate email ID. If the user logs out, it will login the user again.

    You can refer to the video guide here.

  • Enforce Users to login using their official email

    This article explains how you can enforce users to use their official email ID to login to Chrome. 


    1. Visit Devices -> Chrome -> Guides

            Verify domains

            Setup your organizational structure (Optional)



    2. Enroll Browsers

    Please follow the steps below on how to enroll your browser. 


     

    You can use an MDM to enroll the browser.

    Please find the links below on how to enroll the browser through JamF & Kandji.

     

     

     

    3. Visit Chrome -> Managed browsers. Click on the '+' button on the bottom right of the screen, and you will receive the enrollment token.



    After enrolling the browser, either Chrome or the whole laptop has to restart.

     

    4. Visit users & browsers and make some configuration changes.



    Force users to sign into the browser.

    Add sign-in patter *@zluri.com to enforce signing in through official ID.

    Enable users to have a separate profile.

    Enable 'Ambient Authentication'

     


    Session settings: Do not show the sign-out button tray

    Enable Browser Reporting.


    Set upload frequency.

     

    Enable Event Reporting

     


    Chrome Management For Signed in users

    Data will start flowing, and you will get the list on the Managed Browsers page.

     


    Reports -> Apps & Extensions

     

           

  • Deploy Chrome Agent Through Kandji

    This article explains how to deploy Chrome Agent through Kandji.


    1. Click ‘Blueprints’ from the left navigation menu.

     

     

    2. Click ‘New Blueprint
    3. Click ‘Start from scratch.

     

     

    4. Enter name & description.

     

     

    5. Click ‘Library

     


    6. Click ‘Add New

     

    7. Select ‘Mac’ & click ‘Custom Apps

     

     

     8. Click ‘Add & Configure

     

     

     9. Add Title, and select the Blueprint created above.

     

     

    10. In the installation, Select ‘Install once per device.’

    11. Enter the audit script provided to you.

     

     

     12. Add the preinstall script, upload the package for Chrome ext (You can download the package here) & add the post-install script.

     

    Here is the preinstall script: https://pastebin.com/Q554it9L

    Postinstall script: https://pastebin.com/Ywes8q1f

     

     

    13. Save & Edit the custom App.

    14. Go to ‘Devices

     

     

    15. Select All Devices or selected devices as per your requirement.

    16. Click on … >  ‘Assign Blueprint’, select the Blueprint and click ‘Change.

  • Deploy Chrome Agent Through Jamf Pro

    This article explains how to install chrome agents through Jamf.


    To deploy Chrome Agent through JAMF, you need to have an active Jamf Integration. 
    To integrate Jamf with Zluri, please navigate to 'Sources->Integrations' to connect Jamf with Zluri. It takes 24-48 hours for the sync to complete. Once the first sync is complete, you can proceed with the steps below.

     

    Please follow the steps below in order to install the Zluri Chrome agent through Jamf.

    1. Login to the jamfpro https://[instance].jamfcloud.com/


    2. Visit 'Settings' at the bottom right corner, Search 'Category' in the search box and create a new category, a name such as zluri-orgname. You can follow the steps here to create a category.


    3. Create a new policy. You can follow the documentation here to create a policy.


    4. Download the package from this link and upload the package in Jamf. You can follow the documentation here to upload the package.

      • Under 'Computer Management', select a package.


      • Click "+New"


      • Under Category, choose the category that was created in Step 2

      • Under Filename, choose the .pkg and let it upload and click Save.

    5. Now, to add the scripts, follow the Jamf pro documentation:

      • Ensure that you name the preinstall script “preinstall” and paste the script’s contents into the scripts area.

      • Copy the preinstall script from https://pastebin.com/JLusiknn

      • Choose the Category as the category created

      • Now, under Options, choose Priority as Before.


      • Now repeat the same steps for the post-install script

      • Paste the post-install script from https://pastebin.com/pXrjcVi2

      •  Replace the org_token with the token provided to you by the Zluri customer success team.

      • Name the script as post-install

      • Choose the Priority under the options pane as “After”.

      • Save the settings.

    6. Now, Choose Policies from the left menu, and choose the Policy you created in Step 1.


      • Under Options, in Packages, Choose Distribution point as Cloud distribution point, as shown in the screenshot above.

      • Select the package that you uploaded in Step 4-d.


      • Then, under the Scope pane, set All Computers under Target Computers and All Users under Target Users and Save.

      • Again, go to Options under the Policies, and click on Scripts.





      • Select the preinstall script, set the priority to Before and for post-install select After.

      • Finally, in the General pane, ensure to click the Enabled checkbox.


      • Enable the Recurring Check-in checkbox to ensure the policy runs every 15 minutes.

      • Set the Execution Frequency to Ongoing

    7. Now that you’ve performed all the steps properly, go to Policies from the left-sidebar menu.


    Here, you’ll see an overview of the policy (here, ZLURI DA MDM) and the scripts and .pkg in the right order to execute.

    The above steps will ensure that the Policy runs on the targeted devices and runs the preinstall.

    After following the above steps, the policy is ready to install the Zluri app on the targeted devices.


    Note: Please note that the updated logs of policy run in the targeted systems might be delayed.

  • Deployment of Zluri Windows Agent using MS Intune

    Windows Agent Version: 3.2.5

    Windows Versions tested on: Windows 11, Windows 10


    1. Login to your MS Intune

    SETTING UP THE SCRIPTS

    1. Navigate to Devices and search for Scripts



    2. Click on Add

    3. Choose Windows or Later

    1. Add the basic Details like name and description
      Name: Zluri script
      Description: Zluri script for agent installation

    1. In the “Script settings.”

    Add the script file, 

    Run this script using the logged-on credentials: Yes

    Enforce script signature check: No

    Run a script in 64-bit PowerShell Host: Yes

    Click on “Next


    1. Assign it to a group/all devices/all users based on how this is being deployed; click on Next.


    1. Click on add

                    

    The recommended way of implementation is first to assign the scripts and then assign the application.

    Script:

    Save the file with an extension: .ps1

    Example: windowsScript.ps1


    #expected version. zluri apps lesser than this version will get uninstalled.

    $expectedVersion="3.2.5.0"

    #Values to insert into client-config.json file

    $configValues='{"org_token": "<orgToken>","interval": "3600000"}'

    #########################################################################################

        # Path for zluri script logs

    $logPathRoot=$env:programdata

    If (-not (Test-Path "$logPathRoot\zluri")) {

            Log-Message "Creating zluri folder in $folderPath"

            New-Item -Path "$logPathRoot\zluri" -ItemType "directory"

        }

        # Logger function

    Function Log-Message([String]$Message)

    {

        Add-Content -Path "$logPathRoot\zluri\zluriscriptlog.txt" $Message

    }

        # Specify the expected version in the same format

    $logDate=Get-date

    Log-Message "$logDate"

        # Get the installed zluri apps

    $isZluriApp=Get-WmiObject -Class Win32_Product | where name -eq zluri

    Log-Message "$isZluriApp"

        # For each zluri agent present in the system

        foreach($zluriApp in $isZluriApp){

            Log-Message "$zluriApp"

            $currentVersion=$zluriApp.version

                # Check if expected version is greater than the installed zluri version

            if($expectedVersion -gt $currentVersion){

                Log-Message "checking if $expectedVersion greater than $currentVersion"

                $zluriProcess=Get-Process -Name "zluri"

                    # stopping all zluri process

                Log-Message "$zluriProcess"

                $nid = (Get-Process zluri).id

                    Stop-Process -Id $nid

                    Wait-Process -Id $nid -ErrorAction SilentlyContinue

                    # Uninstalling zluri app

                $zluriApp.uninstall() | Out-Null

                    # deleting zluri folder from %localappdata%\programs

                Remove-Item C:\Users\$env:username\AppData\Local\Programs\zluri -Recurse -Force -ErrorAction silentlycontinue

                Remove-Item C:\Users\$env:username\AppData\Roaming\zluri -Recurse -Force -ErrorAction silentlycontinue

                    # deleting the shortcut on desktop

                $ShortcutsToDelete = Get-ChildItem -Path "C:\Users\$env:username\Desktop" -Filter "zluri.lnk"

                $ShortcutsToDelete | ForEach-Object {

                    Remove-Item -Path $_.FullName

                }

            }

        }

    # function to create client-config.json file

    function zluriClientConfigFiles{

        # reading param

        Param([String]$configFolderPath)

        # Setting variable for folder path & file path

        $folderPath = $("$configFolderPath\zluri")

        $filePath=$("$folderPath\client-config.json")

        # If there is no folderPath then create a zluri folder in that specific location

        If (-not (Test-Path $folderPath)) {

            Log-Message "Creating zluri folder in $folderPath"

            New-Item -Path $folderPath -ItemType "directory"

        }

        # If there is a client-config.json file in the filepath remove the file

        If (Test-Path $filePath) {

            Log-Message "deleting existing $filePath"

            Remove-Item $filePath

        }

        # Create client-config.json file in the filepath & insert the values

        New-Item -Path $filePath -ItemType "file" -value $configValues

        Log-Message "Created client config file in $filePath"

    }

    # Calling the function to create client-config.json file in programdata

    zluriClientConfigFiles -configFolderPath $env:programdata

    # Calling the function to create client-config.json file in localappdata

    zluriClientConfigFiles -configFolderPath $env:localappdata


    Replace your organization token in place of <orgToken>

                

    SETTING UP THE APPLICATION INSTALLATION

    1. Go to Apps, All Apps.



    2. Click on Add



    3. From the Select App blade, choose the Windows app(Win 32) from the drop-down menu.

      1. Click on the Select button at the bottom of the blade.

    1. Click on “Select app package file”, Add the intune-win file and click on OK.



    1. Fill in the basic details of the application, and click on next.

    1. Change the Install behaviour to “User.” 

    Device Restart Behaviour to “No Specific Action

    Click on Next

    1. Operating System Architecture: Select both 32 Bit and 64 Bit

    Minimum OS: The first Option present


    Configure additional requirement rules:

    1. On the side sheet:
    1. Rule Type: File
    2. Path:
      C:\Users\%USERNAME%\AppData\Local\Programs\zluri\
    3. File or Folder: zluri.exe
    4. Detection method: File or folder does not exist
    5. Click on OK


    Click on Next



    1. Rules configure: "Manually configure detection rules”

      1. On the side sheet:

        1. Rule Type: File

        2. Path: C:\Users\%USERNAME%\AppData\Local\Programs\zluri\

        3. File or Folder: zluri.exe

        4. Detection method: File or folder exists

        5. Click on OK

      2. Click on Next.

    1. Click Next for dependencies.

    2. Click Next for Supersedence.

    3. In assignments, choose the same devices/users/groups that were chosen for the script and click on next.

    1. Click on Next, Click on Create.


    On installation of the scripts first and then the application, all the devices are {org_token} authenticated and are listed in the Sources → Agents → Desktop Agents Page.



    The mapping of the device to the user can be done in 3 ways:

    1. Integration with Intune: We will get the user to device mapping, and the user authentication is handled with this data by Zluri

    2. Manually

    3. In development: An option to Bulk Upload a CSV with user-to-device mapping on the UI. For the time being, we can handle the bulk mapping from Zluri’s support team.


    Once the User is authenticated with the Organization Token, The agent looks something like this until the user authentication is complete by the admin:


    For Uninstallation:

    Sometimes, in a few Windows systems, on uninstallation of the Zluri Agent, it requires a restart for the changes to reflect in the system. 


    An admin mode is introduced, which is activated with a hotkey; only then logout, quit, and force restart the agent is possible → preferred and not to be shared with all the users.


  • Deploying Zluri Browser Agents through MS Intune

    This article explains how to deploy Zluri browser agents through MS Intune


    Please make sure that you have the Windows machine enrolled in Intune and you have integrated Microsoft Intune with Zluri.

    Please download the respective files from the links below.

     

    Adding the intunewin file to MS Intune.

    This doc applies to all three browser agents:

    1. Chrome

    2. Edge

    3. Firefox

     

    Note: In this doc, we’ve taken chrome.intunewin as an example; only the file to be uploaded will change and the rest of the steps are as is.

     

    For Edge, make sure to upload edge.intunewin

    For Firefox, make sure to upload Firefox.intunewin

     

    Step 1:

    • Click on Apps on the sidebar in order to add the application

    • Go to All Apps and click on Add. After clicking on the add button you will get to see the Select app type blade at the right side of the screen.

     

     

    Step 2:

    • From the Select App blade, choose the Windows app(Win 32) from the drop-down menu 

    • Click on the Select button at the bottom of the blade.

     

     

    Step 3:

    • Then Click on Select App package file 

    • Under the App information tab, Click on the upload button and upload the Chrome intunewin file.

    • Click on OK.

     

     

    Step 4: 
    Under the App information tab

    Fill in all the mandatory fields like Name and Description with what you can remember.

    •  Click on Next

     

     

    Step 5:
    Under the Program tab

    • Make sure msiexec.exe /i zluriautoauth.intunwin /qn is present

    • In the Install Command field append /L*v “C:\zluri[browsername].log” ORG_TOKEN=<enter your orgtoken > MDMMACTYPE=microsoftintune

    • In the above command enter your org token without <>

    • In the Device restart behavior field choose No specific action from the drop-down menu.

    • Click on Next.

     

     

    Step 6:
    Under the Requirements tab

    • Choose 32-bit and 64-bit as the Operating System architecture

    • Choose the minimum operating system available from the dropdown in the Minimum operating system field.

    • Click on Next

     

     

    Step 7:
    Under Detection rules

    • In the Rules format field, Select Manually configure detection rules

    • Below the “type “ field there is an Add button, click on Add button

    Step 8:
    Under the Detection rule pane. Under the pane, select all the required fields

    • In the Rule type field, select File from the drop-down menu

    • Chrome

      • In the Path field, enter C:\ProgramData\ConfigZluriBE

      • In File or folder field BEConfig.ini

    • Firefox

      •  In the Path field, enter C:\ProgramData\FirefoxConfig

      • In File or folder field FirefoxConfig.ini

    • Edge

      • In the Path field, enter C:\ProgramData\EdgeConfig

      •   In File or folder field EdgeConfig.ini

       

    • Choose the Detection method as a File or folder exists from the drop-down menu.

    • Click on OK

     

    NOTE: In the screenshot, you’ll see ConfigZluri & AppConfig.INI but replace them with the above-mentioned directory name & .INI file for the respective browser MSI instance

     

    Step 9:
    Under Dependencies rules

    • Click on Next

     

    Note: While Installing Browser Extension Intunewin, just click next to skip the Dependency tab, as we don’t need it.

     

    Step 10:
    Click Next for the Supersedence tab

    Step 11:
    Under the Assignments tab

    • In the Required field -Click on “Add all users” and “Add all devices.”

    • If there are any grouped enrolled devices, click on “Add all users” and “Add all devices” in the Available for enrolled devices field.

     

     

     

     Step 11:
    Click on review and create

     

    Now that the App is configured in MSIntune, it will install the .MSIs and do the following tasks:

     

    1. The [browsername].intunewin file will install the Zluri web extension for the respective browser.

    2. It will take the parameters passed, ORG_TOKEN & MDMMACTYPE and write it to the .INI file in the designated directory:

    • Chrome: C:\ProgramData\ConfigBE\*.ini

    • Edge: C:\ProgramData\EdgeConfig\*.ini

    • Firefox: C:\ProgramData\FirefoxConfig\*.ini

     

    3. Then, the .intunewin will read the .ini file for ORG_TOKEN & MDMMACTYPE and fetch the system's serial number and pass all the parameters to the static page and save it.

     

    4. After that, when the user opens the browser whenever, the Zluri web extension will fetch the uuid/serial number, org_token, & mdm type from the static page and use it to auto-authenticate you in Zluri web extension context and close the Zluri web extension tab.

     

     After silent installation and authentication, the user has to enable the extension in his Chrome / Firefox profile. This is a security requirement from the browsers and can not be passed.

     


     In Edge also you will get a similar pop-up where the user needs to turn on the agent.


  • Deploy the Chrome Agent using Google Workspace (GSuite) Admin

    Learn about rolling Zluri's Chrome extension to the entire organization directly from your Google Workspace admin.
    You can refer to the video guide here.
    Things to know before deployment:

    • For authentication to happen, the user should be logged in to the browser, and the sync on the browser profile should be "on."

    • The deployment is best when it is being deployed to only the work profiles

    • If the organization management is at a browser level, then the agent will get installed in all the browser profiles

    • The authentication of the agent is only in the work profile

    • If the organization management is at a browser level, then agents in other browser profiles other than the work profile will not be authenticated.

    • If the agent is not authenticated, it will ask for authentication every 30 minutes.

    • If the browser profile sync is "off" and is turned "on" after some time, it will take 30 minutes for the user to authenticate.

    • We will soon have an extension that does not require authentication on the non-work profiles.

    Follow these steps to roll out Zluri's browser extension to the entire organization using your Google Workspace admin:
    Sign in to your Google Workspace (GSuite) admin here:
     https://admin.google.com

    • Go to: Devices >> Chrome >> Apps & Extensions

    In the Users & browsers tab, hover over the + icon and click the chrome icon -








    • Zluri's Extension is not searchable on the Chrome Store >> Extensions >> View app by ID; paste the Extension ID:
      cmobkdiplndgpjodaioofofmcikimbdb

    Zluri Web Extension will display; click Select.

    • Once Zluri Web Extension has been displayed, open the dropdown >> select Force install and click Save.

       


    The extension will be installed in the end-user browser without a removal option and will silently authenticate with the corporate email ID. If the user logs out, it will login the user again.



  • Zluri Windows Agent Deployment and Authentication using an MDM and Organisation Token

    Step 1: Passing the Organization Token

    Deploy a script from the MDM which creates a file and writes the organization token into the file for all the devices that will have the Zluri Desktop Agent.


    Questions:

    What is an Organization Token [org_token]?

    It is a unique identifier for every organisation in Zluri.


    Where can you find your Organization Token in Zluri?

    Go to the “Sources” Module and Click on “Agents.” On the Agents Overview Page, you can copy your Organization Token



    Step 2: Authentication of the Zluri Agent

    Once the file with the organization token and the Zluri agent are installed on the devices, the Zluri Agent on all the devices will be authenticated with your organization token and will be listed in the Sources->Agents->Desktop Agents. Until the mapping is complete the agent stays Inactive where the agent is still waiting to get mapped to a user.





    User Authentication:

    Once the devices authenticated with the organization token are listed under the “Desktop Agents Page” under the “Agents” module in the Zluri platform, user authentication can be done in the following ways:

    NOTE: For authentication to be successful, status of the Organisation, User should be active and user account type should be employee in Zluri platform. Authentication can happen either for primary or alternate emails.


    • Manual Mapping of the user to the device:

      • On the Desktop Agents Page in the Agents Page, admins can manually map the device to a user in the “User” Column.

    • Integration Mapping:

      • If the organization is using any of these MDMs [Jamf Pro, MS Intune, Kandji]

      • We get the device-to-user mapping information from these MDM integrations; with this, we will map the users to their devices.

    • CSV upload:

      • This is still in development

      • But can be handled by the Zluri Team

      • A CSV with user-to-device mapping is sent to the Zluri team; the mapping will be handled. 


    Restarting the first time after installation will be the best-case scenario.

    For Uninstallation: 

    Sometimes, in a few Windows systems, on uninstallation of the Zluri Agent, it requires a restart for the changes to reflect in the system. 

    FAQs:

    1. MDMs Zluri support with the script?

    For Windows: MS Intune

    Soon, for Jumpcloud

    2. Can I remap a device to some other User?

    Yes, when you hover on the User, you will see an edit option, and on clicking that, you should be able to remap 


    3. How much time does it take for any action taken on the dashboard to reflect on the Agent?

    1 hour(60 minutes)


    4. Can the end user Logout?

    No, the end user is not allowed to logout.


    5. Can the end user Quit the application?
    No, the end user is not allowed to quit the application


    6. Can I unmap a User mapped?

    Yes, in the Desktop Agents Page, we have the “Actions” column, there we have the option to unmap



    7. What other actions are available for a device?

    “Remove from org”, in which the agent is completely logged out from both user and organization authentication.


    An admin mode is introduced, which is activated with a hotkey; only then logout quit, and force restart the agent is possible → preferred not to be shared with all the users.

    Note: For now, both Integration Mapping and Bulk Upload of a CSV for Mapping will be handled by the Zluri team; the development for the UI flow for Bulk Upload and the Integration Mapping to be triggered immediately after the entries on the “Desktop Agents” Page is in progress and we will soon have this on the platform.


  • Zluri Mac Agent Deployment and Authentication using an MDM

    Mac Agent Version: 3.2.3


    Mac Versions tested on: Ventura[13.4], Big Sur[11.0], Monterey[12.6]

    Step 1: Passing the Organization Token

    Deploy a Script from the MDM which creates a file and writes the organization token into the file into all the devices that will have the Zluri Desktop Agent.

    Questions:

    What is an Organization Token [org_token]?

    It is a unique identifier for every organisation in Zluri.


    Where can you find your Organization Token in Zluri?

    Go to the “Sources” Module and Click on “Agents.” On the Agents Overview Page, you can copy your Organization Token



    Step 2: Installation of the Zluri Agent 

    Deploy the Zluri Desktop Agent as an application to all devices.


    App link

    Mac:

    https://zluri-test-agents.s3.us-west-2.amazonaws.com/zluri-3.2.3.pkg

    Step 3: Authentication of the Zluri Agent

    Once the file with the organization token and the Zluri agent are installed on the devices, the Zluri Agent on all the devices will be authenticated with your organization token and will be listed in the Sources->Agents->Desktop Agents.





    User Authentication:

    Once the devices authenticated with the organization token are listed under the “Desktop Agents Page” under the “Agents” module in the Zluri platform, user authentication can be done in the following ways:


    • Manual Mapping of the user to the device

      • On the Desktop Agents Page in the Agents Page, admins can manually map the device to a user in the “User” Column.

    • Integration Mapping:

      • If the organization is using any of these MDMs [Jamf Pro, MS Intune, Kandji]

      • We get the device-to-user mapping information from these MDM integrations; with this, we will map the users to their devices.

    • CSV upload

      • This is still in development

      • But can be handled by the Zluri Team

      • A CSV with user-to-device mapping is sent to the Zluri team; the mapping will be handled.


    Restarting the first time after installation will be the best-case scenario.

    FAQs:

    1. MDMs Zluri support with the script?

    For Mac: Kandji 

    Soon, for Jumpcloud, Jamf Pro


    2. Can I remap a device to some other User?

    Yes, when you hover on the User, you will see an edit option and on clicking that you should be able to remap


    3. How much time does it take for any action taken on the dashboard to reflect on the Agent?

    1 hour(60 minutes)


    4. Can the end user Logout?

    No, the end user is not allowed to logout.


    5. Can the end user Quit from the application?
    No, the end user is not allowed to quit the application.

    6. Can I unmap a User mapped?

    Yes, in the Desktop Agents Page, we have the “Actions” column, there we have the option to unmap.


    7. What other actions are available for a device?

    “Remove from org”, in which the agent is completely logged out from both user and organization authentication.


    An admin mode is introduced, which is activated with a hotkey; only then logout, quit, and force restart the agent is possible → preferred not to be shared with all the users.


    Note: For now, both Integration Mapping and Bulk Upload of a CSV for Mapping will be handled by the Zluri team; the development for the UI flow for Bulk Upload and the Integration Mapping to be triggered immediately after the entries on the “Desktop Agents” Page is in progress and we will soon have this on the platform.

    References:

    Mac agent deployment via Kandji:

    Documentation:

    Mac Agent Deployment: Kandji


  • Zluri Chrome Agent Installation on Talon

    Step 1)

    Open the link to add the Zluri Chrome extension to the Talon browser

    https://chromewebstore.google.com/detail/zluri-web-extension/cmobkdiplndgpjodaioofofmcikimbdb?pli=1


    Step 2)

    Click on ‘Install Extension’ and then ‘Add Extension.’




    Step 3)

    Once installed, Click on the Extension Icon and then on Zluri Web Extension.


    Step 4)

    Click on the Open options in the small popup that comes.




    You are navigated to the extension page, where you are  logged in to the extension with the same email id as the Talon browser profile:





    For Manual Login

    Steps remain the same till Step 4, but you can manually enter the email and validation code for the Login.


    1. Enter Your Work Email

    1. Validation Code will be sent to your work email, enter the code


        

    1. You are now logged in to the Zluri Browser Extension on Talon Browser.


  • Deploy the Chrome Agent using Google Workspace (GSuite) Admin

    Follow these steps to roll out Zluri's browser extension to the entire organisation using your Google Workspace admin:

    Sign in to your Google Workspace (GSuite) admin here https://admin.google.com

    • Go to: Devices >> Chrome >> Apps & Extensions

    In the