Desktop client PowerShell installation
This guide describes how to deploy idemeum desktop client to a fleet of Windows workstations with PowerShell.
Overview
idemeum offers a PowerShell script that can be executed to silently install or upgrade idemeum desktop client. Script will pull the latest binary and will perform base installation or upgrade as necessary.
Obtain PowerShell command
- Navigate to your idemeum tenant and access admin portal
- Access
Settings
->Desktop installation
- Choose
PowerShell
submenu - Click
Copy
- You will be presented with the command that you can copy and execute directly on the workstation
❗
Please note that every time you generate a PowerShell command, idemeum will create a new set of client credentials, therefore all previously generated commands and client credentials will be invalidated.
Install or update desktop client
- Open PowerShell as
Administrator
- Make sure the execution policy is set to
RemoteSigned
Set-ExecutionPolicy RemoteSigned
❗
By default Windows PowerShell execution policy is set to Restrictred, therefore you might not be able to execute the script. To allow script execution you need to set execution policy to RemoteSigned.
- Execute the command that you obtained in the previous step. In case the client is already installed, PowerShell script will check if the client needs to be updated to the latest version, and will perform the update.
❗
Restart will be required after the desktop client installation.
Uninstall desktop client
- Open PowerShell as
Administrator
- To uninstall idemeum client and updater please execute the following PowerShell commands on the workstation
Start-Process -FilePath "msiexec.exe" -ArgumentList "/x {93B9CC98-6004-411E-A8BF-88F7C3BC5541} /qn" -Wait
Start-Process -FilePath "msiexec.exe" -ArgumentList "/x {71216D26-573B-402B-A3F5-A7CB9F950CFF} /qn" -Wait
Restart-Computer -Force
You can execute the commands directly or you the following script.
Advanced settings
Idemeum PowerShell script allows to pass certain parameters to customize the installation or update behavior. Here are the additional options that you can pass to the script command that you obtain from the idemeum admin portal:
-restartAfterInstall
- passtrue
orfalse
depending on whether you want the computer to restart or not. We recommend to perform the restart after the installation to make sure the credential provider is properly loaded. The default value istrue
. See the example below.
cd $env:TEMP; Invoke-WebRequest -Uri "https://asset.idemeum.com/desktoplogin/idemeumDesktopAppInstall.ps1" -OutFile "idemeumDesktopAppInstall.ps1"; .\idemeumDesktopAppInstall.ps1 -tenantFQDN '******' -corpEmail '****' -clientId '****' -clientSecret ''****'' -masterKey ''****'' -tenantDisplayName '***' -restartAfterInstall 'false'
-autofillEnabled
- passtrue
orfalse
depending on whether you want to enable autofill service for desktop applications. The default value isfalse
.-credentialProviderEnabled
- passtrue
orfalse
depending on whether you want to install idemeum credential provider. The default value istrue
.-authType
- pass the way you want users to authenticate,qrcode
orrfid