Appearance
Bulk activation
The Enclave management console (EMC) provides a way to bulk register nodes using activation codes. This is useful for registering multiple nodes at once, especially in larger deployments. The process involves creating an activation code, deploying the Enclave agent, activating it with the code, and then approving the activation request in the EMC.
Step 1: Create an activation code in the Enclave management console (EMC)
Navigate to Settings
> Activation requests
in the EMC. Click Create activation code
and fill in the necessary information. Fill out the form and click Create
. It can be useful to create multiple activation codes for different groups of nodes for easier identification in the approval process.
Step 2: Deploy the agent
Deploy the Enclave agent to your fleet using your preferred method. You can use the agent getting started documentation to begin. If you are using an MDM solution, example post-install scripts can be found below. If you need a more taylored script, we'll be happy to help you create one though.
Step 3: Activate the agent
Using the activation code you created in the EMC, you can activate the agent using the following command:
bash
enclave auth activate --code <code>
Alternatively, you can use the GUI to use an activation code by following prompts on the log in screen.
Step 4: Approve the activation request
Navigate to Settings
> Activation requests
in the EMC. You will see a list of activation requests. Click on the request you want to approve and click Approve
. The node will now be registered and you can view the status of the agent in the EMC. Please note that once a node is approved, it can take up to 10 minutes for the node to appear active in the EMC.
Post-install scripts for MDM solutions
When using a tool like Microsoft Intune, Jamf, or another MDM solutions, you can use the following scripts to automate the activation process. Please modify these scripts with your own values. The activate
command will fail if the agent is already authenticated, so you can safely run these scripts multiple times without issues.
Please note that when using these scripts, the agent will be locked to the local user account that runs the script. If you need to logout or manage the agent on the machine, you will need to use the same user account that ran the script.
Windows
powershell
# USER SUPPLIED VARIABLES
# -----------------------
# activation code used to authenticate the agent
# a code can be created in the EMC under Settings > Activation Requests
$activationCode=""
# -----------------------
# call the enclave binary with the activation code
C:\ProgramData\enclave\enclave.exe auth activate --code $activationCode
Post-install script for macOS
shell
#!/bin/sh
# USER SUPPLIED VARIABLES
# -----------------------
# activation code used to authenticate the agent
# a code can be created in the EMC under Settings > Activation Requests
ACTIVATION_CODE=""
# -----------------------
# call the enclave binary with the activation code
enclave auth activate --code $ACTIVATION_CODE
Post-install script for Linux
shell
#!/bin/sh
# USER SUPPLIED VARIABLES
# -----------------------
# activation code used to authenticate the agent
# a code can be created in the EMC under Settings > Activation Requests
ACTIVATION_CODE=""
# -----------------------
# call the enclave binary with the activation code
enclave auth activate --code $ACTIVATION_CODE