Topic
This article discusses software management in NinjaOne.
Environment
NinjaOne Endpoint Management
Description
NinjaOne provides software management capabilities for Windows, macOS, and Linux endpoints. In environments where end users do not have application management permissions, technicians can use NinjaOne to install, uninstall, and patch applications ad hoc, in bulk, or automatically through policy-based automation.
Select a topic to learn more:
- Creating a Software Inventory
- Software Deployment Methods in NinjaOne
- Uninstalling Software with NinjaOne
- Automating Software Installation with NinjaOne
- Enforcing Software Requirements
- Blocklist Software
- Using Credentials to Improve Software Install Rates
- Install Automation
Creating a Software Inventory
NinjaOne automatically collects a complete software inventory for all managed devices. You get a comprehensive list of all software installed in your environment, including which devices it is installed on and critical software details, including version numbers and installation dates.
Software Deployment Methods in NinjaOne
- Built-in packages: Natively deploy and patch 40+ third-party applications from publishers, including Google and Microsoft.
- Native deployment workflow: Easily host and deploy any Microsoft installer or extension application package through NinjaOne.
- Custom scripts: Create custom application deployment scripts for Windows, macOS, and Linux.
- Remote control: Take 1:1 control of endpoints for complex application deployments and install applications directly.
Uninstalling Software with NinjaOne
- Software inventory: You can uninstall any application that supports silent uninstallation at the click of a button in NinjaOne's built-in software inventory.
- Custom scripts: NinjaOne lets you create custom application uninstallation scripts for Windows, Mac, and Linux.
- Remote control: Take 1:1 control of endpoints and uninstall applications directly for complex application removal.
Automating Software Installation with NinjaOne
Mass Deploying and Patching Built-in Software Packages
NinjaOne includes 40+ application packages that deploy automatically to Windows endpoints via policies and over 100 that patch automatically. These applications deploy silently in the background without end-user intervention.
Deploying Built-In Third-Party Applications via Policies
- Navigate to a policy and select the Software tab.
- Activate software management and choose your scan, update, and reboot options.
- Select the Products tab.
- Click Add products and select all the applications you want to install or patch.
- Click Save.
- Select all applications you want to install and set the Install field to Yes.
Deploying Software Through Installer Scripts
NinjaOne's built-in Application Installation script lets you install a Microsoft installer or extension application on Windows servers, workstations, and laptops. The installer must allow silent installation to deploy using this method. You can run the Application Installation script ad hoc, as a policy-scheduled automation, or as a scheduled task.
Mass Deploying Software Through Scheduled Automations (Custom Script)
NinjaOne lets you create custom scripts in PowerShell, ShellScript, Batch, VBScript, and JavaScript that you can use to deploy almost any application to Windows, Mac, or Linux endpoints at a specific date and time.
Deploying Built-In Third-Party Applications via Policies
You can deploy multiple applications with a single scheduled script. Applications deploy simultaneously in the order listed in the script.
Software installations should generally use the Run once or Run once immediately schedule options. The Run once option lets you deploy an application at a future date and time. It runs exactly once. Run once immediately runs as soon as you save the policy and runs against all endpoints added to the policy at a future date.
- Write your custom application deployment script and add it to your saved scripts.
- In NinjaOne, navigate to Administration → Policies → Agent policies and select a policy from the list.
- The policy's configuration page opens. Click Scheduled Automations.
- Click Add a Scheduled Automation and fill in the name and description fields.
- Click Add in the Automations section of the dialog.
- In the Schedule drop-down menu, choose a schedule option. Software installations should generally use the Run once or Run once immediately schedule options.
- Run once: Deploy an application at a future date and time. It runs exactly once.
- Run once immediately: Deploy an application as soon as you save the policy and run against all endpoints added to the policy at a future date.
- Choose the custom script you created.
- Select which user to use to install the application.
- Click Apply.
- Schedule your deployment.
Mass Deploying Software With Scheduled Tasks
You can use scheduled tasks alongside the native deployment workflow or custom script workflows to mass-deploy applications as one-off tasks or across device roles.
- Navigate to Administration → Tasks and click Create Task.
- The New scheduled task window opens. Give the task a name and description, and set the schedule. To run a software deployment task only once, set the Ends field to After and the Occurrences field to 1.
- Click Add Automation and select the application script you want to run.
- Navigate to the Targets tab and click Add.
- Select the organizations, devices, or groups you want to target. You can create a dynamic group of endpoints without the software installed by using the Search and Groups functions and applying the scheduled task to this group.
- Click Apply, then click Save.
Enforcing Software Requirements
NinjaOne lets you enforce the requirement for specific software on an endpoint by using conditional monitoring. This process checks for the absence of software and installs the application whenever NinjaOne does not detect it, ensuring endpoints comply with software requirements.
- In NinjaOne, navigate to Administration → Policies → Agent policies and select a policy from the list.
- Navigate to a policy and select the Conditions tab.
- Click Add a condition → Select a condition.
- Select the Software condition from the drop-down menu, then set Presence to Doesn't exist.
- Type the application name in the Name field. The name field must exactly match the application name. Wildcard characters (*chrome*) can improve match rates. When finished, click Apply.
- Add a display name and reset interval, then configure your notifications and ticketing preferences. Set the reset interval to at least 20 minutes to prevent the condition from triggering while an installation script is still running.
- Click Add in the Automations section of the window.
- Select your application installation script, then click Add.
Blocklist Software
You can use NinjaOne to either send notifications of unapproved software installations or detect and automatically uninstall unapproved software.
Creating an Alert for Prohibited Software
- In NinjaOne, navigate to Administration → Policies → Agent policies and select a policy from the list.
- Navigate to a policy and select the Conditions tab.
- Click Add a condition → Select a condition.
- Select the Software condition from the drop-down menu, then set Presence to Exists.
Add the name of the application you want to blocklist to the Names field.
The name field must exactly match the application name. You can use wildcard characters (*chrome*) to improve match rates.- Click Apply.
- Set the Notifications field to Send notifications.
- Click Add.
Automatically Uninstalling Prohibited Software
- Create a custom script to uninstall the prohibited software.
- Follow the steps above.
- Click Add Automation.
- Select your uninstall script.
- Click Apply.
- Click Add.
Using Credentials to Improve Software Install Rates
By default, NinjaOne automations run with system-level privileges or as the logged-in user, and so they do not have access to domain or administrative resources. If you have locked down an endpoint, installing software may require administrative credentials, which are stored at the organization level.
Adding Credentials
- Navigate to the organization where you want to add a credential.
- Click the Credentials tab.
- Click Add Credential.
- Give the credential a name, domain (if applicable), username, and password.
- Click Add.
Automatically Injecting Credentials
- From the Credentials tab, click the Defaults tab.
- Set the Mac Script, Linux Script, Windows Script Local Admin, Windows Script Domain Admin, and Windows 3rd Party Patching Preferred Credentials to your preferred credentials.
Using Ad Hoc Credentials
When setting up a software installation script (native or custom), set the Run As field to your preferred credentials.
Install Automation
When you provide the software install automation a file upload or URL ending in .msi, an infobox displays: "NinjaOne has detected this is an MSI file; it will be executed with <default switches> automatically."
If you add a file upload URL that is not .msi, including where there is no extension in a URL, the following message displays: "If you intend to run this installer silently, you may need to enter the appropriate command-line arguments." Neither of these callouts displays until you add a URL or file. You can install files over 1 GB in size by using the URL method in the software repository.
You can use URLs in the software that do not end in .exe, .msi, or .pkg or .dmg, and can instead use vanity URLs or redirections to the latest version when using the app automation installation component.