📘
Organizations Only
A business account is required to use this feature. If you wish to participate in the beta, email [email protected] from your work email address.

What is Mass Device Provisioning

This feature allows you to generate a provisioning code, and use it to deploy Control D to hundreds of Windows, Mac and Linux devices using a single command using your favorite RMM platform.

Create Provision Code

Within the relevant Organization, click on the Devices tab, and select Provision. Then click the + button at the top.

Fill out the appropriate fields, which are defined as follows:

Device Type - What kind of devices you're provisioning: Windows, Mac or Linux
Enforced Profile - What Profile you wish to enforce on these Devices
Expires After - How long this code should be usable for. After this time passed, the code cannot be used anymore
Limit - How many devices you expect to provision. The code will become expired once this limit is reached
Device Name Prefix - Optional name prefix for this batch of Devices. The name will be the OS hostname appended to the prefix. For example, if you use admin-as the prefix, and the machine hostname is "Bob-PC" then the final Device name that you will see in the web panel will be: admin-Bob-PC
Analytics - Desired Analytics Level

Windows Setup

Once you create a code, you will be shown with usage instructions. If you selected Windows, you will see a modal like this.

Automatic Setup

Simply copy the setup command and execute it on the desired endpoints using your favorite RMM tool using cmd (batch).

powershell -Command "(Invoke-WebRequest -Uri 'https://api.controld.com/dl' -UseBasicParsing).Content | Set-Content '%TEMP%\ctrld_install.bat'" && %TEMP%\ctrld_install.bat CODE_GOES_HERE forced

Alternatively, you can use pure Powershell:

(Invoke-WebRequest -Uri 'https://api.controld.com/dl' -UseBasicParsing).Content | Set-Content "$env:TEMP\ctrld_install.bat"; Start-Process -NoNewWindow -FilePath "$env:TEMP\ctrld_install.bat" -ArgumentList 'CODE_GOES_HERE', 'forced'

This 1 liner command will do the following:

Download the batch installer script and execute it with the provisioning code as an arg
The batch script will detect the machine architecture (386, AMD64, ARM64) and download the latest binary for it into C:\ControlD, and add it to the system path
Register and start a Windows service
Once the service starts, it will contact the Control D API with the provisioning code, register a Device, and configure DNS on the endpoint to use the DNS-over-HTTPS resolver for that Device

You're done. The endpoint should now be visible in the Devices section.

Manual Setup

If you don't use wish to use the 1 liner installer, or have compatibility issues (let us know!) you can achieve the same thing with a few extra steps.

Head over to GitHub and download the latest release binaries for your desired architecture
Deploy the executable to the desired location of your target endpoints using your favorite RMM tool
Execute the "Start the service" command

ctrld.exe start --cd-org CODE_GOES_HERE

This will perform steps 3-4 from the Automatic Setup.

🚧
System path not included
Manual flow does not create a system path for the ctrld.exe executable. You will have to execute ctrld start --cd-org xxxxx command using an absolute path. ie. C:\ControlD\ctrld.exe start --cd-org xxxxxxx

MacOS Setup

Once you create a code, you will be shown with usage instructions. If you selected Mac (or Linux), you will see a modal like this.

Automatic Setup

Simply copy the setup command and execute it on the desired endpoints using your favorite RMM tool.

sh -c 'sh -c "$(curl -sSL https://api.controld.com/dl)" -s CODE_GOES_HERE forced'

This 1 liner command will do the following:

Download the bash installer script and execute it with the provisioning code as an arg
The bash script will detect the machine architecture and download the latest binary for it into /usr/local/bin
Register and start a system service
Once the service starts, it will contact the Control D API with the provisioning code, register a Device, and configure DNS on the endpoint to use the DNS-over-HTTPS resolver for that Device

You're done. The endpoint should now be visible in the Devices section.

Manual Setup

If you don't use wish to use the 1 liner installer, or have compatibility issues (let us know!) you can achieve the same thing with a few extra steps.

Head over to Github and download the latest release binaries for your desired architecture
Deploy the executable to the desired location of your target endpoints using your favorite RMM tool
Execute the "Start the service" command

ctrld start --cd-org CODE_GOES_HERE

This will perform steps 3-4 from the Automatic Setup.

Code Management

When you land on the Provision page, you can view the states of all your provisioning codes and perform various actions.

Email Code - This will open a modal, where you can input the email of the end user to self-provision their endpoint. This is only useful if the end-user has admin rights to their machine
Invalidate Code - This will prevent the code from working any further, regardless of the limit or expiry not being reached
Delete Code - Same as Invalidate Code, but will also remove the record from this view
Provisioning Instructions - Display the modal that shows you how to use this feature.

Removal

To remove the daemon from the target machine, simply execute this command using your RMM tool:

ctrld uninstall

This will stop and remove the system service, and put back the DNS settings to OS defaults.

🚧
If installer was not used
If you didn't use the 1 liner installer, ctrld may not be in the system path. You need to run the binary using the absolute path.

Alternatively, you can delete the Device from the Dashboard (this will instantly break DNS on the machine), and reboot the target machine. On OS boot, the daemon will not be able to re-fetch the DNS resolver (because you deleted the Device), and will self-uninstall.