Nightfall Windows Agent Deployment: JumpCloud MDM

Instructions on how to install the Nightfall agent on Microsoft Windows using the JumpCloud MDM.

Prerequisites

Before beginning the install, make sure you have the following:

A JumpCloud Admin / MDM environment ready, and the JumpCloud Agent already configured or in process of being configured for your Windows devices.
The Nightfall Windows Agent (MSI) and associated parameters (API_KEY / COMPANY_ID) as from the Nightfall Endpoint page → Download Packages.
Internal device group or OU targeting plan within JumpCloud (for example: Windows corporate laptops, desktops, etc).
Communication to end-users (if needed) and any documentation of maintenance windows or reboots.
Valid credentials / admin rights on target Windows devices (or ability via MDM / script to install silently).

Deploy the Nightfall Agent via JumpCloud

Use JumpCloud’s Commands/Policies feature to deploy the Nightfall Agent silently to the target Windows device group:

In JumpCloud Admin Portal: Device Management → Commands → Commands tab → click + Command (or use Policies if available)
- Type: Windows
- Check "Windows PowerShell"
- Command: Copy/paste in the command shown below.
  - Replace the File Destination ($msi value) as needed or leave as-is.
  - Replace the API_KEY and COMPANY_ID with what is in the Nightfall console.
    From the Nightfall Endpoint page > click Download Package > copy the API_KEY and COMPANY_ID from the Windows command.
    $msi = 'C:\\Windows\\Temp\\NightfallAgent.msi' $args = @( '/i', "`"$msi`"" 'API_KEY="<API_KEY>"' 'COMPANY_ID="<COMPANY_ID>"' 'INSTALL_NF_DRIVER=1' '/qn' ) Start-Process msiexec.exe -ArgumentList $args -Wait -NoNewWindow
- Command Name: (e.g., “Install Nightfall Agent Windows”)
Under Files > click + File > upload the NightfallAgent.msi
Setting the path of the file upload
Copy the File Destination where the MSI would be copied onto the enrolled devices by jumpcloud mdm.
Choose a Device Group
1. Navigate to the Device Groups tab.
2. Check the group to use for deployment.
Click "Save".
Click "Run Now".

Post-Installation Verification

After installation, verify that the Nightfall Agent is functioning correctly:

In JumpCloud, Device Management → Devices, check that the device remains active and that there are no policy conflicts or errors.
In the Nightfall Console → Integrations → Manage (macOS or Windows) → confirm the device is in the “Connected” state.
On the Windows machine, check Programs & Features to confirm “Nightfall Agent” appears.
In Services (services.msc), verify the Nightfall service is installed and running.
Confirm that the NightfallUI app is shown on the taskbar and that the Version, Company UUID, and Device ID are correct.
Conduct a simple test of exfiltration detection (per your internal policy) to ensure the agent is monitoring as expected.

Troubleshooting & Best Practices

Ensure that the MSI installation parameters (API_KEY, COMPANY_ID) are correct and correspond to your Nightfall account.
If installation fails silently, re-run the installation with log flags and check the install log file:

$args = @( 
    '/i', ""$msi"" 
    'API_KEY="<API_KEY>"' 
    'COMPANY_ID="<COMPANY_ID>"' 
    'INSTALL_NF_DRIVER=1'
    '/qn'

    '/L*V’,'C:\\Windows\\Temp\\NightfallAgent-install.log’
)

If devices have pending reboots or other software installations, consider staging installation to avoid conflicts.
Because you’re installing via JumpCloud, ensure the device’s JumpCloud Agent is up-to-date and reporting properly before deploying Nightfall.
For stealth or minimal-disruption deployment (if desired), schedule installs during off-hours and consider using silent /qn /norestart. The Nightfall Windows guide supports silent installs.
Document versioning of Nightfall Agent: if you need to upgrade later, consider how you’ll script uninstall + reinstall or patch. The MSI guide covers uninstall.
Monitor JumpCloud’s device compliance and policy execution logs to ensure the command executed successfully.

Uninstall via JumpCloud

In JumpCloud Admin Portal: Device Management → Commands → + Command

Type: Windows
Check "Windows PowerShell"

Command: Copy/paste in the command shown below:

# Uninstall "NightfallAI Agent" silently via MSI ProductCode, with full logging.
# Works for both 64-bit and 32-bit (WOW6432Node) installs.

$TargetDisplayName = 'NightfallAI Agent'
$UninstallHives = @(
  'HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall',
  'HKLM:\\SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall'
)

Write-Host "Searching for '$TargetDisplayName' in uninstall registry..." -ForegroundColor Cyan

$found = $null
foreach ($hive in $UninstallHives) {
  if (-not (Test-Path $hive)) { continue }
  foreach ($sub in Get-ChildItem $hive -ErrorAction SilentlyContinue) {
    try {
      $p = Get-ItemProperty $sub.PSPath -ErrorAction SilentlyContinue
      if ($p.DisplayName -eq $TargetDisplayName) {
        $found = [pscustomobject]@{
          KeyName         = $sub.PSChildName
          KeyPath         = $sub.PSPath
          DisplayName     = $p.DisplayName
          UninstallString = $p.UninstallString
        }
        break
      }
    } catch { }
  }
  if ($found) { break }
}

if (-not $found) {
  Write-Host "Not installed: $TargetDisplayName — nothing to do." -ForegroundColor Yellow
  exit 0
}

Write-Host "Found:" -ForegroundColor Green
Write-Host "  Key: $($found.KeyPath)"
Write-Host "  UninstallString: $($found.UninstallString)"

# Try to extract ProductCode (GUID) from key name or UninstallString
$guid = $null
if ($found.KeyName -match '^\\{[0-9A-Fa-f-]{36}\\}$') { $guid = $found.KeyName }
elseif ($found.UninstallString -match '\\{[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}\\}') { $guid = $matches[0] }

$LogPath = 'C:\\Windows\\Temp\\NightfallAgent-uninstall.log'

if ($guid) {
  Write-Host "Using ProductCode $guid for silent uninstall via msiexec..."
  $args = @('/x', $guid, '/qn', '/norestart', '/L*V', $LogPath)
  $proc = Start-Process -FilePath msiexec.exe -ArgumentList $args -Wait -PassThru -NoNewWindow
  $code = $proc.ExitCode
  Write-Host "msiexec exit code: $code"
  if (Test-Path $LogPath) { Write-Host "MSI log: $LogPath" }
  exit $code
}
else {
  # Fallback: run the UninstallString directly (best effort).
  # If it's msiexec without silent flags, try to add /qn /norestart.
  $cmd = $found.UninstallString
  if ([string]::IsNullOrWhiteSpace($cmd)) {
    Write-Error "UninstallString missing — cannot continue."
    exit 1
  }

  if ($cmd -match 'msiexec(\\.exe)?\\s+/I\\s*(\\{[^\\}]+\\})') {
    # Convert /I to /x for remove, add silent + log
    $guid2 = $matches[2]
    Write-Host "Converting msiexec /I to silent remove for $guid2"
    $args = @('/x', $guid2, '/qn', '/norestart', '/L*V', $LogPath)
    $proc = Start-Process -FilePath msiexec.exe -ArgumentList $args -Wait -PassThru -NoNewWindow
    $code = $proc.ExitCode
    Write-Host "msiexec exit code: $code"
    if (Test-Path $LogPath) { Write-Host "MSI log: $LogPath" }
    exit $code
  }
  elseif ($cmd -match 'msiexec(\\.exe)?') {
    # It's some other msiexec form; append silent flags if missing
    $aug = $cmd
    if ($aug -notmatch '/qn')       { $aug += ' /qn' }
    if ($aug -notmatch '/norestart'){ $aug += ' /norestart' }
    if ($aug -notmatch '/L\\*V')     { $aug += " /L*V `"$LogPath`"" }

    Write-Host "Running: $aug"
    $proc = Start-Process -FilePath 'cmd.exe' -ArgumentList '/c', $aug -Wait -PassThru -NoNewWindow
    $code = $proc.ExitCode
    Write-Host "msiexec exit code: $code"
    if (Test-Path $LogPath) { Write-Host "MSI log: $LogPath" }
    exit $code
  }
  else {
    # Non-MSI uninstaller (unlikely for your MSI). Launch as-is.
    Write-Host "Non-MSI uninstall string; executing as-is."
    $proc = Start-Process -FilePath 'cmd.exe' -ArgumentList '/c', $cmd -Wait -PassThru -NoNewWindow
    $code = $proc.ExitCode
    Write-Host "Uninstaller exit code: $code"
    exit $code
  }
}

Command Name: (e.g., “Uninstall NightfallAI Agent Windows”)

Choose a Device Group
1. Navigate to the Device Groups tab.
2. Check the group to use for deployment.
Click "Save".

Run whenever needed.

Appendix / Reference Links

Nightfall Windows Agent MSI Deployment Guide – Nightfall Help Center: Install Nightfall AI Agent for Windows OS
JumpCloud Windows Agent Installation Walk-through – JumpCloud Support: JumpCloud Agent Windows Installation Walkthrough
JumpCloud Commands / Remote Application Install guide: Install Applications Remotely via JumpCloud

PreviousManual Installation NextNightfall Windows Agent Deployment: Microsoft Intune

Last updated 10 days ago

Was this helpful?

hashtagPrerequisites

hashtagDeploy the Nightfall Agent via JumpCloud

hashtagPost-Installation Verification

hashtagTroubleshooting & Best Practices

hashtagUninstall via JumpCloud

hashtagAppendix / Reference Links