Bitwarden Deployment Using SCCM | Deploy EXE File

This post includes the steps required for Bitwarden deployment using SCCM. We will use the Bitwarden EXE Installer to deploy the client machines using Configuration Manager.

Bitwarden is a free/freemium open-source password manager that stores sensitive information such as website credentials in an encrypted vault. A variety of client applications are available on the platform, such as a web interface, desktop applications, browser extensions, mobile applications, and a command-line interface.

Bitwarden is a zero-knowledge encryption password manager. This means that Bitwarden as a company cannot see your passwords. The service uses AES-256 encryption to encrypt all your passwords, The only available installer is an EXE. However, SCCM or Intune can help you to deploy this application.

You can easily download the Bitwarden Application from the Bitwarden official site. Bitwarden offers various installation options for the desktop application, and here you need to download the windows based setup of the Bitwarden Application.

Patch My PC

Prerequisites – Deploy EXE Application using SCCM

We have not seen any Bitwarden MSI Application, so we need to use EXE Application to deploy and install the Bitwarden Application. Now, before we proceed further, we must have these three things in advance, especially when we have a .exe setup:

  • Installation Command/Uninstallation Command
  • Detection Method
  • Application Icon

With the help of the internet, one can find an Install command for any application. In our case, we have to search the install command for the Bitwarden Application. After searching, the install command for the Bitwarden Application is Bitwarden-Installer-2022.9.1.exe /allusers /S.

After you successfully installed Bitwarden using the install command in your test environment. Now you have to look for the Uninstall command. For this, the Uninstall Command for Bitwarden is Bitwarden-Installer-2022.9.1.exe /uninstall /allusers /S.

Install CommandUninstall Command
Bitwarden-Installer-2022.9.1.exe /allusers /SBitwarden-Installer-2022.9.1.exe /uninstall /allusers /S
Bitwarden Deployment Using SCCM Table 1

After this, you have to check for the Detection Method. Here we try to use the Registry type for the detection method. For this, we need to go to Registry Editor and open the Find dialogue box and search for Bitwarden. The below path directly navigates to you there.

Adaptiva

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a

Bitwarden Deployment Using SCCM | Fig. 1
Bitwarden Deployment Using SCCM | Fig. 1

As shown in the above picture, we double-click on the DisplayVersion and copied the Value data shown above, DisplayVersion = 2022.9.1

Create Bitwarden Application Using SCCM Console

To start with the Application creation part, copy the downloaded Bitwarden .exe setup to the package source location of the SCCM Server.

  • Navigate to SCCM Console \Software Library\Overview\Application Management\Applications.
  • Right-click on Applications and select Create Application.
Bitwarden Deployment Using SCCM | Fig. 2
Bitwarden Deployment Using SCCM | Fig. 2

Whenever you have an EXE application, select the Manually Specify the Application Information option and click Next.

Bitwarden Deployment Using SCCM | Fig. 3
Bitwarden Deployment Using SCCM | Fig. 3

In the General Information Tab, you need to provide the metadata information of the SCCM Bitwarden application. You need to enter the details like :

  • Name, Publisher, and Software Version.
  • And click on Next.
Bitwarden Deployment Using SCCM | Fig. 4
Bitwarden Deployment Using SCCM | Fig. 4

Then in the Software Center Tab, Enter the Application Name and upload the Icon by clicking on Browse. For more information about uploading icons, check the Easy Steps Software Center Icon for SCCM Application Deployment.

Bitwarden Deployment Using SCCM | Fig. 5
Bitwarden Deployment Using SCCM | Fig. 5

After clicking on the Browse, select the icon you downloaded earlier as I also mentioned at the start of the post. Then Click on Next as highlighted in the image.

Bitwarden Deployment Using SCCM | Fig. 6
Bitwarden Deployment Using SCCM | Fig. 6

The Deployment tab is where you need to specify the Bitwarden Application installation command lines, detection methods, etc. This is a mandatory step for all SCCM EXE Application Deployments.

  • In the Deployment Types Tab, Click on Add.
Bitwarden Deployment Using SCCM | Fig. 7
Bitwarden Deployment Using SCCM | Fig. 7

Now the Deployment Type Wizard will pop up, and in General Tab, select Manually Specify the Deployment type information and click on Next.

Bitwarden Deployment Using SCCM | Fig. 8
Bitwarden Deployment Using SCCM | Fig. 8

Bitwarden Application Install or Uninstall Command Lines

After this, the General Information Tab appears, in which you just have to enter the application’s name and click on Next. Now in Content Tab, enter the important details mentioned below and click Next.

  • Content-Location (Browse for the UNC path where your setup is kept)
  • Installation Program
    • Bitwarden-Installer-2022.9.1.exe /allusers /S
  • Uninstall Program
    • Bitwarden-Installer-2022.9.1.exe /uninstall /allusers /S
Bitwarden Deployment Using SCCM | Fig. 9
Bitwarden Deployment Using SCCM | Fig. 9

Detection Method for Bitwarden Application

Now in the Detection Method Tab, click on Add Clause, and a new Detection Rule page will pop up. Fill all the details very carefully as mentioned below:

  • Select Registry in the Setting Type.
  • Select Computer\HKEY_LOCAL_MACHINE in the Hive.
  • Copy the rest path in the Key.
    • SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a
  • Enter DsipayVersion in Value.
  • Choose Version as Data Type.
  • Enter Receiver in the File or folder name.

The following table provides clearer options for a detection method for an exe (Bitwarden Application .EXE) file.

Setting TypeHiveKeyValueData TypeOperatorValue
RegistryComputer\HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows
\CurrentVersion\
Uninstall
\173a9bac-6f0d-50c4-8202-4744c69d091a
DisplayVersionVersionGreater than or equal to2022.9.1
Bitwarden Deployment Using SCCM | Table 2
Bitwarden Deployment Using SCCM | Fig. 10
Bitwarden Deployment Using SCCM | Fig. 10

Now in the User Experience Tab, specify Install for the system in Installation behavior; in the Logon requirement, choose Whether or not a user is logged on and Set Installation Program Visibility to Normal. Also, provide the Maximum allowed run time and Estimated installation time as shown below and click on Next.

Bitwarden Deployment Using SCCM | Fig. 11
Bitwarden Deployment Using SCCM | Fig. 11

Click on Next in the Requirement, Dependencies, and Summary Tab. After this, in the end, Click on Close in the Completion Tab as shown below.

Bitwarden Deployment Using SCCM | Fig. 12
Bitwarden Deployment Using SCCM | Fig. 12

Then back in the Create Application Wizard, click Next in Deployment Tab.

Bitwarden Deployment Using SCCM | Fig. 13
Bitwarden Deployment Using SCCM | Fig. 13

After this, click Next on the Summary Tab and end this Create Application Wizard by clicking on Close in Completion Tab.

Bitwarden Deployment Using SCCM | Fig. 14
Bitwarden Deployment Using SCCM | Fig. 14

Distribute Bitwarden Application to the SCCM DP

After creating the SCCM Application for Bitwarden, it will appear in the Application Node. To begin with, the distribution right-clicks on the Bitwarden Application and clicks on Distribute Content, as shown in the picture below.

Bitwarden Deployment Using SCCM | Fig. 15
Bitwarden Deployment Using SCCM | Fig. 15

The Distribute Content Wizard will open, and click Next in the General Tab. Then select the Application Name in the Content Tab and Click on Next.

  • After this, in the Content Destination Tab, Click on Add and select the Distribution Point option.
Bitwarden Deployment Using SCCM | Fig. 16
Bitwarden Deployment Using SCCM | Fig. 16

Then Add Distribution Point page will pop up, and choose the Distribution Point on which you want to distribute the Application.

Bitwarden Deployment Using SCCM | Fig. 17
Bitwarden Deployment Using SCCM | Fig. 17

After this, Click Next on Summary Tab and complete this Distribution process by clicking Close on Completion Tab.

Bitwarden Deployment Using SCCM | Fig. 18
Bitwarden Deployment Using SCCM | Fig. 18

Deployment of Bitwarden Application using SCCM

So far, we have accomplished two tasks, i.e., Application Creation and Application Distribution to the DP. Now all left is the Deployment of the Bitwarden Application on the Device Collection.

  • As you can see, your Application is displaying in Application Node, Right-click on Bitwarden Application and select Deploy.
Bitwarden Deployment Using SCCM | Fig. 19
Bitwarden Deployment Using SCCM | Fig. 19

After this, Deploy Software Wizard opens, and in the General Tab, enter the Name of the Application and click on Browse to select the Collection.

Bitwarden Deployment Using SCCM | Fig. 20
Bitwarden Deployment Using SCCM | Fig. 20

Now the Select Collection page will pop up; and choose Device Collection from the drop-down menu, and then

  • Select your targeted Device Collection and click on OK, and then Next.
  • Here I choose All Windows 10 Devices.
Bitwarden Deployment Using SCCM | Fig. 21
Bitwarden Deployment Using SCCM | Fig. 21

Now in the Content Tab, select the Distribution Point on which the Application is distributed and click on Next. Now in the Deployment Settings Tab, select:

  • Install in the Action box
  • And choose Available in the Purpose category.
Bitwarden Deployment Using SCCM | Fig. 22
Bitwarden Deployment Using SCCM | Fig. 22

In the Scheduling Tab, enter the time details if you want it to be available at a specific time; otherwise, leave it as it is and click Next. After this, in the User Experience Tab,

  • Select Display in Software Center and shows all notification options in the User notifications, and click on Next as shown below.
Bitwarden Deployment Using SCCM | Fig. 23
Bitwarden Deployment Using SCCM | Fig. 23

In the Alerts and Summary Tab, click on Next and to end the process, click on Close in the Completion Tab.

Bitwarden Deployment Using SCCM | Fig. 24
Bitwarden Deployment Using SCCM | Fig. 24

End User Experience

In this section, we will check the end-user experience for Bitwarden Deployment and Installation. The Bitwarden Application is Created, Distributed, and Deployed.

Now, if you check the Software Center of Windows 10 or 11 devices, you will see the application there in Available mode, and the user can install it as per the requirement.

Bitwarden Deployment Using SCCM | Fig. 25
Bitwarden Deployment Using SCCM | Fig. 25

As you can see in the below screenshot, the Bitwarden Application is installed successfully on Windows 10/11 devices. This proves that the above silent install and uninstall command and detection logic works fine for Bitwarden Application Installation using SCCM.

Bitwarden Deployment Using SCCM | Fig. 26
Bitwarden Deployment Using SCCM | Fig. 26

The installation was quick, and the Bitwarden was installed successfully without any issues. To monitor the Bitwarden Application installation, on the client computer verify the AppEnforce.log file in the C:\Windows\CCM\Logs folder.

Kudos to all of you out there!! You have successfully created, Distributed, and Deployed the Bitwarden as it is installed from the Software Center.

Author

Abhinav Rana is working as an SCCM Admin. He loves to help the community by sharing his knowledge. He is a B.Tech graduate in Information Technology.

8 thoughts on “Bitwarden Deployment Using SCCM | Deploy EXE File”

  1. Executing Command line: “C:\Program Files\Bitwarden\Uninstall Bitwarden.exe” /allusers /S with user context AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Parsed CmdLine: “C:\Program Files\Bitwarden\Uninstall Bitwarden.exe” /allusers /S AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Commandline length:52 evaluate:1 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Working directory C:\WINDOWS\ccmcache\u AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    CreateProcessAsUser is called with system account. Check if system temp re-direction is needed. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    CcmCreateProcessAsUser: CcmExec not treated as managed installer; calling CreateProcessAsUser directly. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Post install behavior is BasedOnExitCode AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Raising ETW event 20001 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Raised ETW event 20001 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Process creation time: 2022-11-24 10:59:44:483 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Current time: 2022-11-24 10:59:44:512 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Actual elapsed time (in seconds): 0 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Reconnecting to – Process Id: 12688, MaxRunTime: 7200000 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Waiting for process 12688 to finish. Timeout = 120 minutes. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Process 12688 terminated with exitcode: 0 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Looking for exit code 0 in exit codes table… AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Found a match in the success exit codes. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Matched exit code 0 to a Success entry in exit codes table. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    spAppNS.Get(sObjPath.c_str(), &spObject), HRESULT=80041002 (C:\__w\1\s\src\DCM\WmiProvider\AppUtilsLib\appcommon.cpp,1578) AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Status is switching to Success AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Reading status ‘Success’ from current status object. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    RepairAction node for appdt ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_625f1aab-2a5d-4fb4-b5e4-87ef042d1708 from digest not found: 0x80070002 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Performing detection of app deployment type Bitwarden(ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_625f1aab-2a5d-4fb4-b5e4-87ef042d1708, revision 12) for system. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Discovering app: AppDeliveryTypeId : ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_625f1aab-2a5d-4fb4-b5e4-87ef042d1708, Revision: 12 AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Expression Xml :

    SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a
    DisplayVersion

    GreaterEquals

    Discover Source Xml:

    1

    SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a

    DisplayVersion

    0

    AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    +++ Discovered application [AppDT Id: ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_625f1aab-2a5d-4fb4-b5e4-87ef042d1708, Revision: 12] AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Error post enforcement. Updating Enforce Status AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Status is switching to Failure AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    Reading status ‘Failure’ from current status object. AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)
    ++++++ App enforcement completed (0 seconds) for App DT “Bitwarden” [ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_625f1aab-2a5d-4fb4-b5e4-87ef042d1708], Revision: 12, User SID: ] ++++++ AppEnforce 24.11.2022 11:59:44 11872 (0x2E60)

    Reply
  2. Using version 2022.10.1
    1 – you cant use this uninstall command
    Bitwarden-Installer-2022.10.1.exe /uninstall /allusers /S
    1a – but this :
    “%ProgramFiles%\Bitwarden\Uninstall Bitwarden.exe” /S

    2 – missclick in guide : Enter DsipayVersion in Value.
    2a – DisplayVersion

    3 – uninstall still error : 0x87D00325(-2016410843)
    3a if i use retry all is ok and i can again install

    sam problem with :

    Parsed CmdLine: “C:\Program Files\Bitwarden\Uninstall Bitwarden.exe” /S AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Commandline length:52 evaluate:1 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Working directory C:\WINDOWS\ccmcache\10 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    CreateProcessAsUser is called with system account. Check if system temp re-direction is needed. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    CcmCreateProcessAsUser: CcmExec not treated as managed installer; calling CreateProcessAsUser directly. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Post install behavior is BasedOnExitCode AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Raising ETW event 20001 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Raised ETW event 20001 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Process creation time: 2022-11-24 13:01:20:230 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Current time: 2022-11-24 13:01:20:254 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Actual elapsed time (in seconds): 0 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Reconnecting to – Process Id: 3796, MaxRunTime: 900000 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Waiting for process 3796 to finish. Timeout = 15 minutes. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Process 3796 terminated with exitcode: 0 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Looking for exit code 0 in exit codes table… AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Found a match in the success exit codes. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Matched exit code 0 to a Success entry in exit codes table. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    spAppNS.Get(sObjPath.c_str(), &spObject), HRESULT=80041002 (C:\__w\1\s\src\DCM\WmiProvider\AppUtilsLib\appcommon.cpp,1578) AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Status is switching to Success AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Reading status ‘Success’ from current status object. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    RepairAction node for appdt ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_4e6d3c84-508f-417e-947d-a3af4969a2c3 from digest not found: 0x80070002 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Performing detection of app deployment type Bitwarden(ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_4e6d3c84-508f-417e-947d-a3af4969a2c3, revision 1) for system. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Discovering app: AppDeliveryTypeId : ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_4e6d3c84-508f-417e-947d-a3af4969a2c3, Revision: 1 AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Expression Xml :

    SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a
    DisplayVersion

    GreaterEquals

    Discover Source Xml:

    1

    SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a

    DisplayVersion

    0

    AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    +++ Discovered application [AppDT Id: ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_4e6d3c84-508f-417e-947d-a3af4969a2c3, Revision: 1] AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Error post enforcement. Updating Enforce Status AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Status is switching to Failure AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    Reading status ‘Failure’ from current status object. AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)
    ++++++ App enforcement completed (0 seconds) for App DT “Bitwarden” [ScopeId_6DDEE190-0A2C-446F-853C-F6CB8A09F2D5/DeploymentType_4e6d3c84-508f-417e-947d-a3af4969a2c3], Revision: 1, User SID: ] ++++++ AppEnforce 24.11.2022 14:01:20 15716 (0x3D64)

    Reply
    • OK thank you. But as per the log file, the detection method is still pointing to SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\173a9bac-6f0d-50c4-8202-4744c69d091a…

      Is it possible to change the Detection method as mentioned in the below comment?

      Reply
  3. Kudos!
    Thanks for your Guide, it worked with baramundi as well – except for the deinstallation. If anyone found a solution I’d be glad to know.

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.