Install Brave Browser on Windows 10/11

Written by Qunzhi Luo on the 10th Nov 2021

Exported on 10-Nov-2021 21:08:36

Using Attune to install Brave Browser on Win10/Win11

Brave is a free and open-source web browser developed by Brave Software, Inc. based on the Chromium web browser, which Chrome is based on as well. Brave is a privacy-focused browser, which automatically blocks online advertisements and website trackers in its default settings.
In this blueprint, we download and run the installer, delete the installer package, then remove Brave update services(disable automatic update).
We use the StandaloneSilentSetup installer, to prevent user interaction during the installation. But we found that running the intaller directly with Attune(WinRM protocol), the actual privilege of the running session is Administrators rather than the normal user we're using, thus the browser is installed in the System Profile directory, which can't be accessed later by the user. To workaround this, we create a scheduled task to run the installer, it then behaves as the normal user, and installs the browser to the correct place.

Tested on Windows 10/11

Pre-Blueprint Attune setup
  1. On the Inputs tab, create a Windows node you wish to install Brave.
  2. On the Inputs tab, create a Windows credential to connect to the node you wish to install Brave.

Parameters

Name Type Script Reference Default Value Comment
Brave Installer Download Path Text braveInstallerDownloadPath C:\software.attune\BraveBrowserStandaloneSilentSetup.exe The installation image will be saved here.
Brave Installer Download URL Text braveInstallerDownloadUrl https://github.com/brave/brave-browser/releases/download/v1.31.88/BraveBrowserStandaloneSilentSetup.exe The installer download link. We need the `StandaloneSilentSetup` package, which is not on brave.com, but we can download it through github repository. The URL should be updated via https://github.com/brave/brave-browser/releases, find the newest release(not Nightly and Dev), it's in the `Assets` part.
Windows Node Windows Server windowsNode The Windows Node(server, computer, virtual machine, etc.) we are connecting to run the blueprint.
Windows User Windows OS Credential windowsUser The Windows username / password pair to authenticate.

1 - Clear "Users must enter a user name and password to use this computer"

Clear Users must enter a user name and password to use this computer with registry. It's identical to do the setting in GUI with netplwiz.exe.

A GUI session is needed to run scheduled task with normal user privilege(instead of behaving as Administrators), so Brave can be installed in %LOCALAPPDATA%, other than the system profile("C:\Windows\System32\config\systemprofile\AppData\Local\BraveSoftware"), where normal users don't have access permission by default.
But in unattended automation, it's assumed we don't have local access to the host, and using RDP to establish a GUI session usually asks the user to do interactions. So clear the Users must enter a user name and password to use this computer setting and do a system restart, will guarantee that the host boot with a GUI session logged in.

See doc for the meaning of {windowsUser.user} and {windowsUser.password}.

TODO: Remember the original state of this parameter, we should restore it after installing Brave.

This step has the following parameters

Name Script Reference Default Value
Windows User {windowsUser.user} None
Windows User {windowsUser.password} None
The connection details have changed from the last step.

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program 
$RegPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"
$DefaultUsername = "{windowsUser.user}"
$DefaultPassword = "{windowsUser.password}"
Set-ItemProperty $RegPath "AutoAdminLogon" -Value "1" -type String 
Set-ItemProperty $RegPath "DefaultUsername" -Value "$DefaultUsername" -type String 
Set-ItemProperty $RegPath "DefaultPassword" -Value "$DefaultPassword" -type String

2 - Reboot Windows

Reboot the computer.

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a Windows Batch File make sure you run it with cmd.exe Click start menu, enter "command" in the search bar, then select the command program 
shutdown -r -t 0

3 - WinRM Wait for Reboot

Wait for the WinRM port to come alive after system reboot.

It's seen on some system that it needs 40 seconds Post Wait Time(When the system is going to reboot, previous successful ping will fail for the period the OS is down, then after the OS gets up, ping will succeed shortly. Post Wait Time means after the port come back alive again, we wait Post Wait Time more seconds before this step finish), although the port is open, but the WinRM service is not in a ready state. Less than this may result in error with the following steps.

The TCP Port value should be the same with the WinRM Connection Type of the Windows node value(check this on the Inputs tab) that we're connecting to, 5986 is the port of the default connection type.

The connection details have changed from the last step.

on node

Check if tcp port 5986 is listening make sure it goes down for 5 seconds, once its up, wait 40 seconds .

Use Telnet to check if the TCP service is accepting connections.

4 - Download Brave installer

Download Brave installer from the official URL.

This step has the following parameters

Name Script Reference Default Value
Brave Installer Download URL {braveInstallerDownloadUrl} https://github.com/brave/brave-browser/releases/download/v1.31.88/BraveBrowserStandaloneSilentSetup.exe
Brave Installer Download Path {braveInstallerDownloadPath} C:\software.attune\BraveBrowserStandaloneSilentSetup.exe
The connection details have changed from the last step.

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program 
# Create parent directory
$DIR=Split-Path -Path {braveInstallerDownloadPath}
if (-not (Test-Path $DIR)) {
    New-Item $DIR -ItemType Directory
}

# Download
if (-not (Test-Path {braveInstallerDownloadPath})) {
    Invoke-WebRequest -Uri {braveInstallerDownloadUrl} -OutFile {braveInstallerDownloadPath}
}

5 - Run Brave installer via scheduled task

Create a scheduled task to run the installer, as a workaround to user privilege-related problem.

If running the Brave installer directly from WinRM, it is running under the Administrators' privileges, and install to the system profile("C:\Windows\System32\config\systemprofile\AppData\Local\BraveSoftware"), where normal users don't have access permission by default.
Scheduled tasks with -User and -Password set(equivalent to Run whether user is logged on or not), also behave as Administrators(like running the Brave installer directly from WinRM). Currently it is found that only when the scheduled task is set as Run only when user is logged on(no user / password set with Register-ScheduledTask), the installer installs to the user's own storage space(%LOCALAPPDATA%). So we need to establish a GUI session before running the scheduled task, this is why we clear Users must enter a user name and password to use this computer at the first place.

This step has the following parameters

Name Script Reference Default Value
Brave Installer Download Path {braveInstallerDownloadPath} C:\software.attune\BraveBrowserStandaloneSilentSetup.exe

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program 
# Make the task start running after 15 seconds
$ts = New-TimeSpan -Seconds 15
$Trigger = New-ScheduledTaskTrigger -Once -At ((Get-date) + $ts)

$Action= New-ScheduledTaskAction -Execute {braveInstallerDownloadPath}
$Setting = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries

Register-ScheduledTask -TaskName "Brave Browser install" -Trigger $Trigger -Action $Action -Settings $Setting -Force

6 - Wait 2 minutes to allow scheduled task completes

This is a simplified solution, the wiser method would be to continuously wait a short time period(say 1 second), check if the installer has finished running.
This task should finish within 1 minute for a modern computer, so 2 minutes of wait is enough(the task is scheduled to run after 15 seconds).

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program 
start-sleep 120

7 - Delete Brave installer

Delete the installer to free up disk space.

This step has the following parameters

Name Script Reference Default Value
Brave Installer Download Path {braveInstallerDownloadPath} C:\software.attune\BraveBrowserStandaloneSilentSetup.exe

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program 
if (Test-Path {braveInstallerDownloadPath}) {
    Remove-Item -Recurse {braveInstallerDownloadPath}
}

8 - Remove Brave update services

By default, the installer creates two scheduled tasks to automatically update the browser, we delete them in this step. And also delete the "Brave Browser install" task we created previously to run the installer.

Login as user on node

  1. Connect via RDP 
    mstsc /admin /v:Windows Node
  2. Login as user {Windows User}
  3. Then open a command prompt
This is a PowerShell Script make sure you run it with powershell.exe Click start menu, enter "powershell" in the search bar, then select the powersehll program 
Unregister-ScheduledTask -TaskName "Brave*" -Confirm:$false