# ManageEngine Endpoint Central Distribution Deploy Capsule Security hooks for AI coding assistants across your fleet using **ManageEngine Endpoint Central** (formerly Desktop Central). This guide covers deployment for Cursor, GitHub Copilot, and Claude Code on both Windows and macOS using Endpoint Central **Configurations**. ## Prerequisites - Access to the **Endpoint Central** console with administrative privileges - Endpoint Central **agent** installed on target devices - A **Capsule Security** account with admin access - Target endpoints managed by Endpoint Central (Windows and/or macOS) ## Cursor Deploy the Cursor hooks configuration using an Endpoint Central **File Folder Operation** configuration. ### Step 1: Download the Configuration 1. Log in to the **Capsule Security** portal 2. Navigate to **Settings > Integrations** 3. Locate the **Cursor** integration 4. Download the `hooks.json` file ### Windows Deployment 1. Log in to the **Endpoint Central** console 2. Navigate to **Configurations > Configurations > Add Configuration > Windows > File Folder Operation** 3. Configure the operation: - **Name**: Capsule Security – Cursor Hooks (Windows) - **Description**: Deploys Capsule Security hooks configuration for Cursor - **Operation Type**: Copy - **Source File**: Upload the `hooks.json` file - **Destination Folder**: `C:\ProgramData\Cursor\` - **Overwrite if file exists**: Yes - **Create destination folder if it does not exist**: Yes 4. Define the **Target**: - Choose **Custom Group**, **Department**, or **Remote Office** - Select the appropriate Windows endpoints 5. Set the **Execution Settings**: - **Retry Options**: Retry on failure - **Execution Time**: Immediate (or schedule a maintenance window) 6. Click **Deploy** ### macOS Deployment 1. Navigate to **Configurations > Configurations > Add Configuration > Mac > File Folder Operation** 2. Configure the operation: - **Name**: Capsule Security – Cursor Hooks (macOS) - **Description**: Deploys Capsule Security hooks configuration for Cursor on macOS - **Operation Type**: Copy - **Source File**: Upload the `hooks.json` file - **Destination Folder**: `/Library/Application Support/Cursor/` - **File Permissions**: `644` - **Overwrite if file exists**: Yes - **Create destination folder if it does not exist**: Yes 3. Target the appropriate **Custom Group** of macOS endpoints 4. Click **Deploy** ### Verification After deployment, restart Cursor on target devices, then: 1. Open Cursor Settings 2. Navigate to the **Hooks** tab 3. Confirm the hooks are listed and enabled ## GitHub Copilot Deploy the GitHub Copilot hooks configuration using an Endpoint Central **Custom Script** configuration. GitHub Copilot stores its hooks under each user's profile, so the deployment iterates over local user profiles on the endpoint. ### Step 1: Download the Configuration 1. Log in to the **Capsule Security** portal 2. Navigate to **Settings > Integrations** 3. Locate the **GitHub Copilot** integration 4. Download the `hooks.json` file ### Windows Deployment 1. Log in to the **Endpoint Central** console 2. Navigate to **Configurations > Configurations > Add Configuration > Windows > Custom Script** 3. Configure the script: - **Name**: Capsule Security – GitHub Copilot Hooks (Windows) - **Description**: Deploys Capsule Security hooks configuration for GitHub Copilot in VS Code - **Script Type**: PowerShell - **Run As**: System - **Dependency File**: Upload the `hooks.json` file 4. Paste the following script: ```powershell $hooksSource = Join-Path $PSScriptRoot "hooks.json" $userProfiles = Get-ChildItem "C:\Users" -Directory | Where-Object { $_.Name -notin @('Public', 'Default', 'Default User', 'All Users') } foreach ($profile in $userProfiles) { $hooksDir = Join-Path $profile.FullName "AppData\Roaming\Code\User\hooks" if (-not (Test-Path $hooksDir)) { New-Item -ItemType Directory -Path $hooksDir -Force | Out-Null } Copy-Item -Path $hooksSource -Destination (Join-Path $hooksDir "hooks.json") -Force } Write-Output "Capsule hooks configuration deployed successfully." exit 0 ``` 5. Target the appropriate **Custom Group** of Windows endpoints 6. Click **Deploy** ### macOS Deployment 1. Navigate to **Configurations > Configurations > Add Configuration > Mac > Custom Script** 2. Configure the script: - **Name**: Capsule Security – GitHub Copilot Hooks (macOS) - **Description**: Deploys Capsule Security hooks configuration for GitHub Copilot on macOS - **Script Type**: Shell - **Run As**: Root - **Dependency File**: Upload the `hooks.json` file 3. Paste the following script: ```bash #!/bin/bash SOURCE="$(dirname "$0")/hooks.json" for USER_HOME in /Users/*/; do USERNAME=$(basename "$USER_HOME") if [ "$USERNAME" = "Shared" ] || [ "$USERNAME" = ".localized" ]; then continue fi HOOKS_DIR="$USER_HOME/Library/Application Support/Code/User/hooks" mkdir -p "$HOOKS_DIR" cp "$SOURCE" "$HOOKS_DIR/hooks.json" chmod 644 "$HOOKS_DIR/hooks.json" chown "$USERNAME" "$HOOKS_DIR/hooks.json" done exit 0 ``` 4. Target the appropriate **Custom Group** of macOS endpoints 5. Click **Deploy** ### Verification After deployment, restart VS Code on target devices, then: 1. Right-click in the **Chat** view and select **Diagnostics** 2. Confirm the hooks are loaded and enabled ## Claude Code Deploy the Claude Code managed settings configuration using an Endpoint Central **File Folder Operation** configuration. ### Step 1: Download the Configuration 1. Log in to the **Capsule Security** portal 2. Navigate to **Settings > Integrations** 3. Locate the **Claude Code** integration 4. Click **Install** and select your target platform 5. Download the `managed-settings.json` file ### Windows Deployment 1. Log in to the **Endpoint Central** console 2. Navigate to **Configurations > Configurations > Add Configuration > Windows > File Folder Operation** 3. Configure the operation: - **Name**: Capsule Security – Claude Code Hooks (Windows) - **Description**: Deploys Capsule Security managed settings for Claude Code - **Operation Type**: Copy - **Source File**: Upload the `managed-settings.json` file - **Destination Folder**: `C:\Program Files\ClaudeCode\` - **Overwrite if file exists**: Yes - **Create destination folder if it does not exist**: Yes 4. Target the appropriate **Custom Group** of Windows endpoints 5. Click **Deploy** ### macOS Deployment 1. Navigate to **Configurations > Configurations > Add Configuration > Mac > File Folder Operation** 2. Configure the operation: - **Name**: Capsule Security – Claude Code Hooks (macOS) - **Description**: Deploys Capsule Security managed settings for Claude Code on macOS - **Operation Type**: Copy - **Source File**: Upload the `managed-settings.json` file - **Destination Folder**: `/Library/Application Support/ClaudeCode/` - **File Permissions**: `644` - **Overwrite if file exists**: Yes - **Create destination folder if it does not exist**: Yes 3. Target the appropriate **Custom Group** of macOS endpoints 4. Click **Deploy** ### Verification After deployment, restart Claude Code on target devices, then: 1. Run `/hooks` in Claude Code to confirm all hooks are listed 2. Start a session and verify events appear in the Capsule Security portal ## Monitoring Deployments After publishing configurations, monitor status in the Endpoint Central console: 1. Navigate to **Configurations > Configurations** 2. Open the relevant configuration 3. Review the deployment status under the **Deployment Status** tab: - **Success**: Configuration applied to the endpoint - **In Progress**: Awaiting agent check-in - **Failed / Retry in Progress**: Inspect the agent log or **Action Log Viewer** 4. For an inventory-level view, use **Inventory > Files & Folders** to verify the deployed configuration files exist on target endpoints ## Key Considerations - Endpoint Central runs File Folder Operations and Custom Scripts as **SYSTEM** (Windows) or **root** (macOS) by default - **Cursor** and **Claude Code** use system-level paths — deploy to **device** Custom Groups - **GitHub Copilot** uses user-level paths — the deployment script iterates over each local user profile on the endpoint to cover every user - For GitHub Copilot CLI users, create an additional configuration targeting `%USERPROFILE%\.github\hooks\hooks.json` (Windows) or `~/.github/hooks/hooks.json` (macOS) - To update configurations, edit the source file in the existing configuration and redeploy — Endpoint Central will re-execute on the next agent refresh cycle - Use **Custom Groups** to target specific OS versions, departments, or Remote Offices for staged rollouts - All three integrations can be deployed as separate configurations and assigned independently - Restart each application on target devices after deployment for hooks to take effect ## Support For help with deployment: - **Email**: support@capsule.security - **Include**: Your organization ID, Endpoint Central environment details, and any error messages ## References - [Endpoint Central – File Folder Operation Configuration](https://www.manageengine.com/products/desktop-central/help/configurations/windows_configurations/file_folder_operation_configuration.html) - [Endpoint Central – Custom Script Configuration](https://www.manageengine.com/products/desktop-central/help/configurations/windows_configurations/custom_script_configuration.html) - [Endpoint Central – macOS Configurations](https://www.manageengine.com/products/desktop-central/help/configurations/mac_configurations/mac_configurations.html)