SMC 7.2: Agent deployment on computers with ESET Antivirus 6.2

[mmadeira 0]

Greetings,

I need to install a bunch of the agents on computers that have had ESET Antivirus 6 for a compuple of years but have never had either SMC Agent or ERA Agent. This is in followup to this post.

 I cannot use AD reliably, because only about half of the devices are domain-aware. I have tried using the remote deployment tool with all computers on several networks (still about 100 devices to go) without success. I always get following roughly translated error: Deployment failed "Network path not found". (WNetAddConnection2 failed with 0x35)

Additionally, I have tried this with:

- public (without credentials) and domain share. Share as read and execute permissions.

- pointing to the file on the local filesystem to the SMC server

- using domain credentials

- using local admin

Success rate is 1/100 so far.

I have added the GPO per documentation and I have also managed to install the Agent on 1/60 computers. Ir required a gpupdate and a couple of reboots. For those computers that it does not work as expected, the gpresult mentions that changes need to happen prior to login, but they never finish because the Agent is not listed in Control Panel > Programs.

Also have to deal with computers routed over L3, because of remote workers that I will not have the chance to manually upgrade.

At this point I am installing agent by hand using the All-in-one package with latest Antivirus + Agent, because of my fear of computers losing connectivity as per the referenced thread.

Thanks,

mmadeira

EDIT: Using the forums, because I did not get an engineer to look at my concerns. So far I have only been told to upgrade and I have been migrated from ELA to EBA after the connectivity issues came up in the other post.

Edited July 15, 2020 by mmadeira
More context. SCM -> SMC

[mmadeira 0]

Just replying to not keep this un-solved. ESET staff was also clueless why none of the alternatives were not working. I can only assume that these tools are not reliable enough.

Solution was manual installs with about ~8 Safe Mode uninstalls, because the upgrade did not work initially.

Edit: I managed to get GPO working without staff assistance. I used this to install the latest SMC Agent version. It turns out there are some missing pieces in the KB that are often required on business-grade networks. 

It boils down to:

- 'Error 1274 appears in the target machine’s Windows system event logs' after each reboot when there is an agent install policy

- Enable the policy '“Always wait for the network at computer startup and logon”'

- Set the policy "“Startup policy processing wait time” to something like 90 seconds. Less than that is usually not enough

Reference: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClPZCA0

Some additional considerations:

- if an agent of version 6.2 or 6.4 is already installed, you cannot use the GPO to upgrade in-place. You must first uninstall existing versions (e.g. through SMC). Of course, you only want to uninstall on AD-aware devices. I wish this was easy to filter by.

- I have no idea what are the compatibility issues of the Agent with some older versions of Windows

- there is no information about the network share configuration. I managed to use a public (not the Public folders; access allowed from Domain Computers) read-only share on a Windows File Server

- all of these GPOs must be configured to apply to Domain Coimputers in order to be useful

Edited July 15, 2020 by mmadeira
add solution