Jump to content

Recommended Posts

Posted

Hi,

As stated in the title, I have issues deploying remote administration agents through GPO (windows server 2012) to Windows 10 machines.

 

My Eset server (dedicated windows 10 machine) is ESET Security Management Center (Server), Version 7.2, ESET Security Management Center (Console Web), Version 7.2 .

 

I was able to download an .ini file with the desired configuration for the agent (from the Eset server console), and the .msi file from this URL : https://download.eset.com/com/eset/apps/business/era/agent/latest/agent_x64.msi

 

I ran several tests with a dedicated OU, with dedicated GPO and assigned user/computer (and tried both user and computer configuration strategies).

 

Using the same method and parameters I was able to remove a previous version of Firefox and install an updated one (.msi installer also, but no .ini), but the same process did not work for the remote agent.

 

Remark 1 : no issue manually installing the very same agent_x64.msi file (from the aforementioned URL) from the same shared folder.

Anyone has an idea ? I'm probably missing something but Eset’s ressources didn’t help ?

Remark 2 : Why GPO ? The console doesn't allow to update agent remotely (the update end up with a failure message) and our IT infrastructure is starting to grow (I can't update this much machines every other month), so I need something to manage and update these remotely ; GPO seemed to be a fitting option.

Thanks for your help.

 

Ps : Eset ressource I used https://help.eset.com/esmc_admin/70/fr-FR/fs_agent_deploy_gpo.html

https://help.eset.com/esmc_admin/70/en-US/fs_agent_deploy_gpo.html

https://support.eset.com/en/kb6864-deploy-the-eset-management-agent-using-a-group-policy-object-gpo

https://help.eset.com/esmc_admin/72/en-US/fs_agent_deploy_gpo_sccm.html?zoom_highlightsub=gpo

  • Most Valued Members
Posted

Fwiw, GPO is the best way to install the Agent in a Domain controlled network.

That said, if possible, go to one of those systems that agent can't seem to be installing on and take a gander at c:\programdata\eset.  Does it exist?

If it exists, locate the log and post snippets of it (obviously redacting information that is private).

If it doesn't exist, then take a look at the Event Viewer and locate any errors in the (I think) Application log.

 

Posted

Hello,

I've been looking into the location you pointed, nothing seems to refer to the Agent (only Endpoint logs it seems).

I'll have a look at admx update, the server is a 2012 and didn't get admx updates for Windows 10 I think.

ADMX update did not seem to make it work better.

 

I think I found the source of the problem : the computer itself wasn't in the same OU in terms of AD. It was in the GPO's security filter, but not placed in the AD 'folder' of the OU (it was still in the basic 'Computers' folder).

It seems to be working now that I did that.

Thanks for your help.

Regards,

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...