BPS 1 Posted February 26, 2015 Posted February 26, 2015 What would be the best way to automate deployment to new Active Directory joined computers? Ideally we would like to have ERA configured so that when a new computer is joined to the domain and placed in a specific Computers OU, ERA would notice that new computer after the next AD sync, and then automatically push out the Agent and then the Antivirus to that computer. I cant seem to find any documentation on doing this with an AD OU (Static Group).
jonathan.deane_UK 10 Posted February 27, 2015 Posted February 27, 2015 Hi If you want to put the computer in to an OU and have ESET auto install then firstly create a GPO to install the ESET Agent Live Installer hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3595 (you can edit the batch file to search for /qr and replace with /qn to make it completey silent) and assign it to the OU, once the Agent is installed then the ERA can do its thing. Create a Client install task to install the ESET software and licence etc and assign it to the OU Group and set the 'Trigger' for when Joined/changed depending on the wording for the version of ERA you have installed. I normally create a Dynamic group based on 'is there is another AV installed', a client task removes this, another dynamic group for 'no other AV and no ESET', a sub dynamic groups for workstation and server OS and then assign the client install tasks for installing EEA/EES or EFSW depending on the server.
BCS-E 1 Posted April 7, 2015 Posted April 7, 2015 (edited) Hi If you want to put the computer in to an OU and have ESET auto install then firstly create a GPO to install the ESET Agent Live Installer hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3595 (you can edit the batch file to search for /qr and replace with /qn to make it completey silent) and assign it to the OU, once the Agent is installed then the ERA can do its thing. Create a Client install task to install the ESET software and licence etc and assign it to the OU Group and set the 'Trigger' for when Joined/changed depending on the wording for the version of ERA you have installed. I normally create a Dynamic group based on 'is there is another AV installed', a client task removes this, another dynamic group for 'no other AV and no ESET', a sub dynamic groups for workstation and server OS and then assign the client install tasks for installing EEA/EES or EFSW depending on the server. Could you please post an example of the Dynamic Groups you created. Especially the 'another AV installed'. Edited April 7, 2015 by BCS-E
Administrators Marcos 5,460 Posted April 7, 2015 Administrators Posted April 7, 2015 If there is one competitive AV installed on computers in LAN, you can create a new dynamic group with a rule or two for "application name" and (or) "application vendor" as shown below: However, to remove 3rd party AV it'd be enough to schedule an uninstall task for all computers that will remove them:
BCS-E 1 Posted April 7, 2015 Posted April 7, 2015 I used the uninstall task multiple times succesfully (manual). That works great. I hoped that there was something that would find a 3rd party AV or nothing and based on that uninstall the AV or install Eset. So the only option is to run the uninstaller for all computers just to be sure there is nothing left?
Recommended Posts