Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Pushing Symantec Endpoint Protection 11 via AD

Posted on 2010-11-08
7
Medium Priority
?
1,249 Views
Last Modified: 2013-12-09
Hi!

I know about deploying it via the console and via Migration and deployment wizard.
I need to use Active Directory instead to deploy it, as not all the clients show up in those 2 methods.

I was thinking of something like Login Script. I have the client as one .exe file that is shared, and everybody has access rights to it.

Clients are both XP and Win7 , they have Symantic AV 10 or 11 (for those I succeeded to install with Wizard or Console).

Thanks in advance


0
Comment
Question by:IT-Gang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 

Author Comment

by:IT-Gang
ID: 34084755
AD is 2003
0
 
LVL 23

Accepted Solution

by:
Stelian Stan earned 1600 total points
ID: 34085571
Here is a quick guide:

1. Create Client Install Settings
         Go to Admin - Install Packages.
         Create a new Client Install Setting.
         Set it to Silent Install.
2. If you do not have one create a distribution share or a folder in your existing share for Symantec Endpoint Protection.
3. Export Install Package
         From Admin - Install Packages export Client Install.
         Set Export folder to you distribution share.
         Select your Client Install Setting and Feature Settings.
         Uncheck Create Single EXE to get MSI. Also Set the correct Group.
         Click OK.
   4. Create GPO (remember to create it on a test OU first and then move it)
         Create a new GPO
         Go to Computer Configuration - Software Settings - Software Installation.
         Create New Package.
         Browse to the MSI and click open.
         Select Assigned and click OK.
0
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 34085676
To create the Group Policy to deploy Symantec EndPoint Workstation install.  
a.      In the Group Policy Object Editor window, in the console tree, display and enable the following settings:
¦ Computer Configuration > Administrative Templates > System > Logon > Always wait for the network at computer startup and logon
¦ Computer Configuration > Administrative Templates > System > Group Policy > Software Installation policy processing
¦ User Configuration > Administrative Templates > Windows Components > Windows Installer > Always Install with elevated privileges
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 400 total points
ID: 34089073
0
 

Author Comment

by:IT-Gang
ID: 34119989
Thanks for your answers.

I'm trying Clonyxlro suggestion, but then I ran into the problem mentioned here, looks like a risky solution they are suggesting there, but I will consider it. ( http://www.experts-exchange.com/OS/Miscellaneous/Q_21998415.html

Then I checked SSharma login script, it looks great, but I have some issue here. the users have the old Sav 10 installed, would this affect anything when checking if it is installed already?

Thanks
0
 

Author Closing Comment

by:IT-Gang
ID: 34171054
Great answers
0
 

Author Comment

by:IT-Gang
ID: 34171071
Thanks for the answers.
Group policy was the best way to use. I have some corrupted group policy , but in other domains it went so smooth.

Script is great too, the only issue I faced was that computers auto-restart after installation without a warning, hope we can add some line to prevent that.
Another line should be added to check in C:\Program Files (x86)   folder for those who have x64 systems, and used the 32 bit version.

Thanks guys
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question