Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Pushing Symantec Endpoint Protection 11 via AD

Posted on 2010-11-08
7
Medium Priority
?
1,250 Views
Last Modified: 2013-12-09
Hi!

I know about deploying it via the console and via Migration and deployment wizard.
I need to use Active Directory instead to deploy it, as not all the clients show up in those 2 methods.

I was thinking of something like Login Script. I have the client as one .exe file that is shared, and everybody has access rights to it.

Clients are both XP and Win7 , they have Symantic AV 10 or 11 (for those I succeeded to install with Wizard or Console).

Thanks in advance


0
Comment
Question by:IT-Gang
  • 4
  • 2
7 Comments
 

Author Comment

by:IT-Gang
ID: 34084755
AD is 2003
0
 
LVL 23

Accepted Solution

by:
Stelian Stan earned 1600 total points
ID: 34085571
Here is a quick guide:

1. Create Client Install Settings
         Go to Admin - Install Packages.
         Create a new Client Install Setting.
         Set it to Silent Install.
2. If you do not have one create a distribution share or a folder in your existing share for Symantec Endpoint Protection.
3. Export Install Package
         From Admin - Install Packages export Client Install.
         Set Export folder to you distribution share.
         Select your Client Install Setting and Feature Settings.
         Uncheck Create Single EXE to get MSI. Also Set the correct Group.
         Click OK.
   4. Create GPO (remember to create it on a test OU first and then move it)
         Create a new GPO
         Go to Computer Configuration - Software Settings - Software Installation.
         Create New Package.
         Browse to the MSI and click open.
         Select Assigned and click OK.
0
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 34085676
To create the Group Policy to deploy Symantec EndPoint Workstation install.  
a.      In the Group Policy Object Editor window, in the console tree, display and enable the following settings:
¦ Computer Configuration > Administrative Templates > System > Logon > Always wait for the network at computer startup and logon
¦ Computer Configuration > Administrative Templates > System > Group Policy > Software Installation policy processing
¦ User Configuration > Administrative Templates > Windows Components > Windows Installer > Always Install with elevated privileges
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 400 total points
ID: 34089073
0
 

Author Comment

by:IT-Gang
ID: 34119989
Thanks for your answers.

I'm trying Clonyxlro suggestion, but then I ran into the problem mentioned here, looks like a risky solution they are suggesting there, but I will consider it. ( http://www.experts-exchange.com/OS/Miscellaneous/Q_21998415.html

Then I checked SSharma login script, it looks great, but I have some issue here. the users have the old Sav 10 installed, would this affect anything when checking if it is installed already?

Thanks
0
 

Author Closing Comment

by:IT-Gang
ID: 34171054
Great answers
0
 

Author Comment

by:IT-Gang
ID: 34171071
Thanks for the answers.
Group policy was the best way to use. I have some corrupted group policy , but in other domains it went so smooth.

Script is great too, the only issue I faced was that computers auto-restart after installation without a warning, hope we can add some line to prevent that.
Another line should be added to check in C:\Program Files (x86)   folder for those who have x64 systems, and used the 32 bit version.

Thanks guys
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question