Solved

Pushing Symantec Endpoint Protection 11 via AD

Posted on 2010-11-08
7
1,246 Views
Last Modified: 2013-12-09
Hi!

I know about deploying it via the console and via Migration and deployment wizard.
I need to use Active Directory instead to deploy it, as not all the clients show up in those 2 methods.

I was thinking of something like Login Script. I have the client as one .exe file that is shared, and everybody has access rights to it.

Clients are both XP and Win7 , they have Symantic AV 10 or 11 (for those I succeeded to install with Wizard or Console).

Thanks in advance


0
Comment
Question by:IT-Gang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 

Author Comment

by:IT-Gang
ID: 34084755
AD is 2003
0
 
LVL 23

Accepted Solution

by:
Stelian Stan earned 400 total points
ID: 34085571
Here is a quick guide:

1. Create Client Install Settings
         Go to Admin - Install Packages.
         Create a new Client Install Setting.
         Set it to Silent Install.
2. If you do not have one create a distribution share or a folder in your existing share for Symantec Endpoint Protection.
3. Export Install Package
         From Admin - Install Packages export Client Install.
         Set Export folder to you distribution share.
         Select your Client Install Setting and Feature Settings.
         Uncheck Create Single EXE to get MSI. Also Set the correct Group.
         Click OK.
   4. Create GPO (remember to create it on a test OU first and then move it)
         Create a new GPO
         Go to Computer Configuration - Software Settings - Software Installation.
         Create New Package.
         Browse to the MSI and click open.
         Select Assigned and click OK.
0
 
LVL 23

Expert Comment

by:Stelian Stan
ID: 34085676
To create the Group Policy to deploy Symantec EndPoint Workstation install.  
a.      In the Group Policy Object Editor window, in the console tree, display and enable the following settings:
¦ Computer Configuration > Administrative Templates > System > Logon > Always wait for the network at computer startup and logon
¦ Computer Configuration > Administrative Templates > System > Group Policy > Software Installation policy processing
¦ User Configuration > Administrative Templates > Windows Components > Windows Installer > Always Install with elevated privileges
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 100 total points
ID: 34089073
0
 

Author Comment

by:IT-Gang
ID: 34119989
Thanks for your answers.

I'm trying Clonyxlro suggestion, but then I ran into the problem mentioned here, looks like a risky solution they are suggesting there, but I will consider it. ( http://www.experts-exchange.com/OS/Miscellaneous/Q_21998415.html

Then I checked SSharma login script, it looks great, but I have some issue here. the users have the old Sav 10 installed, would this affect anything when checking if it is installed already?

Thanks
0
 

Author Closing Comment

by:IT-Gang
ID: 34171054
Great answers
0
 

Author Comment

by:IT-Gang
ID: 34171071
Thanks for the answers.
Group policy was the best way to use. I have some corrupted group policy , but in other domains it went so smooth.

Script is great too, the only issue I faced was that computers auto-restart after installation without a warning, hope we can add some line to prevent that.
Another line should be added to check in C:\Program Files (x86)   folder for those who have x64 systems, and used the 32 bit version.

Thanks guys
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question