Solved

Symantec enterprise client

Posted on 2016-10-12
5
41 Views
Last Modified: 2016-10-12
Can I push client through the GPO. If yes, how. Whats the best way. We are planning for endpoint security and will have 200 endpoints including mac and windows servers.
0
Comment
Question by:abcd ab01
  • 3
  • 2
5 Comments
 
LVL 11

Accepted Solution

by:
TS4B earned 500 total points
ID: 41841112
Yes you can. There highly likely is an article available for this on Symantec.com, but here is what I did.

-Create a share with read access for users.
-Drop your endpoint installer's (1 for 64 bit, 1 for 32 bit) into the share post exporting it from the management console.
I suggest either renaming the exported Setup.exe to setup32.exe & setup64.exe respectively, unless you prefer to create a subfolder for 32 & 64 bit installer, which is what I will do in this example. (Make sure you update installers from time to time, as the console is upgraded in future releases)
-Create a new text file, and add the below info to it

@echo off
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection"
if %errorlevel%==1 (goto Install) else (goto End)
REM If errorlevel returns a value of 1, it means the key is not present, thus the program is not installed.  So install it.

:Install
ECHO - Install Required
EventCreate /l Application /so SYMANTECPUSH /t Information /id 1000 /d "Symantec Push script is starting installation"
REM Check OS edition
IF defined ProgramFiles(x86) (
   ECHO - 64bit OS Detected
   "\\servername\sharename\64Bit\setup.exe"
) ELSE (
   ECHO - 32bit OS Detected
   "\\servername\sharename\32Bit\setup.exe"
)

:End
ECHO - Finished
EventCreate /l Application /so SYMANTECPUSH /t Information /id 1000 /d "Symantec Push script has completed"

Open in new window


-Save the textfile as "SymantecPush.cmd" (Note, you need to rename the \\servername\sharename\ to your servers name, and the share where you stored the installers)
-Go to group policy manager, and create a GPO named for example "Symantec Endpoint Push"
In the GPO go to

Computer Configuration>>Policies>>Windows Settings>>Scripts>>Startup

-Under Startup, point to the SymantecPush.cmd file which is located on your installer share or other preferred location where you saved it (Use UNC paths) and finish configuring the GPO.
-Now apply the GPO to the computers OU for the client, and Bob's your uncle.
0
 

Author Comment

by:abcd ab01
ID: 41841150
wow!! amazing!! you are the best!!
0
 

Author Closing Comment

by:abcd ab01
ID: 41841151
very detailed and good instructions
0
 
LVL 11

Expert Comment

by:TS4B
ID: 41841154
Happy to help.
Might be an idea to drop it to a test OU first with a single PC in it, make sure AD replicated settings, then reboot that PC and grab a coffee.

By the time you are back, the AV should be there unless it bumped into issues or it is an antique PC, proving it is ok to deploy company wide. (I am pretty sure it is fine as is, but never take a strangers word for it, take precautions)
If you need to remove alternative AV first, I might have a script for that too depending on vendor.
Also do note, this did not cover pushing it to a Mac. This is covered here

Good luck.
0
 

Author Comment

by:abcd ab01
ID: 41841155
great, I will contact you again if I need your help!! fantastic!!
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
OnPage: Incident management and secure messaging on your smartphone
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question