Solved

Symantec enterprise client

Posted on 2016-10-12
5
34 Views
Last Modified: 2016-10-12
Can I push client through the GPO. If yes, how. Whats the best way. We are planning for endpoint security and will have 200 endpoints including mac and windows servers.
0
Comment
Question by:abcd ab01
  • 3
  • 2
5 Comments
 
LVL 10

Accepted Solution

by:
Maclean earned 500 total points
ID: 41841112
Yes you can. There highly likely is an article available for this on Symantec.com, but here is what I did.

-Create a share with read access for users.
-Drop your endpoint installer's (1 for 64 bit, 1 for 32 bit) into the share post exporting it from the management console.
I suggest either renaming the exported Setup.exe to setup32.exe & setup64.exe respectively, unless you prefer to create a subfolder for 32 & 64 bit installer, which is what I will do in this example. (Make sure you update installers from time to time, as the console is upgraded in future releases)
-Create a new text file, and add the below info to it

@echo off
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection"
if %errorlevel%==1 (goto Install) else (goto End)
REM If errorlevel returns a value of 1, it means the key is not present, thus the program is not installed.  So install it.

:Install
ECHO - Install Required
EventCreate /l Application /so SYMANTECPUSH /t Information /id 1000 /d "Symantec Push script is starting installation"
REM Check OS edition
IF defined ProgramFiles(x86) (
   ECHO - 64bit OS Detected
   "\\servername\sharename\64Bit\setup.exe"
) ELSE (
   ECHO - 32bit OS Detected
   "\\servername\sharename\32Bit\setup.exe"
)

:End
ECHO - Finished
EventCreate /l Application /so SYMANTECPUSH /t Information /id 1000 /d "Symantec Push script has completed"

Open in new window


-Save the textfile as "SymantecPush.cmd" (Note, you need to rename the \\servername\sharename\ to your servers name, and the share where you stored the installers)
-Go to group policy manager, and create a GPO named for example "Symantec Endpoint Push"
In the GPO go to

Computer Configuration>>Policies>>Windows Settings>>Scripts>>Startup

-Under Startup, point to the SymantecPush.cmd file which is located on your installer share or other preferred location where you saved it (Use UNC paths) and finish configuring the GPO.
-Now apply the GPO to the computers OU for the client, and Bob's your uncle.
0
 

Author Comment

by:abcd ab01
ID: 41841150
wow!! amazing!! you are the best!!
0
 

Author Closing Comment

by:abcd ab01
ID: 41841151
very detailed and good instructions
0
 
LVL 10

Expert Comment

by:Maclean
ID: 41841154
Happy to help.
Might be an idea to drop it to a test OU first with a single PC in it, make sure AD replicated settings, then reboot that PC and grab a coffee.

By the time you are back, the AV should be there unless it bumped into issues or it is an antique PC, proving it is ok to deploy company wide. (I am pretty sure it is fine as is, but never take a strangers word for it, take precautions)
If you need to remove alternative AV first, I might have a script for that too depending on vendor.
Also do note, this did not cover pushing it to a Mac. This is covered here

Good luck.
0
 

Author Comment

by:abcd ab01
ID: 41841155
great, I will contact you again if I need your help!! fantastic!!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now