Solved

Symantec enterprise client

Posted on 2016-10-12
5
38 Views
Last Modified: 2016-10-12
Can I push client through the GPO. If yes, how. Whats the best way. We are planning for endpoint security and will have 200 endpoints including mac and windows servers.
0
Comment
Question by:abcd ab01
  • 3
  • 2
5 Comments
 
LVL 10

Accepted Solution

by:
Maclean earned 500 total points
ID: 41841112
Yes you can. There highly likely is an article available for this on Symantec.com, but here is what I did.

-Create a share with read access for users.
-Drop your endpoint installer's (1 for 64 bit, 1 for 32 bit) into the share post exporting it from the management console.
I suggest either renaming the exported Setup.exe to setup32.exe & setup64.exe respectively, unless you prefer to create a subfolder for 32 & 64 bit installer, which is what I will do in this example. (Make sure you update installers from time to time, as the console is upgraded in future releases)
-Create a new text file, and add the below info to it

@echo off
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection"
if %errorlevel%==1 (goto Install) else (goto End)
REM If errorlevel returns a value of 1, it means the key is not present, thus the program is not installed.  So install it.

:Install
ECHO - Install Required
EventCreate /l Application /so SYMANTECPUSH /t Information /id 1000 /d "Symantec Push script is starting installation"
REM Check OS edition
IF defined ProgramFiles(x86) (
   ECHO - 64bit OS Detected
   "\\servername\sharename\64Bit\setup.exe"
) ELSE (
   ECHO - 32bit OS Detected
   "\\servername\sharename\32Bit\setup.exe"
)

:End
ECHO - Finished
EventCreate /l Application /so SYMANTECPUSH /t Information /id 1000 /d "Symantec Push script has completed"

Open in new window


-Save the textfile as "SymantecPush.cmd" (Note, you need to rename the \\servername\sharename\ to your servers name, and the share where you stored the installers)
-Go to group policy manager, and create a GPO named for example "Symantec Endpoint Push"
In the GPO go to

Computer Configuration>>Policies>>Windows Settings>>Scripts>>Startup

-Under Startup, point to the SymantecPush.cmd file which is located on your installer share or other preferred location where you saved it (Use UNC paths) and finish configuring the GPO.
-Now apply the GPO to the computers OU for the client, and Bob's your uncle.
0
 

Author Comment

by:abcd ab01
ID: 41841150
wow!! amazing!! you are the best!!
0
 

Author Closing Comment

by:abcd ab01
ID: 41841151
very detailed and good instructions
0
 
LVL 10

Expert Comment

by:Maclean
ID: 41841154
Happy to help.
Might be an idea to drop it to a test OU first with a single PC in it, make sure AD replicated settings, then reboot that PC and grab a coffee.

By the time you are back, the AV should be there unless it bumped into issues or it is an antique PC, proving it is ok to deploy company wide. (I am pretty sure it is fine as is, but never take a strangers word for it, take precautions)
If you need to remove alternative AV first, I might have a script for that too depending on vendor.
Also do note, this did not cover pushing it to a Mac. This is covered here

Good luck.
0
 

Author Comment

by:abcd ab01
ID: 41841155
great, I will contact you again if I need your help!! fantastic!!
0

Featured Post

Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now