[KB7807] Requirements for remote deployment of ESET Management Agent to targets from ESET PROTECT On-Prem (Windows)

Issue

  • Remote deployment of ESET Management Agent to Windows targets fails or hangs at "In Progress"
  • Requirements for remote deployment of ESET Management Agent to Windows targets from ESET PROTECT On-Prem

Solution

For more information on Agent deployment failure, refer to:

Previous antivirus software

Any previously installed antivirus software must be uninstalled from your client workstations before attempting a remote deployment of ESET Management Agent.

Uninstallers (removal tools) for common antivirus software.

ESET PROTECT On-Prem enables remote deployment of ESET Management Agent from the ESET PROTECT Web Console to any workstation on the network.

The bullet points below describe the main requirements for remote deployment of ESET Management Agent to Windows targets. We strongly recommend that you verify each of the tasks below before performing the first installation of ESET Management Agent on client workstations.

Requirements for remote deployment

Domain Administrator permissions

Before you proceed, verify that your server machine with ESET PROTECT On-Prem has all the necessary Domain Administrator permissions.

  • The client workstation where you are trying to install the ESET client solution remotely must answer a ping from the computer where the ESET PROTECT Server is installed.

  • If both the client workstation and the server are in a mixed environment of Domain and Work Group, disable the Simple File Sharing:

In File Explorer, click ViewOptions Change folder and search options View deselect the check box next to Use Sharing Wizard option.

  • The workstation must have the ADMIN$ shared resource activated:

    StartControl PanelAdministrative ToolsComputer ManagementShared FoldersShares.

  • The user performing the remote installation must have Administrator rights.

  • The user with administrator rights must not have a blank password.

  • Verify that you can remotely log in to the workstation from the server.

  • Verify that you can access the workstation IPC from the Server machine by issuing the following from the Command prompt on the Server machine, where workstation is the name of the workstation:

    net use \\workstation\IPC$
  • The firewall on the network must not block communication or file sharing between ESET PROTECT Server and the workstation.

  • The ESET PROTECT Server must enable network traffic on port 2222.

  • Client workstations are visible in both the server and the workstation connection.

  • The File and Print Sharing for Microsoft Networks option is enabled on the workstation:

    Control Panel → Network and Sharing CenterChange adapter settings → right-click the network adapter → Properties.

  • The Remote Procedure Call (RPC) service is running on the workstation.

  • The Remote Procedure Call (RPC) Locator service should be set to Manual and should not be running.

  • The Remote Registry service is running on the workstation.