Example scenarios of ERA Agent deployment to targets not joined to domain

1.Deployment from ERA Server Appliance or Linux ERA Server to Windows targets not joined to a domain.

2.Deployment from Windows ERA Server from Windows source not joined to a domain to Windows targets not joined to the domain.

Preconditions:

Same local network.

Working FQDN names, e.g.: desktop-win7.test.local maps to 192.168.1.20 and vice versa.

Installed clean operating system from MSDN with defaults.

Targets:

Windows 10 Enterprise

Windows 8.1 Enterprise

Windows 7 Enterprise

1.Create a user with password that is member of Administrators group, e.g.: "Admin". Open Microsoft Management Console by opening the Run console and typing the "mmc" into the field and clicking OK.

2.Add the Local Users and groups Snap-in from the File -> Add/Remove Snap-in. Add a new user into the Users folder and fill in the required information into the fields (do not forget to fill in the password). In the Groups section open the Properties of the Administrators group and add the new created user into the group by clicking on the Add... button. Fill in the login name of the new created user into the Enter the object names to select and verify it by clicking on the Check Names button.

3.In the Network and Sharing Center change the network setting from Public network to Private network by clicking on the Public network in the left side of the View your active networks section.

4.Disable Windows Firewall for Private Network by clicking on the Turn Windows Firewall on or off and selecting Turn off Windows Firewall in the Home or Work network location settings.

5.Check that File and printer sharing is enabled for Private network by clicking on the Change advanced sharing settings in the Network and Sharing center.

6.Open Registry editor by typing "regedit" into the Run console and locate HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

7.In the System file create a new DWORD Value with the name "LocalAccountTokenFilterPolicy", than open the created file and set the Value data to "1".

8.In the ESET Remote Administrator Web Console create "Agent Deployment" Server task assigned to FQDN name of the machine (you can find the FQDN name of the machine by right clicking in the Computer and selecting Properties. The FQDN name appears next to the Full computer name).

9. Set optional Server hostname to point to FQDN name or IP address of the ERA server.

10.Set username to just "Admin" (no domain name or computer name prefix) and his password.

11.Select Agent's certificate.

12.Execute the task.

For Windows XP Professional

1.Create a user with password that is member of Administrators group, e.g.: "Admin". Open Microsoft Management Console by opening the Run console and typing the "mmc" into the field and clicking OK.

2.Add the Local Users and groups Snap-in from the File -> Add/Remove Snap-in. Add a new user into the Users folder and fill in the required information into the fields (do not forget to fill in the password). In the Groups section open the Properties of the Administrators group and add the new created user into the group by clicking on the Add... button. Fill in the login name of the new created user into the Enter the object names to select and verify it by clicking on the Check Names button.

3.Disable Windows Firewall by selecting Off in the Windows Firewall -> General tab.

4.Check that File and printer sharing is enabled in Windows Firewall -> Exceptions tab.

5.Open the Run console and type in "secpol.msc" and press OK to open the Local Security Settings.

6.Select Local Policies -> Security Options -> Network access: Sharing and security model for local accounts and right click to open Properties.

7.Set selected policy to Classic - local users authenticate as themselves.

8.In the ESET Remote Administrator Web Console create new "Agent Deployment" Server task assigned to FQDN name of the machine (you can find the FQDN name of the machine by right clicking in the Computer and selecting Properties. The FQDN name appears next to the Full computer name).

9.Set optional Server hostname to point to FQDN name or IP address of the ERA server.

10.Set username to just "Admin" (no domain name or computer name prefix) and his password.

11.Select Agent's certificate.

12.Execute the task.