ESET Online Help

Search
Select the category
Select the topic

Self Enrollment

The Self Enrollment feature automatically activates domain users imported into the ESET Endpoint Encryption Server through Active Directory Syncing. When a user logs into their account, the ESET Endpoint Encryption Server is contacted, and the ESET Endpoint Encryption client is automatically provided with the user’s Key-File and activation information. It is designed to remove user interaction at activation completely.

Self Enrollment Setup

1.Enable ESET Endpoint Encryption Server Direct Communications – ESDirect

This option is enabled by default on new installs of ESET Endpoint Encryption Server (v2.80 or later).

To enable the ES Direct, open the EEE Server control panel, select Administration\Settings and set the check box named Enable ESET Endpoint Encryption Server Direct Communications. If you modify the setting, make sure you click the Save button in the lower right corner to apply the change.

kb421_es_options

The Communications Port can be changed from the default 8266 settings if required.


note

If the communications port is changed, any existing ESET Endpoint Encryption clients will need to be reconfigured. The setting is included as part of the Workstation Policy within the installation.

2.Step 2. Configure firewall to allow access

For the client workstations to self-enroll, the network must allow access on the communications port specified in step no. 1 into the machine hosting the EEE Server.

Ensure both hardware and software firewalls protect the EEE Server open port 8266 (default setting) for UDP and TCP traffic from domain network traffic. Alternatively, with software firewalls, you can specify the executable of the EEE Server itself, dlpecsrv.exe, as an exclusion. This can be located in the EEE Server folder C:\Program Files\ESET Endpoint Encryption Server\ (or Program Files (x86) on 32-bit hosts).

3.Ensure you added client licenses to the ESET Endpoint Encryption Server

If you have not done so already, ensure that the pool of licenses you will use are added to the EEE Server.

4.Active Directory Settings

Self-enrollment requires the users activating to have their details imported from an Active Directory server and have a license assigned to them. When configuring the Active Directory settings, you can choose which license newly licensed users are allocated to when they enroll. Only licensed users can use self-enrollment if no license is selected.

ad_settings

If you have not specified to import users automatically, you should perform a manual import before proceeding.

5.Workstation Policy

This option is already enabled by default on new installs of EEE Server (v2.80 or later).

Self-enrollment is controlled in the EEE Client via a new workstation policy.

kb421_workstation_policy


note

If you have existing workstations you want to enable this option for, the workstations must be updated when the setting has been changed.

6.Install software on target workstations

With the Self Enrolment setting enabled, you need to install the software to the workstations; you can achieve this using push install or a client MSI install.

7.Activation

With the above settings configured, when the user logs into their domain network profile on the workstation they will activate automatically. They will appear licensed and linked to the Workstation in the EEE Server.


note

As the self enrolment process communicates directly with the EEE Server, the appearance of the workstation in the EEE Server does not require a Proxy Sync process to appear.