ESET Online Help

Search English
Select the topic

Command-line installation

You can install ESET Endpoint Security locally using the command-line or you can install remotely using a client task from ESET PROTECT On-Prem.

Supported parameters

APPDIR=<path>

  • Path—Valid directory path.
  • Application installation directory.

APPDATADIR=<path>

  • Path—Valid directory path.
  • Application Data installation directory.

MODULEDIR=<path>

  • Path—Valid directory path.
  • Module installation directory.

ADDLOCAL=<list>

ADDEXCLUDE=<list>

  • The ADDEXCLUDE list is a comma-separated list of all feature names not to be installed, as a replacement for the obsolete REMOVE.
  • When selecting a feature not to install, then the whole path (i.e., all its sub-features) and related invisible features must be explicitly included in the list.
  • Usage with ESET .msi packages: ees_nt64_enu.msi /qn ADDEXCLUDE=Firewall,Network

note

ADDEXCLUDE cannot be used together with ADDLOCAL.

See documentation for the msiexec version used for the appropriate command line switches.

Rules

  • The ADDLOCAL list is a comma separated list of all feature names to be installed.
  • When selecting a feature to install, the whole path (all parent features) must be explicitly included in the list.
  • See additional rules for correct usage.

Components and features


note

Component installation using ADDLOCAL/ADDEXCLUDE parameters will not work with ESET Endpoint Antivirus.

The features are divided into 4 categories:

  • Mandatory—the feature will always be installed.
  • Optional—the feature can be deselected so that it is not installed.
  • Invisible—logical feature that is mandatory for other features to work properly.
  • Placeholder—feature with no effect on the product, but must be listed with sub-features.

The feature set of ESET Endpoint Security is following:

Description

Feature Name

Feature Parent

Presence

Base program components

Computer

 

Placeholder

Detection engine

Antivirus

Computer

Mandatory

Detection engine / Malware scans

Scan

Computer

Mandatory

Detection engine / Real-time file system protection

RealtimeProtection

Computer

Mandatory

Detection engine / Malware scans / Document protection

DocumentProtection

Antivirus

Optional

Device control

DeviceControl

Computer

Optional

Network protection

Network

 

Placeholder

Network protection / Firewall

Firewall

Network

Optional

Network protection / Network attack protection / ...

IdsAndBotnetProtection

Network

Optional

Secure Browser

OnlinePaymentProtection

WebAndEmail

Optional

Web and email

WebAndEmail

 

Placeholder

Web and email / Protocol filtering

ProtocolFiltering

WebAndEmail

Invisible

Web and email / Web access protection

WebAccessProtection

WebAndEmail

Optional

Web and email / Email client protection

EmailClientProtection

WebAndEmail

Optional

Web and email / Email client protection / Email clients

MailPlugins

EmailClientProtection

Invisible

Web and email / Email client protection / Email client antispam

Antispam

EmailClientProtection

Optional

Web and email / Web control

WebControl

WebAndEmail

Optional

Tools / ESET RMM

Rmm

 

Optional

Update / Profiles / Update mirror

UpdateMirror

 

Optional

ESET Inspect plugin

EnterpriseInspector

 

Invisible

Group feature set:

Description

Feature Name

Feature Presence

All mandatory features

_Base

Invisible

All available features

ALL

Invisible

Additional rules

  • If any of the WebAndEmail features are selected for installation, the invisible ProtocolFiltering feature must be included in the list.
  • Names of all the features are case sensitive, for example UpdateMirror is not equal to UPDATEMIRROR.

List of configuration properties

Property

Value

Feature

CFG_POTENTIALLYUNWANTED_ENABLED=

0—Disabled
1—Enabled

PUA detection

CFG_LIVEGRID_ENABLED=

See below

See the LiveGrid property below

FIRSTSCAN_ENABLE=

0—Disabled
1—Enabled

Schedule and run a Computer scan after installation

CFG_PROXY_ENABLED=

0—Disabled
1—Enabled

Proxy server settings

CFG_PROXY_ADDRESS=

<ip>

Proxy server IP address

CFG_PROXY_PORT=

<port>

Proxy server port number

CFG_PROXY_USERNAME=

<username>

Username for authentication

CFG_PROXY_PASSWORD=

<password>

Password for authentication

ACTIVATION_DATA=

See below

Product activation, license key or offline license file

ACTIVATION_DLG_SUPPRESS=

0—Disabled
1—Enabled

When set to "1", do not show the product activation dialog after the first start

ADMINCFG=

<path>

Path to exported XML configuration
(default value cfg.xml)

Configuration properties only in ESET Endpoint Security

CFG_EPFW_MODE=

0—Automatic (default)
1—Interactive
2—Policy-based
3—Learning

Firewall filtering mode

CFG_EPFW_LEARNINGMODE_ENDTIME=

<timestamp>

End date of the Learning Mode as Unix timestamp

LiveGrid® property

When installing ESET Endpoint Security with CFG_LIVEGRID_ENABLED, the behavior of the product after the installation will be:

Feature

CFG_LIVEGRID_ENABLED=0

CFG_LIVEGRID_ENABLED=1

ESET LiveGrid® reputation system

On

On

ESET LiveGrid® feedback system

Off

On

Submit anonymous statistics

Off

On

ACTIVATION_DATA property

Format

Method

ACTIVATION_DATA=key:AAAA-BBBB-CCCC-DDDD-EEEE

Activation using ESET license key (internet connection should be active)

ACTIVATION_DATA=offline:C:\ProgramData\ESET\ESET Security\license.lf

Activation using an offline license file

Language properties

ESET Endpoint Security language (you must specify both properties).

Property

Value

PRODUCT_LANG=

LCID Decimal (Locale ID), for example, 1033 for English (United States). See the list of language codes.

PRODUCT_LANG_CODE=

LCID String (Language Culture Name) in lowercase, for example, en-us for English (United States). See the list of language codes.

Restart properties

Specify the following parameters to restart the computer after installation:

Property

Value

Feature

REBOOT_WHEN_NEEDED=

0—Disabled
1—Enabled

If enabled, after installation, the computer will restart.

REBOOT_CANCELABLE=

0—Disabled
1—Enabled

If enabled, the user can cancel the computer restart.

REBOOT_POSTPONE=

value in seconds

Maximum amount of time in seconds for the user to postpone the computer restart.


note

REBOOT_CANCELABLE and REBOOT_POSTPONE are available only if REBOOT_WHEN_NEEDED is enabled.

Command line installation examples


important

Ensure that you read the End User License Agreement and have administrative privileges before running the installation.


example

Exclude the NetworkProtection section from the installation (you must also specify all child features):

msiexec /qn /i ees_nt64.msi ADDEXCLUDE=Network,Firewall,IdsAndBotnetProtection


example

If you want your ESET Endpoint Security to be automatically configured after the installation, you can specify basic configuration parameters within the installation command.

Install ESET Endpoint Security with ESET LiveGrid® enabled:

msiexec /qn /i ees_nt64.msi CFG_LIVEGRID_ENABLED=1


example

Install to a different application installation directory than the default.

msiexec /qn /i ees_nt64_enu.msi APPDIR=C:\ESET\


example

Install and activate ESET Endpoint Security using your ESET license key.

msiexec /qn /i ees_nt64_enu.msi ACTIVATION_DATA=key:AAAA-BBBB-CCCC-DDDD-EEEE


example

Silent installation with detailed logging (useful for troubleshooting), and RMM only with mandatory components:

msiexec /qn /i ees_nt64.msi /l*xv msi.log ADDLOCAL=_Base,Rmm
 


example

Forced silent full installation with a specified language.

msiexec /qn /i ees_nt64.msi ADDLOCAL=ALL PRODUCT_LANG=1033 PRODUCT_LANG_CODE=en-us

Post-installation command line options

  • ESET CMD—Import an .xml configuration file or turn on/off a security feature.
  • Command line scanner—Run a Computer scan from the command line.