This is a feature that enables advanced ecmd commands. It allows you to export and import settings using the command line (ecmd.exe). Until now, it was only possible to export settings using the GUI. ESET Server Security configuration can be exported to an .xml file.

When you have enabled ESET CMD, there are two authorization methods available:

None - No authorization. We do not recommend this method because it allows importation of any unsigned configuration, which is a potential risk.

Advanced setup password - A password is required to import a configuration from an .xml file, this file must be signed (see singing .xml configuration file further down). The password specified in Access Setup must be provided before a new configuration can be imported. If you do not have access setup enabled, your password does not match or the .xml configuration file is not signed, the configuration will not be imported.

Once ESET CMD is enabled, you can use the command line to import or export ESET Server Security configurations. You can do it manually or create a script for the purpose of automation.


To use advanced ecmd commands, you need to run them with administrator privileges, or open a Windows Command Prompt (cmd) using Run as administrator. Otherwise, you will get Error executing command. message. Also, when exporting a configuration, the destination folder must exist. The export command still works when the ESET CMD setting is switched off.



Export settings command:
ecmd /getcfg c:\config\settings.xml
Import settings command:
ecmd /setcfg c:\config\settings.xml



Advanced ecmd commands can only be run locally. Executing the client task Run command using ESET PROTECT will not work.

Signing an .xml configuration file:

1.Download XmlSignTool executable.

2.Open a Windows Command Prompt (cmd) using Run as administrator.

3.Navigate to the location of xmlsigntool.exe

4.Execute a command to sign the .xml configuration file, usage: xmlsigntool /version 1|2 <xml_file_path>


Value of the parameter /version depends on the version of your ESET Server Security. Use /version 2 for ESET Server Security 7 and newer.

5.Enter and Re-enter your Advanced Setup Password when prompted by the XmlSignTool. Your .xml configuration file is now signed and can be used to import on another instance of ESET Server Security with ESET CMD using the password authorization method.


Sign exported configuration file command: xmlsigntool /version 2 c:\config\settings.xml



If your Access Setup password changes and you want to import a configuration that was signed earlier with an old password, you can sign the .xml configuration file again using your current password. This allows you to use an older configuration file without exporting it to another machine running ESET Server Security before the import.