ESET Online Help

Search English
Select the topic

MSI arguments

Several arguments can be used when using the .MSI installer either as a Logon script or Installation task.

Launch the .MSI installer to see all available arguments with an explanation and examples.

To install or remove ESA components without a Domain Admin user, use NO_DOMAIN_ADMIN_MODE=1. Then check the installation logs for further instructions marked as "Manual configuration needed".

Examples when deploying ESA components via ESET PROTECT

Partial list of ESA .MSI arguments

To specify ESA components to be installed, the ADDLOCAL argument is used. Possible values include the following:

Core_Service - Authentication Server

Reports_Elasticsearch - Reporting Engine (Elasticsearch)

Win_Credential_Provider - Windows Login

Radius_Server - RADIUS Server for VPN Protection

Credential_Provider - Remote Desktop

Web_Exchange - Microsoft Exchange Server

Web_SharePoint - Microsoft SharePoint Server

Web_RemoteDesktop - Remote Desktop Web Access

Web_Dynamics - Microsoft Dynamics CRM

Web_RemoteAccess - Remote Web Access

ADFS3 - AD FS 3 or later

Identity_Provider_Connector - Identity Provider Connector

To install more features, separate them by comma, for example:
ADDLOCAL="Credential_Provider,Win_Credential_Provider"

To specify a deployment type, the ESA_COMPUTER_CONFIG_INTEGRATION_MODE argument is used. Possible values include the following:

1 = Active Directory Integration (default value)

2 = Standalone

If value number 2 is used, the following arguments must be configured also, unless you are installing ESA components on the same machine where the Authentication Server is installed:

ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS - IP address of Authentication Server to be used in invitations.

ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS - invitation code.

TRUSTED_CERT_HASH - hash of trusted Certificate to be added to certificate store.

To set an initial username and password for the ESA Web Console when installing the Authentication Server (Core_service), use:

ESA_CONFIG_WEB_CONSOLE_USER

ESA_CONFIG_WEB_CONSOLE_PASSWORD

 

Core_Service (Authentication Server) advanced configuration arguments:

ESA_CONFIG_DB_TYPE (database type, Standalone mode only, use "sqlite", "postgresql", or "mssql")

ESA_CONFIG_DB_CONNECTION_STRING (database connection string, Standalone mode only)

ESA_CONFIG_PROXY_ENABLED (use value true to enable custom HTTP proxy settings)

ESA_CONFIG_PROXY_SERVER (leave blank to not use proxy)

ESA_CONFIG_PROXY_PORT

ESA_CONFIG_PROXY_USER

ESA_CONFIG_PROXY_PASSWORD

To set a custom RADIUS port, use ESA_CONFIG_RADIUS_PORT.

For complete removal of the ESA Authentication Server, including configuration data, use AUTHENTICATION_SERVER_CLEAN_DATA=1.

Examples of using ESA .MSI arguments when deploying ESA components through ESET PROTECT

Example - Install Windows Login and Remote Desktop (Standalone mode)

ADDLOCAL="Win_Credential_Provider,Credential_Provider" ESA_COMPUTER_CONFIG_INTEGRATION_MODE=2 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=192.168.0.15:8001 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=DKNO-XESE-WXUA-QNXW-JAEI TRUSTED_CERT_HASH=2CD61594DDE3E63E6BEBB9BF3DC95B85550FD5D8 EULA_ACCEPTED=1

Example - Install Windows Login and Remote Desktop as a no domain admin user (Active Directory Integration mode)

ADDLOCAL="Win_Credential_Provider,Credential_Provider" NO_DOMAIN_ADMIN_MODE=1

Do not forget to add the computer(s) to EsaServices manually.