MSI arguments
Several arguments can be used when using the 
.MSI installer
Launch the .MSI installer to see all available arguments with an explanation and examples.
To install or remove ESA components without a Domain Admin user, use NO_DOMAIN_ADMIN_MODE=1. Then check the installation logs for further instructions marked as "Manual configuration needed".
Examples when deploying ESA components
Partial list of ESA .MSI arguments
To specify ESA components to be installed, the ADDLOCAL argument is used. Possible values include the following:
- Win_Credential_Provider - Windows Login
- Radius_Server - RADIUS Server for VPN Protection
- Credential_Provider - Remote Desktop
- Web_Exchange - Microsoft Exchange Server
- Web_SharePoint - Microsoft SharePoint Server
- Web_RemoteDesktop - Remote Desktop Web Access
- Web_Dynamics - Microsoft Dynamics CRM
- Web_RemoteAccess - Remote Web Access
- ADFS3 - AD FS 3 or later
- Identity_Provider_Connector - Identity Provider Connector
To install more features, separate them by comma, for example:
ADDLOCAL="Credential_Provider,Win_Credential_Provider"
To install or upgrade ESA via msi, you must accept the End User License Agreement. Use parameter EULA_ACCEPTED=1 (1 — I accept the terms in the License Agreement)
Specify the deployment type using the ESA_COMPUTER_CONFIG_INTEGRATION_MODE argument with value number 2. Then configure also the following arguments:
- ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS - IP address of Authentication Server to be used in invitations.
- ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS - invitation code.
- TRUSTED_CERT_HASH - hash of trusted Certificate to be added to certificate store.
To set a custom RADIUS port, use ESA_CONFIG_RADIUS_PORT.
AD/LDAP Synchronization Agent
Use /qn argument to run MSI in silent mode.
Command-line arguments are processed only by ESA installer MSI (they are not processed by ESA installer EXE).
Component (for ADDLOCAL and REMOVE):
Management_Sync_Agent (AD/LDAP Synchronization Agent)
To install or upgrade ESA, you must accept the End User License Agreement:
EULA_ACCEPTED=1 (1 — I accept the terms in the License Agreement)
Authentication Server connection arguments (not needed when installing components to the same machine where the Authentication Server is installed):
ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS (Authentication Server address)
ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS (invitation code)
Useful general arguments:
/L*v "c:\esa_install_log.txt" (creates installation log at c:\esa_install_log.txt)
Examples of using ESA .MSI arguments when deploying ESA components through ESET PROTECT
Example - Install Windows Login and Remote Desktop
ADDLOCAL="Win_Credential_Provider,Credential_Provider" ESA_COMPUTER_CONFIG_INTEGRATION_MODE=2 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=DKNO-XESE-WXUA-QNXW-JAEI EULA_ACCEPTED=1 |
Example: install AD/LDAP Syncrhonization Agent
Run the installer and in GUI the example is presented as well.
ADDLOCAL="Management_Sync_Agent" ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=DKNO-XESE-WXUA-QNXW-JAEI EULA_ACCEPTED=1 |
Examples of using ESA .MSI arguments when deploying ESA components locally
Example - Install AD/LDAP Syncrhonization Agent
Run the installer and in GUI the example is presented as well.
msiexec /i "esasyncagent_nt64_enu.msi" /qn /L*v "c:\esa_install_log.txt" ADDLOCAL="Management_Sync_Agent" ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=DKNO-XESE-WXUA-QNXW-JAEI EULA_ACCEPTED=1 |
Example - Install Windows Login and Remote Desktop
msiexec /i "esacomponents_nt64_enu" /qn /L*v "c:\esa_install_log.txt" ADDLOCAL="Win_Credential_Provider,Credential_Provider" ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=DKNO-XESE-WXUA-QNXW-JAEI EULA_ACCEPTED=1 |