MSI arguments
Several arguments can be used when using the 
.MSI installer
Launch the .MSI installer to see all available arguments with explanations and examples.
To install or remove ESA components without a Domain Admin user, use NO_DOMAIN_ADMIN_MODE=1. Then check the installation logs for further instructions marked as "Manual configuration needed".
Partial list of ESA .MSI arguments
The ADDLOCAL argument is used to specify the ESA components to be installed. Possible values include the following:
•Win_Credential_Provider - Windows Login
•Radius_Server - RADIUS Server for VPN Protection
•Credential_Provider - Remote Desktop
•Web_Exchange - Microsoft Exchange Server
•Web_SharePoint - Microsoft SharePoint Server
•Web_RemoteDesktop - Remote Desktop Web Access
•Web_Dynamics - Microsoft Dynamics CRM
•Web_RemoteAccess - Remote Web Access
•ADFS3 - AD FS 3 or later
•Identity_Provider_Connector - Identity Provider Connector
To install more features, separate them by a comma, for example:
ADDLOCAL="Credential_Provider,Win_Credential_Provider"
To install or upgrade ESA via MSI, you must accept the End User License Agreement. Use parameter EULA_ACCEPTED=1 (1 — I accept the terms in the License Agreement)
Specify the deployment type using the ESA_COMPUTER_CONFIG_INTEGRATION_MODE argument with value number 2. Then configure also the following arguments:
•ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS-IP address of Authentication Server to be used in invitations.
•ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS-invitation code.
•TRUSTED_CERT_HASH-hash of the trusted Certificate to be added to the certificate store.
To set a custom RADIUS port, use ESA_CONFIG_RADIUS_PORT.
AD/LDAP Synchronization Agent
Use /qn argument to run MSI in silent mode.
Command-line arguments are processed only by the ESA installer MSI (they are not processed by the ESA installer EXE).
Component (for ADDLOCAL and REMOVE):
Management_Sync_Agent (AD/LDAP Synchronization Agent)
To install or upgrade ESA, you must accept the End User License Agreement:
EULA_ACCEPTED=1 (1 — I accept the terms in the License Agreement)
Authentication Server connection arguments (not needed when installing components to the same machine where the Authentication Server is installed):
ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS (Authentication Server address)
ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS (invitation code)
Useful general arguments:
/L*v "c:\esa_install_log.txt" (creates installation log at c:\esa_install_log.txt)
Examples of using ESA .MSI arguments when deploying ESA components through ESET PROTECT
Install Windows Login and Remote Desktop
ADDLOCAL="Win_Credential_Provider,Credential_Provider" ESA_COMPUTER_CONFIG_INTEGRATION_MODE=2 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=OBWK-EAKB-FADW-TJRA-WEAB@6ab71e63-e256-4ee4-becc-d9c6e4ad8e96 EULA_ACCEPTED=1 |
Install AD/LDAP Synchronization Agent
ADDLOCAL="Management_Sync_Agent" ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=OBWK-EAKB-FADW-TJRA-WEAB@6ab71e63-e256-4ee4-becc-d9c6e4ad8e96 EULA_ACCEPTED=1 |
Examples of using ESA .MSI arguments when deploying ESA components locally
Install AD/LDAP Synchronization Agent
msiexec /i "esasyncagent_nt64_enu.msi" /qn /L*v "c:\esa_install_log.txt" ADDLOCAL="Management_Sync_Agent" ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=OBWK-EAKB-FADW-TJRA-WEAB@6ab71e63-e256-4ee4-becc-d9c6e4ad8e96 EULA_ACCEPTED=1 |
Install Windows Login and Remote Desktop
msiexec /i "esacomponents_nt64_enu" /qn /L*v "c:\esa_install_log.txt" ADDLOCAL="Win_Credential_Provider,Credential_Provider" ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ADDRESS=esac.eset.com:443 ESA_COMPUTER_CONFIG_AUTHENTICATION_SERVER_ACCESS=OBWK-EAKB-FADW-TJRA-WEAB@6ab71e63-e256-4ee4-becc-d9c6e4ad8e96 EULA_ACCEPTED=1 |