Agent Deployment

Remote deployment of the ESET Management Agent is performed from the More section. Click Server Tasks > Agent Deployment > New to start configuring your new task.

details_hoverNOTE

Agent Deployment task executes the installation of ESET Management Agent on target computers one by one (sequentially). As a result, when you run Agent Deployment task on many client computers, it may take long time to complete. Therefore, we recommend that you use ESET Remote Deployment Tool instead. It executes the installation of ESET Management Agent on all target computers at the same time (in parallel), as well as saves the network bandwidth by using locally stored installer files; without the need to access the online repository.

If you decide to use the Agent Deployment task, make sure to change Agent connection interval to improve the task execution.

validation-status-icon-error WARNING

SSH-based deployment is not supported on Windows Server 2003. The task will fail if ESMC Server is installed on this system.

Basic

In this section, you can enter basic information about a task, such as a Name and Description (optional). You can also select from the following task trigger settings:

Run task immediately after finish - Select this option to have the task run automatically after you click Finish.

Configure trigger - Select this option to enable the Trigger section, where you can configure trigger settings.

To set the trigger later, leave this check box deselected.

 

Agent deployment settings

Automatic resolution of suitable Agent - If you have multiple operating systems (Windows, Linux, macOS) in your network, select this option and this task will automatically find the appropriate server-compatible Agent installation package for each system.

Targets - Click this to select the clients that will receive this task.

details_hoverNOTE

If target computers were added to ESMC using the Static Group Synchronization task, make sure the names of computers are their full domain names. These names are used as client's addresses during deployment, if they are not correct, the deployment fails. Use the dNSHostName attribute as the Computer Hostname Attribute during synchronization for purposes of Agent deployment.

Server hostname (optional) - You can enter a server hostname if it is different on the client side and the server side.

 

Target computers credentials

Username / Password - The username and the password for the user with sufficient rights to perform a remote installation of the agent.

 

Certificate settings

Peer certificate:

ESMC Certificate - This is the security certificate and certification authority for the Agent installation. You can select the default certificate and certification authority, or use custom certificates.

Custom certificate - If you use a custom certificate for authentication, navigate to the certificate and select it when installing the Agent. For more information, see the Certificates chapter.

Certificate Passphrase - Password for the certificate, either the password you entered during ESMC Server installation (in the step where you created a certification authority) or the password for your custom certificate.

validation-status-icon-warning IMPORTANT

The certificate passphrase must not contain following characters: " \ These characters cause critical error during the initialization of the Agent.

details_hoverNOTE

ESMC Server can select the appropriate Agent installation package for operating systems automatically. To choose a package manually, deselect Automatic resolution of suitable Agent and then choose the package you want to use from the list of available Agents in ESMC repository.

For installation on Linux or Mac machine, make sure the target machine has SSH daemon enabled and running on the port 22 and a firewall is not blocking this connection. Use the following command (replace the IP address with the IP of your ESMC Server) to add an exception in Linux firewall:
iptables -A INPUT -s 10.0.0.1 -p tcp --dport 22 -m state --state NEW -j ACCEPT

For installation on Linux, choose a user with permission to use the sudo command or root user. If root is used, the ssh service must allow you to log-in as root.

To re-deploy an Agent, never remove the current Agent, instead run the Deployment task over the current Agent.  When you remove the Agent, it may start executing old tasks after the new deployment.

Other settings

Deselect the check box Participate in product improvement program if you do not agree to send crash reports and telemetry data to ESET. If the check box is left selected, telemetry data and crash reports will be sent to ESET.

Trigger

The Trigger section contains information about the trigger(s) which would run a task. Each Server Task can have up to one trigger. Each trigger can run only one Server Task. If Configure trigger is not selected in the Basic section, a trigger is not created. A task can be created without trigger. Such a task can be run afterward manually or a trigger can be added later.

Advanced Settings - Throttling

By setting Throttling, you can set advanced rules for the created trigger. Setting throttling is optional.

Summary

All configured options are displayed here. Review the settings and click Finish if they are ok. The task is now created and ready to be used.