Example scenarios of ESET Management Agent deployment to targets not joined to domain
The instructions below cover these scenarios:
•Deployment from ESET PROTECT Server Appliance or Linux ESET PROTECT Server to Windows targets not joined to a domain.
•Deployment from Windows ESET PROTECT Server from Windows source not joined to a domain to Windows targets not joined to a domain.
Preconditions:
•Same local network.
•Working FQDN names, e.g.: desktop-win7.test.local maps to 192.168.1.20 and vice versa.
•Installed clean operating system from MSDN with defaults.
Targets:
Windows 10 Enterprise
Windows 8.1 Enterprise
Windows 7 Enterprise
1.Create a user with password that is a member of the Administrators group, e.g. Admin.
a.Open Microsoft Management Console by opening the Run console and typing the mmc into the field and clicking OK.
b.Add the Local Users and groups Snap-in from the File > Add/Remove Snap-in. Add a new user into the Users folder and fill in the required information into the fields (do not forget to fill in the password). In the Groups section, open the Properties of the Administrators group and add the newly created user into the group by clicking the Add button. Fill in the login name of the newly created user into the Enter the object names to select and verify it by clicking on the Check Names button.
2.In the Network and Sharing Center, change the network setting from the Public network to Private network by clicking on the Public network on the left side of the View your active networks section.
3.Disable Windows Firewall for the Private Network by clicking on the Turn Windows Firewall on or off and selecting Turn off Windows Firewall in the Home or Work network location settings.
4.Check that File and printer sharing is enabled for Private network by clicking on the Change advanced sharing settings in the Network and Sharing Center.
5.Disable User Account Control (UAC) remote restrictions:
a.Open Registry editor by typing regedit into the Run console and locate HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
b.In the System file, create a new DWORD Value with the name LocalAccountTokenFilterPolicy.
c.Open the created file and set the Value data to 1.
ESET PROTECT Web Console:
In the ESET PROTECT Web Console, create a new Agent Deployment Server task:
1.Targets - Select target Windows computers.
2.Server hostname (optional) - Type the FQDN name or IP address of the ESET PROTECT Server. (You can find the FQDN name of the machine by right-clicking in the Computer and selecting Properties. The FQDN name appears next to the Full computer name).
3.Username - Type Admin (no domain name or computer name prefix) and type the Password for this user.
4.ESET PROTECT Certificate - Click No certificate selected and select Agent certificate.
5.Click Finish to execute the task.