Agent Deployment

Agent Deployment Server Task performs remote deployment of the ESET Management Agent.

note

Note

Agent Deployment task executes the installation of ESET Management Agent on target computers one by one (sequentially). As a result, when you run Agent Deployment task on many client computers, it may take long time to complete. Therefore, we recommend that you use ESET Remote Deployment Tool instead. It executes the installation of ESET Management Agent on all target computers at the same time (in parallel), as well as saves the network bandwidth by using locally stored installer files; without the need to access the online repository.

To create a new Server Task, click Tasks > New > add_new_defaultServer Task or select the desired task type on the left and click New > add_new_defaultServer Task.

Basic

In the Basic section, enter basic information about the task, such as a Name and Description (optional). Click Select tags to assign tags.
In the Task drop-down menu, select the task type you want to create and configure. If you have selected a specific task type before creating a new task, Task is pre-selected based on your previous choice. Task (see the list of all Tasks) defines the settings and the behavior for the task.

You can also select from the following task trigger settings:

Run task immediately after finish - Select this option to have the task run automatically after you click Finish.

Configure trigger - Select this option to enable the Trigger section, where you can configure trigger settings.

To set the trigger later, leave the check boxes deselected.

Agent deployment settings

Targets - Click this to select the clients that will receive this task.

note

Note

If target computers were added to ESET PROTECT using the Static Group Synchronization task, make sure the names of computers are their full domain names. These names are used as client's addresses during deployment, if they are not correct, the deployment fails. Use the dNSHostName attribute as the Computer Hostname Attribute during synchronization for purposes of Agent deployment.

Server hostname (optional) - You can enter a server hostname if it is different on the client side and the server side.

 

Target computers credentials

Username / Password - The username and the password for the user with sufficient rights to perform a remote installation of the agent.

 

Certificate settings

Peer certificate:

ESET PROTECT Certificate - This is the security certificate and Certification Authority for the Agent installation. You can select the default certificate and Certification Authority, or use custom certificates.

Custom certificate - If you use a custom certificate for authentication, navigate to the certificate and select it when installing the Agent. For more information, see the Certificates chapter.

Certificate Passphrase - Password for the certificate, either the password you entered during ESET PROTECT Server installation (in the step where you created a Certification Authority) or the password for your custom certificate.

warning

Warning

The certificate passphrase must not contain the following characters: " \ These characters cause a critical error during the initialization of the Agent.

ESET PROTECT Server can select the appropriate Agent installation package for operating systems automatically:

Linux - Select a user with permission to use the sudo command or root user. If root is used, the ssh service must allow you to log-in as root.

Linux or macOS - Make sure the target machine has SSH daemon enabled and running on the port 22 and a firewall is not blocking this connection. Use the following command (replace the IP address with the IP of your ESET PROTECT Server) to add an exception in Linux firewall:
iptables -A INPUT -s 10.0.0.1 -p tcp --dport 22 -m state --state NEW -j ACCEPT

To prevent Agent Deployment task from failing, see the Agent deployment troubleshooting.

Other settings

Deselect the check box Participate in product improvement program if you do not agree to send crash reports and telemetry data to ESET. If the check box is left selected, telemetry data and crash reports will be sent to ESET.

Trigger

The Trigger section contains information about the trigger(s) which would run a task. Each Server Task can have up to one trigger. Each trigger can run only one Server Task. If Configure trigger is not selected in the Basic section, a trigger is not created. A task can be created without trigger. Such a task can be run afterward manually or a trigger can be added later.

Advanced Settings - Throttling

By setting Throttling, you can set advanced rules for the created trigger. Setting throttling is optional.

Summary

All configured options are displayed here. Review the settings and click Finish.

In Tasks you can see the progress indicator bar, status icon, and details for each created task.

Troubleshooting

If the Agent Deployment task fails, see the Agent deployment troubleshooting.

warning

Warning

To re-deploy ESET Management Agent, never remove the currently installed Agent. Run the Agent Deployment task over the currently installed Agent. When you remove the Agent, the new Agent may start executing old tasks after the new deployment.