ESET Online Help

Search English
Select the category
Select the topic

Agent Deployment

Agent Deployment Server Task performs remote deployment of the ESET Management Agent.


note

Agent Deployment task executes the installation of ESET Management Agent on target computers one by one (sequentially). As a result, when you run Agent Deployment task on many client computers, it may take long time to complete. Therefore, we recommend that you use ESET Remote Deployment Tool instead. It executes the installation of ESET Management Agent on all target computers at the same time (in parallel), as well as saves the network bandwidth by using locally stored installer files; without the need to access the online repository.

To create a new Server Task, click Tasks > New > add_new_defaultServer Task or select the desired task type from the tree and click New > add_new_defaultServer Task.

Basic

In the Basic section, type basic information about the task, such as a Name and Description (optional). Click Select tags to assign tags.
In the Task drop-down menu, select the task type you want to create and configure. If you have selected a specific task type before creating a new task, Task is pre-selected based on your previous choice. Task (see the list of all Tasks) defines the settings and the behavior for the task.

You can also select from the following task trigger settings:

Run task immediately after finish - Select this option to have the task run automatically after you click Finish.

Configure trigger - Select this option to enable the Trigger section, where you can configure trigger settings.

To set the trigger later, leave the check boxes deselected.

Agent deployment settings

Targets - Click this to select the clients that will receive this task.


note

If target computers were added to ESET PROTECT On-Prem using the Static Group Synchronization task, ensure the names of computers are their full domain names. These names are used as client's addresses during deployment, if they are not correct, the deployment fails. Use the dNSHostName attribute as the Computer Hostname Attribute during synchronization for purposes of Agent deployment.

Server hostname (optional) - You can type a server hostname if it is different on the client side and the server side.

Target computers credentials

Username / Password - The username and the password for the user with sufficient rights to perform a remote installation of the agent.

Certificate settings

Peer certificate:

ESET PROTECT certificate - A Peer Certificate for Agent installation and ESET PROTECT Certification Authority are selected automatically. To use a different certificate, click the ESET PROTECT Certificate Description to select from a drop-down menu of available certificates.

Custom certificate - If you use a custom certificate for authentication, click Custom Certificate > Select , upload the .pfx certificate and select it when installing the Agent. For more information, see Certificates.

Certificate passphrase - Type the certificate passphrase if needed - if you have specified a passphrase during ESET PROTECT Server installation (in the step where you created a Certification Authority) or you use a custom certificate with a passphrase. Otherwise, leave the Certificate passphrase field blank.


warning

The certificate passphrase must not contain the following characters: " \ These characters cause a critical error during Agent initialization.

ESET PROTECT Server can select the appropriate Agent installation package for operating systems automatically:

Linux - Select a user with permission to use the sudo command or root user. If root is used, the ssh service must allow you to log-in as root.

Linux or macOS - Ensure the target machine has SSH daemon enabled and running on the port 22 and a firewall is not blocking this connection. Use the following command (replace the IP address with the IP of your ESET PROTECT Server) to add an exception in Linux firewall:
iptables -A INPUT -s 10.0.0.1 -p tcp --dport 22 -m state --state NEW -j ACCEPT

To prevent Agent Deployment task from failing, see the Agent deployment troubleshooting.

Other settings

Select the Participate in product improvement program check box to send anonymous telemetry data and crash report to ESET (OS version and type, ESET product version and other product-specific information).

Trigger

The Trigger section contains information about the trigger(s) which would run a task. Each Server Task can have up to one trigger. Each trigger can run only one Server Task. If Configure trigger is not selected in the Basic section, a trigger is not created. A task can be created without trigger. Such a task can be run afterward manually or a trigger can be added later.

Advanced Settings - Throttling

By setting Throttling, you can set advanced rules for the created trigger. Setting throttling is optional.

Summary

All configured options are displayed here. Review the settings and click Finish.

You can see the progress indicator bar, status icon and details for each created task in Tasks.

Troubleshooting

If the Agent Deployment task fails, see the Agent deployment troubleshooting.


warning

To re-deploy ESET Management Agent, never remove the currently installed Agent. Run the Agent Deployment task over the currently installed Agent. When you remove the Agent, the new Agent may start executing old tasks after the new deployment.