Deploying The Agent With Epolicy Orchestrator - McAfee EPOLICY ORCHESTRATOR 4.0.2 Product Manual

Distributing Agents to Manage Systems
Distributing agents
Including the agent on an image
Using other deployment products
Distributing the agent to WebShield appliances and Novell NetWare servers

Deploying the agent with ePolicy Orchestrator

Use this task to deploy agents to your systems with ePolicy Orchestrator. This method uses
Windows NT push technology.
This method is recommended if large segments of your System Tree are already populated.
For example, if you created System Tree segments by importing domains or Active Directory
containers and you chose not to deploy during the import.
Before you begin
To use this method, several requirements must be met, including:
• Systems must already be added to the System Tree.
NOTE: If you have not yet created the System Tree, you can deploy the agent installation
package to systems at the same time that you are adding groups, and systems to the System
Tree. However, McAfee does not recommend this procedure if you are creating your System
Tree by importing large NT domains or Active Directory containers. This can generate too
much network traffic.
• Specify domain administrator credentials. Domain administrator rights are required on a
system to access the default
to this shared folder in order to install agents and other software.
• Verify the ePO server can communicate with the desired systems.
Before beginning a large agent deployment, use ping commands to verify that the server
can communicate with a few systems in each segment of your network.
If the targeted systems respond to the ping, then ePolicy Orchestrator can reach the
segments.
NOTE: The ability to successfully use ping commands from the ePO server to the managed
systems is not required for the agent to communicate with the server after the agent is
installed. This is only a useful test for determining if you can deploy agents from the server.
• Verify that the
This test also validates your administrator credentials, because you cannot access remote
shares without administrator rights.
Admin$
To access
Admin$
type the path to the client
If the systems are properly connected over the network, your credentials have sufficient
rights, and if the
dialog box.
• Ensure file and print sharing is enabled. This is disabled by default on Windows 95, Windows
98, and Windows ME systems. In addition, if you have systems in your network running
these operating systems, make sure they can be managed by ePolicy Orchestrator. By
default, these systems do not allow ePO administration. To enable these systems for ePO
administration, download VCREDIST.EXE and DCOM 1.3 updates from the Microsoft web
site and install them on each client as required.
74 McAfee ePolicy Orchestrator 4.0.2 Product Guide
shared folder. The ePO server service requires access
Admin$
share folders on the desired systems are accessible from the server.
Admin$
shares on desired systems from the ePO server, select Start | Run, then
$ share by specifying either the system name or IP address.
Admin
shared folder is present, you should see a Windows Explorer
Admin$