Importing templates via scripting?

Discussion in 'ESET NOD32 Antivirus' started by Arkh, Jun 22, 2009.

Thread Status:
Not open for further replies.
  1. Arkh

    Arkh Registered Member

    Joined:
    Jun 2, 2009
    Posts:
    10
    Strange question,

    First I'll explain the predicament so you know why I'm asking. I have a bunch of workstations that are standalone clients. I have recently introduced a new server and would like to manage the clients using ERA. The problem is that going by each and every PC and manually telling them to point to the server will take a long time.

    Is there anyway to import templates via scripting? I'm thinking about creating a template with the remote server address setup and then importing it via a login script.

    Is this possible? Or does anyone know of an easier way to accomplish this?
     
  2. BFG

    BFG Registered Member

    Joined:
    Oct 27, 2004
    Posts:
    482
    Location:
    San Diego
  3. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
    Hello Arkh,

    If it's been a while since the clients have been installed, you can push out a new package with the settings to check in to your server. If the clients already have the newest build, you could push uninstall them with the option to reboot and then push install the package with the RA settings.
     
  4. Arkh

    Arkh Registered Member

    Joined:
    Jun 2, 2009
    Posts:
    10
    Thanks for the help.

    Is there anyway to override the template/config on the local machines? For example, is there a local configuration file on the workstations that I can just replace with a different one?

    All of the methods listed so far are going to require me to install an entire package rather than just importing a template.
     
  5. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
    The settings for the software are not stored in a file like you are asking. You also can't import the settings using any kind of scripting.

    You could add the setting to the registry at the following location:

    HKLM\SOFTWARE\ESET\ESET Security\CurrentVersion\Plugins\01000600\Profiles\@My profile

    Create 2 new values:
    Name:RAClientEnabled Type:REG_DWORD hex value:1
    Name:RAClientServer Type:REG_SZ data:SERVERNAME

    NOTE: SERVERNAME is the name of the RA server
     
  6. wdp

    wdp Registered Member

    Joined:
    Aug 25, 2009
    Posts:
    3
    It's a very good idea, but it seems that the ESET registry keys are protected?? I've tried the exact plan using the REG command, and also using regedit and then connecting to network registry, and I can add/edit/delete various other registry keys/value, but not the specific ESET settings. Also tried importing .reg file. Tried this locally while logged on to the PC as well. No joy.

    Any other suggestion on how to get the standalone client to report to the server, without doing the push installation or importing the config via the GUI?
     
  7. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
    ESET has a Self Defense module that prevents the files and registry entries from being modified. You will need to disable Self Defense and reboot before you can make any changes to the registry entries.
     
  8. wdp

    wdp Registered Member

    Joined:
    Aug 25, 2009
    Posts:
    3
    But doesn't that defeat the purpose of the exercise? If you are going to log on to the computer to disable self-defence and reboot, it would be less trouble to use the GUI to import a configuration that configures Remote Administration.

    In my opinion you should be able to push the configuration from the server the same way you push the whole installation package (and of course authenticate against the client in the same way). A second options would be to import the configuration via the command line, again with the requirement to be an administrator on the computer.

    I'm surprised that more people haven’t asked for this??
     
  9. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    I already made a suggestion to import a configuration file via the command line, it would be very useful, also in environments where a ERA server is not used to monitor the clients. I hope they add it in the next version :).
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Surely not. For security reasons, importing a configuration xml from the command line would need to be verified by a hash generated on a server or by ESET staff. It doesn't make sense to add such a security feature as nobody would use it when importing via gui would be a lot easier.
     
  11. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    Well that is a nice thought, I didn't think about that, thats why I am not a security developer :)
    Perhaps make it possible when there already is a password protected configuration or something? For example; egui.exe /xmlimport /path/to/file.xml password=password (or which ever exe could be used.)

    We have certain costumers who only have a unix server where we gonna install the unix file server on which is gonna act as the mirror server.
    We have lots of ways installing clients on the workstations without a ERA server but its hard to change its configuration once installed.
     
  12. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
    If you want to configure many clients at once, why not use ERA though? That's what it was created for. There are many features such as reporting that you don't get when you don't use ERA. I guess I just don't see a reason not to use it.
     
  13. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    Cause you cant install ERA on a linux box as far I am aware of?
    We manage plenty of SMB networks who only have 1 linux server for server needs, so thats why it would be useful for our company.
     
  14. wdp

    wdp Registered Member

    Joined:
    Aug 25, 2009
    Posts:
    3
    Personally I'm happy to use ERA, but the diffirence between pushing a configuraton file and pushing a full installation is a BIG one. Apart from size, it is also a lot more complicated to do the psuh install - it is not as simple as just clicking "Push Install". You end up with install errors, requiring uninstalls and reboots.

    If it is in order to push a whole installation from ERA, why is it a problem to push the configuration to a standalone client?
     
  15. WayneP

    WayneP Support Specialist

    Joined:
    Apr 9, 2009
    Posts:
    339
    You can always install ERA on a Windows workstation and manage the clients that way. My current test environment uses a Windows XP box with ERA installed.
     
  16. Brambb

    Brambb Registered Member

    Joined:
    Sep 25, 2006
    Posts:
    411
    Location:
    The Netherlands
    Yes that would be a work around, but not really a ideal situation as I would like to use a server for such tasks.

    It doesn't really bother me that much anyway, if a configuration change is needed (rarely needs to anyway) I can already do it with a few handles and the client will uninstall the current version and install a new version of NOD32 with the new configuration file.

    As for the reporting features, it is nice to have but it ain't necessary for me. The import of a configuration file is all I wanted, but I didn't think about the security risk but perhaps a solution like the one I posted can be designed.
     
Thread Status:
Not open for further replies.