Deploying the agent from McAfee ePO

Deploying from McAfee ePO allows you to install McAfee Agent on multiple client systems at the same time.

  • Systems must already be added to the System Tree.
    Tip: If you have not yet created the System Tree groups, you can deploy the McAfee Agent installation package to systems when you add groups and systems to the System Tree. But, if you are importing large domains or Active Directory containers, don't use this method. It generates significant network traffic.
  • The user must have local administrator rights on all target systems. Domain administrator rights are required on a system to access the default Admin$ shared folder. McAfee ePO service requires access to this shared folder to install McAfee Agent.
  • McAfee ePO must be able to communicate with the target systems.

    Before beginning a large McAfee Agent deployment, make sure that the client systems are reachable from McAfee ePO. To test the connectivity between McAfee ePO and McAfee Agent, ping the client systems with IP address or host name depending on how the client systems are identified in McAfee ePO.

    Tip: The ability to successfully use ping commands from McAfee ePO to managed systems is not required for McAfee Agent to communicate with the server. But it is a useful test to determine if you can deploy McAfee Agent to those client systems from McAfee ePO.

  • The Admin$ share folder on Windows target systems must be accessible from McAfee ePO. Verify that this is true on a sample of target systems. This test also validates your administrator credentials, because you cannot access remote Admin$ shares without administrator rights.

    From McAfee ePO, click Windows StartRun, then type the path to the target system's Admin$ share, specifying system name or IP address. For example, type \\<System Name>\Admin$.

    If the systems are properly connected over the network, and your credentials have sufficient rights, and the Admin$ share folder is present, a Windows Explorer dialog box appears.

  • Enable SSH on the Linux and Macintosh client systems before installing McAfee Agent from McAfee ePO.

    Comment out the following line in the /etc/sudoers file on a Red Hat operating system.

    Default requiretty

    Remove the comment from the following line /etc/ssh/sshd_config file

    PermitRootLogin Yes
    Note: You must have root permissions to install McAfee Agent on non-Windows systems.

  • Enable the network access on Windows 7 Home client systems.
  • Enable the file and print sharing.
  • Enable the server services.
  • Enable the remote registry services.
  • Temporarily disable the user account control on client systems to push McAfee Agent from McAfee ePO.

The push deployment feature can install McAfee Agent on many systems at the same time. You can only install a single version of McAfee Agent on a client system.