Eset agent error when pushed

Just found this article on migrating from SCEP

https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and-migrating-from-scep/

Looks like I need to retract some of my previous statements. I contacted them once more about ERA and ESMC and just got a message back from support that "... you already have business license, those products are already available to you." So it appears to be something available once you claim your license(s).

I am trying to use the ESET Add Token tool, to apply the license key to the .pkg, but keep getting the error "./add_token: command not found"

Followed the instructions to the letter (I think) but not getting anywhere.

Advice please, where an I going wrong?

Thanks

@sdunbar You have set the 'execute' bit for the script, right?

Hi @mschroder

All I did was put both the .pkg and the downloaded tool in the same directory and did the below, so I would say no I have not set the execute bit?

In the terminal run the command: ./add_token ees_osx_en_0.pkg "1111-1111-1111-1111-1111" Run the command in the directory where you saved the installation file and add_token file. Replace 1111-1111-1111-1111-1111 with your ESET license Key. Replace ees_osx_en_0.pkg with your installation file name.

Update:
My mistake, sorted now, thanks

I was able to get it activated by cd /Applications/ESET Endpoint Security.app/Contents/MacOS then running esets_daemon --wait-respond --activate key=XXXX-XXXX-XXXX-XXXX-XXXX

Hello folks,

Ahh ESET... yep you can capture settings for it then apply/import them as part of deployment and you don't need their ERA solution to do it - I really didn't want to go through having to configure another on-prem service.

Basically, the "system level" stuff is stored in /Library/Application Support/ESET/esets/cache/data/settings.json and the "user level" bits (like suppressing the GUI prompts/notifications) are in ~/.esets/gui.cfg

The system level stuff is different from how it used to be managed in good old SCEP - it can be exported/imported using the GUI or esets_daemon.

The user level settings can be modified granularly using the esets_set utility in the app bundle itself, or you can just replace the entire file with one containing your preferred settings in the logged in user's context and force a reload of the esets_gui process for them.

I've documented all of the above in more detail on my blog post.

The add_token tool is working for me but you have to set it executable before you run it - i.e:

chmod +x /path/to/add_token

I'll add that little nugget to my post at https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and-migrating-from-scep/

It's also worth registering for an EBA account to keep track of your license usage.

When exporting the configuration file right from ESET what file extension should that use?

Following https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and-migrating-from-scep/

@tkuhn it doesn't matter whether you use an extension or not for the exported settings file.

@neil.martin83 I am looking to use your Extension Attributes for ESET (the ones for SCEP were very useful thanks).

I am not getting any result, I have changed ESET Endpoint Antivirus.app to ESET Endpoint Security.app as that is what we are using, but no joy.

Am I missing something obvious?

@sdunbar I haven’t touched Endpoint Security so have no idea. What’s in the app bundle Contents/MacOS directory? Is esets_daemon there?

@neil.martin83 Yes it is there, along with esets_set and quite a few others.

@sdunbar could you please post the output of

esets_daemon --status

Cheers!

@neil.martin83 Thanks for your help, esets_daemon --status gives the following:

RTPStatus=Enabled
ClientVer=6.7.500.0
AVSigsVer=18564 (20181218)
AVSigsDate=2018-12-18T13:11:10
AVSigsServer=http://um02.eset.com/eset_upd/ep6.6/
AntivirusAntispywareModVer=1546 (20181127)
Activation=Activated
AutomaticUpdateSignature=Enabled
StartupScanAfterLogon=Enabled
StartupScanAfterUpdate=Enabled
RTPEventMask=open:exec:create
RTPAdvHeuristic=Disabled
RTPAdvHeuristicExec=Enabled
RTPAdvHeuristicCreate=Enabled
ScanStatistics=Infected:0|Cleaned:0|Deleted:0
RTPStatistics=Infected:0|Cleaned:0|Deleted:0
WarningAlert=Operating system is not up to date

@sdunbar In that case, my EA's should work with the following tweak to line 3 of the script on each one:

Change this:

esets_daemon="/Applications/ESET Endpoint Antivirus.app/Contents/MacOS/esets_daemon"

Into this:

esets_daemon="/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_daemon"

@neil.martin83 I have already done that, as that was the only obvious (to me) difference.

For for example I have

'''#!/bin/bash
esets_daemon="/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_daemon"
if [[ -e "$esets_daemon" ]]; then esetactstatus=$("$esets_daemon" --status | grep Activation | cut -d "=" -f 2) echo "<result>$esetactstatus</result>" exit 0
else''' echo "<result>Not Installed</result>"
fi
exit 0

Ok - my EAs are intended to be saved from GitHub and uploaded directly into Jamf rather than copy/pasted (the script part) - as it looks like that's what you may have done, judging by the character substitution I can see with the <> symbols. The scripts should look like this:

#!/bin/bash

esets_daemon="/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_daemon"

if [[ -e "$esets_daemon" ]]; then
    esetactstatus=$("$esets_daemon" --status | grep Activation | cut -d "=" -f 2)
    echo "<result>$esetactstatus</result>"
    exit 0
else
    echo "<result>Not Installed</result>"
fi

exit 0

@neil.martin83 Ah, yes sorry for being a bit of a numpty!
That is all now working perfectly, thank you for all your help, very much appreciated.