Jamf Nation Community

Yeah i have that set up. Unless you spot something wrong @Look

thanks @Look

Hi @jalcorn, did you use the add_token tool to license ESET?

@a.simmons No, turns out it was activity all the macs with the same licenses.

Does anyone know the location of where the ESET config file is saved?

We would like to push out the config file, and while we can export and import it, I cannot find where it is saved when imported (does not look to be the same location as for SCEP).

Many thanks

Found it: Library/Application Support/ESET/esets/modules/data/backup/ (or is this just the backup of the config file) distributing to this location does not seem to work? Any suggestions gratefully received.

@jalcorn where did you get the script to install agent? Can you share please?

I think you get it here https://support.eset.com/kb7026/?locale=en_EN&segment=business

@jkaigler You can log into your set portal and download it there. They give it out.

Is there any way to make the application run in the background the first time it runs?

@a.simmons I have it run the agent at enrollment. Then Once the agent is installed ESET sees it and installs the app.

@sdunbar

Trying to run the esets_set command throws this error when I test:

"Cannot open file /Library/Application Support/ESET/esets/etc/esets.cfg: No such file or directory"

So I assume thats where it may save them. I've also been toying with moving around the settings.json from /Library/Application Support/ESET/esets/cache/data/ but I've not made much headway.

Also I'm unsure if there is any script available to those of us moving over from SCEP for Mac, and when I contacted their support about it I was told there was no way to customize the installer at the time of installation, even though the pkg file allows for GUI customization choices.

@jalcorn I opened a ticket with ESET support, this is their response ...

Thank you for contacting ESET North America Technical Support.

At this point there is no official script that is offered to assist wit the deployment. With JAMF you should be able to preload the kernel extensions and push out the package installer.

@jkaigler This link will point you to the right spot.

https://support.eset.com/kb6541/?locale=en_US&viewlocale=en_US

@jalcorn Are you an ESET customer outright or are you cutting over from SCEP for Mac?

@andrew.nicholas I have Jamf installing the agent and then ESET sees the agent but no app and then installs it.

@jalcorn Thanks for responding. Did you work with ESET as a vendor directly and thus got the ERA or did you claim the ESET licenses and app installer per Microsoft on their decomming of SCEP for Mac (rebranded ESET)?

@andrew.nicholas Im not sure if i understand. We have never used SCEP, we have only used eset.

@jalcorn Thanks, that helps confirm what I thought. Microsoft and ESET are offering users a free year of the client as Microsoft is EOLing SCEP for Mac at the end of the year, however it appears to be only the client and there are no real configuration or deployment options available to the installer.

@andrew.nicholas ahh okay. Yeah there full suite is worth it.

@andrew.nicholas I'm in the same situation as you, moving from SCEP to ESET. I haven't found a way to configure it or suppress prompts like the one below

@a.simmons : To configure it you should run the 'business' installer, select the remote option and configure it as needed. This will produce setting files (/tmp/esets_setup.dat and /tmp/program_components.dat) you ship with the installer (or create by a pre-pre-install script). I did so, but still get the same pop-up about 'New network connection' :( So I am not sure whether my config was not taken, or whether this is a feature that can not be configured.

I find it very hard to find mac related info on the ESET website, and in particular anything related to remote install without using their Remote Admin Console.

@mschroder I've had a rather long email thread with their support and the culmination is that customization of this product without the ERA is not possible. Logic would dictate that since options can be changed manually when running the GUI installation then there must be a command line method of doing so, but I've not been able to come up with anything yet.

@andrew.nicholas That is an interesting message, makes me wonder what the famous program_components.dat is good for. I don't think we want to go for the ERA, but seems we have to have another look before deciding on that.

Just found this article on migrating from SCEP

https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and-migrating-from-scep/

Looks like I need to retract some of my previous statements. I contacted them once more about ERA and ESMC and just got a message back from support that "... you already have business license, those products are already available to you." So it appears to be something available once you claim your license(s).

I am trying to use the ESET Add Token tool, to apply the license key to the .pkg, but keep getting the error "./add_token: command not found"

Followed the instructions to the letter (I think) but not getting anywhere.

Advice please, where an I going wrong?

Thanks

@sdunbar You have set the 'execute' bit for the script, right?

Hi @mschroder

All I did was put both the .pkg and the downloaded tool in the same directory and did the below, so I would say no I have not set the execute bit?

In the terminal run the command: ./add_token ees_osx_en_0.pkg "1111-1111-1111-1111-1111" Run the command in the directory where you saved the installation file and add_token file. Replace 1111-1111-1111-1111-1111 with your ESET license Key. Replace ees_osx_en_0.pkg with your installation file name.

Update:
My mistake, sorted now, thanks

I was able to get it activated by cd /Applications/ESET Endpoint Security.app/Contents/MacOS then running esets_daemon --wait-respond --activate key=XXXX-XXXX-XXXX-XXXX-XXXX

Hello folks,

Ahh ESET... yep you can capture settings for it then apply/import them as part of deployment and you don't need their ERA solution to do it - I really didn't want to go through having to configure another on-prem service.

Basically, the "system level" stuff is stored in /Library/Application Support/ESET/esets/cache/data/settings.json and the "user level" bits (like suppressing the GUI prompts/notifications) are in ~/.esets/gui.cfg

The system level stuff is different from how it used to be managed in good old SCEP - it can be exported/imported using the GUI or esets_daemon.

The user level settings can be modified granularly using the esets_set utility in the app bundle itself, or you can just replace the entire file with one containing your preferred settings in the logged in user's context and force a reload of the esets_gui process for them.

I've documented all of the above in more detail on my blog post.

The add_token tool is working for me but you have to set it executable before you run it - i.e:

chmod +x /path/to/add_token

I'll add that little nugget to my post at https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and...

It's also worth registering for an EBA account to keep track of your license usage.

When exporting the configuration file right from ESET what file extension should that use?

Following https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and-migrating-from-scep/

@tkuhn it doesn't matter whether you use an extension or not for the exported settings file.

@neil.martin83 I am looking to use your Extension Attributes for ESET (the ones for SCEP were very useful thanks).

I am not getting any result, I have changed ESET Endpoint Antivirus.app to ESET Endpoint Security.app as that is what we are using, but no joy.

Am I missing something obvious?

@sdunbar I haven’t touched Endpoint Security so have no idea. What’s in the app bundle Contents/MacOS directory? Is esets_daemon there?

@neil.martin83 Yes it is there, along with esets_set and quite a few others.

@sdunbar could you please post the output of

esets_daemon --status

Cheers!