Data Loss Prevention

I'm wondering what the best way is to handle installs\reinstalls of DLP (12.0) onto our associate population.  We seem to be having an issue with our current package where it will install and somehow uninstall itself. 

We use SCCM as our main distribution of the software and I was wondering what experieces others have had when deploying.  What type of executable did you run, where there scripts involved?

Thank you for any answers provided.

Zach,

I assume you are talking about how to install the DLP agents?

SCCM would use the MSI packages that are deployed with the DLP platform. The Agent zip file already has all of the batch files you need to install the 12.0 agents.

The only thing you will need to do is configure the DLP Endpoint server hostname that the agents are supposed to connect to.

msiexec /i AgentInstall64.msi /q INSTALLDIR="C:\Program Files\Manufacturer\Endpoint Agent\" ENDPOINTSERVER="hostname" KEY="" UNINSTALLPASSWORDKEY="" SERVICENAME="EDPA" WATCHDOGNAME="WDP" ARPSYSTEMCOMPONENT="1"

The rest of the settings are optional.

Keep in mind that you will need to install this agent with ELEVATED permissions. Windows 7 is very picky about this.

I have attached the batch files that you would use as part of deploying the agents

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak

Attachment(s)

install_agent.bat_.txt   207 B 1 version

install_agent64.bat_.txt   209 B 1 version

Those are what we currently use for our pushes.  The main issue I'm seeing is durnig the the reinstall is an issue with the TDI driver being marked for deletion and requiring a reboot, which doesn't continue the install after.

We've also seen it where a reboot doesn't remove the TDI driver and we can't push a reinstall.

Zach,

When it comes to upgrading the agents, you will need to test this to see if it is an upgrade or a reinstall. It is different for all of the agents.

Make sure to test this before you push it out to all endpoints.

In MOST cases dot releases require the upgrade script, though in some cases it will need a UNINSTALL and a REINSTALL. For example a recent HOTFIX for the Agent requires a FULL uninstall and then a reinstallaion of the agent... it happens.

Is this is happening also when you do this manually I would definately open a SYMC case.

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak

I'd say this is more in regards to pushing reinstalls to computers having issues than it is to upgrading the agents.

Zach,

Hence the testing required.

When you uninstall the agent I would reboot the computer, this would then allow the driver to be deleted.

Then have the agent reinstall.

This is why you may need to have the uninstall script run .. then reboot.. then reinstall, you may even need to reboot again.

Unfortunately this is not always an issue with the agent, but it is with Windows OS's. Windows is notorius for locking files and not allowing them to be removed until a service is stopped, which may require the reboot.

If you thing it's an agent issue.. I would definately open a SYMC case.

Hope this makes sense.

If this solves your questions please marked as solved.

Ronak