This video includes captions. If you would like to view a non-captioned version, please right click on the .mp4 file below.
This video describes the basic steps of deploying Symantec Endpoint Protection Small Business Edition 2013 with Active Directory on Windows Server 2003.
***********************************************************************************************************************************************
SCRIPT:
Welcome to this video on "Deploying Symantec Endpoint Protection Small Business Edition 2013 with Active Directory."
This video demonstrates the basic steps necessary for a successful Active Directory deployment from a Windows 2003 Domain Controller. You should tailor these steps to suit the requirements of your organization.
The Active Directory deployment of Cloud Endpoint Protection Agents has only a few steps:
· Download a properly-configured, redistributable package
· Create a Distribution Point on your Domain Controller
· Create a Group Policy Object for software deployment that is linked to your domain
· Verify the successful deployment
The first step is to download a properly-configured redistributable package for your active directory deployment.
To get started:
Log into your domain controller as Administrator
…and then…
Log into your Symantec.cloud account as an Administrator
Once you log in to the Symantec.cloud management console, use the Quick Tasks option to add a computer.
From the Add new computers or services page, select Endpoint Protection.
Download the redistributable package.
Save the package creator and then Run it.
Browse and create a destination for the package.
This location can become your network share for the Active Directory Group Policy Object.
Specific operating systems may be selected for the package. However, accepting all operating systems is recommended.
If a proxy is used on the network targeted for Active Directory Deployment, enter the proxy information.
Configuring the redistributable with proxy settings builds a package specific to that one network location.
Activating the check box for Active Directory creates the three files needed for deployment.
In this step you saw how to…
· Download the redistributable package
· Select a destination folder for the package
· Configure proxy settings, if necessary
· …and how to create a package for Active Directory deployment.
The next step is to Create a Distribution Point on your Domain Controller.
This is accomplished by creating a network share with the Active Directory redistributable package files. This enables your computers to get the software.
For this demonstration, we make the share available to Everyone. On your network, follow the rights assignment policies of your organization.
In this step you saw how to create a network share that becomes the distribution point on the Domain Controller for your Active Directory deployment.
In this step we Create a Group Policy Object for software deployment that is linked to your domain.
In this step, you'll see how to:
· Locate and open the Active Directory Users and Computers console
· Create and name a new Group Policy Object for deployment
· Edit the Group Policy Object to provide the location of the package MSI file
· Assign the package MSI to be deployed at logon in the Group Policy Deployment Properties
· ... and identify the MST file to be used for Modifications
To create your Group Policy Object you must open the Active Directory Users and Computers console to begin.
Right click on your domain...
And from the properties, add a new Group Policy Object to the domain...
Then give it a recognizable name.
The new Group Policy Object is added to the list and is available for use.
While still on the domain properties Group Policy tab...
Edit your newly created Group Policy Object to configure the redistributable software package for use in the Active Directory deployment.
You are going to add a new software installation package.
Browse to the network share that you created for the Active Directory deployment. The share contains the redistributable package files.
Select and open the MSI file for deployment.
In the Group Policy Object Editor, Deploy Software dialog box, select the Advanced option to configure the software deployment.
In the Group Policy Deployment Properties, select the Deployment tab.
On the Deployment tab...
You want the "Install this application at logon" option and need to make it selectable.
Even though "the Assigned" Deployment type is selected by default, you must click it to make the option available.
When you do that, you can activate the "Install this application at logon" option.
On the Modifications tab, you select the .mst file to customize the redistributable package.
Click OK to complete your Active Directory deployment configuration.
In this step, you saw how to:
· Locate and open the Active Directory Users and Computers console
· Create and name a new Group Policy Object for deployment
· Edit the Group Policy Object to provide the location of the package MSI file
· Assign the package MSI to be deployed at logon in the Group Policy Deployment Properties
· ... and identify the MST file to be used for Modifications
After configuring your Active Directory deployment, all that remains is verifying that your configuration works correctly on an endpoint computer.
Log into an endpoint computer as administrator, then force an immediate update of the Group Policy and restart the computer...
Group Policy updates run automatically based on the domain configuration. These updates ensure that a software package can be installed when a Group Policy is updated. In this example, the policy specifies the software be installed when users logon.
During the computer restart, the Windows splash screen displays installation information.
When you look at the Processes in Windows Task Manager, you that see the redistributable package and other Symantec.cloud components are running.
If you encounter any difficulties with your Active Directory deployment, navigate to the log files and take a look.
These are also the files that Support will request if you cannot solve the issue yourself.
The location of your log files may vary based on the Active Directory deployment method that you used.
In this step you saw how to:
· Force a group policy update for testing your deployment configuration
· Check Task Manager to verify that the Endpoint Protection applications are running
· And to locate the log files needed for troubleshooting….
This concludes the video, "Deploying Symantec Endpoint Protection Small Business Edition 2013 with Active Directory." In this program you saw the basic steps of how to:
· Download a properly-configured, redistributable package
· Create a Distribution Point on your Domain Controller
· Create a Group Policy Object for software deployment that is linked to your domain
· Verify the successful deployment
Thanks for watching.