Install McAfee EPO On Windows Vista Without Disabling UAC
April 13th, 2007 Posted in Technology, Windows Vista
It took some time and thinking, but I’ve finally discovered how to install McAfee EPO without having to disable User Account Control. Here’s the theory behind the solution: UAC effects all standard user and administrator accounts in Vista. The local System account has unlimited privileges and is NOT confined by UAC which makes it a perfect candidate for installing EPO. The trick is how to actually execute a command as System. My initial efforts included writing a VBscript to schedule the installation with at.exe which runs as System. Unfortunately in all of my testing, while the script would run, unfortunately the task would never actually get entered into the At queue of scheduled tasks. I then found Sysinternals psexec utility.
Psexec was designed to run programs on remote systems, but it works equally well to execute processes on the local system. Best of all, it has a flag to run an application under the local System account.
The first step was to copy the Framepkg.exe, Sitelist.xml, and psexec.exe to a folder on the local machine. You can download psexec and the rest of the sysinternals process tools from here. Next, create a batch file in the same directory with the following line in it:c:\path\to\psexec.exe /accepteula -i -d -s C:\path\to\FramePkg.exe In the command, \path\to should be replaced with the path you will be copying the files to. Psexec takes four flags in this step, -i tells it to run the command interactively, -d tells psexec not to wait for the installation to finish before exiting, and -s tells it to run as the local System account, /accepteula bypasses the intermediary EULA screen.
/Install=Agent /ForceInstall /SiteInfo=”c:\path\to\Sitelist.xml”
Now all that remains is to package the whole thing as an executable. I chose to use Symantec’s Auto Installer Builder that comes with Ghost, but there are plenty of alternatives out there. The executable just needs to copy the directory with the executables and the batch file in it to a local path, and then execute the batch file. Windows will recognize the resulting executable as something which requires administrative privileges, and will automatically prompt the user to allow it to run as an administrator. At this point, the EPO installation proceeds normally just like it used to do in XP.
There is one catch … If you do this on a machine that already has an installation of EPO, the installation will eventually throw up an error message that says it wasn’t successful. After investigating the logs, it turns out that it errors out during the removal of the current version which is due to Vista holding onto some .dll files and not allowing them to be deleted. They are scheduled to be deleted on the next reboot however; so if this happens to you, all you need to do is reboot after encountering this error and then run the installation again, and it will finish the installation successfully the second time.
tags: mcafee,epo,epolicy orchestrator, uac, vista, windows vista, aibuilder, autoinstaller builder, psexec, sysinternals, system account
2 Trackback(s)
Story Pulse
3,401 total reads, averaging 6 daily
stats powered by bsuite
Incoming searches for this post: system (17) - framepkg vista (13) - FramePkg.Exe (10) - framepkg+vista (5) - mcafee epo vista (5) - framepkg.exe vista (5) - psexec without eula (5) - framepkg (4) - cache:xnTQggYoA-sJ:neverblog.net/automated-epo-install-on-windows-vista/ epolicy vista (4) - mcafee windows vista (4) - epo mcafee windows vista (3) - mcafee framepkg vista (3) - how to disable mcafee 2007 (3) - disable mcafee vista (3) - Sitelist.xml ePo server entry (3) - epo vista (3) - mcafee vista install (3) - mcafee vista install error (3) - sitelist.xml (3) - what is FramePkg.exe (3) - vista epo (3) - mcafee+windows+vista+install (3) - epo agent vista (3) - "Mcafee windows vista" (3) - mcafee epo on vista (2) - epo orchestrator for vista (2) - mcafee framepkg.exe (2) - mcafee framepkg forceinstall (2) - how to disable mcafee in vista (2) - psexec framepkg (2) - mcafee windows vista (2) - mcafee framepkg (2) - vista administrator mcafee (2) - vista epoagent (2) - "epo server entry" (2) - installing mcafee on vista (2) - mcafee install error (2) - how to install mcafee on vista (2) - disable mcafee in Vista (2) - epo agent for vista (2) - framepkg.exe /siteinfo (2) - FramePkg install error (2) - mcafee 2007 vista error (2) - mcafee vista epoagent (2) - disable epolicy (2) - mcaffe vista (2) - framepkg.exe for vista (2) - framePkg for vista (2) - Error Installing Mcafee Vista (2) - mcafee vista path (2) - mcaffe windows vista install (2) - how to install the EPO (2) - mcafee downloader error vista (2) - vbscript disable uac (2) - McAfee FRAMEPKG.EXE VISTA (2) - epo sitelist.xml (2) - mcafee install vista (2) - framepkg.exe mcafee vista (1) - "run as the local system" (1) - all (1) - epo agent wont install mcafee on vista (1) - epo orchestrator vista (1) - FramePkg.exe install Vista (1) - How to install mcafee 2007 vista (1) - install mcafee onto windows vista with epo (1) - local system account vista (1) - local system account vista users suck (1) - mcafee Framepkg.exe install Path (1) - mcafee vista administrator (1) - psexec.exe under sysytem account (1) - vista error deploying mcafee (1) - epo mcafee vista (1) - mcafee framepkg.exe windows vista (1) - vista epo mcafee (1) - MCAFEE VISTA FRAMEPKG (1) - vista c: error administrator (1) - command sitelist.xml mcafee (1) - framepkg.exe /install=agent /forceinstall /siteinfo= (1) - mcafee vista (1) - Alcibiades Would Never Blog (1) - epolicy mcafee vista (1) - "McAfee+Windows+Vista" (1) - disable scheduler in McAfee ePolicy Orchestrator (1) - mcafee installer windows epo vista (1) - vista mcafee framepkg (1) - deploying McAfee epo (1) - epo install agent (1) - framepkg error during installation (1) - successful installation of mcafee on vista (1) - disable mcafee on vista (1) - Disabling Mcafee on Vista (1) - mcafee 2007 iso (1) - mcafee wont run on windows vista (1) - McAfee epo agent install error (1) - framepkg.exe install path (1) - Framepkg.exe not installing (1) - mcafee + framepkg + vista (1) - Wait Psexec accepteula (1) - install framepkg.exe remotely (1) - install mcafee total vista (1) - mcafee windows vista install (1) - vista framepkg (1) - mcafee framepkg +vista (1) - how to "disable mcafee 2007 " (1) - my mcafee wont install (1) - framepkg install (1) - ePoAgent und Vista (1) - "disable mcafee 2007" (1) - cache:xnTQggYoA-sJ:neverblog.net/automated-epo-install-on-windows-vista/ CMA process vista (1) - how to install mcAfee 2007 (1) - mcafee+windows+vista (1) - psexec accepteula (1) - ePO-Mcafee (1) - how to install mcafee onto windows vista (1) - install mcafee user accounts (1) - epo vista install uac (1) - install mcafee in vista (1) - disabling mcafee (1) - UAC McAfee EPO (1) - ePO/McAfee (1) - disable epolicy orchestrator agent (1) - download mcafee EPO (1) - mcafee windows vista disable (1) - vista automated run as administrator (1) - what is framepkg (1) - to install mcafee using psexec (1) - mcafee installer vista (1) - McAfee & vista install (1) - "user account control" "disable mcafee" (1) - mcafee/windows vista (1) - framepkg vista install (1) - Install VBScript for Vista (1) - mcafee agnet install batch (1) - VISTA WONT INSTALL MCAFEE (1) - framepkg /forceinstall (1) - install epoagent windows vista (1) - using mcafee with windows vista (1) - windows vista EPO error (1) - how to install mcaffe on vista (1) - install mcafee vista (1) - mcafee epo vbscript (1) - download mcafee epo for windows vista (1) - Installation errors with McAfee and Windows Vista (1) - framepkg mit vbscript (1) - mcafee deleted psexec.exe (1) - mcafee vista update (1) - "mcafee 2007" vista installing (1) - ?SiteList.xml mcafee vista (1) - error Framepkg.exe (1) - framepkg.exe siteinfo (1) -