/build/static/layout/Breadcrumb_cap_w.png

ActivClient 7 Installation on Windows Server 2012 R2 servers

If you are having problems installing ActivClient 7 on your Windows Server 2012 R2 servers, here are the steps I followed for a successful install:

1. login to the targeted sever using system administrator credentials (but not local admin)

2. from Programs and Features, uninstall old ActivClient

3. delete ActivIdentity folder from Program Files

4. schedule a retart for after hours (if this is a production server) - else reboot now

5. move the targeted server to a special OU so it can receive a custom Group Policy registry setting for WinTrust:

    HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Provider\Software\Publishing\State:  0x00023C00

6. login to targeted server again

7. run GPUPDATE

8. if McAfee AV is installed and running, open the VirusScan Console, unlock the interface, and disable Access Protection, On-Delivery Email Scanner, and On-Access Scanner

8. if McAfee HIPS (Host Intrusion Protection System) is installed and running, open the HIPS console (McAfeeFire.exe), unlock the interface, clear the two checkboses for Enable Host IPS and Enable Network IPS, then click APPLY (important to click apply!)

9. stop and disable the 3 McAfee related services, McAfee Host Intrusion Prevention Ipc Service, McAfee Host Intrustion Prevention service, and McAfee McShield

10. copy your ActivClient7 installation folder to the desktop

11. install Activclient7 x64

12. install the x64 Hotfix (should be in your package...else obtain from HID Global)

13. install the Device Installer (should be in your package...else obtain from HID Global)

14. open the HIPS console, put a checkmark in the two boxes you cleared previously, then click APPLY (important to click apply!), then LOCK the interface

15. open the AV console, re-enable the three tasks that you disabled earlier, then LOCK the interface

16. reset the three services that you disabled earlier (set to Automatic then Start)

17. schedule another reboot for after hours (if this is a production server) - else reboot now

18. move the targeted server back to its original OU

19. after reboot, sign in to targeted server as server admin, run GPUDATE, and remove the install package from the desktop

20. logout and test login to targeted server with a smart card


Posted 8 years ago 11497 views

Comments

  • Forgot to mention, remove all smart cards during ActivClient 7 installation. - MelvinJ 8 years ago
  • Do not login to server using a smart card when ready to install ActivClient 7. - MelvinJ 8 years ago
This post is locked

Posted by:

MelvinJ White Belt
Ninja since: 8 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login
Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ