Symantec Endpoint Protection 12 - setAid.ini
I'm looking for detailed documentation for the setAid.ini file that is created when an installation package is created on the SEP Manager. I'm looking specifically for information on the OptOutRepSubmission parameter.
I tried putting =1, =0 or even putting a ";" in front of it so that it would not be taken into account when installing. Whatever setting I choose, I do not see any difference in the log file produced by the MSI installation. It seems that this parameter is irrelevant. I want to be sure that my 10,000 SEP clients do not send anything to Symantec directly.
Thank you.
Syl
Answers (5)
I have already seen that documentation, it is part of the Symantec Endpoint doc. It only describes how to designate the features that have to be installed. I need doc on the other stuff, like the following:
[CUSTOM_SMC_CONFIG]
InstallNewInstanceOnly=0
InstallUserInterfaceLevel=s
KeepPreviousSetting=1
InstallationLogDir=%TEMP%\SEP_INST.LOG
DestinationDirectory=
LaunchIt=1
AddProgramIntoStartMenu=1
OptOutRepSubmission=0
UIRebootMode=0
RebootSchedule=LATER
AutoReboot=false
RebootRandomize=true
etc...
Thanks.
Syl
Comments:
-
Have you tried passing this in command line?
OPTOUTREPSUBMISSION = 0
ADDSTARTMENUICON = 1 - jagadeish 12 years ago -
Yes, I tried it. The command line settings are overridden by the setAid.ini settings. - sylvain_langlois 12 years ago
-
If you export to a single .exe file, you cannot configure Setaid.ini. However, the file is automatically configured when you export Symantec Endpoint Protection client installation files from the console.
http://www.symantec.com/business/support/index?page=content&id=HOWTO55331
How are you deploying this? If you are using a GPO look at http://www.symantec.com/business/support/index?page=content&id=TECH105237&locale=en_US. - SMal.tmcc 12 years ago -
I'm deploying using Computer Associates Desktop and Server Management. We usually use the MSI file for deployment.
I have already looked at that article from Symantec, it's basically the same thing that is in the documentation that was linked by jagadeish.
I have looked around the console and I witnessed when the SEPM admin generated the installation package (according to my specifications) and nowhere in the interface did I see something about an option of reporting some data to Symantec. - sylvain_langlois 12 years ago -
If you get no where our sysmantec specialist is on Vacation till next week, email me and I will have him contact you to see if he has any insight. - SMal.tmcc 12 years ago
Configure your default group and any other group you have machines in within Symantec console to send a policy to all clients that sets these settings how you want. They should get the policy upon startup or within 15 minutes.
Comments:
-
Yes, I could do that. Still, I'd be intrigued to have some documentation on the different settings in setAid.ini, aside from the features. - sylvain_langlois 12 years ago
not much detail out there but look at:
Implementation_Guide_SEP12.1.pdf
Appendix B (Customizing and deploying the client installation by using third-party tools) starting on page 1003
Symantec recommends for questions like this is to join their group at:
additional assistance with SEP 12.1 here in its dedicated connect forum: https://www-secure.symantec.com/connect/SEP_12_Beta_Group
Might be a non-standard approach, but if I remember correctly the exe generated by the SEP server is nothing but a self-extracting archive containing an MSI installer. You could either analyze this MSI to identify the links between settings, properties and CA's that interpret the ini file, or even modify the MSI directly and run it instead of the exe installer..
Comments:
-
On the SEP Manager, we elected to have an installation package without compressing all the files into a setup.exe. So we have the setup, but also have a MSI file and the setAid.ini file. They are not compressed inside the setup. - sylvain_langlois 12 years ago
Is below link helpful? From page #117
http://www.scribd.com/doc/89837845/190/About-configuring-Setaid-ini#outer_page_121