Kaseya Community

ESET MSP install via agent procedure.

This question has suggested answer(s)

I am trying to push the ESET MSP through a procedure.

I can get the push to install on a PC that doesn't have UAC, without issue.

But, if UAC is turned on, it won't let me.

If I impersonate user, as a local admin account we have, I see if running through the procedure, but it is trying to download the MSI file to C:\windows\system32.

In the event logs, I see msiexec trying to call the MSI, but failing because the file is not found.

I am wondering if it is failing to download to that location, because it's the system32 directory?

Also, should impersonate user bypass the need for UAC?  Or, is the file not downloading because of the UAC?

All Replies
  • Try using the system account to bypass UAC and install ESET. If that does not work disable UAC, reboot, install, re-enable UAC and reboot it again.

    The download issue will depend on where you getting the file from and how you are downloading it, (UNC path, web server, Kaseya server etc...).

  • Maybe this could help you :

    function Test-RegistryValue {
    param(
    [Alias("RegistryPath")]
    [Parameter(Position = 0)]
    [String]$Path
    ,
    [Alias("KeyName")]
    [Parameter(Position = 1)]
    [String]$Name
    )
    process
    {
    if (Test-Path $Path){
    $Key = Get-Item -LiteralPath $Path
    if ($Key.GetValue($Name, $null) -ne $null)
    {
    if ($PassThru){Get-ItemProperty $Path $Name}
    else{$true}
    }
    else{$false}
    }
    else{$false}
    }
    }

    function Disable-UAC{
    $EnableUACRegistryPath = "REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System"
    $EnableUACRegistryKeyName = "EnableLUA"
    $UACKeyExists = Test-RegistryValue -RegistryPath $EnableUACRegistryPath -KeyName $EnableUACRegistryKeyName
    if ($UACKeyExists)
    {
    Set-ItemProperty -Path $EnableUACRegistryPath -Name $EnableUACRegistryKeyName -Value 0
    }
    else
    {
    New-ItemProperty -Path $EnableUACRegistryPath -Name $EnableUACRegistryKeyName -Value 0 -PropertyType "DWord"
    }
    }
    
    
    Write these line in a ps1 file then execute it with a powershell state
  • HardKnoX, sorry for posting in an odd location but I'm new and I don't see any way to message you.  In a previous (now closed) thread you mentioned a script which will do something similar to what I'm after.  I want to disable after-hours monitoring of non-critical servers.  Sounds like the only way to do this is to have the alert trigger an agent procedure.  The agent procedure will check the time and determine whether or not to perform the action (in my case sending an e-mail) based upon the time.  Will you please show me how this is done?

    Thank you!

  • Thanks for the suggestions.  It looks like it might be an issue on the EMU-CCI.exe.  

    I've tried UAC bypass, but it still doesn't download.  The account I am using is a system account, so maybe there are environment variables that aren't being set as this account....