Just to add an update to this thread to say that it IS possible to create an MSI package for the setup EXE (McAfee Endpoint Encryption for PC).
I originally tried to repackage McAfee's setup EXE into an MSI which just installed the files and registry entries that the EXE does but this was unsuccessful. The reason for this was due to the fact that the setup EXE appears to do some kind of additional bespoke processing like locating the SAFEBOOT server on the network and also retrieving the hard disk boot partition / signature (and probably a bunch of other things behind the scenes too).
I therefore did what mrgui suggested and just wrapped McAfee's setup EXE inside an MSI package which then gets fired up by the MSI package. I also added some additional custom actions (via a custom action DLL inside the MSI) which monitors the setup EXE dialogs and automatically selects the option not to reboot and then the Finish button so the setup EXE dialogs are fully completed as if the setup was being run manually. This avoids the setup EXE dialog requiring any user interaction which in a Group Policy rollout would be no good.
Our infrastructure guys have now successfully rolled out this MSI package to a number of laptops on our network using AD Group Policy.
out of interest, why did you do the custom actions? You could have just ticked the silent install box when you created the install set?
It is possible to wrap the files up in an MSI, you need to set some registry keys though (in the .srg files) and may need to run some helper dll calls. You can get help with this from the professional services group of McAfee, but it's an uncommon thing to do. As you found, most people just wrap up the EXE, or even just a call to run it from some shared location.
OK, I wasn't actually aware of this. Breakdown in communications I guess. Our infrastructure guys simply just gave me a setup EXE (which I assumed was created and supplied by McAfee) and asked me to create an MSI package for it. I wasn't aware that they themselves were the ones who created that EXE (i.e. from the "install set creation" that you seem to be refering to) :rolleyes:
Thanks for letting me knoe anyway.
It would have been nice if our infrastructure guys hads actually told me this in the first place as it would have saved me a few hours of work but I guess the main thing is that we do now have a working solution that can be rolled out via an AD Group Policy.