4 Replies Latest reply on Jan 26, 2017 5:10 AM by catdaddy

    Scripting Deployment


      Hello all - I manage much of computer deployment thorugh powershell scripts including setting up .ini files, running our inventory management, etc.  Generally one of the steps done afterwards is to deploy VSE through ePO.  I was wondering if there would be a way to just script that along with everything else.



        • 1. Re: Scripting Deployment

          Just an idea but one way that you could do this......


          1. Use a script to Install the Framepkg.exe that you can generate from ePO. This has all the communication security certificates so that a machine will automatically register straight into ePO on it's next ASIC and usually end up in the 'Lost and Found' folder if your not using AD syncronization.


          2. Use the ePO WebAPI to move the computer from the 'Lost and Found' folder to a 'deployment' folder. Basically a preconfigured folder that has pre-assigned deployment task to deploy VSE (or DLP or any product deployable from ePO). I use this method to manually manage my ePO estate. Rather than bother with assigning and unassign a task to individual machine i just drag a machine to a folder and send a agent wake-up and when it's done move it back.


          3. When the deployment job is complete (not quite sure how you could work this out, maybe by checking registry or something) use the webAPI to move it to it's final home in the system tree.



          In the webAPI the commands you would use would be system.find and system.move


          system.find searchText

          Find systems in the ePO tree by name, IP address, MAC address, user name, agent GUID or tag.  Returns a list of database ids that can be used as input to any of the system commands.

          Requires permission to at least one group in the System Tree

          searchText (param 1) - Search text can be IP address, MAC address, user name, agent GUID or tag


          system.move ids parentGroupId [autoSort]

          Moves systems to a specified destination group by name or ID as returned by system.find command.

          Requires System Tree edit permission

          [names (param 1) | ids] - You need to either supply the "names" with a comma separated list of names/ip addresses or a comma separated list of "ids".

          parentGroupId (param 2) - ID for parent group as returned by system.findGroups command

          autoSort (param 3) - If true, system is enabled for sorting. Defaults to false.


          From what i've read in other post in this forum it's possible to call the webAPI commands from the powershell


          https://community.mcafee.com/message/255491#255491 & https://community.mcafee.com/docs/DOC-4297


          Although he hasn't yet coded for the two commands i've suggested it means it is possible.

          1 of 1 people found this helpful
          • 2. Re: Scripting Deployment

            Thanks Tristan - that sounds somewhat involved but possible - I will about looking into it.

            • 3. Re: Scripting Deployment



              We are you using More than 20K Machines and i m looking for option Auto move (Machines) with Script. per day we have more than 100 Machines are coming under Lost & found.

              is there any option to move machines to respective groups. We are using the AD.


              1. For Example We have group structure  below.










              Under Lost & Found.


              Thanks for your help and reply.



              M.Mohamed Athick

              • 4. Re: Scripting Deployment

                Moved from Business to ePolicy Orchestrator (ePO)>Discussions

                For better exposure and assistance.

                If needed to be moved to (VSE) please apprise.