How to deploy the components of McAfee Agent using Group Policy?

25 February, 2019

The deployment of the components of McAfee Agent using group policy is best done when the components are extracted from framepkg.exe. It does not support the use of User Configuration and works best with Computer configuration.

The components required for this are FramePkg.exe from the ePO(ePolicy Orchestrator) server (with the default installation path being C:\Program Files\McAfee\ePolicy Orchestrator\DB\Software\Current\EPOAGENT3000\Install\0409\FramePkg.exe), a tool like WinZip that helps in file archive extraction and Orca.msi. It can be extracted from Microsoft SDK download.

In order to enable the GPO, you need to fist extract all contents from FramePkg.exe, to do that, first create a folder by the name of FramePkg, and then use the tool called file archive extraction to extract al contents from Framepkg.exe and shift it to the folder you just created. Srpubkey.bin, Sitelist.xml, FrmInst.exe, cleanup.exe, reqseckey.bin, MFEAgent.msi are the files that should be in the folder after the completion of the extraction.

The next step involves modifying MEFAgent file. In order to ensure that the agent installation is successful, MFEAgent.msi contains several options. There is only one route that can be taken if you wish to modify this file. This route assumes that the user is familiar with the use of ORCA and with modifying MSI files. The route to take is;

1. Start > Run> type Explorer > OK
2. Navigate the new folder you previously created
3. Right click MFEagent.msi> Edit with Orca > Custom Action
4. In the Column titled Action, right click on AdvertisementError>Drop Row> Property
5. On the right side of the window, right click anywhere and click Add Row
6. For Property, right click ADDLOCAL > OK
7. For Value, type Main Agent > OK
8. Select Add Row after you Right click anywhere on the right side.
9. For property, type Reboot > OK
10. For Value, type R > OK
11. Select Add Row after right clicking on the window’s right side.
12. For Property, type PRESERVEREPOSITORIES > OK
13. For Value, type True > OK
14. Select Add Row after right clicking on the window’s right side.
15. For Property, type FRMINSTLOGFILE > OK
16. In order to contain the log of installation. Type the file’s complete name and path for Value > OK
17. Select Add Row after right clicking on the window’s right side
18. For Property, type SITEINFO > OK
19. Type UNC path to SiteList.xml > OK

Once the process in complete, the path will point towards the location of network that contains FramePkg. It is vital to keep in mind that the any system that is to receive the MA deployment discussed above has access to this location. Close Orca after saving the file and cope the folder titled FramePkg to the above specified network location.

Lastly, create the GPO. For this, follow the below mentioned steps:

1. Computer configuration > Policies > Software Settings
2. Right click on Software Installation > New, Package
3. Select the file MFEAgent.msi from the FramePkg folder when you see a prompt for package.
4. For Deployment method, choose Assigned and assign it to OUs (organizational Units) that need to be deployed. Finally, reboot all computers.

This will lead to the deployment of all the computers at the time of next client system restart.