If Active Directory is used in your customer's infrastructure, you can deploy Kaspersky Endpoint Security for Windows on multiple devices simultaneously.
The procedure in this section contains a pre-configured logon script. This script runs automatically every time a device starts up and checks whether Kaspersky Endpoint Security for Windows installation has been started on the device. If it has not been started, the script runs the installation in silent mode.
To deploy security applications on multiple Windows devices by using Active Directory:
We recommend that you select a folder for which the full path does not contain space characters.
If the package name contains spaces, remove them or change them to the underscore (_) character.
set SHARE_PATH=<path to distribution package>
set PACKAGE_NAME=<name of distribution package>
set __KESCLOUD_KEY_NAME="<name of registry entry>"
REG QUERY %__KESCLOUD_ROOT_KEY% /v %__KESCLOUD_KEY_NAME% | FIND "0x1"
IF %ERRORLEVEL% == 1 GOTO INSTALL
REG ADD %__KESCLOUD_ROOT_KEY% /v %__KESCLOUD_KEY_NAME% /t REG_DWORD /f /D 1
<path to distribution package>stands for the actual path to the shared folder with the downloaded distribution package. We recommend that you avoid using quotation marks.
<name of distribution package>stands for the actual name of the downloaded distribution package. We recommend that you avoid using quotation marks.
"<name of registry entry>"stands for the name of the registry entry that is used to confirm that the installation has been started. You can specify any name that contains numeric and Latin characters. We recommend that you use the Kaspersky Endpoint Security for Windows version number in quotation marks.
In a similar way, you can associate the created group policy object with an organizational unit or a site.
After the security application is installed, the added Windows devices appear in the Devices list. The security profile named Default is applied to these devices.Page top