About implementing a silent installation for Windows
The Symantec Protection Engine silent installation feature in Windows lets you provide the installation parameters on the command line before you run the installation. If you do not specify a value on the command-line, the default value is used.
Input values on the command line lists the input values that you can use on the command line for the silent installation.
Input name | Description |
|---|---|
RPC_NAS | Type of the NAS device. Possible values are as follows:
|
NAS_DEPLOYMENT | Possible values are as follows:
|
INSTALLDIR | The location to install Symantec Protection Engine. The default location is \"c:\Program Files\Symantec\Scan Engine\" for Windows platform |
AUTHENTICATIONMODE | The authentication mode for accessing Symantec Protection Engine console. Possible values are as follows:
|
ENABLE_LDAP_AUTHENTICATION | The authentication mode for accessing Symantec Protection Engine console. Enables or disables the Windows Active Directory-based authentication in Symantec Protection Engine. It is used for authentication with REST API service. The same authentication mode is used to configure the Symantec Protection Engine console. Possible values are as follows:
|
GROUP_NAME | The fully qualified security group name in the Domain\Groupname format. This parameter is required when the authentication mode is set to Windows Active Directory-based authentication. During installation if value is not entered for this parameter, then you must go to configuration.xml and enter a valid security group name in correct format. |
ENCRYPTED_PASSWORD | The encrypted password for the administrative account that you use to manage Symantec Protection Engine using the Symantec Protection Engine-based authentication. This parameter is required when the authentication mode is set to Symantec Protection Engine-based authentication. The default password is ChangeMe@123 . |
USERUPGRADESELECTION | Specifies that the installation is an upgrade. Possible values are as follows:
|
ADMIN_PORT | The port number on which the Web-based console listens. The default port number is 8004. |
SSL_PORT | The Secure Socket Layer (SSL) port number on which encrypted files are transmitted for increased security. The default port number is 8005. |
ENABLE_URL_FILTERING | Enables URL Filtering and downloading of the URL definitions. Possible values are as follows:
|
ENABLE_URL_REPUTATION | Enables URL Reputation Possible values are:
|
SSE_SERVICE _ACC_PWD | The password for the service account if the previous Symantec Protection Engine's service account is not Local System. This parameter is valid only for an upgrade where you preserve your existing settings. When you install Symantec Protection Engine the service does not start if this parameter is incorrect. Once the installation is complete, you should type the correct service account password and start the service manually. |
UPDATE_SERVER | Enter the LiveUpdate server name or IP address to which you want to connect. This parameter is valid only for an upgrade where you preserve your existing settings. The default value is liveupdate.symantec.com. |
UPDATE_SERVER_PORT | Enter the LiveUpdate server port number. This parameter is valid only for an upgrade where you preserve your existing settings. The default value is 80. |
UPDATE_SERVER_PATH | Enter the directory path on the LiveUpdate server that contains the LiveUpdate packages. This parameter is valid only for an upgrade where you preserve your existing settings. If you do not specify a value, the default is blank. |
UPDATE_SERVER_PROXY_NAME | Enter the LiveUpdate proxy server name or IP address. This parameter is valid only for an upgrade where you preserve your existing settings. If you do not specify a value, the default is blank. |
UPDATE_SERVER_PROXY_PORT | Enter the LiveUpdate proxy server port number. This parameter is valid only for an upgrade where you preserve your existing settings. The default value is 0. |
DEPLOYMENT | Enter the application type. Possible values are as follows:
|
APPLICATIONNAME | Enter the name of the application for which Symantec Protection Engine will be used. This parameter will be considered only if DEPLOYMENT value is 2 (Other Application) . |
INSIGHTAGGRESSIONLEVEL | Enter the Insight aggression level. Possible values are:
The Insight aggression level defines how sensitive the Symantec Insight ™ feature is to a file's reputation score. |
ENABLEJAVAUI | Lets you continue to use the Core server with user interface feature. This parameter is required only in case of preserve upgrade scenario. Possible values are:
The default value is, false. |
Enables URL Reputation Possible values are:
| |
ENABLERESTAPI | Enables/disables the REST API Service in SPE. true/false, true |
JAVA_INSTALL_LOCATION | Java location needed to start REST API service format. For Windows Valid path to java location along with java binary name e.g. "Java_install_location\bin\java.exe" By default, it is blank. |
RESTAPI_SERVICE_PORT | REST Service port. Integer value between 1 and 65535 The default value is 8008. |
LDAP_URL | |
LDAP_PORT | Active Directory Port. Integer value between 1 and 65535389 : default port for non-SSL LDAP636 : default port for SSL LDAP By default, 389 |
LDAP_BASE_DN | Active Directory Base DN. Base DN in string Example : dc=example,dc=com By default, empty. |
LDAP_GROUP_DN | Active Directory group DN. Group DN string Example:cn=testgroup,dc=example,dc=com By default, empty. |
LDAP_SSL_ENABLED | Enables/disables the secure connection with configured Active Directory server. true/false false |
- Make sure you provide 'JavaLocation' value in silent install parameter list when EnableRestAPI or EnableJavaUI value is set to 'true'.
- Requirement for ENCRYPTED_PASSWORD (on Windows) value: Hashed value of password needed.Password complexity rules are now implemented and now the password must meet below requirements:
- Minimum 8 characters and maximum 40 characters long
- At least one lowercase character (a through z)
- At least one uppercase character (A through Z)
- At least one numeral (0 through 9)
- At least one special character from !, @, #, $, %, ^, &, *
If this password parameter is not provided during the silent installation, default password is set to 'ChangeMe@123'. It is recommended to change this password after the installation. - Applet-based Java UI is now deprecated and will not be enabled by default during the fresh or clean upgrade installation. During the preserve upgrade, if you have enabled Java Applet based UI, you are prompted to specify whether you want to enable or disable this feature.