McAfee Agent Installation with Patch Manager

Is the installer for the McAfee agent an .MSI, .EXE, or .MSP?  If so you could build a package for it and publish it into WSUS or SCCM with Patch Manager.

Hi Kellytice,

Thanks for your response. Te McAfee agent is an .exe file. All the documentation I've seen on Patch Manager refers to MSI files.

If it is an .EXE then you can build a package for it and publish that into WSUS or SCCM.

The biggest learning curve when building your own packages is defining the rules that are (mostly) used to determine applicability of the update for any given targeted machine.  You  can usually look at some of the packages that SolarWinds provides to get a feel for what types of things are being checked for.

In a nutshell the rules that need to be defined are:
Prerequisite - these rules are the high level "weed out' rules.  They usually make sure that the target machine is at least a certain Windows version, or that it is a certain language, or that it is a certain processor type.   You would generally have at least one such check in this set.  If the net returned value of the rules evaluated here is False, then the machine will stop evaluating the update right then (e.g. it will be noted as "Not Applicable" and be skipped) and not move on to evaluate the other rules.

Applicability - these rules usually go a little deeper into the target machine.   You could use a file check or a registry check to make sure a file exists on the target machine and/or (more commonly) you could check a file or registry value to see if the software that is attempting to be deployed is already on the target machine.   If the software is there, the rule here could make sure the version on the machines is less than the version your package is trying to install.  If it is already there at the same or later version it would be considered "Not Applicable".

Installed - the installed rule just determines if this particular version of the software is already on the machine.  It is mostly used to report to WSUS "hey i already have this update".   This ruleset is often the same ruleset used for Applicability - except that the check here is for "equal to" instead of "less than".

As long as you can wrap your head around the concepts of those rules and the process of creating those rules you should be OK.

This blog talks a bit about all this: Deploying Custom Packages with Patch Manager

and this video also shows the process of building one:   Package Creation Using SolarWinds Patch Manager - YouTube

side note:   the .EXE would also need to support running silently.   In the package editor/builder, there is an option to specify the command line option(s) to make that happen.

Thanks. I ended up deploying the old agents from the EPO, which works for 90% of the affected machines and manually installed on the remaining 10%. How I followed your recommendation to deploy other custom packages to the same group of computers.

Thanks again.