7.2 Installing and Uninstalling the ZENworks Security Agent

The following sections contain more information:

7.2.1 Installing the Endpoint Security Client 3.5

Before you begin:

  • Verify that all security patches for Microsoft and anti-virus software are installed and up-to-date. The Endpoint Security Client 3.5 software can be installed on Windows XP running Support Pack 1, 2, or 3 and on Windows 2000 running Support Pack 4.

    NOTE:Some features, like encryption, are not supported on Windows 2000.

  • Novell recommends that antivirus/spyware software that is interacting with valid registry functions be shut down during the installation of the Endpoint Security Client 3.5.

  • The Managed Endpoint Security Client requires SSL communication to the ZENworks Endpoint Security Management Service component. If you selected “self signed certificates” during the Management Service or the Single Server installation, the endpoint running the Security Client must have the certificate installed in the proper context (preferably in the local computer context).

    To do this automatically, place the ESM-MS.cer file in the folder along with the Endpoint Security Client installer’s Setup.exe file. Optionally, you can copy the entire ESM Setup Files folder from the Management Service installation (or Single Server installation) into the folder with the Endpoint Security Client installer Setup.exe (ensure that the ESM-MS.cert is in the ESM Setup Files folder and the folder is named ESM Setup Files). This automatically installs the certificate onto the machine (for example, for all users). This process can also be done with the Novell license.dat file.

For installation instructions, see Endpoint Security Client 3.5 Installation in the ZENworks Endpoint Security Management Installation Guide.

7.2.2 Uninstalling the Endpoint Security Client 3.5

The following sections provide instructions for performing an attended uninstall and an unattended (silent) uninstall:

Preparing a Machine for Client Uninstallation

Before uninstalling the Security Client on a machine, you should do the following:

  • Distribute a simple policy to the machine. Policies that globally disable Wi-Fi functionality also disable any communication hardware, and storage devices can leave the hardware disabled following uninstallation, requiring you to manually re-enable each device.

  • Eject the wireless card prior to uninstallation, switch off the Wi-Fi radio, and close all software with a network connection (for example, VPN or FTP software).

Performing an Attended Uninstall

To uninstall the Security Client, do one of the following:

  • Click Start > Programs > Novell > ZENworks Security Client > Uninstall ZENworks Security Client.

  • Run the setup.exe program using the following command syntax:

    setup.exe /V"STUNINSTALL=1"

  • Run Windows Installer using the following command syntax:

    msiexec.exe /x {C1773AE3-3A47-48EB-9338-7FF2CDC73E67} STUNINSTALL=1

To specify the uninstall password when using setup.exe or msiexec.exe, use the STUIP=password option. For example:

setup.exe /V"STUNINSTALL=1 STUIP=removeZESM"

Performing an Unattended (Silent) Uninstall

To perform a silent uninstall the Security Client, do one of the following:

  • Run the setup.exe program using the following command syntax:

    setup.exe /s /x /V"/qn STUNINSTALL=1"

  • Run Windows Installer using the following command syntax:

    msiexec.exe /x /qn {C1773AE3-3A47-48EB-9338-7FF2CDC73E67} STUNINSTALL=1

If the Security Client requires an uninstall password, use the STUIP=password option. For example:

setup.exe /s /x /V"/qn STUNINSTALL=1 STUIP=removeZESM"