Share via


Installing from a command prompt - specifying parameters

 

Applies to: Forefront Protection for Exchange

The following table summarizes the parameters that can be used when launching the extracted installer package (setup.exe) from a command prompt:

Parameter Description Requirements

/q

Silent installation – no output to screen

/a required

/c optional

/p

Passive installation – no prompts but displays progress

/a required

/c optional

/a PathtoAnswerFile

Specifies required answer file

Answer file required

Only valid with /q or /p parameters

[/c PathtoConfigFile]

Specifies optional configuration file

Configuration file required

Only valid with /q or /p parameters

Unpacking the installer

Before performing a silent or passive installation, you must extract setup.exe by typing the following command:

**forefrontexchangesetup.exe /x:**extractpath

Note

If you are typing an extract path containing spaces, you must enclose quotes around the path. For example:forefrontexchangesetup.exe /x:"c:\Forefront\Install Files"

Performing a silent installation

The silent installation enables the use of scripting when installing Microsoft Forefront Protection 2010 for Exchange Server (FPE). This type of setup produces no visible progress reports during the installation. All output is directed to the installation log, program log, or event log as appropriate. You can use the silent installation in order to run unattended and distributed installations on Exchange servers. The silent installation requires an answer file to be provided via the /a parameter. A template answer file that you can modify to suit your environment is provided in the installation package together with an XML schema (.xsd) that can be used to validate the resulting answer file. If a valid answer file is not provided, the installation terminates, and errors are logged. To view a sample answer file, see Sample answer file for unattended installations.

After extracting the setup package (For more information, see Unpacking the installer), you can launch the silent installation with an answer file by typing the following:

setup.exe /q /a PathtoAnswerFile

The answer file contains answers to all questions presented during the installation. It is a required parameter. Optionally, you can specify the /c parameter, which additionally lets you import configuration settings to the server after the installation is complete: These are settings that were exported from another server. The following is the syntax:

setup.exe /q /a PathtoAnswerFile /[c PathtoConfigFile**]**

Note

The answer file contains sensitive information that should be protected by an access control list (ACL) that can only be viewed by the system administrator. When the answer file is deployed to a remote server, it should be transferred by using a secure method such as Internet Protocol Security (IPsec). After the installation is complete, the administrator should delete the answer file from the target computer in a secure manner.

After you have installed FPE, it is recommended that you view the Release Notes file and perform the configuration steps described in Performing your initial configuration.

Performing a passive installation

The passive installation works in the same manner as the silent installation, except it includes a progress bar that shows the status of the installation as it is running.

After extracting the setup package (For more information, see Unpacking the installer), you can launch the passive installation with an answer file by typing the following:

setup.exe /p /a PathtoAnswerFile

The answer file contains answers to all questions presented during the installation. It is a required parameter. (To view a sample answer file, see Sample answer file for unattended installations.) Optionally, you can specify the /c parameter, which additionally lets you import configuration settings to the server after the installation is complete. These are settings that were exported from another server. The following is the syntax:

setup.exe /p /a PathtoAnswerFile /[c PathtoConfigFile**]**

Note

The answer file contains sensitive information that should be protected by an access control list (ACL) that can only be viewed by the system administrator. When the answer file is deployed to a remote server, it should be transferred by using a secure method such as Internet Protocol Security (IPsec). After the installation is complete, the administrator should delete the answer file from the target computer in a secure manner.

After you have installed FPE, it is recommended that you view the Release Notes file and perform the configuration steps described in Performing your initial configuration.

Post-installation notes

  • After a fresh installation, new definition files must be downloaded in order to ensure the most up-to-date protection. By default, an hourly check for updates for each licensed engine is scheduled. These updates start five minutes after FPE services are started. If a proxy server is being used for engine updates, these scheduled updates will fail until all the proxy server information has been entered. If you did not enter this information during installation, use the Forefront Protection 2010 for Exchange Server Administrator Console and enter it in the Global Settings - Engine Options pane. Then, immediately update each scan engine by clicking Update All Engines Now in the Actions section.

    Note

    • You should successfully update at least one engine before the installation is considered complete.

    • Until all the licensed engines have been successfully downloaded, errors may appear in the event log. These errors include "Could not create mapper object".

  • To verify that FPE has been correctly installed with default protection enabled, use Windows Task Manager. You should see the following processes running after a default installation:

    • On a server that contains a Mailbox role, there should be four FSCRealtimeScanner.exe processes running, and there should be one FSCScheduledScanner.exe process running.

    • On a server that includes a Transport role (such as a Hub Transport, Edge, or Mailbox/Hub Transport server), there should be four FSCTransportScanner.exe processes running.

  • During the first run after installation, FPE automatically selects a Client Access Server (CAS) (provided that one is available), which may not be the optimal server for your environment. If you are using Exchange Server 2010 and a CAS is not available, the on-demand scan will not work. (For information about adding a CAS to your Exchange environment, see your Exchange Server 2010 documentation.) You can change the selected CAS by using the Forefront Protection 2010 for Exchange Server Administrator Console (for details, see Configuring the on-demand scan) or by running the following Windows PowerShell command from the Forefront Management Shell: Set-FseOnDemandScan

  • If you have Microsoft Office Manager 2005 or Microsoft System Center Operations Manager 2007 agents installed, you might see services start unexpectedly after the product has been installed. These agents are stopped (disabled) during an installation and automatically re-enabled when the process has completed. This is normal behavior.