Starting with version 2.9, Enzoic for Active Directory can be installed and configured headlessly using a YAML configuration file. All of the Enzoic for AD settings can be specified via settings in this file. To get started, download the sample enzoic-config.yml file below and open in a text editor. The settings in the file are documented with comments, but we recommend familiarizing yourself with the product in a test environment first to better understand the various options.
You can use GPO push installs to easily install Enzoic for Active Directory across multiple domain controllers in your environment. Note that Enzoic for Active Directory requires .NET Framework 4.5, which does not get installed automatically when running the MSI installer. If you do not already have the .NET Framework 4.5 on your servers prior to deploying Enzoic for Active Directory, you will need to deploy that first.
Step 1 - Create an MST file with your product key and YML config path embedded
(Note this step is optional – if you wish, you may instead install Enzoic for Active Directory on the first domain controller in your environment, configure it as you wish and then push the installer to your other domain controllers via GPO, without needing to use a YML configuration file. In this case, the other domain controllers will pick up the shared configuration directly from Active Directory.)
Download Microsoft’s Windows Installer SDK – Download
Install the SDK, Find and Run the Orca install (installs to C:\Program Files (x86)\Windows Installer 4.5 SDK\TOOLS by default)
Run Orca
Open the Enzoic for AD MSI in Orca
Open the Transform menu and select “New Transform”
Navigate to the Property table in the left pane and edit the values for the following properties in the right hand pane:
ENZ_IMPORT_CONFIG_FILE – enter the UNC network path to your enzoic-config.yml file (this will be the network share distribution point for the GPO)
ENZ_PRODUCT_KEY – enter your product key
Open the Transform menu and select “Generate Transform”, save the MST file
Copy the MSI, MST and YML file to your distribution point in the next step.
Step 2 - Create a Distribution Point
Log on to a server in the target domain as an administrator.
Create a shared network folder to distribute the files from.
Give the Domain Controllers security group read access to the share, and limit write access to authorized personnel only.
Copy EnzoicForAD.msi (and optionally the MST and YML file from step 1 above) into the distribution point
Give the Domain Controllers security group read access to the EnzoicForAD.msifile in the distribution point.
Click Finish.
Step 3 - Create a Group Policy Object
Start the Group Policy Management Console (gpmc.msc).
Expand the forest and domain items in the left pane.
Right-click the Domain Controllers OU in the left pane, and then click Create a GPO in this domain, and Link it here…
Type Enzoic for Active Directory and then press ENTER.
Step 4 - Prepare the Group Policy Object
Right-click the Enzoic for Active Directory GPO, and then click Edit…
Expand the Computer Configuration, Policies, and Software Settings
Right-click the Software installation item, and then select New > Package…
Type the full UNC path to EnzoicForAD.msi in the Open dialog box. You must enter a UNC path so that other computers can access this file over the network. For example, \\file server\distribution point share\EnzoicForAD.msi
Click Open.
Select the Assigned deployment method, and then click OK.
Close the Group Policy Management Editor.
Step 5 - Complete the Installation
Windows installs Enzoic for Active Directory during startup, and then immediately requires a manual restart to load the Password Filter. Restart each Domain Controller to complete the installation.