Using the SbAdmCl for McAfee Endpoint Encryption
My recent posts on McAfee Endpoint Encryption have been tailored to those who might want to programatically include automation into your existing scripts using tools like AutoIt. You can, however, run the exact same commands using SbAdmCl.exe, which comes free with McAfee EE. If you haven’t already created a fileset or manually copied these files over to a client, you can get them from your server. They are:
- SbAdmCl.exe
- SbAdmCom.dll
- SbAdmDll.dll
Put these files in the same folder that your client files are in. You can now use SbAdmCl.exe to run Endpoint Encryption commands. To get a list of the available commands, simply run the following from a command line:
1 | SbAdmCl.exe -command:help |
All of these commands are outlined in the Endpoint Encryption Scripting Tool User Guide. Most of the commands will require you to authenticate in order to use them. An example of such a command is GetAdminLevel. You would authenticate and issue this command like so:
1 | SbAdmCl.exe -adminuser:sbadmin -adminpass:12345 -command:GetAdminLevel -user:JoeUser |
After replacing the usernames and password, you should get something like this:
1 2 3 4 5 | Command = GetAdminLevel ResultCode = 0x00000000 ResultDescription = The operation completed successfully. User(Name=joeuser, ID=1) AdminLevel=2 |
This shows you that Joe User’s Admin Level is 2.
For commands that don’t require authentication (see the documentation), you can issue commands like this:
1 | SbAdmCl.exe -command:ForceSync |
If you’re watching your client status window or log, you’ll notice that the client will start to sync with the server – unless you’ve disabled this ability through policy.
Hi Chris,
Thank you for your post. It is easy to understand, and up to the point…
Excellent instructions…
Kind regards,
Valter