I install the agent and vse into the build. Lookup exporting the sitelist within McAFee ePO site to run a script to register it with the relevant ePO if deploying to mulitple domains.
Copy the sitelist after the build then run something like the below:
Then use ePO to run update tasks etc.
Example:
$joineddomain = Get-WmiObject -Class Win32_ComputerSystem | select domain
$joineddomain = $joineddomain.domain
$devdomain = "development"
if ($joineddomain -like "*$devdomain*"){
C:\Temp\FrmInst.exe /install=agent /silent /siteinfo=c:\temp\sitelist.xml
}
You will also want to remove the mcafee agent guid from the master image so a new one is generated every build.
Remove-ItemProperty -path ‘HKLM:\SOFTWARE\Wow6432Node\Network Associates\ePolicy Orchestrator\Agent’ -Name AgentGUID
Or I think that is now been replaced with:
C:\Program Files\McAfee\Agent\maconfig.exe -enforce -noguid@