Solved

Moving servers from one ePO to another ePO.  How to deal with the agent?

Posted on 2008-10-27
13
4,031 Views
Last Modified: 2013-12-09
Dear Experience McAfee Experts,

Recently we have 8 servers moving from another datacenter to my department, and these machines use McAfee's ePO as the anti-virus program just as we do also.  These 8 servers and other computers in our server room all uses the same Virus Scan Engine (8.5) and Agent (3.6).   Now I want to integrate them into my manage scope, besides uninstalling the agent and then re-install, is there any better way to integrate them into my ePO server?

If I just add these machines into my ePO, and send the "agent wakeup call", will that automatically integrate them into my management and then inherit the group settings?
0
Comment
Question by:wingkchan
  • 8
  • 5
13 Comments
 
LVL 4

Accepted Solution

by:
majidhajali earned 500 total points
ID: 22819258
you should run send agent install and check Force Install over Existing Version, Provide user name and password and it will install new agent on the desired machines.
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22827780
Thanks Majidhajali for your suggestion.  I still have to wait a few more days before I can put my hands on the server.  I will let you know how that turns out once I try your advice.  
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22874828
Hi Majidhajali,

I added the new windows machines into ePO, and I sent the "Agent Install" (with supress option un-checked, so I can see if it is doing the install), but nothing happened.  Tried a few times, with different admin accounts, yet... don't see the installation going on.

I then logon to the client machines, open the Management Console, and manually kick star the "update".  it knows to get it's new DAT from my ePO Server instead of the old.  And it can download and update the latest definition fine.

But, when I send the "agent wakeup call", the client computer would inherit my policies set for them... so I guess the overall agent update weren't successful.  Do you know if there is anything that I am doing wrong?  Thank you kindly.

0
 
LVL 2

Author Comment

by:wingkchan
ID: 22874857
Oh, one more thing,

Then I tried to uninstalled the Virus Scan from the client machines, and do the whole procedure from the begining (add computer in epo, send installation files to client machine, send "agent install", send "agent wakeup call"...).  But I could only get the installation to push the client machine.  When I make it to install agent... nothign happens... the virus scan won't install.

Although I uninstalled the virus scan, i didn't uninstall the services (McAfee Framework Services, McAfee McShield, McAfee Task Manager) still existed under the windows services.  And when I go to http://localhost:8081 , it still shows the agent tries to make connection every 5 minutes to the ePO server...
0
 
LVL 4

Expert Comment

by:majidhajali
ID: 22874895
there is one thing you should check,
Do you define a deployment task in scheduled tasks in Epo console?
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22874904
thanks majidhajali, i have a deployment task (I think it is there by default) under a group, and the servers underneath inherits this task.  when I choose to send agent install, I un-check all inherit and make it to run immediately, while sending the 3 programs (epo agent, system compliance profiler, virusscan enterprise)...
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 4

Expert Comment

by:majidhajali
ID: 22874912
that's ok.
It should work, but there is some problems. let me check the procedure
0
 
LVL 4

Expert Comment

by:majidhajali
ID: 22874948
Did you move computers from one domain to another?
If the answer is yes, delete all the computers from the new domain in epo, and the do an update domain. Epo should recognize all the computers in the new domain. I hope it works for you.
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22875108
Thanks for you advice and support... but I don't have domains setup on my ePO server.  they are just under a group that I created, and I am importing machines one by one into that group.  I don't understand how come I can ping, send install files, but can't make them install... i'll try to review if there are policies setup on those newly arrive servers...
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22947119
After checking on the forums, someone said that the file under:  
C:\Documents and Settings\All Users\Application Data\McAfee\Common Framework\Sitelist.xml
has the connecting credentials.  I opened that and saw that the clients are using an wrong ePO server IP (my ePO server has 2 Lan Cards, 1 Class B, 1 class C).  The client should use the Class C IP to connect, but somehow that sitelist.xml files has the ePO with the Class B IP.  I manually changed that parameter, and it seems to be installing.  

But after install, when I modify policies and send the "agent wakup call".  The client eventually gets the signal and inherits the change, but it could take up to 15 minutes or even longer... and if I modify the client to temporarily "Disable On Access protection", the client would get the call and stop the scan, but after that, the "McAfee Shield" service would be "paused", and even I re-send "enable on access protection", the client won't be able to restart itself...

So... even I got it to install, still acting strange in someway... but thank you majidhajali for your help
0
 
LVL 2

Author Closing Comment

by:wingkchan
ID: 31516261
Thank you
0
 
LVL 4

Expert Comment

by:majidhajali
ID: 22947460
you're welcome my friend,
sorry I couldn't do something important for you.
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22947834
Oh, the tips were helpful, and I really appreciate it. At the begining I was stumped,  I wasn't even sure whether I would need to uninstall the previous agent first.  it saved me a good amount of time from trials. =)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

12 Steps to a more secure Internet experience (http://tekblog.teksquisite.com/) Everyone who is a licensed driver initially had to pass a driving test that consisted of taking:    1. a written test    2. a road test    3. a vision test Le…
I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now