Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4679
  • Last Modified:

Moving servers from one ePO to another ePO. How to deal with the agent?

Dear Experience McAfee Experts,

Recently we have 8 servers moving from another datacenter to my department, and these machines use McAfee's ePO as the anti-virus program just as we do also.  These 8 servers and other computers in our server room all uses the same Virus Scan Engine (8.5) and Agent (3.6).   Now I want to integrate them into my manage scope, besides uninstalling the agent and then re-install, is there any better way to integrate them into my ePO server?

If I just add these machines into my ePO, and send the "agent wakeup call", will that automatically integrate them into my management and then inherit the group settings?
0
wingkchan
Asked:
wingkchan
  • 8
  • 5
1 Solution
 
majidhajaliCommented:
you should run send agent install and check Force Install over Existing Version, Provide user name and password and it will install new agent on the desired machines.
0
 
wingkchanAuthor Commented:
Thanks Majidhajali for your suggestion.  I still have to wait a few more days before I can put my hands on the server.  I will let you know how that turns out once I try your advice.  
0
 
wingkchanAuthor Commented:
Hi Majidhajali,

I added the new windows machines into ePO, and I sent the "Agent Install" (with supress option un-checked, so I can see if it is doing the install), but nothing happened.  Tried a few times, with different admin accounts, yet... don't see the installation going on.

I then logon to the client machines, open the Management Console, and manually kick star the "update".  it knows to get it's new DAT from my ePO Server instead of the old.  And it can download and update the latest definition fine.

But, when I send the "agent wakeup call", the client computer would inherit my policies set for them... so I guess the overall agent update weren't successful.  Do you know if there is anything that I am doing wrong?  Thank you kindly.

0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
wingkchanAuthor Commented:
Oh, one more thing,

Then I tried to uninstalled the Virus Scan from the client machines, and do the whole procedure from the begining (add computer in epo, send installation files to client machine, send "agent install", send "agent wakeup call"...).  But I could only get the installation to push the client machine.  When I make it to install agent... nothign happens... the virus scan won't install.

Although I uninstalled the virus scan, i didn't uninstall the services (McAfee Framework Services, McAfee McShield, McAfee Task Manager) still existed under the windows services.  And when I go to http://localhost:8081 , it still shows the agent tries to make connection every 5 minutes to the ePO server...
0
 
majidhajaliCommented:
there is one thing you should check,
Do you define a deployment task in scheduled tasks in Epo console?
0
 
wingkchanAuthor Commented:
thanks majidhajali, i have a deployment task (I think it is there by default) under a group, and the servers underneath inherits this task.  when I choose to send agent install, I un-check all inherit and make it to run immediately, while sending the 3 programs (epo agent, system compliance profiler, virusscan enterprise)...
0
 
majidhajaliCommented:
that's ok.
It should work, but there is some problems. let me check the procedure
0
 
majidhajaliCommented:
Did you move computers from one domain to another?
If the answer is yes, delete all the computers from the new domain in epo, and the do an update domain. Epo should recognize all the computers in the new domain. I hope it works for you.
0
 
wingkchanAuthor Commented:
Thanks for you advice and support... but I don't have domains setup on my ePO server.  they are just under a group that I created, and I am importing machines one by one into that group.  I don't understand how come I can ping, send install files, but can't make them install... i'll try to review if there are policies setup on those newly arrive servers...
0
 
wingkchanAuthor Commented:
After checking on the forums, someone said that the file under:  
C:\Documents and Settings\All Users\Application Data\McAfee\Common Framework\Sitelist.xml
has the connecting credentials.  I opened that and saw that the clients are using an wrong ePO server IP (my ePO server has 2 Lan Cards, 1 Class B, 1 class C).  The client should use the Class C IP to connect, but somehow that sitelist.xml files has the ePO with the Class B IP.  I manually changed that parameter, and it seems to be installing.  

But after install, when I modify policies and send the "agent wakup call".  The client eventually gets the signal and inherits the change, but it could take up to 15 minutes or even longer... and if I modify the client to temporarily "Disable On Access protection", the client would get the call and stop the scan, but after that, the "McAfee Shield" service would be "paused", and even I re-send "enable on access protection", the client won't be able to restart itself...

So... even I got it to install, still acting strange in someway... but thank you majidhajali for your help
0
 
wingkchanAuthor Commented:
Thank you
0
 
majidhajaliCommented:
you're welcome my friend,
sorry I couldn't do something important for you.
0
 
wingkchanAuthor Commented:
Oh, the tips were helpful, and I really appreciate it. At the begining I was stumped,  I wasn't even sure whether I would need to uninstall the previous agent first.  it saved me a good amount of time from trials. =)
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

  • 8
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now