Solved

Moving servers from one ePO to another ePO.  How to deal with the agent?

Posted on 2008-10-27
13
3,977 Views
Last Modified: 2013-12-09
Dear Experience McAfee Experts,

Recently we have 8 servers moving from another datacenter to my department, and these machines use McAfee's ePO as the anti-virus program just as we do also.  These 8 servers and other computers in our server room all uses the same Virus Scan Engine (8.5) and Agent (3.6).   Now I want to integrate them into my manage scope, besides uninstalling the agent and then re-install, is there any better way to integrate them into my ePO server?

If I just add these machines into my ePO, and send the "agent wakeup call", will that automatically integrate them into my management and then inherit the group settings?
0
Comment
Question by:wingkchan
  • 8
  • 5
13 Comments
 
LVL 4

Accepted Solution

by:
majidhajali earned 500 total points
ID: 22819258
you should run send agent install and check Force Install over Existing Version, Provide user name and password and it will install new agent on the desired machines.
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22827780
Thanks Majidhajali for your suggestion.  I still have to wait a few more days before I can put my hands on the server.  I will let you know how that turns out once I try your advice.  
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22874828
Hi Majidhajali,

I added the new windows machines into ePO, and I sent the "Agent Install" (with supress option un-checked, so I can see if it is doing the install), but nothing happened.  Tried a few times, with different admin accounts, yet... don't see the installation going on.

I then logon to the client machines, open the Management Console, and manually kick star the "update".  it knows to get it's new DAT from my ePO Server instead of the old.  And it can download and update the latest definition fine.

But, when I send the "agent wakeup call", the client computer would inherit my policies set for them... so I guess the overall agent update weren't successful.  Do you know if there is anything that I am doing wrong?  Thank you kindly.

0
 
LVL 2

Author Comment

by:wingkchan
ID: 22874857
Oh, one more thing,

Then I tried to uninstalled the Virus Scan from the client machines, and do the whole procedure from the begining (add computer in epo, send installation files to client machine, send "agent install", send "agent wakeup call"...).  But I could only get the installation to push the client machine.  When I make it to install agent... nothign happens... the virus scan won't install.

Although I uninstalled the virus scan, i didn't uninstall the services (McAfee Framework Services, McAfee McShield, McAfee Task Manager) still existed under the windows services.  And when I go to http://localhost:8081 , it still shows the agent tries to make connection every 5 minutes to the ePO server...
0
 
LVL 4

Expert Comment

by:majidhajali
ID: 22874895
there is one thing you should check,
Do you define a deployment task in scheduled tasks in Epo console?
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22874904
thanks majidhajali, i have a deployment task (I think it is there by default) under a group, and the servers underneath inherits this task.  when I choose to send agent install, I un-check all inherit and make it to run immediately, while sending the 3 programs (epo agent, system compliance profiler, virusscan enterprise)...
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 4

Expert Comment

by:majidhajali
ID: 22874912
that's ok.
It should work, but there is some problems. let me check the procedure
0
 
LVL 4

Expert Comment

by:majidhajali
ID: 22874948
Did you move computers from one domain to another?
If the answer is yes, delete all the computers from the new domain in epo, and the do an update domain. Epo should recognize all the computers in the new domain. I hope it works for you.
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22875108
Thanks for you advice and support... but I don't have domains setup on my ePO server.  they are just under a group that I created, and I am importing machines one by one into that group.  I don't understand how come I can ping, send install files, but can't make them install... i'll try to review if there are policies setup on those newly arrive servers...
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22947119
After checking on the forums, someone said that the file under:  
C:\Documents and Settings\All Users\Application Data\McAfee\Common Framework\Sitelist.xml
has the connecting credentials.  I opened that and saw that the clients are using an wrong ePO server IP (my ePO server has 2 Lan Cards, 1 Class B, 1 class C).  The client should use the Class C IP to connect, but somehow that sitelist.xml files has the ePO with the Class B IP.  I manually changed that parameter, and it seems to be installing.  

But after install, when I modify policies and send the "agent wakup call".  The client eventually gets the signal and inherits the change, but it could take up to 15 minutes or even longer... and if I modify the client to temporarily "Disable On Access protection", the client would get the call and stop the scan, but after that, the "McAfee Shield" service would be "paused", and even I re-send "enable on access protection", the client won't be able to restart itself...

So... even I got it to install, still acting strange in someway... but thank you majidhajali for your help
0
 
LVL 2

Author Closing Comment

by:wingkchan
ID: 31516261
Thank you
0
 
LVL 4

Expert Comment

by:majidhajali
ID: 22947460
you're welcome my friend,
sorry I couldn't do something important for you.
0
 
LVL 2

Author Comment

by:wingkchan
ID: 22947834
Oh, the tips were helpful, and I really appreciate it. At the begining I was stumped,  I wasn't even sure whether I would need to uninstall the previous agent first.  it saved me a good amount of time from trials. =)
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now