Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6655
  • Last Modified:

EPO 4.5 no Engine or DAT installing

Hi
Been installing EPO 4.5 onto a server with 2008 running (previously had protection pilot), muddling my way through as this is all new to me, but i have a problem with 13 machines out of 90. (all XP)
These machines are showing as non compliant, when i look a them they show a product version of 4.0.0.1421 but not Engine or DAT version.
i have turned off Windows Firewall, tried waking up the agent, updating from the client.
I have created a client task to update all packages, but still these machines stay non compliant.
Also 1 of the machines is the actual server the EPO resides on.
Thanks
0
kev-griggs
Asked:
kev-griggs
  • 15
  • 10
  • 3
1 Solution
 
Justin OwensITIL Problem ManagerCommented:
ePO is a fun and unique animal. :)  I am currently working on a project to migrate 800 servers and 2000 workstations from 3.6 and 4.0 to 4.5 (as well as get all the client software versions standardized, but that is a different animal, too).

  • You said you created an update task to update all packages.  What was the type of execution you used (startup, logon, schedule, immediate, etc)?  
  • On the machines that will not update, can you get to \\machinename\admin$ from whatever account is running ePO?
  • When you did an agent wake up, did you check the box to force it to report all information?
  • Do you have any other ePO servers on your network?
Justin
0
 
kev-griggsAuthor Commented:
DrUltima:
Good luck with your project, it has taken me some time to get this far.

Update Task = Scheduled
\\machinename\admin$, yes i can access
Agent wakeup, no i did not check rthe box
We only have 1 ePO server

Thanks
0
 
Justin OwensITIL Problem ManagerCommented:
OK, for your task, create a second deployment task disabled at the root of your organization.  Make it a Run Immediately.  Create a separate container for the 11 machines out of compliance and move them there.  On that container, enable the deployment task for Run Immediately.  Once enabled, do an Agent Wake up, but make sure you check the box for Force full report.

Let me know how that goes.

Justin
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
kev-griggsAuthor Commented:
Hi

dont understand the root bit, wneh you say container do you mean move them to a new group?
not seen the run immediately bit, was looking for that.

not around the office tomorrow, so will pick this up friday, thanks for your help.
0
 
Justin OwensITIL Problem ManagerCommented:
Go to your System Tree.
Go to My Organization. (this should be the root, or top level folder under which all other folders exist)
Select Client Tasks.
New Task.
Product Update
Next
Select All Packages.
Next
Schedule Type: Run Immediately

Let me know how that works for you.

Justin
0
 
kev-griggsAuthor Commented:
Ok, done that but it has made no difference,
any of the client tasks i run i cannot see them in the server task log, is this normal?
0
 
Justin OwensITIL Problem ManagerCommented:
You won't see anything until the next scheduled policy enforcement, unless you force that manually.  Most client tasks you do manually (deployment, agent wake up, etc) will show up in the server task log.  Some automatic actions there will also show up, but not everything.

From the computer you are using to perform the updates, can you look at and make sure you can:

1. ping the 13 computers
2. get to the \admin$ share on each of the 13 computers
3. see the web monitoring console on each of the 13 computers (http://computername:8081)
3a.  make sure that it is communicating with the correct ePO server

Let me know what you find.

Justin
0
 
kev-griggsAuthor Commented:
Can ping all machines and have access to \admin$ using the login i use to update the clients
The non compliant machines seem to be new ones which were not migrated from protection pilot.
Comparing the log files the compliant and non are the same except for the line is missing from the non compliant, marked below as - ************

21 December 2009 07:40:34 Info Agent Agent is looking for events to upload
21 December 2009 07:40:38 Info Agent Agent Started Enforcing policies
21 December 2009 07:40:38 Info Management Enforcing Policies for VIRUSCAN8600 - ************
21 December 2009 07:40:38 Info Management Enforcing Policies for EPOAGENT3000META
21 December 2009 07:40:38 Info Management Enforcing Policies for EPOAGENT3000
21 December 2009 07:40:38 Info Management Enforcing Policies for McAfee Agent
21 December 2009 07:40:38 Info Agent Agent finished Enforcing policies
21 December 2009 07:40:38 Info Agent Next policy enforcement in 5 minutes


thanks for your help.
Kevin
0
 
Justin OwensITIL Problem ManagerCommented:
Honestly, at this point it may be faster to remove the ePO agent from the offending machines, unload any other McAfee products, make sure no other firewalls are running on the machines, and then redo the push.  Is that an option for you?

Justin
0
 
kev-griggsAuthor Commented:
I will give one of the machines a go and see if it fixes this issue.
Thanks
0
 
brianm71Commented:
You can also push the agent back out to the 11 machines with a force install.  This will generate a new agent ID and should have the 11 machines check back in with your epo server.
0
 
kev-griggsAuthor Commented:
brianm71:
from the epo if i do Actions/agent/update now i get a message "These systems do not support Update Now: "
0
 
kev-griggsAuthor Commented:
DrUltima:

i tried removing the epo from 2 machines and it made no differance
0
 
brianm71Commented:
You will not be able to do Update Now unless they have the 4.5 agent.  go the the register on the two machines HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent and delete the AgentGUID, ComputerName, IPAddress and MacAddress keys.  Then try reinstalling the epo agent manually.
0
 
kev-griggsAuthor Commented:
brianm71:
Ok, have done that, will wait tosee if the virus scan is deployed, i may be missing something as all the problem machines are new installs, the compliant machnes are ones i had running on protection pilot so all the products were already installed.
Thanks
0
 
kev-griggsAuthor Commented:
brianm71:
machine still only has agent installed, how can i force viruscan8600 onto these machines, any ideas?
i have 17 machines and they are all new installs with just the agent on.

Cheers
0
 
brianm71Commented:
Go to your System Tree.
Go to My Organization.
Select Client Tasks.
New Task.
Product Deployment
Next
Select VirusScan .
Next
Schedule Type: Run Immediately

Wake up agents on machine.  You should see it being depoyed in agent log.

0
 
kev-griggsAuthor Commented:
ok, done that, but they still show as non compliant, see below extract from log file.

18 January 2010 15:53:14  Info  Agent  Agent started performing ASCI
18 January 2010 15:53:14  Info  Agent  Agent is looking for events to upload
18 January 2010 15:53:14  Info  Management  Collecting Properties
18 January 2010 15:53:14  Info  Agent  Agent is looking for events to upload
18 January 2010 15:53:14  Info  Agent  Agent communication session started
18 January 2010 15:53:14  Info  Agent  Agent is sending PROPS VERSION package to ePO server
18 January 2010 15:53:14  Info  Agent  Agent is connecting to ePO server
18 January 2010 15:53:15  Info  Agent  Package uploaded to ePO Server successfully
18 January 2010 15:53:15  Info  Agent  Agent communication session closed
18 January 2010 15:53:15  Info  Agent  Agent received REQUEST PROPS package from ePO server
18 January 2010 15:53:15  Info  Agent  Agent communication session started
18 January 2010 15:53:15  Info  Agent  Agent is sending INC PROPS package to ePO server
18 January 2010 15:53:15  Info  Agent  Agent is connecting to ePO server
18 January 2010 15:53:15  Info  Agent  Package uploaded to ePO Server successfully
18 January 2010 15:53:15  Info  Agent  Agent communication session closed
18 January 2010 15:53:15  Info  Agent  Agent received POLICY package from ePO server
18 January 2010 15:53:15  Info  Agent  New server policy was successfully merged
18 January 2010 15:53:15  Info  Agent  Enforcing newly downloaded policies
18 January 2010 15:53:15  Info  Agent  Agent Started Enforcing policies
18 January 2010 15:53:15  Info  Management  Compiling policies
18 January 2010 15:53:16  Info  Management  Enforcing Policies for EPOAGENT3000META
18 January 2010 15:53:16  Info  Management  Enforcing Policies for EPOAGENT3000
18 January 2010 15:53:16  Info  Management  Enforcing Policies for McAfee Agent
18 January 2010 15:53:16  Info  Scheduler  The task GLOBAL VIRUS SCAN DEPLOY is modified
18 January 2010 15:53:17  Info  Scheduler  The task New Task 1 is deleted (ID=41)
18 January 2010 15:53:17  Info  Scheduler  Scheduler: Invoking task [GLOBAL VIRUS SCAN DEPLOY]...
18 January 2010 15:53:17  Info  Agent  Agent finished Enforcing policies
18 January 2010 15:53:17  Info  Agent  Next policy enforcement in 5 minutes
18 January 2010 15:53:17  Info  Updater  Checking update packages from repository ePO_SERVER2.
18 January 2010 15:53:17  Info  Updater  Initializing update...
18 January 2010 15:53:17  Info  Updater  Verifying catalog.z.
18 January 2010 15:53:17  Info  Updater  Extracting catalog.z.
18 January 2010 15:53:17  Info  Updater  Loading update configuration from: catalog.xml
18 January 2010 15:53:18  Info  Updater  These updates will be applied if they are in the repository: VIRUSCAN8600.
18 January 2010 15:53:18  Info  Updater  Verifying VSE850Det.McS.
18 January 2010 15:53:20  Info  Updater  Update Finished
18 January 2010 15:53:20  Info  Scheduler  The task GLOBAL VIRUS SCAN DEPLOY is successful
18 January 2010 15:53:20  Info  Scheduler  Scheduler: Task [GLOBAL VIRUS SCAN DEPLOY] is finished
0
 
Justin OwensITIL Problem ManagerCommented:
Can you post screen shots of your deployment task?  The message above looks more like an update than a product deployment.  Also, are you in a position to be using VSE 8.7 rather than 8.6?  There are some OS issues with Windows 7 push and Server 2008 R2 push with VSE 8.6.
Justin
0
 
kev-griggsAuthor Commented:
You are right, it is an update, when i select Product Deployment, click Next, in the product and Componants there is only Agent 4.0.0.1421 to select, nothing else.  i am really at a lose here.
0
 
kev-griggsAuthor Commented:
i downloaded agent 4.5.0.1270 checked it in and set up a Product Deployment, which appears to have been succesful.  Now, how do i deploy viruscan 8.7, i have it in my repository
Thanks.
 
0
 
Justin OwensITIL Problem ManagerCommented:
Make sure you have verified that the 4.5 agent was indeed deployed.
Download the VSE 8.7 install files if you haven't already.  Check them into ePO if you haven't already.  The safest way is to create a new container.  The only applied policy to it should be a new Product Deployment task to run immediately.  Deploy VSE 8.7.  Move a computer or server or combination into that container and enforece the policy.  Make sure it works.... Once you are sure VSE won't break anything, you can move your machine there for deployemnt and back to their container or you can create a deployment task higher on your container structure and let it propogate down.  I prefer to have seperate installation containers for VSE 8.7, Antispyware 8.7, and HIPS 7.0.  In this way, I have more granular control over which machines get them and which do not.
Justin
0
 
kev-griggsAuthor Commented:
DrUltima
4.5 has been deployed.
8.7 is downloaded and checked it, when i look in Master repository 8.5.0 amd 8.7.0 are there, both status ok
A new container i assume you mean create a new sub group, no problem
The only way i can see to deploy a product is to go to system tree, client tasks, product deployment, but the only option is to deploy the agent from the drop down box, there is no other option, am i looking in the correct place.

Today i enabled Global updating, still no change.
I never concidered myself stupid until i come across this product.
Thanks for your help, really apprechiated.
0
 
Justin OwensITIL Problem ManagerCommented:
Could you post a screen shot of your repository so I could make sure the right thing was checked in?  You are looking at the right place to set up the VSE 8.7 deployment.
Justin
0
 
kev-griggsAuthor Commented:
see attached
REPOS.jpg
0
 
Justin OwensITIL Problem ManagerCommented:
The VSE 8.7 you see in that post is a language pack.  It needs to be the installation package (say Install in the Type column).  Check in the installation package (download-able from McAfee with your Grant number).

Justin
0
 
kev-griggsAuthor Commented:
i have 100% compliance, i did this first with 8.5 and they are all loaded, can now upgrade to 8.7 in stages as you suggested.
Thanks for your continued help on this issue.
0
 
Justin OwensITIL Problem ManagerCommented:
Comment from the Author:
i have 100% compliance, i did this first with 8.5 and they are all loaded, can now upgrade to 8.7 in stages as you suggested.
Thanks for your continued help on this issue.    
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 15
  • 10
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now