Solved

Deploying McAfee Agent

Posted on 2011-03-13
12
2,617 Views
Last Modified: 2013-12-09
I am running McAfee  ePo 4.0. My ePo server is on a different domain than the machines and servers I am trying to deploy the agent to. The domains have full two way trusts. While trying to deploy agent I am receiving an error stating network path was not found. From ePo server I can access the Admin$ share on the machines using the same admin account I am using for credinitals while trying to deploy agent. Windows firewall has been disabled via GPO. Machines are running XP SP3 and my servers Server 2003.

Any assistance or suggestion would be much appriciated.
0
Comment
Question by:jhyanagi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 16

Expert Comment

by:legalsrl
ID: 35121255
Morning :)

The Network path error is related to DNS

It sounds like the ePO server cannot resolve the NETBIOS name of the server

Firstly, try adding a machine to the Hosts file on the epo server and let me know if that works.....

Once we've identified the problem, we can then work out the DNS issue
Cheers
Si
0
 

Author Comment

by:jhyanagi
ID: 35121280
I forgot to mention that part my apologies. Within the ePo I have set up a system and synced it with AD. I can see all of my computers I have added thus far and a few of them have checked in. I can see the IP and the user on the machine. But that is only a handfull.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35121497
OK, we need to work out what is different between the machines that have and have not checked in.....

If you look at one OU in AD, have some of the computers in that OU checked in ?

What can you tell me about them ?

Cheers
Si
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:jhyanagi
ID: 35121557
all of the machines have been re imaged with the same image, and are being pushed the same GPO's. One thing i have recently realized is the machines that have checked in are responding with the FQDN of the domain that the ePo server is on. ePo will be on domain A, and my end users and servers on domain B.  

From ePo if i do an nslookup on the machines that have not checked in I am unable to resolve them from the DNS server of their domain, DOMAIN B. However if i do the same thing for the machines that have checked in that are within Domain B, they respond back with a FQDN for Domain A. these machines have been on both domains so most of them have DNS entries on both domains. But if they are not part of Domain A anymore why are they resolving for a domain they are not part of? I have looked through the DNS on my DC for DOMAIN B and all of the computers\servers are in there. I am at a loss. I agree with the DNS issue you mentioned earlier. I just have no clue where to start. I have exhausted my knowledge.

Thanks.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35121887
Ok, let's talk dns

It sounds like your dns server on domain b does not have an entry for domain a

Therefore the workstations on domain b cannot resolve the host name of the epo server and therefore cannot check in

Do you have access to the dns server ?
0
 

Author Comment

by:jhyanagi
ID: 35122038
Yes i do have access to them. Trying to do an nslookup from domain to domain i cannot resolve the IP address, but if i use the FQDN of what im trying to get it will resolve that.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35128920
OK, let me whiteboard it and come back to you
Cheers
Simon
0
 
LVL 16

Accepted Solution

by:
legalsrl earned 500 total points
ID: 35128962
OK, just sketched it out.....

Here is what I am working on....

epo is in a domain a.b.local
workstations are in a domain b.b.local

The DNS Server servicing b.b.local cannot find anything in a.b.local

The DNS Server servicing b.b.local needs to be configured for DNS Forwarding so that if the DNS server in b.b.local cannot resolve a DNS name, then the DNS Server in b.b.local forwards the request to the DNS Server in a.b.local

That will resolve your problem

Cheers
Simon
0
 

Author Comment

by:jhyanagi
ID: 35130026
Thank you for your suggestions. Here is where i am at now. After multiple hours of trying to figure it out i just wiped out all of the previous system trees and started again. After doing that and forcing to deploy clients I walked away and gave it time to do such. I now have all machines checking in and up to date except for 4 XP  boxes and 2 servers running server 2003.

I am still recieving the network path not found error with these machines. They are all on the same domain, ePo pulls them with AD Sync. I can ping and nslookup both ip and FQDN. I can also access ADMIN $ share. I have both A records and PTR records for all machine withing my DNS. Thats all i have at the moment. I also have A DC from both domains set up for DNS servers on ePo. I have tried it both ways.

Thank you for your assistance.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35131074
OK, those 4 machines and 2 servers.....can they ping ePO ?

Sounds like you still have some DNS issues, but have resolved most of them

How about Firewall settings ?

Cheers
SImon
0
 

Author Comment

by:jhyanagi
ID: 35136563
Ok i have figured out a temporary solution for the issue. I will still be leaving a few admin machines off lone with ePo for future testing.

Even though i was not successfully able to push our the VSE 8.7 or agent to the machines I was however able to manually install the FlashPkg.exe to the machines and force an update and they would start showing up in my ePo Server as checking in so I will settle for that for now.

Thank you for the advice, i still beleive there is DNS issue somewhere so i will continue to look into this issue if machines do not successfully checkin while added to the network.

Thanks again.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 35136600
OK, I'd install Wireshark and run a packet capture while testing, post the log here and I'll help you figure out what's going on
Cheers
Si
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question