Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


pengu1n last won the day on February 3 2016

pengu1n had the most liked content!

About pengu1n

  • Rank

Profile Information

  • Location
  1. Hello. We have about 600 workstations in our network and about 20 OU in AD structure for PCs. So now i synchronized AD tree into ERA and can see all workstations. But when we deploying ERA agents by GPO all computers are duplicated into Lost&found. Is there a way to automatically make order by AD structure in ERA console?
  2. Thank you for information! I make small tuning of UnixWindowsNetworkRemoteInstall.sh script and now agent deploy working perfectly # get target client pc's IP address by it's name ERA_RD_WN_COMPUTER_IP=$(dig +short $ERA_RD_WN_COMPUTER_NAME | awk '{ print ; exit }') if [ "$ERA_RD_WN_COMPUTER_IP" != "" ] then #IP address found, changing pc name to it ERA_RD_WN_COMPUTER_NAME=$ERA_RD_WN_COMPUTER_IP fi
  3. Result is the same: Failed to open Service Control Manager. [WERR_ACCESS_DENIED] One more note: when i'm running this command and using not FQDN but Netbios name for pc anything works: net -i -k rpc service list -W DOMAIN1 -U admin4 -S pc
  4. We have forest with two domains, full trust is configured, let it be 'domain1' and 'domain2'. ERA server krb.conf: [root@era Server]# cat /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log default = SYSLOG:INFO:DAEMON kdc = SYSLOG:INFO:DAEMON admin_server = SYSLOG:INFO:DAEMON [libdefaults] default_realm = DOMAIN2 dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h renew_lifetime = 7d forwardable = true [realms] DOMAIN2 = { kdc = dc.domain2 admin_server = dc.domain2 } DOMAIN1 = { kdc = dc.domain1 } [domain_realm] .domain2 = DOMAIN2 domain2 = DOMAIN2 .domain1 = DOMAIN1 domain1 = DOMAIN1 Of cause "domain1" is something like "domain1.local" and "domain2" like "domain2.local". All synchronizing tasks are working, we get all computers and OUs from ADs into static groups. In Access Rights configured DOMAIN1\ESET_admins and DOMAIN2\ESET_admins groups, so we can login using DOMAIN1 and DOMAIN2 users in that groups. Problems start when i'm trying to deploy remotely agents to PCs in DOMAIN1. As we can see default_realm in krb5.conf is DOMAIN2. So when i'm deploying agents to DOMAIN2 PCs it's working like a charm. But when i'm trying to deploy agent to PCs in DOMAIN1 it finishes with error. In trace.log i see that ERA can connect and copy tmp files to ADMIN$ share, but everything crashing on 'net rpc service'. Command is looking like 'net -i -k rpc service delete eset-remote-installer -W DOMAIN1 -U admin4 -S pc.domain1' and error is 'Failed to open Service Control Manager. [WERR_ACCESS_DENIED]'. I tried to run it from shell and got very strange behaviour: 1) when i'm running command 'net -i -k rpc service delete eset-remote-installer -W DOMAIN1 -U admin4 -S pc.domain1' in PC Event Viewer Security logs i see connection from DOMAIN2\admin4, not from DOMAIN1!!!! 2) when i'm running command using nor FQDN computer name but IP everything is working: 'net -i -k rpc service delete eset-remote-installer -W DOMAIN1 -U admin4 -S' : Failed to open service. [WERR_NO_SUCH_SERVICE] and in Event Viewer i see connection with DOMAIN1\admin4 login. I'm not guru in linux, so i am a little bit confused on this. Is this a problem with configuration of AD authorization, or this is a some bug? And what we can do with this? We have about 1200 workstations in company network and we are planning to migrate from ERA5 to ERA6.
  5. Many thx, Marco! It was 'Use global proxy server settings' by default. Changed to 'Do not use proxy' and anything is ok!
  6. I have this problem with "Unauthorized access" too. 1. I used MirrorTool to download updates for 4/5/6 Antivirus versions to ERA server (virtual appliance with Cent OS) It created directory structure like mirror |------eset_upd |---------ep6 |---------era6 |---------v4 |---------v5 2. Installed Lighttpd and configured it to open mirror directory, something like hxxp://era.mycompany.local:8008(without authorization) 3. Configured Endpoint 5 Antivirus client to update from hxxp://era.mycompany.local:8008/eset_upd/v5, it's working like a charm 4. Configured Endpoint 6 Antivirus client to update from hxxp://era.mycompany.local:8008/eset_upd/ep6and got error message 'Unauthorized access'. License on client is already activated, updates from ESET servers working without problems. So, how to make mirror work for EP6 clients?
  • Create New...