Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


ewong last won the day on December 13 2018

ewong had the most liked content!

Profile Information

  • Gender
    Not Telling
  • Location
    Hong Kong
  1. I don't understand this. Perhaps posted to the wrong topic?
  2. Thanks MartinK! That helps a lot. I think something is not right wrt the network download speed.
  3. I'm not entirely sure if I'm repeating the correct steps (I use GPO and not the live installer); but, the downloaded ESMCAgentInstaller.bat (assuming this is the file that PuterCare is talking about) and seeing as this batch file creates a vbs file in the tempdir, my guess is that it can't find the sha1sum.exe file. PuterCare, after running and getting that error, does sha1sum.exe exist in the %TMP% folder?
  4. Is there any way of displaying what the error means instead of an error code? Had I known about the 'copying file' error, I'd probably would've found that out. Which brings me to another error #. 8453, which is a bit more confusing: I'm having difficulty in downloading from the servers as it keeps on being interrupted. The confusing thing about the above is it says "Perform full mirror finished" but it then says failed. I kinda understand that the process has finished but with an error; but it's misleading. But I suppose this is more of a nitpick than an actually issue. That said, what does errorcode 8453 mean? Thanks PS: I think I'll need to move the update server to a different system or get a better NIC.
  5. Hi, Perhaps I'm missing something; but I'm getting errors while running the MirrorTool. Here's the error: Here's the command I use (which I placed in a script so I don't need to type so long a command everytime... ) Similar thing happens when I update the repo as well. Can someone point out what's bugging the update? Thanks Edmund
  6. Thanks for the explanation. Is it possible to get the agent to compare the IP of the nic with the IP of the ESMC server so that it can use the same network IP? (Just asking..) It's strange and a bit scary (had I not asked here) that there could be a chance that agents can scan other connected networks. Edmund
  7. I've noticed with ESET Agent, it takes the first NIC's IP it finds without checking with the configuration. With multi-nic systems, this is a bit of a pain since on the ESMC system list, it'd show other network IPs. Shouldn't the Agent report to the ESMC the same IP in the network as the ESMC server? For instance, as shown in the attached screenshot, The first item is the ESMC server (so in the network), the 2nd one is my system (it's chosen the NPCAP interface), the third is another system that has two nics, and finally the last one is another system in the same network. Have I screwed up the AGent deployment (via GPO) setting? Any clarifications appreciated. Thanks. :ewong
  8. Description: Remotely reset Agents' information using a 'secret key' that will reset where the Agents report to. Details: At the moment, using the GPO method of deploying agents is 'simple' enough; but if the ESMC server suffers a hiccup/goes away(for some reason), the ESMC must be installed/reinstalled; thusly the old agents won't be able to communicate with the new ESMC server. Having the ability to set up a 'secret' on the EMSC that can be used to connect to all old-agents and have them reapply the new server information would make life easier. (At this moment, I'm still recovering from a server failure and can't seem to be able to get all of the agents installed properly via gpo, even with the new 'install_config.ini' file set up.) So having this kinda trouble, I've had to go into each system, run esetuninstaller and then have they run gpupdate to get themselves updated) and even then that's not working all the time. [note: I do admit that it is possibly a PEBCAK problem.] On the flip side, this could lead to security issues (particularly since this is somewhat akin to adding a 'backdoor'), so I'm not sure if this is a good idea.
  9. Description: Showing (or downloading) debug logs when tasks fail. Detail: Somewhat similar to my previous feature request, having the debug log generated during the task (akin to trace.log) and when it fails, there is a link to download the log file for that particular process. Rationale: It's to allow the Remote Administrator to figure out what is going on within the process without needing to go into the client's workstation.
  10. Description: Running tasks progress Detail: Currently (well I'm upgrading to the latest 7.x ERA with the 6.x component upgrade task), when I go to Client Task Executions, it states that the task is running. If there is a way (particularly with the Eset product-based tasks, for some sort of progress showing (and even an ETA (but I suspect this might be a bit tough)).
  11. I'd like to add to the Sorting/filtering item. Description: The current filtering prepositions are limited and a little confusing. Detail: I was looking at the "Last Connected" report template on the Dashboard, and I had recently added a whole bunch of rogue systems to a subgroup under "Unknown" static group. By default, the "Last connected" report includes all systems. I wanted to filter out the "unknown" static group and its subgroups. I tried creating a filter: Static Group; Static Group Parent Hierarchy in Unknown which obviously isn't what I want; but there's no "not in". And there's no obvious way of setting "All" computers but exclude the static group "Unknown". So I thought I'd try: Static Group = All Static Group; Static Group Parent Hierarchy not equal Unknown. That didn't work. So having more prepositions (if that's what you call them) would help a lot.
  12. Description: Able to determine the "reason" why the task failed in the Task Execution History. Detail: Right now, suppose a task failed for a particular system. In ERA, you go to that system, go to "TASK EXECUTIONS", select the task entry, and then right click and select "History", it would show something like: 2018 Mar 22 16:06:58 Security product Failed Task failed Task failed in the security product There's no way to find out "why it failed" until I go directly to that system and do a manual check. Having some sort of reason why it failed helps the sysadmin to figure out how to get it updated, if it is at all possible.
  13. Interesting that I came across this topic as I'm currently wondering about this exact same issue. I have one particular instance in which I have a list of PUWAs and I have no idea how to just kill them without manually going to the particular workstation and regediting it or deleting it. So yes, I would appreciate a strict cleaning mode in which PUWAs are eliminated with extreme prejudice. Alerts should only be sent to the administrator as end-users are 'normally' clueless with what to do with them.
  • Create New...