Jump to content

ewong

Most Valued Members
 View Profile  See their activity

  • Posts

    297

  • Joined

  • Last visited

  • Days Won

    2

 Content Type 

Posts posted by ewong

    ELA vs. EBA login credentials

    in ESET Licensing for Business

    Posted · Edited by ewong
    fix topic

    Hi,

    Upgrading to v7,I noticed that there is a EBA and no ELA.  Can someone clarify what the difference between those two are?  I've used ELA previously and I don't see any buttons to send me to the ELA site (in the License Manager) but there is a button to go to the EBA.

    Now reading previous threads, I came across Marcos stating that ELA is going to be discontinued and EBA will be the go-to site for license administrations.  What I'm wondering is whether or not the login credentials for ELA are automatically created in EBA or do I need to create my own?

    Thanks

    Edmund

    Agent or AV not detecting the right IP

    in ESET PROTECT On-prem (Remote Management)

    Posted · Edited by ewong

    My system has two NICs (192.168.0.12/24 and 192.168.10.12/24). 

    When I first synchronize the static groups, and give ESMC time to populate and update, I find that my system's IP is showing the 2nd one and not the one that's within the same network as the ESMC server (I'm wondering if this explains why it's not able to connect to the ESMC server).

    Which of the app does the detection of the IP?   The AV or the Agent?   and more importantly, how do I tell that application to use the same one as the ESMC's network?

    [I'm now quite confused.  The agent can obviously contact the ESMC server, since if I disable the Windows Firewall, the ESMC server knows about that and alerts me.  Yet it can't contact the licensing server?  I'm wondering (if it's even possible) that because it's showing the 2nd IP,  the licensing part of the AV system tries to connect to the licensing server via the 2nd network interface (which has not route to the Internet) instead of using what the Agent uses.  Probable?]

    Thanks

     

    Edmund

    Product Activation w/ task set in ESMC

    in ESET PROTECT On-prem (Remote Management)

    Posted · Edited by ewong

    I have disabled both the Windows Firewall  and the 3rd party firewall, and still it's not activating.

    What I don't understand is that once I had disabled the Windows Firewall,  ESMC adds another Alert to my system (saying the Windows firewall is disabled), so I *know* the Agent is talking to the ESMC server.   That said, looking at the below log:

    2018-12-19 02:40:48 Error: CReplicationModule [Thread 12f8]: InitializeConnection: Initiating replication connection to 'host: "avsrv.local" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "avsrv.local" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Endpoint read failed, and error details:
    2018-12-19 02:40:48 Warning: CReplicationModule [Thread 12f8]: InitializeConnection: Not possible to establish any connection (Attempts: 1)
    2018-12-19 02:40:48 Error: CReplicationModule [Thread 12f8]: InitializeFailOverScenario: Skipping fail-over scenario (stored replication link is the same as current)
    2018-12-19 02:40:48 Error: CReplicationModule [Thread 12f8]: CAgentReplicationManager: Replication finished unsuccessfully with message: InitializeConnection: Initiating replication connection to 'host: "avsrv.local" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "avsrv.local" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message:  Endpoint read failed, and error details: Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: avsrv.local:2222, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: ad0f9505-a908-42bd-b46d-5f5e8984e0ae, Sent logs: 0, Cached static objects: 47, Cached static object groups: 9, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]

    Looking at the above carefully, I think I'm beginning to know what the problem is.  Since ESMC has no HTTP Proxy, my system is basically connecting to nothing; but since in the AV, the proxy server setting is greyed out,  I'll need to uninstall the current AV and install it via GPO again but using the non HTTP Proxy setting.

    Edmund

     

    PS: As a side note, that "Ignore language when deploying the Antivirus via GPO" isn't such a good idea.  As when I went to uninstall the item through the control panel (Windows 8.1), it's in Bulgarian (or Russian..can't tell).   I only guessed what the uninstallation process entailed.

     

    Product Activation w/ task set in ESMC

    in ESET PROTECT On-prem (Remote Management)

    Posted

    The trace.log has the following:

    2018-12-17 06:06:48 Error: CReplicationModule [Thread 12f8]: SendRequestAndHandleResponse: Rpc message response AUTHENTICATION_FAILURE (Token status: TOKEN_INVALID) -> Request new session token and resend replication request
    2018-12-17 06:06:48 Warning: CReplicationModule [Thread 12f8]: GetAuthenticationSessionToken: Received failure status response: TEMPORARILY_UNAVAILABLE (Error description: session token temporarily unavailable, device is not enrolled yet)
    2018-12-17 06:42:31 Warning: CPushNotificationsModule [Thread 16ac]: Failed to configure EPNS resource (retrying in 5120 seconds): Error calling PNS API 'PnsRegisterClient' (return code = 19108)
    2018-12-17 08:07:39 Warning: CPushNotificationsModule [Thread d20]: Failed to configure EPNS resource (retrying in 10240 seconds): Error calling PNS API 'PnsRegisterClient' (return code = 19108)
    2018-12-17 10:06:23 Error: CUpdatesModule [Thread 1a94]: PerformUpdate: Module update failed with error: Could not connect to server. (error code 8449)
    2018-12-17 10:58:19 Warning: CPushNotificationsModule [Thread b0]: Failed to configure EPNS resource (retrying in 20480 seconds): Error calling PNS API 'PnsRegisterClient' (return code = 19108)
    2018-12-17 15:06:20 Error: CUpdatesModule [Thread 1910]: PerformUpdate: Module update failed with error: Could not connect to server. (error code 8449)
    2018-12-17 16:39:39 Warning: CPushNotificationsModule [Thread 1d30]: Failed to configure EPNS resource (retrying in 21600 seconds): Error calling PNS API 'PnsRegisterClient' (return code = 19108)
    2018-12-17 21:06:20 Error: CUpdatesModule [Thread 368]: PerformUpdate: Module update failed with error: Could not connect to server. (error code 8449)
    2018-12-17 22:39:39 Warning: CPushNotificationsModule [Thread 4b4]: Failed to configure EPNS resource (retrying in 21600 seconds): Error calling PNS API 'PnsRegisterClient' (return code = 19108)

    To note, my system's time has a 1 minute difference with the ESMC server.  Could this be an issue?

    Thanks

    Edmund

    Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)

    in ESET PROTECT On-prem (Remote Management)

    Posted

    Description: Showing (or downloading) debug logs when tasks fail.

    Detail: Somewhat similar to my previous feature request, having the debug log generated during the task (akin to trace.log) and when it fails, there is a link to download the log file for that particular process.

    Rationale: It's to allow the Remote Administrator to figure out what is going on within the process without needing to go into the client's workstation.

    Product Activation w/ task set in ESMC

    in ESET PROTECT On-prem (Remote Management)

    Posted

    I was incorrect in my assumption that it didn't pick up the install_config.ini file.  It did.  I basically went into the Agent logs and discovered the following lines:

     

    2018-12-17 02:21:47 Error: CReplicationModule [Thread 16e8]: InitializeConnection: Initiating replication connection to 'host: "avsrv.sys.local" port: 2222' failed with: Request: Era.Common.Services.Replication.CheckReplicationConsistencyRequest on connection: host: "avsrv.sys.local" port: 2222 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Endpoint read failed, and error details:
    2018-12-17 02:21:47 Warning: CReplicationModule [Thread 16e8]: InitializeConnection: Not possible to establish any connection (Attempts: 1)

    So either the password is bad (though I'm wondering about the empty name) *or* something is blocking port 2222.  I've checked the avsrv's firewall and port 2222 is opened to all incoming traffic.  So I'm looking at the name being empty and seeing if I can reset the password.

    Edmund

     

     

    Product Activation w/ task set in ESMC

    in ESET PROTECT On-prem (Remote Management)

    Posted

    Actually, I think I might know what might be the problem (though I don't know how to solve it yet).

    How did I install the ESMC agent/av on the systems?  via GPO policies (+ install_config.ini),  though I'm not entirely sure *if* the installation actually read the install_config.ini. (Does anyone know a way to find if it picks it up?)

    So what I *think* is happening is that while the Agent + AV is installed,  it isn't picking up the install_config.ini and ergo, it's trying to connect to no where to activate the product.

    Edmund

     

    Product Activation w/ task set in ESMC

    in ESET PROTECT On-prem (Remote Management)

    Posted

    I'm completely befuddled as to why the Product Activation process on the ESMC.  Having created a new ClientActivationProduct task to activate the product on my system, I set it up and have it run ASAP.   However, after a bit, it would say "Task Failed" with no errors and other messages.  I looked at the event viewer on my local system and couldn't find anything corresponding to the attempt.  In hindsight, since it's a 'network' thing, I doubt it would have anything to do with the activation.  

    I can ping the activation server from my system, so the next thing I'm looking at is the firewall.

    I can manually activate the product, but I don't think it is a viable option for anything other than my system and it defeats the purpose of having a Product Activation task.

    So what I'd like to know is how I can troubleshoot why the task failed?   With all due respect, "Task failed" is not helpful at all.

    Thanks

    Edmund

    agent_x64 msi installation via manual & gpo

    in ESET PROTECT On-prem (Remote Management)

    Posted

    Having struggled with getting the clients to install via GPO, I'm at a loss as to what I'm doing wrong.

    Here's what I've done:

    1. Downloaded the Agents from ESET's website (both x86 and x64).
    2. Created a GPO install_config.ini and saved it (along with the two agent files) to a domain-accessible dir.
    3. Created a GPO policy that installs the Agent (that upgrades the older version)

    Now when the user logs on, it should theoretically uninstall the old Agent and after another reboot, it should install the new one.

    Unfortunately, it doesn't do that.   While it does take a few minutes to boot up, nothing changed.

    The *worst* case scenario is me going to each client and running the same process as mentioned above. [That isn't something I want to do, for obvious reasons].

    Might anyone have any advice/suggestions?

    Thanks

     

    Edmund

    agent_x64 msi installation via manual & gpo

    in ESET PROTECT On-prem (Remote Management)

    Posted

    I am having some difficulty installing the Agent_x64.msi on the ESMC server (via both GPO policy and manual running using 'msiexec /q /lv ./agent.log Agent_x64.msi ') and have come across some weirdness in the installation process.

    After running the installation via GPO, I find an error 1603 for the msiinstaller process in the Event viewer.  When I manually ran the installation and despite it saying it has installed properly, I still don't see the ESMC agent listed in the control panel's appwiz.

    After checking, I noticed that there was a new folder in c:.   c:\programdatafolder  that contains all the ESMC agent files.   I even tried doing "msiexec /q /lv ./agent.log /a Agent_x64.msi ERA_ProgramData=c:\ProgramData; but when I ran that I stil get c:\programdatafolder.  I took a look at the agent.log and noticed that at one point, it modifies the CommonAppDataFolder to c:\ProgramDataFolder.  So I set the CommonAppDataFolder=c:\ProgramData  as a property to the msiexec command.

    Unfortunately, while it recognizes my property change, it then changes it back to c:\ProgramDataFolder.    I then used Orca to check out the directory paths, and realized that CommonAppDataFolder is set to TARGETDIR, which is Empty.   So I used TARGETDIR=c:\ProgramData; but that just makes the msiexec create a ProgramDataFolder inside the c:\ProgramData.

    Thinking about it more, I changed the c:\ProgramData mention to just ProgramData.

    And now, it looks like it is installed; but, the ESMC Agent isn't added to the Program and Features list nor is it listed in the registry and installed as a service.  So I'm guessing manually using msiexec isn't the right way.  I tried manually adding the items to the registry (copied them from another server), but installing it as a service

    Can someone point out how to fix this?   I think the worst thing I can do is basically download the EXE and run that manually.

    Thanks

    Edmund

×
×
  • Create New...