Jump to content

whitelistCMD

Members
  • Posts

    86
  • Joined

  • Last visited

Everything posted by whitelistCMD

  1. So I should run the Agent Live installer batch from the server 2 separate times?
  2. So if I create a Live agent (6.5.522.0) installer from new and second ERA (with correct certs and settings), then drop it on the desktop of a server with an agent (6.3.136.0) pointed to Old and First ERA, and then Run the live installer as Admin; the result would be a rewrite of the config and an upgrade to the agent? I'm not sure what you meant by manually? Is the scenario I just described above, considered manual? Thanks for the help.
  3. Hello, I may have a bit of a unique situation going on, and I'm not entirely sure how to address it properl?. Long story short, we have two different sites. Initially, when we switched to ESET from Kaspersky, I deployed agents out to both sites from ERA at first site. For audit reasons, it has been decided to split the two sites. I deployed a second ERA to the second site, configured everything and am now set to go over there, with a successful install on a new server already completed. I've since removed all the AD syncing, etc pertaining to the second site, from the first ERA. My question now is this: All the agents in the second site are 6.3.136.0 and I have 6.5 ERA deployed in second site; is it enough to run a components upgrade task from the second ERA on any of those servers from the second site in order to re-write the agent configuration and have the newly upgraded agent point to the second ERA at that second site? Let me know if I need to clarify anything. Thank you all in advance.
  4. I just wanted to give a quick thank you to everyone who commented in this thread. I did the upgrade yesterday morning following everyone's advice. It went very smooth and took about 35 minutes to complete. I sincerely appreciate all the help. It made my day yesterday and probably the rest of my week, so thank you. I do have one question in regards to the repository... I can't find a package for ESET File Security (English) that says it's compatible with Windows Server 2003 - 2016. I only see one for 2003 and 2008. Is there a typo, or is there another version coming soon? Thanks.
  5. Thank you, jdashn. Your post has given me quite a bit more confidence. I'm putting in my change ticket now, and I should be pulling the trigger by tomorrow morning. I'll keep this post updated with my experience. Thanks again.
  6. Perfect. This is what I did last time and it saved me from catastrophic failure. I'm just trying to make sure I get all the details correct. I need this to go as smooth as possible. So, here I am sitting here making sure I have everything covered. I have the ERA Components Upgrade Task pointed to the new repository. I removed all unique characters from password. I'm trying to make sure I don't have any tasks in progress right now, but is there anything else to be checking?
  7. I'm currently using the ERA OVA. How do I backup the database before the move? I have the webmin feature enabled if that helps?
  8. Can anyone comment on the process for upgrading from 6.4 to 6.5? I've only done one upgrade which was actually a migration and because there was a lot of problems, it was actually done for us over the course of a couple of days. There was issues with authentication, and a mess of other things. I'd like to avoid that this time, but the knowledge base doesn't reference 6.5 in the upgrade article. Does anyone have any professional insight on a true upgrade (not migration) from 6.4 to 6.5? Below is what I have running right now... ESET Remote Administrator (Server), Version 6.4.304.0ESET Remote Administrator (Web Console), Version 6.4.280.0 CentOS (64-bit), Version 7.3.1611 Thank you in advance.
  9. This issue seems to be resolved now. I tried installing on three different servers this morning and all were successful on the first attempt. No changes were made on our side. Thanks for the help.
  10. Ok, I've sorted through all the transmissions to your servers and it's loaded with TCP Spurious Retransmissions and TCP Out-of-Order segments. This is happening regardless of what server I run the task on. So, we either have an issue at our edge (we're not experiencing any other connectivity problems elsewhere to the Internet), or there's a problem with the connection to your servers. Do you have any suggestions? Has anyone else been experiencing this issue? Thanks for your help.
  11. Ok, I'm still sorting through the wireshark capture, but I can see right away that there are (over 100 so far and I've hardly put a dent in it) TCP out-of-order transmissions to your servers. I'll keep digging to see what else I can find.
  12. I've tried rerunning task, but the results are the same. The tasks are still failing. We're in the US. I'm running wireshark now to see if I can see anything during one of the tasks.
  13. We do not use a proxy. Do you by chance know what it is exactly that is trying to be read? I guess what I'm asking is, do I need to be looking at the server that the application is being install on, or do I need to look at the ERA OVA itself? I'm not sure where the call is being made from that is having issues?
  14. As of recent, I've been getting this error a lot during an application install (it doesn't seem to matter if it's Endpoint Security or File Security). What's even more odd is sometimes the application ends up installing and sometimes it doesn't. Can someone please provide some direction in getting this resolved? Thanks, Task failed, try to install software manually. GetFile: Error reading HTTP response data (0x4e2a)
  15. Is there an official date for the 6.5 release? I need to deploy another ERA and I'm wondering if it's close enough that I can wait to avoid having to upgrade soon after deployment. Thanks.
  16. I've been running a lot of Rip N Replace packages in our environment lately; mostly servers. These servers had Kaspersky v10 installed previous to ESET File Security. I noticed that while running the Rip N Replace package, an application shows up titled "Kaspersky_DirRem" (this appears at the root of C:\ which is where I drop the Rip N Replace package). However, after logging off of the server and logging in a few days later (servers were not rebooted during this time), the application Kaspersky_DirRem is gone. Just curious if anyone could shed some light on why this application is created during Rip N Replace, what it's specific purpose is other than the obvious, whether or not I should be doing something with it, and is it normal for it to get disappeared after some time? Thanks in advance for any info you can share.
  17. I'm currently building out our policy for our domain controllers running on Windows 2008 R2. I'm curious, what settings if any are recommended for this policy, and what exclusions should be made in order to not impact performance? Also, does "Windows Server" under automatic exclusions list cover all the recommended exclusions even for domain controllers?
  18. We currently have Web Control enabled and it works flawlessly. Currently we're applying the Web Control Rules to User SIDs. The User Management list we currently have populated for this does not contain machine accounts. We're using LDAP Queries to populate this current user list. Here's my problem: We have one unique case where a user needs to use a local administrator account on his machine, so turning on Web Control for this user won't work. My question is: Is it possible to use machine SIDs for Web Control, and if so, what do I need to change/add in the User Group Sync task in order to get machine SIDs to show up?
  19. Ok, I wasn't aware that a machine was then able to pull cache from the proxy. I will have to look into that then. On the other note, is there currently any way that we can delay the check-in for the signature updates? If we were able to delay the agent from checking for approximately 5 minutes, we could avoid the error alerts that we receive. Or is there a way to delay the errors? The errors come in approx 1 hour later, and by that time the machine has already updated. At least, most of the time.
  20. OK, that's good to know in regards to AutoSelect. We have a fairly large pipe in comparison to the amount of machines we have. Will a proxy solve the issue of the update failing three times, or just limit the bandwidth? If we get an alert e-mail coming from the ERA it says "Server Not Found". This is on machines that have had an existing ESET install for quite some time. If it's on a new install, it will fail the update task shown in the ERA, and if it's done from the Endpoint Application then at that point, I believe it's "Undocumented Serious Error 0x1106" ? The odd variable in all of this is the fact that this doesn't happen on all machines. We see it a lot with remote users who have not connected for a few days, or fresh installs.
  21. Eventually the Endpoints all update, but they fail a few times before, which triggers alert e-mails. We don't use a proxy (prob not necessary for our size), and the updates are set to AutoSelect - so they can pull from ERA OVA or from the ESET Servers (at least that is how I understand it). The problem with the two hour window is people aren't always online for two hours. I wouldn't expect this to happen in 5 minutes, but 2 hours is a little excessive for what I would consider a small signature update. When the update does actually complete, from the time it starts to the time it finishes, is only a few minutes, if that. If we kick off the update manually from the Endpoint Application, it usually works on the third try. I just saw this happen this morning on a new computer and new ESET install.
  22. We have quite a few computers that always seem to fail the virus signature database update. There's no rhyme or reason to it, and the issue exhibits no pattern. It happens a lot on new installs, or computers that have been offline for a while? It looks like we have a couple different update signature tasks, and I'm not sure if some got carried over from ERA migration and possibly some rolled over from doing our proof of concept? Anyways, what I'd like to do is clear out all the update signature tasks and create 1 single new task with the correct settings. What are the recommended settings for this task? I've heard some mention turning of shared local cache, or clear cache update in the task itself. Any suggestions?
×
×
  • Create New...