Jump to content

Mirek S.

ESET Staff
  • Content Count

    69
  • Joined

  • Last visited

  • Days Won

    1

Mirek S. last won the day on October 31 2018

Mirek S. had the most liked content!

Profile Information

  • Gender
    Male
  • Location
    Czech Rep.

Recent Profile Visitors

922 profile views
  1. Hello, MultiAgent(s) trace log verbosity is determined by MDMCore trace log verbosity. It's also possible support directed You to create traceAll file which overrides this configuration (so just delete it) As a sidenote (and possibly solution) there was issue with ScanLog processing which produces periodically multiple errors inside MultiAgent logs, this is fixed in service release - AFAIK this was released into repository so You can upgrade via component upgrade task. HTH.
  2. Hello, It's possible CloudFlare incorrectly caches some parts of configuration editor and returns out-of-date data causing this. Please create HAR log @PavelP mentioned it might help us determine whether issue is with CloudFlare or webconsole itself. Ideal would be to have tomcat access log paired with this log to determine which requests made it to server and which did not. Thanks.
  3. Hello, We checked multiple browsers to identify which one produces this error (seems like you posted chrome error), However for future reference (and potentional improvement) can you please answer following? browser(s) (in case of IE ideally export security settings for security zone console is in) - you already said you tried multiple, however platform/browser still matters for reproduction. webconsole behind reverse proxy/application firewall ESET (or other) product with TLS filtering enabled installed on computer connecting to console Any "uncommon" setup you can think of This issue can arise in case _some_ https requests on same site (in this case as Pavel said seems like js script) is blocked from download. Which in case of TLS (to my knowledge) requires MITM interception (product/WAF/RP/actual attack) or extremely restrictive browser rules. Thanks, M.
  4. Hello, Please create support ticket for this. Currently this is not well handled issue as installation after pressing cancel actually removes relevant log files (startup of Agent which fails due to which logs which should identify cause of failure are erased - too many witches) When message box is open - i.e. don't cancel it until logs are collected (failed to start) please run eset log collector and provide those to support, it should help us to determine cause of this issue in future. HTH
  5. "Error during policy application on device" means device declined configuration profile for some reason - there is sadly no standard way how this is reported in ESMC, nor does Apple tell us anything specific. What you posted actually points out there is issue with UUID generation inside conversion between our and Apple format. We will have to check conversion into configuration profile - it's possible there were some changes which broke this functionality on newer iOS or with Your use-case. Please test this without using user attributes (just put in real values and apply on phone instead), to check if issue persists. We will need iOS version, exported policy, used user attributes (if there are for example special characters...), MDM version and configuration module version on MDM. Please create support ticket (and tell Your distributor to directly forward it to MDM team as there is most likely nothing they can do), or post here (secrets in attachment, only eset stuff can see those) Bad news is this is probably bug, good news is we can probably fix it faster than standard ESMC release cycles as most code related to this functionality is in updateable module. As a side note, we did not manage to reproduce the issue. So to check we will need above specified.
  6. Hello, V4-V5 producs are managed by so-called Legacy Connector (component of Agent). This component does on-behalf-of licensing for these products - if activation succeeds products are configured with license and/or update username/password whichever is applicable for such product. I'm actually unsure if it's still possible to manually set update username/password without those being overwritten by Agent. (This really is on per-product basis and what their product team decide - to expose update parameters in product policy or not) Please upload Agent log (error line should contain "EcpCommunicator") in trace severity (or create support ticket). It's possible something blocks communication with eset licensing servers (edf.eset.com:443) or there is other issue. Offline license file is not supported for on-behalf-of activation as format changed between V5 and V6 line. HTH
  7. Hello, The "Name" (in my example a0) is essentially just identification for You (so put there whatever makes sense to You). Assume You wanted multiple exchange or VPN (etc...) configurations, You would need to address them in policy editor somehow. I also think (unsure would have to check code), iOS configuration profile is filled only if all attributes specified in policy editor are non-empty. Imagine user = set of attributes. user1 = { exchange { mydomain { email = "my@email.com" login = "me" } myshadowdomain { email = "othermy@email.com" login = "otherme" } } } Such attributes are then available in policy editor in a slightly different format of exchange_email/mydomain or exchange_email/myshadowdomain. (Where mydomain and myshadowdomain are Name). This is not only for multiple configurations, but also as MSP support where multiple companies are managed in one ESMC. TBH seeing this I'm unsure why we did it this way as both hierarchical "exchange/mydomain/email" or flat list makes more sense. HTH
  8. Hello, The attributes are configured in the synchronization task. Then each device needs to have a user assigned. Such variables are then replaced in configuration delivered into the phone. If a user is not assigned or attribute synchronized (or defined manually) block of configuration (exchange mailbox etc...) is actually removed from the device configuration profile. Meaning that attributes synchronized as Are available in policy as Which synchronized attribute should map to what really depends on Your AD schema. HTH
  9. Hello, Per-chance is device supervised? (This is not officially supported, but can be done even without ABM/DEP) You may attempt to run Antitheft task "Turn off lost mode" it should work (that is reset internal flags which cause lost mode reported) However IIRC there was an issue with this task in the official release (which is fixed in upcoming service release). You might want to contact support for an unofficial hotfix. HTH
×
×
  • Create New...