SysEPr
-
Posts
39 -
Joined
Posts posted by SysEPr
-
-
Description: Color code failing tasks
Detail: The server used to color code the tasks that are failing. I'm running the latest ESMC, and now, that doesn't happen, and I have a hard time figuring out which tasks are failing. Is there a way to color code it again, or where can I see it? All I get is a generic email saying: "At least one client task has invalid configuration and therefore will fail."
- MichalJ, VChap and Aryeh Goretsky
-
3
-
18 hours ago, sepiemoini said:
Greetings, all! @TomasP @brandobot I too am testing this in Jamf for a client and was wondering if you could share your configuration profile details.
More specifically, here's what I was also able to confirm:
codesign --verify --verbose /Applications/ESET\ Endpoint\ Security.app /Applications/ESET Endpoint Security.app: valid on disk /Applications/ESET Endpoint Security.app: satisfies its Designated Requirement vm-admins-MacBook-Pro:~ vm-admin$ codesign --display --verbose /Applications/ESET\ Endpoint\ Security.app Executable=/Applications/ESET Endpoint Security.app/Contents/MacOS/esets_gui Identifier=com.eset.ees.6 Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20200 size=39438 flags=0x0(none) hashes=1227+3 location=embedded Signature size=9053 Timestamp=Jan 29, 2019 at 1:05:07 PM Info.plist entries=29 TeamIdentifier=P8DQRXPVLP Sealed Resources version=2 rules=13 files=424 Internal requirements count=1 size=176
Based on the above details, I would like clarification on what should be entered in the Code Requirement field within the Jamf Pro PPPC payload that has since become available natively in the web console. Keep in mind that the above details are consistent with what others have previously posted. Can you please verify these details? I have provided a screen capture below for reference.
I have a hunch it's this:
identifier "com.eset.ees.6" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = P8DQRXPVLPI'm not sure if the validation is necessary, but otherwise, your hunch is right.
-
A really small thing, but a rather annoying one:
Description: Take focus of the 2FA field
Detail: When two factor is enabled and you try to log in, you are prompted for the code. The field is highlighted in red, but the focus is not there - you have to first click it, then you can enter the code. It would be nice if we could just start typing the 2FA code in. Also, the highlight kinda suggests that the focus is there - but it's not, when you click it, it becomes a blue highlight. -
@MichalJ Thank you! I really hope it gets changed in the right direction, and those features start working again
Also, it might be more of a bug report, but:
Description: Windows live installer can't be extracted by double click on macOS
Detail: When you generate a live installer in ESMC, and you download it, all of the installers are in a compressed format. The windows installer is a .zip file, but it is zipped in a way where if you double click it, macOS (tried it on High Sierra and Mojave) just gives an error: "Operation not permitted". You can unpack it with terminal or with different softwares, but the default double click that otherwise works with other zip files just gives an error. There might be some weirdness going on around the zipping, that results in this behavior. If you could make it more compatible, I would really appreciate it
-
On 2/23/2019 at 9:10 AM, Marcos said:
You can create nested dynamic groups, ie. dynamic groups under another dynamic group.
But that means its part of it if it's part of the one above, but how do you achieve a NOT scenario?
-
Description: Dynamic groups building on other dynamic groups
Detail: We would like to create dynamic groups where they can't be part of that group until they are part of another group. Let's say they have an outdated agent, and until that is not resolved (a.k.a they are part of that dynamic group), they can't be part of a different dynamic group that says that they have to be not part of that other one. -
Description: Run task with limited permission set
Detail: Our admins have limited permission sets on ESMC, meaning they don't have "write" access for the "Software install" and "Run command" client tasks, only read and use. We have software installation tasks pre created, that install the ESET Endpoint security. If they select clients, they can run these tasks on these clients (via the "Run task..." command), but when they try to use it from the "Last used tasks" context menu, it's grayed out, or when they try to rerun a task also from the context menu on the device details page under task executions, they get a "Failed to run task: no access" message. It doesn't make sense, because they can just select "Run task...", and run it that way on the clients, and it runs perfectly, however, it's way more steps that could be jut one click. The same permission set on ERA used to give the same error message on the device details page, but it used to work perfectly from the context menu under the last used tasks, which made sense, and was less annoying. On ESMC I think the expected way it should work is that both should work (they should be able to create triggers, since that's what those features do), they just shouldn't be able to create an actual new task "Software install" task. -
Description: Create dynamic groups for the following problem: "macOS is preventing ESET Security Product from accessing some folders."
Detail: I would like to create a dynamic group for computers with the following problem, but I can't select this problem at the new template creation, even though it's a reported problem, it's not in the list: "macOS is preventing ESET Security Product from accessing some folders." -
I'm having the same issue. @TomasP is it possible to send me the beta build as well?
-
Thank you very much for the fast response!
-
Hi,
we want to install the new ESMC 7 on Linux in Amazon (AWS) EC2. Does the database have to be on the same server, or can we use "Amazon RDS for SQL Server" or "Amazon RDS for MySQL" for the database? The DB would be in the same region. If so, which one would you recommend? MSSQL or MySQL?
Thanks!
-
I would like to try out this version as well.
-
I also would like to join the test, and try it out! :)
-
Description: ESET Secure Authentication should support fingerprint and push notifications
Detail: I think there should be alternative 2FA options available, but if it's not an option, the ESET Secure Authentication app should support push notifications (something like Steam does), and fingerprint authentication as well to the PIN. It would be also nice if you could approve it with one touch instead of typing a code in, something what Authy or OneLogin does with their native solution.
-
Description: Policies - make "Antivirus--Real-time file system protection--Scan on" settings individually controllable for ESET Endpoint for macOS (OS X) and Linux
Detail: The "Antivirus--Real-time file system protection--Scan on" setting is individually controllable on ESET Endpoint for Windows. This means that you can individually enforce the File open, File creation, File execution settings one by one with a policy. Meanwhile, in an ESET Endpoint for macOS (OS X) and Linux policy, if one of them is set, all of them will be enforced with the given settings.
-
Just now, MichalJ said:
@SysEPr It is already integrated in the ERA agent.
You can run a task "software uninstall" where you can choose the option to use the AV Remover, to clean "supported applications".
Then why can't you determine, whether an application installed is a security product or not?
-
3 hours ago, MichalJ said:
Security Product column refers only to a "ESET" product. We can´t determine, whether the application installed is a security product or not. Also, as this is rapidly changing, it might be difficult to update it regularly. The best would be to either create a dynamic group, focusing on specific vendors, or create a report of "all installed apps" and then manually searching for a specific app / vendor.
Can you integrate the ESET AV Remover tool into ERA? It can detect AV-s, remove them, and you have a list in your KB site with all the AVs that it can handle.
-
Description: Report setting changes from the client side
Detail: It would be nice if we could configure the agent to report somehow (in an way that's easy to see/report) if a user excludes a folder, turns off parts of the file scanning, etc... Currently, it only reports if the whole thing is turned off, but there are other (non reported) ways to achieve the same things. You can request the configuration one by one currently, and check it manually, but that's not easy, and very time consuming.
-
Found it, thanks! It just took more time to show up
-
I have multiple Two-Factor Authentication tokens in the ESET Secure Authentication app. How can I remove the ones that I don't need anymore?
-
Hi,
I have a question regarding the "Export Managed Products Configuration" task. Where is it exported to? Is it on the client machine, is it on the server, can it be viewed on the ERA console? It successfully ran, but I'm a bit stuck
Thanks!
-
On 01/02/2018 at 7:48 PM, MartinK said:
Could you specify in what order you installed AGENT and EES/EAV on macOS? By removing and installing manually, which of two mentioned products you are reinstalling to make it work?
Do you have any idea why is this happening, or how can we troubleshoot it?
-
We are running ESET Endpoint Security 6.5.600.1 on macOS High Sierra 10.13.3. We have ran into an issue that when a development environment wants to run different things, it spins up local webservers on the computer on different ports, but it can't access it, because it gets blocked by the firewall, even though it's running on the same computer. How can I fix this, so it doesn't interfere with the local server, but the computer still stays protected from the outside?
-
We are running the following:
ESET Remote Administrator (Server), Version 6.5 (6.5.522.0)
ESET Remote Administrator (Web Console), Version 6.5 (6.5.388.0)
Microsoft Windows Server 2012 R2 Standard (64-bit), Version 6.3.9600When you go into the computer details, and modify the parent group and assign a user at the same time, then hit save, the assigned user is not saved. Is this a know bug?
Thanks!
Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)
in ESET PROTECT On-prem (Remote Management)
Posted · Edited by SysEPr
Description: Ability to automatically rerun failed tasks
Detail: As far as I know, it's not possible to automatically rerun failed tasks (for example, a software deployment). It would be nice, if I you could set at the task to try to rerun it x times a day if it fails, and stop after y days for example if it still fails. We would use this to try to rerun failed installation tasks.