noorigin

If all you want to know is if it's on a known work network or not is instead of trying to figure out what their home network is, why not just specify YOUR networks at the job and notify on anything else? Kinda looks like you have it that way in the screenshot. If it doesnt equal a 10.x.x.x network, notify me.

Yeah, I am not seeing a way to exclude processes with variables. Maybe someone else has some bright ideas?

Yes, you can do this. Been a while since I set it all up but instead of using the IP address you would need to use a public FQDN and open a hole in your firewall for the port. I cannot recall exactly where you make those changes in ESET but it has to be in MDM connector policy somewhere, or maybe server settings. Be careful changing names like that though, make sure all your certs are in order.

C:\Users\*\AppData\XXX is how I manage it on terminal servers. Haven't had any issues so far. The warnings are more for some idiot that thinks its OK to do an exclusion on something like C:\ProgramData\*\logs or something asinine like that. The other warnings, performance?, nah. Non issue. Rule order and evaluation, sure that could be a problem, but just enforce that rule in policy. For the users folder, I don't see any issues.

I want to use ECA. We currently use Protect locally on a server. When I get into EBA I don't see anything regarding ECA. All the guides mention a license. Is there a specific license for ECA?

Just to follow up, in the end I reinstalled v7.2 and everything is now OK. I'll be waiting for v8 before doing any more upgrades.

I honestly did not check version number before the update but it is highly likely that they were v7.1 or later. The one server i am having a problem with is a session host in a RDS collection. All the hosts were built from a template at the same time. All are identical. But this one is pitching a fit, others are fine. Doing a install repair on it now to see if it helps.... At lease we all know now there is a definite risk upgrading from pre-7.1 to current.

This is important guys.... with no ETA on v8 and some of us managing dozens/hundreds of servers, we really need to kinda know if it is safe or not to upgrade. I have a few dozen more to do but am terrified RTFP wont work and my only recourse is to reinstall the OS. Can you give us ANY guidance at all regarding what to look out for before upgrading? I feel like there should be an announcement on the front page or something....

Would an over the top install (reinstall without wiping) work? How do we check OOBE status before updating other servers?

So what is the issue? Simply saying " you gotta reinstall the OS" then dropping the mic and walking away is not cool. Does this mean we all run a risk of OS reinstallation when upgrading ESET FS? How can we update and NOT be affected by this, or at least know if we will be? Anywhere we can read more about this "known issue"? More info please!

Ill reupload the files. I saw a response in another thread regarding the OOBE. The thread mentioned a reg key to check. That key is present on this server if it makes a difference.

msg sent

I got one server out of several dozen that has a problem after the update to File Security 7.3.12002.0 I initially pushed it out via ESMC. I have tried reinstalling, uninstalling/reinstalling, safe-mode esetuninstaller, using an AIO installer, run repairs. nothing I do can get it to work. What should I try next?

Issue resolved. Had to launch a browser in incognito mode and it let me in with local admin creds

Windows Server 2016, ESMC with MDC Went to upgrade to 7.2 and now about 2 hours later I cannot log in to the console with either domain or local creds. I know ESET has gone to LDAPS so that would explain domain logins but not local admin. What are some steps I can try to regain access?

Not sure what they need it for. Whats the workaround?

I did try on 2 of the EES clients earlier today

Now that is strange. I wonder if it caches recent domains or something. So keep in mind this issue is affecting multiple machines, servers and desktops. One of my TS servers does not have that file. The other TS servers other do. Spot checking a few other servers and they are missing the file as well. All of the desktop clients (EES) that I have spot checked are missing it too.

Good catch, that works for me as well. More of a workaround but it works.

ESET Log Collector results efsw_logs.zip

Marcos, What are the ESET Log Collector logs and how do I get them? Also, I dont see certcache.dat in that directory.

Not at login, this is happening on the home page. Cannot access home page. Haven't even tried to login. The "Exclude communications with trusted domains" is enabled. Clearly something is going on with ESET. With Web and Email->protocol filtering enabled I just cannot get to the site at all. Nothing. With Web and Email->protocol filtering disabled i can get the site to load, but with cert errors. From another machine with no ESET it all works. Is there a way to view the built in whitelist for trusted domains in ESET? If its a trusted domain that shouldnt be scanned, but clearly ESET is doing something with it, then maybe that domain is not in the whitelist on this machine? FYI, there are multiple machines affected it seems.

With ESET enabled With Web protection disabled And the cert info with ESET web filter disabled And finally the cert info from an unaffected machine where the site loads fine, thumbprints match Both machines these screenshots were taken from are on the same network.

Actually found it, yes its enabled

You mean like this? or like this?