Megachip
-
Posts
166 -
Joined
-
Last visited
Posts posted by Megachip
-
-
Set and apply policy on era agent to connect more frequently (for example every 1 minute). Try to restart ERA Agent or reboot the machine. After some amount of time, you should see MDC there.
Possible you're right. Looks like the agent hangs. Last entry in Agents trace.log is dated on 08.04.15. Last connection of the server to himself ^^ is on 16.04.15. Looks like this is not a very stable thing.
Any way to upgrade or restart the agent if the agent is not running/hanging?
Interesting, that not "product is not connected"-warning is generated...
Agent crashes on connecting MDM:
2015-05-05 11:02:49 Information: SchedulerModule [Thread 7f100bfff700]: Received message: GetRemainingTimeByUserDataRequest 2015-05-05 11:02:49 Information: Kernel [Thread 7f1029511700]: Used memory after modules start-up is 49712 KB 2015-05-05 11:02:49 Error: CMDMCoreConnectorModule [Thread 7f0fc97fb700]: Cannot connect to MDMCore using IPv6: Net Exception, Address family not supported 2015-05-05 11:02:49 Error: CMDMCoreConnectorModule [Thread 7f0fc97fb700]: Net Exception
After upgrading the Agent, the mdmcore is dead.
-
Sorry. Had to unmark the solution cause it is still not fully functional
Any ideas why server isn't listen in ERAS? Ports are accessible now. HTTPS works.
-
Maybe firewall is blocking this. Or look at MDMCore trace.log, if there are any errors.
your right. Thx again.
Seems all fine now.Still not seen the MDM in Mobile Device Connector Task (as described in 6.1.3.2.18 Device Enrollment ).
Possible there should be a bit more detailed and strait forward documentation
-
Hi Timos,
have still the problem, that I can't check if mdm is really successful installed:
root 21378 1 0 Apr29 ? 00:00:49 /opt/eset/RemoteAdministrator/MDMCore/eramdmcore --daemon --pidfile=/var/run/eramdmcore.pid
tcp 0 0 *:9980 *:* LISTEN tcp 0 0 *:9981 *:* LISTEN
but do not get any connection on port 9980 via https:(
iptables -A INPUT -p tcp -m tcp --dport 9980:9981 -j ACCEPT
-
...
thx a lot for this detailed informations. Looks like it answers all my questions but:
./MDMCore-Linux-x86_64.sh --webconsole-password="$secret" --db-type="MySQL Server" --db-driver="MySQL" --hostname=localhost --https-cert-path=mycert.pfx --db-admin-username=root --db-admin-password="$secret" --db-user-password="$secret2"
brings me to:
2015-04-29 15:41:58 Getting certificate from server... 2015-04-29 15:41:58 ./MDMCore-Linux-x86_64.sh: 1165: Error occured while getting certificates from server
===> Solution: Using FQDN (which is used in Certificate of ERAS) for --hostname
Now i get:
2015-04-29 15:51:58 Checking database connection and status... 2015-04-29 15:51:58 ./MDMCore-Linux-x86_64.sh: 1059: Connection to database failed with message: 65535
With the following entry in log file:
2015-04-29 15:56:08 Information: DbCheckConnectionAndStatus: Set output property: P_DB_ADMIN_CONNECTION_STATUS = 65535 2015-04-29 15:56:08 Information: ERROR: DatabaseException with error code '0' and message - Connection:Not applicable Server:Not applicable =========================== ODBC Diagnostic record #1: =========================== SQLSTATE = IM002 Native Error Code = 0 [unixODBC][Driver Manager]Data source name not found, and no default driver specified
odbc.ini and odbcinst.ini are Appliance default
Switching the driver to one which is listened in odbcinst.ini brings:
[unixODBC][MySQL][ODBC 5.3(a) Driver]Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
Socket on Appliance is located on /var/lib/mysql/mysql.sock
After fixing that:
Starting ESET Remote Administrator Mobile Device Connector [ OK ] 2015-04-29 17:05:11 Service started. 2015-04-29 17:05:11 Product installed.
-
Hi Timos, downloaded the era_mdm.ova ... but looks like there is eras inside. No MobileDeviceManagement
Will try your second solution...
-
Why ESET not using the net (rpc/ads) group command?
-
Would be one possibility. But it seems ironic for me, to have 4 (or more) virtual or physical machines to test one product.If possible, use ERA_MDM.ova in new virtual machine. It is the easiest way to install and manage Mobile device connector.
Why there is no all in one appliance?
Best,
meg
-
Interesting differences between this and last year
-
Hi there,
is there any guide/howto/step-by-step how to install the MDC on the Appliance?
Especially:
- where to find the https certificate
- which is the password for the certificate
- --db-use-existing-db= ... should this be the ERAS DB? Or is there no parameter necessary (as in example)
- which other params are needed?
Thx a lot,
meg
-
Changes now working. Didn't know if this is an ESET or Windows Update (10061)
Can confirm this for EAV. Thought it was a feature (that user can't change configuration) not a Bug. Didn't try the configuration via ERAS.All changes at on/off properties in extended configuration will not be saved. Neither manually modified nor configured using policy in ERAs.
-
Ok, this is very statically and I had to create 6 groups? On every new agent version I had to update these groups?Here you go. This was my original thread with solution:
https://forum.eset.com/topic/4216-era6-how-to-upgrade-agent/
The ERAS marks outdated Agents, so anyone know a possibility to use this information in templates?
Much more than nothing But hopefully not the final solutionthen dlaporte came along and used my notes to create a much cleaner set of instructions as a PDF
https://forum.eset.com/topic/4233-how-to-update-eset-remote-agent-step-by-step-guide/
yeah... with dynamic evaluation of the outdated fieldHere's hoping the next ERA version has an "upgrade agent" task......
-
Is there any possibility to create a dynamic group/template which collects all outdated agents? (and possible updates all agents of the clients in that group?)
-
@Marcos, no such warning/error listened. Where is your reply?
EDIT:
Possible this warning is generated cause of outdated operating system? But why "no agent connection" is shown?
-
Get the waring that agent is not connect, but agent is connect. how acknowledge/clear these warnings?
THX a lot,
best meg
-
mentioned this too in this thread. looks like the new V6 is still a bit unfinished for business
-
-
How to disable the logging of every not scanned file to the system.log?
(In client and via ERAS)
(For V5 and V6)
02.04.15 10:09:30,080 esets[265]: summ[01090500]: ESET Daemon: vdb=22415, agent=fac, name="/private/var/folders/gg/v_dc2wgj2r9d4f72t2vjz5sm0000gn/C/com.apple.internetaccounts/mds/mdsObject.db_", virus="", action="", info="Ereignis beim Erstellen einer neuen Datei.", avstatus="not scanned"
THX a lot,best, meg -
That's weird. I've just had a look at the installer hxxp://download.eset.com/download/mac/eavbe/eset_nod32avbe_en.dmgand it has the following information in it:
<p class="p1"><b>ESET NOD32 Antivirus 4.1.98.0</b></p>
<p class="p2"><br></p>
<p class="p3"><b>Installation instructions:</b></p>
I did not mean the readme, I mean the application version
-
Oh, I forgot anything in my question:
Did anybody run ESET Endpoint Security 6 products on Windows 10 Pro Technical Preview?
ESET Endpoint Security 5 and ERA remote console worked here on Windows 10, except HIPS, very well. EES 6 seems to run well too on Windows 10 with two exceptions:
HIPS doesn't work. (the same as EES 5)
All changes at on/off properties in extended configuration will not be saved. Neither manually modified nor configured using policy in ERAs.
Can confirm this for EAV. Thought it was a feature (that user can't change configuration) not a Bug. Didn't try the configuration via ERAS.
-
Hi Marcos & planet,
thx for the fast reply. As described "uninstall works", I can't check your questions and suggestions anymore.
But the problem with accessing webpages started at (as far as I remember) on 2nd of april. Sometimes after lunchtime (GTM+2). At this point web-control and firewall was disabled already.
The CSS problem exists since I've installed EES.
- Does the issue occur on a secondary browser?
Didn't test, but afair it worked in virtualBox.
- Are there any entries in the 'Web Control' and 'Filtered Websites' logs (Open EES, go to Tools > Log files > Log: and check the two) that list the websites that are not working?
Are these logs accessible after uninstalling?
- Lastly, are there any messages in the 'Events' log mentioning "Child process proxy" or anything severe (highlighted orange or red) that looks out of the ordinary?
02.04.15 12:25:07,879 esets[265]: error[01330000]: Protoscan Proxy-Agent: Text (0x151000e3:#{Reason}=336592977) kann nicht lokalisiert werden: Fehler beim Scanner-Aufruf 02.04.15 20:25:13,584 esets[288]: error[033b0000]: Protoscan Proxy-Agent: Text (0x1510002d:${Addr}=:80|#{Reason}=336592983) kann nicht lokalisiert werden: Fehler beim Scanner-Aufruf02.04.15 20:25:13,584 esets[288]: error[033b0000]: Protoscan Proxy-Agent: [0x7eb5f000] CONNECT - c_fd=22 s_fd=-1 c_addr=::1:50729 s_addr=2a00:1450:4008:800::100d:80 pid=407 ppid=1 uid=501 ruuid=501 gid=20 app_name=com.apple.WebKi app_path=/Applications/Safari.app/Contents/MacOS/Safari
The following errors seems occurring frequently (but not in the timespan where the problem occurred. Can't remember if I had these problems on the other location (which the 22:XX logs matching) too.
02.04.15 22:54:59,902 ReportCrash[1758]: Saved crash report for esets_proxy[1355] version ??? to /Library/Logs/DiagnosticReports/esets_proxy_2015-04-02-225459_Megs-MacBook-Pro.crash 02.04.15 22:54:59,947 esets[288]: error[011f0000]: ESET Daemon: Untergeordneter Vorgang proxy[1355] hat Signal 11 nicht verarbeitet, Neustart in 0 Sekunden 02.04.15 22:57:28,981 ReportCrash[1764]: Saved crash report for esets_proxy[1759] version ??? to /Library/Logs/DiagnosticReports/esets_proxy_2015-04-02-225728_Megs-MacBook-Pro.crash 02.04.15 22:57:29,034 esets[288]: error[011f0000]: ESET Daemon: Untergeordneter Vorgang proxy[1759] hat Signal 11 nicht verarbeitet, Neustart in 0 Sekunden 02.04.15 22:58:47,062 ReportCrash[1776]: Saved crash report for esets_proxy[1765] version ??? to /Library/Logs/DiagnosticReports/esets_proxy_2015-04-02-225847_Megs-MacBook-Pro.crash 02.04.15 22:58:47,109 esets[288]: error[011f0000]: ESET Daemon: Untergeordneter Vorgang proxy[1765] hat Signal 11 nicht verarbeitet, Neustart in 0 Sekunden
-
Looks like I have a problem with EES (latest V6) blockades almost all of my web traffic. Except google, Facebook and microsoft works. Ping and instant messaging works without problems.
(Except in VirtualBox on that OS X, there all http traffic is blocked)
Enable/Disable web filtering and/or filewall doesn't matter.
uninstall works.
Any clues?
EDIT:
Also it destroys a lot of CSS in some websites (like netapp etc), some didn't load at all (blank page). Same as above, enable or disable web filtering doesn't matter.
-
+1
And mark failed tasks.
Tasks without an target are marked in yellow but tasks, which are failed are shown the same way like tasks wich succeed.
-
One Week and no response?
So is it a bug or a feature?
how can I set up an install to run silently without using the push method from ERAS
in ESET PROTECT On-prem (Remote Management)
Posted
Afaik the Clients (or on V6 the Agent) connecting the server, not vice versa. Afaik outgoing connections aren't blocked by default.