tmuster2k

Likely after a Java Update.

Is this the UAC prompt that is coming up asking for admin password?

So one OFFLINE creation can activate multiple computers via ERA activation task?

go to: >> c:\programfiles(x86)\Apache Software Foundation\Tomcat 7.0\bin and then click on "Tomcat7w" exe then click on the JAVA tab and then check box "Use default" now start the Tomcat service

what is the purpose of having offline license file in ERA? I thought it was mainly for creating in ELA to activate ESET on workstations or servers? Is it for reporting purposes?

yes. As Marcos says this looks like a re-direct. I would reset the browser to defaults. Also check your NIC settings to make sure a shady static DNS did not get applied. Also would recommend running an ESET Customer in-depth scan with strict cleaning.

I will work on the DNS issue. I found a KB article that pointed towards some url's that may need to be opened on Firewall. To activate ESET Mobile Security: reg01.eset.com/mob_activate - reg04.eset.com/mob_activate reg01.eset.com/mob_register - reg04.eset.com/mob_register Do these need to be opened on my firewall to get correct enrollment to Android device?

After creating enrollment link and scanning of QR code, when tapping "open" for the link we get message that it cannot contact the DNS server. Have confirmed that the DNS information is correct with nslookup to the server. Does this enrollment process have to take place while the Phone is connected on the LAN via WI-FI? I have confirmed that the phone is getting an internal IP address from the router. I have even added an DNS entry for this phone in forward lookup zones. Also have added the ports for communication on the physical firewall but nothing. I have installed the APP from google play and then to >> Settings >> Remote Administrator and put in the WAN IP and Local ip of the RA. Does the enrollment have to take place before manually connecting the phone via setttings >> RA?

will this creation take place in ERA or a separate tool ?

I have seen this more with 6.1 and 6.2. Not so much with 6.3. Maybe do a test deployment and install 6.3 over the top to see if it resolves issue. If the install over the top does not work then likely and push uninstall >> reboot and then install of EES 6.3.

This should apply to biz products as well. Exclude Apple Time Machine backups from scanning in ESET Cyber Security or ESET Cyber Security Pro. You can also set policy for this under exclusions. hxxp://kb.eset.com/zap/SOLN3263

Was this a new install? Or was this an install over the top? Example. you installed Version 6.x over Version 5.x to upgrade. Suggestions. 1. Run the ESET uninstaller tool in safemode using the no safemode switch. example>> esetuninstaller.exe /nosafemode and run this to confirm ESET remnants are gone. 2. Manually check the registry for ESET at >> HKEY LOCAL MACHINE >> Software >> ESET and same for HKEY CURRENT USER . If you see ESET in here then delete. 3. Also check >> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\MaxNumFilters if you have MAXNUMFILTERS then delete. >> then REBOOT 4. go to services temporarily set Interactive services detection to >> Automatic - Started. 5. To disable rollback for per-user installations, set DisableRollback to 1 under the following registry key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Installer 6. Confirmed no leftover drivers in ESET for >> windows\system32\drivers.. example: eamonm.sys, ehdrv.sys, anything with EPFW 7. Try another install with this switch >> Example >> ees_nt32_enu.msi ignore_conflicts=1 (you will run this from command prompt after CD'ing into directory where MSI is)

the response from MichalJ is correct. thank you.

When going to details of a computer in the ERA6 console and then "manage policies" offers no information. Should't the information from Computer Name >> Details >> Configuration >> Applied Policies offer the same information? This section shows all of the current policy applied to this system. I see you can add policies from here but what is the purpose of doing it this way as opposed to going to Admin >> Policies and creating from there? Maybe there is a logical reason and if so would like to relay that correctly to clients.

Go to services and check SQL SERVER (ERASQL)-default or what name you changed it to for ESET and confirm this service is started. if so then restart this service, restart Apache Tomcat service, go into the properties of ESET Remote Admin server service and take off automatic delayed start to just Automatic and then restart this service as well after applying changes. Try to access the console now.

you can create custom agents certs for each company and then create dynamic groups based on AGENT serial#. very effective way.

Not sure if you have it configured properly. When choosing the Apache Http Proxy from the all-in-one installer, it will create default agent polices and one for the Shared local cache- HTTP Proxy Usage. The Remote Admin agent - HTTP proxy Usage and Shared local cache are set to ALL for the default targets. you have to manually assign the HTTP proxy in your policy. 1. Open up your default master policy. 2. Go to >> Tools >> Proxy Server and then over to the right should be the Ip address or FQDN of the ERA 6 server. 3. Proxy is not configured under Update unless you also have internal proxy. 4. for Update >> HTTP PROXY> I would recommend setting to "Do not use proxy server " 5. Force these changes in the policy and now when you go to the GUI on one one of the workstations check >> Tools >> PROXY SERVER and confirm ip or hostname. These systems should be getting their updates from the PROXY now.

No problem at all. I would recommend running in-depth scan with strict clean on that server.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun Is ESET anywhere in here?

do you have the Apache Proxy enabled in the agent and client policies? If so maybe try installing Squid to see if its isolated to this caching proxy which is enabled by default now. I also cannot ping those ip addresses. Appears the ping maybe turned off on that end.

I have activated many a ESET product with a public DNS set on the NIC.

I am not sure I understand correctly. By "ERA6 is not picking up" you mean that computers from sub-domains are not synchronized by AD synchronization task? If this is the case, customer will most probably have to create additional AD synchronization task, for each domain controller. If problem is not in synchronization, please provide more details. Yes. the synch task is not bringing any computers from these sub domains. Regardless of the synch task, shouldn't eset find these machines when doing a search for the hostname or Ip address at the top OF ERA 6 console? And can you provide example of what a synch task would look like for a SUB DOMAIN? thanks.

bump

Customer has one MAIN Parent domain and 2 SUBDOMAINS. the subdomains are on a different layer 2 subnet but can be pinged from main network. ERA6 is not picking up any computers from the sub domains. what kind of AD synch task would need to be customized for these systems to be seen by ERA6. I confirmed that hostname is pingable from main network but inputting the IP address of hostname on a ERA search from the TOP yields no results.

ERA5 had very straightforward process when creating Parent >> Child policies. For Version 6.x what would be the best way at going at this. For example. Customer has his Master policy in ERA6 which applies to all his workstations. He wants to apply strict WEB CONTROL policies for a specific group (about 15 computers). I know that you can only have one computer per static group. Would you need to create a dynamic group for the CHILD policy ? Would this dynamic group override any of the other policies that are in the MASTER Static Policy ? Thank you for your time.