Jump to content

sysadminPA

Members
  • Posts

    20
  • Joined

  • Last visited

Everything posted by sysadminPA

  1. Hello, We are using ESET Protect on prem in our organisation and we noticed a weird issue a few days ago. Whenever we prepared a new macOS computer and installed the ESET Agent and ESET Endpoint Security, ESET Protect was not able to activate EES. We thought it is a macOS Sonoma issue so we tried it on a computer with macOS Ventura (where this process worked without issues until a few weeks ago), with the same results. The ESET Protect server reports that the task for product activation was successful but the antivirus reports that it is not activated. We also made sure that we are running the latest ESET Protect version (ESET PROTECT (Server), Version 10.1 (10.1.2270.0) , ESET PROTECT (Web Console), Version 10.1 (10.1.277.0)) on Ubuntu 22.04 with everything up to date. We tried also installing an older version of the EES with the same results. We also tried then to activate it manually from the EES client on the macOS computer by logging in with our business account and assigning the license there manually, and after being prompted that it was successful, the antivirus reports the same that it is not activated. We checked then further in our ESET Business Account portal (where we still have more than enough device seats), and we found the computers we tested as being licensed. This behaviour we have only seen on newly prepared computers, the ones set more than two weeks ago have EES still licensed/activated, so I would assume they are not affected, even though they are all updated to the latest EES version. So we are running out of options here and hope that you can give us some insight on how to solve this issue. Thanks in advance! Best regards, Emanuel
  2. Hello, Thanks for your answer, but I already stated that I know what versions of the MySQL ODBC are supported and was asking if there is any plan or ETA to support a newer version. This is extra important as the supported version contains a vulnerability https://nvd.nist.gov/vuln/detail/CVE-2022-24407 . Thanks in advance!
  3. We have been running our ESET Protect Management Console 10 on our Ubuntu server 20.04 without issue until recently when we updated the Ubuntu version to 22.04. After removing the openssl version 1.1 (Ubuntu 22.04 ships with openssl 3.0) we discovered that the database connection needed for ESET Protect does not work anymore and we are getting the following output: 2023-02-14 11:03:10 Error: CDatabaseModule [Thread 7f0a1856dc40]: Probing database connection failed. Next connection attempt will be in 10 seconds. 11 more attempts will be made. The database access layer reported: [unixODBC][Driver Manager]Can't open lib '/usr/lib/x86_64-linux-gnu/odbc/libmyodbc8w.so' : file not found (0) After reading the installation instructions for ESET Protect and noticing that the recommended database connector version is the one from Ubuntu 19.04, I was wondering if the Ubuntu 22.04 version here is supported, and if not, when is it going to get support? We have reverted for now to openssl 1.1, but obviously that is not a fix that we wanna keep for long.
  4. Hello, We are using in our organization still EEA 4 on our Ubuntu 20.04 devices, and we are looking to migrate to EEA 8, especially since we have started to encounter some errors where EEA 4 does not seem to be able to connect to the Agent that is running on the machine, and I am getting this message in our ESET Management server "Product is not connected. No connection attempt occurred." I have been testing EEA 8 on Ubuntu 20.04 for a while and I cannot really say I am very satisfied, especially regarding the Secure Boot issues. Our devices have Secure Boot enabled, and we want to keep it that way. The workflow offered by the guide for EEA 8 to deal with Secure Boot is not that comfortable to deploy on multiple machines, and more so the management of said machines can be quite cumbersome, as for any Linux kernel update, if one forgets to run the script to sign the headers, their computer might not boot next power cycle. Is there a way to actually make this more streamlined like EEA 4 used to work, where I did not need to actually set the keys manually in UEFI for Secure Boot to work seamlessly? Thanks in advance!
  5. Thanks for your reply! Yet I find that you might have misunderstood or misread my post. I have already mentioned that link you posted from EFS 8 for linux myself as I have already read through. However, I am not using EFS 8 for linux but EEA 8 for linux, and as I mentioned in my post, I have seen that EFS 8 for linux comes with a script to sign the kernel, but I cannot find this script in the installation folder of EEA 8 for linux. I have already added the output of my eea service status that mentions that Secure Boot is enabled. The command you pasted from the EFS 8 secure boot help page outputs when run "SecureBoot enabled" as is expected, as also the eea service states the same. I understand that I need to sign the EEA kernel module, yet I am not sure how to do this as a script is not provided like in the case of EFS. Am I missing something? If not, can you provide an alternative script for EEA 8 like the one for EFS 8? Thanks in advance!
  6. Hello, We are using ESET in our company and are looking to upgrade to the new version of EEA 8 for Linux. I am testing it on an up to date machine with Ubuntu 20.04. The environment satisfies all the system requirements. I have downloaded and installed the product from the ESET website, as our ESET Protect server is not set yet to install this version, but the agent is running on the machine, so the server was able to activate the product. Now I am left with the eea service on the machine reporting "Real-time file system protection is non-functional" Apr 20 12:38:19 Computer-name oaeventd[1675]: ESET Endpoint Antivirus Error: Secure Boot is enabled. Please sign the kernel module /lib/modules/5.8.0-50-generic/eset/eea/eset_rtp.ko or disable Secure Boot in BIOS/UEFI. Apr 20 12:38:19 Computer-name oaeventd[1675]: ESET Endpoint Antivirus Error: Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs. In the EEA GUI I can see the same message (pictures attached). Now I have double-checked the instructions and the only point regarding the Real-time protection is here https://help.eset.com/eeau/7/en-US/realtime-protection-cannot-start.html, but it does not apply to my situation. Going back to the error message in the console I can understand that disabling Secure Boot would be a solution, but this is not desirable in my company. The solution would be signing the kernel modules. Unfortunately I did not find a guide for this, and I am wondering if it is possible for this version of the product. I have found that ESET File Security 8 for Linux has a script that does this as detailed here https://help.eset.com/efs/8/en-US/secure-boot.html, but this script does not seem to be present in the EEA 8 for Linux installation folder. I have tried also the commands listed in this thread (adapted for my kernel version) but with no success. I am hoping you can help me with this, either pointing out something I have missed or simply providing a set of commands or a script similar to the EFS 8 one. Thanks in advance!
  7. Hi Marcos, thanks for your reply. This mailbox file is unused. I will need then to open it with a client and delete the single email (not sure I have so much time I can work with this employees laptop :)). It would help already if Eset can identify these emails, but we are not 100% sure about it? Thanks Emiliano
  8. Good day, we have an employee in our company who has a Trojan, in the specific a PDF/Phishing.A.Gen. Those are in a .olm file, which is an Outlook for Mac local mailbox file. I have found a similar topic here but they are talking only about pst files, Any idea how it will act a full system scan enabling the option to check mailboxes? Thanks in advance Emiliano
  9. Thanks, I did all you said and send the logs to ESET Technical Support.
  10. Thanks, but unfortunately this did not solve my issue, actually nothing has changed after retrying to activate from ESMC, it still reports successful in ESMC, but on the client I get the same errors.
  11. I am sorry in case I misunderstood the question. What do you mean by activating it via offline license file? I have first tried activating it from the ESMC as the agent was reporting to the ESMC that the product was not activated. I ran the activation task and then the ESMC was not reporting that the product was not activated on the client anymore. But then checking the status of the eea service on the client showed the activation error still as you have seen in my logs snippet. Afterwards I tried to run the activation command /opt/eset/eea/sbin/lic -k XXXX-XXXX-XXXX-XXXX-XXXX on the client, using the key instead of the placeholder (key that I got by using the credentials in the convertor on your website). The result was as I have posted above. Any idea what steps I can try next? Or please let me know if I got anything wrong! Thanks in advance!
  12. I think not, because this is the license we use currently with all the other linux clients running EEA version 4.0.95.
  13. I ran the activation task in ESMC and it was reported to have run successfully. (In the ESMC only the Real-time protection error mentioned above is shown). Also tried to run it on the client in the terminal and am getting this error "Error: Activation failed" and in the logs I see this "licensed[1350]: ESET Endpoint Antivirus Error: Activation was not successful: 0x20515010". Also want to mention that before I ran the activation task from ESMC when I tried to update module on the client I got a prompt that product is not activated, but after the activation task was reported to have run successfully on the ESMC, I could update the modules with the command on the client. This makes the "Product is not activated." error very weird in my eyes.
  14. so it does not work to activate it via ESMC?
  15. Hello, I have been trying to test the new ESET Endpoint Security 7 for Linux on an up to date Ubuntu 18.04 machine. The ESET Agent is already installed (version 7.1.503.0) on the machine and reporting to my company's ESMC Server without issues. I installed ERA 7.0.13.0, activated it via ESMC, updated the modules, and this error is reported in ESMC "Real-time file system protection is non-functional". I have also attached the log file from the client. Hope you can help me get it running. Thanks in advance! Emanuel eea.txt
  16. I have clicked on the link and I get this error. Sorry, there is a problem You do not have permission to view this content. Error code: 2F173/H I have written a message by clicking the "Contact us" button below the warning but got no reply. Is this an issue or am I missing something? Thanks in advance!
  17. Hello, would like to try it in my company. We use version 4.0.95 now. Thanks in advance! Emanuel
×
×
  • Create New...