Jump to content

PuterCare

Members
  • Content Count

    41
  • Joined

  • Last visited

Posts posted by PuterCare

  1. I just had a reply from Eset tech support and they suggested adding rules for the following, I already had the first two so hopefully the third rule will be what resolves for me. I don't have the systems available to me right now to test.

    /Applications/Microsoft Teams.app
    /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app
    /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app/Contents/MacOS/Microsoft Teams Helper
     

  2. 2 hours ago, TomPark said:

    Hi @PuterCare,

    To help us investigate this issue please can you make sure you are running the latest version of ESET Endpoint Security / Antivirus for Mac or ESET Cyber Security / Cyber Security Pro.

    ESET Endpoint Security Mac - https://www.eset.com/int/business/endpoint-security-mac/download/
    ESET Cyber Security Pro - https://www.eset.com/int/home/cyber-security-pro/download/

    Once you are running the latest version (if not already) please can you capture logs as per the instructions in the following KB - https://support.eset.com/kb3404

    Please submit these logs to your Local ESET Office and they will be able to advise on next steps and investigate the issue for you.

    Regards,

    Hi Tom, I had updated Eset ES on the systems before trying any of the above so I will try to capture that info now and send to my Eset rep. Thanks

  3. On 9/10/2020 at 2:03 PM, Marcos said:

    The firewall logic has not changed over years. We assume that Teams has been updated and now works in the way that a connection is initialized by the server. In automatic mode, all outbound communication is allowed and all non-initiated inbound communication blocked, hence a rule for Teams may need to be created. It is beyond us to have a list of all 3rd party applications where the communication is initiated from outside and maintain the rules for them.

     

    I appreciate that it is not possible to track all third party apps but given the popularity or Office 365 and the current need for Teams is there a way to request that the engineering team can track this one?

    I am having the same issue here, I have tried setting rules for:

     /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app

    TCP&UDP, all ports, all IPs, both directions

    /Applications/Microsoft Teams.app

    TCP&UDP, all ports, all IPs, both directions

    But still Teams will not work properly, as soon as I disable EES firewall it works perfectly. I switched to interactive mode and allowed each connection but they seem to be never ending so the call fails before I can allow them all, there is also no option to remember the action as a rule like on Windows, just "apply action" or "temporarily remember". Is this right? 

    Thanks

  4. I just noticed on a sign-in to ESMC there is a reset token button so I guess this might resend the SMS link to my number so I can add to the app again. Does anyone know if this is the case? Otherwise I will just test it myself but didn't want to cause a probem.

  5. Hi all,

    In the past when I changed my phone I have been locked out of my Eset accounts that have 2FA enabled as during the phone backup and migration the Secure Authentication entries were not moved over. It's a shame I cannot choose my own auth app as I hate having multiple apps for one task, but I understand Eset are pushing their own product. In the case where I got locked out I had to get help from Eset support which took a bit of time to do.

    I have just re-enabled 2FA on ESMC as it is accessible from the WAN and if anyone got in they could cause chaos. During this setup I was not given any backup codes though, does anyone know if Eset will use my mobile number on record to text me a backup code so I can add 2FA to the app on my new phone if I ever get locked out? Just want to make sure that if I am locked out I can get back in quickly.

    Thanks

  6. 3 hours ago, John.From.VT said:

    An easy fix that worked for me is right-clicking the Detected Items folder that crashes Outlook and deleting it (then deleting the folder in Deleted Items as well).

    Not sure why a user or two had duplicates but this corrected it for them.

    Outlook 2016 MSI using cached Exchange mode and EES 7.2.2055

    I had deleted the duplicate folder in OWA but when loading Outlook again they reappeared but I just looked and at the moment I only have one Detected Items folder in Outlook so perhaps whatever was causing this is now resolved!

  7. This is something I had noticed myself but have also had several customers call about, it started within the past month. I noticed that when in Outlook (Office 365 install), the "Detected Items" folder in the left pane will flash/flicker randomly and is also duplicated 2 or 3 times. 

    It gets even stranger when I click the "Detected Items" folder, if I click one of the instances it opens an empty folder but if I click the other instance then Outlook rapidly flicks between the two instances forcing me to have to restart Outlook so I can get into another mail folder or do anything and in some cases even crashes Outlook. 

    I know this folder is used by Eset so though the logical place to start would be here. I have logged into OWA and deleted all instances of the Detected Items folder but multiples are recreated when I next open Outlook and the same behaviour is observed. 

    So far I have only noticed this when using Endpoint Security.

  8. This is now resolved, in case it helps anyone I logged into the VA and enabled Webmin, I then accessed Webmin using a web browser, Servers section, ESMC then there was an option to repair ESMC Agent Connection. I entered "localhost" for the Hostname and the ESMC port then clicked the repair button and it fixed it and updated to 7.1 as I had this task queued from last year.  

  9. I have been having trouble setting up SMTP using an Office 365 exchange mailbox. I have searched this forum and found numerous threads where people had issues and checked working configs against my own and just can't work out what is wrong. 

    My current config:

    image.png.0b75f9c8b36f5adc22b38e9dad3f5ff3.png

    I have MFA enabled and have generated an app password, the same account works fine on other devices where I set up SMTP. I have tried using outlook.office365.com as the server too, also tried port 25, TLS and a few auth types but nothing works. 

    Any ideas where I am going wrong? I know the login credentials are valid so it is as if it's the auth type or perhaps my VA is somehow using an old TLS standard which Microsoft have now blocked? I have no outbound firewall.

    Thanks

  10. Hi all,

    I changed my router and at the same time also changed the domain used for DDNS. Since then, I can load ESMC and correctly monitor client computers, push policies installs etc. but the ESMC VA shows as disconnected so I am unable to update the components to 7.1.

    When I open the details tab of my VA in the computers section, the FQDN shows my old DDNS domain whereas now I use my website domain with a CNAME record pointing to my new DDNS domain. 

    How can I either update the FQDN so my ESMC server shows and I can upgrade the components or add the server as a new device to the computers list?

    Thanks

  11. 13 hours ago, MartinK said:

    Thanks for confirmation. It was reported and will be investigated.

    As of workaround I would personally recommend to use all-in-one installer. Script-based installer was somehow superseded by it and original scripts remained available just for backward compatibility and easier "customization".

    Thanks, can a GPO be used with the AIO? My only other reservation is the AIO would install a static version of the agent but doesn't the script download and install the latest version? Therefore less intervention needed? I know I can update the agent from ESMC but then that's an extra required step.

    The way I have it set up is that any computer that joins this local domain has the agent installed automatically, then I verify it's an authorised system in ESMC and remotely push the relevant install.

  12. 18 minutes ago, MartinK said:

    My last idea is that problem is caused by "space" in path to script. It is stored in user's temp directory which contains space in absolute path (Not clear from screenshot but is it actually space in name of user?). If there is a space, special escaping would be required. Any chance you used different user on machines where it works? Is it possible to use other user (Administrator) to run installer?

    In the case of todays system, there is a space in the local username therefore the path to the %temp% dir has a space in it. This sounds like a credible cause, when I set up users I don't use spaces but some systems at different offices were not set up by me. I will try this out when I am next able to get onto an affected machine and see if it helps!

×
×
  • Create New...