jimwillsher
Most Valued Members-
Posts
593 -
Joined
-
Days Won
5
Everything posted by jimwillsher
-
PowerShell as "Run Command" - getting the results back
jimwillsher replied to jimwillsher's topic in ESET PROTECT
No problem Marcos, I appreciate the honesty and the reply. Jim -
PowerShell as "Run Command" - getting the results back
jimwillsher replied to jimwillsher's topic in ESET PROTECT
No takers? @Aryeh Goretsky @Marcos -
Hi I manage three entirel separate companies, each with a separate login to https://eba.eset.com. They must remain separate. At he login screen I enter my credentials and I am then prompted for a OTP from the authenticator. I enter the OTP and tick the "remember" option. But if I then log out of close browsers/reboot, and login as a different account, I still have to enter the OTP, even though I have been through the same process for all three accounts. Seems like "remember this device" checkbox either doesn't work, or it works but can only handle a single set of credentials. Thoughts? THanks Jim
-
Hi all We use the Run Command tasks extensively, for running stuff on client machines (currently around 1000 endpoints). Examples are to download an MSI from a website and then a second task to run msiexec. Other examples are to pull values from the registry and email them back for diagnostics. Whilst the editor doesn't lend itself to powershell scripts that require multiple steps, with no option to edit them properly, it generally does work. But, what's the best way to return results from PowerShell? Because the task itself starts okay, the task execution history shows that the task executed, even if the powershell etc then failed. My current scenario is this. I am downloading an MSI as one task, installing it as another task by utilising msiexec and specifiying a log file, and then have a third task to email me back the log file. Which is all VERY clunky. Are there any viable alternative approaches? Sample Run Command line: powershell -Command "$secpasswd = ConvertTo-SecureString 'xxx' -AsPlainText -Force;$cred = New-Object System.Management.Automation.PSCredential ('xxx', $secpasswd);Invoke-WebRequest 'http://xxx/TeamViewer/xxx.mst' -OutFile 'C:\Windows\Temp\xxx.mst' -Credential $cred;Invoke-WebRequest 'http:/xxx/TeamViewer/TeamViewer_Host.msi' -OutFile 'C:\Windows\Temp\TeamViewer_Host.msi' -Credential $cred;msiexec /i 'C:\Windows\Temp\TeamViewer_Host.msi' ADDLOCAL="f.ProductFeature,f.ProgramMenuShortcut,f.ProgramMenuShortcut" TRANSFORMS='C:\Windows\Temp\xxx.mst' /qn /l*v 'C:\Windows\Temp\Jim.log'" Thanks Jim
-
I manage a few on-prem networks with ERA, and one with the cloud version. The cloud version offers pretty much identical functionality to the on-prem, and whilst we've never had any issues with the on-prem setup, the price differential makes it worthwhile looking at the cloud option now. For the cloud network I manage we have 900 seats and everything works well. Jim
-
Thanks Iggy, I'm not quite sure how I missed that
-
Hi folks VERY long time ESET user here, and we've had on-prem ERA for as long as I can remember (back when it was a Windows app). Anyway, we're moving to the cloud solution. Is there a HOWTO guide somewhere on how to do this? It's more than just the clients, we have about 100 custom "tasks" for deploying 3rd party software and they will be a pain to migrate manually. Many thanks Jim
-
Many thanks as always Marcos!
-
Hi All of a sudden, ninite ie being blocked (https://remote.ninite.com/) Any idea why? We use this to manage 900 endpoints. Thanks Jim
-
ESET Server Security - still only 8.0?
jimwillsher replied to jimwillsher's topic in ESET Products for Windows Servers
Many thanks as always, Marcos -
Hi I have on-prem ESET Protect v8 (not yet upgraded to v9) ESET PROTECT (Server), Version 8.1 (8.1.1223.0)ESET PROTECT (Web Console), Version 8.1 (8.1.221.0) When I enable MFA for a user, and they go through the registration process, registration succeeds BUT shows as an old server name in the iPhone app. We previously had the software installed on a server SHVMHOST.ABC.local and it's now on SH01.ABC.local, but the MFA process registers it in the app as "ESET PROTECT Joe Bloggs at SHVMHOST.ABC.local. How can we change that name to something more friendly, or at least the current name of the server? Happy to edit via SQL Server if required. Many thanks.
-
Hi I manage two separate networks, both running a local installed version of ERA. I now have a need to manage a third network but they don't want a local install, they want cloud only. Potential seat count is 650. Is there a "feature comparison" anywhere that I can reference? I've used ERA for many many years, way back to when it was ERAC/ERAS and was a .EXE etc. But I have never used the cloud version. Two features I use a lot are the capability to list all installed applications and the ability to execute commands on clients, so I need to be sure both these are available in the loud console. Apologies if this is in the wrong forum. Many thanks. Jim
-
ESET Endpoint blocking Dell iDRAC Remote Console
jimwillsher replied to jimwillsher's topic in ESET Endpoint Products
Many thanks Marcos -
ESET Endpoint blocking Dell iDRAC Remote Console
jimwillsher replied to jimwillsher's topic in ESET Endpoint Products
Hi Marcos, I now have both log files but they are 55MB and 56 MB so can't post here. I collected logs for just today. -
ESET Endpoint blocking Dell iDRAC Remote Console
jimwillsher replied to jimwillsher's topic in ESET Endpoint Products
Thanks Marcos. I couldn't find a setting to exclude from SSL filtering, only Protocol Filtering, which I guess has a wider scope than just SSL? Adding the IP address in there does indeed make the problem go away. Would you envisage this being a short-term workaround or a long-term solution? Many thanks Jim -
Hello I need to access some remote Dell iDRAC consoles (remote access consoles). The certificates are self-signed by the iDRAC. I can access the iDRAC itself with no problem, it all works well, although I do get browser warnings about the site not being secure. However if I try to access the Virtual Console I get a few popups and then a connection closed message. Viewing the (invalid) certificate shows ISSUED TO as the iDRAC name and ISSUED BY as ESET. If I Disable "Enable SSL/TLS protocol filtering" under Web and Email is the ESET client, I can connect successfully. In this case both ISSUED TO and ISSUED BY show the iDRAC name. What might be the best way to resolve this, aside from completely disabling SSL protocol filtering? I am using 8.0.2028.0 on Win10. Many thanks, Jim
-
Strange, we have another server (https://sagfunc5abbde991b39cdc0aos.cloudax.dynamics.com/) which eset is correctly flagging. but it definitely didn't flag the original one I reported, and it had the same cert expiry date.
-
It's this one: saglobal-sandbox1ceacc237d6aa5aedevaos.cloudax.dynamics.com/ However we have already refreshed the certificates. Let me see if we have another site in the same situation.