pipboy3000

Sorry for my late reply. The outcome of the first command is: "LimitLoadToSessionType" = "System"; "Label" = "com.eset.remoteadministrator.agent"; "TimeOut" = 30; "OnDemand" = false; "LastExitStatus" = 17920; "Program" = "/Applications/ESET Remote Administrator Agent.app/Contents/MacOS/ERAAgent"; Attempt to restart the agent failed: ~ sudo launchctl restart com.eset.remoteadministrator.agentclear Unrecognized subcommand: restart Usage: launchctl <subcommand> ... | help [subcommand] Many subcommands take a target specifier that refers to a domain or service within that domain. The available specifier forms are: system/[service-name] Targets the system-wide domain or service within. Root privileges are required to make modifications. user/<uid>/[service-name] Targets the user domain or service within. A process running as the target user may make modifications. Root may modify any user's domain. User domains do not exist on iOS. gui/<uid>/[service-name] Targets the GUI domain or service within. Each GUI domain is associated with a user domain, and a process running as the owner of that user domain may make modifications. Root may modify any GUI domain. GUI domains do not exist on iOS. session/<asid>/[service-name] Targets a session domain or service within. A process running within the target security audit session may make modifications. Root may modify any session domain. pid/<pid>/[service-name] Targets a process domain or service within. Only the process which owns the domain may modify it. Even root may not do so. When using a legacy subcommand which manipulates a domain, the target domain is inferred from the current execution context. When run as root (whether it is via a root shell or sudo(1)), the target domain is assumed to be the system-wide domain. When run from a normal user's shell, the target is assumed to be the per-user domain for that current user. Subcommands: bootstrap Bootstraps a domain or a service into a domain. bootout Tears down a domain or removes a service from a domain. enable Enables an existing service. disable Disables an existing service. uncache Removes the specified service name from the service cache. kickstart Forces an existing service to start. attach Attach the system's debugger to a service. debug Configures the next invocation of a service for debugging. kill Sends a signal to the service instance. blame Prints the reason a service is running. print Prints a description of a domain or service. print-cache Prints information about the service cache. print-disabled Prints which services are disabled. plist Prints a property list embedded in a binary (targets the Info.plist by default). procinfo Prints port information about a process. hostinfo Prints port information about the host. resolveport Resolves a port name from a process to an endpoint in launchd. limit Reads or modifies launchd's resource limits. runstats Prints performance statistics for a service. examine Runs the specified analysis tool against launchd in a non-reentrant manner. config Modifies persistent configuration parameters for launchd domains. dumpstate Dumps launchd state to stdout. reboot Initiates a system reboot of the specified type. bootshell Brings the system up from single-user mode with a console shell. load Bootstraps a service or directory of services. unload Unloads a service or directory of services. remove Unloads the specified service name. list Lists information about services. start Starts the specified service. stop Stops the specified service if it is running. setenv Sets the specified environment variables for all services within the domain. unsetenv Unsets the specified environment variables for all services within the domain. getenv Gets the value of an environment variable from within launchd. bsexec Execute a program in another process' bootstrap context. asuser Execute a program in the bootstrap context of a given user. submit Submit a basic job from the command line. managerpid Prints the PID of the launchd controlling the session. manageruid Prints the UID of the current launchd session. managername Prints the name of the current launchd session. error Prints a description of an error. variant Prints the launchd variant. version Prints the launchd version. help Prints the usage for a given subcommand. When is the next agent release planned for?

I'd like to re-open this post as this problem keeps reoccuring. I have another few devices in the office where they are up to date, but not reporting back to the ERA. This is strongly suggesting problem with the agent. Any troubleshooting steps?

All machines on the network are downloading updates from the local ERA server.

I have tried to follow this KB (hxxp://support.eset.com/kb3621/) but I got stuck on step 5 as for Eset Security Product for OS X & Linux, there is no General section, therefore I cannot edit the list of profiles. KB screen for Windows: Options for Mac (no General) What is the function of servers list and is it possible to add update.eset.com there to to trigger online update?

This worked, thank you.

I have tried that and the product is now activated, so that solved part of the problem, but I still cannot update the database. I've exported the log: <?xml version="1.0" encoding="utf-8" ?> <ESET> <LOG> <RECORD> <COLUMN NAME="Time">30/11/2015 11:56:05</COLUMN> <COLUMN NAME="Module">Update module</COLUMN> <COLUMN NAME="Event">Unauthorized access.</COLUMN> <COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN> </RECORD> <RECORD> <COLUMN NAME="Time">30/11/2015 10:25:36</COLUMN> <COLUMN NAME="Module">Update module</COLUMN> <COLUMN NAME="Event">Unauthorized access.</COLUMN> <COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN> </RECORD>

I have successfully installed an agent on Windows 8.1 laptop. The machine has registered in the ERA and from there I was able to push the installation of v6 on top of v5 already installed. Again, no problems during the install, but I could not update the virus database afetrwards. I have seen this on other Windows machines before and the GUI recommended reboot anyway, so I have done it, but the laptop is still unable to download the virus DB update. It comes up with: 'unauthorised access' message. I assumed that it might be a problem with the license, but I still have 2 spares. I have also temporarly stopped the firewall on the server side, but this did not make any difference. I had a look at the manual, but it does not mention this specific problem. Is it possible that the installing v6 without uninstalling v5 first, corrupted something? ESET Endpoint Security 6.2.2033.0 ESET Remote Administrator Agent 6.2.190.0 Many thanks

As a next step I will try to install the agent manually using .dmg file rather than script. Maybe this will help.

What is the latest version of the agent? I'm running 6.2.190.0 on Windows and 6.2.166.0 on Mac OS. Now, I've installed a fresh version of the agen on one of the Mac devices just now and while the installation was successfull, the agent is still not reporting back to the server. I will give it another 30 minutes, but if that does not help, then I might have to open a ticket.

Why would the agent stopped running or dissapeared from number of devices? Reinstalling the agent solved the problem, but this is not a long term solution.

Folder com.eset.remoteadministrator.agent does not exist on that particular Mac, there is only ESET folder. Any ideas?

I have checked the log (attached) Last message in trace: 2015-11-20 10:21:34 Error: CReplicationModule [Thread 0xb0831000]: CReplicationManager: Replication (network) connection to 'host: "10.16.1.10" port: 2222' failed with: Operation timed out Status log says the same. While I understand that the host might have been temporarly offline, the ERA agent should attempt to reconnect again later. I suspect that reinstalling the Agent might solve the problem, but there must be a better way of dealing with this. trace.log status.html

I have a number of devices that are not reporting back to the ERA server. While some of them are valid (users not in the office) there are a few that are turned on, can be pinged etc but for some reason still appear in ERA as last connected on Friday. No changes to the OS were made in the mean time. Any idea?

How do I completely remove ESET Endpoint Protection v6 and the agent from Mac OS X 10.11.1. I have one odd laptop that will not report back to the ERA server. On the dashboard it says that the last connection occured on the day when the product was installed. I have tried to re-run the same script that works fine on every other mac but this one. Interestingly, the virus DB is up to date. Terminal output: bash-3.2# bash EraAgentInstaller.sh Downloading installer image 'hxxp://repository.eset.com/v1/com/eset/apps/business/era/agent/v6/6.2.166.0/Agent-MacOSX-i386.dmg': % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 24.3M 100 24.3M 0 0 280k 0 0:01:28 0:01:28 --:--:-- 152k Mounting image '/tmp/EraAgentOnlineInstaller.dmg.finQQI4s': Checksumming Protective Master Boot Record (MBR : 0)… Protective Master Boot Record (MBR :: verified CRC32 $F93BFA6B Checksumming GPT Header (Primary GPT Header : 1)… GPT Header (Primary GPT Header : 1): verified CRC32 $C9B9B380 Checksumming GPT Partition Data (Primary GPT Table : 2)… GPT Partition Data (Primary GPT Tabl: verified CRC32 $5BD3ED67 Checksumming (Apple_Free : 3)… (Apple_Free : 3): verified CRC32 $00000000 Checksumming disk image (Apple_HFS : 4)… .............................................................................. disk image (Apple_HFS : 4): verified CRC32 $E65BA5ED Checksumming (Apple_Free : 5)… (Apple_Free : 5): verified CRC32 $00000000 Checksumming GPT Partition Data (Backup GPT Table : 6)… GPT Partition Data (Backup GPT Table: verified CRC32 $5BD3ED67 Checksumming GPT Header (Backup GPT Header : 7)… GPT Header (Backup GPT Header : 7): verified CRC32 $BF5BAF9A verified CRC32 $3B27CAA9 /dev/disk3 GUID_partition_scheme /dev/disk3s1 Apple_HFS /Volumes/EraAgentOnlineInstaller.mount.G3Fr6cXH Installing package '/Volumes/EraAgentOnlineInstaller.mount.G3Fr6cXH/Agent-MacOSX-i386-6_2_166_0.pkg': /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/com.apple.install.P5vUSvs6/installationcheck: line 110: [: -f: binary operator expected installer: Package name is ESET Remote Administrator Agent installer: Upgrading at base path / installer: The upgrade failed (The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance.) Cleaning up: "disk3" unmounted. "disk3" ejected. unlink: /tmp/postflight.plist: No such file or directory bash-3.2# Many thanks,

This instruction will only work for Windows based policies as steps 11 and 12 are not available for Mac OS policy.

How can I remotely trigger the message on client PC about OS not being up to date? I've seen it popping up already and I'd like to be able to send a reminder to the end users from ERA.

OK, I'm in, word of advice for everyone else, open ELA from your admin panel and the password for license manager is in printed on your license document.

I guess I've done something wrong, cause it says: Unit managementYou have no license authorizations.

I might be missing something, but this looks more like a cumulative list rather than individual subscriptions.

Is there any way to return the license from an old computers that have been scrapped / made redundant back to the licenses pool, so that can be assigned to the next machine?

I've noticed that recently updated v6 clients upgrade the virus database only when they are connected to the ERA server. This is not good enough for devices that are mobile and should be updated whenever there is the internet connection available. In the old version 5 it was possible to configure the client to download the update directly from the ESET server, providing that the user name and password is correct. Anything like it in ver 6?

OK, I've managed to install client on all Macs manually. Asking users to run the script themselves is out of question as they have to have admin rights. Once that is done, the rest is relatively straightforward. The only advantage of mac over windows is that you don't have to reboot the machine after the installation is completed. Painful manual task, but let's hope that migration from v6 to v7 will be a little bit easier.

I have recently successfully upgraded ERA v5 to v6. With few agents manually installed on win / mac environmnet the list of computers is slowly getting populated. My next challange is around updating client machines from v5 to v6. I have tried the remote uninstall but this task has failed. The only way up so far that worked, was to manually install the agent, making sure that agent is reporting back to ERA, then uninstalling the old client and pushing out new installation from the server. Is there any way to update clients directly from the server?

How do I make manually installed agent to report back to ERA 6 on Mac OS?

That's perfect, thanks a lot.