j-gray

This is the latest version of EP Server+Console. For some reason, application statuses are inconsistent. One outdated version is flagged in yellow and the other outdated version is not flagged at all:

To sum up, we still find the following issues with OS X: When the license file is specified in the EI Connector install task, the task runs for 24-hours before reporting failed due to time out. The EI Connector does install successfully within a few minutes despite the reported timeout. Activation task still does not activate the EI Connector after upgrading to the latest version. The activation task reports successful completion, but the EI Connector is still not activated. Some clients still do not register the EI Connector in the ESET list of "Installed Applications". Subsequent EI Connector upgrades still do not register the EI Connector under "Installed Applications"

Hi @Peter Randziak Unfortunately, it's quite a mixed bag. Some have been able to activate after the connector upgrade. A number of others run the connector upgrade task for 24 hours and finally time out, but apparently do successfully install the latest connector. In the past, this was an issue caused when the license was included in the task. We've worked around this issue by running the connector install task without a license specified. Appears to be a recurring issue/bug. I still have to verify if any of these successfully activated. We still face the issue even after the latest version, where the Connector does not show in the list of ESET installed applications. Still no idea why this is happening. We can find these because they are in the dynamic group where EI Connector is not installed, but they are flagged red due to EI Connector not activated. The majority of our systems are offline while students and staff are on summer break, so we have a limited set to work with right now.

@Marcos 1.11.2872.0 is the latest version. The latest version is the one that is not available.

I'm not finding it available in my instance. 1.10.2672.0 is the highest version available here: Additionally, the latest version is not seen in the clients application list as seen here:

Just upgraded ESET Inspect server to the latest version. However, ESET Protect server does not recognize the latest version of the Inspect Connector. So at this point, I'm unable to create an ESET Connect installer because the latest version is not listed. In addition, the Application List of all clients shows the last version is up to date. How can we get ESET Protect to pull or recognize the latest version of Inspect?

Support has requested to enable and collect ECP logs. However, instructions provided do not work. Is there a guide somewhere with detailed instructions? For example, they want to stop ESET, edit json files to enable logging, kill license service, then start the product. However, when the product is started, it overwrites the json files thereby removing the settings that enable logging in the first place. The ECP folder is never created. I would really like to be able to provide the requested log files. Thank you.

Good question. We don't have auto-updates enabled either, yet some are automatically updating. Not sure how or why. We've also found that the only way to restore network connectivity is to uninstall/reinstall the AV. It's all quite random. Our entire install base is on 7.2.1600, so this would seem to be a minor upgrade but it's causing significant issues.

We're encountering two issues with v.7.3 upgrades: As with some previous versions, despite the fact we have the same policy set to not display or report Web Protection and Anti-Phishing Protection being disabled, the GUI shows an error state for these two disabled components. We've intentionally disabled these components and do not want it reported in the GUI. This seems to get broken with every other upgrade. The Web&Email proxy is again breaking the Internet connection during installation. This of course generates a number of support calls.

We've had a case ongoing since October of last year. Unfortunately, OS X just doesn't seem to be a priority at all.

In case anyone is following this, support was able to reproduce the issue and it is currently being investigated by developers. This will impact anyone who is short on licenses when upgrading OS X clients.

Just another piece of info. I saw there was a new release so upgraded (not much info in the changelog to know if it would help or not). The same client as above is now reflecting the 1969 date indicating corruption (according to ESET Engineer): 2023-05-05 10:05:43 0x700002d44000 Info: Control Checker cannot be started, license is not valid 2023-05-05 10:05:53 0x700002d44000 Error: License activation failed: 2. Failed to process a request to/from ESET Endpoint Security/Antivirus. RUN_LOOP_ERROR RUN_LOOP_TIMEOUT (2) 2023-05-05 10:05:56 0x7000034f1000 Error: License check failed. Try 2 out of 5. Failed to process a request to/from ESET Endpoint Security/Antivirus. RUN_LOOP_ERROR RUN_LOOP_TIMEOUT (2) 2023-05-05 10:05:57 0x7000033eb000 Info: Events Statistics, From:, 1969-12-31 17:00:00, To:, 1969-12-31 17:00:00, Duration (s):, 0, Events Per Second:, 0.000, Events:, 1, File:, 0, Registry:, 0, TcpIp:, 0, Http:, 0, Dns:, 0, Process:, 0, Injections:, 0, Dll:, 0, Traffic:, 0, Info:, 1, Metadata:, 0, Livegrid:, 0, OriginUrl:, 0, Alarms:, 0, UserActivity:, 0, Wmi:, 0, Scripts:, 0, ExeDrops:, 0, OpenProcess:, 0, TrafficSize:, 0, TrafficInterval:, 0, Executions:, 0, Subprocesses:, 0, Connections:, 0, LoadUnloadDriver:, 0, SystemApiCall:, 0, MultipleFilesChanged:, 0, Batch Size (bytes):, 282 Version: 1.10.2672 (Apr 25 2023 06:54:08)

@Marcos Thanks for the reply -I appreciate it. The bigger issue, aside from not being able to activate appears that the Connector actually becomes corrupted with events frequently logged from 1969, or whenever it happened to break. For instance, in the case below, the logging date is current, but the event statistics are all from April 22. The log repeats the same 04-22 date for all subsequent entries: 2023-05-05 09:41:10 0x70000745c000 Info: Events Statistics, From:, 2023-04-22 17:55:16, To:, 2023-04-22 17:55:16, Duration (s):, 0, Events Per Second:, 0.000 So we see that not only can it not activate, but it does not send current events.

Have there been any recent updates on what causes this error and if/when there might be a fix? I have close to 350 OS X clients that are still failing to activate the EI Connector and report this error. Uninstall/reinstall Connector does not resolve the issue. Appreciate any feedback.

Is it possible to force a sync under the Business Account? I've set the deactivation time to 3 months but still have systems not connected over 90 days.

For clarity, here is a screenshot showing one client consuming two licenses, one for 6.11 which is no longer installed due to the upgrade, and one for 7.2 which is currently installed:

Description: Cannot search or filter by product version Detail: We have a need to deactivate licenses for specific older product versions. The console does not allow to search by product version, nor sort by product version. There is no simple way to filter for a specific product version.

I posted over in the licensing forum hoping to get some input, but it's pretty dead over there. We're in the process up upgrading our OS X AV from v6 to v7. The problem we're encountering is that once upgraded, the client holds the v6 license activation as well as a v7 activation and license. So each upgraded client consumes two licenses. We have now run out of licenses before we're halfway through the upgrade. I'm guessing my only non-manual option is to temporarily set the license management deactivation period to deactivate after 3 days or so. Is this the best option? Any issues with such a short time frame? And is this a known issue with OS X? Our Windows clients don't seem to have this issue.

Description: Release license/activation when product is upgraded (or uninstalled). Detail: Upgraded systems (specifically OS X) hold a license for the previous anti-virus version, as well as the upgraded version. So each upgraded client consumes two licenses.

We're finding that when upgrading OS X antivirus from v6 to v7, the clients still hold onto their v6 activation. This also causes the activated host name to be appended due to the duplicate. For example, we see under the parent object, "hostname.domain" for the v6 activation, then "hostname.domain-112" for the subsequent v7 activation. We don't have this issue with Windows upgrades. They appear to drop the activation for the previous AV version once upgraded. Is there any type setting to remove the activation for the previous version? Otherwise, during upgrades our OS X clients consume two licenses and we're running out of licenses.

We're finding that something in the process of upgrading from v6 to v7 appears to be causing the EI Connector corruption. We're now up to over 200 OS X clients that will not activate the EI Connector, despite activation tasks running (reportedly) successfully. So far logs indicate the same two issues: License check fails with RUN_LOOP_ERROR RUN_LOOP_TIMEOUT (2) All Event Statistics are "From:, 1969-12-31 17:00:00, To:, 1969-12-31 17:00:00" And we're still finding that unfortunately an uninstall/reinstall does not resolve the issue.

@avielc; thanks for the thoughts, I appreciate it. Clean/new installs don't seem to be an issue, at least initially; we image, rename, join to AD, then script the agent install with JAMF. Once installed, dynamic triggers add the AV and Connector. Specifically in the case of our Windows servers, the connector upgrade caused the EI connector corruption, noted by the 1969 year in the newly created log entries. NTP is not an issue. Our hierarchy is solid and we'd know pretty quickly if there was any significant time skew. And of course, all of our Windows EI Connectors are working fine with no activation problems (aside from the Server issue mentioned). The majority of the OS X clients seem to behave, but 20% failure rate is still not acceptable. I'm back to working with support again, so we'll hope to make some progress.

Interestingly, when I uninstalled/reinstalled EI Connector on my Mac, it activated successfully. However, a day later it broke again and shows Unactivated. The log files now (on Apr. 3) show only events from when it was reinstalled and not with current timestamps: 0x700005d46000 Info: Events Statistics, From:, 2023-03-31 22:10:59, To:, 2023-03-31 22:10:59 So it appears the EI Connector is again corrupt as the dates are old. It is successfully communicating the server but also still getting the RUN_LOOP_ERROR RUN_LOOP_TIMEOUT (2), which I thought had been resolved several releases back.

@JorgeL Been there, done that (ref #00444283). Issue reproduced and observed, logs collected and analyzed. No solution provided. The provided log files indicate the EI Connector has become corrupted. I'm left to figure out how to fix it.

@Peter Randziak I see what's happening now. EI Connector on OS X is somehow corrupted. When I run an install task with license, or just an activation task, EI Connector makes 5 license checks every 5 minutes before failing, so install task or activation task takes close to 30 minutes to report failed. In this case, the EI Connector install succeeds, but activation fails, so overall failure is returned. That said, in my previous case of corrupt connector on Windows servers (reporting 1969 date in the connector logs), connector uninstall/reboot/reinstall fixed the issue. However, this does not clear the issue on OS X. Uninstall/reboot/reinstall still fails activation and still reports 1969 date in the connector log entries (along with the RUN_LOOP errors). Any clues on how I can clear a corrupt EI Connector install on OS X?