Cousin Vinny
-
Posts
64 -
Joined
-
Last visited
-
Days Won
1
Posts posted by Cousin Vinny
-
-
6 minutes ago, Justin said:
Hi,
16gb is correctly shown i i click on user details.Only while generating reports it gets split for each DIMM which is not helpful.
Try running the "Computers with their RAM details" report instead of the "Count of computers grouped by total RAM capacity" report. It's in the same section.
-
Yeah I don't necessarily see this as something wrong, it's just displaying exactly what each machine reports.
The OP probably wants to run the "Computers with their RAM details" report instead if he just wants a raw count of hosts with total ram installed.
-
-
I just ran the same report myself and can see what's going on here.
Machines with less than 8192MB RAM will report each DIMM as an individual computer if they are from mixed manufacturers.
Machines with greater than 8192MB will report each DIMM as it's own machine. E.g., my workstation with 8x4GB matched sticks appears in the report 8 times, each one having 4096MB RAM.
-
I use PDQ Inventory running on my local workstation and after upgrading to v7 it has begun blocking loopback connections to the local admin share. I added an IDS exception to the assigned policy and verified that it did apply:
It does not appear to be working however, PDQ is unable to connect to the admin share and I am still receiving alerts in ESMC about the blocked threat:
This might be related to another issue I have yet to uncover, but just wanted to check if there is something in my ESET config that I am missing here? Not sure why it's even showing an ipv6 loopback address since that's disabled on this machine's network adapter but I added it to the IDS exceptions anyway.
-
Confirming that this is the same issue and solution affecting my agent upgrades; the two reg keys just need to be deleted.
edit: Just deployed agent update to 9 machines using PDQ Deploy rather than a Run Program task in ESET or a manual install and none exhibited this behavior. I am going to continue deployments using this method.
-
Checking firewall logs, I do not see any connections to epns.eset.com or anything over port 8883. I do see the ESMC server sending a broadcast packet to udp/9 255.255.255.255.
Regarding the issue with policies not displaying correct status - they actually were. I just noticed that somehow I managed to knock almost every machine out of their group. Adding machines back to the respective groups, the applied policies (by group) are now indicating the correct status.
So the one remaining issue is the wake-up call thing.
-
Performed the ESMC upgrade yesterday and ran into a few growing pains. Please advise if there are known solutions.
Upgrade as per the KB went without any major issues. Restoring the keystore and server.xml files was preventing me from accessing the console. Omitting this step and everything appeared to be working fine. Contacted ESET and spoke with support - it was determined that this step is not necessary for my deployment. So far so good.
Having a little trouble updating the agents from 6.5 to 7 (it's leaving both versions and the 'stop managing' task breaks everything) but i've managed to get around that by manual uninstall and then reinstall from a new agent installer created in ESMC.
Here is what I am currently troubleshooting:
I can not send a wake-up call to any machine. When I try to, I am greeted with this pop-up message:
Also, in the Computers list, it is showing random machines as having a policy applied and others without any policy. I did verify looking at the local config on a machine that does not show a policy applied that yet, it actually is, it just isn't reporting as such. None of the machines that I have more than 1 policy applied to indicate as such.
Anyone have any ideas about these two hiccups?
-
7 minutes ago, Marcos said:
a few days until ESMC is released
-
The only solution I am currently aware of is to block via GPO. This requires Win 10 Enterprise hosts.
-
I've caught this showing up on my ERA dashboard a couple times now. It only lasts for maybe a minute or so but don't recall ever noticing it previously.
Dashboard -> Computers -> Last Update
"Future / Out of defined interval"
I was going to attach a screenshot but like an idiot I copied the error text to paste here before I pasted the screenshot and now it's gone.
What does this message indicate?
-
I would assume that the new switch ports aren't properly configured for vlan traffic between the ERA server and workstations and that is where your issue is. Otherwise they should be completely transparent.
-
You can perform the Software Install task without automatically rebooting. Under the task's Settings section there is a checkbox labeled "AUTOMATICALLY REBOOT WHEN NEEDED".
-
Make sure the share has permission granted to "Domain Computers" group - ESET executes the command as a local system account rather than a domain user.
I did overlook something in my original reply though - it prints the hostname first and then outputs only the 'net' command to file... so the command needs to be modified a little.Edit: Or you could just simply output the file with the hostname as filename.
net localgroup administrators > \\servername\sharename\%COMPUTERNAME%.logThis way it writes the hostname to file and then appends the net command results to the same file.I tested this just now from ERA and it works fine.
-
Sure you don't have to output to a network share, it would just simplify collecting the results had you ran this command on multiple machines.
"hostname & net localgroup administrators > C:\filename.log"
-
It is possible but there is no built-in functionality specific to this purpose.
You need to execute a Run Command task on the host(s) you want to check. Since the Run Command task simply creates a local batch file and then executes it, the output is not returned to ERA and you will need to output the command to a file.
Here's the command you want:
"hostname & net localgroup administrators > \\%HOSTNAME%\%SHARE%\filename.log"
Replace %HOSTNAME% and %SHARE% with your environment or just output the file locally.
-
Speaking as someone who is hands-on IT management rather than a reseller or MSP: That is how I would expect it to behave and should. My endpoints are configured for strict cleaning so I have not dealt with this issue, however if end users were greeted with option dialogs during an av scan without any way for the admin to suppress I would be quite aggravated with the product.
-
The "Task Category" field only narrows down the list of available tasks that appear in the "Task" combo box.
e.g., Choosing "All Tasks" populated the "Task" combo box with every available task you can execute. Choosing "ESET Security Product" narrows this combo box down to only the tasks related to that selection (but still appear when choosing "All Tasks").
-
Oh cool, thanks for clearing this up.
-
Just noticed that EES 6.6.2072.4 is released. Is there a changelog for this update? I'm getting sick of receiving the outdated software alerts since 6.6.2072.2 did not apply to me and have been looking forward to an update that shuts it up.
-
Of the 5 hosts having the problem over here:
I was able to deactivate two of them and create a new software activation client task that finished successfully. These two machines are now running properly and without error. The remaining three will not take product activation; the task does not indicate that it ever executed on these hosts, however they will disappear from "show running" on the task and also indicate in ELA that they are again licensed but the issue persists. I am unable to deactivate these machines via ELA (for some reason there is no checkbox next to their entries) however I was able to deactivate them through the ERA context menu.
I then had to run the manual uninstaller in safe mode on each of these three hosts to remove the 6.6.2068. Executed a software install client task from ERA and while it took a while to complete (5min, 15min, 30min respectively for each of the three) it did successfully complete and activate the licenses on these hosts without any further issue.
Push this update at your own peril. Large deployments will be a nightmare.
-
Ok, so just got into the office morning after updating those 30 hosts.
Of the 30, 5 of them are experiencing this problem.
-
Something is pretty wacky with this update. Just deployed it to 30 machines via ERA as usual. Thee of them do not show a security product version number in ERA with the task completed. One of the installs has been hung for about an hour and one of them, after having been completed for around 30 minutes, is suddenly reporting that the task failed.
edit:
I just rebooted one of the machines that wasn't showing a security product version number in ERA. Seems to be running fine; doesn't show any functionality problems and now it shows the version in ERA. However - this host is now magically showing as 'running' in the software install task that had already completed.
edit edit:
Aaaaand right after I clicked Save and looked over, I see the failed status for this task has suddenly jumped from 1 to 5 hosts... well after the installs were all completed.
-
Deactivating license via ELA and executing new product activation client task was able to solve the issue for my one problem host.
MS Outlook 2016 "Sync Issues" and "Confilcts"
in ESET Endpoint Products
Posted
I assume you're running Office 365 Outlook with the email service (Exchange Online) that is included with your E3 subscription and not a local Exchange server while the "malware, connection and spam filtering" you mentioned is EOP.
I have not had to deal with this issue myself but it is something that MS has had trouble with for years.
In the past, some people (not specifically ESET users) have commented that by deleting and recreating your email account on the problem computer solves this issue. This is a common solution to many of Outlook's weird behaviors and you might want to give this a shot.