Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by PatrickL

  1. rockshox, I can confirm that this an Eset server that the software needs access to. Those IP addresses are part of the Live Grid. They change intermittently and should be monitored if any other IP address resolves to an Eset machine and does not seem to be published. Patrick
  2. Zurd, The purpose of this field is to help create a logon script for you to point to using Group Policy. In the manual (download at: hxxp://download.eset.com/manuals/eset_era_5_userguide_enu.pdf ) in section ' Export ESET Installer to Folder / Logon Script' it gives a decent description. In the dialogue at ERA when on the Remote Install Tab, right click and select Export to Folder or Logon Script. The first line is Type - and should default to the correct seeint of ESET Security Products for Windows. The next line down is package and should be the package you want to build the in
  3. Rick, I appologize that you were unable to find your answers in the help file. The solution to your answer is in the text on the screen. Allowed senders is more commonly known as "whitelisting". You can add people who are sending mail or domains (as in your example with gmail). You can either add Person1@gmail.com or gmail.com (which you will want to include the .com to specify that domain exactly). The allowed domains is in refernce to textual entries in the mail itself. The most common would be viagra.com. This entry garners a lot of spam scoring points and for companies that work
  4. segFault, Thank you for the policies. I need a little more information from you to get a thorough udnerstanding of the process that these new installations are going through. One question and one file request (reply to me with the file via PM, please) Question - in your policy tree you sent me, I need to know which is the default policy for new clients. Its easiest to tell by looking at the policy list and seeing which has a black box to the left of the policy name. Please look at your policy tree and advise me which is the default policy. The file request is a copy of the XML fr
  5. segFault, Can you advise me if these clients are new installations that you are referencing in your example? If so, can you export the configuration for your isntallation as well as the configuration for your default policy in Remote Administrator and send them to me via a direct message? If these are not fresh installs, then please send me the scenario that these machines are in as well as just the policy configuration (steps also below). I am wondering if the clients are installing with a 0 interval and reporting before the update happens and then there is a typo in the policy
  6. Michael, There is no upgrade process that leads to Eset File Security for Windows Server, so no. You will need to uninstall cleanly to allow the installation. We have a knowledgebase article that discusses how to unisntall in these instances. Please follow the steps in the article below (please note that this requires safe mode, so you will need to schedule a service window most likely): hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2289 Patrick
  7. Joecoo1025, The count that is determined by the Eset Remote Administrator is determined from the number of clients listed. That list (based on your ntoes) is set to clear old connections every two weeks. By default, this is set to 6 months. If the clients are cleared due to inactivity, then theyw ont show in the count for the head server (or child server, if the settings reflect that). To resolve this, you will want to access the settings for each of the servers and ensure that the timeframe is set to a value that will allow you to keep clients in the list that may not have connected bu
  8. Cruz, I can certainly help you determine the issues and resolve them. I will need some information from you that will contain confidential information, so I recommend that you send me the data I am asking for via a PM instead of this forum, please. Please send me: 1. sample of mail that was sent to the user OUTSIDE the organization that seems to be from your organization (save it and attach it, pelase) 2. Please export tothe configuration for EMSX and zip it up and include that as a reply also 3. If you can also use your Mail Tracking tool in the Exchange console to track the
  9. BCS-E, Currently, that functionality is not inplace. The notifications are geared to point you back tot he Remote Administrator for clarification, in this case. You can, however, create a seperate notificaiton that is based on event logs (same place that the status text comes from) and have it email you anytime a warning is logged there. You can include the point of %LOG_LIST_FULL% in the event log message bodya nd it will include the data from the error message log. Please feel free to PM me directly if I can help in any way to help resolve this further. Patrick
  10. PaulWilliams, You will certainly have to uninstall the Endpoint ANtivirus to move over to Endpoint Security. You can do so locally using Start>All Programs>Eset>Eset Endpoint Security>Uninstall and you can also use the Eset Remote Administrator (as you asked above). To do this is essentially the same as the installation, with some minor changes and potential differences. Before you begin, if you use a password to protect the setup parameters we need to add that to the uninstall package. To test on a client machine, open the Eset software and press F5. If it prompts for a
  11. Al, It would seem from your original post, that I wonder if the notification itself is setup correctly. The notification has to have an aciton to send an email to a spcified address (yes, specified per notificaiton). If that is not set up, then everything you mention is exactly what would happen. Can you please open the notification manager and click on the notification in question and either take a screenshot and PM that to me directly or look at the action line and see if it has email listed in it. If it does not, then please click on edit to the right of it and put a check in the box
  12. Proactive Services, The cleaning mode is the same for ECLS as it is for Eset software. Definitions to follow: none - In this mode, no automatic cleaning will occur. standard (default) - In this mode, the program will attempt to automatically clean or delete the infected files. strict - In this mode, the program will attempt to automatically clean or delete all infected files witout user intervention. rigorous - In this mode, it will simply delete the filw without attempting to clean - REGARDLESS of what file it is. delete - In this mode, it will simply delete the file without att
  13. Farhan, I would need to see speific information to how you have your Eset set up. Can you please PM me directly and provide the following info: 1. Version of OS 2. Version of Eset Mail Security for Exchange 3. Export your policy and include as an attachement, please 4. Open your exchange and copy/paste the reply to these commands: get-transportagent get-transportpipeline
  14. martinl, I believe that the self-defense driver is still intact. Please attempt the following action against the machine (safe mode uninstall using a tool) and advise success (or otherwise): hxxp://kb.eset.com/esetkb/index?page=content&id=soln2289 Patrick
  15. Casasco, It would seem that we were unable to contact you. We will keep trying to reach you. We are very eager to assist in resolving this for you. Patrick
  16. MartynKeigher, Within your clients that are Citrix/XenApp Servers, if the Remote Administrator reports the OS as such, then you can use the filter for OS in. If that does not work for you, then you might be onto the best solution using the custom field . Please reach out to me with a direct PM so that I can ask you specific questions that will allow us to potentially use the custom field in the policy under Kernel > Settings > Remote Administration in order to resolve the issues with determining the Parametric group creator/management aspect of our software.
  17. Casasco, I would be happy to help resolve this for you. Keep in mind that each country has a direct contact information on their eset website. Select Eset.com and choose your country from the drop down menu in the top right and then the conact option will provide direct contact info. If you would like to work tor esolve this, please feel free to contact me directly using PM so I can get some information from you directly (specifically, export of your notifications, a copy of the client configuration as well as a compelte copy of the email that is being sent to you about the old not
  18. JRV, I do appologize for the scenario that the third party vendor (reseller) has put you into. It is indeed awkward when someone outside a direct relationship causes the system to slow down. At the tail end of this, I will certainly have someone from my side contact the vendors and work to improve their processes to minimize the chances of this occuring again. I would like to put myself out there to assist in a slightly more direct fashion. If you would please PM me a message with the EAV usernames from both of your licenses, I can use that to determine where the mistake is occuring
  19. HDM, I believe ths issue lies in the case sensitivity. I would use this as your switch inside ERA (I changed it a bit to allow for management of the restart and also to have a quiet install, per your notes). I ran this on a lcoal VM to confirm success. /qn REBOOT='ReallySuppress" REMOVE=Firewall,Antispam,eHttpServer /qn will have a quiet install REBOOT will have the software NOT restart upon completion of installation 9can change to force if you want to make the machine restart upon completion of installation REMOVE is extremely sensitive to case. I believe the S in spam being
  20. JRV, The update action and the Remote Administration (communication with and consequently visibility in the clients tab of the Remote Administrator) are two seperate actions. You described making the necessary changes to the Update settings. Now you need to make similar changes to the Remote Administrator section with is located in the "Advanced Settings">Miscellaneous>Remote Administration. Please ensure the check-box is marked and that the primary servier is populated with the Remote Administrator console servername (no http or port number necessary in the server name field). Onc
  21. Guest_Matrak_, The option to use command line to backup the database in the same format (.DMP file) is not available currently. Waht I would recommend is to either use PERL scripting to run the maintenace tool and back it up or use traditional scripting to copy the folder that has the raw MDB file and if an issue occurs, you can reinstall the same version of the Remote Administrator and drop the files into the same directory after rebuild and ESET will use the database (folder locations below): Server 2003, XP: C:\Documents and Settings\All Users\Application Data\ESET\ESET Remote A
  22. damitha, You have three options here to manage quarenting what Eset Mail Security for Exchange (EMSX) marks as spam. Option one is to allow us to mark it and posh it through where Outlook will redirect it (option 1). The second choice is to allow EMSX to quarentine it directly (Option 2). The third is to have EMSX mark it and Exchange will manage the mails quarentine (option 3). For option 1, I would direct you this article for step by step instructions on setting up the process: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2429 For option 2, You have a bit of it already conf
  23. MrGrinch, the clients get their information on licensing from where they are updating. For example, if they are updating from the web, they will get their expiration dates from our servers. If they are reporting to the Remote Administrator for their virus definition updates then they will get their expiration information from there. Please start by confirming that the License Expired is under Status versus under Last status warning. Status is a current issue where as Last Status warning could be a past issue that has been resolved. If its the latter, you are welcome to highlight the
  24. LocknetSSmith, There is no formal way to resolve this as a PDF direct from Eset Remote Administrator. You can export the files (as you mentioned) and generate a PDF using third party applications. This will blend the files into a static PDF to allow you to push them out to the necessary recipients. you also have the option (other than the .html option used here) of exporting to a CSV format by choosing advanced options and selecting to export as a CSV from the available options. I have submitted to have this added as a requested enhancement for future builds. Patrick
  25. Dana, When it comes to customization, there are quite a few options but there are also limitations. A great example is the variables. The variables help expand the data with variables that pull a static value. In your case, you are presenting the servername/clientnameTaht is the data that that variable pulls and it is not something you can customize. With the sending of the notification actions (question 2) they are set to repeat and will repeat on a scheduled timeframe without any adjustment to the time. Sadly, the two customizations you are asking for are not present or adjustable
  • Create New...