Jump to content

MartinK

ESET Staff
  • Content Count

    1,589
  • Joined

  • Last visited

  • Days Won

    52

Kudos

  1. Upvote
    MartinK received kudos from EK roboter in User sync task not syncing AD group names correctly   
    If I recall correctly there was an issue with presets using incorrect values. I think "User Group Name" should be set to name but I am not sure it will be able to rename existing groups -> have you tried to change this value and erase at least some of the groups, just to verify that even newly added groups are still named wrongly?
  2. Upvote
    MartinK received kudos from MichalJ in Errors after moving from ESMC to ECA   
    This is the most probable reason. ECA does not enable user to create policy with connection hostname, but policy imported from ESMC will retain this setting. So in case you imported policy that had some connection host specified, ECA agents will start to us it instead of their original ECA hostname. If this is the case, only solution is to unassigned/remove such policy (unfortunately you won't be able to see which one it is as this setting are hidden in ECA console) and repair AGENT by re-deployment of installer.
    Regarding proxy, I am not sure whether I do understand scenario, but in case you used HTTP proxy for ESMC, and you do not with to use this proxy for ECA, you have to create new policy in ECA, where you explicitly disable use of HTTP proxy. In case you do not do that, AGENTs will be still using previous settings, i.e. they won't revert to settings used before policy was applied. This can be fore example done by creating policy:

    where crutial parts are highlighted. Not visible "Proxy configuration type" should be set to Global proxy.
  3. Upvote
    MartinK received kudos from CMS in ESMC Computers w. Alerts   
    Any chance those two missing devices are "muted"? Seems that dashboard reports them as problematic even when muted, which I consider a bug.
  4. Upvote
    MartinK received kudos from Peter Randziak in How to configure ciphers for communication between ERA Server & Web Console   
    For future reference -> this is actually bug in ESMC itself and should be resolved for upcoming releases. In case there would be no issue, weak ciphers would be disabled in so called "Advanced security" mode which is available in ESMC's configuration. Those weak ciphers are available only for older ERA Agents connecting from even older operating systems (Windows XP, ...) where no secure algorithms were available in system.
  5. Upvote
    MartinK received kudos from Peter Randziak in ERA server trys connect my gateway ip via ssh   
    Just guessing, but only ESMC functionality actually using SSH is "Remote deployment task", could you verify it is not scheduled to be executed regularly?
  6. Upvote
    MartinK received kudos from MichalJ in ESMC computer name mismatch (hostname vs FQDN)   
    Yes please verify that hostname of macOS machine is correctly set. Otherwise AGENT won't be able to report FQDN name to ESMC, and thus ESMC won't be able to pair device with FQDN entries in domain.
    Recently we were solving similar issue as support ticket, and customer used command:
    sudo scutil --set HostName devicename.example.com to correctly set FQDN name on macOS device.
  7. Upvote
    MartinK received kudos from veehexx in ESMC computer name mismatch (hostname vs FQDN)   
    Yes please verify that hostname of macOS machine is correctly set. Otherwise AGENT won't be able to report FQDN name to ESMC, and thus ESMC won't be able to pair device with FQDN entries in domain.
    Recently we were solving similar issue as support ticket, and customer used command:
    sudo scutil --set HostName devicename.example.com to correctly set FQDN name on macOS device.
  8. Upvote
    MartinK received kudos from Mauricio Osorio in Migration Case   
    Yes, it is possible, but you have to be careful as it might result in inability of AGENT to connect even to their original ESMC.
    Roughly you have to:
    choose new ESMC (i. e. one of existing, or install completely new ESMC) -> I will reference it as "primary ESMC" ensure that ESMC's peer certificate (as set in server settings) contains all required hostnames (or wildcard *), so that AGENTs can connect using various hostnames/IP address. export CA certificate from "primary ESMC". It has to be CA certificate that has been used to sign certificate used for incoming connections, set in server settings. import CA certificate from previous steps into all original ESMC instances. export CA certificates from all original ESMC instances and import them into "master ESMC".  in this moment, all connecting AGENTs should have all 6 CA certificates (5 original + 1 from new ESMC), which means that they can connect to master ESMC, as they will trust it's certificate. This works also other way around -> master ESMC will trust all original AGENT certificates, which means it will accept connections of AGENTs from all previous instances. In each original ESMC instance, create new configuration policy for "ESET Management Agent" and specify servers to connect to in a way that list of hostnames is used, where first in list is hostname of master ESMC, and second is hostname of original server. This is just to be sure that in case AGENT cannot reach new hostname, it will be still connecting to original ESMC. In case hostname will be the same for all AGENTs, you can simplify process by export/import capability. Policies should be assigned to all clients. From this moment, AGENTs should start connecting to master ESMC. You could optionally create policy for "ESET Management Agent" which changes list of server to connect to and AGENT peer certificate so those available in master ESMC, so all remnants of original ESMC servers is removed.
  9. Upvote
    MartinK received kudos from greyjoy99 in ESMC last scan info   
    Unfortunately it was lost during re-design, but it was already re-added for new versions. It should be still possible to create custom report for fetching this client detail.
  10. Upvote
    MartinK received kudos from MichalJ in two licenses issue   
    Number as you see in License management view is provided by ESET licensing servers, i.e. should be more precise. In oppose to that, ESMC reports shows only devices that are managed by ESMC, or more precise are reporting license usage to ESMC.
    In you case, there are few possibilities:
    there might be devices that are not managed by ESMC, but are activated using license there has been hardware changes on clients, or clients were reinstalled, which resulted in duplication on license servers. In both cases I would recommend to visit ESET licensing portals (EBA or ELA) and check list of activated devices as listed there. In case of duplicates, it should be clear from "seat name". This portal can be also used to manually deactivate or remove device that is no longer active.
  11. Upvote
    MartinK received kudos from Peter_J in KB6666 Computers with less than 1,000 MB free disk space   
    I think there are two possibilities (but had not confirmed it is actually enabled):
    configure notification over this dynamic group. Unfortunately you will be receiving notification without list, and most probably for each device separately. use scheduled reports. It should be possible to prepare report which shows devices in specific group (or maybe dynamic groups can be completely bypassed here). Once reports is prepared, it is possible to schedule it to be sent to email, and there should be possibility to not send empty data.
  12. Upvote
    MartinK received kudos from MichalJ in KB6666 Computers with less than 1,000 MB free disk space   
    Problem is that group as you defined it will be matching devices, where at least one devices has capacity less than 1GB -> so for example devices with connected USB key or even devices with CD/DVD ROM, which mostly reports capacity 0MB.
    I would recommend to add another condition, either explicitly specifying id of storage, or possibly requiring that reported capacity is >0. For example:

    where only one of additional conditions should be required, byt it depends on your environment. I would recommend to use "Storage Id", especially in case you are interested only in system disks and devices are using default "C:".
  13. Upvote
    MartinK gave kudos to katycomputersystems in KB6666 Computers with less than 1,000 MB free disk space   
    You did it! Thanks.
    Using custom headers, I am able to specify who gets my reply message Wednesday morning.
    Here is the report:

     
    And the group that identifies the computers in need of attention:

     
    RMM, I don't need no stinking RMM, I have ESMC!
     
  14. Upvote
    MartinK received kudos from katycomputersystems in KB6666 Computers with less than 1,000 MB free disk space   
    I think there are two possibilities (but had not confirmed it is actually enabled):
    configure notification over this dynamic group. Unfortunately you will be receiving notification without list, and most probably for each device separately. use scheduled reports. It should be possible to prepare report which shows devices in specific group (or maybe dynamic groups can be completely bypassed here). Once reports is prepared, it is possible to schedule it to be sent to email, and there should be possibility to not send empty data.
  15. Upvote
    MartinK received kudos from katycomputersystems in KB6666 Computers with less than 1,000 MB free disk space   
    Problem is that group as you defined it will be matching devices, where at least one devices has capacity less than 1GB -> so for example devices with connected USB key or even devices with CD/DVD ROM, which mostly reports capacity 0MB.
    I would recommend to add another condition, either explicitly specifying id of storage, or possibly requiring that reported capacity is >0. For example:

    where only one of additional conditions should be required, byt it depends on your environment. I would recommend to use "Storage Id", especially in case you are interested only in system disks and devices are using default "C:".
  16. Upvote
    MartinK received kudos from bNetworked in Lateral move/upgrade quirk   
    Both issues (version check & wrong system) are most probably related to state of ESET Management Agent as installed on machine where ESMC Server is installed. Could you verify that is is actually connecting to new ESMC server? In this migration scenario you had to completely reinstall this AGENT which means there should be two entries of ESMC Server in your console, one representing original server, and one "duplicate" representing new installation.
    In order to resolve your issues, you should:
    To resolve wrong OS information, ensure there is ESET Management Agent installed on the same machine as migrated ESMC servers ensure it is connecting to ESMC Server verify that AGENT installed on old ESMC Server is no longer connecting to new (migrated) ESMC Server To resolve version check: Once migration is successfully completed, there should be two entries of ESMC Server in your console. Old one should be no longer updating, and version as reported from history is triggering upgrade prompt -> you should erase this entry from console, but be aware that all data tied to this old device will be lost.
  17. Upvote
    MartinK received kudos from Peter Randziak in ESMC 7 Bad file descriptor   
    This is most probably caused by limits set in your Linux system. Please verify limit for open files in your system, or limits for services in case systemd is used.
    In case you are using ESMC Appliance, please check following forum topic:
     
  18. Upvote
    MartinK received kudos from bNetworked in ERA 6.5 Server MySQL issue - Windows Server 2016   
    Just to be sure, there are two other settings of MySQL server that has to be changed:
    innodb_log_file_size=100M innodb_log_files_in_group=2 Could you verify those too? They can have different values but there are minimal requirements that are larged than default (documentation).
  19. Upvote
    MartinK received kudos from Peter Randziak in ERA 6.5 Server MySQL issue - Windows Server 2016   
    Just to be sure, there are two other settings of MySQL server that has to be changed:
    innodb_log_file_size=100M innodb_log_files_in_group=2 Could you verify those too? They can have different values but there are minimal requirements that are larged than default (documentation).
  20. Upvote
    MartinK received kudos from MichalJ in two licenses issue   
    I would try to create new report with following data set configuration:

    which should provide you list of devices with public ID of used licenses. It is possible multiple entries per device will be reported in case multiple activated products or multiple licenses are used.
  21. Upvote
    MartinK received kudos from Peter Randziak in 7.0.577.0 Agent Upgrade Fails On Hyper-V Guests   
    There should be full-verbosity MSIEXEC installation log with name ra-upgrade-infrastructure.log either in AGENT's Logs directory, or in system temporary directory. It should help us to identify cause of failure of last upgrade attempt.
    From symptoms you describe it is possible that AGENT's service cannot stop and thus upgrade fails - in such case, could you provide us version/type of ESET security product you are using on those clients?
  22. Upvote
    MartinK gave kudos to MichalJ in ERA 6.5 to ESMC Components Upgarde Issue   
    ESET Security Management Components Upgrade task is only intended to upgrade agents & other ESMC components. If you want to install a newer version of the endpoint, you need to do it via "software install task". The simplest way, if you already have ESMC V7 would be to navigate to the main dashboard, tab "ESET Applications", locate the table "outdated applications" and click on the individual entries you want to update. You can then click "update installed eset products", and that would automatically create corresponding installation tasks.
×
×
  • Create New...