Jump to content

MartinK

ESET Staff
  • Posts

    2,353
  • Joined

  • Last visited

  • Days Won

    67

Kudos

  1. Upvote
    MartinK received kudos from roga in server not in contact with itself   
    I am not certain but it seems that HW fingerprint of this device change in a way that ESMC requires manual approval for this device - it might have been evaluated as cloned.
    Could you please check this client's details in console, whether there is no "Question" in respective subsection? It should be indicated by blue number. Also such questions from whole network should be listed in "Status overview" dashboard, if there are any.
    If question will be reported for this device, please check documentation for it and resolve -> once done, device should be connecting. 
  2. Upvote
    MartinK received kudos from HSW in mapped domain security group -> no user sync   
    Could you be please more specific? You have created mapping for AD security group but users from this group are not able to log in? Asking because it is not clear, as users won't be automatically shown until they first log-in into ESMC, nor they will be removed from ESMC once removed from AD.
  3. Upvote
    MartinK received kudos from ESET_K in I hav centos 8 report problem   
    Unfortunately I am not able to provide any official recommendation, but any chance you tried third-party repositories? For example this one seems to provide QtWebkit based on Ot4: https://centos.pkgs.org/8/getpagespeed-x86_64/qtwebkit-2.3.4-23.el8.x86_64.rpm.html
  4. Upvote
    MartinK gave kudos to Peter Randziak in EOL for ESET MSP Administrator 1 set to DEC 31, 2020   
    This is an early announcement related to the end of life for ema.eset.com (EMA1). As we're completing the migration of MSPs to EMA2 (msp.eset.com), the aim is to phase out EMA1 completely by the end of the year.
     
    For more in-depth information and details, please consult the below links:
    ESET MSP Administrator V1 to V2 Migration Process FAQ: https://help.eset.com/ema/en-US/migration_faq.html  ESET MSP Administrator versions feature comparison (EMA1/EMA2): https://www.eset.com/int/business/msp-administrator/ More about ESET MSP Administrator V2: https://help.eset.com/ema/2/en-US/ How to use EMA2 with your ESMC https://help.eset.com/msp_getting_started/en-INT/  There will be more detailed information about what this specifically means coming via the usual channels and you'll be informed about any action steps that may arise as part of this EOL initiative.
  5. Upvote
    MartinK gave kudos to PuterCare in Office 365 SMTP not working in ESMC 7.1 (or 7.0)   
    Finally got this working, it looks like the issue was Microsoft blocking the SMTP AUTH as it was deemed "Risky". I had to log into Azure portal and manually mark it as safe, then after about an hour it started to work with Automatic authentication selected. 
  6. Upvote
    MartinK received kudos from avielc in Issue| Working with ERA Proxy   
    Connection between AGENT and ESMC is using TLS/SSL and thus is is secured and confidential. In case HTTP proxy is in between, it servers just as forwarding element, i.e. it is not introspecting communication. In other words, both AGENT and ESMC are performing or validity checks of TLS certificate as if there is no proxy and connection will be rejected in case certificate of remote peer is not considered as trusted
    Credentials of HTTP proxy are suitable only to protect proxy itself from connections of unauthorized clients, i.e. those that do not have right credentials, but even if there is no authentication on proxy, whole AGENT-to-ESMC communication is protected on TLS layer where mutual authorization via certificates is performed.
  7. Upvote
    MartinK gave kudos to arusconi in ESET Security Management Center 7 deployment in Proxmox VE   
    Hi,
    I just published a brief guide to ESMC implementation in Proxmox :
    ESET Security Management Center 7 deployment in Proxmox VE
    I hope it is useful.
    Regards
  8. Upvote
    MartinK received kudos from GolfWangDee in Deploying ERA to MAC computer not working, goes wrong during the terminal installation.   
    Thanks for new logs. Now, script works correctly, package is successfully downloaded, installation parameters are ready and installation itself of PKG file is started. Unfortunately more details of installation failure will be available in different log file:
    /var/log/install.log but in case of macOS 10.15 it won't be meaningful, as in such case, even executing of helper tools bundled in installer with fail. There are multiple reasons for this:
    ERA 6.4 Agent for macOS is 32bit application and support for them was dropped in macOs 10.15 ERA 6.4 Agent is not notarized, which is process required for all applications to be installed on macOS 10.15 ERA 6.4 Agent might try to use old OpenSSL library available in macOS 10.15 resulting in operation abort
  9. Upvote
    MartinK received kudos from GolfWangDee in Deploying ERA to MAC computer not working, goes wrong during the terminal installation.   
    Unfortunately that is hard to confirm without testing or more date, but ERA 6.4 was definitely not tested in such environment. Errors seems to be more related to installer script, nor ERA Agent, but it might have the same issue - incompatibility with macOS 10.15 environment.
  10. Upvote
    MartinK received kudos from Yercoca in Error in Repository Creation   
    Just to let you know: please contact me privately (PM) in case you have interest in receiving "new" and not yet published version of MirrorTool which resolves this issue.
  11. Upvote
    MartinK received kudos from mathisbilgi in ESMC Web Console Errors   
    Could you please instruct customer to configure Apache Tomcat to configure underlying Java to use en_US locale? It should look like this in Tomcat's configuration tool:

    where relevant parameters are -Duser.country=US and -Duser.language=en.
    This problem seems to affect only customers hosting ESMC Webconsole on Turkish Windowses. If this is the case, reconfiguration and Apache Tomcat service restart should be sufficient to resolve this issue.
  12. Upvote
    MartinK received kudos from j-gray in Proxy Error from multiple clients   
    In case you are using ESET Apache HTTP proxy, it is probable that connections to port 8883 are blocked but it is not clear whether this is the issue. Could you verify configuration of:
    AllowCONNECT 443 563 2222 in httpd.conf? It is possible that enabling this port 8883 will helps AGENT to connect successfully.
    In case direct connection to EPNS servers is not possible, multiple alternatives, including port variants (443,8883) are tried to ensure that connection is made even when configuration is not possible.
  13. Upvote
    MartinK received kudos from Mitazi in Error in Repository Creation   
    Unfortunately there is fatal problem in downloading metadata3 which results in this issue. I expect there will be new version available at least for testing during upcoming week.
    Only possible workaround for now is to download metadata3 files manually - there should be one for each application and it is identical to file available on ESET servers = it is digitally signed. Great help would be output you already provided with list of metadata3 files downloaded by ESMC - only files for applications you are actually using is required to simplify things.
  14. Upvote
    MartinK received kudos from MichalJ in Mixed environment: which is the best way to manage?   
    My recommendation is to check ports usage documentation: https://help.eset.com/esmc_install/71/en-US/ports_used.html
    Technically ESMC + Webconsole (tomcat) are listening on following ports:
    2222 (can be changed, for example to 443 to reduce possible firewall issues): this port is used by ESMC Agents to connect to ESMC. This one has to be open for client devices. It could possibly be limited to specific IP addresses if possible, but that could possibly block roaming devices 2223: port is used for (my recommendation is to not open this port from outside of server) for Webconsole-to-ESMC communication. If webconsole will be installed on the same machine (= default scenario), there is no need to expose this port for console to work correctly second use is for ESMC Agent installers in case of "Server assisted installation". I would strongly recommend to omit this functionality, it is deprecated in favor of all-in-one installers which are much more suitable for MSP scenario. 443: standard port for access to ESMC Webconsole via browser. Port has to be opened for ESMC users to access console. My recommendation is to enable access to this port only for known IP addresses if possible. There is also possibility to perform additional hardening of Apache Tomcat configuration to enable only most secure TLS ciphers, you just have to be sure your browser will support it. Also make sure that when installing ESMC, so called "Advanced security mode" is enabled in it's configuration. It will prevent connections of older ERA Agents but should work for ESMC 7.1 Agents installed even on oldest supported systems (Windows XP).
  15. Upvote
    MartinK gave kudos to Marcos in ESMC 7.1 sorting in GUI   
    For me sorting by status works. Make sure there is no number next to the arrow. As of ESMC 7.1, you can define primary, secondary and tertiary sorting which is indicated by numbers 1,2,3 respectively.

    In such case, click the column title until the number disappears and records are sorted by the Status column:

  16. Upvote
    MartinK gave kudos to Neal in ESMC Office 365 Settings not working for SMTP   
    Got mine working yesterday. Do you have Microsoft MFA enabled? If so, then you need to create an App Password for that user, and you use that App Password as your authentication password.
    Details below work for me.

  17. Upvote
    MartinK received kudos from MichalJ in Unable to upgrade ESET agent to Version   
    Actually you have to use different tasks to upgrade applications:
    Components upgrade task is required to upgrade ESMC Agents Software installation task is required for upgrade of other ESET applications
  18. Upvote
    MartinK received kudos from MichalJ in Not able to install ESET Security Management Center Server Installer   
    Please provide list of installer parameters you are using to deploy AGENT (only parameter names, no need for passwords or other sensitive details). From log it seems you are performing so called server-assisted installation, but probably with wrong hostname:port configuration, resulting in communication failure.
    Also once ESMC is installed, you might use also live installer created in console to deploy AGENT, it has no parameters so it would be much simpler.
  19. Upvote
    MartinK gave kudos to T3chGuy007 in ESMC Upgrade   
    For those of you in the same situation, I first had to install SP3 for SQL Server 2008 R2 Express because you can't directly upgrade to SQL Server 2017 Express unless you are running SP3.  I was running SP2.  Once this was done, I upgraded to SQL Server 2017 Express by using the custom install option.  I then opened ESMC and went to Help->About.  The DB version is now showing Microsoft SQL Server 2017 (RTM) Express Edition (64-bit) 14.0.1000.169.  I then went to Help->Upgrade Product and a new client task was created.  After a few minutes, I was kicked out of ESMC and I could not log back in.  A few minutes later, the login page wouldn't even come up, but after some more time, it finally came up and I was able to log back in.  ESMC is now showing it is v7.1717.0 and the Web Console is at v7.1.393.0.  The last thing I did was install SQL Server Management Studio (SSMS) on my server so I could manage the DB a little easier.
    https://docs.microsoft.com/en-us/sql/database-engine/install-windows/supported-version-and-edition-upgrades-2017?view=sql-server-ver15
    https://docs.microsoft.com/en-us/sql/ssms/download-sql-server-management-studio-ssms?view=sql-server-ver15
  20. Upvote
    MartinK received kudos from MichalJ in Unknow status - new agent   
    Just for clarification for others in case they encounter this issue: unknown state indicates that for specific application version ESMC is not yet aware of it's state. This normally happens when new version of application is seen for the first time and it should be resolved automatically in no more than 1 hour.
  21. Upvote
    MartinK received kudos from FRiC in ESMC blocked by ESET Endpoint   
    I think this behavior has been already reported and probably fixed in the meantime. Maybe @Marcos will know more details of whether module responsible for scanning network has been updated in the meantime. It is also possible that update was canceled which might explain why only specific devices were affected.
  22. Upvote
    MartinK received kudos from JirkaL in Unknow status - new agent   
    Just for clarification for others in case they encounter this issue: unknown state indicates that for specific application version ESMC is not yet aware of it's state. This normally happens when new version of application is seen for the first time and it should be resolved automatically in no more than 1 hour.
  23. Upvote
    MartinK received kudos from JirkaL in Clients not showing in ESMC   
    I would recommend to start by checking whether ESMC Agent installed on client machine is actually connecting to ESMC. For this purpose please follow troubleshooting part of documentation - especially status.html log present on client machine might be helpful in this case.
    In case ESMC Agent will be connecting to ESMC, most probable issue is that is is using different name in ESMC or is located in different group, which prevented ESMC to remove "dead" duplicate that is rendered as unmanaged.
    In case AGENT is not connecting to ESMC, it is crucial to resolve connectivity issues as described in referenced documentation.
  24. Upvote
    MartinK received kudos from MKach in "Product not Activated" even though Activate Product task succeeds   
    Just for verification: is your license intended to activate ESET Endpoint Security? Asking because this would probably happen if you try to activate it with license for different product, i.e. ESET Endpoint Antivirus or possible other.
  25. Upvote
    MartinK received kudos from Peter Randziak in Not able to install ESET Security Management Center Server Installer   
    When installing ESMC, following credentials are required:
    password for to-be-created ESMC user "Administrator" ( --server-root-password) credentials of DB administrator, i.e. DB user that has permissions to create database and create new user if required ( --db-admin-username , --db-admin-password ) DB user to be used by ESMC service to connect to database ( --db-user-username , --db-user-password ). This user can be the same as administrator, but I would not recommend that. In case provided user does not exists, it should be automatically created using DB administrator account -> created user will be granted permissions required for ESMC operations and it will be limited to ESMC database.
×
×
  • Create New...