PyrexxData

Clients are not getting updated in ESET ERA

Recommended Posts

Hello,

We are currently configuring over 70 new Android tablets and installing ESET Endpoint Security on them. Since yesterday we have the problem, that devices which are enrolled do not seem to fully update their status.

What I mean is that we enroll them and they are shown to be ok in the web interface. But if I click on the device it shows that the product is not activated, signature database is not up to date and and and... even though it is. The second problem is that these devices do not update their Last Connection status, only when I turn Wifi off and on. What also happens is, that when I send a task to these devices the task gets executed but in ESET ERA it shows that it is waiting to execute the task.

Called the support in Germany for over 2 hours and they told me I have to do it manually because they can not identify the problem. Sorry, but that is not going to work for so many devices in the timeframe we have.

Hopefully some one here can help, my software versions are:

MDM: 6.5.449.0

Agent version on MDM: 6.5.417.0

ERA:  6.5.417.0

Agent version on Server: 6.5.417.0

Rouge Detection Sensor version: 1.0.1079.0

If anything else is needed, like logfiles, please tell me!

 

Thanks and regards,

Serkan Siller

Pyrexx Data GmbH

Share this post


Link to post
Share on other sites

I am experiencing exactly the same issue, with no client data being received back from the mobile devices.  Mobile devices that were previously setup (and working correctly) are not reporting back 'new' data and new devices never report in at all.

All commands issued by ERA are received by the devices and policy changes are applied and enforced.

I had a support call open with ESET briefly but they have reported a bug in this version of ERA/MDM (identical version numbering to yours) which will be fixed in the next release.

No timescale was offered for the next release so we are left in limbo with potentially insecure devices and no device tracking.  

Not great ESET.

 

PyrexxData likes this

Share this post


Link to post
Share on other sites

Yes I should have updated this. I send them like a Gigabyte of logfiles and MySQL-Dumps and they told me that they found that bug. I was told from the support that there may be a release this or next week.

Share this post


Link to post
Share on other sites

Thanks for the feedback, appreciated.

 

 

Share this post


Link to post
Share on other sites
3 minutes ago, SilentDave said:

Any luck with that.

Sadly not. Matters got even worse, we get an error that the HTTP-Certificate-Chain is incomplete and we don't know how to fix that. Now we cannot even enroll devices.

Share this post


Link to post
Share on other sites

I got Certificate-chain errors after system update. 

Please guys come on. At least write something. A lot of things are not working as should.

PyrexxData likes this

Share this post


Link to post
Share on other sites

Yeah I got it too after an system update. This looks like another bug we stumbled across. Wish one of the mods would react so we could help resolve that too. But as you see, nothing is happening here.

Share this post


Link to post
Share on other sites

After my last update to MDM I too got the certificate chain is incomplete error.  I raised this as a ticket with support who resolved this on a remote session.

Just a case of generating a new MDM cert and adding to the policy.

 

 

PyrexxData likes this

Share this post


Link to post
Share on other sites

Correction: It was an OS update to both our ERAS server (appliance) and MDM server (also an appliance) that caused the cert error.

 

 

Share this post


Link to post
Share on other sites
1 hour ago, BobMan said:

After my last update to MDM I too got the certificate chain is incomplete error.  I raised this as a ticket with support who resolved this on a remote session.

Just a case of generating a new MDM cert and adding to the policy.

 

 

Could you explain this a bit in detail please?

Share this post


Link to post
Share on other sites

Okay, I got an answer from the support now which worked very well. For anyone who has a virtual appliance for the ERA-Server and the MDC, this is what helped me:

1) Export the CA on the webinterface of the ERA-Server into a *.der file

2) Move it to the MDC

3) Copy it to /etc/pki/ca-trust/source/anchors/

4) From command line run the following command: update-ca-trust

I don't know if you have to restart the MDC-Service, but to do so you can type: systemctl restart eramdmcore.service

Then again, this is what helped me, it may not work for you, so try it on your own behalf.

Edited by PyrexxData
Added a bit more detail

Share this post


Link to post
Share on other sites

Hey PyrexxData - I am assuming this did not resolve the client update issues, just the cert chain problem? 

There is another thread in the forum here intimating a patch is coming for MDM after they have identified a problem in the code - I have asked for an update in that thread.

 

 

Share this post


Link to post
Share on other sites
1 hour ago, BobMan said:

Hey PyrexxData - I am assuming this did not resolve the client update issues, just the cert chain problem? 

There is another thread in the forum here intimating a patch is coming for MDM after they have identified a problem in the code - I have asked for an update in that thread.

 

 

Hello,

yes, only the cert chain problem. The only information I have is the same as you have. They have identified it but don't know when a fix is ging to be released.

Share this post


Link to post
Share on other sites

Just had a call back from support and apparently the release is imminent.  It was due before now but a bug has been identified that has delayed release.  He did say however, that if a customer was experiencing major issues they would make the MDM update available to those in need immediately.

This was an answerphone message left for me last night.  I think on balance I am going to get hold of the pre-release version today and see if it does actually fix the issues we have.

 

Share this post


Link to post
Share on other sites

Yes yes finaly, give us the update please!

Share this post


Link to post
Share on other sites

Okay, so I wasn't able to do any testing on this as there is no planned release for the appliance as yet.

However, there is a new version released of the MDM connector which should be installable via a Remote Administrator Component Upgrade task, taking you from v6.5.449 to v6.5.510.

I have just upgraded via this method, time to see if the hotfix has fixed our issues...

Share this post


Link to post
Share on other sites

Although there were a few issues directly after upgrade, having left it to settle overnight everything now looks to be working perfectly.

All the mobile devices have now reported back and are displaying updated status's in ERAS.  I have tested with location and everything looks good.

Finally!

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.