PyrexxData 0 Posted August 22, 2017 Share Posted August 22, 2017 Hello, We are currently configuring over 70 new Android tablets and installing ESET Endpoint Security on them. Since yesterday we have the problem, that devices which are enrolled do not seem to fully update their status. What I mean is that we enroll them and they are shown to be ok in the web interface. But if I click on the device it shows that the product is not activated, signature database is not up to date and and and... even though it is. The second problem is that these devices do not update their Last Connection status, only when I turn Wifi off and on. What also happens is, that when I send a task to these devices the task gets executed but in ESET ERA it shows that it is waiting to execute the task. Called the support in Germany for over 2 hours and they told me I have to do it manually because they can not identify the problem. Sorry, but that is not going to work for so many devices in the timeframe we have. Hopefully some one here can help, my software versions are: MDM: 6.5.449.0 Agent version on MDM: 6.5.417.0 ERA: 6.5.417.0 Agent version on Server: 6.5.417.0 Rouge Detection Sensor version: 1.0.1079.0 If anything else is needed, like logfiles, please tell me! Thanks and regards, Serkan Siller Pyrexx Data GmbH Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted August 24, 2017 Author Share Posted August 24, 2017 Bump. Anyone? Link to comment Share on other sites More sharing options...
BobMan 2 Posted October 3, 2017 Share Posted October 3, 2017 I am experiencing exactly the same issue, with no client data being received back from the mobile devices. Mobile devices that were previously setup (and working correctly) are not reporting back 'new' data and new devices never report in at all. All commands issued by ERA are received by the devices and policy changes are applied and enforced. I had a support call open with ESET briefly but they have reported a bug in this version of ERA/MDM (identical version numbering to yours) which will be fixed in the next release. No timescale was offered for the next release so we are left in limbo with potentially insecure devices and no device tracking. Not great ESET. Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted October 4, 2017 Author Share Posted October 4, 2017 Yes I should have updated this. I send them like a Gigabyte of logfiles and MySQL-Dumps and they told me that they found that bug. I was told from the support that there may be a release this or next week. Link to comment Share on other sites More sharing options...
BobMan 2 Posted October 4, 2017 Share Posted October 4, 2017 Thanks for the feedback, appreciated. Link to comment Share on other sites More sharing options...
SilentDave 2 Posted October 17, 2017 Share Posted October 17, 2017 Any luck with that. Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted October 17, 2017 Author Share Posted October 17, 2017 3 minutes ago, SilentDave said: Any luck with that. Sadly not. Matters got even worse, we get an error that the HTTP-Certificate-Chain is incomplete and we don't know how to fix that. Now we cannot even enroll devices. Link to comment Share on other sites More sharing options...
SilentDave 2 Posted October 17, 2017 Share Posted October 17, 2017 I got Certificate-chain errors after system update. Please guys come on. At least write something. A lot of things are not working as should. Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted October 17, 2017 Author Share Posted October 17, 2017 Yeah I got it too after an system update. This looks like another bug we stumbled across. Wish one of the mods would react so we could help resolve that too. But as you see, nothing is happening here. Link to comment Share on other sites More sharing options...
BobMan 2 Posted October 17, 2017 Share Posted October 17, 2017 After my last update to MDM I too got the certificate chain is incomplete error. I raised this as a ticket with support who resolved this on a remote session. Just a case of generating a new MDM cert and adding to the policy. Link to comment Share on other sites More sharing options...
BobMan 2 Posted October 17, 2017 Share Posted October 17, 2017 Correction: It was an OS update to both our ERAS server (appliance) and MDM server (also an appliance) that caused the cert error. Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted October 17, 2017 Author Share Posted October 17, 2017 1 hour ago, BobMan said: After my last update to MDM I too got the certificate chain is incomplete error. I raised this as a ticket with support who resolved this on a remote session. Just a case of generating a new MDM cert and adding to the policy. Could you explain this a bit in detail please? Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted October 17, 2017 Author Share Posted October 17, 2017 (edited) Okay, I got an answer from the support now which worked very well. For anyone who has a virtual appliance for the ERA-Server and the MDC, this is what helped me: 1) Export the CA on the webinterface of the ERA-Server into a *.der file 2) Move it to the MDC 3) Copy it to /etc/pki/ca-trust/source/anchors/ 4) From command line run the following command: update-ca-trust I don't know if you have to restart the MDC-Service, but to do so you can type: systemctl restart eramdmcore.service Then again, this is what helped me, it may not work for you, so try it on your own behalf. Edited October 17, 2017 by PyrexxData Added a bit more detail Link to comment Share on other sites More sharing options...
BobMan 2 Posted October 24, 2017 Share Posted October 24, 2017 Hey PyrexxData - I am assuming this did not resolve the client update issues, just the cert chain problem? There is another thread in the forum here intimating a patch is coming for MDM after they have identified a problem in the code - I have asked for an update in that thread. Link to comment Share on other sites More sharing options...
PyrexxData 0 Posted October 24, 2017 Author Share Posted October 24, 2017 1 hour ago, BobMan said: Hey PyrexxData - I am assuming this did not resolve the client update issues, just the cert chain problem? There is another thread in the forum here intimating a patch is coming for MDM after they have identified a problem in the code - I have asked for an update in that thread. Hello, yes, only the cert chain problem. The only information I have is the same as you have. They have identified it but don't know when a fix is ging to be released. Link to comment Share on other sites More sharing options...
BobMan 2 Posted October 25, 2017 Share Posted October 25, 2017 Just had a call back from support and apparently the release is imminent. It was due before now but a bug has been identified that has delayed release. He did say however, that if a customer was experiencing major issues they would make the MDM update available to those in need immediately. This was an answerphone message left for me last night. I think on balance I am going to get hold of the pre-release version today and see if it does actually fix the issues we have. Link to comment Share on other sites More sharing options...
SilentDave 2 Posted October 25, 2017 Share Posted October 25, 2017 Yes yes finaly, give us the update please! Link to comment Share on other sites More sharing options...
BobMan 2 Posted November 2, 2017 Share Posted November 2, 2017 Okay, so I wasn't able to do any testing on this as there is no planned release for the appliance as yet. However, there is a new version released of the MDM connector which should be installable via a Remote Administrator Component Upgrade task, taking you from v6.5.449 to v6.5.510. I have just upgraded via this method, time to see if the hotfix has fixed our issues... Link to comment Share on other sites More sharing options...
BobMan 2 Posted November 3, 2017 Share Posted November 3, 2017 Although there were a few issues directly after upgrade, having left it to settle overnight everything now looks to be working perfectly. All the mobile devices have now reported back and are displaying updated status's in ERAS. I have tested with location and everything looks good. Finally! Link to comment Share on other sites More sharing options...
Recommended Posts