Jump to content

Archived

This topic is now archived and is closed to further replies.

davidenco

Product update failed: Unauthorized access

Recommended Posts

What does this mean? The last update was successful and the event log says nothing about there being a problem with the last check.

This is also happening for a handful of our Endpoint Antivirus clients and File Security servers.

Is this EDTD all over again?

image.png.438133e1008fd56defbb606f5923afcf.png

image.png.0a02645e893af542687c2f5bd57495ed.png

Share this post


Link to post
Share on other sites

It means that you have enabled ESET Dynamic Threat Defense in a policy but in fact you don't have an EDTD license or EDTD was not activated in EMSX via an EBA account from ESMC. Please disable EDTD in policies that are applied to EMSX:

image.png

Share this post


Link to post
Share on other sites

Did you read the entire post or just the reference I made to EDTD? This is nothing to do with EDTD, I don't even see it in the UI!

image.png.5a0cc3a312eb705babec790f0906a44e.png

Share this post


Link to post
Share on other sites

I'm sorry. You mentioned EDTD in your post and there was a message about unauthorized access so I erroneously concluded it was related.

Please enable diagnostic logging, run manual update, disable logging and finally gather logs with ESET Log Collector and post the generated archive here.

Share this post


Link to post
Share on other sites

The message disappears when I check for an update manually (as it has already done), so doing what you've suggested isn't going to work. Any suggestions?

Share this post


Link to post
Share on other sites
2 hours ago, davidenco said:

The message disappears when I check for an update manually (as it has already done), so doing what you've suggested isn't going to work. Any suggestions?

Then enable diagnostic logging and wait until the error occurs without running manual update and only then disable logging.

Share this post


Link to post
Share on other sites

I just noticed these entries in the error_log on the ESMC Virtual Appliance. Could this be the problem?

[Thu May 09 10:21:02.646568 2019] [access_compat:error] [pid 4373:tid 139798693996288] [client 10.1.1.76:3148] AH01797: client denied by server configuration: proxy:http:/repository.eset.com/v1/com/eset/apps/business/eea/windows/metadata3
[Thu May 09 10:28:07.070201 2019] [access_compat:error] [pid 4373:tid 139798954215168] [client 10.1.1.17:43234] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 10:38:17.186629 2019] [access_compat:error] [pid 4588:tid 139798836672256] [client 10.1.1.17:43748] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 10:48:27.266414 2019] [access_compat:error] [pid 4588:tid 139798777923328] [client 10.1.1.17:44598] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 10:58:37.538603 2019] [access_compat:error] [pid 4373:tid 139798794708736] [client 10.1.1.17:45206] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 11:08:47.586300 2019] [access_compat:error] [pid 4372:tid 139798945822464] [client 10.1.1.17:46088] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 11:18:57.845311 2019] [access_compat:error] [pid 4374:tid 139798962607872] [client 10.1.1.17:46702] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 11:29:07.926779 2019] [access_compat:error] [pid 4374:tid 139798777923328] [client 10.1.1.17:47540] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 11:39:08.306905 2019] [access_compat:error] [pid 4374:tid 139798719174400] [client 10.1.1.17:48080] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 11:49:18.604284 2019] [access_compat:error] [pid 4588:tid 139798929037056] [client 10.1.1.17:48882] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 11:59:28.867581 2019] [access_compat:error] [pid 4588:tid 139798836672256] [client 10.1.1.17:49616] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 12:09:29.567019 2019] [access_compat:error] [pid 4588:tid 139798735959808] [client 10.1.1.17:50608] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 12:19:32.004482 2019] [access_compat:error] [pid 4373:tid 139798761137920] [client 10.1.1.17:51794] AH01797: client denied by server configuration: proxy:hxxp:///
[Thu May 09 12:23:40.539484 2019] [access_compat:error] [pid 4372:tid 139798920644352] [client 10.1.1.2:13054] AH01797: client denied by server configuration: proxy:http:/repository.eset.com/v1/com/eset/apps/business/ems/exchange/metadata3
[Thu May 09 12:29:33.354294 2019] [access_compat:error] [pid 4373:tid 139798937429760] [client 10.1.1.17:52960] AH01797: client denied by server configuration: proxy:hxxp:///

 

Share this post


Link to post
Share on other sites

Did you enable http proxy on the VA during deployment or you installed it afterwards? Please provide httpd.conf and proxy.conf. What is weird is "proxy:hxxp:///" as there should be the actual url which was blocked instead of "hxxp:///".

Also "http:/repository.eset.com/..." doesn't look ok to me, I'd expect "http://repository.eset.com/.." there. Please provide ELC logs from a machine that is configured to connect through the proxy and where updates are failing.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...