Jump to content

Recommended Posts

Posted

We've recently discovered that I missed the install_config.ini file along side an update to the latest agent.msi. fresh installed clients have the server as localhost and not our esmc FQDN.

i've done a search in redgedit HLKM for our fqdn and the install dir but neither have a result.

Is there a way to confirm what the agent is currently set to via an external method? Yes, i know we can check the server via add/remove programs and modify the agent install but that requires admin rights and only useful for machines we know are affected. We use SCCM to manage software so looking for something i can use for either deployment detection, or a Compliance Item.

  • Administrators
Posted

You'll need to reinstall or redeploy agent in order to change connection parameters.

Posted

Redeploying is fine once we discover what devices are affected.

what i'm wondering is if there is a way we can query (regkey, script, etc) what the Agent's Server address is currently set as?

  • Administrators
Posted

I assume that connection parameters are stored in agent's database for security reasons.

Posted

That was my assumption when i couldn't find anything in regedit or install folder.

Shame. the deployment guy manually activated the clients so at least they're licenced and protected. He only thought to tell me there was an issue today. Hopefully he has a record of who&what went out in the time period (or look at AD creation timestamp) so we can manually confirm their last connected timestamp in ESMC and handle from there.

  • ESET Staff
Posted

There is a "Diagnostic" tool available in AGENT's programs files directory and it can export current configuration. Passwords will be redacted but connection parameters should be exported in readable format.

  • ESET Staff
Posted

I believe easiest option would be to redeploy via SCCM (with valid install_config). This will repair installation on all endpoints.

Now this might get tricky if You are on SCCM 2012+ as it lost option to rerun, instead detection based on time of installation could be used.

As a sidenote it seems to me like quiet installation without valid hostname should not succeed, at least I don't see any use-case for it.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...