Jump to content

Archived

This topic is now archived and is closed to further replies.

Lockbits

ESMC 7.1 migration and agent reinstallation

Recommended Posts

Hello guys,

We've a customer that was using and instance of ESMC 7.1 along with 7.1 agents. The server got damaged so we've installed a new instance of ESMC 7.1. The server has the same hostname and IP address but computers are not connecting as the certificate is different (we don't have a backup of original certificate).

We tried to deploy agent using a server task and although the task finished successfully, the computers are not connecting to new instance.

Which parameter can we use so agent is reconfigured with the new certificate? If we deploy agent using GPO, will installed agent got updated with the new certificate?

Thank you.

Share this post


Link to post
Share on other sites

@Lockbits Hello. Per my knowledge, if the agent was not the exact same version, it would first perform "upgrade" and on the second attempt it would perform "repair". So it might be required that you deploy the agent twice, in order to make it connect to the new server. Also, what are the errors in the local agent trace log? They might explain if the problem is in the cert, or in anything else. 

Share this post


Link to post
Share on other sites

"...if the agent was not the exact same version, it would first perform "upgrade" and on the second attempt it would perform "repair".

This shouldn't be the case with the latest agent any more. Check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html  and trace log on a not connecting client for possible errors.

Share this post


Link to post
Share on other sites

Hi guys,

The problem is within the certificate and that agent installation using server task is not overwriting the agent and configuration.

For example, in task I specified the host name and not the IP and if I see the log I realized that even that parameter wasn't changed.

I'm going to try with GPO.  

Logs.rar

Share this post


Link to post
Share on other sites

Could you please double-check that "Remote Deployment Task" was successful on specific problematic client? It is even possible to list deployment details which should show whether installation/repair was actually performed.

Also could you please check for log named ra-agent-install.log on client machine? It will be probably placed in one of system (service account's) temporary directory. I would recommend to check whole system disk with administrator privileges as it might not be accessible for users without full permissions -> it will contain full installation logs which might point more light into this issue.

As an alternative, I would recommend to check whether executing ESMC live installer on such client resolves this issue - asking because remote deployment task executes identical installer on target machine, so I would expect identical results.

Share this post


Link to post
Share on other sites
3 hours ago, MartinK said:

Could you please double-check that "Remote Deployment Task" was successful on specific problematic client? It is even possible to list deployment details which should show whether installation/repair was actually performed.

Also could you please check for log named ra-agent-install.log on client machine? It will be probably placed in one of system (service account's) temporary directory. I would recommend to check whole system disk with administrator privileges as it might not be accessible for users without full permissions -> it will contain full installation logs which might point more light into this issue.

As an alternative, I would recommend to check whether executing ESMC live installer on such client resolves this issue - asking because remote deployment task executes identical installer on target machine, so I would expect identical results.

Hi Martin,

I double checked and indeed it's the problematic computer. We didn't found the ra-agent-install.log. We searched all the disk with an administrator account.

As you suggested, we created a live installer (the .bat) and ran it in the problematic computer. The result was the same, PC doesn't connect and old settings and certificates are preserved. 

I deployed the agent using the server task to computers were no agent was installed before and those computers connected right away.

Unfortunately this problem persist in 7.1 as configuration and certificates are not overwritten with the new ones.

What others options do we have other than uninstall and install the agent manually per computer?

Thank you.

Share this post


Link to post
Share on other sites

Just to be sure, there is no configuration policy present in ESMC with old IP address in configuration?

Regardless possibilities, one last might be to use manual repair (i.e. manually run standalone installer) and provide settings manually. Unfortunately live installer script (BAT) has a glitch and it reports success even in case it actually fails to deploy AGENT, so it is still possible that live installer itself is not working (or was it clear from output to console that is succeeded?). It might be for example just problem with package download in customer's network. In this case using all-in-one installer, which embeds packages might be possible workaround.

Share this post


Link to post
Share on other sites

Hi MartinK,

Apparently the problem is because old agent configuration was password protected.

We are trying to make a custom bat for deployment but for the moment it's not working. I password protected my agent with the same password so I can test the bat without going to the customer but not luck.

I tried to put the password with and without " and it's not working. If I look at the .ini created by the bat I can saw that password is within the file but agent is not reinstalled with new configuration.

ESMCAgentInstaller2.1.rar

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...