Jump to content

Moving an ESET Business client to another Domain


GBO
 Share

Recommended Posts

Depending on requirements I often move computers from my domain to a customer's domain, where communication for Eset traffic is allowed through the Firewall. For explanation, called them company.local and customer1.net  In all instances they report back to the ESMC in my network

So I could build a computer called pc1, install Eset Business Security, it gets activated and is displayed in the ESMC as pc1.company.local

I remove the computer from my domain and plug into the computer's network and join their domain. The DNS is now pc1.customer1.net. The problem is that while the computer has general Internet access, activation is blocked through their Proxy. The computer loses its activation, hence Eset is not functional.

Is there any way I can change the configuration, so the computer retains it activation ?  Hence the ESMC recognizes the new name to match the old one.

Thanks

Greg

Link to comment
Share on other sites

  • Administrators

A computer shouldn't lose activation when Internet connectivity is not available. Couldn't it be that the machine falls into a dynamic group that has a product activation task on joining the group assigned?

Link to comment
Share on other sites

When I re-locate it to the customer domain, it has a different DNS suffix and a different IP address, and it does not show up on the ESMC - even though the server is accessible via the Firewall. Is because the DNS and IP Address are different, that the ESMC is not recognizing it ?

All the groups I have are static, should I be using Dynamic instead ?

Link to comment
Share on other sites

  • ESET Staff
22 hours ago, GBO said:

When I re-locate it to the customer domain, it has a different DNS suffix and a different IP address, and it does not show up on the ESMC - even though the server is accessible via the Firewall. Is because the DNS and IP Address are different, that the ESMC is not recognizing it ?

All the groups I have are static, should I be using Dynamic instead ?

Once device is created during first connection to ESMC, there is no relation between device name and device real DNS/FQDN name. This means that change of hostname is most probably not related to issue you have.

I would recommend to proceed with standard troubleshooting of AGENT connectivity to be sure where the problem is. It might be related to certificates or network visibility. Especially in case client (AGENT) certificates with specific hostnames were used, it might result in this state, but this is non-default behavior for advanced-only scenarios. Another alternative is that devices with new DNS/FQDN name are considered as potentially cloned and in such case manual approval is required in ESMC console -> this should be visible in "questions" section if this is the case.

Link to comment
Share on other sites

Thanks for the response.

When the computer is connected to my network, Eset is fully functional and listed on the ESMC as pc1.company.local

When I move it to the Customer's network, the actual host/computer name is the same but it's DNS/FQDN is pc1.customer1.net.  Eset is no longer functional, pc1.company.local is still listed on the ESMC with a connection date/time relative to when it left my network.

I can ping the Server, the Port is open through the firewall back to my network. What other 'troubleshooting of AGENT connectivity' should I try ?

My workaround is disconnect the Ethernet so I am temporarily isolated from the customer network. Plug in a 4G Dongle, which gives me full Internet connectivity. Within one or two minutes, Eset is now fully functional. Disconnect the 4G Dongle, re-connect the Ethernet. Within 20 minutes, it is listed on the ESMC (pc1.company.local has been automatically renamed to pc1.customer1.net). The updates then get deliver ok and I can apply policies as required.

You mention 'manual approval is required in ESMC console -> this should be visible in "questions" section'. Where is the "questions" section ?

Again, thanks for you help.

Link to comment
Share on other sites

  • ESET Staff

From details you provided it seems to be some kind of network related issue. I would recommend to start by checking status.html log in a moment when client is not connecting to ESMC (more details in documentation). Problem might be either firewall, or maybe even inability to resolve yours ESMC domain name (i.e. failing DNS)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...