Jump to content

Recommended Posts

Posted

With LOCAL ESET SERVER I was installing Agents with following command and files:

C:\it-tools\eset\Agent_x64.msi /q P_HOSTNAME=199.164.42.68 P_ENABLE_TELEMETRY=1 P_CERT_PATH=C:\it-tools\eset\certificate.txt P_CERT_AUTH_PATH=C:\it-tools\eset\ca.txt P_LOAD_CERTS_FROM_FILE_AS_BASE64=YES /L*V "C:\it-tools\eset\logs.log

agent_x64.msi

ca.txt

certificate.txt

install_config.ini

All worked really nice for all our 60 workstations.

NOW I MIGRATED TO CLOUD and I use following:

C:\it-tools\eset\Agent_x64.msi /q P_ENABLE_TELEMETRY=1 P_HOSTNAME={server name from install_config.ini from protect.eset.com} P_PORT=443 P_CERT_PATH=C:\it-tools\eset\certificate.txt P_CERT_AUTH_PATH=C:\it-tools\eset\ca.txt P_LOAD_CERTS_FROM_FILE_AS_BASE64=YES /L*V "C:\it-tools\eset\logs.log"

agent_x64.msi - new file downloaded from Configuration GPO/SCCM scrip from hxxp://protect.eset.com/

ca.txt - same old file

certificate.txt - same old file

install_config.ini - new file downloaded from Configuration GPO/SCCM scrip from hxxp://protect.eset.com/

I installed it multiple times, on different workstations. Here are the logs:

 

Status log

Scope Time Text
Configuration 2021-May-08 23:01:00 Product configuration:
  • Use of HTTP proxy for ESET services is disabled
  • Use of HTTP proxy for replication is disabled
  • Repository hostname is: AUTOSELECT
  • Update server is set to: AUTOSELECT with "regular" update type
Dynamic groups 2021-May-10 14:47:32 Device is not member of any dynamic group
Last authentication 2021-May-10 17:04:58 Enrollment failed with error: Request: Era.Common.Services.Authentication.RPCEnrollmentRequest on connection: host: "*****************.a.ecaserver.eset.com" port: 443 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details:
Last replication 2021-May-10 17:04:52 ERROR: InitializeConnection: Initiating replication connection to 'host: "****************.eset.com" port: 443' failed with: GetAuthenticationSessionToken: Failed to fetch device session token in time
  • Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: ****************.a.ecaserver.eset.com:443, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: 00000000-0000-0000-0000-000000000000, Sent logs: 0, Cached static objects: 0, Cached static object groups: 0, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]
  • All replication attempts: 848
Peer certificate 2021-May-10 00:37:44 OK
  • Agent peer certificate with subject 'C*******************************************************************
Policies 2021-May-08 23:01:00 Device has no policies assigned
Product 2021-May-08 23:00:58 Product install configuration:
  • Product type: Agent
  • Product version: 8.0.1238.0
  • Product locale: en_US
Replication security 2021-May-10 17:04:58 OK
  • Remote host: **************************.a.ecaserver.eset.com
  • Remote product: Server
  • Remote certificate: Subject='**************** ', NotBefore=2019-Sep-04 00:00:00, NotAfter:2021-Oct-03 12:00:00, ************************

Performance

Indicator Value
Up time 42:04:00
Memory private usage 25 MB
Available physical memory 8792 MB


Generated at 2021-May-10 17:04:58 (2021-May-10 12:04:58 local time)

 

ANY HELP WOULD BE APPRECIATED! THANK YOU!

 

  • ESET Staff
Posted

Could you please provide standard trace.log from AGENT or possibly search it for more detailed connection errors? I do not see any obvious problem with deployment method you are using - in case no mistake was made during parameters processing, it should work. From provided status.html it is not clear why connection is failing, it might be network related, but also certificate related. As it seems that certificate of ESET PROTECT Cloud service has been accepted, it might be problem with AGENTs certificate -> in steps you mentions "same old file" next to certificates, but if it means that you are attempting to use the same certificates an you used with on-premise solution, that won't work -> devices managed by cloud service are assigned certificate generated by service itself, and that is only certificate that will enable your devices to connect.

Also note, that there is even simpler deployment method:

  1. Download AGENT MSI file and install_config.ini (so called GPO installer) into the same folder
  2. Initiate silent installation of AGENT via msiexec command, but without product specific parameters (those P_***)
  3. Observe that installer properties are automatically loaded from install_config.ini, i.e. there is no need to copy them to command line
Posted
42 minutes ago, MartinK said:

Could you please provide standard trace.log from AGENT or possibly search it for more detailed connection errors? I do not see any obvious problem with deployment method you are using - in case no mistake was made during parameters processing, it should work. From provided status.html it is not clear why connection is failing, it might be network related, but also certificate related. As it seems that certificate of ESET PROTECT Cloud service has been accepted, it might be problem with AGENTs certificate -> in steps you mentions "same old file" next to certificates, but if it means that you are attempting to use the same certificates an you used with on-premise solution, that won't work -> devices managed by cloud service are assigned certificate generated by service itself, and that is only certificate that will enable your devices to connect.

Also note, that there is even simpler deployment method:

  1. Download AGENT MSI file and install_config.ini (so called GPO installer) into the same folder
  2. Initiate silent installation of AGENT via msiexec command, but without product specific parameters (those P_***)
  3. Observe that installer properties are automatically loaded from install_config.ini, i.e. there is no need to copy them to command line

Installed using: C:\it-tools\eset\Agent_x64.msi /q P_CERT_PATH=C:\it-tools\eset\certificate.txt P_CERT_AUTH_PATH=C:\it-tools\eset\ca.txt P_LOAD_CERTS_FROM_FILE_AS_BASE64=YES /L*V "C:\it-tools\eset\logs.log"

Here is what I got: 

Last authentication 2021-May-10 19:32:28 Enrollment failed with error: Request: Era.Common.Services.Authentication.RPCEnrollmentRequest on connection: host: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx.eset.com" port: 443 with proxy set as: Proxy: Connection: :3128, Credentials: Name: , Password: ******, Enabled:0, EnabledFallback:1, failed with error code: 14, error message: Connect Failed, and error details:
Last replication 2021-May-10 19:32:28 ERROR: InitializeConnection: Initiating replication connection to 'host: "xxxxxxxxxxxxxxxxxxxxxxxxx.a.ecaserver.eset.com" port: 443' failed with: GetAuthenticationSessionToken: Failed to fetch device session token in time
  • Replication details: [Task: CReplicationConsistencyTask, Scenario: Automatic replication (REGULAR), Connection: 2alxfromorhuzkixxiws7uwxzq.a.ecaserver.eset.com:443, Connection established: false, Replication inconsistency detected: false, Server busy state detected: false, Realm change detected: false, Realm uuid: 00000000-0000-0000-0000-000000000000, Sent logs: 0, Cached static objects: 0, Cached static object groups: 0, Static objects to save: 0, Static objects to delete: 0, Modified static objects: 0]
  • All replication attempts: 2

See trace log attached.

trace.log

Posted
55 minutes ago, MartinK said:

Could you please provide standard trace.log from AGENT or possibly search it for more detailed connection errors? I do not see any obvious problem with deployment method you are using - in case no mistake was made during parameters processing, it should work. From provided status.html it is not clear why connection is failing, it might be network related, but also certificate related. As it seems that certificate of ESET PROTECT Cloud service has been accepted, it might be problem with AGENTs certificate -> in steps you mentions "same old file" next to certificates, but if it means that you are attempting to use the same certificates an you used with on-premise solution, that won't work -> devices managed by cloud service are assigned certificate generated by service itself, and that is only certificate that will enable your devices to connect.

Also note, that there is even simpler deployment method:

  1. Download AGENT MSI file and install_config.ini (so called GPO installer) into the same folder
  2. Initiate silent installation of AGENT via msiexec command, but without product specific parameters (those P_***)
  3. Observe that installer properties are automatically loaded from install_config.ini, i.e. there is no need to copy them to command line

Tried using: C:\it-tools\eset\Agent_x64.msi /q /L*V "C:\it-tools\eset\logs.log"

and SUCCESS!

Apparently the CERTIFICATE was the problem! Weird that I chatted with couple ESET Support guys, and nobody had this idea to remove the certificate. 

Last authentication 2021-May-10 19:43:35 Enrollment OK
Last replication 2021-May-10 19:43:43 OK
Last successful replication 2021-May-10 19:43:43 OK
  • Successful replications: 3
  • All replication attempts: 3
  • Connection: xxxxxxxxxx.a.ecaserver.eset.com:443
  • Scenario: REGULAR
Peer certificate 2021-May-10 19:41:03 OK
  • Agent peer certificate with subject 'xxxxxxxxxxxxxxxxxxxxxministrator External CA' with serial number 'xxxxxxx4' is and will be valid in 30 days
Policies 2021-May-10 19:41:03 Applied policies:
  • Hidden: Agent defaults
  • VNC Allow
  • Disable Windows Updates Notifications
  • Enable Secure Browser
Product 2021-May-10 19:41:01 Product install configuration:
  • Product type: Agent
  • Product version: 8.0.1238.0
  • Product locale: en_US

Thank you!

 

 

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...