cliffennis 1 Posted March 15, 2016 Share Posted March 15, 2016 Strange one... a test Android device I had connected in ERA, and deleted last week, keeps reappearing in the Lost & Found container. I delete it again and within a minute it reappears. The last contact date is on March 8, which was when I wiped the device. What could be causing this to reappear? Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted March 15, 2016 ESET Staff Share Posted March 15, 2016 Hello. Before deleting a device, you need to uninstall its "virtual agent" created on mobile device connector. You have to run "stop managing - uninstall era agent task" before deleting the device (you need to wait, until the task is executed). Then you can delete the device and it will not reappear. Link to comment Share on other sites More sharing options...
cliffennis 1 Posted March 15, 2016 Author Share Posted March 15, 2016 I created this task but after 6 hours it's still "running". The device is now gone, for this purpose let's say it was dropped to the bottom of the Atlantic. Is there a mechanism for forcefully removing devices that cannot check in? Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted March 15, 2016 ESET Staff Share Posted March 15, 2016 I will check with devs. But I would now try to remove the device. Please let me know if it works. Link to comment Share on other sites More sharing options...
cliffennis 1 Posted March 16, 2016 Author Share Posted March 16, 2016 I tried the delete and it came back again. That was after 14 hours of the "stop managing" task still in a Running state. When it reappeared all of the data came back with it, and it still shows the task as Running. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted March 16, 2016 ESET Staff Share Posted March 16, 2016 Hello, I have checked, that there was a bug in version 6.2 of ESET Mobile Device Connector. It was fixed in ESET Mobile Device Connector V 6.3 (agent instance is removed the moment MDMC receives "stop managing task". If you are using version 6.3 of MDMC, and it is not working, we recommend you to open a support ticket with your local ESET office. So first resolution would be to update the MDMcore to version 6.3 and re-trying. Alternatively, you can stop MDMcore service, and manually remove the line in the database, in where the device is located. You will be able to identify the device by the deviceID (which you have used for enrollment - IMEI / Wifi Mac Address). Link to comment Share on other sites More sharing options...
HSW 9 Posted March 21, 2016 Share Posted March 21, 2016 Hi, same problem but occurred in Version 6.3.113.0 not in 6.2.X It could be a old data (creating device under 6.2) but first delete "try" was under 6.3. Device is not available so please fix this. Thx HSW Link to comment Share on other sites More sharing options...
cliffennis 1 Posted March 21, 2016 Author Share Posted March 21, 2016 Just adding to this with an update... I started with mobile connector 6.3 so mine wasn't a record from 6.2 or previous. I haven't had the chance to stop the MDMCore service but attempting to remove it from the database didn't work. I took a guess on which database and table, used database era_mdm_db and table "Device". The device is still there in L&F. Link to comment Share on other sites More sharing options...
cliffennis 1 Posted March 22, 2016 Author Share Posted March 22, 2016 I had a kernel update that required a reboot so I went ahead and rebooted the ERA server. I was then able to delete the device and it did not return. @MichaelJ, you had suggested that I stop the MDMcore service. I see that in the documentation that it should be registered as a service in linux and allow for the 'service MDMcore stop/start' commands but that was not the case on my system which is Debian 8. I did locate mdmcore at /opt/eset/RemoteAdministrator/MDMCore/eramdmcore but have not found any documentation on how to stop/start/recycle it individually. Link to comment Share on other sites More sharing options...
HSW 9 Posted March 22, 2016 Share Posted March 22, 2016 (edited) We have Windows 2012 R2 + SQLExpress DB I try a reset of the service -> no change I try a reboot of the system -> no change The device appiers again under lost and found Edited March 22, 2016 by HSW Link to comment Share on other sites More sharing options...
cliffennis 1 Posted March 22, 2016 Author Share Posted March 22, 2016 I think the order I ran them in was: 1. Attempt "stop managing" task (pretty sure that did nothing) 2. Manually remove the record from the database: Open the era_mdm_db database select * from Device (to get the DeviceID you want to delete) delete from Device where DeviceID='yourdeviceid' 3. Rebooted server 4. Deleted in the ERA Web UI Hope that helps. Link to comment Share on other sites More sharing options...
ESET Staff Mirek S. 18 Posted February 25, 2017 ESET Staff Share Posted February 25, 2017 (edited) In previous (6.4 and older) versions of MDC stop managing task triggered 7 day interval where MDC tried to reach device and erase data which MDC put on it. - This is (also) for security reasons. When You want to stop manage device we don't know if it was stolen, sold, or lost to toilet In 6.4 (or was it second 6.3 ?) we allowed enrollment of stop managed device (ie device which was in 7 day we want to erase You period). - Many users don't care for re-enrollment and when something goes boom, they reinstall reenrollment can keep Your previous data (logs, policy and user setup), it's basically meant to re-connect device which for whatever reason stopped communication (due to our bugs, unforseen issues, wipe. etc..). In 6.5 this was enhanced so that when You "stop manage" and then "delete" device this does not re-appear in webconsole. We still try to reach the device and we still try to give You results of stop management task (ie You may want to know if Your profile with email password etc... was deleted, or if You must change passwords which were present on device before thief took it). - This however has other issues which are built-in architecture we use. If You stop manage device and immediately delete it, stop manage task may not reach mdc, so device will re-appear. So these two actions still must be separated by single replication cycle (usually few minutes is good enough, but depends on MDM replication settings) Enrollment of device on which "stop managing" task was never executed is prohibited. (users tend to cure this via DELETE from devices table :)) - This is for security reasons. From MDC point of view device is still managed, so whoever is trying to enroll may be attacker, which would gain access to policies meant for other device and prevent previously enrolled device to connect to MDC) Edited February 25, 2017 by LegacyConnectorSupport Link to comment Share on other sites More sharing options...
Recommended Posts