cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

We push the mcafee agent, TP, ATP, WC and SolidCore via Auto Pilot to internet connected laptops. The agent can check in with a DMZ agent handler. How can I enable solidcore to observe and then enable in this scenario? Right now solidcore is installed with a local license and is in disable mode.
7 Replies
Sivakumar1
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

Hello @User24987294 ,

Thank you for contacting McAFee Community. Since the agent can check in with EPO, You could still push the task from EPO [ SC: Observe Mode]. If the agent is communicating to the server, It should still work. The second way we could still enable the observe mode locally on the machine as well  by following the steps below,

1. Open the command prompt as an administrator.

2.  Run the command "sadmin recover" and recover the command Prompt with the password you have set up in EPO

3. Run the command "sadmin begin-observe"  and Solidcore will enter observe mode on next reboot.

4. To end Observe Mode you could run the command  " sadmin end-observe".

 

 

 

 

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

Thank you for your reply -

The agents only check in once an hour so the task expires too soon - also when I try to check-in manually the task does not come through.  The EPO server cannot push a task to the client as it is always behind a firewall that blocks incoming traffic.

If I do it manually the application says invalid license key.

Is there another option ?

Sivakumar1
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

Hello @User24987294 . Thank you for the update. Do we have the license Keys for Application Control?. Could you please run the command "sadmin status" locally on the machine and send us the screenshot.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

sadmin status - 

C:\WINDOWS\system32>sadmin status
McAfee Solidifier: Disabled
McAfee Solidifier on reboot: Disabled

ePO Managed: Yes
Local CLI access: Recovered

[fstype] [status] [driver status] [volume]
* NTFS Unsolidified Unattached C:\

 

I then ran sadmin license list, which came back empty

 

I then ran sadmin license add XXXX-XXXX-XXXX-XXXX-XXXX 

Then ran sadmin license list again and it now has the license

I have since changed my install command to include the license key:


setup-win-8-10-2012-amd64-8.3.2.133.exe /s /v" /qn "SERIALNUMBER=XXXX-XXXX-XXXX-XXXX-XXXX" SHORTCUT=0 /l+*v \"%SYSTEMROOT%\S3Setup.log""

--- How do I then use EPO to assign the observe task and then the enabled task after that?

Sivakumar1
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 8

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

Hello @User24987294 . Fantastic that you added up the License. Once License is added and the agent can check in with EPO, You could still push the task from EPO to Start the observe Mode [ [ SC: Observe Mode] and also to enable [ SC: Enable ]. However before running the tasks, please make sure the Command Prompt is in Lock down state.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

One of us is missing something - I am under the impression that if an agent is in a remote location connect only via the internet to a agent handler in the DMZ - a wakeup call or client task push is not possible? Is that correct ? 

I cannot even send a wake up call via EPO.  I believe the agent needs to pull the task? If so how do I do that?

If not, how can I troubleshoot the wakeup call / task not being pushed from the agent handler?

 

Sivakumar1
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 8

Re: How to enable solidcore on an internet only PC with access to Agent Handler in DMZ

Hello @User24987294 . Thank you for the clarification. If its DMZ and If we cannot push a task from EPO. We might have to run the commands Locally on the machine. However with  the queries regarding Agent Handler and DMZ, I would recommend to create a SR with us and we could check on the settings. However, If we cannot push up a task from EPO, We might have to run the commands Locally in command Prompt.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community