We have deployed DLP 9.0 using ePO 4.0 to the majority of our PCs. Out of a total of around 3800 devices, 600 do not show up in EPO as having DLP installed.
of these about half are servers, and then some of the rest are PCs with old agent last contact dates.
This leaves around 100 which have been on the network either this month or in the last couple of months and should have picked up the task to install the DLP software.
Checking one of these PCs shows it has been running the separate deployment task we have setup to install DLP9. The files are also present on C: drive under c:\program files\mcafee\dlp\agent\
The main thing that seems to be missing is in the registry. In particular i've noticed HKLM\Software\Network Associates\ePolicy Orchestrator\Application Plugins\DATALOSS2000 does not exist.
I've attempted to recreate this manually and via a .reg file off another PC, but when the agent restarts and checks full properties, the reg settings disappear again.
There are also some values "missing" from HKLM\Software\McAfee\DLP\Agent\ but some of these (at least) appear to be related to policies defined in ePO, so would not necessarily expect them to be present on the PC with the issue.
Its possible this is a one off, but i'd not be surprised if many of the other 100 or so PCs have the same/similar issue.
How can i get the agent to successfully recognise DLP, or will i need to somehow get DLP uninstalled (manually i suspect), before attempting a reinstall ?
thanks in advance.
Did you reboot after installation? Sometimes it requires upto 2 reboots.
Systems will show up gradually - Try to do a couple of send & collect properties.
- Amiya Bisoi
on one particular PC i've noticed with the problem, the "DLP" folder under c:\program files\mcafee was created on 20 July 2010. so, chances are its restarted a number of times since then due to microsoft updates if nothing else.
You can try to install a super agent and make the endpoint collect the updated agent from the super agent.
It woked when I had issue with few endpoints. Intrestingly the main server and super agent were in the same segment.But still after a super agent configured, the agent deployment started working.
i think the nature of the issue has been misunderstood.
As far as I can tell, the files for the DLP agent are on the PC, but some of the registry keys are missing. Most importantly are the ones that the McAfee Agent uses to recognise the product is installed.
on My PC, I have HKLM\Software\Network Associates\Epolicy Orchestrator\Application Plugins\DATALOSS2000
On one of the problem PCs, that does not exist. Any attempt to import it/create manually, does NOT work, as they get deleted when the agent restarts.
This suggests that, on the affected PCs, DLP is not installed correctly.
Do i need to uninstall manually ? or is there some other way of getting it working, preferably with minimal human intervention as there may be 100 PCs with the issue.
The unistall activity can be done with the agent task, probabily by modifying the same task specifically for one PC.Once unstalled sucessfully , try modify the task to istall DLP agent back.
If a re-install works fine then you can move these agents to a new group and have an agent task to repeat the same activity.