I'm using Host DLP 184.108.40.206 to manage USB managed by EPO 4.6.3 build 197 with McAfee Agent 220.127.116.112
Are there any ways to force policy updates and trigger actions of the DLP agent via the command line or scripting?
We have a lot of agents reporting spurious agent statuses (Agent Up no policy/None) which don't actually apply on the machine, I have read the KB article that recommends running ASCI with
no user logged in and this has helped a bit but its very very slow really I would like to be able to just script something and get this done.
Any command line options for the DLP agent (either remote or locally executed would be nice)
There is no command line options for DLP enforcing policies. These actions actually take place with the McAfee agent, however if you were planning on scripting a faster ASCI interval thru command line using cmdagent, why not just use the McAfee Agent policy in EPO to change the ASCI interval? Or you could set a client task to issue a wake up call when the user logs in or for some other trigger.
I know it's an old post but i stumbled across it when i was trying to fix a simliar DLP "Agent Up No Policy" issue on one of the laptops i manage.
Hopefully my resolution might help someone with a similar issue
Basically i created a new "fake" policy by duplicating my default DLP policy and changed a random value, like the evidence storage limit for example, and applied it to the laptop and forced a ASIC, enforced policies from the framework agent gui etc...
The change in policy forced a rewrite of the local laptops DLP policy and kicked it into action. It reported correctly to ePO I then simply set the policy back to the default in ePO.Message was edited by: Tristan on 24/10/12 17:29:49 IST
I am also seeing this issue in my environment. 18.104.22.168 installs, client reboots, then it is stuck with a status of "Agent up - no policy". I have tried the suggestion above by modifying the DLP policy and that seems to work. It appears there is some sort of timestamp issue between the policy/agent.
I have opened a SR with McAfee regarding this. If I get a better answer other than mkeep on modifying the policy I will post it here.
In my case i need to create the my default dlp 22.214.171.124 agent Conf policy again (does not exist in the catalog ) , in the system properties the policy is enforced and working, but in the query appear "agent up - no policy"