cancel
Showing results for 
Search instead for 
Did you mean: 
SafeBoot Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 11 of 33

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Hi,

Thanks for your responses to the other questions, its very helpful.

1. It's nothing to do with the server version - it's simply because the change value for the user differs between servers, and in this case the server you moved to has lower change values than the server you moved from.

It must be all our 2008 servers have lower change values than our 2003 ones?

3. Resetting it for everyone will cause a one time glut in traffic as the connector resyncs them all - it would be better if you just mine the log for users with this error message and reset them only.

I've search the log and  it's affecting every single user unless they are disabled. As soon as i switch back to any of our 2003 servers the issue does not occur. Every 2008 server the issue appears, have you seen this before?

Thanks in advance.



GM


SafeBoot Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 13 of 33

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

As they are newer, I expect yes you'd see this one all of them - the change value starts at 0 and is incremented every time something changes the user record in AD on that server. The more changes, the higher the value.

I'm not sure if I am explaining myself correctly - each server maintains its own unique counter for each record - as that record changes, the counter increments. This counter is NEVER replicated between servers.

So, if you point EEM's connector manager at a different server, it's pot luck whether the change values are greater, smaller, or the same. If they are smaller, the record will not sync until they are incremented past the last value EEM saw in the previous server.

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Ok thanks for your help today

I will have to run a script to change all the change values to 0 for all users in the standard group.

Thanks

GM

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Hi,

I'm looking for a script to reset the value to 0 for all 2000+ users in a single group. Does McAfee have an offical script or KB for this?


Thanks

GM

Highlighted

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Hi All,

I need to run a script to reset the change value to an entire group of 2043 users. What is the best way of achieving this? Can i do this with the linkuser?

Thank

GM

SafeBoot Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 17 of 33

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

You could, but it would probably be better to create your own script to do just that one function.

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Hi Safeboot,

Do McAfee have a KB article or script template to achieve this as i'm not sure how to achieve this from scratch?

Thanks

GM

SafeBoot Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 19 of 33

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

You need to use the API to change the binding value - that command is documented in the SBAdmCL scripting guide you got with the product. Otherwise you can use whatever language you are most familier with, even a batch file to do it.

Your McAfee representative can probably connect you to prof services to do this as well, or you might be able to get your platinum support / RSAM to write it for you.

Re: Endpoint Encryption Manager 5.2.11 - Connection Manager AD Issue 2008 AD in 2003 Domain Functional Level

Ok thanks Safeboot. I will look at the SBAdmCL guide.

Thanks

GM

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community