cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

ESconfigTool - Not generating any output (screen or file)

We are trying to use the ESConfigTool using the below command line. however, it does not output anything. Not even an error. The folderpath is writable and exists.

ESConfigTool.exe /export C:\temp\fw.policy /module FW /unlock %password% /plaintext

When used without command line options, it also does not generate any output. The machine has been assigned policies for On-Access scan and Access protection, which disable On-Access scan and Access protection. I was not able to locat the rule "Unauthorized execution of EsConfigTool", whicih is mentioned in the documentation, in any of these policies though.

6 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: ESconfigTool - Not generating any output (screen or file)

Hi @FDRLLGR 

We apologize for late reply.

Did you see any ESConfigTool log in Programdata\McAfee\Endpoint Security\EndpointSecurityPlatform_Activity.log when you executed command?

And please confirm the ENS console password you input in the option is correct.

If this issue still persists, please let me know the ENS product version.

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Highlighted

Re: ESconfigTool - Not generating any output (screen or file)

Seeing this error

"EsconfigTool (1488.10568) ESConfigTool.EsConfigTool.Error (ProcessExecutionInfo.cpp:117) Running service outside install folder. Exiting ..."

Please not that we did not copy or move the ESCofniggTool.exe to a different folder.

Thank you!

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 7

Re: ESconfigTool - Not generating any output (screen or file)

Hello , 

Please follow the Technical Article : KB90523

The access protection rule Unauthorized execution of EsConfigTool blocks the execution of EsConfigTool. Administrators can disable the rule and run EsConfigtool when needed and re-enable the rule when complete.

This Rule is availale in the ENS Access protection RULES . Refer screen below : 

ePO > Policy catalog > Endpoint Security Threat Prevention : Policy Category > Access Protection > Select the Applied policy > Rules > Unauthorized execution of EsConfigTool

Thank you ,

McAfee Support 

 

 

Highlighted

Re: ESconfigTool - Not generating any output (screen or file)

Our custom rules aside, I only see the below 

 

Rule
Altering user rights policies
Browsers launching files from the Downloaded Program Files folder
Changing any file extension registrations
Creating new executable files in the Program Files folder
Creating new executable files in the Windows folder
Disabling Registry Editor and Task Manager
Doppelganging attacks on processes
Executing Mimikatz malware
Executing scripts by Windows script host (CScript.exe or Wscript.exe) from common user folders
Executing Windows Subsystem for Linux
Hijacking .EXE and other executable extensions
Installing Browser Helper Objects or Shell Extensions
Installing new CLSIDs, APPIDs, and TYPELIBs
Modifying core Windows Processes
Modifying Internet Explorer settings
Modifying network settings
Registering of programs to autorun
Remotely accessing local files or folders
Remotely creating autorun files
Remotely creating or modifying files or folders
Remotely creating or modifying Portable Executable, .INI, .PIF file types, and core system locations
Running files from common user folders
Running files from common user folders by common programs
Highlighted

Re: ESconfigTool - Not generating any output (screen or file)

A related question: whe I use the plaintext option with the firewall product. The file that will be generated is XML. Correct? If so, is this file any different from what i can export from ePO?

 

Thankk you

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 7

Re: ESconfigTool - Not generating any output (screen or file)

Hi @FDRLLGR Please refer to this known issue about blank output of the esconfigtool.exe and the ENS version you are using.

KB82450 - Endpoint Security 10.x Known Issues
https://kc.mcafee.com/corporate/index?page=content&id=KB82450

ENSW-95967   10.7.0 February 2020 Update
10.6.1 February 2020 Update
10.7.0 April 2020 Update
10.6.1 April 2020 Update
Issue: When you execute ESConfigtool.exe with Run As Admin credentials, it does not provide its help and command-line switch output file for exports.

Resolution: This issue is resolved in ENS 10.6.1 April 2020 Update and ENS 10.7.0 April 2020 Update.

 

 

Also, the plaintext output file from esconfigtool.exe is not importable anywhere (e.g., not back into another ENS client or ePO server).  To import the ENS config file back into another ENS client, the export file must be in the encrypted format (e.g., the /plaintext switch must not be used when exporting the configuration).

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community