All, I'm seeing a very strange issue with an upgrade from Endpoint Protection 10.6.11907 with agent version 184.108.40.206 to EndPoint Protection 10.7.0.1285 and agent 220.127.116.11. These upgrades were installed on our 10 standalone Windows Server 2016 servers. Once the upgrade was completed it was observed that none of the servers were getting their daily DAT file updates. When an attempt was made to run the update manually an error "Update Failed, Check update log for details" was displayed. I attempted to check the Default Client Update and Source Site for Updates settings but both displayed "Error loading settings". I also attempted to recycle the Agent service but all of the service setting are grayed out as if I don't have permissions (I do have domain admin and local admin permissions). I did some digging and found some articles with some pointers but none of the helped. The only solution that I've found that works is to install the "McAfee_Endpoint_Security_10.7.0.667.6_standalone_client_install" which installs Agent version 18.104.22.1688 and not install Agent version 22.214.171.124. With the 126.96.36.1998 agent version updates work perfectly but as soon as the newer version is installed updates no longer work. These servers are all hardened to current DISA STIG requirements but I don't think that's an issue as prior upgrades worked properly.
Could you please give one of your system a reboot and check after the upgrade if that works.
Thank you for your post. Please open Endpoint Security Client UI and click on "Update Now" Button. Now, May I know what error you find in the log located here:
Log File Name: PackageManager_Activity.log
Kindly please upload the log file if possible!
Also, just to be sure, we are looking at standalone /unmanaged installations of Endpoint Security right?
May I know where you obtained the 5.6.3 McAfee Agent package from?
I've attached the requested log and error message I receive when attempting an update. Yes these are unmanaged standalone installations and the Agent 5.6.3 package was downloaded from Product Downloads using our grant number.
All of the servers are unmanaged servers and were able to successfully update their DAT files nightly, after the upgrade none of them are able to obtain updates. I do have them all working now by uninstalling Endpoint Protection and the Agent and then just reinstalling Endpoint Protection and not the 188.8.131.52 Agent upgrade
I would like to know how exactly did you upgrade ENS and Agent. I mean the sequence that you followed to upgrade both. I try to reproduce inhouse. Incase if am unable to reproduce, it might be your specific environmental issue. We would required proper logs and service request to investigate further.
Was my reply helpful?
If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!
The upgrades were done as follows:
1. Endpoint Protection was upgraded from version 10.6.11907 to version 10.7 using the McAfee_Endpoint_Security_10.7.0.667.6_standalone_client_install downloaded from Product Downloads using our grant number
2. Upon successful completion of the Endpoint Protection upgrade the Agent was upgraded using the MA563WIN package also downloaded from the Product Downloads section
Thank you for your kind update and helping us with the requested details.
Form the looks of it, PackageManager_Activity.log has not been very helpful.
For unmanaged endpoints, update task activities are logged in these 2 log files only!
PackageManager_Activity.log and PackageManager_Debug.log.
I am suspecting that the update now button does not have an update task configuration set to run the same. However, this would need a better analysis collaborating with the McAfee Agent team.
At this point, I would recommend creating a Service Request where ENS team can collaborate with McAfee Agent team to identify and isolate the issue and troubleshoot accordingly if the issue is reproducible at will.
Also, please ensure the issue comes up after upgrading to latest McAfee Agent and then rebooting the machine as well!