cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

Hello all,

I am looking to install Policy Auditor 6.0.1 on Solaris 10 SPARC machines amd I am unable to do it from within the 4.6 ePO console. There are client tasks created for product deployment to the Solaris boxes, but they do not run. When I go to "Run Client Task" now, the option to deploy the "Install PA" task does not allow me to click "run task now." In the ignored systems area, it says :

Agent Version (Systems with these agent version do not support Run Now.)

4.6.0.3122

So if I cannot deploy Policy Auditor to Solaris from the ePO console via Client Task, how can I get Policy Auditor installed? Is there a method to manually install Policy Auditor on the Solaris machines? I tried copying the policy auditor package in the DB folder on the ePO server, but the installation failed after running the install.sh script.

Thanks for your help!

6 Replies
Highlighted

Re: Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

Hi rshiggs, maybe the Solaris agent doesn't allow the "Run Client task" option so you should do it another way.

- Under the system tree select the solaris box

- Click on Actions->Agent->Modify tasks on a single system

- Add a task to deploy Policy Auditor and schedule it to run immediately

- Send a wake up call for the solaris box

Then you should see the task being executed on the solaris box

Highlighted

Re: Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

I believe you are correct about the Agent (for Solaris) not supporting that task option. Scheduling a regular old Client Task works for our Solaris systems.

Highlighted

Re: Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

Hello Laszlo G, thanks for the reply. However, I have tried that method multiple times and the deployment task never reaches the Solaris boxes. I am not really sure where since there is not any feedback as to when that task failed and why. I was just looking into my other options to get these machines inspection compliant. I was hoping there was a manual way just in case. HIPS 8 and the USAF ACCM point products installed manually just fine. I have individual deployment tasks set to run now for all of them, and none of them ever installed. Thanks again for your help.

Re: Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

Have you been able to verify that the Install Task was received on the Solaris boxes? I think you can see the task names if you cat the Registry.ini file within the /opt/McAfee/cma/ folder structure.

If it shows up there, then you should be able to find something in the local logs. Either a failed install or maybe something in the Agent log itself.

Highlighted

Re: Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

It does not look like the Install Task makes it to the Solaris box. The last task received was an Full Product Update from sending an Agent wakeup. I am not seeing anything in the cmdagent.log either.

I really appreciate the help. Is there anywhere else I can look to track this down? I am sorry that I am not as proficient with where all the McAfee logs are stored on Solaris boxes.

Highlighted
Level 9
Report Inappropriate Content
Message 7 of 7

Re: Install Policy Auditor 6.0.1 to Solaris 10 SPARC from ePO 4.6

Hi rshiggs,

In order to install PA 6.0.1 in your Solaris 10 box you should follow these steps:

1) Go to you ePO system tree actions, click on "New systems" - Select "Create and download agent installation package" - Select "Non-windows and get McAfee Agent for Solaris 4.6", Click OK.

2) Download your install.sh file and send it to your Solaris 10 box.

3) Provide chmod +x to your install.sh file and execute it # ./install.sh -i (As per my understanding you need to install the MA for Linux / Unix systems manually.)

4) Once the agent installation is successful you can check for # tail -f /opt/McAfee/cma/scratch/etc/log. This is the MA log.

5) Depending on your network and ePo configuration you'll need to wait for your Solaris 10 box to become a managed system within your ePO system tree.

6) Make you sure you can ping your Solaris 10 box from your ePO and so from your Solaris 10 box to your ePO.

7) Send an agent-wake up from your ePO to make sure the Solaris 10 box is receiving the same. Make sure that your Solaris 10 box is a "SPARC" system otherwise Policy Auditor won't work.

😎 Make sure you have pulled out the latest auditengine content / findings content to your master repository.

9) You need to create a client task: go to assigned client tasks - Actions - New client task assignment - Select "Product" - Task  type: Product deployment - Task Name: create new task.

10) You need to add a task name, check for "solaris" under target platforms and select "McAfee Policy Auditor Agent for Solaris 6.0.1.x". Save it.

11) Select your task name and click "Next" and set it to run immediately - "Next" and "Save".

12) You need to monitor MA log - tail -f /opt/McAfee/cma/scratch/etc/log and check whether the client task has been dowloaded successfully - you should have a message like "paasolaris task loaded successfully", you will have to wait a couple of minutes while the PA Agent is installed and sync with the latest auditengine content. There should be a message in MA log that says "update succeeded to version XXXX" which is the 4 digit auditengine version.

13) Send another agent wake-up from your ePO against your Solaris 10 box, and wait a couple more minutes, after that click on your Solaris 10 managed system within your ePO an check for "Installed Products" within your system properties. You should be able to have McAfee Policy Auditor 6.0.x.x displayed.

14) You can check PA Agent log in /opt/McAfee/auditengine/enginemain.log - Here you can monitor your audits every time you execute a benchmark.

Try following these steps, they have worked for me.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community