Hi
I successfully installed EPO and agent handler. When agents installed on clients try to connect to the epo server and get policies i get an error that the agent could not communicate with the epo server.
While having wireshark on and trying again i get following error on the client "Alert (Level: Fatal, Description: Decrypt Error)" and on the agent handler i get the same error and the following too "Alert (Level: Fatal, Description: Unknown CA)"
Does the AH appear in your epo GUI and is it activated ?
Cheers TOm
Hi Tom
Yes the AH appears on the epo gui and it is activated
/carlos
Did you check the log file in the AH´s installation folder ?
Tom
I get the following errors, taken from the AH log. Dont really know what the problem can be
20111005031737 E #02340 EPODAL File: .\ePOData_Connection.cpp(495)
20111005031737 E #02340 EPODAL Function: DAL2_CConnection::GetConnection
20111005031737 E #02340 EPODAL Meaning: Unspecified error
20111005031737 E #02340 EPODAL Source: Microsoft OLE DB Provider for SQL Server
20111005031737 E #02340 EPODAL Description: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.
20111005031737 E #02340 EPODAL COM Error: 0x80004005
20111005031737 E #02340 EPODAL File: .\ePOData_Connection.cpp(510)
20111005031737 E #02340 EPODAL Function: DAL2_CConnection::GetConnection
20111005031737 E #02340 EPODAL Meaning: Unspecified error
20111005031737 E #02340 EPODAL Source: Microsoft OLE DB Provider for SQL Server
20111005031737 E #02340 EPODAL Description: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied.
20111005031737 E #02340 mod_eporepo CEpoRepoNotify::getMessagesFromDB: Caught SQL com error No such interface supported
What DB authentication method are you using within ePO (Windows or SQL) ?
Is your AH within your Windows domain ? If not you must use SQL authentication ...
Tom
At the installation i used mixed authentication, but entered the SQL credentials since using windows credentials gave me an error because the AH was in the DMZ
Did you enter an IP address for epo/database server or the servernames ?
If you entered servernames are they resolveable on the AH ?
In some cases using HOSTS on the AH for ePO/db server name resolution helps ...
Tom
Just another note - AFAIK the AH needs to do a reverse lookup on the epo servers name for certificate issues - that´s why HOSTS entries might fix the problem ...
yes i entered an IP address for the epo server ad the name is resolvable on the AH
im gonna dubblecheck if the AH can to the reverse lookup tomorrow at work and reply then
thanks
/carlos
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA