cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 9

How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

How to trigger the management agent to send updated properties to EPO immediately after routine client DAT update?

Is there any way? The Dat update is triggered after user logon.

EPO 4.5, Management agent 4.5, VSE870P3

Thanks !

1 Solution

Accepted Solutions
JoeBidgood
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

Hm - I'm not sure why that's not working, and unfortunately I'm not near my test systems so I can't check. It may be that you have those events disabled in the event filter - I'm not sure what the evrnt ID is though. I think they're in the 2000 range - "update suceeded" and "update failed", something like that...

I'll check when I get back to the office.

As a workaround, maybe you could schedule an agent wakeup client task for (say) 20 minutes after login?

HTH -

Joe

View solution in original post

8 Replies
rmetzger
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

andublin wrote:

How to trigger the management agent to send updated properties to EPO immediately after routine client DAT update?

Is there any way? The Dat update is triggered after user logon.

EPO 4.5, Management agent 4.5, VSE870P3

Thanks !

From:  ma_450_product_guide_en-us.pdf

Agent command-line options


Use the Windows-only Command Agent (CmdAgent.exe) tool to perform selected agent tasks
from the managed system. CmdAgent.exe is installed on the managed system at the time of
agent installation. Perform this task locally on managed systems using this program or the
McAfee system tray icon.


The CmdAgent.exe file is located in the agent installation folder. By default, this location is:


C:\PROGRAM FILES\MCAFEE\COMMON FRAMEWORK

Command-line parameters

Parameter  Description

---------------  -------------------------------------------------------------------------------------

/C             Checks for new policies. The agent contacts the ePO server

                for new or updated policies, then enforces them immediately

                upon receipt.

/E             Prompts the agent to enforce policies locally.

/P             Sends properties and events to the ePO server.

/S             Displays the Agent Monitor and its options.

Assuming you want a reply only if the update was successful, you could force the agent to send the events and properties back to the ePO server using the /P parameter.

Within the AutoUpdate (or whatever update policy you wish to define this), you can change the

Update Options

'Enter the executable to be run after the update completed'

"C:\PROGRAM FILES\MCAFEE\COMMON FRAMEWORK\CmdAgent.exe" /P

or

"%ProgramFiles%\MCAFEE\COMMON FRAMEWORK\CmdAgent.exe" /P

Make sure to Check 'Only run after successful update'

There may be changes needed for x64 systems, but you get the idea.

Hope this helps.

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

Looks like exactly what I'm seeking, BUT:

I can't locate the option you describe "Within the AutoUpdate . . .you can change the Update Options . . .'Enter the executable to be run after the update completed'

Can you direct me?

I'm looking in System Tree, Client Tasks, and in each tab (even creating a new Task)

Description Tab (not in there)

Name: test

Type: product update (correct?)

Created at: this node

Tags: Send this task to all computers

Configuration Tab (not in there)

Update in Progress" dialog box (Windows systems only):  no

Package types: All packages

Schedule Tab (not in there)

Thanks!

rmetzger
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

andublin wrote:

Looks like exactly what I'm seeking, BUT:

I can't locate the option you describe "Within the AutoUpdate . . .you can change the Update Options . . .'Enter the executable to be run after the update completed'

Can you direct me?

I'm looking in System Tree, Client Tasks, and in each tab (even creating a new Task)

Description Tab (not in there)

Name: test

Type: product update (correct?)

Created at: this node

Tags: Send this task to all computers

Configuration Tab (not in there)

Update in Progress" dialog box (Windows systems only):  no

Package types: All packages

Schedule Tab (not in there)

Thanks!

I am not in front of an ePO console, and not able to comment on that method directly. My instructions were based on the default AutoUpdate policy that can be accessed directly from the VirusScan Console at the workstation itself. Not ideal for your purposes, but useful.

Right-click the system tray icon for VirusScan Console and select Properties then look for the AutoUpdate policy you wish to change:

rmetzger wrote:


Within the AutoUpdate (or whatever update policy you wish to define  this), you can change the


Update  Options


'Enter the executable to be run after the update  completed'


"C:\PROGRAM  FILES\MCAFEE\COMMON FRAMEWORK\CmdAgent.exe" /P


or


"%ProgramFiles%\MCAFEE\COMMON  FRAMEWORK\CmdAgent.exe" /P


Make sure to Check 'Only run after successful  update'

There may be changes needed for x64 systems, but you get the idea.

If this method tests well in your environment, then it can be replicated via ePO by creating a (changes only) MID package, then distributed to each workstation in a controlled rollout. McAfee Installation Designer (MID) can be used where direct changes to policies are not easily available within the ePO console.

I hope this is a bit more clear.

Ron Metzger

Thanks,
Ron Metzger

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
tonyb99
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

you want the mcafee agent policy

general policy set

pick your policy and edit

updates tab

post update options

I use c:\program files\mcafee\common framework\cmdagent.exe -p -e -c at this point and it works just fine (except obv for the 64 bit servers or citrix servers where the path is diff)

JoeBidgood
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

I believe the agent already does effectively what you're describing

After an update task, it won't send a set of properties again, but it will send an update event to the server. This is a single event that tells the server "I have just successfully updated to dat version <foo> at time <bar>."   The ePO server will use this information to update just the dat version property for that machine.

Does that help?

Regards -

Joe

Former Member
Not applicable
Report Inappropriate Content
Message 7 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

Joe, thanks, but that doesn't seem to happen.

Particularly noticable if a machine has been switched off for a number of days. Switches on, user logs on. At some point there, properties are sent to EPO server.

An update task is set via EPO client task policy for 10 minutes after user logon, and runs OK. But it looks as if nothing is sent to the EPO server after that update, because the dashboard continues to show those systems as not compliant.

If it's a laptop, the user may shut down and go away before scheduled reporting time kicks in, leaving us with a worry about the state of that machine, and work to do to follow it up.

What's the "best practice" combination to ensure this doesn't happen, without overly slowing down bootup/ first logon?

Thanks again.

Message was edited by: andublin on 09/04/10 07:37:01 CDT
JoeBidgood
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

Hm - I'm not sure why that's not working, and unfortunately I'm not near my test systems so I can't check. It may be that you have those events disabled in the event filter - I'm not sure what the evrnt ID is though. I think they're in the 2000 range - "update suceeded" and "update failed", something like that...

I'll check when I get back to the office.

As a workaround, maybe you could schedule an agent wakeup client task for (say) 20 minutes after login?

HTH -

Joe

View solution in original post

akl71
Level 10
Report Inappropriate Content
Message 9 of 9

Re: How to trigger an agent to send updated properties to EPO immediately after routine client DAT update?

Jump to solution

I Found 2 update relevant IDs

1118: The update was successful (Info)

and

2401: Update Successful (High)

Don't know what the right ID for the update is.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community