Should Macintosh systems turn green?
If yes, any suggestions how I get that to occur?
ePO 5.1.1 on Windows Svr 2008
Windows agent 22.214.171.12420
Mac agent 126.96.36.1993 (I kept 4.8 for Mac since 5.0 says it's not compatible with Yosemite)
Endpoint for Mac - 188.8.131.528
I rebuilt our ePO server and it's managing most of our Windows clients well. I'm working on the Macintosh side of things and had to remove my MacBook from the domain and then bind again in order to deploy the agent to it. That agent deployed and my MacBook now shows as Managed, but the bar thing (that usually turns green for our Windows clients after an agent is installed) has stayed grey for the Mac. ePO is also reporting my Mac with a private 10. IP address. My Mac's actual IP begins with 137.
Also, when I try to deploy Endpoint Protection 9.7 to my Mac, nothing happens. My Mac displays in ePO with 9.2 installed.
Thanks for any help or suggestions!
The green Summary Bar you are referring to is displaying the McAfee Agent Compliance Summary information. This Query can be found in Queries & Reports > Detections and Compliance and is a boolean summary where the Criteria is set to Agent Communication is within the last 1 day.
If this summary is showing grey, and coupled with te IP Address data is out of date, then I would suggest that you have an Agent Communications issue.
If you have rebound the mac to the domain and redeployed the Agent, the AGentGUID will now be different to your previous System Tree entry and would have created a new entry, maybe in Lost and Found.
Have a search in you system tree for your system name and see if you have two entries for your device. If so remove the older entry, re-sync from your domain and try to deploy Endpoint Protection to the newer system tree entry.
Volunteer Moderator - Business Products
Certified McAfee Product Specialist - ePO
Thanks for the reply, explanation and info.
To clear older system entries and test if my steps were correct, I removed my Mac from the domain again, renamed it, created the new account in AD and rebound. Before doing this, I knew where my Mac was in ePO. I found it yesterday in Lost&Found, moved it and disabled sorting. Today, after renaming, rebinding and then running an AD sync, the new machine name shows up in ePO in the correct location. I deployed the 4.8 agent and it failed. I rebooted a couple times and reinstalled our Kace agent. The Kace agent updated to our Kace server with the new name and correct info. The ePO and Kace servers are on the same subnet leaving me fairly confident that the client should be able to communicate. That and since the ePO agent installed yesterday tell me that the the problem is likely to be something within ePO or the client, but not our network.
My Mac's directory Utility settings have the correct new name as does Sharing. The Administrative tab has Domain Admins and also the service account I use to manage ePO. Same setup I used to deploy the agent yesterday to the same machine with a different name. I tried to uninstall the McAfee agent (sudo /Library/McAfee/cma/uninstall.sh), but it returned "Command not found". So I assume there is no agent currently installed. I must have checked the box to remove the agent when I deleted the old machine name from ePO. I went ahead and removed VSE as well. "McAfee Security 1.2.0 has been uninstalled Successfully".
When I try to deploy the agent, the Server Task Log is in In Progress at 0% until it fails 5 minutes later. It says I can probably install it manually, but the reason I'm doing this testing is to find a way to deploy the agent to our other Macs.
Remote login is enabled on my Mac for "Administrators".
Does anything from this log point to a known solution?
|4/22/15 11:32:22 AM||SSH Output: Connecting to [IP.IP].70.120 port 22|
|4/22/15 11:32:22 AM||SSH Output: Server version: SSH-2.0-OpenSSH_6.2|
|4/22/15 11:32:22 AM||SSH Output: Using SSH protocol version 2|
|4/22/15 11:32:22 AM||SSH Output: We claim version: SSH-2.0-PuTTY_Snapshot_2010_02_18:r8871|
|4/22/15 11:32:22 AM||SSH Output: Doing Diffie-Hellman group exchange|
|4/22/15 11:32:22 AM||SSH Output: Doing Diffie-Hellman key exchange with hash SHA-256|
|4/22/15 11:32:22 AM||SSH Output: Host key fingerprint is:|
|4/22/15 11:32:22 AM||SSH Output: ssh-rsa 2048 04:ad:30:8b:33:cd:df:d3:27:2e:ec:5b:e8:d9:5f:3a|
|4/22/15 11:32:22 AM||SSH Output: Initialised AES-256 SDCTR client->server encryption|
|4/22/15 11:32:22 AM||SSH Output: Initialised HMAC-SHA1 client->server MAC algorithm|
|4/22/15 11:32:22 AM||SSH Output: Initialised AES-256 SDCTR server->client encryption|
|4/22/15 11:32:22 AM||SSH Output: Initialised HMAC-SHA1 server->client MAC algorithm|
|4/22/15 11:33:25 AM||SSH Output: Using username "[DOMAIN ADMIN SERVICE ACCT THAT IS THE EPO ADMIN]".|
|4/22/15 11:33:25 AM||SSH Output: Access denied|
|4/22/15 11:33:25 AM||SSH Output: Access denied|
|4/22/15 11:33:56 AM||SSH Output: Using keyboard-interactive authentication.|
|4/22/15 11:33:56 AM||SSH Output: Password:|
|4/22/15 11:34:22 AM||SSH Output: Server unexpectedly closed network connection|
|4/22/15 11:34:22 AM||SSH Output: Fatal: Server unexpectedly closed network connection|
|4/22/15 11:34:22 AM||Error copying file C:\Windows\TEMP\mfe433440946.tmp\install.sh to [COMPUTERNAME], system error: 1|