cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 16

Managed state don't change de managed a not managed

Jump to solution

When we reinstall a machine, the agent status is not updated from managed to unmanaged. I have looked in active directory sync options and server tasks but I can't find the automatic way for the ePO server to check the status of the machines and update what products they have.

This is inconvenient because all the tasks to install the agent do not run on reinstalled machines unless I manually remove the agent and what we want is for it to be fully automatic.

Is there any way for it to check the machines and update the agent status (managed or unmanaged)?

Thanks in advance.

1 Solution

Accepted Solutions
aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 16 of 16

Re: Managed state don't change de managed a not managed

Jump to solution
15 Replies
aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

Reinstalling the agent wont cause the machine to change the status from Managed to Unmanaged.

When you reinstall the agent it communicates back to the ePO server and it upload all the local properties along with the installed products appearing on the system tree as Managed

If you clean install the agent and there are no other products installed then the agent will still communicate to ePO and appear on the system tree, then at that point you could organize the systems with some sort of "sorting criteria" and assign deployment task to any given group where the machines are moved to.

Im not sure if i missed the point but if i did please let me know : ) 

Former Member
Not applicable
Report Inappropriate Content
Message 3 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

Not what I need. What happens is that a "managed" machine, when "support" reinstall the machine and mcafee agent is no longer installed, in the epo console still appears as "managed" although it no longer has agent. Moreover, it still appears as having endpoint security installed but in reality it is clean. What I need is a server task (or whatever way it is done) to check if the clients really have or don't have the products and update the database.

This is the only way for a completely reinstalled machine to have the agent installed automatically without having to delete the agent by hand from the cons.

version 5.10 update 9

 

Former Member
Not applicable
Report Inappropriate Content
Message 4 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

Hello @Former Member 

Thanks for your response.

Yes, the machine will show as Manager in ePO>System Tree.

Once the MA is get uninstalled then there is no way to send the properties to ePO and that is the reason you are seeing the value.

Was my reply helpful?


If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

Right, the ePO server will still display the machine as managed as it has no means of understanding what happened to that machine, it can be really a machine thats not communicating to the network for some time, could be a laptop or simply not communicating to the ePO thats the reason why it is still showing as Managed. 

With that in mind we have queries to understand inactive agents (not communicating for X amount of time),  you can use that query on a server task to delete agents which are not communicating for certain amount of time, but you need testing as you might end up deleting active systems.

 

The endpoint security  properties are still valid as ePO doesnt know what has happened to that machine.

But a question, when you reinstall the agent, does it come with different name on the system tree? different GUID? 

Former Member
Not applicable
Report Inappropriate Content
Message 6 of 16

Re: Managed state don't change de managed a not managed

Jump to solution
 

No, it has the same name, same ip, same everything. Actually if you can know the status of the machine since it resolves to ping and if you use the credentials that were used to deploy the agent, ePO would get access to the machine to verify if agent is installed in the folder where it should be installed. This is a check that you could perform without any problems. I understand that if this check fails, epo will understand that the machine is off network or powered off and take no action.

About the check inactive systems I get the empty pdf (No data available)

If I run another server task to collect agent version information, the reinstalled machine appears in the pdf as having it installed.

I need a task to re-check the machines 😞

 

aguevara
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

The check that you are referring to doesn't work that way, ePO doesn't check where the agent is installed to determine if a machine is managed or not, that is purely done by the Agent to Server Communication Interval mechanism, if there is no communication the machine will still remain on the system tree as Managed unless you delete those machines from the System tree with a query to remove inactive agents. (if the query is returning no results, then try reducing the dates of last agent to server communication, default is 30 days)

If the machine is not duplicated on the system tree as the agent reinstallation has come with the same name, IP and most important the GUID then ePO wont change the value of that machine to unmanaged at that point or at any point as the machine has an agent communicating to it and uploading properties, those been of those products installed on the nodes, hence at this point i dont understand what you wish to archive here if there are point products already installed on the machine

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 8 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

Reimaging a system should result in a duplicate entry, even with same name and IP, since it will create a new agent guid.  Do you see any duplicate entries for it?

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Former Member
Not applicable
Report Inappropriate Content
Message 9 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

the machine is reinstalled but has no agent. epo reports that it has had communication from it with no agent installed.
Is the downtime change changed in the server task or in the policy?

It does not generate duplicate systems. It thinks it is the same equipment.

purge interval?

 

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 16

Re: Managed state don't change de managed a not managed

Jump to solution

The entry you are seeing with communication is the entry of the system before it was reimaged with that agent guid.  When the system is reimaged with no agent and ad sync adds it back to epo, it should add it as unmanaged where you will then need to push agent to it (a duplicate entry).

The inactive clients are ones that have not communicated within 30 days by default.  It is based on the inactive agents query in epo.  

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community