We have ePO 4.0 with patch 5. Every day, we see rogue systems, and some of them have no agent installed on them. However, we set an automatic response on rogue systems, to deploy an agent to that system. Only, no action is taken. The system remains unmanaged and without antivirus.
A manual deploy of the agent works fine. But why no action is taken, puzzles me. In the filter part of the automatic response rule, I copied the IP range of the DHCP. I checked that the 'problem system' falls within that range.
Can anyone help in solving this mystery? Many thanks.
This must be in (major) bug in EPO... when I look at the detected system details it shows:
Source: Rogue System Sensor (Broadcast) Exception: No Rogue Action: Agent Deployment in Progress Rogue State: No Agent
When reading this, everything looks fine. But nothing happens on that system. No agent is deployed. I've looked through the EPO logs but couldn't find anything. Also the event log on the system shows nothing.
When I manually deploy an agent, using the same credentials, it is almost immediately deployed. Time for patch 6?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.