cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SypsG
Level 9
Report Inappropriate Content
Message 11 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

I have tried setting it to Current, Previous, and Evaluation, and then checking/enforcing policies locally, but the error always says that the detection scripts were not found in the Current branch: DAT.

SypsG
Level 9
Report Inappropriate Content
Message 12 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

When I locally Edit the Repository information, and Uncheck the McAfeeHTTP backup repository, the updates are successfully pulled from the primary repository (our ePO server) in our list.

This must be the key to this problem. Unfortunately, I do not know how to remove that McAfeeHTTP default repository from our list of repositories, and disabling it in ePO under the McAfee Agent Repository policy does not disable it on the local client.

I have provided this information in a ticket with Enterprise support, but they have been unhelpful.

Has anyone out there also seen this problem?

Thanks,

George

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 13 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

That just means the agent is not getting the right policy, indicating either some possible policy corruption or agent-server communication issue.  You can try several things.

1. Create new policy based on mcafee default and see if agent receives it

2. Reinstall agent or upgrade it to newer version if it is not latest.

If agent is failing to communicate, that needs resolved first.  Communication via agent to server communication interval (asci) can fail even if agent can pull content from the server as in update tasks.

You still need to go to the agent general policy, under updates tab, ensure that the current branch is selected for the content that is failing because it isn't in previous.  Keep in mind that if the agents are going to the McAfee site for any reason, there is no previous or eval branch in the McAfee site, only current.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

SypsG
Level 9
Report Inappropriate Content
Message 14 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

I created a new Agent Repository policy based on McAfee Default like you said (with McAfeeHTTP Disabled), applied it to a test group, and moved a client to that group. The McAfeeHTTP became disabled in the Repository settings in VSE, and the AutoUpdate was successful. I then edited the Repository policy on the main group above the test group in the tree, and checked another client locally, and it had changed and is now updating successfully.

Additionally, I imported the 5800 Windows and Linux engines to my Previous branch, the 6100 engines to my Evaluation branch, and left the 5900 engine in the Current branch.

The DAT's on the Updates Tab of the master Agent General policy (applied at My Organization), were set to Previous during all of this. I have changed that to Current.

I am testing elsewhere to see if the temporary group and new repo policy somehow triggered the ability for the other clients to allow their repository policies to be updated.

THANK YOU.

Once I validate everything is working, I'm going to have to figure out which of your comments was the resolution!

R/S,

George

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 15 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

Well, that is a great start!  🙂

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

SypsG
Level 9
Report Inappropriate Content
Message 16 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

2 weeks later and we are still trying to figure this out. Latest potential problem is because the scanner processes are all trying to start as root (Agent installed manually, and then VSEL 2.0.3 deployed through ePO Run Task Now).

Does the EPO=n in this process mean that it doesn't know that it is managed by the Agent?

/opt/NAI/LinuxShield/libexec/logepo -c /var/opt/NAI/LinuxShield/etc/nailsd.cfg -p 8 -d EPO=n

 

If so, how can we check with the Agent to see what it is managing? (Not using the --managed/unmanaged to turn it on/off, but we want to be able to run a script remotely to see which ones are not being managed by the Agent which is controlled by ePO)

Thanks,

George

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 17 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

/etc/ma.d - the mainfo.ini file.

AgentMode=1 for managed and 0 for non-managed agents.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

SypsG
Level 9
Report Inappropriate Content
Message 18 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

AgentMode=1 only shows whether the Agent itself is Managed or Unmanaged.

We need to know how to tell if VSEL is being managed by the Agent.

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 19 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

The agent, if managed by epo, will automatically manage any point products.  VSEL uses lpc and not msgbus, so you would see any agent-point product communication failures in the macompatsvc log on the client.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

SypsG
Level 9
Report Inappropriate Content
Message 20 of 28

Re: Updates not applied because detection scripts were not found in Previous branch: DAT

Jump to solution

VSEL using LPC is the source of why our Agent cannot collect data from VSEL (to report back to ePO) and cannot manage it properly (not DAT/engine updates, tasks, etc.), due to this error in the macompatsvc log:

2020-11-02 15:03:22.576 (11705.11705) lpc.Error: CollectProperties failed for software LYNXSHLD2000, lpc error = Operation timed out.

Any idea what would cause this? Should I open a new Community post for this thread of the problem?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community