cancel
Showing results forΒ 
Search instead forΒ 
Did you mean:Β 
rgijsen
Level 8
Report Inappropriate Content
Message 1 of 27

Agent 5.0.2.132 unable to get managed and other issues

Hi,

running epo 5.3.1 with HF1080544 and HF1102635. AV 8.8 on all server. Current branch running Agent 4.8.0.1938 without any issues. I've checked in agent 5.0.2.132 into evaluation and deployed that to a few testsystems. I think I need an idiot check / confirmation. I can't get agent 5.0.2 to get in managed state. When I update them through ePo, the agent gets in unmanaged state and will not comunicate to ePo:

C:\Program Files\McAfee\Agent>cmdagent -i

Component: McAfee Agent

AgentMode: 0

Version: 5.0.2.132

GUID: N/A

TenantId: N/A

LogLocation: C:\ProgramData\McAfee\Agent\logs

InstallLocation: C:\Program Files\McAfee\Agent\

CryptoMode: 0

DataLocation: C:\ProgramData\McAfee\Agent\

EpoServerList: xxx <-- masked, but absolutely correct

EpoPortList: 18443

Failed to get value of EpoServerLastUsed

LastASCTime: N/A

LastPolicyUpdateTime: 0

EpoVersion: N/A

C:\Program Files\McAfee\Agent>cmdagent -c

2015-12-22 10:32:57.357 cmdagent(1116.3060) cmdagent.Info: Agent is running in unmanaged mode. Can not check new policies.

I've tried to uninstall the agent (with /forceuninstall) and redeploy it. Same issue. Installed it from commandline, same issue. I tried to enable the debuglog (loglevel 😎 on the agent but for some reason it doesn't generate a logfile at all (or at least I can't find it where it should be) which is another issue. Now I know 5.0.0 could not communicate without SSL, which was supposedly fixed in 5.0.1. I have SSL enabled and working, port 18443 as shown above is my SSL port. 4.8 agents connect to that just fine. Checking with a browser reveals SSL is in place with the correct selfsigned cert. I've tried redeploying the agent with Access protection and mcshield disabled, to prevent McAfee files being updated by itself (I don't think it would need that but who knows). Still no luck. I've got a few machines in a different subnet, I checked the firewall logs and the agent doesn't even seem to try to connect to the ePo server at all on either port.

I've been staring at this for about 8 hours, but it can't be that difficult. I think I need a pair of fresh eyes. Anyone?

26 Replies
andrep1 Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

I'm puzzled, but I can at least give you the install log location which is c:\windows\temp\mcafeelogs\

You can try switching the agent to managed mode manually, this will test the ability to communicate:

maconfig -provision -managed -auto -dir "C:\Windows\Temp" -epo ePOServerMachine [-user admin] [password password123]

The directory is a temp directory and the user name and password are ePO ID/pwd

rgijsen
Level 8
Report Inappropriate Content
Message 3 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

Now that's a new, I didn't know that command, thanks! It gives a hint too:

C:\Program Files\McAfee\Agent>maconfig.exe -provision -managed -auto -dir "c:\temp" -epo <oureposerver>

Enter ePO user name:Admin

Enter ePO user password:

2015-12-23 17:26:15.611 maconfig(5036.864) maconfig.Info: agent provisioning started

2015-12-23 17:26:15.611 maconfig(5036.864) maconfig.Error: Setting up agent keystore failed , moving to unmanaged mode

2015-12-23 17:26:15.774 maconfig(5036.864) maconfig.Info: agent provisioning finished successfully

2015-12-23 17:26:16.211 maconfig(5036.864) maconfig.Info: configuration finished

C:\Program Files\McAfee\Agent>

So setting up agent keystore failed. One step closer but I still don't have a clue I'm running this as admin. I see another user having this issue at , but no answer there yet.

andrep1 Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

Anything showing logwise in your %temp% directory that could help ?

Permissions on registry or agent folder, the new access protection in the agent ?

Anything in AP log for VSE or events for hips ?

rgijsen
Level 8
Report Inappropriate Content
Message 5 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

The installation logs show no errors whatsoever. The maconfig command's temp-dir is empty except for a (generated?) numbered folder, but no files. Access Protection blocking agent setup I haven't checked, as that would be a very stupid thing to block in my oppinion. However, just to be sure I will rollout the agent on a vanilla testmachine without AV installed. I'll let you know. After christmas Merry xmas!

rgijsen
Level 8
Report Inappropriate Content
Message 6 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

To update; I quit working on this. I couldn't get it to work whatever I did. I reverted to MA4.8 for now and it will stay that for the following months.

Re: Agent 5.0.2.132 unable to get managed and other issues

Hello,

I'm just curious: You did check in the ePO Agent Key Updater into the Master Repsoitory (v5.0.2.132)?

rgijsen
Level 8
Report Inappropriate Content
Message 8 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

Yes sure, I've checked in ePO Agent Key Updater (RTW) 5.0.2.132 and the agent itself.

pierce
Level 13
Report Inappropriate Content
Message 9 of 27

Re: Agent 5.0.2.132 unable to get managed and other issues

Did you check in the new management extension?

Without that your new agents wouldn't be able to talk to ePO, it should be backwards compatible with all previous agents.

Re: Agent 5.0.2.132 unable to get managed and other issues

Now that's a good question. I'll check it and if not test it and report. Thanks for that suggestion!

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community