We're running ePO 4 Patch 6 and McAfee Agent 4 Patch 3 on Windows XP clients. We have 3 geographic locations where we have a repository set up at each. We use the subnet distance policy to direct clients to their local repositories. We haven't had any problems with this until one of our super agent repositiories failed last week. The system was down for 3 days and the clients rolled over the the main repository as expected. We have since got the failed repository up and running yet those clients are still updating from the main. I check the sitelist.xml files on these clients and the failed repository is in the list and enabled. I came across kb55685 which mentions that the repository order is dictated by a sitemaplist.xml file which I do not have on any of my file on any of my clients. I contacted McAfee support and the only advice they gave so far was to force the reinstallation of the McAfee agent on the affected machines. Is there any other way to force these clients to update from the local repository? What is the expected behavior when a repository goes offline? I would think that it would attempt to contact the repository to see if it is available or not.
Thanks in advance
What's probably happened is that because the repo was offline, the agents think it's dead. They're not going to continually keep checking to see if it's back up: the next time something happens that causes them to recalculate their list, they'll see that it's available again and start using it.
So in this case we need to convince the agents to recalculate their list. There's several ways of doing this, but the easiest way is to change the repository list. In ePO, go to distributed repositories, and add a dummy distributed repo. (Doesn't matter what details you put in.) Then immediately delete the dummy repo. This has the effect of updating the repo list timestamp without actually making any real changes.
The agents should now pick up the new list, and the next time they run an update task they should pick up the correct repo.
Thanks for your reply. I took your advice and created a fake repo and then immediately deleted it. It still appears that clients are checking into the main repo. Any other suggestions that I could try?
Thanks in advance
Have the clients contacted the server yet? Sorry, I should have been clearer - they need to contact the server to get the new list. Try this:
1) Run a replication task, just to ensure that the distributed repos are up to date
2) Add and remove a dummy repository as before
3) Send a wakeup call to an affected client machine
4) Check the agent log on the client machine - you should see an entry something like "new sitelist received"
Assuming that happens OK, run the update task again - does that help?
Thanks Joe. The clients did contact the server and the sitelist appeared to be ok. So I did some more investigation to find errors in the agent log indicating gethostbyname (servername) failed. So tried to ping the repo by name which did not work. At that point I realized the DNS entry for the repo was missing. Had the network admin add it back into DNS and it appears that the clients are now updating from the local repo. Thanks for your help!