cancel
Showing results for 
Search instead for 
Did you mean: 

Managed agents reverting to unmanaged state after AD Sync

This is my first post so ill try my best..

After a machine has successfully installed the agent, endpoint security, and Threat Prevention and shows successful on both the client and the ePO console, the machine will then revert to unmanaged after the System AD sync. Sometimes they will disappear from the console all together. Re-run sync they'll re-appear and then you can click the same client, install and wait for the success message and everything is back.

GUID's are unique, we have manually uninstalled via command line and the McAfee removal tool. Rebooted the systems after each step. Cleaned up all files related to the installs and then installed again, and the same issue is still around.

Any Ideas would be appreciated .

 

Thanks

7 Replies
hem McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 8

Re: Managed agents reverting to unmanaged state after AD Sync

If machine is reverting back to 'unmanaged' then somehow MA installed on the machine getting removed. I suggest to check the client/server task if present.

Machine is getting disappeared. I am not sure about but would suggest to check if there is task configured to delete the machines based on certain criteria.

Even machine is disappearing from ePO. If client machines have MA installed and is communicating. When client machine communicates to server next time. Machine entry will be created in the ePO server.

 

 

 

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?please select Accept as Solution in my reply and together we can help other members?

Re: Managed agents reverting to unmanaged state after AD Sync

"If machine is reverting back to 'unmanaged' then somehow MA installed on the machine getting removed. I suggest to check the client/server task if present."

After the install is complete and the sync happens, i can still go to the client machine and communicate with the server via the menus in the system tray.  Everything looks to be communicating and nothing was removed from the client system.  Just reverted in the System tree view.

 

"Machine is getting disappeared. I am not sure about but would suggest to check if there is task configured to delete the machines based on certain criteria."

We currently do not run and tasks that delete objects.  We're a smaller shop so we have a cleanup process in place.  Machines are manually removed once they machine is no longer in service, so there is manual intervention on removing devices from the system tree.

 

"Even machine is disappearing from ePO. If client machines have MA installed and is communicating. When client machine communicates to server next time. Machine entry will be created in the ePO server."

 

I have waited a few days after i first saw the issue and the machines will come back to ePO but are not managed even though the client says its functioning in the status monitor.

cdinet McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 8

Re: Managed agents reverting to unmanaged state after AD Sync

When the ad sync runs, in the audit log do you see it actually removing the entry of a system, then adding it back?  If you search for that system name when you see the unmanaged system, does it show any duplicate entries?  What version of epo?  See if KB89427 applies.  When AD sync adds a system, it will appear as unmanaged until the agent checks in.  If it is removing it, it is possible that it is not being recognized for some reason as the same system.  If you delete the managed system from epo and do a sync, the run collect and send props, the unmanaged should now show managed.  If that happens and you do another sync, is that system still then showing up as unmanaged?  Check also kb91380 to see if it applies.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

cdinet McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 8

Re: Managed agents reverting to unmanaged state after AD Sync

One more question - are any of the affected systems connecting via vpn?  Does this happen with all systems or a select few?  If few, is it the same few or random and what is unique about them vs others that don't have the issue?

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Managed agents reverting to unmanaged state after AD Sync

"One more question - are any of the affected systems connecting via vpn?  Does this happen with all systems or a select few?  If few, is it the same few or random and what is unique about them vs others that don't have the issue?"

No VPN devices these are actually application servers that are giving me the fit.  Its the same 2 or 3 systems that keep doing this.  We have 22 that are the exact same build at each one of our remote locations and they are doing just fine.

They were on ePO 5.3.3 and then moved over to 5.9.1 build 251

cdinet McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 8

Re: Managed agents reverting to unmanaged state after AD Sync

I believe there is an ad sid or identifier that epo matches and we have seen sometimes that these don't match.  If you delete the system from epo and let it check back in, sometimes that resolves it, but to find out root cause, we would need some debug ldap logging in epo with mer as well as mer from client, so you would need to open a ticket.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Managed agents reverting to unmanaged state after AD Sync

Gonna take a look at the logs and see what they state, logs are typically my go too but wanted to get the questions out there first. Thanks for the tip here .
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community