cancel
Showing results for 
Search instead for 
Did you mean: 
peer
Level 7
Report Inappropriate Content
Message 1 of 2

McAfee Agent not communicating on computer with Deep Freeze

Hi,

I have an issue with ePO and Deep Freeze. Deep Freeze prevents making persistent changes to a computer, all changes are wiped after a reboot. Once a week the computers boot in a maintenance mode so OS and anti-virus updates can be made permanent. However, after the first reboot of a fresh installation the agent stops communicating with the ePO server. I have found these errors in the server.log:

20080814134208 E #3304 EPOServer Agent with GUID {676A76CB-09F4-4EEA-9B77-264AA0E6E6BB} sequence number invalid, expected 16 > 29
20080814134208 E #3304 mod_epo Failed to process agent request

Apparently ePO logs how many times clients have communicated to the server, but the "sequence number" is of course reset every time a computer with Deep Freeze reboots.

I have tried installing the Agent Datadir on a "thawed" drive where persistent changes can be written, but that doesn't help. I have also tried to delete the SequenceNumber value in the [HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent] registry key, hoping it would be reset, but the agent still "remembers" the sequence number.

The only workaround I have come up with so far is to create a startup script that deletes the AgentGUID from the registry so a new one is created every time the computer reboots. Thankfully this doesn't create duplicate entries in the console, but I worry I will fill the database with unused GUIDs.

Does anyone know another workaround, or is there a way to make the server ignore the sequence number?

Thanks

Version info:
ePolicy Orchestrator: 4.0 Patch 2
Agent: 4.0.0.1180
Virusscan Enterprise: 8.5.0.781.Wrk Patch 6
OS: XP SP3
Deep Freeze Enterprise: 5.70.220.1453
1 Reply

Possible workaround for lab environment.

To get around this, I disabled agent-to-server communication under the policy for the machines that have drive protection to prevent them from calling in while they are locked down.

I then scheduled an Agent Wakeup task to occur when the machines are unlocked. I have these machines set up to unlock prior to opening for business to allow for patching and et cetera. Had to settle for once a day agent communication on these boxes.

Not ideal, but the easiest solution I've found so far.