Showing results for 
Search instead for 
Did you mean: 

Remotely Enforce Policy


I am having problems with a couple of systems not pulling down the correct policies once the agent is installed.

If i logon to the problematic systems, open up the McAfee Agent Console and then click "Check New Policies" and "Enforce Policies", it begins to work.

The thing is, this is affecting roughly 170 systems out of a total of 2000 systems which are being used by members of staff.

This prevents me from being able to manually enforce the policies on each affected system.

Are there any tools built into ePO 4.0 that i can use to remotely activate the "Check New Policies" and "Enforce Policies" options in the agent?

Simply using "Send Wakeup Call" doesn't do the job.

If there isnt any built in tools for this, does anyone know of a command i can use to put into a batch script?

Thank you,
5 Replies

RE: Remotely Enforce Policy

There are command line options to use with cmdagent.exe(which is what you are looking at when you open the agent monitor) that can retrieve new polices and enforce them.
you could then donwload something like P***EC from microsoft to run remote programs on a command line. Unless you already have something in place to run remote programs, which I guess with that amount of nodes you should do(TNG, Landesk etc.)

EDIT. The forum didnt like the name of the tool, it is P S E X E C

RE: Remotely Enforce Policy


I've setup a batch script to run /c and /e on cmdagent.exe.

I'll be using LANDesk to roll it out.

Thank you for you help!

RE: Remotely Enforce Policy

I did have this issue on a few computers at one time, I ran an agent summary report and had it also verify the managed state and the ones I had issue with were listed as Unmanaged. You might want to check the managed state of those particular computers.

RE: Remotely Enforce Policy

Cheers, it seems they are set as unmanaged...

How do i change them to managed?

RE: Remotely Enforce Policy

There may be an easier way, but I simply reinstalled the agent on the computer using the Framepkg.exe /install=agent /forceinstall command. You can try pushing the agent to the computer using the Deploy Agent option in EPO and see if that does the trick.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator