cancel
Showing results for 
Search instead for 
Did you mean: 

ePO 4.5 best way to duploy

Hello All,

I have a test windows 2008 server running ePO 4.5 and I need to add some 20 machines from production server running ePO. Can you give me advice on best way to deploy those machines. So far, I added two machines using manual way but looking alternative way

Any suggestions?

Soon I am going to upgrade 3.6.1 to 4.5 using side by side upgrade.

Labels (1)
7 Replies

Re: ePO 4.5 best way to duploy

Shuriye

I wanted to let you know that you can browse to the machines from the ePO dashboard and add them one at a time. You can also create a text file to import the machines. You may need to force over existing version.

To add the machines from the dashboard complete these steps.

     Login to the Dashboard.

     Go to the group where you would like the machines to exist.

     Click on the System Tree Actions

     New Systems

     Under Systems to add click Browse and locate the machine.

  For any information about adding the machines via a text file please see page 119  in the included pdf.

I hope this helps.

thanks

William

Re: ePO 4.5 best way to duploy

William,

I done that before and there was an error message "failed to authenticate with remote system, system error: access is denied"

Probaby this is something to do with my access as I tried \\machine\admin$ and same thing happened  "access is denied".

I will try adding manual...this will work.

Thanks for your help.

Re: ePO 4.5 best way to duploy

Dude, you have to have an Administrator account before you can do the notepad deployment thingy. This happened to me as well. Deployment and troubleshooting is as easy as pie if all your workstations belong on a domain (therefore you could use a domain admin account for the deployment / troubleshooting). But it is reeeeeeeeeeaaally painful if your workstations are not on a domain and you have no common administrator account per PC.

If you are to do it manually anyway, i suggest since your the tech guy it will not hurt if you could add a administrator account common to all those machines so troubleshooting will not be as painful as the deployment. (this is only applicable if your workstations are not on a domain)

Hope this helps

apoling
Level 14
Report Inappropriate Content
Message 5 of 8

Re: ePO 4.5 best way to duploy

Hello,

assuming the 20 machines are managed with the production ePO, I think the quickest way of redirecting them to use the test ePO environment is to change sitelist.xml on these hosts. Also assuming that sitelist.xml exist and has the function and structure the same across ePO 4.0 and 4.5 versions.

Extract the sitelist.xml from the test ePO server - since it is a managed client to itself it has also a McAfee Agent with a sitelist under [drive]:\Documents and Settings\All Users\Application Data\McAfee\Common Framework- and on each would-be test client disable the agent function by issuing a FRMINST.EXE /REMOVE=AGENT command while standing on the McAfee Agent installation directory.

Then copy the sitelist.xml to a temporary folder on the particular and issue the command FRMINST.EXE /INSTALL=AGENT /SITEINFO=temporary foldername\SITELIST.XML.

This causes the ePo agent to re-awake and incorporate the new sitelist with the new ePO server information therein. You can check the results in the FRMINST_hostname.LOG under %TEMP%\McAfeeLogs, or via the XML log under http://hostname:8081.

Attila

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 6 of 8

Re: ePO 4.5 best way to duploy

You shouldn't need to put the agent in unmanaged mode first (using frminst /remove=agent), although it won't actually hurt.

Note however that if we are talking about MA4 and above with ePO 4 and above, then in order to use the /siteinfo swicth, you must ensure that the new ePO server's reqseckey.bin and srpubkey.bin key files are present in the same folder as the sitelist.xml.

Regards -

Joe

apoling
Level 14
Report Inappropriate Content
Message 7 of 8

Re: ePO 4.5 best way to duploy

Joe,

does it mean that the .BIN files will actually be imported during the process and the agent will use them to encrypt traffic to the new ePO server (the name of which the new sitelist.contains) ?

Attila

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 8 of 8

Re: ePO 4.5 best way to duploy

Correct - without them, the agent will not be able to communicate with the new server. Sitelist by itself is not enough.

HTH -

Joe

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community