cancel
Showing results for 
Search instead for 
Did you mean: 
netik
Level 7

[ePO] Push agents to newly added clients (AD Sync)

Hello community.

We are using ePO with approximately 3500 clients. In a testing environment, I'm trying out new features for the future.

I made a AD synchronization and activated the "Push agents to new systems when they are discovered". However, this doesn't work.

I created a servertask which calls this AD synchronitation every hour, and it successfully adds new clients, but it just doens't push the agent there.

When I call "deploy agent" from the system tree, it works fine on all those clients (after solving some problems with c$ share, firewall and stuff like that)

I heard it's possible to do it with rogue system detection...however, it should be possible without, no?  (Second question: Where can I download the rogue system detection extension?)

Thanks a lot and best wishes

0 Kudos
6 Replies
ulyses31
Level 16

Re: [ePO] Push agents to newly added clients (AD Sync)

Hi netik, if configured AD sync will also deploy McAfee Agent to new computers that didn't already exist under the system tree.

i.e. if you launch an AD sync task and you already have unmanaged computers under your system tree, McAfee Agent won't be deployed to them as they are not new computers.

0 Kudos
netik
Level 7

Re: [ePO] Push agents to newly added clients (AD Sync)

Hi Laszlo G,

Thanks. Exactly, but somehow it doesn't not work for me.

Like I said, I configured the synchronization so that it pushes the agent to new clients.

Then I deleted all the clients in my system tree and started the synchronization. ePO adds them to the systemtree, I am able to ping them, but it doesn't deploy the agent. In the servertask protocol, I see that it successfully finished the job:

Started: Synchronizing all groups

Synchronizing 1 synchronized groups

Succeeded synchronizing Test with Active Directory synchronization point [DC=epo, DC=test, DC=com]

Completed: Synchronizing all groups (Synchronized all groups)

There are no subtasks and nothing about pushing agents.

0 Kudos
ulyses31
Level 16

Re: [ePO] Push agents to newly added clients (AD Sync)

Did you set the McAfee Agent deployment credentials inside you AD sync definition?

0 Kudos
netik
Level 7

Re: [ePO] Push agents to newly added clients (AD Sync)

Hi Laszlo G,

Yes, they are set. I set all the options like in the Agent Deployment menu. And there, it works to deploy agents. It's really weird.

0 Kudos
harris_s
Level 9

Re: [ePO] Push agents to newly added clients (AD Sync)

Hi netik,

Did you have any luck with this?

I'm in the same boat, strange this is it has automatically deployed the agent with the ad sync fine for the last 4 years, but after installing latest epo it doesn't seem to work anymore, the deployment task never runs after picking up a new client.  I found the same happened with automated tasks, but could fix them by removing and adding in again.

Am considering getting rid of epo and starting a fresh.

0 Kudos
McAfee Employee

Re: [ePO] Push agents to newly added clients (AD Sync)

This was an issue introduced in ePO 4.6.4 which is resolved in ePO 4.6.5. From the ePO 4.6.5 release notes:

Issue: When running an Active Directory Synchronization task with the option to deploy the McAfee Agent afterward, the agent isn't deployed, even when clients that should receive the agent are identified. (Reference: 813974)

Resolution: The McAfee Agent is deployed to unmanaged clients when the task is run.

EPO 4.6.5 should be released very soon most likely this week. You can view the entire set of ePO 4.6.5 release notes via the attachment at the bottom of KB76688 here:

https://kc.mcafee.com/corporate/index?page=content&id=KB76688


0 Kudos