cancel
Showing results for 
Search instead for 
Did you mean: 

Re: ePolicy and Novell

Joe: Our Engineer is swamped with some other projects and I don't think he will have time to have a direct discussion on the thread.

But I did talk with him some more to try to find out the issue between ePO and our current Novell system.  We are not using Active Directory, but eDirectory instead.  Because of that he is asking what mechanism is ePO using to push down updates to the client machines?

He pointed to one line in the installation guide, and said there are other instances of a reference to domain membership being required;

"Domain controllers": The server must have a trust relationship with the PDC on the network."

Thanks,

Sara

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 12 of 17

Re: ePolicy and Novell

ePO doesn't push updates to the clients - the clients pull updates from a repository. The entire ePO model is pretty much client-side driven: the only real "push" activity that ePO uses is the push agent install, and as we discussed earlier you don't have to use that as there are other deployment methods available. Once the agent is on the clients it pulls policies and tasks from the server (not using NT authentication), and updates from repositories which do not have to use NT authentication (like FTP, HTTP, or superagents.)

With regard to the "must have a trust relationship" statement - I'm not sure why that is there, and I have requested clarification from the developers. As far as I know there is no actual requirement: certain functions in ePO that rely on this will obviously fail, for example AD syncing, and automatic user creation: but outside of these limitations ePO should still be able to function perfectly well.

As soon as I get anything else I'll update the thread: perhaps anyone else reading this using ePO in a Novell / workgroup type environment can comment on their experiences?

Thanks -

Joe

Re: ePolicy and Novell

Thanks Joe, that makes sense that it would work if it is more a pull activity.

The Engineer had another comment he emailed me:

For the purposes of this issue "workgroup environment" and "domain environment" are equivalent. We have neither.

So I will pass along what you wrote and I hope that will answer his prevailing issue.  I would indeed welcome any managers of a Novell environment to chime in with their experiences.

Thanks!


Sara

Re: ePolicy and Novell

Joe: So one question which I know Chris will ask: how is using ePO any better than the standalone method we currently use?  We have an Auto Update set up in the tasks so that it gets any new daily updates from the McAfee site.  What will ePO then give us beyond that to make it worth the resources to put into the project of setting up and maintaining ePO?

Thanks,

Sara

Highlighted
PG62
Level 7
Report Inappropriate Content
Message 15 of 17

Re: ePolicy and Novell

Jou get than a central management server, where jou can see all virus outbreaks or other malware from the clients.

We have also Netware and standalone clients and it works fine, but with a AD it works better.

We install de agents with zenworks.

Pascal

Netherlands

McAfee Employee JoeBidgood
McAfee Employee
Report Inappropriate Content
Message 16 of 17

Re: ePolicy and Novell

The Engineer had another comment he emailed me:

For the purposes of this issue "workgroup environment" and "domain environment" are equivalent. We have neither.

I was using "workgroup" in the sense of "not a domain" - i.e. not having a PDC. From ePO's point of view a workgroup environment and a Novell environment are basically the same.

sarawitherow wrote:

Joe: So one question which I know Chris will ask: how is using ePO any better than the standalone method we currently use?  We have an Auto Update set up in the tasks so that it gets any new daily updates from the McAfee site.  What will ePO then give us beyond that to make it worth the resources to put into the project of setting up and maintaining ePO?

Heh. That's a fairly enormous question    Basically it's the difference between a centrally administered environment, and one where each client machine is doing it's own thing.  There's a lot of information  here

which should help, but - very briefly - some of the advantages are:

Policy enforcement - you control the client machines' settings: so if you wanted to exclude a folder from scanning, all you do is configure a policy with the exclusion and apply it. Currently you'd have to visit each machine.

Reporting - you ca see immediately if machines are not updating their dats, if threats have been detected, and so on. At the moment you can't.

There's a huge amount more - I'd really have a look at that link

Regards -

Joe

McAfee Employee NMaurMcAfee
McAfee Employee
Report Inappropriate Content
Message 17 of 17

Re: ePolicy and Novell

You can always use a "period" as the domain and that will allow you to use a local account on the machine.

Example: When deploying an agent use the following credentials

Domain: .

User: Administrator

Pass: *******

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community