1 2 Previous Next 17 Replies Latest reply on May 19, 2009 8:18 PM by SafeBoot

    AutoDomain 5.15 Need Help

    mwilke
      I need some help on the 5.15 version of AutoDomain. I set it up exactly the same way i setup the older versions but nothing at all happens when the install set is executed.

      When i say nothing i mean, nothing at all. No html output page is displayed showing the status of the script like in the older versions... no log file is generated even though i told it explicitly where to put the log file.

      I dont know where to start. I have tested this version over and over in many different ways and i cant get it to work at all.

      Below is my ini file... can someone look at this and see what i am doing wrong?


      ;For information on these parameters, please view the autodomain script itself.

      [Connection]
      DefaultAdminUser=ScriptUser
      DefaultAdminAuth=755099f7f373c46ebaa6

      ;NumberOfAdminUsers=3
      ;DefaultAdminDatabase=SAFEBOOT2K3
      ;UseLastGoodConnection=true
      DefaultWaitTime=300
      RandomWaitTime=300
      WaitForPingServer=10
      AlwaysSyncWhenFinished=true

      [Machines]
      ClearRestorePoints=True
      ;CreateMachines=true
      DefaultMachineGroupName=FS
      MachineExistsMode=clearkey
      CreateMachinesInOU=false
      TemplateMachineGroup=Endpoint Encryption Machines
      MoveMachinesToGroup=false
      ;RenameMachinesIfNeeded=true
      ;OpenFireWallForSafeBoot=true
      ;CreateMachinesInSubsetOfName=0
      ;SetAllDriveEncryption=False

      [Users]
      ProcessUsers=current,cached
      ;SkipUsers= |Administrator|,|LocalService|,|All Users|,|Default User|,|NetworkService|,|Guest|,|systemprofile|,|emanager|,|$autoboot$|
      defaultgooddomains=CORP.XYZ.COM
      ;SpecifyAllDomains=false
      ;CheckCurrentUserList=True
      ;CreateUsers=True
      CreateUsersInOU=False
      SetSSOOnCreate=False
      DefaultUserGroupName=FS_Users
      DefaultUserPassword=""
      AskForCurrentUserPassword=True
      AlwaysAskForCurrentUserPassword=False
      ;RemoveAutoBoot=True
      TemplateUserGroup=Endpoint Encryption Users
      ;NumberOfQAToAsk=3
      ;AlwaysAskForQA=False
      AddMachineOUUserGroup=""
      DomainNameIndex=S-1-5-21-4289439920-2052607196-3279184380=CORP.XYZ.COM
      ;ConnectorName=""
      ;SecurityGroup=""
      ;NotifySetUsersByEmail=False
      ;UITimeout=300
      ;PermAutoBootMode=false
      ;UseUPNIfPossible=false

      [Debug]
      debuglevel=3
      developermode=False
      LogFileName=C:\Temp\AutoDomainLog.html
      ;LogOnTheGo=true
      ;HTMLOutput=true
      ;wScriptOutput=False

      [Rerun]
      ;TestForStickAround=true
      ;TestForBlockFile=true
      ;OnlyRunOnce=true
      ;RunOnceOnLogon=true

      [Behaviour]
      ;CancelIfServer=true
      ;CancelIfNotLaptop=false
        • 1. RE: AutoDomain 5.15 Need Help
          are you deploying the vbs or exe version? if it's the exe, what is the file type in the db? Are you deploying to a fresh machine, or just deploying to an already active machine?

          Looking at your options, I doubt the script is getting executed, so it all depends on how you are trying to run it.
          • 2. RE: AutoDomain 5.15 Need Help
            mwilke
            I am deploying to a fresh machine.

            When i import the iset.ini file it puts these files in the file set.

            AutoDomain.exe
            AutoDomain.ini
            Install_AutoDomain.srg
            SbAdmCom.dll
            SbAdmDll.dll

            The files that are listed in my powertools\autodomain folder are as follows:

            autodomain.exe
            autodomain.ini
            autodomain5.15.vbs
            autdomain manual.doc
            install_autodomain.srg
            ISET.ini
            readme.txt


            Do i need to manually move the vbs script into the file set also?
            • 3. RE: AutoDomain 5.15 Need Help
              mwilke
              Oh and file type for the exe is a post-installation helper executable
              • 4. RE: AutoDomain 5.15 Need Help
                nope, the VBS is included in the Primalscript EXE pacakge.

                The exe expands to c:\temp I believe, so make sure the script is getting expanded out (could be a rights issue I guess) and you see the installer running the post-install helper.

                S.
                • 5. RE: AutoDomain 5.15 Need Help
                  mwilke
                  Yes the install set actually does run the powertools autodomain part


                  and if i look in task manager it shows the autodomain.exe running as a process but then nothing lol

                  Ill do some more digging.
                  • 6. RE: AutoDomain 5.15 Need Help
                    run it by clicking on it and see what happens - if it works then, then it's a rights issue for the account you're running the installer under.

                    You may need to repack the script and use some other account (or some other location).
                    • 7. RE: AutoDomain 5.15 Need Help
                      mwilke
                      OK i repackaged everything and ran it from the desktop of a normal domain user in my test domain.

                      The autodomain part of the install set ran... i could see it saying that it was running it above the progress bar. but after that, nothing happened again.

                      I restarted and waited a few minutes to see if it would run on its own and nothing.

                      I navigated to the Endpoint Encryption Manager folder on the PC and double clicked on the autodomain.exe I can see in task manager now that the wscript.exe and autodomain.exe are both running.

                      A log file has been generated and this is what it says:



                      5/19/2009 12:11:05.23 PM: Created Debug Container.
                      5/19/2009 12:11:05.26 PM: Running TestSafeBootAPI...
                      5/19/2009 12:11:05.36 PM: I tested the Endpoint Encryption API, it's working but the version is unknown as the API is not in this directory
                      5/19/2009 12:11:05.37 PM: START! Version 5.15
                      5/19/2009 12:11:07.03 PM: Running Under Microsoft Windows XP Professional 5.1.2600 : 32Bit : 1 processors
                      5/19/2009 12:11:08.15 PM: Got Current user name "burlacher" from domain "CORP"
                      5/19/2009 12:11:08.18 PM: Compression check on systemdrive (C:) - Not Compressed
                      5/19/2009 12:11:08.25 PM: Failed clearing system restore points with error code :5
                      5/19/2009 12:11:08.28 PM: Free Space Check on Boot Drive - 1704MB Free
                      5/19/2009 12:11:08.31 PM: Running IsBootCodeActive...
                      5/19/2009 12:11:08.43 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:11:08.43 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:11:08.43 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:11:08.45 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:11:08.50 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:11:08.51 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:11:08.54 PM: Running IsBootCodeActive...
                      5/19/2009 12:11:08.62 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:11:08.62 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:11:08.62 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:11:08.65 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:11:08.67 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:11:08.70 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:11:08.75 PM: Incompatible Product Check returned no incompatible products found.
                      5/19/2009 12:11:08.79 PM: I'm going to use the group "FS" if I have to create any machines.
                      5/19/2009 12:11:08.82 PM: The last good connection for this machine was "SAFEBOOT2K3". I am going to use that
                      5/19/2009 12:11:09.34 PM: Opening ports in your Windows firewall to allow Endpoint Encryption traffic
                      5/19/2009 12:11:09.39 PM: Adding the outgoing port to Standard Profile failed. Error Number: 70
                      5/19/2009 12:11:09.42 PM: Adding the incoming port to Standard Profile failed. Error Number: 70
                      5/19/2009 12:11:09.45 PM: Adding the outgoing port to Domain Profile failed. Error Number: 70
                      5/19/2009 12:11:09.48 PM: Adding the incoming port to Domain Profile failed. Error Number: 70
                      5/19/2009 12:11:09.51 PM: Running IsBootCodeActive...
                      5/19/2009 12:11:09.61 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:11:09.61 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:11:09.61 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:11:09.64 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:11:09.65 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:11:09.68 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:11:09.68 PM: Running sbadmclIsSyncInProgress...
                      5/19/2009 12:11:09.75 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:11:09.75 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:11:09.75 PM: Running IsBootCodeActive...
                      5/19/2009 12:11:09.82 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:11:09.82 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:11:09.82 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:11:09.84 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:11:09.87 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:11:09.89 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:11:09.89 PM: Running GetMachineName...
                      5/19/2009 12:11:09.92 PM: New connection
                      5/19/2009 12:11:10.09 PM: Stopping as I can't login to the admin system! (0xdb000004/The name was not found in the database)
                      5/19/2009 12:11:10.14 PM: 0xdb000004 | The name was not found in the database
                      5/19/2009 12:11:10.14 PM: Running Cleanup...
                      5/19/2009 12:11:10.18 PM: Removing Standard Rerun Registry Keys from HKCU and HKLM
                      5/19/2009 12:12:41.75 PM: Running IsBootCodeActive...
                      5/19/2009 12:12:41.82 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:12:41.82 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:12:41.82 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:12:41.84 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:12:41.87 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:12:41.90 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:12:41.90 PM: Running IsBootCodeActive...
                      5/19/2009 12:12:41.96 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:12:41.98 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:12:41.98 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:12:41.00 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:12:42.03 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:12:42.06 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:12:42.11 PM: StickAround Test: True - User burlacher is not in SBFS yet, and not on the skip list.
                      5/19/2009 12:12:42.14 PM: Running IsBootCodeActive...
                      5/19/2009 12:12:42.21 PM: 0x00000000 | The operation completed successfully.
                      5/19/2009 12:12:42.21 PM: ....Captured Command Result Description: Access to driver not permitted
                      5/19/2009 12:12:42.21 PM: ....Captured Command Result Code: 0xe0020021
                      5/19/2009 12:12:42.26 PM: Driver access blocked so using alternate detection method
                      5/19/2009 12:12:42.29 PM: Found Endpoint Encryption for PC's using alternate method.
                      5/19/2009 12:12:42.32 PM: 0xe0020021 | Access to driver not permitted
                      5/19/2009 12:12:42.32 PM: Script Name is: C:\Temp\41818.vbs
                      5/19/2009 12:12:42.36 PM: Using rerun entry: "C:\Program Files\McAfee\Endpoint Encryption for PC\AutoDomain.exe"
                      5/19/2009 12:13:28.09 PM: Deleting Block File
                      5/19/2009 12:13:28.11 PM: Removing RunOnLogon keys as RunOnceOnLogon=false.
                      5/19/2009 12:13:28.14 PM: Removing Run Once On Logon registry keys.
                      5/19/2009 12:13:28.36 PM: Log filename is: C:\Temp\AutoDomainLog.html
                      5/19/2009 12:13:28.39 PM: DONE!
                      --------------------------------------------------------------------------------



                      I think based off of this it appears my scripting users are not valid?
                      • 8. RE: AutoDomain 5.15 Need Help
                        absolutely you are correct. The name was not found, so it's the ID which is wrong.

                        You can get the transaction log by setting debuglevel at 5, but this will create a LOT of debug, so turn it off when you've resolved the issue.
                        • 9. RE: AutoDomain 5.15 Need Help
                          mwilke
                          I THINK I have it working now but only one part doesnt seem to be going so well.

                          I am trying to set the default good domains. I do it like this:

                          DomainNameIndex=S-1-5-21-4289439920-2052607196-3279184380=CORP.XYZ.COM

                          then

                          DefaultGoodDomains=CORP.XYZ.COm


                          Is there some syntax issues there with the DomainNameIndex? It does not process any of my domain users which are all cached, only processes the currently logged in user.

                          I used PSTOOlS on my PDC to get my SID..... is this the proper SID to use? Is there a way i can match what i got using PSTOOLS and what is actually tied to my cached profiles?
                          1 2 Previous Next