This content has been marked as final. Show 5 replies
move up to the current version, the spontaneous lockout was resolved.
the problem is probably that you're running on a slow server which has not gone through any performance tuning - this kind of thing will get resolved during your pre deployment services (if you have that as part of your contract).
Orphans most commonly occur when a group action (add to, remove to) gets aborted because the connection dropped, or timed out because things were too busy. Thats why I suggest it may be the server performance (are you running a vm with a tier2/3 SAN connection for example?)
At 1600 machines, you'll be one of the smallest deployments, so there should be no problems as long as you throw a half decent server at it.
I'm already running 126.96.36.199 which I think is the most current.
The server is a 4 way Xeon 2.6 with 4 gigs of ram and OS, APP, DATA on different volumes. Frankly, with 80 computers and 200 users assigned, I don't think the server should be stressed at all.
my plan to protect against any kind of orphaned user is to built a helpdesk type user into the template install
First off, call support. Anything I can tell you is at face-value, and should not be considered as coming from McAfee. As always, test any and all changes to your environment before implementing them in Production.
-- Check your AV exclusions. We had to exclude the SBData folder from On-Acess scanning.
-- Assign low-risk processes. We had to declare several EEPC processes as low-risk processes so they weren't scanned when run. The important one I believe was SBDBServer.exe.
-- Check your versions. We found we had multiple versions across some files as a result of incorrect upgrade procedures. The way we found out was by checking the about page, and then checking System tab-->Endpoint Encryption Server Groups --> SafeBoot Server--> Get Status. We found that the about page and the get status showed different versions, which then led us to look at the actual modules installed.
Thanks for the tips. I will make the suggested changes to my AV policy on the EE server.
I think it would be appropriate to add this kind of advice to the "Enterprise Best Practices Guide."
In fact it is in the guide.