4 Replies Latest reply on Mar 4, 2010 2:45 AM by pbukn1

    Reg Query to determine which ePO server client is reporting to

      Anyone know how to use a Reg Query to determine the value of the ePOServerList key?  I'd like to use a script to check and see which server some clients are reporting to.  If they already have the Agent installed pointing to our new server, I'd set it to exit but if it is using the old server I'd have it remove the old agent and install the new one with the new site list.



        • 1. Re: Reg Query to determine which ePO server client is reporting to

          Here's what I've got so far:




          set regpath=HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent
          set regvalue=ePOServerList
          set regdata=eposerver.mydomain.org||83
          reg query "%regpath%" /v "%regvalue%" | find /i "%regdata%"
          if errorlevel 1 (
                echo Please wait while McAfee ePO Agent Software is installing......
                START /WAIT framepkg.exe /Install=Agent /ForceInstall /SILENT
                rem EXIT /B /0




          I've tried adding a pause after each line, and the command prompt just closes after the set regdata command, no matter which error level I specify.  Anyone have any ideas?



          • 2. Re: Reg Query to determine which ePO server client is reporting to

            I've been using one with much success.  Recently had an issue were the auth key on my server went fubar breaking client communication and I had to redeploy to about 6000 clients.


            The script is vbs and a little involved but we're a multi-domain environment with different IT admins per domain who I had to keep calm and happy but also get back enough info to cover myself.


            It checks for agent

            It checks for managing server

            It checks for a specific version (so its only good for agent push situation- not a forever script as it breaks when you start deploying a new version)

            Then if it needs to install the agent, it first waits upto "maxwait" before removing, copying and install the agent.  It copies it from cPath and that share should contain the FramePkg.exe  and a folder called "2K"  that contains version the last version of the agent to support windows 2000 platform.


            Its kind of a hacked up script but it gets the job done.





            on error resume next


            cPath = "\\server\share\"

            logpath = "\\server\logs\"  (small log files are dumped here to provide info that may help in instances the install is failing)

            maxwait = "30" 'minutes


            omgepo = "epo-server-hostname"

            omgver = ""  ( is the last agent for Windows 2000)


            set oNet = CreateObject("WScript.Network")

            set oShell = CreateObject("WScript.Shell")

            set oFSO = CreateObject("Scripting.FileSystemObject")


            install = 0


            function dateme()

            rdate = DatePart("yyyy",date) & Right("0" & DatePart("m",date), 2) & Right("0" & DatePart("d",date), 2)

            rtime = Right("0" & DatePart("h",time), 2) & Right("0" & DatePart("n",time), 2) & Right("0" & DatePart("s",time), 2)

            dateme = rdate & rtime

            end function


            sub install(errmsg)

            on error resume next


            logfile = logpath & ucase(oNet.ComputerName) & ".log"

            if oFSO.FileExists(logfile) then

            set oLog = oFSO.OpenTextFile(logfile, 8)


            set oLog = oFSO.CreateTextFile(logfile, 1)

            end if


            oLog.WriteLine(dateme() & " " & oNet.ComputerName & "\" & oNet.UserName)

            oLog.WriteLine(dateme() & " " & errmsg)



            randm = Int((maxwait - 1 + 1) * Rnd + 1)


            wscript.sleep((randm) * 60000)


            newAgent = oShell.ExpandEnvironmentStrings("%windir%\FramePkg.exe")


            if (instr(os,"2000") <> 0) then

            oLog.Writeline(dateme() & " install=1, os=2k, wait=" & randm & " mins... ")

            AgentInst = cPath & "2K\FramePkg.exe"


            oLog.Writeline(dateme() & " install=1, wait=" & randm & " mins... ")

            AgentInst = cPath & "FramePkg.exe"

            end if


            AgentDir = oShell.RegRead("HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\Installed Path")

            if (AgentDir <> "") then

            oLog.WriteLine(dateme() & " trying to remove old agent... ")

            oShell.Run AgentDir & "\FrmInst.exe /Forceuninstall /Silent",0,true 'forcing agent uninstall

            end if


            oLog.WriteLine(dateme() & " copying new agent... ")

            oFSO.CopyFile AgentInst, newAgent 'copying agent install

            oLog.WriteLine(dateme() & " installing agent... ")

            oShell.Run newAgent & " /Install=Agent /Silent",0,true 'forcing agent install

            oLog.WriteLine(dateme() & " forcing asci up after 15s...")


            AgentDir = oShell.RegRead("HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\Installed Path")

            oShell.Run AgentDir & "\CmdAgent.exe /P",0,true 'force asci

            oLog.WriteLine(dateme() & " FINISHED")



            end sub


            eposvr = lcase(oShell.RegRead("HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\ePOServerList"))

            maver = oShell.RegRead("HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Application Plugins\EPOAGENT3000\Version")

            preflang = oShell.RegRead("HKLM\SOFTWARE\McAfee\VSCore\PreferredLanguage")

            os = oShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName")


            if (maver = "") then

            install("ERR no agent... " & maver)

            elseif (instr(omgver,maver) = 0) then

            install("ERR ver... " & maver)

            end if


            if ((instr(os,"2000") = 0) and (instr(maver,"4.0") <> 0)) then

            install("ERR 40 on non2k... " & os & ", " & maver)

            end if


            if ((eposvr <> "") and (instr(eposvr,omgepo)) = 0)  then

            install("ERR svr... " & eposvr)

            end if


            if (preflang <> "") then

            install("ERR bug... " & perflang)

            end if




            • 3. Re: Reg Query to determine which ePO server client is reporting to

              may be overly complicated but it does work pretty well-  if you use this vbs- tie it a GPO as a startup script, it will run when machines boot with system privileges.


              Make sure you set scripts to run asynchronously and max wait time for GPO scripts to something like 1900ms- this prevents to script from hanging up the user logon process as it waits to execute.

              • 4. Re: Reg Query to determine which ePO server client is reporting to

                set  regpath=HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent
                set  regvalue=ePOServerList
                set  regdata=eposerver.mydomain.org||83
                reg query "%regpath%"  /v "%regvalue%" | find /i "%regdata%"
                if errorlevel 1 (



                errorlevel 1 is the outcome of  the set  regdata= not existing in the registry.

                If the regvalue is empty due to the software not existing or it is different in any way it should begin the installation.

                Therefore if the setregpath=  finds a value for ePOServerList in the  registry it will pass it on to the regquery and skip to the end of the  scripting.

                This would be errorlevel0.


                I'm asuming that your intention is to upgrade the ePO Agent which  contains an older ePO Server setting to a newer one.

                Therefore I'd assume you need to set if errorlevel 0 (

                This should install the software if it does already exist with the older value.


                Have you copied the exact ePOServerList value from a registry you are intending this script to upate the agent for?

                I'd imagine that it needs to be significantly different for it to notice a difference perhaps in case it doesn't read the entire value from the registry.


                Also have you tried manually performing the ePO Agent install over an existing installation to ensure it is able to update an existing installation.

                If you are attempting to install the same version, then it may be that the windows installer is rejecting it and passing back to the script.


                Hope that helps


                Good Luck