2 Replies Latest reply on Apr 19, 2010 5:10 AM by souleymane

    lost key agent when epo 4.5 P1 reinstall

      hi

      i have a big problem after reinstall EPO 4.5 P1 i have ERROR: Failed to find server key matching agent.

      I have backup last folder epo 4.5. Can i recover manually key agent server for communication resume between client and server.

      when i try to reinstall agent failed i have report successful on log server but nothing.

                                 help please.

        • 1. Re: lost key agent when epo 4.5 P1 reinstall
          Sailendra Pamidi

          The Keys are stored in the ePolicy Orchestrator\DB\KeyStore folder. Since you have a backup of the older installation, you may be able to recover by importing the agent server communication key.

           

          Look for a filename sr<machine>.zip in that folder where <machine> would be the system name of your ePO server. copy this file to a temporary location and rename it to something else - for e.g. srepoold.zip. Now Import this key from Configuration->Server Settings Security Keys.

           

          Renaming the key file is necessary before importing to avoid a name clash. Also, if the key hash for the communication key is already present in the ePO database, then the import would fail (this would mean that ePO is already aware of that key)

           

          When the communication fails, the server log would indicate the hash - you should be able to make out whehter this hash is already present by looking at the security keys page - the hash is listed next to the key name.

           

          Hope that helps

          Sailendra

           

           

          Message was edited by: Sailendra Pamidi on 4/19/10 2:28:37 AM CDT
          • 2. Re: lost key agent when epo 4.5 P1 reinstall

            i have last day regenerate certificate trough console after that i have new error

             

             

            Checking for fips module in D:\PROGRA~1\McAfee\EPOLIC~1
            20100419100241    I    #5820    NAISIGN     Found fips module: D:\PROGRA~1\McAfee\EPOLIC~1\cryptocme2.dll
            20100419100241    I    #5820    NAISIGN     FIPS library initialized successfully
            20100419100241    I    #5820    RULEENG     Starting EPO RuleEngine
            20100419100241    I    #5820    NAISIGN     Loading fips module, current folder: D:\PROGRA~1\McAfee\EPOLIC~1
            20100419100241    I    #5820    NAISIGN     Checking for fips module in D:\PROGRA~1\McAfee\EPOLIC~1
            20100419100241    I    #5820    NAISIGN     Found fips module: D:\PROGRA~1\McAfee\EPOLIC~1\cryptocme2.dll
            20100419100241    I    #5820    NAISIGN     FIPS library initialized successfully
            20100419100241    I    #5820    NAIMSRV     Initializing server...
            20100419100241    I    #5820    NAIMSRV     Initializing DAL Connection Pool...
            20100419100241    I    #5820    NAIMSRV     DAL Connection Pool Initialized.
            20100419100242    I    #5820    NAISIGN     Loading fips module, current folder: D:\PROGRA~1\McAfee\EPOLIC~1
            20100419100242    I    #5820    NAISIGN     Checking for fips module in D:\PROGRA~1\McAfee\EPOLIC~1
            20100419100242    I    #5820    NAISIGN     Found fips module: D:\PROGRA~1\McAfee\EPOLIC~1\cryptocme2.dll
            20100419100242    I    #5820    NAISIGN     FIPS library initialized successfully
            20100419100242    I    #5820    NAIMSRV     Server state at startup: Enabled
            20100419100242    E    #5820    NAISIGN     Failed to decrypt data.  Error=-2146893819
            20100419100242    E    #5820    NAISIGN     Failed to decrypt data.  Error=Bad Data (-2146893819)
            20100419100242    E    #5820    NAIMSRV     Failed to decrypt using the certificate.
            20100419100242    E    #5820    NAIMSRV     Failed to get the server key information.  Trying to regenerate.
            20100419100242    I    #5820    MCUPLOAD    Successfully disabled CA trust options.

             

            and cannot logon console EPO.