2 Replies Latest reply on Sep 7, 2010 11:03 AM by dschaff

    Third Party installation and ePO policy enforcement

    Superhoop

      Help !!!

       

      OK, so I HAVE to install Solidcore 5.0.2 plus the McAfee ePo Agent via a third party. Then when the machine is on the network I need it to talk to the ePO 4.5 server and pick up the policies etc. I have tested deploying SC from ePO to confirm the policy enforcement works and it does.

       

      There will be a gap between it being able to talk to the ePO and being online.

       

      I am trying to use a custom script previously mentioned in this community (attached). I amended it to add a few custom Updaters.

       

      Everything installs fine and after a reboot the machine is solidified and talking to the ePO server. In the status it states 'McAfee Agent' under 'System Controller' and events are pouring back to the server from the machine. The trouble I have is it will not take the ePO policy.

       

      I can see my custom Updaters are in the Updaters list along with a few McAfee default ones but I would have thought these woudl have been overwritten when my ePO policy enforced. I also tried setting a trusted directory in the policy and tested installing a product from there but it failed.

       

      I think it may be done to the license key in the script. I believe this is a standalone key. I was hoping ePo would overwrite it when it communicated but it hasn't.

       

      Am I on the right track?

       

      Regards
      Superhoop

        • 1. Re: Third Party installation and ePO policy enforcement

          Double check in the system tree - > Policy section, if the custome policies are assigned to group/nodes. If you have already done this, try to run a client task (debug task), get the logs and check for any errors.

           

          - Amiya

          • 2. Re: Third Party installation and ePO policy enforcement
            dschaff

            In regards to solidcore solidifier there is no standalone or epo license key. The key in ePO defines what features are enabled in ePO and on the Solidifier. If you dont have a key that includes MAC you will not see these option in ePO and you cannot enable MAC on the endpoint.  Some things to know are if you system is in recovered state it will not get the updated policies from epo.  If you configured updaters with the install script these will be removed when the policy from epo is enforced.    Check your policies and rule groups in ePO and always make sure your endpoint is locked down before you enforce your policy or do a wakeup call.