3 Replies Latest reply on Jan 27, 2011 2:46 AM by online83

    Problems Installing HDLP 9.0 / DLPWCF on ePO 4.5

      1. I am using the manual "McAfee Host Data Loss Prevention 9.0 Installation Guide for ePolicy Orchestrator 4.5"


      2. I am installing HDLP 9.0 on an existing ePO 4.5 server, that I did not originally install.  Note that the process seemed to work without a hitch in the test lab, but here in production, everything is going into the handbasket.


      3. My problem comes into effect when I do the WCF installation. As my ePO and database on all on one Windows2K3 server, I am installing the WCF locally (Option 1).


      4. My repository is a SQL Server 2005, and I have installed SQL Server Management Studio Express 9.0.4035


      5. Following the instructions "Adding a user in SQL Server", I name the user (epohdlp).

                Default Database: ePO4_SERVER

                Server Role:         public

                User Mapping:     Under "Users mapped to this login" I select the ePO4_SERVER, and verify that the User [DOMAIN\epohdlp] is listed under User.

      Note: if I go back and look, the ePO4_SERVER sleect box is NOT checked, and there is nothing listed under User


      6. When I follow the instructions to modify the Database User, under Securables, I select the ePO4_SERVER database, but when I select Effective Permissions, I see 61 different permissions.  When I click OK, everything looks as it should. When I hit OK again, and then re-select the Database User [DOMAIN\epohdlp,] there is nothing listed under Securables.


      7. At this point, following the instructions, I run the DLP WCF Installer. I do not change the WCF Server Port, and I add the [DOMAIN\Security] OU from Active Directory as the WAAG.


      8. I select Windows Authentication, and select Finish to complete the installation.


      9. When I open the browser to Troubleshoot the DLP WCF service (http://localhost:8731/DLPWCF/Admin/Testing), every test fails.


      Since I am not really familiar with Windows troubleshooting, and even less familiar with SQL Server troubleshooting, any ideas?





      Message was edited by: Jonathan Hawes to correct spelling on 1/26/11 8:52:07 AM CST
        • 1. Re: Problems Installing HDLP 9.0 / DLPWCF on ePO 4.5

          Hi Jonathan,

          first of all I would recommend that you use DLP 9.1 :-)


          regarding your sql issue.

          do you have checked how the ePO connects to the sql db?

          why do not you use the same systemaccount also for the WCF service?




          • 2. Re: Problems Installing HDLP 9.0 / DLPWCF on ePO 4.5

            Oh, if I only could.  Without some document identifying a reasonable issue that is resolved in 9.1, the testing has gone on far enough, and the deadline is so close that 9.0 is it for now.


            As I have said, I am not real familiar with SQL server, and in checking, I can't find anyone in the Security group real familiar with SQL Server.  Internally, I am not sure how SQL Server connects to anything. I have never before used SQL Server, as Oracle is my normal DB.  I am trying to track down one of the program software people that is familiar with SQL Server and hopefully it's communication.


            As to why I did not use the system account, the documentation indicated to create a database account with minimal grants, and so I attempted to.  More and more I am thinking the user I am connecting with does not have the authority.  More will be found when I can find some database error log, or database server log that shows what is going on with the WCF test connection failures.

            • 3. Re: Problems Installing HDLP 9.0 / DLPWCF on ePO 4.5

              ok, please try the following...

              for a better understanding i made five screen captures (of my german version of sql 2008r2 express)


              beginning at your step 4, you started the SQL Management Studio.


              screenshot1: make a right click on logins and create a new on.

              follow screenshot 2

              screenshot3: give the user rights for datareader and datawriter

              now open the properties of the DB ePO_SERVER

              select your user DOMAIN\epohdlp and also grand  to execute (screenshot4). click on OK

              open the properties of the DB ePO_SERVER again and verify the effective userrights (screenshot5).


              hopefully, this should work.