2 Replies Latest reply on Jun 17, 2015 7:16 AM by carnold

    Added a Secondary Domain Controller

    carnold

      We finally added a secondary DC to aid in redundancy. Every since then, our mcafee agents are no longer communicating with the ePO server (which is installed on our primary DC). Both the primary and secondary DC's have DNS. The ePO version is 5.1, primary DC is server 2008 R2 and secondary DC is server 2012 R2. Does ePO need to be installed on the secondary DC for this to work? In need of some guidance please. I know having ePO on a DC is NOT recommended but this is how it is right now. I am working on putting ePO on a different server but that might be months down the road.

        • 1. Re: Added a Secondary Domain Controller
          aus_mick

          carnold have you reviewed the agent logs on an affected endpoint to attempt to ascertain why they are no connecting to the ePO server? By default on a 32-bit machine this will be C:\Documents and Settings\All Users\Application Data\McAfee\Common Framework\DB\Agent_<computername>.log and for 64-bit systems C:\ProgramData\McAfee\Common Framework\DB\Agent_<computername>.log.

           

          I can only assume that there hasn't been any changes to the DC that has the ePO installed e.g. IPv6 enabled, new network interface installed, host name change, network routes/firewalls etc. McAfee Agent attempts to connect to the ePO in the order of last known IP address, DNS name, or NetBIOS name, so in theory if you haven't changed the IP address of your ePO then endpoints should still be able to communicate.

           

          You might also want to check that there is no conflicts with a possible new component installed on your existing DC and the ePO communication ports.

           

          HTH,

          Mick

          • 2. Re: Added a Secondary Domain Controller
            carnold

            So, i rebooted the primary DC due to windows updates and everything started working....