Does the Agentlog reveal any helpfull information? Specially when receiving the deploymenttask from ePo.
no - there's nothing in the logs. The program simply hangs. After I posted this I also noticed a MC_script, or something similar, among the hung processes.
Do the servers have the latest service packs and minimum requirements to install the software? Sound like a permissions issue though. How are you pushing the agent?
Win2K advanced server, SP4, and all the *&&^ recent patches. I checked with our account manager - he said it wasn't a rights issue. I've run across the same/similar issue pushing to Win2K workstation across the domain under ePO 3.02a. Some machines refuse to install across the network, if you put the ePO agent on manually, it refuses to take the VSE install, and so on.
I've done a manual install of ePO agent and VSE8 on the two servers, they've "accepted" the install of the Sensor but ePO doesn't recognize a complete installation. The subnet still shows as uncovered, the sensor installation is "in progress", but if I go to the properties of the machine I can see what looks like a "completed" installation of the sensor.
May I ask 'how' you filled in the credentials?
I've seen administrators complaining that pushing didn't work and ePo should get the blame. After finaly going over to them it appears to be a wrong entry with the push install.
It should be:
Since the admin is local to the box I specified as: servername\administrator. I've done it before on workstations & it worked.
When you use the notation servename\administrator, be sure that the administrator account of that specific server is a member of the domain admins group.
Try domain\administrator instead.
Or, as Yoda mentioned, try .\administrator with the local desktop administrator password
I was having a prob with VSE (any ver) not deploying. I found the note below in the 3.5 readme file. Although doesn't specifically mention my prob it did fix it ... for the Win2K SP4 Server boxes only though:
5. Custom agent installation packages
(FRAMEPKG.EXE) with embedded user credentials
might not install successfully on computers
using these operating systems:
- Windows 2000 Advanced Server with Service
Pack 4 or later.
- Windows 2000 Server with Service Pack 4 or
- Windows Server 2003 Enterprise.
- Windows Server 2003 Standard.
- Windows XP Service Pack 2.
The workaround is:
On computers using the operating systems listed
above, make the following changes to the
security settings before installing custom agent
installation packages on them:
a. Log on to the desired computer using a user
account with local administrator
b. Run SECPOL.MSC to open the "Local Security
Settings" dialog box.
c. In the console tree under "Security Settings"
| "Local Policies," select "User Rights
d. In the details pane, double-click
"Impersonate a client after authentication"
in the "Policy" column to open the "Local
Security Policy Setting" dialog box.
e. Click "Add" to open the "Select Users or
Groups" dialog box.
f. Select the user or group that the end user is
likely to run as; for example, "Everyone" or
"Users," then click "Add."
g. Click "OK" twice to save the current
h. On Windows 2000 computers, you need to
restart the computer before the changes
At press time, information about this issue
(impersonating a client after authentication)
and instructions for troubleshooting it were
available on the Microsoft web site:
Unfortunately the security setting they mention does not exist on my WinXP SP2 boxes, so I'm really lost as to what to do next.
actually - the problem appears to be DNS name resolution. When I put the rogue system sensor on the machines, manually, they failed to communicate with the ePO server. The sensor_out log said something about not being able to find the server by name, so I checked the DNS settings on the problem machines. Both listed incorrect DNS server addresses and neither machine had a list of DNS suffixes. Correcting the DNS server addresses and adding the suffix list allowed the servers to communicate with the ePO server and send a completion signal.
I was able to do a removal & re-installation of the VSE8 package after adding the DNS stuff. It doesn't give me great faith in the Rogue System Sensor being able to deploy agents to actual rogue machines.