5 Replies Latest reply on Nov 23, 2007 9:21 AM by Archmage

    EPO 4 upgrade issues

      Hello all

      After upgrading to EPO 4 from 3.6.1 (using SQL 2000 sp4 for a database on a Win2003 server) I have had a couple of strange problems.

      firstly, MyAvert alerts has stopped working. I have opened port 8801 on the firewall. I have configured this server not to use a proxy for the MyAvert updates. This used to work on the old version. Now the dashboard just says "Last Check: unknown".
      This is the contents of the servertask.log:

      20071106161035 I #3960 AVERT AVERT task started
      20071106161036 I #3960 AVERT AVERT - mshta "C:\Program Files\Network Associates\ePO\3.6.1\DB\AVERT\AvertAlerts.hta" "http://myavert.avertlabs.com:8801/reportservice.asmx?wsdl" "0409"
      20071106161037 I #3960 AVERT servutil_CopySiteMgrFile: File copied
      20071106161050 I #3960 AVERT Exit code 0
      20071106161053 I #3960 AVERT Calling RevertToSelf
      20071106161053 I #3960 AVERT AVERT task exit


      I noticed that it is looking for a file under the EPO 3.6.1 directory. Although this directory path still exists, it is empty except for an 0409 folder with a DLL in it. The file AvertAlerts.hta doesn't exist under the 3.6.1 folder or anywhere under the EPO 4 folder.

      The next issue is that after noticing a couple of systems were non-compliant in the new reports, I reinstalled EPO/Virusscan 8.5 patch 3 on them. These systems would not get the correct repository list and so were updating from head office, when they should have been updating from their local branch server, as per the "EPO Agent" policy that they were assigned (this was applied to their container and they inherited it). They seemed to get all the other policies though. At this point I noticed that they were still running CMA 3.6.0.463; according to the readme for CMA 3.6.0.569 this should be included in EPO 4. After some investigation it appears my master repository still had version 463 in it. I checked in version 569 and am awaiting it to replicate to our branch servers and for the remote PC's to update to see if this fixes the issue; but I though it was quite strange. Any reason why they wouldn't get the correct repository list? They were only getting the Mcafee HTTP and our master repository (both of which would take forever to update due to the slow WAN link) rather than the local branch repository.

      Thanks for your help!
        • 1. RE: EPO 4 upgrade issues
          After some more investigation it appears that even with the CMA 3.6.0.569 the PC's aren't getting the correct list of repositories. I have set up the list of repositories using the "Mcafee Agent" policy, and assigned this policy to the container that holds the PC's at the branch office. I have configured the policy to look at the local server only for its updates however the client PC's are only getting 2 entries in the list: the master repository and Mcafee HTTP. The other 9 branch servers, although they are disabled for updates in the policy, do not appear in the list (in the old version they did but it said they were disabled).

          Any ideas? Am I using the wrong policy or something?
          • 2. RE: EPO 4 upgrade issues
            hey, it might be worth looking at another thread regarding the logic of when a new sitelist gets downloaded :

            it is all to do with timestamps within the file - if, for some reason your sitelist is stamped as being the latest, then the agent wont prompt to download a new one from the ePO Server:

            http://community.mcafee.com/showthread.php?t=215669

            a simple trick to try is adding a new, dummy repository, save the changes, then delete it. this will increment the timestamp of the sitelist, and should cause the agents to try and download a new one - you should see a message in the agent console about downloading a new SITELIST

            hope this helps,
            • 3. RE: EPO 4 upgrade issues
              Thanks for that, your suggestion worked- making a dummy repository and removing it again made the site lists update correctly on my clients.

              Any ideas for the MyAvert alerts?

              Thanks
              • 4. RE: EPO 4 upgrade issues
                i havent looked at ePO 4.0 really, ill take a look.

                sounds like it might be an upgrade bug - some file is not replaced or something.
                • 5. MyAvert proxy setting.
                  I had the same issue with the MyAvert checks, after upgrading to ePO 4.0.
                  In the end, I got it resolved by specifying my proxy server:

                  Go into Configuration tab>Server Settings>MyAvert Security Threats>Edit, specify to use a proxy server, and enter the proxy address.

                  The default setting after the upgrade was not to use a proxy server.

                  Worked for me, so may be worth checking.

                  Mike