7 Replies Latest reply on Oct 13, 2015 1:07 AM by Daniel_S

    Agent DNS Wrong


      A couple days ago, i migrated from 1 ePO server to a newer better server and put the ePO DB on our SQL cluster. Also upgraded to ePO 5.3, mcafee agent to 5.0.2 and VSE 8.8 to patch 6. The problem we have now is the mcafee client has the wrong DNS name attached to it so the agent can not contact the ePO server. I have the correct DNS/IP address in the agent handler of the ePO console:




      Here is the agent side:




      Our agent MUST have the DNS that starts with av.... and the public address not the private address.


      I have generated an agent installation package (FramePkg.exe) by doing either one of the following:


      • System Tree, New System - Create and download agent installation package 

      • System Tree, New System - Create URL for client-side agent download


      Then downloaded that packaged and installed it on a client PC. The result is the agent still has the wrong DNS and ip address. How do i get the agent to reflect the correct DNS/ip address?

        • 1. Re: Agent DNS Wrong

          Hey mate,


          you can stick to this guide:

          McAfee KnowledgeBase - How to change the ePolicy Orchestrator agent-to-server communication secure port


          It´s all on the sitelist.xml which in your case doesn´t seem to update. It´s located here:

          C:\ProgramData\McAfee\Common Framework


          Just copy the correct sitelist.xml from you AH to the clients and you should be fine.




          • 2. Re: Agent DNS Wrong

            Thanks for that info! These agents are managed by our ePO server so i can not stop any mcafee service so when i copy sitelist to c:\programdata\mcafee\common framework access is denied. How do i stop the mcafee services so i can copy the file and have mcafee notice the new sitelist? Which btw, none of the



            exist in the agent folder.......

            Option 3 of the provided link produces an unmanaged agent....

            • 3. Re: Agent DNS Wrong

              What do you see when you regedit:

              HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Network Associates\ePolicy Orchestrator\Agent

              Are there the correct entries?


              In order to stop the services you would need to go to VSE-Console and under extras disable the lock of the console. Then you are able to disable the the Protectionservices and then you are able to stop the services.


              And maybe this can help you:


              • 4. Re: Agent DNS Wrong

                On the agent machine, ePOServerList is blank. Should i put the av.domain.tld entry in there?

                I don't have an extras under the VSE-Console. It is 8.8 VSE


                I first followed that link to generate the new framepkg package. Then installed on the client machine which has the wrong DNS/IP address.

                • 5. Re: Agent DNS Wrong



                  so please have a look at the sitelist.xml in the ePO-DB-folder: C:\Program Files (x86)\McAfee\ePolicy Orchestrator\DB\Software\Current\EPOAGENT3000\Install\0409

                  Does it have the correct information?

                  If yes, copy it to the client to folder i pointed out, and rename it to serversitelist.xml (substituting the empty one you already have there).



                  • 6. Re: Agent DNS Wrong

                    Yes, it DOES have the correct info in it but i can not copy it to the machine location due to an access denied error when copying. I am logged into the machine as a local administrator and i can stop the mcafee VSE services. Here is what i had to do to get it working on a few clients:

                    install framepkg on machine

                    run frminst /siteinfo=path\to\sitelist.xml

                    If you click about on mcafee agent, it has wrong dns and ip. So then i:


                    reinstall the agent and then click about on the agent and now the correct info is in there.

                    I really would like to find out how to install like in the past. What i did in the past, was copy frampkg from the path you linked to. Run framepkg on the machine.........

                    Something must have happened when making the move to a new server. I remember i could not check-in the 5.0.2 agent from ePO. I had to click the download link next to check-in. Then go to master repository in ePO and check-in. This moved the 4.0.1500 agent to previous and made the 5.0.2 agent current. I then:


                    System Tree, New System - Create and download agent installation package

                    This is the agent with the wrong DNS. Do you see something wrong with the process i performed?

                    • 7. Re: Agent DNS Wrong



                      maybe somethin went wrong there.

                      Do you install all your clients by hand? Why not use deployment tasks? or servertasks?


                      I would do as follows:

                      remove everythin agent related from you repo.

                      make sure that on your epo in the current software folder everythin is gone, else delete it.

                      then donwload latest agent from McAfee-Download site an check into master-repo.

                      check if correct sitelist is in the softwarefolder.

                      then i would do a fresh install over the existing installation.