1 2 Previous Next 17 Replies Latest reply on Oct 27, 2016 5:22 AM by rgijsen

    Agent unable to get managed and other issues



      running epo 5.3.1 with HF1080544 and HF1102635. AV 8.8 on all server. Current branch running Agent without any issues. I've checked in agent into evaluation and deployed that to a few testsystems. I think I need an idiot check / confirmation. I can't get agent 5.0.2 to get in managed state. When I update them through ePo, the agent gets in unmanaged state and will not comunicate to ePo:


      C:\Program Files\McAfee\Agent>cmdagent -i

      Component: McAfee Agent

      AgentMode: 0


      GUID: N/A

      TenantId: N/A

      LogLocation: C:\ProgramData\McAfee\Agent\logs

      InstallLocation: C:\Program Files\McAfee\Agent\

      CryptoMode: 0

      DataLocation: C:\ProgramData\McAfee\Agent\

      EpoServerList: xxx <-- masked, but absolutely correct

      EpoPortList: 18443

      Failed to get value of EpoServerLastUsed

      LastASCTime: N/A

      LastPolicyUpdateTime: 0

      EpoVersion: N/A



      C:\Program Files\McAfee\Agent>cmdagent -c

      2015-12-22 10:32:57.357 cmdagent(1116.3060) cmdagent.Info: Agent is running in unmanaged mode. Can not check new policies.



      I've tried to uninstall the agent (with /forceuninstall) and redeploy it. Same issue. Installed it from commandline, same issue. I tried to enable the debuglog (loglevel 8) on the agent but for some reason it doesn't generate a logfile at all (or at least I can't find it where it should be) which is another issue. Now I know 5.0.0 could not communicate without SSL, which was supposedly fixed in 5.0.1. I have SSL enabled and working, port 18443 as shown above is my SSL port. 4.8 agents connect to that just fine. Checking with a browser reveals SSL is in place with the correct selfsigned cert. I've tried redeploying the agent with Access protection and mcshield disabled, to prevent McAfee files being updated by itself (I don't think it would need that but who knows). Still no luck. I've got a few machines in a different subnet, I checked the firewall logs and the agent doesn't even seem to try to connect to the ePo server at all on either port.


      I've been staring at this for about 8 hours, but it can't be that difficult. I think I need a pair of fresh eyes. Anyone?

        1 2 Previous Next