0 Replies Latest reply on Oct 17, 2008 4:42 AM by lsiau

    Agents cannot talk to EPO server


      I recently reinstalled my EPO server but before that I copied out all the keys in the c:\program files\mcafee\epolicy orchestrator\DB\Keystore.

      I am running the following

      EPO 4.0 patch 2
      Agent 4.0
      Virusscan 8.5 patch 3

      Once I reinstalled the server, I copied the \keystore contents from the backup back into the respective directory.

      The existing agents all had no issue communicating back with the newly installed server. However I still had a few new servers on which to install the mcafee 4.0 agent.

      To ensure that the framepkg.exe was built with the old keys, I followed the procedure on regenerating the frampkg.exe, using the copied old keys following this article: https://knowledge.mcafee.com/article/811/616820_f.SAL_Public.html.

      The framepkg.exe ran beautifully and the new servers were all able to communicate with the EPO server.

      I then did a check later on (24 hrs), and found that previously the dashboard reported all clients to be healthy and compliant, but now it reported that only 1 client was compliant.

      I checked the server.log and this is what I observed:

      20081014145739 I #4668 EPOServer Receiving Incremental Props from SW930VMPRAS1
      20081014145739 I #4668 EPOServer Sending props response for agent SW930VMPRAS1, agent has up-to-date policy
      20081014150200 I #308 EPOServer Receiving PropsVersion from SW930APXBES1
      20081014150200 I #308 mod_epo Signing agent response package with key oYLWADr700RFcHfczWhKlJVz+Vk=
      20081014150200 I #376 EPOServer Receiving Incremental Props from SW930APXBES1
      20081014150200 I #376 EPOServer Sending props response for agent SW930APXBES1, agent has up-to-date policy
      20081014150449 I #1388 EPOServer Receiving PropsVersion from SW930VMPASYN2
      20081014150449 W #1388 mod_epo ERROR: Failed to find server key matching agent key hash: UDOhu8jG0pdbyhnTFutUHYJ9jC8=

      I noticed that all was fine most of the time, but at roughly the time of the last entry these entries started to appear complaining about the server key not matching the agent key hash. This error then propagated to all the other clients.

      Anyway can help me out how to remedy this problem? I know that reinstalling all the agents with the framepkg.exe solves the problem immediately but the problem occurs again 24 hrs later.