I am not sure where I am going wrong here, and McAfee support was unable to provide support for this. So my package created using EEDK and deployed from our EPO server is working... But I never get a response back to the EPO stating that the script executed with a success, however if I change the exit code to say 2 or 3 I get a return failure. Below is what I have configured.

​

Batch Script:

@echo off :: ################################################ :: Set environment to current product folder pushd "%~dp0" :: Get software package source directory and set as variable SRCDIR SET SRCDIR= for /f "delims=" %%a in ('cd') do @set SRCDIR=%%a mkdir C:\AJBTest reg add "HKLM\SOFTWARE\Wow6432Node\Network Associates\ePolicy Orchestrator\Application Plugins\AJBTEST____1000" /v Installed /t REG_DWORD /d 1 :END goto EOF :: Exit and pass proper exit to agent :: ################################################ :EOF Exit /B 0 

EEDK Configuration:

https://ibb.co/tQHBB2q

​

EPO Product Deployment:

https://ibb.co/st0FMWm

​

As you can see the install is always pending for the machine. From the batch I am simply creating a folder in the root of the C drive and adding a registry value to allow McAfee to detect the installation. The script fully executes and the McAfee Agent Logs show the below information:

​

2019-05-13 17:52:20 I #4448 ScrptExe Running "C:\ProgramData\McAfee\Agent\\Current\AJBTESTT0019\Install\0000\RUNME.bat" 2019-05-13 17:52:20 I #4448 ScrptExe Running "C:\ProgramData\McAfee\Agent\\Current\AJBTESTT0019\Install\0000\RUNME.bat" 2019-05-13 17:52:20 I #4448 ScrptExe Did not match searched path 2019-05-13 17:52:20 I #4448 ScrptExe Executing "C:\ProgramData\McAfee\Agent\\Current\AJBTESTT0019\Install\0000\RUNME.bat" 2019-05-13 17:52:20 I #4448 ScrptExe Using Aac exclusion path C:\ProgramData\McAfee\Agent\\Current\AJBTESTT0019\Install\0000\RUNME.bat 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [RebootNeeded] 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [CheckRebootNeededDuringInstall] 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [SendSuccessEvent] 2019-05-13 17:52:20 I #4448 ScrptMgr Update succeeded to version 4.0.0.0. 2019-05-13 17:52:20 I #4448 MueEep Invoking events withEventId " 0" Severity " 3" Productid " AJBTESTT0019" Locale " 0000" UpdateType " Install" UpdateError " 0" iUpdateState " 8" New Version " 4.0.0.0" Date Time " " Script Id" 2436" Custom Message " " 2019-05-13 17:52:20 I #4448 MueEep Updating session state to 8 2019-05-13 17:52:20 I #4448 MueEep Updating final session state to 8 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [DoCleanupOfDownloadedFiles] 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [InstallProduct] 2019-05-13 17:52:20 I #4448 ScrptMgr Update Finished 2019-05-13 17:52:20 I #4448 MueEep Invoking EndUpdateDialog withTitle " Update Finished" Message " Please check the update log for more details." CountdownMessage " Auto close in" CountdownValue" 10" 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [ReturnSuccess] 2019-05-13 17:52:20 I #4448 ScrptExe Attempting to run OnExit section on current script 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [OnExit] 2019-05-13 17:52:20 I #4448 ScrptExe Executing section: [ZeroPostponesDoneCount] 2019-05-13 17:52:20 I #4448 ScrptMain Run script return code: 0 2019-05-13 17:52:20 I #4448 ScrptMain McAfee Update Engine is exiting with return code: 0 2019-05-13 17:52:20 I #4448 MueEep Invoking events withEventId " 0" Severity " 0" Productid " EPOAGENT3000" Locale " 0409" UpdateType " N/A" UpdateError " 0" iUpdateState " 1" New Version " N/A" Date Time " N/A" Script Id" 2436" Custom Message " " 2019-05-13 17:52:20 I #4448 MueEep Updating session state to 1 2019-05-13 17:52:20 I #4448 MueEep Updating final session state to 1 2019-05-13 17:52:20 I #4448 MueEep Invoking EndUpdateDialog withTitle " Update Finished" Message " Please check the update log for more details." CountdownMessage " " CountdownValue" 0" 2019-05-13 17:52:20 I #4448 SessMgr Final session state is 1 2019-05-13 17:52:20 I #4448 mue Updater session state = <1>, Update session result = "SUCCESS". 2019-05-13 17:52:20 I #4448 mue Updater install <1> uninstall <0> update <0> 2019-05-13 17:52:20 I #4448 mue Scheduling the post deployment update if any deployment happens, no of install = 1, no of uninstall = 0. 2019-05-13 17:52:20 I #4448 mue Scheduling the post deployment update task to run after 2. minutes 2019-05-13 17:52:20 I #4448 mue Run post deployment update now. 2019-05-13 17:52:20 I #4448 mue Post deployment ASC will be done after post deployment update. 

​

Full success on the agent and it shows sending a 1 event to ePO server, which I assume is the install success but nothing ever updates on the EPO.

​

Note:

This is only occurring with packages built within EEDK, any McAfee product deployed in the same method returns successes.

​

Does anyone have any experience deploying in a similar manner? I need to show evidence for our security that certain scripts have been deployed successfully and this is making it difficult.

Thanks!

I see a lot of overlap with these solutions. Can someone tell me the differences between RMMs (whatever you prefer) vs logging (greylog, elk, etc) vs monitoring (LibreNMS, Zabbix).

We have a lot of users who have a hard time understanding how to start a ticket, how to respond to the ticket, or just being unwilling to start tickets in general or provide us with adequate information.

​

However, when a user happens to notice that they got a suspicious email, they become the most diligent reporters and cooperators. They get so enthusiastic about it. Sometimes they even go into their spam folder, and to their surprise find an email that's suspicious, then they actually start a ticket to tell us about something they found in their spam folder.

​

I was wondering if anyone else notices this kind of behavior? It's truly interesting to how different peoples attitudes are about things when they suddenly find something interesting about it.

I work with a small team managing antivirus and related software for a fairly large company. We often have various other teams asking us to turn off AV on this or that server for "troubleshooting". The AV software is very rarely related to their actual issue. Today a team asked us to disable AV and related components, and roll back to an old version. Their reasoning is that a hotfix for it was applied, and then 16 days later there was a performance problem on the server.

The only monitoring they have in place for these and other servers is simple parameters for disk over 90% utilization, CPU at 100% for x minutes, and sustained 100% RAM usage. I asked them what troubleshooting tools they use, they said task manager.

This is a common scenario, and the management for these other teams does not seem motivated to improve their toolsets for troubleshooting or encouraging their teams to put more effort into finding real answers before wasting our time uninstalling and reinstalling things that are unrelated to their problems.

Where do I start to learn how to measure and monitor file server performance? What kind of tools should I know about, what kind of metrics should I be watching?

I have been on tons of job interviews in the past three years and I seem to have a proper understanding of where the IT Industry is at the moment despite having literally not enough experience to advance in it. Over the past three years I have witnessed the IT/Sysadmin industry completely change while the non-profit that I work for has stayed roughly the same using the same methods dealing with problems and not investing in anything new. Our last tech upgrade was to fiber!

On most job interviews I always get asked if I have O365 or SQL experience. The non-profit I work for cannot afford it and/or sees no reason to move to those platforms. For O365, I say that I use Exchange 2013 since that is our current platform. I understand that there are similar features in O365 and 2013, but I feel like this example does not actually help with the answer to their question. I'm hopeless and clueless to SQL. I took a few classes in college but haven't kept up with it. My Agency obviously doesn't have much in the way of databases, but it's my job every school year to make sure students can connect to a testing database I set up.

I often get asked if I have experience in setting up video conferencing software like Zoom or Slack. The non-profit I work for cannot afford it and sees no reason to move to the platform. What I say in this case is that I set up the conference with A/V equipment that the agency currently uses and set up the projector, the skype account (if needed) and any technology board members bring in. I'm also somewhat involved in training of new staff at on-boarding meetings when it comes to using medical records.

I have also been asked about SCCM or Intune. As Microsoft products tend to be expensive, the non-profit I work for cannot afford it and sees no reason to move to the platform. I have installed, and set up SCCM in a lab and played around with it, but I generally stick with EaseUs To Do Back Up and Backup Exec. We get donated computers and I have a library of common brands that I made an image of over the years. This process seems to work well for us, but the industry has since moved on it seems...

A couple of other keywords I've seen out there that could boost my resume is Salesforce (very interested in), Google Apps, Box, Zendesk, JIRA. About 3-4 years ago I was able to hunt around the internet and trial the software for 30 days and learn it well enough to see if it would help our non-profit. I've even cracked some to save them money. I can't even seem to do that nowadays, or I can do so in limited forms. Salesforce required a complete overhaul of some job roles in order for it to be implemented. So in order to "save jobs" we passed.

So I've been hunting around for a sysadmin job in the NYC area and it doesn't seem like I have any experience that is marketable since the non-profit I worked at hasn't kept up. Yet I have 5 years exp and a BS Degree in Info Sys all of which seem just about useless atm. I have no IT network, my non-profit will not give me any professional development or training on this stuff since they aren't using it, the certs can add up, and it's only through job interviews and application that I even know about half of these technologies. I'm currently working on my A+ cert which I hope to get in June and it's been reteaching me some basic things, but even that isn't working on these new cloud based technologies. So I feel stuck and not quite sure what to do

What solutions do you know for securing our data and ensuring company documents are not either deleted or emailed out?

I've recently been passed a project into reviewing our Active Directory Environment including security, at the moment the only so called security we have for the Built-In Domain Administrator Account is that, we don't use the account and we change the password for it monthly.

So after doing some research i found this article:
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-d--securing-built-in-administrator-accounts-in-active-directory

I've applied all the changes from the above documentation within our Test Environment and I've discussed with management briefly and they wasn't sure on the 'Smart card is required for interactive logon' setting and what risks this may incur regarding disaster recovery?

Does the Built-In Domain Administrator Account need disabling also?

What would happen in the event of needing the Built-In Domain Administrator account in a disaster recovery scenario?

Hey guys!

We currently working on a bginfo solution.

The problem is that everytime im applying the bginfo.exe is turning the background settings "Choosing a fit" to "Tile" instead of strech.

So when the user putting in a docking station or something, it goes bananas!

Ive searched that other have similar issue, they say it fixes when i putting this registerkey in

HKLM:\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers -Name C:\temp\bginfo\bginfo.exe -Value ~ HIGHDPIAWARE

but it dosent help, have also tried on the bginfo.exe file /combability tab / Change high DPI settings /High DPI scaling override (checked and application)

​

Another thing i tried is to change the register value

HKCU\Control Panel\Desktop -Name TileWallpaper -Value 0

I can change this value with a script after bginfo is running, but then its still "tile" in settings, thinks that only a "relog" will change the values. So if a person put a docking station in without relog its same issue. So main issue, Bginfo.exe changes it to tile..

​

Tried it on (Windows 1703 & Windows 1803)

Same issue on both of them

Anyone know how to fix this problem

​

Cheers

Pontus

Hi All,

​

I have a DFS setup between two servers. Now I am trying to find a way via powershell to see if there is a way to show the % of remaining replication..

​

I normally use:

dfsrdiag backlog /rgname:**** /rfname:"*****" /sendingmember:********** /receivingmember:******

but Im looking for a remaining % or remaining time counter

Hello fellow IT people.

​

So, I've been in IT for 10 years. I've only ever worked for small (<10 people) outsourced IT companies, so I feel woefully uneducated when it comes to managing environments with any kind of scale. Anyway my current business is getting to the point where it's starting to grow a little bit unmanagable, or I'm just not trained to be able to manage this kind of scale. So here's the issue. At this point we have nearly 40 clients and daily we get around 70 backup reports, arriving from various things, be it remote backup, local to disk backup, tape etc. The IT team is only about 5 people strong and ideally we need the backups being checked every day, but having the team check 70 separate backups and update a spreadsheet is a massive use of their time and understandably they get sick of it and stop updating the backup check spreadsheet after a while.

​

Is there some method how a report could be generated, or spreadsheet updated automatically based off of backup report emails that we receive. So if it's successful the sheet is automatically marked as such and any unsuccessful the team can update manually if needs be?

​

Does that make sense? I just need a way that the team can somewhat efficiently monitor the backups on a daily basis without making it such a mundane task that they want to kill themselves.

​

Appreciate any advice, thanks!

Hi r/sysadmin,

​

Each week I thought I'd post these SysAdmin tools, tips, tutorials etc.

Here are the most-interesting items that have come across our desks, laptops and phones this week. As always, EveryCloud has no known affiliation with any of these unless we explicitly state otherwise.

​

A Free Tool

MSYS2 is a Windows software distribution and building platform. This independent rewrite of MSYS, based on modern Cygwin (POSIX compatibility layer) and MinGW-w64, aims for better interoperability with native Windows software. It includes a bash shell, Autotools, revision control systems and more for building native Windows applications using MinGW-w64 toolchains. The package management system provides easy installation. Thanks for this one go to Anonymouspock, who says, "It's a mingw environment with the Arch Linux pacman package manager. I use it for ssh'ing into things, which it does very well since it has a proper VT220 compatible terminal with an excellent developer."

​

A Podcast

The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.

​

A Free Tool

FastCopy is the fastest copy/backup software for Windows. Supports UNICODE and over MAX_PATH (260 characters) file pathnames. Uses multi-threads to bring out the best speed of devices and doesn't hog resources, because MFC is not used. Recommended by DoTheEvolution as the "fastest, comfiest copy I ever used. [I]t behaves just like I want, won't shit itself on trying to read damaged hdd, long paths are no problem, logs stuff, can shutdown after done, got it integrated into portable totalcommander."

​

Another Free Tool

Baby Web Server is an alternative for Microsoft's IIS. This simple web server offers support for ASP, with extremely simple setup. The server is multi threaded, features a real-time server log and allows you to configure a directory for webpages and default HTML page. Offers support for GET, POST and HEAD methods (form processing); sends directory listing if default HTML is not found in directory; native ASP, cookie and SSI support; and statistics on total connections, successful and failed requests and more. Limited to 5 simultaneous connections. FatherPrax tells us it's "[g]reat for when you're having to update esoteric firmware at client sites."

​

A Website

High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.

​

Have a fantastic week and as usual, let me know any comments or suggestions.

u/crispyducks

​

Each week we're updating the full list on our website here.

Enjoy.

Hey guys. Looking for general advice. Have highly legacy systems where uptime is everything. The old c code is starting to break is weird and wondrous ways, and the hardware is old too and starting to fail. Want to start gathering data to understand the problems and make recommendations. In windows env, I used data collector sets in perfmon.exe, and PowerShell to set up addition logging with a wide net to start to try and understand problems where people didn't know where to start/they were various. New-ish to Unix, like it, but would like to try and cast a wide net where the data gathering itself involve little to no installs (there is paranoia over that, given the uptime requirements) and very little/no chance of causing issues in and of itself. Low-risk data gathering where the timid in the company couldn't complain. New to bash but I can work it out. That or pearl (have a lot of python time). It's just the approach where I'd love some advice.

We use teamwork to manage projects, and teamwork has a feature that lets you add tasks via email. is there anyway i can exclude signatures for emails sent to '@teamwork.com' addresses?

I am not sure to post here or where at. So excuse me if so.

I am looking into getting foundation AWS certification. Currently I am reviewing with CBTNuggets. This course is relatively really short. Can anyone give any AWS Cloud Practioner cert experience? Is CBT enough to pass? And do you suggest any other resources?

​

Thanks for your input, lads.

Been having an issue with some Dell Latitudes and their display backlights not being adjustable from Windows 10 since the 1809 update. Brightness controls still work perfectly fine in BIOS. Keyboard shortcuts dead as well.

Seems to be a software/driver issue but Dell, Intel, nor Microsoft have issued a fix for this...

Am I missing something?

More detail here: https://www.dell.com/community/Latitude/Windows-10-brightness-controls-don-t-work-after-1809-update/m-p/7299574

Hi guys,

This started happening recently at my site:

https://imgur.com/gallery/C1uYRRd

Machines will get hung on this GPO process every time they boot.

I’ve removed all of my GPO’s to do with Offline Files to rule it out, and it’s made no difference.

This has seemingly just begun happening randomly? I haven’t made GPO changes since before this year.

Any ideas for what could be the culprit?

Have tried to disable Offline Files with a GPO and it’s had no impact.

Hi all,

Need your "quick" help.

I am working on an Azure Application Gateway and got abc.mybusiness.net Public DNS CNAME pointed to https://abc.northeurope.cloudapp.azure.com

Now the problem is.. its pointing to above link (https://abc.northeurope.cloudapp.azure.com) regardless of whatever extension I add to it.

For Example: abc.mybusiness.net/v1/v2/v3 needs to be pointed to https://abc.northeurope.cloudapp.azure.com/v1/v2/v3 and so on.. (I have some 15+ extension redirects)

​

Thank you for your time :-)

Same name, but no relation to the old one.

https://github.com/Microsoft/PowerToys

It is just a baby with two functions at the moment:

• Maximize to new desktop widget - pops a window onto a new desktop

• Windows key shortcut guide

We're gearing up for a security camera system refresh across our locations and as much as I wish we could outsource it to a local security integrator, it looks like we'll be handling it in-house.

Now we have to settle on a platform to move forward with and there's surprisingly little enough on that on the usual IT subreddits. Probably because IT depts get to outsource those decisions but oh well...

Hi there,

I'm completely new to everything that has to do with server equipment so forgive me in advance.

I have an HP AF611a USB/PS2 KVM switch here that I need to upgrade the firmware on.

So I downloaded the firmware, launched Putty, set all the settings exactly as the website asks me to.

The PC is not connected to the KVM, only through the serial port.

For some reason the KVM switch does not respond to any input whatsoever. U and V, which are supposed to do things, don't do anything.

I've only gotten it to send me a message with "KVM main menu: U - upgrade firmware V - Check current firmware" by power cycling the device. After this, it doesn't respond to anything.