Jump to content

Recommended Posts

Posted (edited)

I am struggling with the new GEN2 probe and it's identification of VMware virtual machines.  The probe locates the VM, but it classifies it as:

Manufacturer = "Vmware, INC."

Type - "Network Device"

It appears to stop there and is never identified as a windows machine so the probe never pushes out the agent to the endpoint.  The Agent Readiness shows either Not Applicable (can't recognize if it is a computer) or Not Ready (no valid credentials found) even though every possible location where client credentials are needed is populated with the correct credentials (I verified this because non-VM's get the agent installed just fine from the same probe.) The legacy deployment manager can push the agent to the endpoint, and the new CWA agent deploy utility can also push the agent out to these endpoints without issue.  I just want to figure out why the probe isn't detecting it as a windows endpoint and pushing the agent out automatically.

I need some help on this one as Automate support never figured it out and it is slowing down our deployment having to open each device and install the client manually or use one of the tool or utilities to manually push the agent out.

Note:  I am aware of GPO based deployment but I can't wait forever to get an endpoint to reboot to install the agent.  Most of these are servers and getting clients to allow server reboots (even when everyone is asleep is next to impossible.)

Edited by mlarson

Share this post

Link to post
Share on other sites

You misunderstand GPO deployment. You can easily have near 100% deployment in under 2 hours if computers are able to access the domain. The trick is to use a script that tests for the agent and installs if needed, instead of pushing an MSI. The next key key is to use a scheduled task (from your Deployment GPO) to run the script immediately, or hourly, instead of using a startup script  

No waiting for reboots, no opening of firewall ports, works through firewalls, NAT, over VPNs, always gets new machines as they join, and even automatically reinstalls if the agent is removed. (As long as the GPO is applied) 

As long as the machine is able to refresh group policy, it will work.

Share this post

Link to post
Share on other sites

Often times, the "Not Applicable" will show if Windows Firewalls are On. Also, if the Windows Firewalls are OFF. There is one particular rule that needs to be enabled on each Windows Firewall Profile.

'File & Print Sharing (Echo Request - ICMPv4-In)' Inbound Rule. Make sure that rule is ENABLED.

Note: if this rule does not allow connections inbound, the Network Probe cannot verify that the machine is a Windows-based machine. In turn, the Agent Readiness Check (ARC) will fail citing Not Applicable/Not Recognized As A Computer.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now