To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Devices are not visible on Pending List

kuroneko
kuroneko Member Posts: 9 Security Scout
edited August 19 in Business Suite

Hi everybody,
Some Windows 10 PC, after push installation of withsecure (16.00 client version for business suite), are not showed on PM Pending. I try to uninstall withsecure with a remove-tool and install again offline method with success, but are still showed on Unmanaged devices. All of devices are on AD Domain and have access to 80 8080 8081 ports
Please help me.
Thanks

Tagged:

Answers

  • JamesC
    JamesC Staff, Moderator Posts: 543 W/ Moderator

    Hi @kuroneko

    The unmanaged hosts are defined as hosts that have been added through Active Directory but still lacks of any WithSecure client.

    If the hosts aren't changing their status, the first likely problem is that the client can't communicate with the Policy Manager Server via HTTPS.

    The WithSecure client might look like it's working normally, as it has the option to fall back to fetch virus definition updates directly from WithSecure update servers.

    This can be quickly tested by putting https://<Policy Manager Server IP address or host name>:<HTTPS port number, 443 by default> into a web browser on the client, to check if you can reach the Policy Manager.

    NOTE: Be cautious to use the exact Policy Manager Server address and HTTPS port as it was defined when preparing the installation package.

    If you can't reach the Policy Manager Server, you would need to troubleshoot the connectivity between the host and Policy Manager Server.

    One of the most likely reasons behind the issue is that the firewall is blocking the connection. You shall ensure that the connection to the assigned HTTP and HTTPS ports (80 and 443 by default) should be whitelisted between the managed hosts and the Policy Manager Server.

    However, if the Policy Manager Server address is defined using a host name or FQDN, the DNS resolution could be problematic sometimes. We recommend validating the DNS resolution of the host name or FQDN in this case, by running the nslookup command.

  • kuroneko
    kuroneko Member Posts: 9 Security Scout

    Hi JameC,

    I chek port in msi exported and I use the PM server ip address

    I test connection from Client to PM server with "netstat" command on default port 80 and 443 and connection is "ESTABLISHED" . This client has the same GPO like other PC in the same Domain,

    In this Windows Client, if I click on the withsecure icon tray and select -Show Current State- on details, I have an "!" with orange background reports "Centralized management state not available"

    The other clients, showed on PM Console, have a green check on "Centralized management"

    Is there somethings other to check ?

    Thanks

  • JamesC
    JamesC Staff, Moderator Posts: 543 W/ Moderator

    Hi @kuroneko

    Did you try to reach PM via browser ?

    You can test by entering https://<Policy Manager Server IP address or host name>:<HTTPS port number, 443 by default> into a web browser on the client, to check if you can reach the Policy Manager.

  • kuroneko
    kuroneko Member Posts: 9 Security Scout
    edited August 22

    Yes I did it with success.
    It was my first test.

    This PC had a 15.30 f-secure installation with a different fqdn but the ip addres remains the same.

    Is it possible could be a problem with PM database ?

    Can I flush\erease old data ? for example data into the unmanaged list ?

    Thanks !

  • Sethu Laks
    Sethu Laks Staff, Moderator Posts: 272 W/ Moderator

    Hi @kuroneko

    Apologize for the delayed in the response, and since the PC had a previous installation with a different FQDN, try uninstalling the current client security software using the Uninstallation tool should fix. If the issue still remains unresolved. You can also try run the database maintenance tool manually to see if that works. You can refer to these following Userguide page:

    Running the database maintenance tool | Policy Manager | 16.00 | WithSecure User Guides

    Database maintenance troubleshooting | Policy Manager | 16.00 | WithSecure User Guides

  • LiselotteP
    LiselotteP Staff, Community Manager Posts: 411 Threat Terminator

    Is your issue still open? If one of the replies resolved it, please mark it as the best answer. Thanks!

  • kuroneko
    kuroneko Member Posts: 9 Security Scout

    Hi @Sethu Laks ,

    I try now to running DB maintenance tool but it don't resolve my problem and devices are still not visible on pending list. What can I do to erase (not hide) "unmanaged list" where there are old device record ? Is it possibile ?

  • JamesC
    JamesC Staff, Moderator Posts: 543 W/ Moderator

    Hi @kuroneko

    One of the reasons might be Policy Manager server address not being defined at the Root domain.

    If you are still using PM 16.00 or 16.01 it is required. In the last released PM 16.02 it is not needed anymore.

    You can also check errors in the c:\ProgramData\F-Secure\Log\BusinessSuite\PmpSelectorPlugin.u.log file, which might suggest clues where to look next.

Categories