MeshCentral
MeshCentral copied to clipboard
Ylianst
Installed agents do not show up
Hello, dear fellows,
I need help, please. I am trying to deploy the agents and configure everything, however, on first 24 nodes everything worked fine with my standardized PDQ Deploy "Mesh Agent" package, then everything went to hell. No new agents are able to register to the group. It even went wrong during the same deployment - two agents registered fine, then nothing no matter how i try...
I have been experimenting with Intel EMA before, however, the VM is now fully shut down and all 24 agents worked without issues on both previously provisioned and unprovisioned systems. To be sure, I added two uninstallation steps to my deployment package before the installation is actually launched:
Step 1: Uninstall Mesh Agent (copy installer exe to the machine and run with "blah.exe -fulluninstall") ...Checking for previous installation of "Mesh Agent" [FOUND: C:\Program Files\Mesh Agent\MeshAgent.exe] -> Checking firewall rules for previous installation... [DELETED] -> Stopping Service... [STOPPED] -> Uninstalling previous installation... [DONE] -> Deleting agent data... [DONE] -> Checking for secondary agent... [NONE]
Step 2: Uninstall Intel EMA Agent (same as in step 1 but with EMA installer) No service agent found. Continue with uninstaller Error removing installation directory file
Step 3: Install Mesh Agent (-fullinstall) ...Checking for previous installation of "Mesh Agent" [NONE] ...Installing service [DONE] -> Writing firewall rules for Mesh Agent Service... [DONE] -> Starting service... [OK]
I tried to delete a few machines, I tried to delete the group. No matter how I try, no new agents will appear in the "My Devices" management console.
When we solve this issue, I am going to open up a new problem, which is provisioning of CIRA on HP machines, since I was unable to join any HP computer using CIRA, despite AMT works otherwise fine (two models with AMT 11 (and 11.8). Dells in the neigbouring classroom are running CIRA fine. Just for the record to have all necessary information.
Server running in a HyperV VM on WS 2019 EN, fully updated, in a domain environment, no restrictive GPOs applied.
Thanks a lot.
Marek
OK, so I tried the following scenario:
WITHOUT reinstall afterwards: PC32 uninstall - nothing PC31 uninstall + delete - nothing PC30 delete - nothing
WITH reinstall afterwards: PC27 uninstall - agent connected PC26 uninstall + delete - agent connected, CIRA connected notification but no CIRA connected (seems like sudden disconnect) PC25 delete - nothing
So when I uninstall the agent first using the console and then delete the computer from the console and then reinstall the agent using the uninstall sequence described in the previous post before the installation, only then can be the computer added later and in this only scenario it has even tried to do something with CIRA.
Otherwise, I am screwed.
Uninstall without deletion? No CIRA notification, no CIRA, but agent works.
Installed and working agent but PC deleted from console? It will not be recreated.
How about deleting the PC in the console, then uninstalling the agent using PDQ and reinstalling the agent? No luck, the agent does not connect despite the service is running which I know from the PDQ Inventory tool.
It seems to me that the agent copied to the machine and ran with -fulluninstall parameter does actually leave some crap behind (registry? files?) that prevents the PCs from connecting to the console.
Could, please, anyone advise?
Thanks.
Hi. So lets put CIRA aside and first work on getting agents up and working. You can debug agent connections by stopping the agent service, opening a administrator command prompt and doing this:
cd c:\program files\meshagent
meshagent.exe run
The agent will start connecting to the server from the command prompt and you will see what is going on.
Also, is your server in LAN, Hybrid or WAN mode? You can find out in the "My Server" / "Console" tab, type "info".
If you are in LAN mode, agents will need to be in the same network at the server to connect. This is easy to fix.
Another possible issue is that you may have a firewall limiting the number of connections to your port 443. in any case, try running the agent from the command prompt with "run" and let me know what you see.
Hello, Ylian, thanks for replying, I did not manage to send an update yet. Sometimes it helps to restart the server. After reboot everything started operating normally.
Even the CIRA seems to be connecting on the majority of computers except from one model (HP ProDesk 600 G3 DM). I will play with the rest and open up a new issue if the CIRA issues persist.
There may be kind of a bug that after the installation all services do not work properly till the first server reboot. God knows why it behaved as it did. Even the MPS debug showed nothing solid before the reboot... I will monitor the server closely.
Thanks a lot.
Marek
OK, so I have to reopen.
My agents are in the same LAN (different subnets, different VLANs; directly freely routable; no connection rate limiting). Server runs in hybrid mode, but is not publicly accessible yet. All tests take place in the LAN.
When I add around 24 new clients (last time it was 23 added before stopping), the server stops showing the new clients. After reboot everything starts running.
The clients added before last reboot do not connect to CIRA. After reboot, most of them (except for ProDesk 600 G3), connect using CIRA successfully.
The issue still persists.
Thanks.
Marek
a Haiku: It’s not DNS There’s no way it’s DNS It was DNS
That was funny, but seriously. I bet you don't have the host/url set in the config.json, or your client machines don't have the DNS to resolve the hostname. I had this issue when setting up our server.
I could also be completely wrong, but that is what it looks like to me.
You could post your config.json... Just sanitize the private stuff.
Well in this case it really is not the DNS since I reworked the registration and scavening a month ago so that we have no more issues with it. We suffered from the DNS issues and PDQ Deploy was throwing out errors all the time because of stale records since it is only initiating server->client connections.
- PDQ Deploy throws out no more errors and DNS is verified to be working all right.
- DNS is not the case if the client is deployed using the PDQ successfully.
- When you deploy the agent, it should register immediatelly.
- The agent registration is definitely not server initiated. If the client would not be accessible over DNS, it would show offline after registration, but still it would register.
- MeshCentral server reboot would not help to fix the DNS issues.
What is in the "cert" portion of your config.json? edit out your actual domain name.
{ "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json", "settings": { "MongoDb": "mongodb://localhost:27017/meshcentral", "cert": "mesh.domain.com",
Can you reach the mesh admin panel from the agent?
This is a quick way of verifying all your network from agent to server is working and #ItsNotDNS 😉
Yes, I can.
It is not DNS when there is a static record. I have many other systems depending on DNS both on client and server side + I had a massive review of the whole DNS infrastructure in the past two months - I am pretty damn sure we can rule it out.
I am having a similar issue. Flat network DHCP, server running in LAN mode. some machines connect right up and others never appear. when I run from the command prompt I get
You enable trace, and look for errors that might suggest something from the server? https://ylianst.github.io/MeshCentral/meshcentral/debugging/#enabling-trace-in-your-browser-dev-tools
I guess I am a little slow. the trace is turned on in the web browser of the server or the client? Are there not any installation logs? Mark McElvy Technology Director Salem R-80 School District Office:573-729-5080 Cell:573-247-9980
On Thu, Jul 14, 2022 at 4:09 PM silversword411 @.***> wrote:
You enable trace, and look for errors that might suggest something from the server? https://ylianst.github.io/MeshCentral/meshcentral/debugging/#enabling-trace-in-your-browser-dev-tools
— Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/3934#issuecomment-1184898742, or unsubscribe https://github.com/notifications/unsubscribe-auth/A2B2YYOYQU535RDE22UL7SLVUB6YVANCNFSM5U6YFPZA . You are receiving this because you commented.Message ID: @.***>
the trace is turned on in the web browser of the server or the client?
If trace is on, and you're restarting agent and you don't see traffic on your server, you have DNS/routing issues.
Open mesh admin URL on your agent to test basic connectivity.
I connect via IP just fine. Does the client try to use the machine name? Mark McElvy Technology Director Salem R-80 School District Office:573-729-5080 Cell:573-247-9980
On Tue, Jul 19, 2022 at 1:33 PM silversword411 @.***> wrote:
the trace is turned on in the web browser of the server or the client?
If trace is on, and you're restarting agent and you don't see traffic on your server, you have DNS/routing issues.
Open mesh admin URL on your agent to test basic connectivity.
— Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/3934#issuecomment-1189424563, or unsubscribe https://github.com/notifications/unsubscribe-auth/A2B2YYPKILLJXZL6YAPYZLDVU3YI3ANCNFSM5U6YFPZA . You are receiving this because you commented.Message ID: @.***>
If I run a packet trace watching the client, what should I expect to see as far as traffic looking / checking into the server? Currently if I am watching the client during client install or service restart there is NO traffic directed to my Mesh server on its IP. Mark McElvy Technology Director Salem R-80 School District Office:573-729-5080 Cell:573-247-9980
On Tue, Jul 19, 2022 at 2:14 PM Mark McElvy @.***> wrote:
I connect via IP just fine. Does the client try to use the machine name? Mark McElvy Technology Director Salem R-80 School District Office:573-729-5080 Cell:573-247-9980
On Tue, Jul 19, 2022 at 1:33 PM silversword411 @.***> wrote:
the trace is turned on in the web browser of the server or the client?
If trace is on, and you're restarting agent and you don't see traffic on your server, you have DNS/routing issues.
Open mesh admin URL on your agent to test basic connectivity.
— Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/3934#issuecomment-1189424563, or unsubscribe https://github.com/notifications/unsubscribe-auth/A2B2YYPKILLJXZL6YAPYZLDVU3YI3ANCNFSM5U6YFPZA . You are receiving this because you commented.Message ID: @.***>
closing as stale, please update to the latest version 1.1.21 and use node 18 or above, if issue persists, please reply back
