Hi,
I have some hard time to deploy the Comodo Agent and Comodo Internet Security 6.0.
But i still have the same error : Access is denied - status_remote_cannot_setup_descent_service (5)
Please help,
[attachment deleted by admin]
Hello Maurice999,
Please try following these steps:
Check if entered account has administrator privileges. Check if the domain administrator’s name is listed in the local machine’s “Administrators” folder under “Local Users and Groups”
Check if firewall is disabled on remote computer. Check if you can telnet to server_name port 9901 and/or server_IP port 9901 from the target to the server.
Go to services → right click on COMODO ESM Server → Properties → Go to the Log On Tab → Select “This account” → and input the domain administrator information → Click apply → stop and restart the service.
Hello Radu,
Yes, i have read the previous thread from cmrapa (https://forums.comodo.com/endpoint-security-manager-30/deployment-failed-t92259.0.html)
Yet, everything is not working properly- :-\
1-> Allright
2-> Error on Telnet : “could not open connection to the host, on port 9901: Connect failed”
3-> Changed the log on services of ESM Server to the Domain Admin, but can’t restart it, i tried both :
3a → From Windows Services : i got this error The COMODO ESM Server service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.
3b-> From Comodo Console, i can’t start it either, due to errors : got an access right issue on the local SQL mdf database. I put the local admin on read/write on the mdf, but still another error appear. I guess the domain admin do not have rights properties inside the DB.
I can deploy manually the Offline Agent on the Deestination Server, but there’s no “Offline Comodo Security Client” ?? (It was possible before on the version 2.1). I gave up this version 2.1 for some reasons, but Comodo 3.0 looks really promising, so i’m trying harder.
Any idea ?
If that can help, this is what i’m having in the log file on the Admin$ (destination server).
[1256 CIS] 14:7:38>> Cannot open key ‘SYSTEM\Software\Comodo\Firewall Pro’: 2
[1256 CIS] 14:7:38>> PROXY (SetProductName): proxy path ()
[1256 CIS] 14:7:38>> PROXY (SetProductName): proxy path empty or does not exists
[1256 CIS] 14:7:38>> PROXY (SetProductName): Call original method
[1256 CIS] 14:7:38>> String property CESMCONTEXT: 1
[1256 CIS] 14:7:38>> String property AV_FOR_SERVERS: 0
[1256 CIS] 14:7:38>> Cannot open key ‘SYSTEM\Software\Comodo\Firewall Pro’: 2
[1256 CIS] 14:7:38>> String property BETASUFFIX:
It’s really kind of crazzy 
It still not working to deploy it
. I have installed SQL Express 2012 just for the purpose = OK
. Telnet on port = OK
. Comodo ESM Server Running under Domain Admin = OK
. Firewall = OFF
. Comodo Agent Running under Domain Admin = OK
. Command “winrm quickconfig” on the Destination server = OK
Then step of deployment :
Well, don’t know what to do now. It would have been helpful to get an Offline Client Installer, at least.
If someone come back with any help, i’ll be greatful.
Hi Maurice,
Is there any other security software running on the machine? Another vendor’s AV?
Regards,
Michel.
Hi Michel,
No, there’s no other vendor’s software running on those servers. (They have been totally uninstalled).
Regards,
Maurice
Are you deploying Agent + CES?
What happens if you do Agent only?
What OS is the ESM server installed on?
Agent can not be deployed either. It’s deployed manually.
Servers are running Windows Server 2008 R2 (Standard)
“Servers are running Windows Server 2008 R2 (Standard)” - Thought so
We have seen this on 2008 R2 servers before. Microsoft disabled remote management of workstations in 2008 R2. It needs to be enabled in Group Policy.
For more info:-
http://support.microsoft.com/kb/976839
Configure Remote Management in Server Manager | Microsoft Learn
You can replicate the ESM problems by right-clicking on “Manage” in your Server 2008 R2 menu. Wait for the roles to populate then right click on your server at the top of the tree-view in the left hand panel. Select “Connect to another computer” and supply a name or IP address of the target. You will get an error message about not being able to connect to the target.
If you need more help with enabling WinRM on the host server please let me know.
I had this problem and I found it was because the service “Windows Remote Management” was stopped and set to manual startup type on the destination machine. If you have the same problem as I had, here is how I fixed it:
In Group Policy Management Editor:
** When viewing the Group Policy Object Settings in Group Policy Management you will NOT see the correct settings that you applied, but they DO exist and they are what you set them to. This is a documented Microsoft glitch with a hotfix available.