I am having the worst luck with deployment…
I can install manually on the client however I want to deploy via Active Directory.
The error I get is on the attached .jpg
I am using the domain administrator account… and the Firewall is completely disabled on the client and server.
[attachment deleted by admin]
Hi cmrapa,
Is your ESM installed on a Win 7 or Win 2008 RC2 box? If so, please see if you can manage the target from the Windows msc console. Also please ensure that your ESM host can open admin$ on the target (Start > Run > \target_name\admin$). If it cannot please enable file and printer sharing on the target.
Regards,
Michel.
CESM is on Windows Server 2008 R2 Standard 64-bit server
Target Windows 7 Professional 32-bit
I can open Computer Management on the CESM server, and remotely manage the TargetComputer
I can access \TargetComputer\Admin$
File and Print Sharing is enabled on the target
Is the domain administrator’s name in the local machine’s “Administrators” folder under “Local Users and Groups”?
Regards,
Michel
The domain\Domain Admins group is listed, i manually placed the single user entry on the server and client with the same result.
ok, so server to client seems fine let’s see what happens from client to server.
Michel.
When I type in from the client side in the command prompt:
telnet SERVERNAME 9901 or telnet 192.168.123.123 9901
I get a blank screen with a with flashing white cursor (no error messages though)
Cool, that is what you should get. Next step-
Please run this command on the target (in a cmd prompt)
winrm get winrm/config
and post the output here.
One other question, is UAC enabled on the target?
Michel.
C:\Users\administrator.asdf>winrm get winrm/config
Config
MaxEnvelopeSizekb = 150
MaxTimeoutms = 60000
MaxBatchItems = 32000
MaxProviderRequests = 4294967295
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = false
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 5985
HTTPS = 5986
TrustedHosts
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 15
EnumerationTimeoutms = 60000
MaxConnections = 25
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = false
Auth
Basic = false
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
Winrs
AllowRemoteShellAccess = true
IdleTimeout = 180000
MaxConcurrentUsers = 5
MaxShellRunTime = 2147483647
MaxProcessesPerShell = 15
MaxMemoryPerShellMB = 150
MaxShellsPerUser = 5
Sorry that was the command info from the server I will post target in a sec
Ok on the first round on the target, I got…
C:\Users\cmrapa>winrm get winrm/config
WSManFault
Message = The client cannot connect to the destination specified in the requ
est. Verify that the service on the destination is running and is accepting requ
ests. Consult the logs and documentation for the WS-Management service running o
n the destination, most commonly IIS or WinRM. If the destination is the WinRM s
ervice, run the following command on the destination to analyze and configure th
e WinRM service: “winrm quickconfig”.
Error number: -2144108526 0x80338012
The client cannot connect to the destination specified in the request. Verify th
at the service on the destination is running and is accepting requests. Consult
the logs and documentation for the WS-Management service running on the destinat
ion, most commonly IIS or WinRM. If the destination is the WinRM service, run th
e following command on the destination to analyze and configure the WinRM servic
e: “winrm quickconfig”.
So I checked the services and Windows Remote Management (WS-Management) is set to manual… I started the service and got…
C:\Users\cmrapa>winrm get winrm/config
Config
MaxEnvelopeSizekb = 150
MaxTimeoutms = 60000
MaxBatchItems = 32000
MaxProviderRequests = 4294967295
Client
NetworkDelayms = 5000
URLPrefix = wsman
AllowUnencrypted = false
Auth
Basic = true
Digest = true
Kerberos = true
Negotiate = true
Certificate = true
CredSSP = false
DefaultPorts
HTTP = 5985
HTTPS = 5986
TrustedHosts
Service
RootSDDL = O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GWGX;;;WD)
MaxConcurrentOperations = 4294967295
MaxConcurrentOperationsPerUser = 15
EnumerationTimeoutms = 60000
MaxConnections = 25
MaxPacketRetrievalTimeSeconds = 120
AllowUnencrypted = false
Auth
Basic = false
Kerberos = true
Negotiate = true
Certificate = false
CredSSP = false
CbtHardeningLevel = Relaxed
DefaultPorts
HTTP = 5985
HTTPS = 5986
IPv4Filter = *
IPv6Filter = *
EnableCompatibilityHttpListener = false
EnableCompatibilityHttpsListener = false
CertificateThumbprint
Winrs
AllowRemoteShellAccess = true
IdleTimeout = 180000
MaxConcurrentUsers = 5
MaxShellRunTime = 2147483647
MaxProcessesPerShell = 15
MaxMemoryPerShellMB = 150
MaxShellsPerUser = 5
I attempted to redeploy to the client(target) and I received the same error.
please run (from a cmd prompt)…
winrm quickconfig
accept all options.Please then reboot the target. UAC disabled please.
Michel.
I just got done fixing the issue…
I ended up on the server, going to services → right click on COMODO ESM Server → properties… going to the Log On tab → selecting This account → and inputting the domain administrator information → clicking apply → stopping and restarting the service.
No idea why Local System does not work but this fixed it for me.
Thanks.
you installed ESM 3 as a domain admin - yes?
Regards,
Michel
Yes I installed it as the domain admin…
Thanks,
Carlos
Hi Carlos,
That is weird but I am glad it is working now. I have asked the developers to look into this to see if we can replicate the problem.
I hope it will be OK for them to contact you if they require more information.
Regards,
Michel
Yeah that’s fine if they want to contact me.