I’m currently switching our corporate AV to avast, however I’ve got a problem on the ADNM server, which could be cause by one of 2 things.
Problem - ADNM installed and running perfectly, installed netclient to 12 PC’s no problem, also installed netserver to 4 servers, again no problem, all appear in the “Computers with Agents” dynamic group with the green icon, however when I pushed the netserver edition to the server which hosts the ADNM console and AMS server, it isn’t detected by the “Computer with Agents” group, and the policies and license don’t get sent to the netserver client.
Possible cause 1 - You’re not meant to install the client on the same box as the AMS/ADNM console, if so does the AMS protect the server itself?
Possible cause 2 - We have a 500 user license of Avast Enterprise Suite, covering 450 PC’s and 301 servers, all happy within the license, however we have 537 computers in AD, some of these won’t need avast, others are no longer on the system. Because of this some of the machines get the Key icon against them, indicating insufficient licenses, the ADNM/AMS server is one of these machines. Does the fact that the AMS has decided there’s no license for this particular machine stop it communicating with the machine, if so is there a way to change which machines get identified in this way?
Possible cause 1 - You're not meant to install the client on the same box as the AMS/ADNM console, if so does the AMS protect the server itself?
No, that’s not the case. You can (of course) push the protection to the AMS itself, too (not really a remote install in this case - but it should still work).
Possible cause 2 - We have a 500 user license of Avast Enterprise Suite, covering 450 PC's and 301 servers
Is “301 servers” a typo? Normally, a 500 license Suite would cover 51 servers only.
.. all happy within the license, however we have 537 computers in AD, some of these won't need avast, others are no longer on the system. Because of this some of the machines get the Key icon against them, indicating insufficient licenses, the ADNM/AMS server is one of these machines. Does the fact that the AMS has decided there's no license for this particular machine stop it communicating with the machine, if so is there a way to change which machines get identified in this way?
Yes, this might be the cause. If there’s a key icon on this particular machine, it means that the AMS will refuse to communicate with it.
The remedy in this case is quite simple: delete the machines that really don’t need avast from the console (especially those that do NOT have the key icon). This will basically allow the remaining machines to get the green icon and start communicating.
If (for some reason) you want to have even these unprotected machines in the Catalog, that’s fine, too. Just remove them for now, and once all your machines covered by avast starting communicating, you can add them back. This will work because of the way the AMS distributes the icon keys: when doing so, it prefers those machines that never communicated with the server (i.e. never had avast installed), or those that have the “last communication” property set to oldest dates (i.e. haven’t communicated for a long time).
Yes 301 was a typo, should have been 31 - just shows you can’t trust the spell checker for everything!!!
The only down side at the moment is we don’t have completely accurate records of our hadware, so I don’t know exactly which machines don’t exist on the network any more, even though they have Active Directory computer accounts.
Since we’re having to manually install avast on them all we’re doing an audit while we’re at it. I will just have to randomly delete accounts until we’ve got all the PC’s covered with avast.