Loading...

Knowledge Center


How to connect a standalone deployment of non-Windows Solidcore client for Application Control / Change Control to ePO
Technical Articles ID:   KB73661
Last Modified:  7/5/2018

Environment

McAfee Application Control  (MAC) 6.1.x
McAfee Change Control (MCC) 6.1.x, 5.1.x
McAfee ePolicy Orchestrator (ePO) 5.x, 4.x

AIX
HPUX
Linux
Solaris

Summary

This article explains how to connect the Solidcore agent for MAC and MCC 6.1.x with ePO when deployed using third-party tools.

Solution

MAC/MCC 5.1.x client
  1. Deploy McAfee Agent from ePO to the system that hosts the Solidcore agent (MAC/MCC).
  2. If the Solidcore agent (MAC/MCC) is in:
    • Disable Mode: Proceed to step 3.
    • Enable Mode: Switch the state from Enable to Update mode using the sadmin bu command.
       
  3. Start a Terminal session.
  4. Navigate to: /etc/McAfee/solidcore/
  5. Edit solidcore.conf and set the property IsSystemControllerEPO to 1.
  6. Restart the scsrvc service using the appropriate command:
     
    Platform Command
    Solaris, Linux etc/init.d/scsrvc restart
    AIX /etc/scsrvc restart
    HPUX /sbin/init.d/scsrvc restart
  7. End Update Mode using the sadmin eu command.
    NOTE: This must be done if the state of the Solidcore agent (MAC/MCC) was changed from Enabled to Update mode in step 2.
     
  8. Run the following command: 
    sadmin lockdown
     
  9. Notify McAfee Agent to reload the Solidcore Plugin library using the appropriate command:
     
    Platform Command
    Solaris /etc/init.d/cma reload SOLIDCOR5000_SLR
    Linux /etc/init.d/cma reload SOLIDCOR5000_LNX
    AIX /etc/rc.d/rc2.d/Scma reload SOLIDCOR5000_AIX
    HPUX /sbin/init.d/cma reload SOLIDCOR5000_HPX

      

MAC/MCC 6.1.x client
 

Scenario 1: Solidcore 6.1.X (MAC/MCC) is already installed and enabled on the host.

 

  1. Change to Update mode.
    NOTE: This is required only with an MAC license, and not with an MCC license.
  2. Deploy McAfee Agent from ePO to the system that hosts the Solidcore agent (MAC/MCC).
  3. Change to Enable mode by End Update. (This is required only with MAC license and not with MCC license).
  4. Change from Enable mode to Disable mode using the sadmin disable command.
  5. Restart the scsrvc service using the etc/init.d/scsrvc restart command.
  6. Run the following command: sadmin lockdown.
  7. Notify McAfee Agent to reload the Solidcore Plugin library using the appropriate command (Linux:  /etc/init.d/cma reload SOLIDCOR5000_LNX).
    NOTE: MA will connect to ePO at the next agent server communication interval (ASCI). In MA 4.6 and later, you can force ASCI immediately by running the following command: /opt/McAfee/cma/bin/cmdagent –P.

Scenario 2: Solidcore 6.1.X (MAC/MCC) is already installed, but License is not yet added.

  1. Deploy McAfee Agent from ePO to the system that hosts the Solidcore agent (MAC/MCC).
  2. Restart the scsrvc service using the etc/init.d/scsrvc restart command.
  3. Run the following command: sadmin lockdown.
  4. Notify McAfee Agent to reload the Solidcore Plugin library using the appropriate command (Linux:  /etc/init.d/cma reload SOLIDCOR5000_LNX).
    NOTE: MA will connect to ePO at the next agent server communication interval (ASCI). In MA 4.6 and later, you can force ASCI immediately by running the following command: /opt/McAfee/cma/bin/cmdagent –P.
  5. Enable the product and refer to Solidcore ePO Product Guide to enable MAC/MCC.

Scenario 3: Fresh deployment (Solidcore is not already installed).

  1. Install MA on the endpoint.
  2. Install the Solidcore 6.1.x build on the endpoint.
  3. Lockdown CLI using sadmin lockdown.
  4. Enable the product from ePO. (Refer to Solidcore Product Guide.)

Steps to validate:

Solidcore client:

  • Sadmin status.
  • ePO Managed: Yes
  • Local CLI access: Lockdown
  • Scevtgen service running. Ps –eaf | grep scevtgen

 

ePO:

  • Solidcore properties are visible on ePO.

 

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.