McAfee Agent Tray Icon Not Visible

Under certain conditions the McAfee Agent icon (McTray) does not appear in the Windows system tray — this is seen most often when connected to a host through the Microsoft Remote Desktop Protocol (RDP). This creates an issue when trying to troubleshoot McAfee issues remotely.

The easiest (and only) solution I have found is to start McTray application manually by running the following command:

cmdagent -s

The cmdagent executable can be found in one of the following locations, depending on the version and architecture of McAfee Agent installed on the system:

C:\Program Files (x86)\McAfee\Common Framework\
C:\Program Files\McAfee\Agent

There are also a few other command line options available through the cmdagent executable:

cmdagent -P Collect and send properties
cmdagent -E Enforce Policies
cmdagent -C Check for new polices/tasks
cmdagent -S Show agent monitor GUI
cmdagent -F Forward events

Time Configuration In A Microsoft Windows Domain

Time synchronization is one of the most important settings for a Windows domain — The time has to be as close as possible between all domain controllers and member servers-workstations. Correct (and reliable) time is most crucial for Kereberos V5 authentication (to prevent “replay attacks”) and is pre-configured with a maximum tolerance of 5 minutes.

The Windows Time service (w32time) handles time synchronization operations and will perform a synchronization at service startup and periodically while the system is running.

Note: All commands listed here-in should be run from an elevated (administrative) Command Prompt window.

Microsoft recommends that the domain controller hosting the PDC emulator (FSMO) role be designated as the master time server for the domain and configured to synchronize with a reliable time source (i.e. NTP server, GPS clock):

w32tm /config /manualpeerlist:{server list} /syncfromflags:manual /reliable:yes /update

net stop w32time
net start w32time

The server list can include both IP addresses or host names — if more than one server is to be added the server list should be encapsulated in quotes and each entry should be separated by a single space (i.e. “time-server-a time-server-b time-server-c”).

In the default configuration all peer domain controllers will synchronize with the domain controller hosting the PDC emulator (FSMO) role and all member servers-workstations will synchronize with the domain controller used for authentication. For systems no longer using the default Windows Time service configuration or for those systems not synchronizing correctly, the Windows Time service defaults should be restored:

net stop w32time</p>
w32tm /unregister
w32tm /register

net start w32time

To check the status of the Windows Time service:

w32tm /query /status

For force the Windows Time service to perform an immediate resynchronization:

w32tm /resync

To reset the Windows Time service on a domain controller loosing the PDC emulator (FSMO) role:

w32tm /config /syncfromflags:domhier /reliable:no /update</p>
net stop w32time
net start w32time

Clearing The NetBackup Host Cache

I recently had an issue where after changing the IP address of a host, the installed NetBackup Client application would no longer communicate with its configured Media Server. DNS was updated, the client was rebooted, host files were correct and basic connectivity (Ping) was tested, but NetBackup just refused to work.

After some research, I found that starting with NetBackup 7.0.1 host name to IP address mappings are cached for a period of one-hour in an attempt to minimize delays caused by repeated resolution requests. It should be noted that both successful and unsuccessful resolutions are cached!

NetBackup includes the following command to help with cache issues which cleared things up rather quickly…

cd /usr/openv/netbackup/bin/admincmd
bpclntcmd -clear_host_cache

For NetBackup 7.0.1 and above, this command will remove all the entries in the on-disk host cache; the in-memory cache will refresh only when individual entries exceed their life span (or all NetBackup processes are restarted on the requesting host).

For NetBackup 7.1 and above, clearing the on-disk cache will result in an update to the in-memory cache after 10 seconds.

Original article: http://www.symantec.com/business/support/index?page=content&id=TECH136792

Socket Communication With PowerShell Primer

$IPAddress = "127.0.0.1"
$TelnetPort = "23"
$OutputFile = "X:\Telnet.txt"

$Sock = New-Object System.Net.Sockets.TcpClient($IPAddress, $TelnetPort)

If ($Sock)
{
$Stream   = $Sock.GetStream()

$Writer   = New-Object System.IO.StreamWriter($Stream)
$Buffer   = New-Object System.Byte[] 1024
$Encoding = New-Object System.Text.AsciiEncoding

$Writer.WriteLine("text")
$Writer.Flush()

Start-Sleep -Seconds 1

While($Stream.DataAvailable)
{
$Read = $Stream.Read($Buffer, 0, 1024)
$Result += ($Encoding.GetString($Buffer, 0, $Read))
}

$Result | Out-File $OutputFile

$Result   = $Null
$Stream   = $Null
$Writer   = $Null
$Sock     = $Null
$Encoding = $Null
$Buffer   = $Null
}
Else
{
Write-Host "Unable to connect!"
}