Troubleshooting Disconnected Agents (Windows)
search cancel

Troubleshooting Disconnected Agents (Windows)

book

Article ID: 286690

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • Endpoints are showing as Disconnected in the Console under Assets > Computers.
  • Endpoints are not showing in the Console under Assets > Computers.
  • Endpoints are experiencing general communication issues with the App Control Server.
  • Agents have stopped checking in with the App Control Server.

Environment

  • App Control Agent: All Supported Versions
  • App Control Server: All Supported Versions
  • Microsoft Windows: All Supported Versions

Cause

There are many reasons why an Agent could have difficulties communicating with the App Control Server.

Resolution

  1. Verify the Agent Communication Certificate:
    1. Log in to the Console and navigate to Settings > System Configuration > Security.
    2. Verify the following details:
      • Common Name should match the Server Address from the General tab.
      • Expiration Date is in the future.
      • Matching Certificate listed in Trusted Communication Certificates and Trusted.
      • If necessary: Replace the Server Certificate
    3. If Certificate Verification is enabled the Agent Communication Certificate may need to be imported on the endpoint(s).
  2. On the endpoint, verify the following items:
    1. Manually restart the Agent via the command line to be sure it is fully running.
    2. Use a command prompt to issue the following commands: 
      cd "C:\Program Files (x86)\Bit9\Parity Agent\
      dascli server
    3. If the Server Address does not match the Common Name in Step 1, either:
    4. If the Server Address matches, test network connectivity between the endpoint and the Server Address.
    5. Verify the TLS & Cipher Suites enabled in the Operating System on the endpoint match those enabled on the application server.
  3. Verify the Agent does not show in Duplicate Computers.
  4. If using Active Directory Policy Mapping, verify Slow Lookups are not contributing to the issue.
  5. If the issue persists, collect the Disconnected Agent Logs and open a case with Support.
Powered by Wolken Software