Agents are showing offline after installing about tacticalrmm HOT 44 CLOSED

most likely the salt-minion is not properly installed
you need a certain KB on windows 7 / 2008R2 for salt to install properly (if you have the latest windows updates it should already be installed)
it's the same KB needed to install python3 as well
check this GAM-team/got-your-back#250

look in windows services for "salt-minion" and see if it's running
try starting the salt-minion in debug mode it probably will error out
salt-minion -l debug from elevated command prompt

from tacticalrmm.

It did appear to install and the service is running. I will check for updates this evening.

Should I remove and reinstall the agent from scratch afterward?

from tacticalrmm.

there is a delay from when you install the agent until it shows up properly in the web interface, usually 2 to 5 minutes
if you see the last response as 51 years ago it means the the agent has been added but not all the info has been fully synced yet, that happens after the install finishes in the background through the salt-minion. so when you see that don't worry, just give it some time and refresh the web and it will eventually appear properly.

the installer will warn you though if salt does not properly install
But at the end of the installation if you see the message ""Installation was successfull." then you should be fine

also from the command line on the VPS where the rmm is installed, run sudo salt-key and make sure it does not show any unaccepted keys, if so then for those agents you should uninstall and reinstall, or you can manually accept the key with sudo salt-key -y -A and then run sudo salt \* saltutil.sync_modules but I would recommend just reinstalling

from tacticalrmm.

Yup saw Installation was successful on the ones that are acting up. Waited for quiet a while the agents are now red.
Will check out the salt-key command as well.

from tacticalrmm.

that's weird, so maybe it's not salt
run sudo salt \* test.ping and see if those minions return or if they timeout

check the windows service named "tacticalagent" lmk if it's running, that's the one that sends a https post request to the RMM every 30 to 120 seconds but if it can't reach the RMM then the rmm will think it's offline and will show yellow first and then red

from tacticalrmm.

Looks like the ones in question were unaccepted keys. I created the installer and gave it a 24 hour expiration so I have time to resolve it.

The ping test returned all normal as well.

from tacticalrmm.

ok let me know how it goes. the installer command doesn't matter you can just generate a new token and copy and paste the token into the original command that's all that changes

from tacticalrmm.

Thanks, that did fix the issue with all of them but one old Windows 7 Pro SP1 computer. Its a dog with fleas and has 2GB of RAM (used as a timeclock currently).

It does partially install tacticalrmm.exe but says that its not compatible with the version of Windows you're running. It is a 32bit version of Windows 7, but I have other 32 bit versions that did install correctly.

If you haven't run into this before and don't know the fix, I'm not going to stress over it. The computer does have all the Windows updates applied to it that were available.

Other RMMs have installed without issue (Bluetrait.io, SyncroMSP, etc.).

Thanks for all the help!

from tacticalrmm.

ok great

Ah my bad, the agent currently only works on 64 bit, was not even thinking the computer might be 32 bit. I actually did run into that once before a while ago but I figured no one uses 32 bit anymore lol. I'll see about making a 32 bit version of the agent.

from tacticalrmm.

Another weird one. I have the agent installed on three of the same model computer running Windows 10 Pro.
Two are working correctly. One never completes reporting and then goes to yellow/red. Rebooting the computer brings it back to repeat the same cycle.
I did remove the agent from RMM and from the computer. Then I rebooted and reinstalled.
Did the checks you mentioned above and everything looks good. I can also ping my hosts api., rmm., etc.
Mesh stays active and I can connect with that.

from tacticalrmm.

the next agent release will have optional debug logging so we can see exactly what the error is i'll let you know once that's released should be in the next few days

from tacticalrmm.

Sounds good! Thanks for the help.

from tacticalrmm.

@rtwright68 new agent is out with optional verbose logging so we can see what's happening, instructions are here https://github.com/wh1te909/winagent/releases/tag/v0.10.1

from tacticalrmm.

Thanks! Here is the output showing the error from the first command. The second one came back without an error.
2020-08-17 05:34:36,598 - winagentsvc - run - 17 - INFO - Agent service started.
2020-08-17 05:34:49,305 - winagentsvc - run - 37 - DEBUG - {'agent_id': '45975A80-AAE1-11E7-AAF5-402E60772100|MAB-MJ05Z3T7', 'hostname': 'MAB-MJ05Z3T7', 'operating_system': 'Microsoft Windo
ws 10 Pro, 64bit (build 18363)', 'total_ram': 8, 'plat': 'windows', 'plat_release': 'windows-10', 'version': '0.10.1', 'antivirus': 'webrootsecureanywhere', 'boot_time': 1597396117.8113563,
'salt_ver': '1.0.3'}
2020-08-17 05:34:49,308 - connectionpool - _new_conn - 939 - DEBUG - Starting new HTTPS connection (1): api.xxx.xxxxx:443
2020-08-17 05:34:49,656 - connectionpool - _make_request - 433 - DEBUG - https://api.xxx.xxxxx:443 "PATCH /api/v1/update/ HTTP/1.1" 200 4
2020-08-17 05:34:54,795 - winagentsvc - run - 79 - DEBUG - [WinError 2] The system cannot find the file specified: '(originated from QueryServiceConfig2W)'

from tacticalrmm.

thanks looks like it's failing trying to get the windows services

can you try the following?

open cmd as admin

cd c:\salt\bin
python
import psutil
[svc.as_dict() for svc in psutil.win_service_iter()]

you should get a ton of output with a list of services, something like this screenshot

from tacticalrmm.

Here is the output:
Python 3.7.7 (tags/v3.7.7:d7c567b08f, Mar 10 2020, 10:41:24) [MSC v.1900 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.

import psutil
[svc.as_dict() for svc in psutil.win_service_iter()]
Traceback (most recent call last):
File "", line 1, in
File "", line 1, in
File "C:\salt\bin\lib\site-packages\psutil_pswindows.py", line 600, in as_dict
d['description'] = self.description()
File "C:\salt\bin\lib\site-packages\psutil_pswindows.py", line 588, in description
return py2_strencode(cext.winservice_query_descr(self.name()))
FileNotFoundError: [WinError 2] The system cannot find the file specified: '(originated from QueryServiceConfig2W)'

from tacticalrmm.

thanks and what about trying this (open python shell first like before)

import wmi
c = wmi.WMI()
for svc in c.Win32_Service():
    print(svc) # indent this by hitting tab before you type this line then hit enter twice

from tacticalrmm.

That brought up a list of services.

Last item in the list:

instance of Win32_Service
{
AcceptPause = FALSE;
AcceptStop = TRUE;
Caption = "Tactical RMM Check Runner";
CheckPoint = 0;
CreationClassName = "Win32_Service";
DelayedAutoStart = FALSE;
Description = "Tactical RMM Check Runner";
DesktopInteract = FALSE;
DisplayName = "Tactical RMM Check Runner";
ErrorControl = "Normal";
ExitCode = 0;
Name = "checkrunner";
PathName = ""C:\Program Files\TacticalAgent\nssm.exe"";
ProcessId = 25608;
ServiceSpecificExitCode = 0;
ServiceType = "Own Process";
Started = TRUE;
StartMode = "Auto";
StartName = "LocalSystem";
State = "Running";
Status = "OK";
SystemCreationClassName = "Win32_ComputerSystem";
SystemName = "MAB-MJ05Z3T7";
TagId = 0;
WaitHint = 0;
};

from tacticalrmm.

kk can you extract this zip (github won't let me upload straight python files) and put the servicetest.py file in c:\salt\bin then from that directory run python.exe servicetest.py

servicetest.zip

or just create a file named servicetest.py here's the code

import psutil

errors = []

for svc in psutil.win_service_iter():
    try:
        print(svc.description())
    except Exception as e:
        errors.append(str(e))

print("-"*100)
print(errors) if errors else "No errors"

from tacticalrmm.

Ran and here is the output:

C:\salt\bin>python.exe servicetest.py
Adobe Acrobat Updater keeps your Adobe software up to date.
Routes AllJoyn messages for the local AllJoyn clients. If this service is stopped the AllJoyn clients that do not have their own bundled routers will be unable to run.
Provides support for 3rd party protocol plug-ins for Internet Connection Sharing
Determines and verifies the identity of an application. Disabling this service will prevent AppLocker from being enforced.
Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications wit
h the additional administrative privileges they may require to perform desired user tasks.
Processes installation, removal, and enumeration requests for software deployed through Group Policy. If the service is disabled, users will be unable to install, remove,
or enumerate software deployed through Group Policy. If this service is disabled, any services that explicitly depend on it will fail to start.
Gets apps ready for use the first time a user signs in to this PC and when adding new apps.
Manages App-V users and virtual applications
Provides infrastructure support for deploying Store applications. This service is started on demand and if disabled Store applications will not be deployed to the system,
and may not function properly.
AssignedAccessManager Service supports kiosk experience in Windows.
Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any s
ervices that explicitly depend on it will fail to start
Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services tha
t explicitly depend on it will fail to start
This service sets time based on NITZ messages from a Mobile Network
Provides User Account Control validation for the installation of ActiveX controls from the Internet and enables management of ActiveX control installation based on Group P
olicy settings. This service is started on demand and if disabled the installation of ActiveX controls will behave according to default browser settings.
BDESVC hosts the BitLocker Drive Encryption service. BitLocker Drive Encryption provides secure startup for the operating system, as well as full volume encryption for OS,
fixed or removable volumes. This service allows BitLocker to prompt users for various actions related to their volumes when mounted, and unlocks volumes automatically wit
hout user interaction. Additionally, it stores recovery information to Active Directory, if available, and, if necessary, ensures the most recent recovery certificates are
used. Stopping or disabling the service would prevent users from leveraging this functionality.
The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disablin
g the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.
Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explor
er, will be unable to automatically download programs and other information.
Windows infrastructure service that controls which background tasks can run on the system.
Service supporting the audio gateway role of the Bluetooth Handsfree Profile.
This is Audio Video Control Transport Protocol service
The Bluetooth service supports discovery and association of remote Bluetooth devices. Stopping or disabling this service may cause already installed Bluetooth devices to
fail to operate properly and prevent new devices from being discovered or associated.
Provides facilities for managing UWP apps access to app capabilities as well as checking an app's access to specific app capabilities
This service is used for Connected Devices Platform scenarios
Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader,
and, if needed, installs the smart card Plug and Play minidriver.
‪Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during
the use of any Microsoft Office program, during initial streaming installation and all subsequent updates.‬
Provides infrastructure support for the Microsoft Store. This service is started on demand and if disabled applications bought using Windows Store will not behave correctl
y.
Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly.
If this service is disabled, any services that explicitly depend on it will fail to start.
Manages communication between system components.
Intel(R) Content Protection HECI Service - enables communication with the Content Protection FW
Intel(R) Content Protection HDCP Service - enables communication with Content Protection HDCP HW
Provides three management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Servic
e, which adds and removes Trusted Root Certification Authority certificates from this computer; and Automatic Root Certificate Update Service, which retrieves root certifi
cates from Windows Update and enable scenarios such as SSL. If this service is stopped, these management services will not function properly. If this service is disabled,
any services that explicitly depend on it will fail to start.
The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API,
and dispatches interesting events to those interested in Offline Files activities and changes in cache state.
The DCOMLAUNCH service launches COM and DCOM servers in response to object activation requests. If this service is stopped or disabled, programs using COM or DCOM will not
function properly. It is strongly recommended that you have the DCOMLAUNCH service running.
Helps the computer run more efficiently by optimizing files on storage drives.
Enables pairing between the system and wired or wireless devices.
Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
Enables apps to discover devices with a backgroud task
Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If t
his service is disabled, any services that explicitly depend on it will fail to start.
Diagnostics Hub Standard Collector Service. When running, this service collects real time ETW events and processes them.
Executes diagnostic actions for troubleshooting support
The Connected User Experiences and Telemetry service enables features that support in-application and connected user experiences. Additionally, this service manages the ev
ent driven collection and transmission of diagnostic and usage information (used to improve the experience and quality of the Windows Platform) when the diagnostics and us
age privacy option settings are enabled under Feedback and Diagnostics.
Manages the connection and configuration of local and remote displays
A service for managing display enhancement such as brightness control.
Performs Device Enrollment Activities for Device Management
Routes Wireless Application Protocol (WAP) Push messages received by the device and synchronizes Device Management sessions
The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will c
ontinue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any service
s that explicitly depend on it will fail to start.
Performs content delivery optimization tasks
The Wired AutoConfig (DOT3SVC) service is responsible for performing IEEE 802.1X authentication on Ethernet interfaces. If your current wired network deployment enforces 8
02.1X authentication, the DOT3SVC service should be configured to run for establishing Layer 2 connectivity and/or providing access to network resources. Wired networks th
at do not enforce 802.1X authentication are unaffected by the DOT3SVC service.
The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer fun
ction.
Enables the detection, download and installation of device-related software. If this service is disabled, devices may be configured with outdated software, and may not wor
k correctly.
Provides data brokering between applications.
Network data usage, data limit, restrict background data, metered networks.
The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NA
P). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication pro
cess. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.
Keeps your Microsoft software up to date. If this service is disabled or stopped, your Microsoft software will not be kept up to date, meaning security vulnerabilities tha
t may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Microsoft software using it.
Keeps your Microsoft software up to date. If this service is disabled or stopped, your Microsoft software will not be kept up to date, meaning security vulnerabilities tha
t may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Microsoft software using it.
Provides the core file encryption technology used to store encrypted files on NTFS file system volumes. If this service is stopped or disabled, applications will be unable
to access encrypted files.
The Embedded Mode service enables scenarios related to Background Applications. Disabling this service will prevent Background Applications from being activated.
Enables enterprise application management.
This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can d
isplay events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.
Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service i
s stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail
to start.
Manages the event trace messages for all the Intel® PROSet/Wireless Software components.
Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.
The FDPHOST service hosts the Function Discovery (FD) network discovery providers. These FD providers supply network discovery services for the Simple Services Discovery P
rotocol (SSDP) and Web Services – Discovery (WS-D) protocol. Stopping or disabling the FDPHOST service will disable network discovery for these protocols when using FD. Wh
en this service is unavailable, network services using FD and relying on these discovery protocols will be unable to find network devices or resources.
Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer b
e published and they will not be discovered by other computers on the network.
Protects user files from accidental loss by copying them to a backup location
Optimizes performance of applications by caching commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doi
ng so will degrade application performance.
Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not alrea
dy running. It can be disabled, though doing so will degrade the performance of WPF applications.
Enables multiple clients to access video frames from camera devices.

The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is disabled, th
e settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy
component might not be functional if the service is disabled.
Graphics performance monitor service
Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may
arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may
arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
Turns off hiberfile caching in Intel(R) RST driver.
Activates and maintains the use of hot buttons on keyboards, remote controls, and other multimedia devices. It is recommended that you keep this service running.
Provides an interface for the Hyper-V hypervisor to provide per-partition performance counters to the host operating system.
Enables amazing system performance and responsiveness by accelerating frequently used files
Provides storage event notification and manages communication between the storage driver and user space applications.
Provides the ability to share a cellular data connection with another device.
Service for Intel(R) HD Graphics Control Panel
The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and
key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typical
ly configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. I
t is strongly recommended that you have the IKEEXT service running.
The Lenovo System Interface Foundation Service provides interfaces for key features such as: system power management, system optimization, driver and application updates,
and system settings to Lenovo applications including Lenovo Companion, Lenovo Settings and Lenovo ID. If you disable this service, Lenovo applications will not work proper
ly.
Provides infrastructure support for the Microsoft Store. This service is started on demand and if disabled then installations will not function properly.
Version: 1.60.155.0
Version: 1.60.155.0
Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not hav
e the enhanced connectivity benefits that these technologies offer.
Configures and enables translation from v4 to v6 and vice versa
Intel(R) Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel (R) DAL
The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required
by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.
Coordinates transactions between the Distributed Transaction Coordinator (MSDTC) and the Kernel Transaction Manager (KTM). If it is not needed, it is recommended that this
service remain stopped. If it is needed, both MSDTC and KTM will start this service automatically. If this service is disabled, any MSDTC transaction interacting with a K
ernel Resource Manager will fail and any services that explicitly depend on it will fail to start.
Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabl
ed, any services that explicitly depend on it will fail to start.
Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this servi
ce is disabled, any services that explicitly depend on it will fail to start.
LenovoVantageService
This service monitors the current location of the system and manages geofences (a geographical location with associated events). If you turn off this service, application
s will be unable to use or receive notifications for geolocation or geofences.
Provides infrastructure support for the Microsoft Store. This service is started on demand and if disabled then content acquired through the Microsoft Store will not func
tion properly.
Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Netwo
rk Map will not function properly.
Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and lo
g on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to
start.
Intel(R) Management and Security Application Local Management Service - Provides OS-related Intel(R) ME functionality.
Core Windows Service that manages local user sessions. Stopping or disabling this service will result in system instability.
Provides infrastructure support for deploying and configuring localized Windows resources. This service is started on demand and, if disabled, additional Windows languages
will not be deployed to the system, and Windows may not function properly.
Windows service for application access to downloaded maps. This service is started on-demand by application accessing downloaded maps. Disabling this service will prevent
apps from accessing maps.
Keeps Microsoft Edge up to update. If this service is disabled, the application will not be kept up to date.
Enables Mixed Reality OpenXR runtime functionality
Windows Defender Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.
Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will fai
l. If this service is disabled, any services that explicitly depend on it will fail to start.
Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSC
SI targets. If this service is disabled, any services that explicitly depend on it will fail to start.
Adds, modifies, and removes applications provided as a Windows Installer (*.msi, *.msp) package. If this service is disabled, any services that explicitly depend on it wil
l fail to start.

Signal aggregator service, that evaluates signals based on time, network, geolocation, bluetooth and cdf factors. Supported features are Device Unlock, Dynamic Lock and Dy
namo MDM policies
Provides DirectAccess status notification for UI components
Brokers connections that allow Windows Store Apps to receive notifications from the internet.
Network Connected Devices Auto-Setup service monitors and installs qualified devices that connect to a qualified network. Stopping or disabling this service will prevent W
indows from discovering and installing qualified network connected devices automatically. Users can still manually add network connected devices to a PC through the user i
nterface.

Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenti
cate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.
Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.
The Network Setup Service manages the installation of network drivers and permits the configuration of low-level network settings. If this service is stopped, any driver
installations that are in-progress may be cancelled.
Provides ability to share TCP ports over the net.tcp protocol.
Manages local user identity keys used to authenticate user to identity providers as well as TPM virtual smart cards. If this service is disabled, local user identity keys
and TPM virtual smart cards will not be accessible. It is recommended that you do not reconfigure this service.
Provides process isolation for cryptographic keys used to authenticate to a user’s associated identity providers. If this service is disabled, all uses and management of t
hese keys will not be available, which includes machine logon and single-sign on for apps and websites. This service starts and stops automatically. It is recommended that
you do not reconfigure this service.
Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration informatio
n might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If
this service is disabled, any other services that explicitly depend on this service will fail to start.
Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.
Provides identity services for the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services. If disabled, the Peer Name Resolution Protocol (PNRP) and Peer
-to-Peer Grouping services may not function, and some applications, such as HomeGroup and Remote Assistance, may not function correctly.
Enables multi-party communication using Peer-to-Peer Grouping. If disabled, some applications, such as HomeGroup, may not function.
Monitors the state of your computer.
This service provides support for the Program Compatibility Assistant (PCA). PCA monitors programs installed and run by the user and detects known compatibility problems.
If this service is stopped, PCA will not function properly.
This service caches network content from peers on the local subnet.
Enables spatial perception simulation, virtual camera management and spatial input simulation.
Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs. If this service is stopped, only local users and 32-bit processes will be
able to query performance counters provided by 32-bit DLLs.
Manages the telephony state on the device
Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers
an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to st
art.
Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.

This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer'
Enables serverless peer name resolution over the Internet using the Peer Name Resolution Protocol (PNRP). If disabled, some peer-to-peer and collaborative applications, su
ch as Remote Assistance, may not function.
Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay pr
otection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may
experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Defender Firewall is not available when this
service is stopped.
Manages power policy and power policy notification delivery.
This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully sign in or sign o
ut, apps might have problems getting to users' data, and components registered to receive profile event notifications won't receive them.
Provides infrastructure support for the Microsoft Store. This service is started automatically and if disabled then remote installations will not function properly.
Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming perfor
mance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement,
application feedback, and traffic prioritization.
Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that e
xplicitly depend on it will fail to start.
Provides registry access to all Intel® PROSet/Wireless Software components
The SimpleHelp Remote Access Service registers this machine with a SimpleHelp server in order to facilitate remote support.
Offers routing services to businesses in local area and wide area network environments.
Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service
is disabled, any services that explicitly depend on it will fail to start.
The Retail Demo service controls device activity while the device is in retail demo mode.
Radio Management and Airplane Mode Service
Resolves RPC interfaces identifiers to transport endpoints. If this service is stopped or disabled, programs using Remote Procedure Call (RPC) services will not function p
roperly.
In Windows 2003 and earlier versions of Windows, the Remote Procedure Call (RPC) Locator service manages the RPC name service database. In Windows Vista and later versions
of Windows, this service does not provide any functionality and is present for application compatibility.
The RPCSS service is the Service Control Manager for COM and DCOM servers. It performs object activations requests, object exporter resolutions and distributed garbage col
lection for COM and DCOM servers. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have t
he RPCSS service running.
RPC service, which allows communication between driver and Windows Store Application
Realtek Audio Universal Service
The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other service
s in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled.
Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any service
s that explicitly depend on it will fail to start.
Creates software device nodes for all smart card readers accessible to a given session. If this service is disabled, WinRT APIs will not be able to enumerate smart card re
aders.
Enables a user to configure and schedule automated tasks on this computer. The service also hosts multiple Windows system-critical tasks. If this service is stopped or dis
abled, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Allows the system to be configured to lock the user desktop upon smart card removal.
Provides Windows Backup and Restore capabilities.
Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any service
s that explicitly depend on it will fail to start.
Windows Security Service handles unified device protection and health information
Manages payments and Near Field Communication (NFC) based secure elements.
Monitors system events and notifies subscribers to COM+ Event System of these events.
Windows Defender Advanced Threat Protection service helps protect against advanced threats by monitoring and reporting security events that happen on the computer.
Delivers data from a variety of sensors
A service for sensors that manages different sensors' functionality. Manages Simple Device Orientation (SDO) and History for sensors. Loads the SDO sensor that reports dev
ice orientation changes. If this service is stopped or disabled, the SDO sensor will not be loaded and so auto-rotation will not occur. History collection from Sensors wi
ll also be stopped.
Monitors various sensors in order to expose data and adapt to system and user state. If this service is stopped or disabled, the display brightness will not adapt to ligh
ting conditions. Stopping this service may affect other system functionality and features as well.
Remote Desktop Configuration service (RDCS) is responsible for all Remote Desktop Services and Remote Desktop related configuration and session maintenance activities that
require SYSTEM context. These include per-session temporary folders, RD themes, and RD certificates.
Monitors and attests to the integrity of the Windows platform.
Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
This service is used for Spatial Perception scenarios
Provides notifications for AutoPlay hardware events.
Manages profiles and accounts on a SharedPC configured device
Host service for the Microsoft Storage Spaces management provider. If this service is stopped or disabled, Storage Spaces cannot be managed.
Routes messages based on rules to appropriate clients.
Receives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this
computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly d
epend on it will fail to start.
Enables spatial perception, spatial input, and holographic rendering.
This service spools print jobs and handles interaction with the printer. If you turn off this service, you won’t be able to print or see your printers.
Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed
applications may run in a notification mode. It is strongly recommended that you not disable the Software Protection service.
Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer
. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start.
Agent to hold private keys used for public key authentication.
Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP
to access remote servers.
Provides required infrastructure support for the application model.
Provides image acquisition services for scanners and cameras
Provides enabling services for storage settings and external storage expansion
Verifies potential file system corruptions.
Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If
this service is disabled, any services that explicitly depend on it will fail to start.
Maintains and improves system performance over time.
Coordinates execution of background work for WinRT application. If this service is stopped or disabled, then background work might not be triggered.
Enables Touch Keyboard and Handwriting Panel pen and ink functionality
Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service.

Allows users to connect interactively to a remote computer. Remote Desktop and Remote Desktop Session Host Server depend on this service. To prevent remote use of this co
mputer, clear the checkboxes on the Remote tab of the System properties control panel item.
Provides user experience theme management.
Optimizes the placement of data in storage tiers on all tiered storage spaces in the system.
Coordinates execution of background work for WinRT application. If this service is stopped or disabled, then background work might not be triggered.
This service is used by Web Account Manager to provide single-sign-on to apps and services.
Maintains links between NTFS files within a computer or across computers in a network.
Enables automatic mitigation for known problems by applying recommended troubleshooting. If stopped, your device will not get recommended troubleshooting for problems on y
our device.
Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail
for this computer.
Automatically sets the system time zone.
Provides support for application and OS settings roaming
Allows the redirection of Printers/Drives/Ports for RDP connections
Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added.
If this service is disabled, any services that explicitly depend on it will fail to start.
User Manager provides the runtime components required for multi-user interaction. If this service is stopped, some applications may not operate correctly.
Manages Windows Updates. If stopped, your devices will not be able to download and install the latest updates.
Hosts spatial analysis for Mixed Reality audio simulation.
Provides secure storage and retrieval of credentials to users, applications and security service packages.
Provides management services for disks, volumes, file systems, and storage arrays.
Provides an interface for the Hyper-V host to interact with specific services running inside the virtual machine.
Monitors the state of this virtual machine by reporting a heartbeat at regular intervals. This service helps you identify running virtual machines that have stopped respon
ding.
Provides a mechanism to exchange data between the virtual machine and the operating system running on the physical computer.
Provides a platform for communication between the virtual machine and the operating system running on the physical computer.
Provides a mechanism to shut down the operating system of this virtual machine from the management interfaces on the physical computer.
Synchronizes the system time of this virtual machine with the system time of the physical computer.
Provides a mechanism to manage virtual machine with PowerShell via VM session without a virtual network.
Coordinates the communications that are required to use Volume Shadow Copy Service to back up applications and data on this virtual machine from the operating system on th
e physical computer.
Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may
fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this s
ervice is disabled, any services that explicitly depend on it will fail to start.
Enables remediation and protection of Windows Update components.
Hosts objects used by clients of the wallet
Provides a JIT out of process service for WARP when running with ACG enabled.
The WBENGINE service is used by Windows Backup to perform backup and recovery operations. If this service is stopped by a user, it may cause the currently running backup o
r recovery operation to fail. Disabling this service may disable backup and recovery operations using Windows Backup on this computer.
The Windows biometric service gives client applications the ability to capture, compare, manipulate, and store biometric data without gaining direct access to any biometri
c hardware or samples. The service is hosted in a privileged SVCHOST process.
Makes automatic connect/disconnect decisions based on the network connectivity options currently available to the PC and enables management of network connectivity based o
n Group Policy settings.
WCNCSVC hosts the Windows Connect Now Configuration which is Microsoft's Implementation of Wireless Protected Setup (WPS) protocol. This is used to configure Wireless LAN
settings for an Access Point (AP) or a Wireless Device. The service is started programmatically as needed.
The Diagnostic Service Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local Service context. If this service is stopped, any diag
nostics that depend on it will no longer function.
The Diagnostic System Host is used by the Diagnostic Policy Service to host diagnostics that need to run in a Local System context. If this service is stopped, any diagno
stics that depend on it will no longer function.
Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols
Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is di
sabled, any services that explicitly depend on it will fail to start.
This service manages persistent subscriptions to events from remote sources that support WS-Management protocol. This includes Windows Vista event logs, hardware and IPMI-
enabled event sources. The service stores forwarded events in a local Event Log. If this service is stopped or disabled event subscriptions cannot be created and forwarded
events cannot be accepted.
Windows Encryption Provider Host Service brokers encryption related functionalities from 3rd Party Encryption Providers to processes that need to evaluate and apply EAS po
licies. Stopping this will compromise EAS compliancy checks that have been established by the connected Mail Accounts
This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel.
Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and re
pair services. If this service is stopped, error reporting might not work correctly and results of diagnostic services and repairs might not be displayed.
Manages connections to wireless services, including wireless display and docking.
Launches applications associated with still image acquisition events.
Helps protect users from malware and other potentially unwanted software
WinHTTP implements the client HTTP stack and provides developers with a Win32 API and COM Automation component for sending HTTP requests and receiving responses. In additi
on, WinHTTP provides support for auto-discovering a proxy configuration via its implementation of the Web Proxy Auto-Discovery (WPAD) protocol.
Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most
Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote so
ftware and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a lis
tener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event
collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not d
epend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administr
ators should ensure that any websites hosted on IIS do not use the /wsman URL prefix.
Provides infrastructure support for the Windows Insider Program. This service must remain enabled for the Windows Insider Program to work.
The WLANSVC service provides the logic required to configure, discover, connect to, and disconnect from a wireless local area network (WLAN) as defined by IEEE 802.11 stan
dards. It also contains the logic to turn your computer into a software access point so that other devices or computers can connect to your computer wirelessly using a WLA
N adapter that can support this. Stopping or disabling the WLANSVC service will make all WLAN adapters on your computer inaccessible from the Windows networking UI. It is
strongly recommended that you have the WLANSVC service running if your computer has a WLAN adapter.
Enables user sign-in through Microsoft account identity services. If this service is stopped, users will not be able to logon to the computer with their Microsoft account.

This service provides profile management for subscriber identity modules
Performs management including Provisioning and Enrollment activities
Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data He
lper is activated.
Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play
This service syncs files with the Work Folders server, enabling you to use the files on any of the PCs and devices on which you've set up Work Folders.
Enforces parental controls for child accounts in Windows. If this service is stopped or disabled, parental controls may not be enforced.
Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content usi
ng removable mass-storage devices.
This service runs in session 0 and hosts the notification platform and connection provider which handles the connection between the device and WNS server.
Webroot SecureAnywhere Endpoint Protection v9.0.28.48
The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off), antivirus (on/o
ff/out of date), antispyware (on/off/out of date), Windows Update (automatically/manually download and install updates), User Account Control (on/off), and Internet settin
gs (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center
service. The Security and Maintenance UI uses the service to provide systray alerts and a graphical view of the security health states in the Security and Maintenance con
trol panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine d
ecisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system.
Provides content indexing, property caching, and search results for files, e-mail, and other content.
Enables the detection, download, and installation of updates for Windows and other programs. If this service is disabled, users of this computer will not be able to use Wi
ndows Update or its automatic updating feature, and programs will not be able to use the Windows Update Agent (WUA) API.
This service manages mobile broadband (GSM & CDMA) data card/embedded module adapters and connections by auto-configuring the networks. It is strongly recommended that thi
s service be kept running for best user experience of mobile broadband devices.
Provides authentication and authorization services for interacting with Xbox Live. If this service is stopped, some applications may not operate correctly.
This service syncs save data for Xbox Live save enabled games. If this service is stopped, game save data will not upload to or download from Xbox Live.
This service manages connected Xbox Accessories.
This service supports the Windows.Networking.XboxLive application programming interface.
Manages the zero configuration service for all the Intel® PROSet/Wireless Software components.
Runtime for activating conversational agent applications
This user service is used for Game Recordings and Live Broadcasts
The Bluetooth user service supports proper functionality of Bluetooth features relevant to each user session.
Enables optional screen capture functionality for applications that call the Windows.Graphics.Capture API.
This user service is used for Clipboard scenarios
This user service is used for Connected Devices Platform scenarios
Allows ConnectUX and PC Settings to Connect and Pair with WiFi displays and Bluetooth devices.
Credential Enrollment Manager
Enables apps to pair devices
This user service is used for managing the Miracast, DLNA, and DIAL UI
Allows ConnectUX and PC Settings to Connect and Pair with WiFi displays and Bluetooth devices.
Service supporting text messaging and related functionality.
This service synchronizes mail, contacts, calendar and various other user data. Mail and other applications dependent on this functionality will not work properly when thi
s service is not running.
Indexes contact data for fast contact searching. If you stop or disable this service, contacts might be missing from your search results.
Print Workflow
Handles storage of structured user data, including contact info, calendars, messages, and other content. If you stop or disable this service, apps that use this data might
not work correctly.
Provides apps access to structured user data, including contact info, calendars, messages, and other content. If you stop or disable this service, apps that use this data
might not work correctly.
This service hosts Windows notification platform which provides support for local and push notifications. Supported notifications are tile, toast and raw.
Bluetrait Agent

Salt Minion from saltstack.com
Tactical RMM Agent
Tactical RMM Check Runner

["[WinError 2] The system cannot find the file specified: '(originated from QueryServiceConfig2W)'"]

from tacticalrmm.

Perfect, so it's just one service that's erroring out, can you edit that file and replace with this code and run again. Trying to find the name of the bad service.

import psutil

for svc in psutil.win_service_iter():
    try:
        i = svc.description()
    except Exception as e:
        try:
            print(svc.name())
        except Exception as f:
            print(f)
    else:
        pass

from tacticalrmm.

Ahh, here is the one:

C:\salt\bin>python.exe servicetest.py
PrintNotify

C:\salt\bin>

from tacticalrmm.

ahaha ok cool can you post output of this

import wmi

c = wmi.WMI()

for svc in c.Win32_Service():
    if svc.Name.lower() == "printnotify":
        print(svc)

from tacticalrmm.

Here you go:

:\salt\bin>python.exe servicetest.py

instance of Win32_Service
{
AcceptPause = FALSE;
AcceptStop = FALSE;
Caption = "PrintNotify";
CheckPoint = 0;
CreationClassName = "Win32_Service";
DelayedAutoStart = FALSE;
DesktopInteract = TRUE;
DisplayName = "PrintNotify";
ErrorControl = "Normal";
ExitCode = 1077;
Name = "PrintNotify";
PathName = "C:\WINDOWS\system32\svchost.exe -k print";
ProcessId = 0;
ServiceSpecificExitCode = 0;
ServiceType = "Share Process";
Started = FALSE;
StartMode = "Manual";
StartName = "LocalSystem";
State = "Stopped";
Status = "OK";
SystemCreationClassName = "Win32_ComputerSystem";
SystemName = "MAB-MJ05Z3T7";
TagId = 0;
WaitHint = 0;
};

from tacticalrmm.

Amazing! Ok that is so weird. Here's what is looks like on my machine (notice how yours is missing the 'Description' field which is what the original error was). Have no idea why, that's just default service that comes with windows.

Anyway, I'll fix the function that gets services to just skip any missing fields so it won't error out. Will be in the next agent. Really appreciate your help with finding this bug!

instance of Win32_Service
{
        AcceptPause = FALSE;
        AcceptStop = FALSE;
        Caption = "Printer Extensions and Notifications";
        CheckPoint = 0;
        CreationClassName = "Win32_Service";
        DelayedAutoStart = FALSE;
        Description = "This service opens custom printer dialog boxes and handles notifications from a remote print server or a printer. If you turn off this service, you won’t be able to see printer extensions or notifications.";
        DesktopInteract = TRUE;
        DisplayName = "Printer Extensions and Notifications";
        ErrorControl = "Normal";
        ExitCode = 1077;
        Name = "PrintNotify";
        PathName = "C:\\WINDOWS\\system32\\svchost.exe -k print";
        ProcessId = 0;
        ServiceSpecificExitCode = 0;
        ServiceType = "Share Process";
        Started = FALSE;
        StartMode = "Manual";
        StartName = "LocalSystem";
        State = "Stopped";
        Status = "OK";
        SystemCreationClassName = "Win32_ComputerSystem";
        SystemName = "XLAP1";
        TagId = 0;
        WaitHint = 0;
};

from tacticalrmm.

Glad to help! I enjoy this stuff :-)
Really enjoying the RMM so far. Its great to have the integration with Mesh and be able to use really any client without the need for extra software to access. I'm using Simple-Help current and while I like the product I hate have to load something to access client stuff.

from tacticalrmm.

@rtwright68 fixed in the latest agent 0.10.2 just released. please try it out you can do an update from the web go to Agents > Update agents then give it a few min and lmk if it works

from tacticalrmm.

Thanks, I updated this morning, and it does show the option for the new agent when trying to perform an update. Unfortunately, none of the agents update (tried around 5:00AM this morning). Also tried to manually update several and no-go.

from tacticalrmm.

Ha sorry. The agent update from web will only target agents that are "online" aka showing the green wifi bar, but of course the bug here is that they're "offline" according to the rmm and therefore rmm is not even trying to send it the update command.

Can you try forcing the update from the cli like so? It will spawn a background task and return the pid so also give it a few min.

sudo salt \* saltutil.sync_modules
sudo salt \* win_agent.do_agent_update version="0.10.2" url="https://github.com/wh1te909/winagent/releases/download/v0.10.2/winagent-v0.10.2.exe"

How did you try to do the manual update? You first have to stop the 2 services sc stop tacticalagent && sc stop checkrunner and then just double click on winagent-v0.10.2.exe which will just extract and overwrite the Program Files folder then start those 2 services again.

from tacticalrmm.

I will try out the CLI option. They are not updating even with the online agents. So none of them are at this point.

from tacticalrmm.

Saw a tone of errors trying out the first sudo salt line.
Tried sc stop tacticalagent && sc stop checkrunner and then ran the winagent-v0.10.2.exe from the CLI which really didn't do anything. I then ran it from my laptop (I have the agent installed) and had to walk through the install.
Is there any way to run it through the CLI without interrupting my users?

from tacticalrmm.

if you don't want to walk thru install GUI just do winagent-v0.10.2.exe /VERYSILENT /SUPPRESSMSGBOXES from cli (after stopping the 2 services or else the old files will not be overwritten)

k so that explains why update from web not working, it uses salt api so if salt's not working neither will update

at this point i think you should just manually uninstall the agents giving you trouble

uninstall them from the web first (right click > remove agent) it will probably spin for a bit then say cannot contact the agent etc. just click yes to remove anyway. this will cleanup the old salt-keys and remove agent from database on the server.

then from the CLI on the agent, do

"C:\Program Files\TacticalAgent\unins000.exe" /VERYSILENT /SUPPRESSMSGBOXES

that will uninstall the tactical agent, mesh agent and salt-minion (might take 30 sec or so i think it returns immediately but still continues running in the background)

if the above uninstall works, these 3 directories should not exist anymore

C:\Program Files\TacticalAgent
C:\Program Files\Mesh Agent
C:\salt

if they do then just forcefully delete those dirs

then just install again fresh by generating a new command from the web

from tacticalrmm.

What's crazy is that none of the agents are updating. They are reporting just fine (as far as I can tell).

from tacticalrmm.

Ok, here is what I did on one of my servers that wasn't updating and it worked:

Transfered the new agent
sc stop tacticalagent && sc stop checkrunner
winagent-v0.10.2.exe /VERYSILENT /SUPPRESSMSGBOXES
(Waited a couple of minutes)
sc start tacticalagent && sc start checkrunner
Boom, agent started reflecting the new version.

from tacticalrmm.

ok so on that server, can you verify salt is working? just right click on agent and do a "Send Command" (that uses salt) and see if it works.

the update from the web literally does what you just did, just with python
downloads agent from github to C:\Windows\Temp, stops the 2 services, runs winagent...verysilent, waits 20 seconds, then starts the 2 services. it uses salt to do this in real time.

from tacticalrmm.

Ok, I sent a command ipconfig /all and it came back that it could not contact the agent.
Very odd.
Since none of them have upgraded on their own (they did with the .1 previous version), did something break once the .0 version?

from tacticalrmm.

no there were no breaking changes since 0.9.5, anyway the winagent could be running fine it has nothing to do with salt, so it could be checking in an reporting just fine but if the salt-minion is not working then alot of real time communication like send-command will not work

can you try just manually uninstalling from my steps above for this agent and reinstall fresh? want to see if salt will install properly now

from tacticalrmm.

Ok, did that on a couple servers, works its way through a fresh install and then shows the following:

Syncing modules failed: attempt 1 of 20

Goes all the way through 20 of 20 and fails.

Saw that with a brand new install today (never had TRMM on it before).
The previous update of the server I did this morning appeared to go through ok.

from tacticalrmm.

Re-downloaded the update.sh script and the following are the errors that are shown initially. It runs the rest of the way ok:

remote: Enumerating objects: 19, done.
remote: Counting objects: 100% (19/19), done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 19 (delta 16), reused 19 (delta 16), pack-reused 0
Unpacking objects: 100% (19/19), 2.42 KiB | 117.00 KiB/s, done.
From https://github.com/wh1te909/tacticalrmm

• branch develop -> FETCH_HEAD
  1020f0e..7dd9658 develop -> origin/develop
  warning: unable to access '/home/tactical/.config/git/attributes': Permission denied
  warning: unable to access '/home/tactical/.config/git/attributes': Permission denied
  warning: unable to access '/home/tactical/.config/git/attributes': Permission denied
  HEAD is now at 7dd9658 add support for event log id wildcard
  warning: unable to access '/home/tactical/.config/git/ignore': Permission denied
  cp: cannot stat '/rmm/scripts/*': No such file or directory

from tacticalrmm.

Sorry for the flood if copy/pastes. Here is a mention of NPM

70 packages are looking for funding
run npm fund for details

found 2 vulnerabilities (1 low, 1 high)
run npm audit fix to fix them, or npm audit for details

┌─────────────────────────────────────────────────────────────
│ npm update check failed │
│ Try running with sudo or get access │
│ to the local update config store via │
│ sudo chown -R $USER:$(id -gn $USER) /home/tactical/.config │
└─────────────────────────────────────────────────────────────

And:

npm WARN saveError ENOENT: no such file or directory, open '/meshcentral/package.json'
npm WARN enoent ENOENT: no such file or directory, open '/meshcentral/package.json'
npm WARN meshcentral No description
npm WARN meshcentral No repository field.
npm WARN meshcentral No README data
npm WARN meshcentral No license field.

from tacticalrmm.

This
cp: cannot stat '/rmm/scripts/*': No such file or directory
and the npm WARN meshcentral stuff you can ignore

I just updated the update script, can you download latest and re-run. Should fix all the permissions issues. Did you run update earlier as root? Don't see how the permissions could have gotten messed up if not.

After doing the update, restart the salt-master and salt-api like so
sudo systemctl stop salt-master && sudo systemctl stop salt-api && sudo systemctl start salt-master && sleep 10 && sudo systemctl start salt-api

Then for the new agent that failed to sync modules. Find the agent's salt-key by doing sudo salt-key from rmm. You'll see a list of your agents, the format is HOSTNAME-SOMENUMBER

then target the agent individually and see if any of these commands return succcessfully
sudo salt 'HOSTNAME-SOMENUMBER' test.ping
sudo salt 'HOSTNAME-SOMENUMBER' saltutil.sync_modules

from tacticalrmm.

Good morning.
Ran the new script and did not see any permission errors.

Restarted the salt modules and then ran this:
tactical@ubuntu-rtw-tactical-rmm:$ sudo salt 'RTW-RDS1-54' test.ping
RTW-RDS1-54:
True
tactical@ubuntu-rtw-tactical-rmm:$ sudo salt 'RTW-RDS1-54' saltutil.sync_modules
RTW-RDS1-54:
- modules.win_agent

Will do some more testing and see if I can update some agents as well.
Thanks!

from tacticalrmm.

Agent updates are now working from within the GUI. Yay! :-)

from tacticalrmm.

amazing so glad to hear! yea I have written some custom salt modules, so basically anytime the file /rmm/_modules/win_agent.py changes the sync_modules command will just push that file to the agents. The code that handles agent updates is also in that file.

Everytime the agent's computer is restarted (or if you restart the 'tacticalagent' windows service on the agent) it forces a sync, and same when you update from update.sh. So if you get that error again during install you can just manually sync the modules with sudo salt 'HOSTNAME-SOMENUMBER' saltutil.sync_modules or if u want to do all agents at once just sudo salt '*' saltutil.sync_modules

from tacticalrmm.