MDM Troubleshooting

MDMCore configuration and log files

See also log files of other ESET PROTECT components.

Location

File details

Windows: %ProgramData%\ESET\RemoteAdministrator\MDMCore\Configuration
Linux: /etc/opt/eset/RemoteAdministrator/MDMCore

startupconfiguration.cfg (Windows), startupconfiguration.ini (Linux) - The database connection information.

loggerLevel.cfg - A single line specifying an override log level for logging. This file takes priority over the setting in any policy (and can be used in cases where policy cannot be delivered). If recognized, the line "Setting log level from loggerLevel.cfg override file to XYZ" is output to the trace log (information level). Recognized values: all, trace, debug, information, warning, error, critical, fatal. When set to all, it also logs all communication to phones.

shouldLogPhoneComm.cfg - A single line specifying whether communication to phones should be logged into a separate log file. Recognized values: 1, true, log.

skipPnsCertCheck.cfg - A single line specifying whether PNS service certificate should be validated.

Windows: %ProgramData%\ESET\RemoteAdministrator\MDMCore\Data\MultiAgent

Linux: /var/opt/eset/RemoteAdministrator/MDMCore/MultiAgent

Trace logs of individual agents in per-agent subfolders.

Windows: %ProgramData%\ESET\RemoteAdministrator\MDMCore\Dumps

Linux: /var/opt/eset/RemoteAdministrator/MDMCore/Dumps

Crashdumps that have not been sent to the ESET CrashReporting service yet.

Windows: %ProgramData%\ESET\RemoteAdministrator\MDMCore\Logs

Linux: /var/log/eset/RemoteAdministrator/MDMCore

trace.log, trace.log.<N>.gz - The trace log of MDMCore. The numbered gzipped files are older contents of the log.

Windows: %ProgramData%\ESET\RemoteAdministrator\MDMCore\Logs\Proxy

Linux: /var/log/eset/RemoteAdministrator/MDMCore/Proxy

trace.log, trace.log.<N>.gz - The trace log of MDMCore's MultiProxy component. The numbered gzipped files are older contents of the log.

Windows: %ProgramData%\ESET\RemoteAdministrator\MDMCore\Modules

Linux: /var/opt/eset/RemoteAdministrator/MDMCore/Modules

em*.dat - Config Engine and Loader modules.

Windows: %ProgramFiles%\ESET\RemoteAdministrator\MDMCore

Linux: /opt/eset/RemoteAdministrator/MDMCore

All executable files needed by MDMCore.

MDM error messages

1.What should I do if I get error message: "The Enrollment token is already being used or is not valid."?

It is likely that you are attempting to re-enroll with an old enrollment token. Create a new re-enrollment token in the Web Console and use that one instead. It is also possible that you are attempting a second re-enrollment  too  soon after the first one. Verify that the re-enrollment token  is different from the first one. If it is not, then wait a few minutes and try to generate a new re-enrollment token again.

2.What should I do if I get error message:"service certificate validation failed"?

This error message indicates that there is a problem with your APNS or FCM service certificate. This is announced in ESET PROTECT Web Console as one of the following warnings under MDM Core alerts:

FCM service certificate validation failed (0x0000000100001002)

APNS service certificate validation failed (0x0000000100001000)

APNS Feedback service certificate validation failed (0x0000000100001004)

Make sure you have the correct Certificate Authority available on your system:

APNS Certificate Authority: Entrust Certification Authority, need to validate certificate from gateway.push.apple.com:2195;

APNS Feedback Certificate Authority: Entrust Certification Authority, need to validate certificate from feedback.push.apple.com:2196;

FCM Certificate Authority: GeoTrust Global CA, need to validate certificate from android.googleapis.com:443.

The desired Certificate Authority should be included in the certificate store on the MDM host machine. In a Windows system, you can search for "Manage Trusted Root Certificates". In a Linux system, the certificate location is dependent on the distribution you are using. Some examples of certificate store destinations include:

on Debian, CentOS: /usr/lib/ssl/cert.pem, /usr/lib/ssl/certs;

on Red Hat: /usr/share/ssl/cert.pem, /usr/share/ssl/certs;

command openssl version -d usually returns desired path.

If the desired Certification Authority is not installed on the system the MDM Core is running on, install it. Following installation, restart the ESET PROTECT MDC service.

warning

Warning

Use caution, certificate validation is a security feature, so if the warning occurs in Web Console it could also indicate a security threat.