GFI Zakelijk
Bedrijfsinformatie
Midden- en kleinbedrijf
Recently GFI MailEssentials users may have experienced disruption to their service. We are happy to report that this is now resolved. If you have temporarily disabled Bitdefender, please re-enable it and your email service will resume. If you continue to experience any problems, follow this guide to manually update Bitdefender definitions. Learn more

Agent Install or Remediation Job Status stuck at 'Pending'

PROBLEM

After trying to deploy security patches, or install and Agent the status stays at 'Pending'.


ENVIRONMENT

  • GFI LanGuard 
  • All supported environments


SOLUTION

  1. Check that the GFI LanGuard XX Attendant Service is running
  2. Change account used by GFI LanGuard XX Attendant Service
    1. Open the Services Panel (Control Panel > Administrative Tools > Services)
    2. Locate and double click the GFI LanGuard XX Attendant service
    3. Select the Log On tab and in the Log on as: section select This account
    4. Specify an account having Local administrative rights in the format <Domain>\<User> or just browse to the admin user
    5. Provide the correct password for the specified account
    6. Click the Apply button
    7. Select the General tab and click the Start button to start the service
  3.  On the LanGuard server, change the DCOM identity
    1. Open DCOMcnfg (Start > Run > type dcomcnfg and press Enter)
    2. Expand Component Services > Computers > My Computer > DCOM Config
    3. Enter the Properties of LNSSCommunicator
    4. In the Identity tab click the Browse button and select a user that has Administrator rights on all machines in the domain
    5. Enter the password for the selected user and apply your changes
    6. Open the Local Security Policy (gpedit.msc) on the LanGuard server
    7. Navigate to Local Computer PolicyComputer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment
    8. Check the properties of Replace a process level token and Adjust memory quotas for process.
    9. Add the account used in the Identity tab (above) to these policies
    10. Do the same for the Logon as a batch job policy
    11. Restart the GFI LanGuard XX Attendant service
  4. On the target machine(s), explicitly add the user account that is running the services to the Log on as Services Local security Policy
    1. Go to Start > Run and type secpol.msc and press Enter
    2. Expand Local Policies
    3. Select User Rights Assignment
    4. Scroll down till you see Log on as a service
    5. Right click it and go to Properties
    6. Click Add User or Group and add that account there
    7. Click Apply and OK and close out of the Local Security Policy
    8. Apply the changes
    9. Go to Run > type GPupdate /force and press Enter
  5. Disable UAC on both server and client machines
    1. Click Start, and then click Control Panel
    2. In Control Panel, click User Accounts
    3. In the User Accounts window, click User Accounts
    4. In the User Accounts tasks window, click Turn User Account Control On or Off
    5. If UAC is currently configured in Admin Approval Mode, the User Account Control message appears. Click Continue.
    6. Clear the Use User Account Control (UAC) to help protect your computer check box, and then click OK
    7. Click Restart Now to apply the change right away, or click Restart Later and close the User Accounts tasks window


CAUSE

The service account is not able to start the remediation job due to a security feature blocking its process.