Category published:  EPO | ePolicy Orchestrator Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection   Click on the Category button to get more articles regarding that product.

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express

Posted by admin on 23.01.2024

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express

Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the same servers, you have to modify the default Port 80 of the IIS to something like 9999 or remove the default website before you install McAfee/Trellix EPO. This is necessary because EPO also uses the default Port 80. Both products run seamlessly together if you have enough RAM.

I tend to use WID (Windows Internal Database) for WSUS and SQL 2017 for EPO until now. For larger WSUS installations, we always use SQL Express or even the full version. Similarly, for larger EPO installations, we also use the full SQL version.

We tend to use a SQL Express version one release older than the latest release or even from some years back on our EPO installations. This was the first time we used SQL 2022 Express on a Server 2022, and we encountered an error during the installation of the latest EPO download (Mid-January 2024).

  • Microsoft Server 2022
  • Microsoft SQL Server 2022
  • Microsoft SQL Server Managment Studio 19.3
  • 20240123110122 SELECT @@VERSION returned: Microsoft SQL Server 2022 (RTM) – 16.0.1000.6 (X64)
  • Express Edition (64-bit) on Windows Server 2022 Standard 10.0 <X64> (Build 20348: ) (Hypervisor)

 

Error: Installation of fresh download install EPO 5.10 EPO5100_ServicePack1_4098_LR1 fails and does a rollback (Windows Installer Transaction rollback).

The failure/rollbacks comes around 80% of the installation without product autocheck in selcted or not. Just after starting services and then he does the Rollback.

Solution:

Install SQL Server 2012 native client from “EPO install media”\setup\SQLNativeCLient\sqlncli_x64.exe

Retry and it will work.

 

The Trellix KB has an entry for a similar problem. But we DID NOT find the mentioned Erros strings in EPO5100-Install-MSI.log or other logfiles.

Still the KB leads us in the correct direction.


 

To get it running you need this:


 

OK similar error but we did not find those error but it solved i too:

https://kcm.trellix.com/corporate/index?page=content&id=KB90874&locale=en_US#:~:text=The%20ePO%20installation%20fails%20and%20rolls%20back%20when,When%20the%20installation%20completes%20successfully%2C%20disable%20TLS%201.0.

Please also check our:

https://www.butsch.ch/post/mcafeetrellix-epo-5100-service-pack-repost-1-4098-fails-to-install-and-rollback/


https://www.butsch.ch/post/mcafee-trellix-epo-5-10-sp1-upd2-update-2-installation-cve-2023-5444-risk-high-and-cve-2023-5445/


 Category published:  EPO | ePolicy Orchestrator Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection   Click on the Category button to get more articles regarding that product.