Error looping when enrolling linux endpoint

I got an linux box and was enrolled to the xcitium, somehow it lost connection and I decided to redo the enrolment.

I removed the service file and binary from the linux (ubuntu), and reboot and do it from scratch. However, the run file generate an error loop as below:

Verifying archive integrity… All good.
Uncompressing Linux ITSM Agent/9.1.48667.24030 100%
systemd system
Company:
ClusterName:
Username: .
Jid: .@/windows
XMPP Host: xmpp.
Connect result: -3
Reconnect!

Connect result: -3
Reconnect!

Connect result: -3
Reconnect!

Connect result: -3
Reconnect!

Connect result: -3
Reconnect!

Connect result: -3
Reconnect!

And looping forever.
Any hint to fix it?

hi @mcdull

request you to use the next commands for EM agent uninstall:

systemctl stop itsm && systemctl disable itsm && rm -f /etc/systemd/system/itsm.service && rm -rf /opt/comodo
stop itsm && rm /etc/init/itsm.conf && initctl reload-configuration && rm -rf /opt/comodo

Once EM agent will be uninstalled fully, repeat enrollment process. If the issue still the same, please share screenshot made from terminal + OS build.

Tried the uninstall script.

6.5.0-1027-oracle #27~22.04.1-Ubuntu SMP Thu Jul 18 13:55:21 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
(this is the machine, but I had another instance running fine)

And I tried to locate the error step by step and it was caused by line 175 at start.sh from the installer
i.e. $IPATH/$BIN -c

debug1601×965 199 KB

Blockquote

LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
173 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use ‘systemctl list-unit-files’. =~ -.mount ]]

• return 0
• echo ‘systemd system’
  systemd system
• INIT=D
  ++ set +x
  ++ basename ./start.sh
• NAME=start.sh
  ++ set +x
  ++ grep -oP ‘(?<=itsm_)\w{8}(?=_)’
  ++ echo start.sh
• TOKEN=
  ++ set +x
• [[ 0 != 8 ]]
  ++ set +x
  ++ ps -o comm= 20860
• PARENT_COMMAND=bash
  ++ set +x
  ++ grep -oP ‘(?<=itsm_)\w{8}(?=_)’
  ++ echo bash
• TOKEN=
  ++ set +x
• ‘[’ -e /opt/comodo ‘]’
  ++ set +x
• ‘[’ -e /opt/ITarian/EndpointManager ‘]’
  ++ set +x
• CONFIG_GOOD=1
  ++ set +x
• ‘[’ -e /opt/COMODO/ITSM/itsm-linux ‘]’
  ++ set +x
  ++ awk ‘/Version/{ print $2;}’
  ++ /opt/COMODO/ITSM/itsm-linux -v
• CURR_VER=9.1.48667.24030
  ++ set +x
  ++ ver 9.1.48667.24030
  +++ echo 9.1.48667.24030
  +++ tr . ’ ’
  ++ printf %05d%05d%05d%05d 9 1 48667 24030
  ++ ver 6.22.16228.18090
  +++ echo 6.22.16228.18090
  +++ tr . ’ ’
  ++ printf %05d%05d%05d%05d 6 22 16228 18090
• ‘[’ 00009000014866724030 -ge 00006000221622818090 ‘]’
  ++ set +x
• /opt/COMODO/ITSM/itsm-linux -c
  ^CCompany:
  ClusterName:
  Username: .
  Jid: .@/windows
  XMPP Host: xmpp.
  Connect result: -3
  Reconnect!

Connect result: -3
Reconnect!

Blockquote

hi @mcdull

could you please check if XMPP connection is allowed on this device?

Hosts xmpp.cmdm.comodo.com, 18.197.167.137, 34.227.128.175, port 443?

also you have any Firewall , please try to disable it temporary and check connections to the hosts as shared above via terminal.

its outgoing, right?
I tcping these addresses’ 443, and ports are opened.

seq 0: tcp response from ec2-18-197-167-137.eu-central-1.compute.amazonaws.com (18.197.167.137) [open] 293.059 ms

also open for another IP address.

also please confirm if you have firewall any enabled ,

Since it is a multilayered systems, it must be firewall at the gateway level. But outbound rule should always be allowed.

please do disable the firewall as advised by our team and try once with the enrollment

disbaled and retried. Same happened and re-enabled firewall.

@mcdull

apologies for the inconvenience , could you please raise a ticket to support@xcitium.com along with all the details in the forum post , I will coordinate with the support team to escalate it back to the specialist team