New ImmyBot user here. I am trying to install an agent on a DC for domain joining. I installed ImmyBot agent on DC server and the agent would not connect. In the logs I see "12/09/25 2:14:47pm EST - Error occurred while trying to get device id: EphemeralAgentSessionFailedToConnectException: Ephemeral Session for () never connected within specified timeout window of 180 seconds. "
I tried first deploying using PS, then I uninstalled and downloaded EXE and installed that way, same issue. I already had an ImmyBot policy deployed in our Threatlocker. I put the server into learning mode in TL, same issue. I then investigated our firewall (Sonicwall) and don’t see anything that sticks out. I disabled all security services on the firewall, no joy. Rebooted server, same issue. Windows firewall was already disabled. I also tried switching from Cloudflare to Google DNS servers.
I then turned my attention to Datto EDR. I do not see anything in the EDR logs, no alerts for that machine. I uninstalled Datto EDR from the server and as soon as the uninstall was done then it connected in my ImmyBot portal and went from Pending tab to New tab in Computers section.
I decided to try another server at this site. Installed ImmyBot, same issue. Uninstalled Datto EDR from it, boom fixed!
I’ve since re-deployed Datto EDR to the servers. It’s been 30min and from what I can tell they are still checking in with ImmyBot. (I have been able to run Inventory checks with Immy fine)
I was doing this DC install in preparation for utilizing ImmyBot on some new workstation deployments for this customer so I’ve yet to be able to use the USB package installer for a new computer and see if ImmyBot agent will break once Datto EDR gets installed, but so far the servers seem fine.
Has anyone seen this issue before? Figured I would post here before trying to have Datto support look into it.
EDIT: After posting I realized it could be DNS Secure filtering part of Datto EDR. I’m blocking these categories for Datto EDR DNS Secure: Malware, Phishing, Warez, Spyware/Malware, Deceptive/Phishing, and Pornography. I will have to do some more digging into this possibility. Is there a ImmyBot URL exclusions list somewhere that I can use?
Thank you!