We had a client with a server that did not have updated information in Azure Sentinel side, but passed all of the validation and communication tests on the Azure Arc client side (i.e. on the clients file server).
NOTE: If you want to know how to test your Azure Arc, we have a separate article for that HERE.
After quite some time of troubleshooting both ends, we just gave up and uninstalled then reinstalled the Azure Arc client. Just like before, the client server passed all of the validation and communication tests but on the Azure Sentinel side, new information was not coming through.
It turned out that uninstalling Azure Arc from the server and then reinstalling it was not sufficient. Azure Arc’s uninstall leaves a pile of old files on your computer server which then stifles the new install. We needed to not only uninstall Azure Arc via Programs and Features, but also to manually delete any of these folders that still exist after the uninstall:
You can download current and previous versions of the Azure Arc agent directly from Microsoft HERE but make sure you delete these folders (if they exist) before you reinstall:
- C:\Program Files\AzureConnectedMachine\
- C:\Program Data\AzureConnectedMachine\
- C:\Program Data\GuestConfig\
We have found that a reboot was NOT required after the install, uninstall, or reinstall, which made working on a live production file server much easier.