Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 3376 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

.msg file creation - for disconnected clients?

Daniel Gebler

Dear All,

 

As far as I understand the process:

  • In case there's a policy change for a group - say, a new software is added to the SW control list - all members of the group are affected, so the client will generate .msg files for them.
  • If the client is offline, the .msg file will sit in the queue (envelopes folder) and sit there for 4 days tops.
    • If a client logs in, the message gets delivered (provided all is working)
    • If a client does not log in for 4 days, the message gets deleted

Questions I have:

  1. If a message gets deleted for a client, as it has not been seen for 4 days, would the client still get the policy at its next update? Say it connects after 5-6 days...
  2. I believe such update messages would only get generated for managed clients (e.g. not deleted = 1 in the sql db) - so it's better to keep 'no longer active' clients deleted from the view - e.g ones that have not been seen for over 20 days. This would reduce the load from the management server...?

Thanks a lot.

DanZi

 

 

 



This thread was automatically locked due to age.
Parents
  • 0

    Hello DanZi,

    minor correction: the client will generate .msg files - guess you mean the server will generate for the client

    would the client still get the policy
    no - an endpoint only requests policies after install (this is also the case for a re-install) - the console shows Awaiting policy from console. Not that Awaiting policy transfer is not cleared when the .msg times out.

    Messages are only sent to computers that have Managed=1 and Deleted=0. Naturally there's some overhead associated with queued messages and a large number might cause problems. Please note that the (number of) "visible" computers generally affect(s) performance, dashboard numbers and indicators, as well as the contents of reports.

    Christian

  • 0 in reply to QC

    Hi Christian,

     

    Yes, I meant the Server, sorry.

     

    I see, so if awaiting policy won't clear, I can still push it out forcing it from the console say few hundred online machines at a time... This would also help with load.

     

    Thanks for the quick reply :)

     

Reply
  • 0 in reply to QC

    Hi Christian,

     

    Yes, I meant the Server, sorry.

     

    I see, so if awaiting policy won't clear, I can still push it out forcing it from the console say few hundred online machines at a time... This would also help with load.

     

    Thanks for the quick reply :)

     

Children
  • 0 in reply to Daniel Gebler

    Hello DanZi,

    I can still push it out
    yes, that's one of the purposes of Comply with ... - sending policies to machines which "have been out" when the policy, policy assigned, or group membership (thus implicitly policy assigned) has changed.

    You probably know how to do it, just for others who read this thread: In the View: dropdown (right above the list of computers) select Connected computers, select either the Status or a specific tab (e.g. Anti-Virus Details), sort (click on the column heading, repeated clicking toggles ascending/descending) by the Policy compliance or xxxxxxx policy column.

    Christian

  • 0 in reply to QC

    Just mentioning this kba for reference if not seen:
    https://community.sophos.com/kb/en-us/113417

Unfiltered HTML