Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 19186 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enterprise console4.5/client9.5 - all PCs greyed out and won't report back, Help please!!

Sophosfan1

I had to reinstalled the console and it assigned itself a new certificate which was different to all the certificates on the existing clients. (I was unable to backup) when I reprotected the clients from the new console it does not automatically dish out a new certificate.

How do I distribute the new certificate?

Note: We have far too many computers to reinstall Sophos on. Plus many remote users :(

Cheers

:8665


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    When you ran ClientMrInit.exe on step 5, did it add into the registry the values from mrinit.conf and cac.pem, i.e.  It should have re-created the following with the new values:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\cac

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\CertificationIdentityKeys\CertificationIdentityKey

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Remote Management System\CertificationIdentityKeys\ManagedApplication

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private\

    CertificationIdentityKey

    ClientMRInit.exe creates a log file in the same directory as itself, it has the same file name with a time stamp.  Maybe that will have an error.

    If that stage all worked (the registry keys were stored correctly) the router log file will have an error message I would think as to why it didn't start. This would be in: "\Program data\sophos\remote management system\3\router\logs\".  Feel free to paste the router log here.

    Thanks,

    Jak

    :8675
Reply
  • 0

    Hi,

    When you ran ClientMrInit.exe on step 5, did it add into the registry the values from mrinit.conf and cac.pem, i.e.  It should have re-created the following with the new values:

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\cac

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\CertificationIdentityKeys\CertificationIdentityKey

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Remote Management System\CertificationIdentityKeys\ManagedApplication

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private\

    CertificationIdentityKey

    ClientMRInit.exe creates a log file in the same directory as itself, it has the same file name with a time stamp.  Maybe that will have an error.

    If that stage all worked (the registry keys were stored correctly) the router log file will have an error message I would think as to why it didn't start. This would be in: "\Program data\sophos\remote management system\3\router\logs\".  Feel free to paste the router log here.

    Thanks,

    Jak

    :8675
Children
No Data
Unfiltered HTML