I had to reinstalled the console and it assigned itself a new certificate which was different to all the certificates on the existing clients. (I was unable to backup) when I reprotected the clients from the new console it does not automatically dish out a new certificate.
How do I distribute the new certificate?
Note: We have far too many computers to reinstall Sophos on. Plus many remote users :(
Cheers
' RMS RE-INIT
' WILL ONLY RUN ONCE IF OK
' HKLM\SOFTWARE\[Wow6432Node]\Sophos\ReInit = 1 is set as check.
' Will not continue if "Server" router, based on:
' HKLM\SOFTWARE\[Wow6432Node]\Sophos\Messaging System\Router\ConnectionCache
' being 10.
' Run with -force to skip above checks.
' To configure:
' strLogPath 'Path to the log file
' strMRInitLog 'Where to write the log file for ClientMRInit.exe
' strFilePathMrInit 'Location of new mrinit.conf (local or UNC)
' strFilePathCac 'Location of new cac.pen (local or UNC)
' Note: The account running the script needs to be an admin on the client and be
' able to read from the path where mrinit.conf and cac.pem are shared.
option explicit
on error resume next
const HKEY_LOCAL_MACHINE = &H80000002
const ROUTER_SERVICE = "Sophos Message Router"
const AGENT_SERVICE = "Sophos Agent"
const REINIT_EXE_FILE = "ClientMRInit.exe"
const WOW_KEY = "Wow6432Node"
dim strLogPath, strMRInitLog, strFilePathCac, strFilePathMrInit, blInline, strCac
dim strMrinit, objArgs, strArg, intForceRun
intForceRun = 0
Set objArgs = WScript.Arguments
For Each strArg in objArgs
if lcase(strArg) = "-force" then
intForceRun = 1
end if
Next
'IMPORTANT VARIABLE
blInline = False
'True|False, If True the script will create cac.pem and mrinit.conf
'from the below variables, these will need to be edited for YOUR installation.
strCac ="-----BEGIN CERTIFICATE-----" &vbcrlf &_
"MIIDFzCCAf+gAwIBAgIBATANBgkqhkiG9w0BAQQFADARMQ8wDQYDVQQDFAZFTTJf" &vbcrlf &_
"Q0EwHhcNMTAxMDIyMTgxODQxWhcNMzAxMDE4MTgxODQxWjARMQ8wDQYDVQQDFAZF" &vbcrlf &_
"TTJfQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzQsT/e+jDXxLA" &vbcrlf &_
"9ERUjbS17N3po40NfZClh2DwpaObGuFXl0pqw9aaVp54Qyx1MCXvPm3ajwROBzVh" &vbcrlf &_
"U9ZFNQ3J92z5KS2yLuCgE6Fz024LlYU+BVkB1Mxa0awxCF6gFQdJEQvKXZnhaX1U" &vbcrlf &_
"qTy/46KulGpCmaqlZSDVevXpGiP7PIS06nV9QgzY6IBb2Tz4HMQh9RUff+D8SBak" &vbcrlf &_
"GXWdXHL1V6MZ9b6AMhbJz36hvuWLNm6hEon8g9HD+ntKCaw2CaneE+HNs3t6I6YG" &vbcrlf &_
"cf0sCu9foZn6fmEo3QyaHgsQz517BxoV/4Of0JLftfhkdEdyxbk1o/PQH9nd/zH6" &vbcrlf &_
"rmLTsjlnAgMBAAGjejB4MB0GA1UdDgQWBBRB4PRhtjU0a9z4Q7+oEUs+jgMPJDA5" &vbcrlf &_
"BgNVHSMEMjAwgBRB4PRhtjU0a9z4Q7+oEUs+jgMPJKEVpBMwETEPMA0GA1UEAxQG" &vbcrlf &_
"RU0yX0NBggEBMAwGA1UdEwQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3" &vbcrlf &_
"DQEBBAUAA4IBAQApa0X3qiiul2wVJbfDkY+fogDQRRbYbXQ+8zs/R8qcG2aeHmWf" &vbcrlf &_
"fyl7fgfEclK3jwGelMwAgNWfcyK50cYZyEqKWF+7ZqSw7yjNFHeaFLqE2DiKbBfR" &vbcrlf &_
"XsgLXZEjsQoIMUncv++N9pg8D7b3fKIVAsvqQYvu1oEOgDk18rImXYvoOy1/c/+z" &vbcrlf &_
"2kRPNTiS+dKhtwogeX7oo+dQkUggu5rvrpZYxVOGBEc9hsYoCCQzfRDQtv5/U0p1" &vbcrlf &_
"8wWdzETKXuMAEnT2PkL9yzwqSZ0tdg/NtA2untIW6Tiy7mXVSHTyvQiWU9BFrZXk" &vbcrlf &_
"SzJwt4KzsdVReTsmYhE3ATUJbUFnOPfCky/e" &vbcrlf &_
"-----END CERTIFICATE-----" &vbcrlf
strMrinit = "[Config]" &vbcrlf &_
"""NotifyRouterUpdate""=""EM""" &vbcrlf &_
"""ClientIIOPPort""=dword:00002001" &vbcrlf &_
"""ClientSSLPort""=dword:00002002" &vbcrlf &_
"""ClientIORPort""=dword:00002000" &vbcrlf &_
"""IORSenderPort""=dword:00002000" &vbcrlf &_
"""DelegatedManagerCertIdentityKey""=""s3IIjyQyBOiah2gMJ7lg15FmW2w=""" &vbcrlf &_
"""ManagedAppCertIdentityKey""=""+lDc0ELrrIRnU14Nm3HV9ZZ4u20=""" &vbcrlf &_
"""RouterCertIdentityKey""=""qRS2iIVb8f5Ql3Y1SwJgOpB5vU0=""" &vbcrlf &_
"""ServiceArgs""=""""" &vbcrlf &_
"""MRParentAddress""=""192.168.1.70,p4,p4""" &vbcrlf &_
"""ParentRouterAddress""=""192.168.1.70,p4,p4""" &vbcrlf
strLogPath = "C:\windows\temp\RMSReInit.log"
strMRInitLog = "C:\windows\temp" 'no trailing slash
strFilePathMrInit = "\\p4\SophosUpdate\CIDs\S000\SAVSCFXP\mrinit.conf"
strFilePathCac = "\\p4\SophosUpdate\CIDs\S000\SAVSCFXP\cac.pem"
'*************************************************************************
dim objFSO, objFile, strRMSPath, strWow6432Node,intPauseForServiceInSeconds
strWow6432Node = "\"
intPauseForServiceInSeconds = 10
set objFSO = CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.CreateTextFile(strLogPath, true)
WriteToLog 0, "Starting Script"
if Is64() then
strWow6432Node = "\" & WOW_KEY & "\"
else
strWow6432Node = "\"
end if
if intForceRun = 0 then
if MarkerFound() then
WriteToLog 0, "End of script"
CloseLog()
wscript.quit(1)
end if
if ServerClassRouter() then
WriteToLog 0, "End of script"
CloseLog()
wscript.quit(1)
end if
else
WriteToLog 0, "Running in Force mode (-force)"
end if
strRMSPath = GetRMSPath()
If blInline then
WriteToLog 0, "Creating Cac.pem and Mrinit.conf from script."
CreateFile strCac, strRMSPath, "cac.pem"
CreateFile strMrinit, strRMSPath, "mrinit.conf"
else
WriteToLog 0, "Copying Cac.pem and Mrinit.conf from locations."
CopyFiles strFilePathCac, strRMSPath
CopyFiles strFilePathMrInit, strRMSPath
end if
DeleteOrig(strRMSPath)
StopService(AGENT_SERVICE)
StopService(ROUTER_SERVICE)
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System", "cac", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\CertificationIdentityKeys", "CertificationIdentityKey", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\Router\Private", "pkc", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\Router\Private", "pkp", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\CertificationIdentityKeys", "ManagedApplication", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "CertificationIdentityKey", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "pkc", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "pkp", "."
'Only create marker if ClientMrinit.exe returned ok
if RunClientMRInit(strRMSPath) = 0 then
CreateMarker()
end if
StartService(ROUTER_SERVICE)
StartService(AGENT_SERVICE)
WriteToLog 0, "Ending Script"
CloseLog()
Set objFSO = nothing
'*************************************************************************
Function CreateFile (strContents, strLocation, strFileName)
WriteToLog 0, "--> CreateFile()"
dim objFileCreate
WriteToLog 0, "--> Creating file " & strFileName & " in " & strLocation
Set objFileCreate = objFSO.CreateTextFile(strLocation & "\" & strFileName, true, false)
objFileCreate.Write strContents
objFileCreate.close
Set objFileCreate = nothing
WriteToLog 0, "<-- CreateFile()"
End Function
'*************************************************************************
Function WriteToLog (strSev, strLogLine)
dim strToWrite
strToWrite = ""
select case strSev
case 0
strToWrite = "INFO: "
case 1
strToWrite = "ERROR: "
case else
strToWrite = "UNKNOWN: "
end select
objFile.WriteLine Date() & " " & Time() & " " & strToWrite & " " & strLogLine
End Function
'*************************************************************************
Function CloseLog()
WriteToLog 0, "--> CloseLog() - No Function Exit Logged"
objFile.Close
set objFile = nothing
End Function
'*************************************************************************
Function CreateMarker()
WriteToLog 0, "--> CreateMarker()"
on error resume next
dim oReg, intRetValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
intRetValue = oReg.SetStringValue (HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos" ,"ReInit", "1")
if intRetValue = 0 then
WriteToLog 0, "Created marker key."
else
WriteToLog 1, "Failed to create marker. Error code " & intRetValue
end if
Set oReg = nothing
WriteToLog 0, "<-- CreateMarker()"
End Function
'*************************************************************************
Function ServerClassRouter()
WriteToLog 0, "--> ServerClassRouter()"
on error resume next
dim oReg, intValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
oReg.GetDWORDValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
strWow6432Node & "Sophos\Messaging System\Router" ,"ConnectionCache", intValue
if intValue = 10 then
WriteToLog 0, "Router is a client, ok to run"
ServerClassRouter = false
else
WriteToLog 1, "Router is a server router, will exit "
ServerClassRouter = true
end if
Set oReg = nothing
WriteToLog 0, "<-- ServerClassRouter()"
End Function
'*************************************************************************
Function MarkerFound()
WriteToLog 0, "--> MarkerFound()"
on error resume next
dim oReg, strValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
oReg.GetStringValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
strWow6432Node & "Sophos" ,"ReInit", strValue
if strValue = "1" then
WriteToLog 0, "Script already run, will exit."
MarkerFound = true
else
WriteToLog 0, "Script not already run."
MarkerFound = false
end if
Set oReg = nothing
WriteToLog 0, "<-- MarkerFound()"
End Function
'*************************************************************************
Function DeleteKey (strTopLevel, strKey, strName, strMachineName)
WriteToLog 0,"--> DeleteKey()"
on error resume next
dim oReg, intReturn
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strMachineName & "\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
WriteToLog 0, "Attemping to delete key: " &_
strMachineName & "\" & strTopLevel & "\" & strKey & "\" & strName
intReturn = oReg.DeleteValue( HKEY_LOCAL_MACHINE, strKey, strName )
if intReturn <> 0 then
DeleteKey = intReturn
WriteToLog 1, "Failed to delete Key: " & intReturn
else
WriteToLog 0, "Deleted Key: " & intReturn
DeleteKey = intReturn
end if
Set oReg = nothing
WriteToLog 0, "<-- DeleteKey()"
End Function
'*************************************************************************
Function StopService(strServiceName)
WriteToLog 0, "--> StopService()"
on error resume next
dim objWMIService, colServices, objService, intReturn
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colServices = objWMIService.ExecQuery ("Select * from win32_Service where name='" & strServiceName & "'")
For each objService in colServices
intReturn = objService.StopService()
Next
wscript.sleep (intPauseForServiceInSeconds * 1000)
WriteToLog 0, "Return code for stopping service: " & strServiceName & " : " & intReturn
StopService = intReturn
Set objWMIService = nothing
Set colServices = nothing
WriteToLog 0, "<-- StopService()"
End function
'*************************************************************************
Function StartService(strServiceName)
WriteToLog 0, "--> StartService()"
on error resume next
dim objWMIService, objService, colServices, intReturn
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colServices = objWMIService.ExecQuery ("Select * from win32_Service where name='" & strServiceName & "'")
For each objService in colServices
intReturn = objService.StartService()
Next
WriteToLog 0, "Return code for starting service: " & strServiceName & " : " & intReturn
StartService = intReturn
Set objWMIService = nothing
Set colServices = nothing
WriteToLog 0, "<-- StartService()"
End function
'*************************************************************************
Function RunClientMRInit(strPathToExe)
WriteToLog 0, "--> RunClientMRInit()"
on error resume next
dim intReturn, oShell, strSwitches, strCommand
WriteToLog 0, "Running command: " & strPathToExe & REINIT_EXE_FILE
Set oShell = WScript.CreateObject("WScript.Shell")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
strSwitches = " -logpath " & strMRInitLog
strSwitches = strSwitches & " -filepath" & " " & """" & strPathToExe & """"
strCommand = """" & strPathToExe & REINIT_EXE_FILE & """" & strSwitches
intReturn = oShell.Run(strCommand, 0, true)
if intReturn <> 0 then
WriteToLog 1, strPathToExe & REINIT_EXE_FILE &_
strSwitches & " Failed. Exit code " & intReturn
else
WriteToLog 0, strPathToExe & REINIT_EXE_FILE &_
strSwitches & " Completed OK. Exit code " & intReturn
end if
RunClientMRInit = intReturn
set oShell = nothing
WriteToLog 0, "--> RunClientMRInit()"
End Function
'*************************************************************************
Function GetRMSPath()
WriteToLog 0, "--> GetRMSPath()"
on error resume next
dim oReg, strValue, intReturn
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
intReturn = oReg.GetStringValue (HKEY_LOCAL_MACHINE, "SOFTWARE" &_
strWow6432Node & "Sophos\Messaging System\Router", "ServiceHomeDir", strValue)
If strValue <> "" then
WriteToLog 0, "RMS Path is " & strValue
GetRMSPath = strValue
else
WriteToLog 1, "Return code " & intReturn
CloseLog()
wscript.quit(1)
end if
set oReg = nothing
WriteToLog 0, "<-- GetRMSPath()"
End Function
'*************************************************************************
Function DeleteOrig(strFilePath)
WriteToLog 0, "--> DeleteOrig()"
on error resume next
err.clear
dim oFS, intReturn, strOrigPath
strOrigPath = strFilePath & "mrinit.conf.orig"
set oFS = CreateObject("Scripting.FileSystemObject")
If oFS.FileExists(strOrigPath) Then
WriteToLog 0, strOrigPath & " Exists"
intReturn = oFS.DeleteFile(strOrigPath, true)
if intReturn = 0 then
WriteToLog 0, strOrigPath & " deleted."
else
WriteToLog 1, strOrigPath & " Not deleted: Return code: " & intReturn
end if
else
WriteToLog 0, strOrigPath & " does not exist, carrying on."
End If
set oFS = nothing
WriteToLog 0, "<-- DeleteOrig()"
End Function
'*************************************************************************
'FUNCTION COPY FILE FROM SERVER
Function CopyFiles(strFilePath, strDestination)
WriteToLog 0, "--> CopyFiles()"
on error resume next
err.clear
dim oFS, intReturn
set oFS = CreateObject("Scripting.FileSystemObject")
If oFS.FileExists(strFilePath) Then
WriteToLog 0, strFilePath & " Exists"
intReturn = oFS.CopyFile(strFilePath, strDestination, true)
if intReturn = 0 then
WriteToLog 0, strFilePath & " Copied to " & strDestination
else
WriteToLog 1, strFilePath & " Not copied to " & strDestination & " Return code: " & intReturn
end if
else
WriteToLog 1, strFilePath & " does not exist"
CloseLog()
wscript.quit(1)
End If
set oFS = nothing
WriteToLog 0, "<-- CopyFiles()"
End Function
'*************************************************************************
'FUNCTION TO GET PLATFORM
Function Is64()
WriteToLog 0, "--> Is64()"
on error resume next
err.clear
dim objWMIService, objColSettings, strDesc, objProcessor
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
For Each objProcessor In objColSettings
strDesc = objProcessor.AddressWidth
Next
if strDesc = "86" then
WriteToLog 0, "Platform is 32-Bit"
Is64 = false
end if
if strDesc = "64" then
WriteToLog 0, "Platform is 64-Bit"
Is64 = true
end if
Set objWMIService = nothing
set objColSettings = nothing
WriteToLog 0, "<-- Is64()"
End Function
Hi,
I felt that the approach could be improved so here is a HTA that makes it easier to generate the VBScript file.
Please save the following code in the next post as "RMSReinit.hta". I'm having a hard time fitting it in 20,000 characters at the moment.
Jak
<html><head><title>RMS Re-Init VBScript Creator</title>
<HTA:APPLICATION SCROLL="no" SINGLEINSTANCE="YES" MAXIMIZEBUTTON="no">
<script language="VBScript">
const ForReading = 1
dim strCac
dim strMrinit
dim strRouterIdentityKey
Sub Window_onLoad
window.resizeTo 660,320
End Sub
Function ExitApp()
window.close
End Function
Function Help()
strHelpTxt = "HTA will generate a VBScript that can be run on clients that have certificate issues." &vbcrlf &_
"Provide the script with the location of the new files: cac.pem and mrinit.conf." &vbcrlf &_
"These files will then be embedded into the resultant VBScript file that is generated to make deployment easy." &vbcrlf &_
"You can also set the log file path of the script, that of the the RMS executable ClientMRInit.exe and the resultant VBScript file name." &vbcrlf &_
"The generated script will not run on a client if: " &vbcrlf &_
" 1. The machine is a 'Server' class instal of RMS (based on the ConnectionCache being anything other than 10)" &vbcrlf&_
" 2. If the Router identity key on the machine is already correct." &vbcrlf&_
" 3. If the script has alrready reparied the machine (a marker key hklm\software\[wow6432node]\sophos\ReInit is set to a 1" &vbcrlf &_
"The above 3 checks can be bypassed by running the resultant VBScript with the argument '-force'" &vbcrlf &_
"Important: The VBScript needs to be run on clients with local admin rights." &vbcrlf &_
"Please ensure the resultant VBScript is tested on a test client."
msgbox strHelpTxt, 64, "Help"
End Function
Function Run()
if CheckAllFieldsOK() then
StartCreatingScript()
end if
End Function
Function CheckAllFieldsOK()
if strCorrectCacLocation.value="" then
msgbox ("Please enter a path to cac.pem")
CheckAllFieldsOK = false
exit function
End if
if strCorrectMrinitLocation.value="" then
msgbox ("Please enter a path to mrinit.conf")
CheckAllFieldsOK = false
exit function
End if
if strReinitLogPath.value="" then
msgbox ("Please enter a path for the script to log to")
CheckAllFieldsOK = false
exit function
End if
If strClientMRInitLogPath.value="" then
msgbox ("Please enter a path for the ClientMRInit.exe file to log to")
CheckAllFieldsOK = false
exit function
end if
if strScriptOutput.value="" then
msgbox ("Please enter a file name for the resultant script")
CheckAllFieldsOK = false
exit function
End if
CheckAllFieldsOK = true
End Function
Function StartCreatingScript()
strCac = GetFileContents(strCorrectCacLocation.value)
strMrinit = GetFileContents(strCorrectMrinitLocation.value)
strRouterIdentityKey = GetRouterIdentityKey()
CreateVBS(strScriptOutput.value)
End Function
Function CreateVBS(strFilePath)
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.CreateTextFile(strFilePath, True)
objTextFile.WriteLine(MainTop.value)
strEndOfLine = chr(38) & "vbcrlf " & chr(38) & "_ "
objTextFile.WriteLine ("strCac = """"" & chr(38) & "_")
arrLinesCac = split (strCac, vblf)
for m = 0 to ubound(arrLinesCac)
if m <> ubound(arrLinesCac) then
objTextFile.WriteLine("""" & arrLinesCac(m) & """ " & strEndOfLine)
else
objTextFile.WriteLine("""" & arrLinesCac(m) & """ " )
end if
next
objTextFile.WriteLine("strLogPath =""" & strReinitLogPath.value & """")
objTextFile.WriteLine("strMRInitLog =""" & strClientMRInitLogPath.value & """")
arrLines = split (replace(strMrinit,"""",""""""), vbcrlf)
objTextFile.WriteLine ("strMrinit = """"" & chr(38) & "_")
for n = 0 to ubound(arrLines)
if n <> ubound(arrLines) then
objTextFile.WriteLine("""" & arrLines(n) & """ " & strEndOfLine)
else
objTextFile.WriteLine("""" & arrLines(n) & """ " )
end if
next
objTextFile.WriteLine("strRouterCertIdentityKey="""& strRouterIdentityKey & """")
objTextFile.WriteLine(MainBottom.value)
objTextFile.WriteLine(Functions.value)
objTextFile.Close
msgbox "Created " & strFilePath, "64", "RMS Re-Init VBScript Creator"
Set objFSO = nothing
Set objTextFile = nothing
End Function
Function GetRouterIdentityKey()
arrLinesInMrinit = split (strMrinit, vbcrlf)
for i = 0 to ubound(arrLinesInMrinit)
if instr(arrLinesInMrinit(i), "RouterCertIdentityKey") then
arrLine = split(arrLinesInMrinit(i),"""")
GetRouterIdentityKey = arrLine(3)
end if
next
End Function
Function GetFileContents(strPathToFile)
Dim objFSO, objReadFile, strContents
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objReadFile = objFSO.OpenTextFile(strPathToFile, ForReading, False)
GetFileContents = objReadFile.ReadAll
objReadFile.close
Set objFSO = Nothing
Set objReadFile = Nothing
End function
</script>
<style type="text/css">
textarea {visibility: hidden;}
h3{font-family:"Times New Roman", Times, serif;}
td{border-width: 1px; padding: 2px; border-style: solid; border-color: gray; background-color: #ededed; -moz-border-radius: ;}
</style></head><body><center><h3>RMS Re-Init VBScript Creator</h3>
<table border="0"><tr><td>Cac.pem</td><td><input size="50" type="file" name="strCorrectCacLocation"></td></tr>
<tr><td>Mrinit.conf</td><td><input size="50" type="file" name="strCorrectMrinitLocation"></td></tr>
<tr><td>Re-Init VBScript log path</td><td><input size="50" type="text" name="strReinitLogPath" value="C:\windows\temp\Reinit.txt"></td></tr>
<tr><td>ClientMRInit.exe log path</td><td><input size="50" type="text" name="strClientMRInitLogPath" value="C:\windows\temp"></td></tr>
<tr><td>Output VBScript</td><td><input size="50" type="text" name="strScriptOutput" value="RMSReInit.vbs"></td></tr>
<tr><td colspan="2" align="right"><input type="button" onclick="ExitApp()" value="Exit">
<input type="button" onclick="Help()" value="Help">
<input type="button" onclick="Run()" value="Create VBScript"></td></tr></table></center>
<textarea name="MainTop" col="0" rows="0">
'RMS ReInit
option explicit
on error resume next
const HKEY_LOCAL_MACHINE = &H80000002
const ROUTER_SERVICE = "Sophos Message Router"
const AGENT_SERVICE = "Sophos Agent"
const REINIT_EXE_FILE = "ClientMRInit.exe"
const WOW_KEY = "Wow6432Node"
dim strLogPath, strMRInitLog, strFilePathCac, strFilePathMrInit, strCac
dim strMrinit, objArgs, strArg, intForceRun, strRouterCertIdentityKey
intForceRun = 0
Set objArgs = WScript.Arguments
For Each strArg in objArgs
if lcase(strArg) = "-force" then
intForceRun = 1
end if
Next
</textarea>
<textarea name="MainBottom" col="0" rows="0">
dim objFSO, objFile, strRMSPath, strWow6432Node,intPauseForServiceInSeconds
strWow6432Node = "\"
intPauseForServiceInSeconds = 10
set objFSO = CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.CreateTextFile(strLogPath, true)
WriteToLog 0, "Starting Script"
if Is64() then
strWow6432Node = "\" & WOW_KEY & "\"
else
strWow6432Node = "\"
end if
if intForceRun = 0 then
if RouterIdentityIsOK then
WriteToLog 0, "End of script"
CloseLog()
wscript.quit(1)
end if
if MarkerFound() then
WriteToLog 0, "End of script"
CloseLog()
wscript.quit(1)
end if
if ServerClassRouter() then
WriteToLog 0, "End of script"
CloseLog()
wscript.quit(1)
end if
else
WriteToLog 0, "Running in Force mode (-force)"
end if
strRMSPath = GetRMSPath()
CreateFile strCac, strRMSPath, "cac.pem"
CreateFile strMrinit, strRMSPath, "mrinit.conf"
DeleteOrig(strRMSPath)
StopService(AGENT_SERVICE)
StopService(ROUTER_SERVICE)
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System", "cac", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\CertificationIdentityKeys", "CertificationIdentityKey", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\Router\Private", "pkc", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\Router\Private", "pkp", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\CertificationIdentityKeys", "ManagedApplication", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "CertificationIdentityKey", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "pkc", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "pkp", "."
'Only create marker if ClientMrinit.exe returned ok
if RunClientMRInit(strRMSPath) = 0 then
CreateMarker()
end if
StartService(ROUTER_SERVICE)
StartService(AGENT_SERVICE)
WriteToLog 0, "Ending Script"
CloseLog()
Set objFSO = nothing
Set objArgs = nothing
</textarea>
<textarea name="Functions" col="0" rows="0">
Function CreateFile (strContents, strLocation, strFileName)
WriteToLog 0, "--> CreateFile()"
dim objFileCreate
WriteToLog 0, "--> Creating file " & strFileName & " in " & strLocation
Set objFileCreate = objFSO.CreateTextFile(strLocation & "\" & strFileName, true, false)
objFileCreate.Write strContents
objFileCreate.close
Set objFileCreate = nothing
WriteToLog 0, "<-- CreateFile()"
End Function
Function RouterIdentityIsOK()
WriteToLog 0, "--> RouterIdentityIsOK()"
on error resume next
dim oReg, strValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
oReg.GetStringValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
strWow6432Node & "Sophos\Messaging System\CertificationIdentityKeys" ,"CertificationIdentityKey", strValue
if strValue = strRouterCertIdentityKey then
WriteToLog 0, "Router identity key in script is the same as the client: " & strValue
RouterIdentityIsOK = true
else
WriteToLog 0, "Router identity key in script is different from the client: " & strValue
RouterIdentityIsOK = false
end if
Set oReg = nothing
WriteToLog 0, "--> RouterIdentityIsOK()"
End Function
Function WriteToLog (strSev, strLogLine)
dim strToWrite
strToWrite = ""
select case strSev
case 0
strToWrite = "INFO: "
case 1
strToWrite = "ERROR: "
case else
strToWrite = "UNKNOWN: "
end select
objFile.WriteLine Date() & " " & Time() & " " & strToWrite & " " & strLogLine
End Function
Function CloseLog()
WriteToLog 0, "--> CloseLog() - No Function Exit Logged"
objFile.Close
set objFile = nothing
End Function
Function CreateMarker()
WriteToLog 0, "--> CreateMarker()"
on error resume next
dim oReg, intRetValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
intRetValue = oReg.SetStringValue (HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos" ,"ReInit", "1")
if intRetValue = 0 then
WriteToLog 0, "Created marker key."
else
WriteToLog 1, "Failed to create marker. Error code " & intRetValue
end if
Set oReg = nothing
WriteToLog 0, "<-- CreateMarker()"
End Function
Function ServerClassRouter()
WriteToLog 0, "--> ServerClassRouter()"
on error resume next
dim oReg, intValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
oReg.GetDWORDValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
strWow6432Node & "Sophos\Messaging System\Router" ,"ConnectionCache", intValue
if intValue = 10 then
WriteToLog 0, "Router is a client, ok to run"
ServerClassRouter = false
else
WriteToLog 1, "Router is a server router, will exit "
ServerClassRouter = true
end if
Set oReg = nothing
WriteToLog 0, "<-- ServerClassRouter()"
End Function
Function MarkerFound()
WriteToLog 0, "--> MarkerFound()"
on error resume next
dim oReg, strValue
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
oReg.GetStringValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
strWow6432Node & "Sophos" ,"ReInit", strValue
if strValue = "1" then
WriteToLog 0, "Script already run, will exit."
MarkerFound = true
else
WriteToLog 0, "Script not already run."
MarkerFound = false
end if
Set oReg = nothing
WriteToLog 0, "<-- MarkerFound()"
End Function
Function DeleteKey (strTopLevel, strKey, strName, strMachineName)
WriteToLog 0,"--> DeleteKey()"
on error resume next
dim oReg, intReturn
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strMachineName & "\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " &_
err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
WriteToLog 0, "Attemping to delete key: " &_
strMachineName & "\" & strTopLevel & "\" & strKey & "\" & strName
intReturn = oReg.DeleteValue( HKEY_LOCAL_MACHINE, strKey, strName )
if intReturn <> 0 then
DeleteKey = intReturn
WriteToLog 1, "Failed to delete Key: " & intReturn
else
WriteToLog 0, "Deleted Key: " & intReturn
DeleteKey = intReturn
end if
Set oReg = nothing
WriteToLog 0, "<-- DeleteKey()"
End Function
Function StopService(strServiceName)
WriteToLog 0, "--> StopService()"
on error resume next
dim objWMIService, colServices, objService, intReturn
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colServices = objWMIService.ExecQuery ("Select * from win32_Service where name='" & strServiceName & "'")
For each objService in colServices
intReturn = objService.StopService()
Next
wscript.sleep (intPauseForServiceInSeconds * 1000)
WriteToLog 0, "Return code for stopping service: " & strServiceName & " : " & intReturn
StopService = intReturn
Set objWMIService = nothing
Set colServices = nothing
WriteToLog 0, "<-- StopService()"
End function
Function StartService(strServiceName)
WriteToLog 0, "--> StartService()"
on error resume next
dim objWMIService, objService, colServices, intReturn
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set colServices = objWMIService.ExecQuery ("Select * from win32_Service where name='" & strServiceName & "'")
For each objService in colServices
intReturn = objService.StartService()
Next
WriteToLog 0, "Return code for starting service: " & strServiceName & " : " & intReturn
StartService = intReturn
Set objWMIService = nothing
Set colServices = nothing
WriteToLog 0, "<-- StartService()"
End function
Function RunClientMRInit(strPathToExe)
WriteToLog 0, "--> RunClientMRInit()"
on error resume next
dim intReturn, oShell, strSwitches, strCommand
WriteToLog 0, "Running command: " & strPathToExe & REINIT_EXE_FILE
Set oShell = WScript.CreateObject("WScript.Shell")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
strSwitches = " -logpath " & strMRInitLog
strSwitches = strSwitches & " -filepath" & " " & """" & strPathToExe & """"
strCommand = """" & strPathToExe & REINIT_EXE_FILE & """" & strSwitches
intReturn = oShell.Run(strCommand, 0, true)
if intReturn <> 0 then
WriteToLog 1, strPathToExe & REINIT_EXE_FILE &_
strSwitches & " Failed. Exit code " & intReturn
else
WriteToLog 0, strPathToExe & REINIT_EXE_FILE &_
strSwitches & " Completed OK. Exit code " & intReturn
end if
RunClientMRInit = intReturn
set oShell = nothing
WriteToLog 0, "--> RunClientMRInit()"
End Function
Function GetRMSPath()
WriteToLog 0, "--> GetRMSPath()"
on error resume next
dim oReg, strValue, intReturn
err.clear
Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
intReturn = oReg.GetStringValue (HKEY_LOCAL_MACHINE, "SOFTWARE" &_
strWow6432Node & "Sophos\Messaging System\Router", "ServiceHomeDir", strValue)
If strValue <> "" then
WriteToLog 0, "RMS Path is " & strValue
GetRMSPath = strValue
else
WriteToLog 1, "Return code " & intReturn
CloseLog()
wscript.quit(1)
end if
set oReg = nothing
WriteToLog 0, "<-- GetRMSPath()"
End Function
Function DeleteOrig(strFilePath)
WriteToLog 0, "--> DeleteOrig()"
on error resume next
err.clear
dim oFS, intReturn, strOrigPath
strOrigPath = strFilePath & "mrinit.conf.orig"
set oFS = CreateObject("Scripting.FileSystemObject")
If oFS.FileExists(strOrigPath) Then
WriteToLog 0, strOrigPath & " Exists"
intReturn = oFS.DeleteFile(strOrigPath, true)
if intReturn = 0 then
WriteToLog 0, strOrigPath & " deleted."
else
WriteToLog 1, strOrigPath & " Not deleted: Return code: " & intReturn
end if
else
WriteToLog 0, strOrigPath & " does not exist, carrying on."
End If
set oFS = nothing
WriteToLog 0, "<-- DeleteOrig()"
End Function
Function Is64()
WriteToLog 0, "--> Is64()"
on error resume next
err.clear
dim objWMIService, objColSettings, strDesc, objProcessor
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor")
if err.number <> 0 then
WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
CloseLog()
wscript.quit(1)
end if
For Each objProcessor In objColSettings
strDesc = objProcessor.AddressWidth
Next
if strDesc = "32" then
WriteToLog 0, "Platform is 32-Bit"
Is64 = false
end if
if strDesc = "64" then
WriteToLog 0, "Platform is 64-Bit"
Is64 = true
end if
Set objWMIService = nothing
set objColSettings = nothing
WriteToLog 0, "<-- Is64()"
End Function
</textarea></body></html>
Hi Jak,
I’’’’ve tested it on three computers now. It worked on the XP computer, but didn’’’’t work on the Windows 7 computers.
This is the Log:
16/02/2011 4:52:24 p.m. INFO: Starting Script
16/02/2011 4:52:24 p.m. INFO: --> Is64()
16/02/2011 4:52:27 p.m. INFO: Platform is 32-Bit
16/02/2011 4:52:27 p.m. INFO: <-- Is64()
16/02/2011 4:52:27 p.m. INFO: --> RouterIdentityIsOK()
16/02/2011 4:52:28 p.m. INFO: Router identity key in script is different from the client:
16/02/2011 4:52:28 p.m. INFO: --> RouterIdentityIsOK()
16/02/2011 4:52:28 p.m. INFO: --> MarkerFound()
16/02/2011 4:52:28 p.m. INFO: Script not already run.
16/02/2011 4:52:28 p.m. INFO: <-- MarkerFound()
16/02/2011 4:52:28 p.m. INFO: --> ServerClassRouter()
16/02/2011 4:52:28 p.m. ERROR: Router is a server router, will exit
16/02/2011 4:52:28 p.m. INFO: <-- ServerClassRouter()
16/02/2011 4:52:28 p.m. INFO: End of script
16/02/2011 4:52:28 p.m. INFO: --> CloseLog() - No Function Exit Logged
That is what we get on both a windows 7 computers not sure about 64bit as all I have tried are 32bit.
Any ideas?
Cheers
Hi,
The script is exiting because it think it's running on a server class router, the check for this is if:
HKLM\Software\[wow6432node]Sophos\Messaging System\Router
ConnectionCache
is anything other than 10.
If you search the script for:
Function ServerClassRouter()
You can spot the check.
So on a machine which is exiting with:
"ERROR: Router is a server router, will exit"
does it have the above ConnectionCache key, if s, I can only assume the value is anything other than 10?
If needed you can run the VBScript with:
-force
and this will skip all 3 checks:
1. If the machine already has the correct identity key for the router
2. The script has already run on the machine and fixed it
3. If the machine appears to be a "Server" class router.
The 3rd check and the one you're hitting is really to avoid breaking a message relay or SEC server.
Also, did you use the HTA to generate a script? My last post was a HTA version to generate a reinit script to make the process easier?
Thanks,
Jak
Ahh, do you have UAC on? Is it running with enough rights to read the above mentioned key, If it fails to read the key it would not be 10 and therefore you would get this error. Which is probably a good thing as it fails safe as it doesn't know what it can't read.
If you right click on CMD and choose run as administrator, from that new command window run:
cscript Reinit.vbs
Does it then work?
Jak
Hi Jak,
Sorry for the late reply.
We have tested it on a windows 7 32bit box and it worked running it as administrator from CMD. We are yet to try it on a 64bit copy of windows 7 but are certain it will work.
In the next week we will try pushing it out remotely to a small group.
Thanks once again for your help
Cheers
