This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unmanaged machines and RMS

I have a lot of Unmanaged machines in SEC. I search some knowledge base and it has something to do with Remote Management Service.

May I know the reasons/causes why the RMS fails?

This thread was automatically locked due to age.

0 jak over 8 years ago

Hi,

Once protected, the Remote Management System (RMS) product is installed along with Sophos AutoUpdate, SAV, etc..

As part of the install of RMS, the configuration file mrinit.conf if copied by setup.exe from the root of the distribution point to the install directory of RMS. This config is then stored under:
hklm\software\sophos\messaging system\router
ParentAddress being a key value to check. This should typically point at the management server. Maybe the first thing to check. Beyond that in terms of firewalls:
Open TCP 8192 and 8194 on the server so the clients can connect to the routernt.exe process on the server and open TCP 8194 on the client. Not opening 8194 on the client isn't a show stopper but downstream message delivery will be delayed as the client will have to poll for messages instead of being notified to get them.

I hope this helps get you started.

Regards,
Jak
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 8 years ago
Hello Darren,

the are two ways a machine can "get into SEC"

Information about it (at least the name) is imported or discovered, the computer appears as unmanaged with, depending on the method, additional attributes set. Import doesn't (and can't) check whether the computer exists

The managed version of Sophos is installed on an endpoint and contacts the management server. Obviously such an endpoint can't be unmanaged

Thus - how did the computers get into SEC and how did you install Sophos on them?

Christian
Cancel
Vote Up 0 Vote Down

Cancel