This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with mrinit.conf on air gapped network

Hi All,

I am currently installing SEC 5.1 on an air gapped network, the installation has gone fine and I have created the locations for maual updating etc (with a SophosUpdateManager folder as detailed in a Sophos KB).

I have a problem with the mrinit.conf file though......

I originally copied the CID folder from another domain as there was no way for this SEC to get its own copy, when I protect a computer I have noticed that they do not talk back to the SEC. Upon looking at the mrinit.conf file I can see details from the domain I copied the CID folder from.

Is there anyway I can get SEC to re-create mrinit.conf and cac.pem based on the new server's details (IP's, identity keys etc....)

Cheers

Tom

:36733


This thread was automatically locked due to age.
Parents
  • Hello Tom,

    you won't be able to successfully manage your computers in your "isolated" network unless you have configured the management server properly (I assume you did not use the same certificates for the air-gapped server).

    If you have created the "source share" as outlines in the article and copied your Warehouse to it you should then configure SUM and make sure it is updating from this location (please see also the recent threads started by Garry). You should also empty the CID(s) as SUM will build them anyway if everything works (and with the correct supporting files).

    Once it works as it should you can then protect the clients (including the ones where this has already been done).

    Christian

    :36739
  • Quick follow-up:

     

    Once that the values from an erroneous mrinit.conf has been erroneously deployed to a air-gapped client from an air-gapped update source/SEC, to rectify, is it the best practice to simply to edit the mrinit.conf in-place on the client?

    Or do a full re-deploy to the client?

Reply
  • Quick follow-up:

     

    Once that the values from an erroneous mrinit.conf has been erroneously deployed to a air-gapped client from an air-gapped update source/SEC, to rectify, is it the best practice to simply to edit the mrinit.conf in-place on the client?

    Or do a full re-deploy to the client?

Children