This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC 5.3.1 Mixed windows and mac envoronment

Hi

 

I've tried to fix this myself and used the various KB articles etc for pre-configuring the update location for a Mac install successfully BUT, I can't get my Mac's to report into the SEC or pick up polices from there, they simply never show up.

 

Is there an idiot-proof step by step guide anywhere that will show me what I need to edit in the install package so I can get this working please?

 

This needs to be idiot-proof as I'm not very experienced with Macs.

 

Thanks in advance



This thread was automatically locked due to age.
Parents
  • Hello Barry Pain,

    they simply never show up
    you want to manage them, and if you can they'll get the update location(s) from the management server so you should solve this first. If the install succeeded RMS should try to contact the server. On one of the Macs please open the following location in your favourite browser: file:///Library/Logs/SophosMessageRouter/NetworkReport/ReportData.xml (guess it's still there). Check the Parent addresses and the Current parent address (the latter is likely Not available). A possible problem is that none of the Parent addresses can be resolved. If the is no obvious error checking the logs (RMS and Agent logs go to /Library/Logs/SophosMessageRouter/ and /Library/Logs/SophosManagementAgent/ respectively) would be next.

    Christian

  • Christian

     

    Thanks for trying to help, the ReortData.xml points to the correct server and I can get an IOR response via terminal on the relevant port. However in the RMS log I can see:

    Peer SSL CA issues Error Code 336134278 server certificate verify failed

     

    In the Management Agent log I am seeing:

    NoRouterIORException: Caught MSClient::Connect: Failed to get routers IOR from supplied address and port.

  • Hi Barry, 

    Could you check if port 8192 and 8194 is open on both locations. You may need to check your MAC system is any of these ports are open or not and in your case should comminucate with each other.

    Thanks and Regards

    Aditya Patel 

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • Hello Barry Pain,

    apparently the SSL session can't be initialized. Hm, I don't think it has something to do with the install (AFAIK only mrinit.conf and cac.pem in \CIDs\Sxxx\ESCOSX\Sophos Installer Components\rms are installation specific). Wonder if verbose logging for RMS on OS X will provide more information. So only the Macs but all the Macs have this problem? If have Macs with OS X versions from 10.12.0 to one with 10.6.8 communicating (although the latter no longer update) thus it doesn't look like an OS version issue.

    Christian 

Reply
  • Hello Barry Pain,

    apparently the SSL session can't be initialized. Hm, I don't think it has something to do with the install (AFAIK only mrinit.conf and cac.pem in \CIDs\Sxxx\ESCOSX\Sophos Installer Components\rms are installation specific). Wonder if verbose logging for RMS on OS X will provide more information. So only the Macs but all the Macs have this problem? If have Macs with OS X versions from 10.12.0 to one with 10.6.8 communicating (although the latter no longer update) thus it doesn't look like an OS version issue.

    Christian 

Children
No Data