This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

re-initialize RMS

Hello Sophos guys,

 

I am struggling with a few machines that report certification mismatch in the ReportData.xml.

 

It directs me to article 17266 - reinstall the clients. But is there no other way to re-initialize RMS on the client? 

 

I tried stopping RMS and Sophos Agent services, deleting the Private keys in the registry, deleting machine_id and then restarting the services. But that didn't work. I also tried to uninstall RMS via add-remove programs, then just let AutoUpdate reinstall it. That also didn't help.

 

I am sure I managed to solve this earlier without a complete reinstall. 

 

Any other ideas would be much appreciated.

 

Thank you

Daniel



This thread was automatically locked due to age.
  • Hi Daniel,

    Could you show us the certificate mismatch error you see in ReportData.xml?  Any errors in C:\ProgramData\Sophos\Remote Management System\3\Router\Logs\Router.log as well as C:\ProgramData\Sophos\Remote Management System\3\Agent\Logs\Agent.log may be helpful.

    What version of Sophos Enterprise Console are you running and what version of RMS is installed on the endpoints?

    To reinitialize RMS on an endpoint, simply run ClientMRInit.exe in C:\Program Files (x86)\Sophos\Remote Management System\ as admin.  A restart of Sophos Agent and Sophos Message Router services may be required.  Instead of this I would recommend creating a redirection script to run on these issue endpoints as this also provides them with a fresh cac.pem and MRInit.conf from the Enterprise Console.  The SophosReInit.vbs file needs to be run on the issue endpoints as admin which can be done by executing it in an administrative command prompt or pushed out as a start-up group policy. https://community.sophos.com/kb/en-us/116737

  • You can use the HTA here: https://community.sophos.com/kb/en-us/116737 to create a VBS to reinit RMS.  

     

    It is designed to re-init a client to point to another management server but it doesn't need to be a different server.

    Regards,

    Jak

  • Yea, I saw this tool, but unfortunately cannot run it in our environment.

    I tried the same manually, but for some reason it doesn't work. I saw that the FixRMS function pretty much does the same - stops the 2 services, deletes reg keys, starts it. I even deleted SAU cache, so cac and mrinit definitely correct from the server. Funny thing is, that when Agent and Router services are up, ClientMrinit.exe says all is ok. 

    Well, cac.pem is definitely not the same in the installed RMS folder than in the cache. Replacing that doesn't work. I wonder where does it get the old certificate back from, when I delete all other versions of cac.pem....

     

    nevermind, I chose to re-install the machine in the end...  Would love to have a powershell script instead of the vbs, I was wondering if anyone created a PS version :)

     

    D.