Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 2326 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring RMS communication on a remote workgroup PC

DanW

Hi,

Our Sophos Partner helped me last week with setting up external Message Relay, and the associated split DNS etc. that is needed for it to work.

As part of this, he created a ReInit.vbs script to run on standalone, remote clients which are not currently managed by our SEC console. When we tested while he was here, this seemed to work fine. However, I have tried today, using a new Windows 10 (workgroup) PC with vanilla install of SES. I then ran the script and rebooted the PC, but the PC doesn't seem to be communicating with our SEC server.

I checked under HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Messaging System\Router | ParentAddress, but the 'Messaging System' entry doesn't exist, so I assume there will be no RMS communication.

Is there any other way I can get Endpoint Security RMS configured on a new workstation so that it appears in the SEC console, e.g. by exporting & importing the config from a PC with correct configuration, or creating an installation package that I can run from the client side?

thanks

Dan



This thread was automatically locked due to age.
  • 0

    Hello Dan,

    with vanilla install
    what exactly is vanilla as either you run setup.exe from an appropriate CID or a package created by some means? Normally there's a CID associated with the Message Relay and installing from it should result in a correct setup. I assume standalone doesn't refer to the escw_108_sa_sfx.exe, does it?

    The ReInit script should write its log to %windir%\Temp\ and in the same directory there should be the corresponding ClientMRInit log.

    Christian

  • 0 in reply to QC

    Hi Christian

    Thanks for the reply. Yes by vanilla install, I mean literally just downloading the escw_108 installer from the Sophos site, and installing that. By the sounds of your reply, that's not the way forward? (you're talking to an idiot here ;-)

    The log file from the script is below, and there is no clientmrinit.log that I can see

    thanks again

    Dan

     

    01/04/2019 12:32:14 INFO:  Starting Script
    01/04/2019 12:32:14 INFO:  Options:
    01/04/2019 12:32:14 INFO:      blnForceRMSRun : True
    01/04/2019 12:32:14 INFO:      blnForcePatchRun : False
    01/04/2019 12:32:14 INFO:      blnReconfigurePatch : False
    01/04/2019 12:32:14 INFO:      blnReconfigureRMS : True
    01/04/2019 12:32:14 INFO:      strSECGroupPathOut :
    01/04/2019 12:32:14 INFO:      intPauseForServiceInSeconds : 10
    01/04/2019 12:32:14 INFO:      blnWriteCacToSAUCache : True
    01/04/2019 12:32:14 INFO:      strLogPath : C:\windows\temp\SophosReInit.txt
    01/04/2019 12:32:14 INFO:      strReInitLog : C:\windows\temp
    01/04/2019 12:32:14 INFO:      strManagementServerPort :
    01/04/2019 12:32:14 INFO:      strManagementServer :
    01/04/2019 12:32:14 INFO:  --> Is64()
    01/04/2019 12:32:14 INFO:  Platform is 64-Bit
    01/04/2019 12:32:14 INFO:  <-- Is64()
    01/04/2019 12:32:14 INFO:  Running RMS in force mode
    01/04/2019 12:32:14 INFO:  --> FixRMS()
    01/04/2019 12:32:14 INFO:  --> GetRMSPath()
    01/04/2019 12:32:14 ERROR:  Return code 2
    01/04/2019 12:32:14 INFO:  --> CloseLog() - No function exit logged

  • +1 in reply to DanW

    Hello Dan,

    the installer from the Sophos site is just this - standalone. Meaning no management whatsoever, it does not contain the RMS component.
    As said, there should be a CID specifically configured for endpoints communicating via the relay - usually the location the relay is updating from (and as it is for "outside" endpoints normally accessible over HTTP, i.e. published with a web server). This can be tweaked though, unless I'm mistaken you could install with the same package (or from the same location) the "inside" endpoints use - which does contain RMS - and redirect the roaming endpoints using the ReInit script.

    Christian 

  • 0 in reply to QC

    Hi Christian

    Yay, it's working now. I removed the standalone version of ESC and installed from the CID network share on our SEC server. After a reboot and running the VBS script again, my test PC is now messaging the SEC console, even when tethered over 4G.

    Thanks for the guidance.

    Dan

Unfiltered HTML