Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 1183 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enterprise console 4.7 change IP address

k3i1kp
Hello, I change server IP address running for Enterprise Console 4.7 and edit mrinit.conf and set new IP address, but old PC's shown offline and have not any report from them. All of PC's update. New installation add to Enterprise Console and work correctly. Thanks
:19415


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    The file mrint.conf in the distribution locations root is only used if you reprotect clients or install them for the first time.  I.e. when you bootstrap clients, setup.exe (from the distribution location) copies this file (along with cac.pem) to the client machine.  It is copied to the "Remote Management System" directory in "program files".  When the RMS package installs, the exe ClientMrInit.exe runs; this reads in the file and writes the settings to the clients registry on the client.  The Mesage Router on the client uses the registry from then on.  So the files are just used to transport the values to the client and then aren't used.  Having said that I think if RMS updates itself as a major update it re-reads the file on disk to re-create the registry keys.

    So, I suspect that the registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Messaging System\Router  

    ParentAddress for these "unamaged" machines is still the old server?

    Typically however, a change to the IP doesn't matter too much as long as the name of the management server stays the same as the clients then fails over to the next address (For a server with a fixed IP, mrinit.conf usually has the IP, FQDN,NETBios in the list), which is typically the FQDN and failing that the NetBIOS.  So there may then be a delay as the clients fail to resolve the first address (old IP in this case) but would then connect using the FQDN/NETBios.

    Anyway To fix the address, you could do one of the following:

    1. Pre-protect the clients.  This should copy down the now correct mrinit.conf.

    2. Update the registry key mentioned above on the clients and restart the Router (if only the address has changes all the certificates should remain the same).  With this approach there is always the chance that a major update would happen, that would return the client back to the old address. So you would need to ideally copy the updated mrinit.conf file to the program files directory also.

    3. Follow the "message relay" approach, where you copy the correct mrinit.conf, into the "rms" sub-directory of the distribution location (e.g. \\[SECSERVER]\SophosUpdate\CIDs\S000\SAVSCFXP\rms \) and then run:
    ConfigCID.exe \\SECSERVER]\SophosUpdate\CIDs\S000\SAVSCFXP \

    This article mentions the tool, there are probably others: http://www.sophos.com/support/knowledgebase/article/13112.html . That will checksum the file, such that AutoUpdate pulls down the file and re-initialises RMS on the client using that file.

    Regards,

    Jak

    :19433
Reply
  • 0

    Hi,

    The file mrint.conf in the distribution locations root is only used if you reprotect clients or install them for the first time.  I.e. when you bootstrap clients, setup.exe (from the distribution location) copies this file (along with cac.pem) to the client machine.  It is copied to the "Remote Management System" directory in "program files".  When the RMS package installs, the exe ClientMrInit.exe runs; this reads in the file and writes the settings to the clients registry on the client.  The Mesage Router on the client uses the registry from then on.  So the files are just used to transport the values to the client and then aren't used.  Having said that I think if RMS updates itself as a major update it re-reads the file on disk to re-create the registry keys.

    So, I suspect that the registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Messaging System\Router  

    ParentAddress for these "unamaged" machines is still the old server?

    Typically however, a change to the IP doesn't matter too much as long as the name of the management server stays the same as the clients then fails over to the next address (For a server with a fixed IP, mrinit.conf usually has the IP, FQDN,NETBios in the list), which is typically the FQDN and failing that the NetBIOS.  So there may then be a delay as the clients fail to resolve the first address (old IP in this case) but would then connect using the FQDN/NETBios.

    Anyway To fix the address, you could do one of the following:

    1. Pre-protect the clients.  This should copy down the now correct mrinit.conf.

    2. Update the registry key mentioned above on the clients and restart the Router (if only the address has changes all the certificates should remain the same).  With this approach there is always the chance that a major update would happen, that would return the client back to the old address. So you would need to ideally copy the updated mrinit.conf file to the program files directory also.

    3. Follow the "message relay" approach, where you copy the correct mrinit.conf, into the "rms" sub-directory of the distribution location (e.g. \\[SECSERVER]\SophosUpdate\CIDs\S000\SAVSCFXP\rms \) and then run:
    ConfigCID.exe \\SECSERVER]\SophosUpdate\CIDs\S000\SAVSCFXP \

    This article mentions the tool, there are probably others: http://www.sophos.com/support/knowledgebase/article/13112.html . That will checksum the file, such that AutoUpdate pulls down the file and re-initialises RMS on the client using that file.

    Regards,

    Jak

    :19433
Children
No Data