Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 3704 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Missing Clients

Zatol

I've solved a lot of the updating issues I was having previously (most of it appeared to be syntax errors on the policies).

The next hurdle for us is finding our clients. In our KACE system we have around 20,000 accounts. Those are not dead accounts, as we've deleted dead computer accounts. We simply have a ton of clients. A lot of these clients are completely missing from the Enterprise Console. If I search to add them via IP address or pull them in by syncing with Active Directory, I end up with 10,000 unmanaged computers. These computers all have Sophos on them, many of them are actively updating from the servers, but they get 0 policy changes because they're not managed. When I look in our KACE system at the installed programs I see Sophos Remote Management.

I guess my question is has anyone ever experienced this? It's a big undertaking to blow out a new Endpoint client to our entire district, but I'm not sure of any other solution. I can't handpick the computers that are missing from the Enterprise Console and blow it out to them because there's around 10,000 of them.

Any ideas/suggestions? 

:17973


This thread was automatically locked due to age.
  • 0
    If the computers do not appear as managed then because they are not talking to the central server. And if they are not talking to the central server it is because they have not been told to do so. As they have Sophos installed the question is whether they have also RMS or not. If not, it'll be hard to talk them into installing it. If yes, then the question is which server has been configured and whether the current server uses the same credentials or not.

    Christian
    :17979
  • 0

    They definitely have RMS installed on them, I've seen it on the computers. Forgive my lack of knowledge, is there a way to open up RMS and see what server it is talking back to? The only thing I know to do is to configure my updating on the Endpoint. If I could get one of the computers with an issue and open RMS somehow and locate the issue, that way I could at least validate that an issue exists.
     

    :17981
  • 0

    Hi,

    The parentaddress entry under:

    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Messaging System\Router

    Is the address the client is talking to.

    Regards,

    Jak

    :17983
  • 0

    Thanks Jak.

    I've determined that the location they are speaking back to are incorrect. Is there any recourse? I edited the registry key to the correct location (matching ones that actually work), but the computer has not yet shown up in SEC.

    :18073
  • 0

    I pulled the computer in by AD sync, and of course it shows as unmanaged. So, I presume that is not a possible fix. Is there any recourse to correcting that issue without re-installing 10,000 Endpoint Clients? I assume the image that was used for these machines had an error in it.

    :18075
  • 0

    HI,

    I wrote a HTA which will generate a VBScript to re-initialise the endpoints interms of RMS:

    /search?q= 8939

    You could use that to generate a script you could run on a few clients to see if it helps.

    Point it at the cac.pem and the mrinit.conf file that points at the right location

    Regards,

    Jak 

    :18081