Enterprise Console on XP SP3 in workgroup want to manage computers in workgroup and domain

Question

Hello,

Our customer has installed Sophos Enterprise Console 5.1.0.1839 on a Windows XP SP3 Pro machine. The machine is in a workgroup. The Windwos firewall is turned off. There is also installed Endpoint Security and Control 10.0.

Everything works fine, but...

We want to manage computer in the same workgroup and in a domain too. The endpoint is installed fine on the computers and they can download the updates. They are also XP SP3 Professionals. On the Windows firewall TCP ports 8192, 8193 and 8194 are open. Simple file sharing is off. Everything is set fine. The clients can telnet to the console computer and the console can telnet to the clients.

The only problem is that they can't report back to the console. For a few hours there is a yellow down-arrow, and then it says that the computer is protected but has not yet reported back.

There is a computer in the same workgroup as the management console (previously it was in a domain, but was removed). The Windows firewall is turned off on both computers and no Sophos firewall is installed. Still the client doesn't report back, but every setting is set as it should be. We are trying now for days but can't get it work. We reinstalled the client from the console multiple times but still nothing.

Can someone please help?

This thread was automatically locked due to age.

jak · Accepted Answer

HI, When the server component (management server) is installed, it creates a file called mrinit.conf in Enterprise Console directory.  Within it should be the configuration settings that all the routers will eventually get.  This file gets copied into CIDs and a number of places on the server. I suspect when the installer exe ran as part of the installer on the server it resolved the computer name to localhost and added that in as the FQDN to that file. I would suggest, locate all mrinit.conf files on the SEC server, there will be a few (depends on the number of subscriptsion/CIDs you have), and change them to have the correct values for MRParentAddress and ParentRouterAddress.  The values for these 2 lines should be the same when you're not using message relays. So if your SEC server has a static IP, they should read IP,FQDN,NetBIOS If it is DHCP FQDN,NetBIOS This is essentially the addresses that get put into the parentaddress field on all the clients, as during the install of the client it pulls down mrinit.conf from the CID. Once you have updated, the files, if you re-protect the failing computer, hopefully you should see the updated mrinit.conf get copied to the client in the \program files\Remote management system\ directory.  ClientMRInit.exe on the client will run as part of the RMS installer and the registry key will be corrected. For any clients in this state, you could just correct the mrinit.conf file in the program files directory on the client and set the registry.  The file is used if RMS updates, so it is neccessary to do this, even though the registry is the only value used at runtime. Regards, Jak :29033