SecurityExpressions REGK function will not return data when the SecurityExpressions Agent is used

Article:TECH43667  |  Created: 2009-08-10  |  Updated: 2009-08-10  |  Article URL http://www.symantec.com/docs/TECH43667
Article Type
Technical Solution


Issue



The customer has written a policy file with a rule that uses the REGK Function to return subkeys from a registyr key.  An example of the policy follow:

[Info]
Version=4.1
[Rule:key values]
Check=Info
Description=%Providers%
Providers=%REGK:HKLM\SYSTEM\CurrentControlSet\Services\Winsock\Setup
Migration\Providers%
[Filter:Default]
Rules=CheckList
[Group:CheckList]
key values=1

The variable %Providers% is defined and if a policy file with this rule is run against the local system with the SecurityExpressions console installed, the
subkey names are returned.  If this policy file is run against a remote system using windows connectivity, the values are returned but if the
SecurityExpressions agent is installed on the remote system and the machine list is set to use the agent nothing is returned however no errors are reported
or are any errors shown in the windows event log.  Nothing in the documentation indicates the REGK, or REG or REGV functions do not work with the agent.

Environment



SecurityExpressions Console Version 4.1.1

Solution



Bug 7925.  Hot Fix 2 for SecurityExpressions Console Version 4.1.1 and SecurityExpressions Audit and Compliance Server Version 4.1.1 has been released.  It can be downloaded via the links to this article.

Note that :
SecurityExpressions Console Version 4.1.1 must be installed on target system before integrating SE 4.1.1 hot fix 2. SecurityExpressions Audit and Compliance Server Version 4.1.1 must be installed on target system before installing SE 4.1.1 hot fix 2.


SE 4.1.1 HF-2 has a dependency on the security update for Microsoft Visual C++ 2005 Service Pack 1 distributable Package published on July 28, 2009. It should be installed on your machine before integrating SE HF-2.

The deliverables are in format of binaries. There are 4 zip files attached to this article that contain the files; you need to download all 4 zip files. Following are the details. 

SE_411_HF2_Common.zip
Common folder: It contains components which are common to the SecurityExpressions Console and SecurityExpressions Audit and Compliance Server applications. Files in common folder should always be integrated with the SecurityExpressions application to apply the hot fix.

SE_411_HF2_Console.zip
Console folder: It contains components which are specific to the SecurityExpressions Console application. If you have installed the SecurityExpressions Version 4.1.1 console then files in console folder should be integrated.
 
SE_411_HF2_X86-server.zip
SE Server x86 folder: It contains components which are specific to 32 bit SecurityExpressions Audit and Compliance Server Version 4.1.1. If you have installed the x86 release of SecurityExpressions Audit and Compliance Server Version 4.1.1 then files in x86-Server folder should be integrated.

SE_411_HF2_X64-server.zip
SE Server x64 folder: It contains components which are specific to the 64 bit SecurityExpressions Audit and Compliance Server Version 4.1.1. If you have installed the x64 release of SecurityExpressions Audit and Compliance Server Version 4.1.1 then files in x64-Server folder should be integrated.

If you need the Microsoft Visual C++ 2005 Service Pack 1, the redistributable installers are attached to this article to download.
 

 

 


Attachments

vcredist_x86.exe (2.7 MBytes)
vcredist_x64.exe (3.1 MBytes)


SE_411_HF2_Common.zip (10.9 MBytes)
SE_411_HF2_Console.zip (7.1 MBytes)
SE_411_HF2_X64-Server.zip (5.4 MBytes)
SE_411_HF2_X86-Server.zip (3.9 MBytes)
SE_4_1_1_Hot_Fix_2.doc (78 kBytes)

Legacy ID



48496


Article URL http://www.symantec.com/docs/TECH43667


Terms of use for this information are found in Legal Notices