Client Management Suite

 View Only
  • 1.  Enable clients to communicate after fresh install

    Posted Apr 23, 2012 02:50 PM

    Ok so we are getting our dev server up and running. I have the server up and running with ITMS 7.1 running.

    I created a script to uninstall all client agents from NS 6 and installs the new 7.1 agent. Works great...

    however my client machine sits there as it has not received a GUID yet. 

    So maybe an easy one for one of ya!!!!

    but what do I have to enable to get my machines to start checking in?

    I would like to start documenting as I go.. so need the machine to checkin first.. dont want to go, run and enable everything off the bat.. (did that in a test env a few months back and that did the trick for that one.. )

     

    just trying to lock down what the one thing is that triggers the machines..

     

    Thanks!
    Jeff



  • 2.  RE: Enable clients to communicate after fresh install

    Posted Apr 23, 2012 06:00 PM

    The agent should find the NS, send Basic Inv, the NS checks to see if it's a new machine or not and sends new or exisiting GUID as appropriate.

    If it's not working you need to check client logs then server logs.



  • 3.  RE: Enable clients to communicate after fresh install

    Posted Apr 24, 2012 08:37 AM

    yeah definitely something not setup..

    I installed Client Management Suite.. that is it..

    few errors I will have to look at


    In NS Logs
    Source: Altiris.NS.Configuration.AltirisTransactionalFile.LogWarning
    Abandoned mutex while acquiring lock: continuing with acquired lock


    Source: Altiris.CustomConsole.ConsoleHelp.GetContextHelpUrl


    Description: Context Help URL '' for product 'Notification Server (d0e33520-c160-11d2-8612-00104b74a9df)', page 'cfgNSClientSettingsNew' and context 'General' is not a valid URL. This will occur if it contains no URL or an invalid URL for this product, page and context. Context help for this page will show the default topic.

    Description: Context Help URL '' for product 'Notification Server (d0e33520-c160-11d2-8612-00104b74a9df)', page 'cfgNSClientSettingsNew' and context 'Blockouts' is not a valid URL. This will occur if no documentation pack is installed or it contains no url or an invalid URL for this product, page and context. Context help for this page will show the default topic

    client agent:
    <event date='Apr 24 08:19:44' severity='1' hostName='TestPC' source='HttpRequest::hasError' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='3988' thread='4008' tickCount='3495171' >
      <![CDATA[403 - Forbidden: Access is denied.]]>
    </event>
    <event date='Apr 24 08:19:44' severity='2' hostName='TestPC' source='AeXNetworkTransport' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='3988' thread='4008' tickCount='3495171' >
      <![CDATA[Post to 'HTTP://ITMS71SP2/Altiris/NS/Agent/CreateResource.aspx' failed: Invalid data received in HTTP response. Expected 1233 bytes, received 0 (-2147024883)]]>
    </event>
    <event date='Apr 24 08:19:44' severity='2' hostName='TestPC' source='CoNetworkTransport(258)' module='AeXNetComms.dll' process='AeXNSAgent.exe' pid='3988' thread='4008' tickCount='3495171' >
      <![CDATA[Invalid data received in HTTP response. Expected 1233 bytes, received 0 (-2147024883)]]>
    </event>
    <event date='Apr 24 08:19:44' severity='1' hostName='TestPC' source='ConfigServer' module='AeXNSAgent.exe' process='AeXNSAgent.exe' pid='3988' thread='4008' tickCount='3495171' >
      <![CDATA[RequestPolicies failed: Invalid data received in HTTP response. Expected 1233 bytes, received 0 (-2147024883)]]>

     



  • 4.  RE: Enable clients to communicate after fresh install

    Posted Apr 24, 2012 09:40 AM

    looking at this.. yes i know it is NS 6.. i believe this is my problem..

    http://www.symantec.com/business/support/index?page=content&id=TECH12701

     

    when i go to a link i get an access denied.. so now i have to figure out where these settings are in sql 2008!!!! fun.. hah...



  • 5.  RE: Enable clients to communicate after fresh install

    Posted Apr 24, 2012 10:44 AM

    ok it is on the way the client is talking..

    we have HTTPS setup as required by our network guys..

    and the client is trying to communicate via HTTP..

    so not sure what has to be setup but that is my problem...

     



  • 6.  RE: Enable clients to communicate after fresh install

    Posted Apr 24, 2012 09:55 PM

    Plan for 30% performance overhead for HTTPS.

    You will need to ensure IIS is configured for HTTPS and the solution as well.  You will also need to install the SSL certificate on the clients, assuming it's a self-signed certificate.  Usually Active Directory Group Policy is used.

    See 'Configuring the Symantec Management Platform 7.1 to use SSL':
    http://www.symantec.com/docs/HOWTO53002

    Does this help?



  • 7.  RE: Enable clients to communicate after fresh install

    Posted Apr 25, 2012 08:14 AM

    thanks for the tidbit on the client side cert.... didnt know that..

     

    i found out something interesting..

    the cert I added to the server disappeared...

    it wont stay in there.. but someone at work told me how to do it via MMC.. add certificates.. and add to trusted ROOT Certification Authorities.. then i noticed an Altiris Licensing... added it there.. now it seems to be good on the server end.. no issues.. as i can get to https://server.mydomain.com/altiris

    but now i need to look into what your saying about the clients needing the cert... 

    so did the clients need a cert in NS6? we have NS6 setup with SSL and it all works...

    hmm ill have to check one of those machines out.. to see.. 

     



  • 8.  RE: Enable clients to communicate after fresh install

    Posted Apr 25, 2012 05:10 PM

    resolved.. it was a PIC-NIC issue..

     

     

    most know but for who dont..

    ProblemInChair-NotInComputer

    Seems that since I have no experience with SSL.. didnt know that in IIS6.. when you request the certificate.. it will not allow you to click it again.. unless you revoke the prior request..

    in IIS 7.5.. it dont care. it will let you click it all over and over again.. so I clicked it.. got the .txt file and gave it to our guy.. but must have clicked it again which then made the first request invalid...

    im good..