ScottWStewart 2 Posted December 24, 2019 Share Posted December 24, 2019 The off-site IT team that helps with various issues with our technology recently decided to change the names of our computers. All computers were changed to new names including the ESET server. Since they did this none of the clients and communicating with the server. What do I need to do to re-establish the connections between the server and the clients? The clients are running the most recent software versions and these are Windows 10 workstations. The server is running the following software: ESET Management Agent 7.1.717.0 Up-to-date version ESET Security Management Center Server 7.1.717.0 Up-to-date version ESET Endpoint Security 7.2.2055.0 Up-to-date version ESET Rogue Detection Sensor 1.1.693.0 Up-to-date version Link to comment Share on other sites More sharing options...
Most Valued Members ewong 6 Posted December 25, 2019 Most Valued Members Share Posted December 25, 2019 If I understand this correctly, the offsite IT team changed the names of the systems and I would further assume they modified the DNS to reflect the changes? First and foremost, take a gander at the logs for the agents to see why they can't connect to the server. (I'm assuming the IPs stayed the same). My guess is it's a certificate issue. I think the simplest way (as far as I can understand, though I'm sure ESET admins have a better idea) Add a CNAME (old name of esmc server) to the dns to have the agents connect to the new name. Generate a new set of certificates (CA, Server and Client) and create a new set of policies to apply the new certs to the agents. What this does is have the agents find the 'new-name' server via the 'old-name', connect to it (since they are using the old-system certificates). (Here's the part where I'm not sure if things are going to work well). Once connected, the new policies will ensure the new certificates get applied to the new agents/servers. I guess, worse comes to worst, you'd re-do the whole shebang (but that's a very tedious way). Edmund Link to comment Share on other sites More sharing options...
Administrators Marcos 4,693 Posted December 25, 2019 Administrators Share Posted December 25, 2019 It's necessary to be careful about changing the name or IP address of the server running ESMC since agents on clients have it defined in their configuration. The workaround via DNS proposed above sounds plausible. Alternatively you can re-deploy agent with the current ESMC server hostname or IP address specified. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 375 Posted December 26, 2019 ESET Staff Share Posted December 26, 2019 In case just hostname or IP address is changed, following ESMC documentation for migration might help. As a prerequisite, connectivity of AGENTs must be restored prior to migration steps (for example by restoring original DNS record), otherwise whole process will be much more complicated as re-deployment of whole network will be required. That is why all changes, especially those related to certificates and affecting AGENTs must be made with extra caution. Link to comment Share on other sites More sharing options...
ScottWStewart 2 Posted December 31, 2019 Author Share Posted December 31, 2019 (edited) On 12/26/2019 at 11:44 AM, MartinK said: In case just hostname or IP address is changed, following ESMC documentation for migration might help. As a prerequisite, connectivity of AGENTs must be restored prior to migration steps (for example by restoring original DNS record), otherwise whole process will be much more complicated as re-deployment of whole network will be required. That is why all changes, especially those related to certificates and affecting AGENTs must be made with extra caution. It appears like I am going to have to reinstall the software on all the clients. I made a standalone installer which points to the new name of the ESMC server. It works, but I have 60+ clients to re-install the client software on. However I'm thinking about going into the host file and entering a pointer to with like this: 102.54.94.97 rhino.acme.com # source server the IP being the current ip and the new server name. It might work, but it will be just as easy to go to each workstation and make the changes. Edited December 31, 2019 by ScottWStewart Link to comment Share on other sites More sharing options...
Recommended Posts