Computers not connecting to server

[ScottWStewart 2]

The off-site IT team that helps with various issues with our technology recently decided to change the names of our computers. All computers were changed to new names including the ESET server. Since they did this none of the clients and communicating with the server. What do I  need to do to re-establish the connections between the server and the clients?

The clients are running the most recent software versions and these are Windows 10 workstations.

The server is running the following software:

ESET Management Agent 7.1.717.0	Up-to-date version
ESET Security Management Center Server 7.1.717.0	Up-to-date version
ESET Endpoint Security 7.2.2055.0	Up-to-date version
ESET Rogue Detection Sensor 1.1.693.0	Up-to-date version

[ewong 6]

If I understand this correctly, the offsite IT team changed the names of the systems and I would further assume they modified the DNS to reflect the changes?  

First and foremost, take a gander at the logs for the agents to see why they can't connect to the server.  (I'm assuming the IPs stayed the same).   My guess is it's a certificate issue. 

I think the simplest way (as far as I can  understand, though I'm sure ESET admins have a better idea)

1. Add a CNAME (old name of esmc server) to the dns to have the agents connect to the new name.
2. Generate a new set of certificates (CA, Server and Client) and create a new set of policies to apply the new certs to the agents.

What this does is have the agents find the 'new-name' server via the 'old-name', connect to it (since they are using the old-system certificates).  (Here's the part where I'm not sure if things are going to work well).  Once connected, the new policies will ensure the new certificates get applied to the new agents/servers. 

I guess, worse comes to worst, you'd re-do the whole shebang (but that's a very tedious way).

Edmund

 

[Marcos 4,933]

It's necessary to be careful about changing the name or IP address of the server running ESMC since agents on clients have it defined in their configuration.

The workaround via DNS proposed above sounds plausible. Alternatively you can re-deploy agent with the current ESMC server hostname or IP address specified.

[MartinK 376]

In case just hostname or IP address is changed, following ESMC documentation for migration might help. As a prerequisite, connectivity of AGENTs must be restored prior to migration steps (for example by restoring original DNS record), otherwise whole process will be much more complicated as re-deployment of whole network will be required. That is why all changes, especially those related to certificates and affecting AGENTs must be made with extra caution.

[ScottWStewart 2]

On 12/26/2019 at 11:44 AM, MartinK said:

In case just hostname or IP address is changed, following ESMC documentation for migration might help. As a prerequisite, connectivity of AGENTs must be restored prior to migration steps (for example by restoring original DNS record), otherwise whole process will be much more complicated as re-deployment of whole network will be required. That is why all changes, especially those related to certificates and affecting AGENTs must be made with extra caution.

It appears like I am going to have to reinstall the software on all the clients. I made a standalone installer which points to the new name of the ESMC server. It works, but I have 60+ clients to re-install the client software on. However I'm thinking about going into the host file and entering a pointer to with like this: 102.54.94.97     rhino.acme.com          # source server
the IP being the current ip and the new server name.

It might work, but it will be just as easy to go to each workstation and make the changes.

Edited December 31, 2019 by ScottWStewart