Microsoft Windows XP Professional
Microsoft Windows XP Tablet PC Edition
The first thing to check would be if the client can see the ZENworks Endpoint Security Management Distribution Server.
To verify do a right click on the ZENworks Endpoint Security client and select"Aboutâ. The About box will give you a lot of great information to help troubleshoot the issue.
- Does the ZENworks Endpoint Security clientâs About box show the server name for the ZESM Distribution Server or does it show Unknown?
- Is the current policy default or does it show a policy name?
- Is the "Last Check Inâ time all zeros or does it show a checkin time?
Scenario 1 : About box shows the ZESM Distribution Server as Unknown
- Check the event viewerâs application log for MSSOAP errors. If you see MSSOAP errors in the application log you probably have a client certificate issue. If during the ZENworks Endpoint Security Management Server install you had the server create its own self signed certificates than the certificates would be found by default on the serverâs desktop in a folder called "ESM setup filesâ. If during the install you requested the "ESM setup filesâ to be put in a different location than go to that location. In the"ESM setup filesâ folder you will find a ESM-MS.cer file. The ESM-MS.cer file is the client certificate and needs to be installed on the client machine.
Click the"Install Certificateâ button, click Next twice and finish.
Click "Yesâ to complete the installation of the client certificate.
Once the client certificate installation is completed do a right click on the security client and select "Check for Policy Updateâ and than check the security clientâs About box to see if it now sees the distribution server. If it does client/server communication is working and you should be able to publish a policy.
Scenario 2 : The Security Clientâs About box is displaying "Unknownâ for the ZESM Distribution Server but the event viewerâs application log is not showing MSSOAP errors.
This could be an issue where during the ZENworks Endpoint Security Management server install a different name was entered for the ZESM server than the name entered during the ZESM client.
To validate please do the following:
- Go to start, run, enter regedit and select OK
- In the registry go toHKEY_Local_Machine\Software\Senforce\AuthorityServer\Ipaddress
- The IPAddress string will have a URL that points to the server. Copy and paste the URL in your web browser to test client\server communication. If you get a certificate prompt click "View Certificateâ and compare the certificateâs server name to the one in the URL. Often users will enter the fully qualified name of the server during the server install but use just the netbios computer name during the client install. If there is a mismatch this will cause client\server communication issues and the client will need to be reinstalled using the same name used during the server install.
Scenario 3 : ZENworks Endpoint Security Clientâs About box displays the ZESM Distribution Serverâs name correctly and when a manual checkin from the ZESM client (right click the client and select "Check for Policy Updateâ) shows the "Last Checkin Timeâ correctly but does not receive a policy update.
This scenario indicates the ZESM client\server communication is working correctly but the server is not sending the policy.
Make sure the policy being published is going to the correct user. In the ZENworks Endpoint Security clientâs About box it will display the authentication user. Make sure the policy is being published to either the userâs user/computer account or to a group the user/computer is a member of.
Also verify that you
are double clicking the selected user in the publish screen of the
ZENworks Endpoint Security Management Console. When
double clicking the group or users icon will change
Once this is accomplished click the publish button and userâs icon will change to "Publishedâ.The ZESM client will then receive the policy at its next checkin or if a manual checkin from the client is made.