ControlMinder EndPoint is not showing up in Worldview

Document ID : KB000018719
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

If we install CM Endpoints which are newer version than the ENTM, for example Endpoint version is R12.8 and ENTM version is R12.7, the R12.8 Endpoints will not show in ENTM WorldView.

This is due to HEARTBEAT added fields in later version.

In later version like 12.8, we have new fields named install_status or event- in the HEARTBEAT command.

If we let this command executed in server side where an older version of CM is run, the command will fail.

So one might see an error in DH__WRITER log that looks like:

ERROR: Failed to fetch data for Property HNODE_BYPASS_EXIST (272f)

Solution:

IMPORTANT: This article contains information about modifying the registry.
Before you modify the registry, make sure to create back up of the registry and ensure that you understand how to restore the registry if a problem may occur.
For more information about how to back up, restore, and edit the registry, please review the relevant Microsoft Knowledge Base articles on support.microsoft.com.

The solution is to set the token ServerVersion on the new Endpoint to be the same version if the ENTM Server.

UNIX

Stop CM (secons -S)
Update accommon.ini ServerVersion=<ENTM_server_version>
Start CM (seload)

NT

Stop CM (secons -S)
Update registry: HKLM\Software\ComputerAssociates\Common\communication\ServerVersion (value:<ENTM_server_version>)
Start CM (seosd -start)

So in the example of ENTM R12.70.0600 and Endpoint R12.8 we need to update the Endpoint ServerVersion to 12.70.0600.

One can run selang command on the ENTM Server to identify the needed version to be set.
The version will show in the header line once selang is started:
CA ControlMinder selang vxx.xx.xxxx - CA ControlMinder command line interpreter (where xx.xx.xxxx is the version of the ENTM Server)

Once this is done - the new Endpoint should appear in the ENTM WorldView.

 

Note:

The message you are still facing in PolicyFetcher.log
...
Server version is: 12.70.0.610; This version cannot accept endpoints events.
...
is of rather informational nature.

It is indicating that the older DH version might not process all the newer features coming from this newer EP.

Anyway, please confirm that policy distribution is working correctly, e.g.

- in ENTM assign an existing policy to this newer EP (HOST)
- delete the HOST entity
- kill the policyfetcher process
  if this is a Windows EP it restarts automatically instantaneously
  if this is a UNIX EP it might take longer to restart automatically, please restart it manually
  ../AccessControl/bin/policyfetcher
- see the HOST object recreated and also the policy distributed

That would confirm the EP is correctly sending heartbeat up to the DMS and it is retrieving policy updates accordingly.