Sophos enterprise console: spostare client da un server ad un’altro


Può capitare di voler trasferire i client gestiti da un server ad uno nuovo, tecnicamente la questione non rappresenterebbe un grande ostacolo, in definitiva si dovrebbe eliminare la chiave di registry contenente il certificato del client rilasciato dall'attuale server di gestione e sostituire due file (mrinit.conf e cac.pem) sul client con quelli contenuti nella nuova CID, tuttavia svolgere queste operazioni su un elevato numero di client comporterebbe un lavoro non indifferente, ecco quindi uno stromento che fà al caso nostro.

Lo script in questione è stato pubblicato da un utente della comunity sophos, potete leggere l'articolo QUI. UTILIZZO: Copiare il seguente codice e rinominate il file in RMSreinit.hta

<html><head><title>RMS Re-Init VBScript Creator</title>
<HTA:APPLICATION SCROLL="no" SINGLEINSTANCE="YES" MAXIMIZEBUTTON="no">
<script language="VBScript">
const ForReading = 1
dim strCac
dim strMrinit
dim strRouterIdentityKey
Sub Window_onLoad
	window.resizeTo 660,320
End Sub
Function ExitApp()
	window.close
End Function
Function Help()
	strHelpTxt = "HTA will generate a VBScript that can be run on clients that have certificate issues." &vbcrlf &_
	"Provide the script with the location of the new files: cac.pem and mrinit.conf." &vbcrlf &_
	"These files will then be embedded into the resultant VBScript file that is generated to make deployment easy." &vbcrlf &_
	"You can also set the log file path of the script, that of the the RMS executable ClientMRInit.exe and the resultant VBScript file name." &vbcrlf &_
	"The generated script will not run on a client if: " &vbcrlf &_
	" 1. The machine is a 'Server' class instal of RMS (based on the ConnectionCache being anything other than 10)" &vbcrlf&_
	" 2. If the Router identity key on the machine is already correct." &vbcrlf&_
	" 3. If the script has alrready reparied the machine (a marker key hklm\software\[wow6432node]\sophos\ReInit is set to a 1" &vbcrlf &_
	"The above 3 checks can be bypassed by running the resultant VBScript with the argument '-force'" &vbcrlf &_
	"Important: The VBScript needs to be run on clients with local admin rights." &vbcrlf &_
	"Please ensure the resultant VBScript is tested on a test client."
	msgbox strHelpTxt, 64, "Help"
End Function
Function Run()
	if CheckAllFieldsOK() then
		StartCreatingScript()
	end if
End Function
Function CheckAllFieldsOK() 
	if strCorrectCacLocation.value="" then
		msgbox ("Please enter a path to cac.pem")
		CheckAllFieldsOK = false
		exit function
	End if
	if strCorrectMrinitLocation.value="" then
		msgbox ("Please enter a path to mrinit.conf")
		CheckAllFieldsOK = false
		exit function
	End if
	if strReinitLogPath.value="" then
		msgbox ("Please enter a path for the script to log to")
		CheckAllFieldsOK = false
		exit function
	End if
	If strClientMRInitLogPath.value="" then
		msgbox ("Please enter a path for the ClientMRInit.exe file to log to")
		CheckAllFieldsOK = false
		exit function
	end if
	if strScriptOutput.value="" then
		msgbox ("Please enter a file name for the resultant script")
		CheckAllFieldsOK = false
		exit function
	End if
	CheckAllFieldsOK = true
End Function
Function StartCreatingScript()
	strCac    = GetFileContents(strCorrectCacLocation.value)
	strMrinit = GetFileContents(strCorrectMrinitLocation.value)
	strRouterIdentityKey = GetRouterIdentityKey()
	CreateVBS(strScriptOutput.value)
End Function
Function CreateVBS(strFilePath)
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	Set objTextFile = objFSO.CreateTextFile(strFilePath, True)
	objTextFile.WriteLine(MainTop.value)
	strEndOfLine = chr(38) & "vbcrlf " & chr(38) & "_ "
	objTextFile.WriteLine ("strCac = """"" & chr(38) & "_")
	arrLinesCac = split (strCac, vblf)
	for m = 0 to ubound(arrLinesCac)
		if m <> ubound(arrLinesCac) then
			objTextFile.WriteLine("""" & arrLinesCac(m) & """ " & strEndOfLine)
		else
			objTextFile.WriteLine("""" & arrLinesCac(m) & """ " )
		end if
	next
	objTextFile.WriteLine("strLogPath =""" & strReinitLogPath.value &  """")
	objTextFile.WriteLine("strMRInitLog =""" & strClientMRInitLogPath.value &  """")
	arrLines = split (replace(strMrinit,"""",""""""), vbcrlf)
	objTextFile.WriteLine ("strMrinit = """"" & chr(38) & "_")	
	for n = 0 to ubound(arrLines)
		if n <> ubound(arrLines) then
			objTextFile.WriteLine("""" & arrLines(n) & """ " & strEndOfLine)
		else
			objTextFile.WriteLine("""" & arrLines(n) & """ " )
		end if
	next
	objTextFile.WriteLine("strRouterCertIdentityKey="""& strRouterIdentityKey & """")
	objTextFile.WriteLine(MainBottom.value)
	objTextFile.WriteLine(Functions.value)
	objTextFile.Close
	msgbox "Created " & strFilePath, "64", "RMS Re-Init VBScript Creator"
	Set objFSO = nothing
	Set objTextFile = nothing
End Function
Function GetRouterIdentityKey()
	arrLinesInMrinit = split (strMrinit, vbcrlf)
	for i = 0 to ubound(arrLinesInMrinit)
		if instr(arrLinesInMrinit(i), "RouterCertIdentityKey") then
			arrLine = split(arrLinesInMrinit(i),"""")
			GetRouterIdentityKey = arrLine(3)
		end if
	next 	
End Function
Function GetFileContents(strPathToFile)
	Dim objFSO, objReadFile, strContents
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	Set objReadFile = objFSO.OpenTextFile(strPathToFile, ForReading, False)
	GetFileContents = objReadFile.ReadAll
	objReadFile.close
	Set objFSO = Nothing
	Set objReadFile = Nothing
End function
</script>
<style type="text/css">
textarea {visibility: hidden;}
h3{font-family:"Times New Roman", Times, serif;}
td{border-width: 1px; padding: 2px;	border-style: solid; border-color: gray; background-color: #ededed;	-moz-border-radius: ;}
</style></head><body><center><h3>RMS Re-Init VBScript Creator</h3>
	<table border="0"><tr><td>Cac.pem</td><td><input size="50" type="file" name="strCorrectCacLocation"></td></tr>
	<tr><td>Mrinit.conf</td><td><input size="50" type="file" name="strCorrectMrinitLocation"></td></tr>
	<tr><td>Re-Init VBScript log path</td><td><input size="50" type="text" name="strReinitLogPath" value="C:\windows\temp\Reinit.txt"></td></tr>
	<tr><td>ClientMRInit.exe log path</td><td><input size="50" type="text" name="strClientMRInitLogPath" value="C:\windows\temp"></td></tr>
	<tr><td>Output VBScript</td><td><input size="50" type="text" name="strScriptOutput" value="RMSReInit.vbs"></td></tr>
	<tr><td colspan="2" align="right"><input type="button" onclick="ExitApp()" value="Exit">
	<input type="button" onclick="Help()" value="Help">
	<input type="button" onclick="Run()" value="Create VBScript"></td></tr></table></center>
<textarea name="MainTop" col="0" rows="0">	
'RMS ReInit
option explicit
on error resume next
const HKEY_LOCAL_MACHINE = &H80000002
const ROUTER_SERVICE     = "Sophos Message Router"
const AGENT_SERVICE      = "Sophos Agent"
const REINIT_EXE_FILE    = "ClientMRInit.exe"
const WOW_KEY            = "Wow6432Node"
dim strLogPath, strMRInitLog, strFilePathCac, strFilePathMrInit, strCac
dim strMrinit, objArgs, strArg, intForceRun, strRouterCertIdentityKey
intForceRun = 0
Set objArgs = WScript.Arguments
For Each strArg in objArgs
    if lcase(strArg) = "-force" then
      intForceRun = 1
    end if	
Next 
</textarea>
<textarea name="MainBottom" col="0" rows="0">
dim objFSO, objFile, strRMSPath, strWow6432Node,intPauseForServiceInSeconds
strWow6432Node   = "\"
intPauseForServiceInSeconds = 10
set objFSO = CreateObject("Scripting.FileSystemObject")
set objFile = objFSO.CreateTextFile(strLogPath, true)
WriteToLog 0, "Starting Script"
if Is64() then
    strWow6432Node = "\" & WOW_KEY & "\"
else
    strWow6432Node = "\"
end if
if intForceRun = 0 then
	if RouterIdentityIsOK then
		WriteToLog 0, "End of script"
        CloseLog()
        wscript.quit(1)
	end if
    if MarkerFound() then
        WriteToLog 0, "End of script"
        CloseLog()
        wscript.quit(1)
    end if
	if ServerClassRouter() then
        WriteToLog 0, "End of script"
        CloseLog()
        wscript.quit(1)
    end if
else
	WriteToLog 0, "Running in Force mode (-force)"
end if
strRMSPath = GetRMSPath()
CreateFile strCac, strRMSPath, "cac.pem"
CreateFile strMrinit, strRMSPath, "mrinit.conf"
DeleteOrig(strRMSPath)
StopService(AGENT_SERVICE)
StopService(ROUTER_SERVICE)
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System", "cac", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\CertificationIdentityKeys", "CertificationIdentityKey", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\Router\Private", "pkc", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Messaging System\Router\Private", "pkp", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\CertificationIdentityKeys", "ManagedApplication", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "CertificationIdentityKey", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "pkc", "."
DeleteKey HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos\Remote Management System\ManagementAgent\Private", "pkp", "."
'Only create marker if ClientMrinit.exe returned ok
if RunClientMRInit(strRMSPath) = 0 then
  CreateMarker()
end if
StartService(ROUTER_SERVICE)
StartService(AGENT_SERVICE)
WriteToLog 0, "Ending Script"
CloseLog()
Set objFSO = nothing
Set objArgs = nothing
</textarea>	
<textarea name="Functions" col="0" rows="0">
Function CreateFile (strContents, strLocation, strFileName)
    WriteToLog 0, "--> CreateFile()"
    dim objFileCreate
	WriteToLog 0, "--> Creating file " & strFileName & " in " & strLocation
    Set objFileCreate = objFSO.CreateTextFile(strLocation & "\" & strFileName, true, false)
	objFileCreate.Write strContents
	objFileCreate.close
	Set objFileCreate = nothing
    WriteToLog 0, "<-- CreateFile()"
End Function
Function RouterIdentityIsOK()
   WriteToLog 0, "--> RouterIdentityIsOK()"	
   on error resume next
   dim oReg, strValue
   err.clear
   Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
   if err.number <> 0 then
	    WriteToLog 1, "Error Number: " &_
    	err.number & " Error Description: " & err.description
	    CloseLog()
        wscript.quit(1)
   end if
   oReg.GetStringValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
    	strWow6432Node & "Sophos\Messaging System\CertificationIdentityKeys" ,"CertificationIdentityKey", strValue
   if strValue = strRouterCertIdentityKey then
        WriteToLog 0, "Router identity key in script is the same as the client: " & strValue
        RouterIdentityIsOK = true
   else
        WriteToLog 0, "Router identity key in script is different from the client: " & strValue
        RouterIdentityIsOK = false
   end if
   Set oReg = nothing
   WriteToLog 0, "--> RouterIdentityIsOK()"	
End Function
Function WriteToLog (strSev, strLogLine)
    dim strToWrite
    strToWrite = ""
    select case strSev
        case 0
	        strToWrite = "INFO: "
        case 1
	        strToWrite = "ERROR: "
        case else
	        strToWrite = "UNKNOWN: "
    end select
    objFile.WriteLine Date() & " " & Time() & " " & strToWrite & " " & strLogLine
End Function
Function CloseLog()
    WriteToLog 0, "--> CloseLog() - No Function Exit Logged"
    objFile.Close
    set objFile = nothing
End Function
Function CreateMarker()
    WriteToLog 0, "--> CreateMarker()"	
    on error resume next
    dim oReg, intRetValue
    err.clear
    Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    if err.number <> 0 then
	    WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
	    CloseLog()
       wscript.quit(1)
    end if
    intRetValue = oReg.SetStringValue (HKEY_LOCAL_MACHINE, "SOFTWARE" & strWow6432Node & "Sophos" ,"ReInit", "1")
    if intRetValue = 0 then
        WriteToLog 0, "Created marker key." 
    else
        WriteToLog 1, "Failed to create marker.  Error code " & intRetValue
    end if
    Set oReg = nothing
    WriteToLog 0, "<-- CreateMarker()"	
End Function
Function ServerClassRouter()
    WriteToLog 0, "--> ServerClassRouter()"	
    on error resume next
    dim oReg, intValue
    err.clear
    Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    if err.number <> 0 then
	    WriteToLog 1, "Error Number: " &_
    		err.number & " Error Description: " & err.description
	    CloseLog()
       wscript.quit(1)
    end if
    oReg.GetDWORDValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
    	strWow6432Node & "Sophos\Messaging System\Router" ,"ConnectionCache", intValue
    if intValue = 10 then
        WriteToLog 0, "Router is a client, ok to run"
        ServerClassRouter = false
    else
        WriteToLog 1, "Router is a server router, will exit "
        ServerClassRouter = true
    end if
    Set oReg = nothing
    WriteToLog 0, "<-- ServerClassRouter()"
End Function
Function MarkerFound()
    WriteToLog 0, "--> MarkerFound()"	
    on error resume next
    dim oReg, strValue
    err.clear
    Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    if err.number <> 0 then
	    WriteToLog 1, "Error Number: " &_
    		err.number & " Error Description: " & err.description
			
	    CloseLog()
       wscript.quit(1)
    end if
    oReg.GetStringValue HKEY_LOCAL_MACHINE,"SOFTWARE" &_
    	strWow6432Node & "Sophos" ,"ReInit", strValue
    if strValue = "1" then
        WriteToLog 0, "Script already run, will exit."
        MarkerFound = true
    else
        WriteToLog 0, "Script not already run."
        MarkerFound = false
    end if
    Set oReg = nothing
    WriteToLog 0, "<-- MarkerFound()"
End Function
Function DeleteKey (strTopLevel, strKey, strName, strMachineName)
    WriteToLog 0,"--> DeleteKey()"	
	on error resume next
    dim oReg, intReturn
    err.clear
    Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
    	strMachineName & "\root\default:StdRegProv")
    if err.number <> 0 then
	    WriteToLog 1, "Error Number: " &_
    		err.number & " Error Description: " & err.description
	    CloseLog()
       wscript.quit(1)
    end if
    WriteToLog 0, "Attemping to delete key: " &_
    	strMachineName & "\" & strTopLevel & "\" & strKey & "\" & strName
    intReturn = oReg.DeleteValue( HKEY_LOCAL_MACHINE, strKey, strName )
    if intReturn <> 0 then
        DeleteKey = intReturn
        WriteToLog 1, "Failed to delete Key: " & intReturn
    else  
        WriteToLog 0, "Deleted Key: " & intReturn
        DeleteKey = intReturn
    end if
    Set oReg = nothing
    WriteToLog 0, "<-- DeleteKey()"
End Function
Function StopService(strServiceName)
    WriteToLog 0, "--> StopService()"
    on error resume next
    dim objWMIService, colServices, objService, intReturn
    Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
    Set colServices = objWMIService.ExecQuery ("Select * from win32_Service where name='" & strServiceName & "'")
    For each objService in colServices 
        intReturn = objService.StopService()
    Next
    wscript.sleep (intPauseForServiceInSeconds * 1000)
    WriteToLog 0, "Return code for stopping service: " & strServiceName & " : " & intReturn
    StopService = intReturn
    Set objWMIService = nothing
    Set colServices = nothing
    WriteToLog 0, "<-- StopService()"
End function
Function StartService(strServiceName)
    WriteToLog 0, "--> StartService()"
    on error resume next
    dim objWMIService, objService, colServices, intReturn
    Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
    Set colServices = objWMIService.ExecQuery ("Select * from win32_Service where name='" & strServiceName & "'")
    For each objService in colServices 
        intReturn = objService.StartService()
    Next
    WriteToLog 0, "Return code for starting service: " & strServiceName & " : " & intReturn
    StartService = intReturn
    Set objWMIService = nothing
    Set colServices = nothing
    WriteToLog 0, "<-- StartService()"
End function
Function RunClientMRInit(strPathToExe)
    WriteToLog 0, "--> RunClientMRInit()"
    on error resume next
    dim intReturn, oShell, strSwitches, strCommand
    WriteToLog 0, "Running command: " & strPathToExe & REINIT_EXE_FILE 
    Set oShell = WScript.CreateObject("WScript.Shell")
    if err.number <> 0 then
        WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
	    CloseLog()
       wscript.quit(1)
    end if
    strSwitches = " -logpath " & strMRInitLog
    strSwitches = strSwitches & " -filepath" & " " & """" &  strPathToExe & """"
    strCommand  = """" & strPathToExe & REINIT_EXE_FILE & """" & strSwitches
    intReturn = oShell.Run(strCommand, 0, true)
    if intReturn <> 0 then
        WriteToLog 1, strPathToExe & REINIT_EXE_FILE &_
			strSwitches & " Failed.  Exit code " & intReturn
    else
        WriteToLog 0, strPathToExe & REINIT_EXE_FILE &_
    		strSwitches & " Completed OK.  Exit code " & intReturn
    end if
    RunClientMRInit = intReturn
    set oShell = nothing
    WriteToLog 0, "--> RunClientMRInit()"
End Function
Function GetRMSPath()
    WriteToLog 0, "--> GetRMSPath()"
    on error resume next
    dim oReg, strValue, intReturn
    err.clear
    Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\default:StdRegProv")
    if err.number <> 0 then
	    WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
	    CloseLog()
       wscript.quit(1)
    end if
    intReturn = oReg.GetStringValue (HKEY_LOCAL_MACHINE, "SOFTWARE" &_
		strWow6432Node & "Sophos\Messaging System\Router", "ServiceHomeDir", strValue)
    If strValue <> "" then
        WriteToLog 0, "RMS Path is " & strValue
        GetRMSPath = strValue
    else
        WriteToLog 1, "Return code " & intReturn
        CloseLog()
        wscript.quit(1)
    end if	
    set oReg = nothing
    WriteToLog 0, "<-- GetRMSPath()"
End Function
Function DeleteOrig(strFilePath)
    WriteToLog 0, "--> DeleteOrig()"
    on error resume next
    err.clear
    dim oFS, intReturn, strOrigPath
	strOrigPath = strFilePath & "mrinit.conf.orig"
    set oFS = CreateObject("Scripting.FileSystemObject")
    If oFS.FileExists(strOrigPath) Then
        WriteToLog 0, strOrigPath & " Exists"
        intReturn = oFS.DeleteFile(strOrigPath,  true)
        if intReturn = 0 then
             WriteToLog 0, strOrigPath & " deleted."
         else
             WriteToLog 1, strOrigPath & " Not deleted: Return code: " & intReturn
        end if
    else
        WriteToLog 0, strOrigPath & " does not exist, carrying on."
    End If
    set oFS = nothing
    WriteToLog 0, "<-- DeleteOrig()"
End Function
Function Is64()
    WriteToLog 0, "--> Is64()"
    on error resume next
    err.clear
    
	dim objWMIService, objColSettings, strDesc, objProcessor
	
	Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
	Set objColSettings = objWMIService.ExecQuery ("SELECT * FROM Win32_Processor") 
	
    if err.number <> 0 then
	    WriteToLog 1, "Error Number: " & err.number & " Error Description: " & err.description
	    CloseLog()
       wscript.quit(1)
    end if
    
	For Each objProcessor In objColSettings 
		strDesc = objProcessor.AddressWidth 
	Next 
	
    if strDesc = "32" then
        WriteToLog 0, "Platform is 32-Bit"
        Is64 = false
    end if
    if strDesc = "64" then
        WriteToLog 0, "Platform is 64-Bit"
        Is64 = true
    end if
	
    Set objWMIService = nothing
	set objColSettings = nothing
	
    WriteToLog 0, "<-- Is64()"
End Function
</textarea></body></html>

Lanciando il file ci troveremo davanti la seguente interfaccia

Si devono selzionare i file cac.pem e mrinit.conf presenti nella nuova cid ed infine tramite il tasto Create VBScript verrà generato uno script VB da eseguire sul client, semplice, efficace, comodo.

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *