Showing results for 
Search instead for 
Did you mean: 

ePO 4.6 Off domain agent communication

I just set up a brand new ePO 4.6.6 server. I only have beta users to test in it now. We were using Safeboot with ePO4.5, but we're moving to Endpoint encryption with ePO 4.6. The laptops that we're encrypting are going to be off-domain most of the time. I'm trying to figure out how than can continue to communicate and be managed by ePO when they disconnect from the domain. Has anyone done this before? I'm sure there's a kb out there some where for this, i'm just not finding it. I'm probably asking the wrong questions. The closest thing I could find is setting up an agent handler in the DMZ, but i'm not sure if that's what I need, and if it is, i'm not sure how to set that up. Can anyone help me out or point me in the right direction?


3 Replies

Re: ePO 4.6 Off domain agent communication


with "off domain" you mean outside of your network, right? So then an Agent Handler in your DMZ is most likely what you need. See Chapter 10 of the ePO Product Guide. The Agent Handler installation files are in the "agenthandler" subdirectory of your ePO installation files. See also PD22508.

Level 21
Report Inappropriate Content
Message 3 of 4

Re: ePO 4.6 Off domain agent communication

Moved to ePO for better support.

Level 9
Report Inappropriate Content
Message 4 of 4

Re: ePO 4.6 Off domain agent communication

Best advice I can give to you is to get to the epo5 platform. I think you will have/create issues when you want to migrate later on with EEPC active (at least I think I have read that somewhere).

Will eventually save you a lot of misery if you need to migrate  after.

About off domain...I have to redirect you to Frank Enser's correct answer.

Agent handler (or an ePO even) in the DMZ (agent handler is nothing more then a guidless ePO, or actually more like a registered ePO server) will do most tricks. Dont forget to open up the nessecary ports to and from the DMZ to your ePO server and SQL. All is in the product guide.

Now if you mean by OFF domain that your ePO server isnt in the same domain then look up the LDAP connection you can set in the Server Settings. By doing so you can verify systems even when your ePO is not in the same domain or even in any domain for that matter. (I master several domains with just one ePO server which is perfectly possible).

Have a read up in the manual as well about registered servers (there are some options as well to your liking). (you can work with that since 4.6 I believe, so your 4.5 wont be compatible then)

goodluck !

Message was edited by: justav on 2/25/14 8:44:49 AM CST