3 Replies Latest reply on Feb 10, 2010 11:05 AM by Sailendra Pamidi

    All agents using legacy key for communications

    Attila Polinger

      I have just noticed that all of our ePO managed clients are using the legacy ePO key as indicated in the Configuration\Server Settings\Security Keys section. There is another key available bearing the servername but it is not used at all.

       

      Is it normal? Must I do something so that agents begin using the other key?

       

      ePO 4.0 Patch 6 server, agents MA 4.0.0.1494.

       

      I see also an ePO agent key updater plugin version 4.5 in the repository.

       

      Thanks for any hint.

       

      Attila

        • 1. Re: All agents using legacy key for communications
          RMCCULLO

          This is most likely due to the fact that you upgraded from ePO 3.6.1 to 4.x.

           

          The legacy key is what Versions prior to ePO 4.0 used, and is universally accepted on all ePO server (including ones not owned by you).

           

          So its really your choice to either use your custom ePO Server Key (more secure, just make sure you keep a backup copy)

          or to use the Legecy Key.

           

          To change what the clients are using you will need to promote the key bearing the servername to Master, and then ensure that your ePO Agent Update Task is also set to update Agent Keys (selecting update all components will do this for you).

           

          Once again, make sure you keep a backup copy of these files, as if you reinstall ePO you have to re-import them or you will be forced to re-push all your agents.

          • 2. Re: All agents using legacy key for communications
            Attila Polinger

            Hello,

             

            thank you for the answer regarding the epo keys. The unused key has the name of the server. Will it be affected if I should rename the server (not wanting, just asking) ?

             

            Attila

            • 3. Re: All agents using legacy key for communications
              Sailendra Pamidi

              The name given to the key should not matter. Its the hash that is important. In the event of a restore, you can reimport the key file (usually sr<systemname>.zip)  to get back the agent server communication key used by the agents. If there is already a key with same name, rename the sr<systemname>.zip to any other name and attempt the import.

               

              The keys can be exported from Configuration->Server Settings->Security Keys

               

               

              Message was edited by: Sailendra Pamidi on 2/10/10 11:05:16 AM CST