3 Replies Latest reply on Feb 25, 2014 8:44 AM by justav

    ePO 4.6 Off domain agent communication

    jregimbald

      I just set up a brand new ePO 4.6.6 server. I only have beta users to test in it now. We were using Safeboot with ePO4.5, but we're moving to Endpoint encryption with ePO 4.6. The laptops that we're encrypting are going to be off-domain most of the time. I'm trying to figure out how than can continue to communicate and be managed by ePO when they disconnect from the domain. Has anyone done this before? I'm sure there's a kb out there some where for this, i'm just not finding it. I'm probably asking the wrong questions. The closest thing I could find is setting up an agent handler in the DMZ, but i'm not sure if that's what I need, and if it is, i'm not sure how to set that up. Can anyone help me out or point me in the right direction?

       

      Thanks

        • 1. Re: ePO 4.6 Off domain agent communication
          frank_enser

          Hi,

           

          with "off domain" you mean outside of your network, right? So then an Agent Handler in your DMZ is most likely what you need. See Chapter 10 of the ePO Product Guide. The Agent Handler installation files are in the "agenthandler" subdirectory of your ePO installation files. See also PD22508.

          • 2. Re: ePO 4.6 Off domain agent communication
            Peter M

            Moved to ePO for better support.

            • 3. Re: ePO 4.6 Off domain agent communication
              justav

              Best advice I can give to you is to get to the epo5 platform. I think you will have/create issues when you want to migrate later on with EEPC active (at least I think I have read that somewhere).

              Will eventually save you a lot of misery if you need to migrate  after.

               

              About off domain...I have to redirect you to Frank Enser's correct answer.

              Agent handler (or an ePO even) in the DMZ (agent handler is nothing more then a guidless ePO, or actually more like a registered ePO server) will do most tricks. Dont forget to open up the nessecary ports to and from the DMZ to your ePO server and SQL. All is in the product guide.

               

              Now if you mean by OFF domain that your ePO server isnt in the same domain then look up the LDAP connection you can set in the Server Settings. By doing so you can verify systems even when your ePO is not in the same domain or even in any domain for that matter. (I master several domains with just one ePO server which is perfectly possible).

              Have a read up in the manual as well about registered servers (there are some options as well to your liking). (you can work with that since 4.6 I believe, so your 4.5 wont be compatible then)

               

              goodluck !

               

              Message was edited by: justav on 2/25/14 8:44:49 AM CST