Changed account UUID and now some settings do not apply to clients
Hi,
I am in the process of changing my TDR clients Account UUID. This is done by this script:
net stop /y TDRSensorService64 >> "c:\temp\NewTDR.txt"
"c:\Program Files (x86)\WatchGuard\Threat Detection and Response\amd64\host_sensor.exe" /setAccountUUID=KEY >> "c:\temp\NewTDR.txt"
net start TDRSensorService64 >> "c:\temp\NewTDR.txt"
It works, the client is afterwords configured in the new portal account, i have. The issues i see, is with the Enable Users to Pause Host Sensor Protection and Prevent Host Sensor Service Changes.
Both options is set to not allow the user to pause and stop the service, but even after a reboot then end user is still able to pause and stop services.
It worked before i changed the UUID account.
I have not checked whether the other options also is affected.
Any clue?
Regards
Robert
Comments
Hi Robert,
Does it work properly if you uninstall and reinstall the host sensor with the correct UUID? (If you can please try this with just one client.) It sounds like it may not be properly registering to the new account.
-James Carson
WatchGuard Customer Support
Well, i have Prevent Host Sensor Uninstallation enabled so i was unable to uninstall. Did some fiddleling and got the TDR client removed from my machine.
And yes, if i install the client by running the msi installer, all settings works, so only changing the account UUID is not enough.
I made a little script to uninstall the TDR (now with Prevent Host Sensor Uninstallation disabled) and then reinstall with the new UUID number.
@echo off
if not exist "c:\temp*.*" md "c:\temp"
if exist "c:\temp\NewTDR.txt" goto DONE
msiexec /uninstall "c:\temp\host_sensor-6.0.4.9702.msi" /qn /norestart /l* "c:\temp\TDR_client_uninstall.txt"
del "C:\Program Files (x86)\WatchGuard\Threat Detection and Response*." /Q
msiexec /i "c:\temp\host_sensor-6.0.4.9702.msi" AccountUUID=XXX-XXX-XXX-XXX Controller_Address=tdr-hsc-eu.watchguard.com:443 /qn /norestart /l "c:\temp\NewTDR.txt"
goto END
:DONE
echo TDR Client is already changed to the new WG rental account >> "c:\temp\TDRDone.txt"
goto END2
:END
del "c:\temp\NewTDR.cmd" /Q
del "c:\temp\host_sensor-6.0.4.9702.msi" /Q
goto END2
:END2
@rv@kaufmann.dk
Thanks for the reply.
That's the expected behavior. There's a registration routine that the host sensor does when it first starts up that links it to the new UUID. If that isn't run, it won't report to the new place.
-James Carson
WatchGuard Customer Support