Highlighted
obiwan Regular Contributor.
Regular Contributor.
223 views

Re-apply remint update to clients?

Jump to solution

Hello,

we have a CA remint system update in progress, the new CA is scheduled to activate in six days.

Of course, in the meantime "some" workstation were re-imaged and I'm afraid, those workstations will fail to connect later.

In "Troubleshooting" I found this:

Managed device that was re-imaged during remint is not communicating with the Primary Server

Source:ZENworks; SSL Management.

Explanation:After a remint system update is completed on a device, before the activation date, if the device is re-imaged and registered, it will not be able to communicate with the Primary Server, post activation. This is because the new server certificate is already activated on the Primary Server and the device does not have the new certificate because the system update is not sent to the device again.
Action:You need to unregister and re-register the device. If the system update is not yet baselined, you can use the certificate remint tool to run the system update again.


So here are my questions:

- I already found a bunch of workstations (ATM 77, but increasing....) having this problem and I would like to fix it BEFORE the change happens. Can the Remint Tool help?

- If I want to try the unreg/reg in some cases (AFTER CA Change, for workstations not available right now), can I use unreg -f -s to unregister? (My guess: Without broken communication a simple zac unreg won't work pretty good)

- I have downloaded and saved the Remint Tool for later use, so it's already available on workstations. It's just from one of the primary servers. Is it useful that way?

Of course finally about the environment:
4 Primary servers 17.4.1 (Windows 2012 R2)
5000+ workstations running Windows 7SP1, Windows 10 1803 , ZCM Agents 11.4.2 / 17.4.1
Internal CA

Thanks for any suggestions 🙂
Dirk

Labels (1)
0 Likes
1 Solution

Accepted Solutions
Micro Focus Expert
Micro Focus Expert

Re: Re-apply remint update to clients?

Jump to solution

Yes, running the tool on a newly imaged device prior to activation will prevent any issues.

 

0 Likes
6 Replies
Micro Focus Expert
Micro Focus Expert

Re: Re-apply remint update to clients?

Jump to solution

I believe the answer to that question is yes.....

I will try and verify early next week....If you don't see a post by me  by late Monday U.S. time, please post back.

0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Re-apply remint update to clients?

Jump to solution

Yes, running the tool on a newly imaged device prior to activation will prevent any issues.

 

0 Likes
obiwan Regular Contributor.
Regular Contributor.

Re: Re-apply remint update to clients?

Jump to solution

Thx Craig,

Sounds great... so I'll prepare a bundle.

Anything special I should consider? I think I would start using DAU for execution....

Dirk

 

0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Re-apply remint update to clients?

Jump to solution

System or DAU is fine.....

 

obiwan Regular Contributor.
Regular Contributor.

Re: Re-apply remint update to clients?

Jump to solution

OK and THX, so of course I created it running as System 🙂

Although the bundle itself seems to throw errors often, it's doing the job (no time for cosmetics:)). Starting with 390 problem devices we are below 320 already, continually decreasing

Thanks for helping me out just in time!

 

Dirk

0 Likes
obiwan Regular Contributor.
Regular Contributor.

Re: Re-apply remint update to clients?

Jump to solution

I forgot to add a final Thank You , our results and experiences

 

- the bundle was successfully deployed to ~340 re-imaged devices, saved a lot of work to fix it later

- I wish I had the idea earlier (about fixing it before CA is changed) ... I had only three days left and of course we weren't able to catch all devices...

- Maybe it would be a good idea to have a hint in the documentation? Reading the troubleshooting section is my usual practice, however you still have to realize that you would be able to avoid some problems before they arise.

 

Dirk

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.