Update config on remote users?

Discussion in 'NOD32 version 2 Forum' started by snowsuca, Nov 12, 2006.

Thread Status:
Not open for further replies.
  1. snowsuca

    snowsuca Registered Member

    Joined:
    Nov 12, 2006
    Posts:
    2
    Location:
    Copenhagen, DK
    Hi!

    I've just implementet Nod32 on a Network with about 100 workstations, 25 mobile users and 25 remote users, who doesn't connect to our network RAS.

    So far, Nod32 is working flawlessly, but i've just realized that i've done a ****-up in the configuration-file for the remote users and need to change it..

    My question is:
    Is it possible to, in some way, update the configuration by a batch-file (distributed by e-mail), without having to reinstall the whole program, thereby avoiding having to distribute a cd-rom or so with a new installation?

    Additionally, Is it i anyway possible to have the remote users connect to a Nod32 RAS in my DMZ, considering that the remote users have a standard ISP DSL connection with a NAT router i have no control over?

    Thanks for your help! - it's much appriciated! :D
     
  2. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    you can either setup your ras in the dmz, or setup port forwarding on the router - dmz is quicker, although less secure.
     
  3. Georgio

    Georgio Registered Member

    Joined:
    Sep 8, 2006
    Posts:
    7
    No problem with users connecting to RAS (and downloading new configurations and tasks) over internet as long as they can resolve address RA server. However this is also the main problem - how can you set address of RA server for them if they do not connect to any server and you have no other means to make changes?

    Generally there are 4 ways how configuration can be changed on client computer:

    1) First one is to manually change settings (or by remote desktop or whatever) which is probably not an option for you.

    2) Second one is using Remote Administrator. As was written previously, it requires that client computer has already "Remote Administrator Server" value filled either by server name or IP address. It is possible to push special fake "installation" to computer so a "blind" workstation (which doesn't connect to RA server) is directed to RA server from which this fake installation was executed. This however requires that all other prerequisites for push installation are met (file sharing enabled , $admin rights etc.). So this also does not look like an option for you.

    3) Changing configuration through update mirror. If you set up update mirror it is possible to create configuration file and "attach" it to Mirror, so all updated clients will apply this configuration. Of course this requires that primary update profile on your remote clients is directed to your own update mirror and then secondary (or tertiary) update profile directs them to ESET update servers. This also means that update Mirror is visible over internet (e.g. hosted on your apache server). Depending on if these prerequisites are met this could be a solution for you.


    Maybe the best option for you is to use 1) or 2) by simply sending to people instructions how to make the changes directly in NOD32 interface.
     
  4. snowsuca

    snowsuca Registered Member

    Joined:
    Nov 12, 2006
    Posts:
    2
    Location:
    Copenhagen, DK
    Thanks for your ideas!

    I, for some reason, still can't make my remote clients connect to my DMZ RAS, allthough my firewall should allow the communication. (i've tested different solutions with my own laptop from home) Could it be because i use the RAS server IP as "server adress" on the clients? should i instead try making a DNS-record for the server and use a hostname?

    The solution i ended up using on the config problem was actually quite simple.

    The setting i needed to change on the remote clients was the update username and password. These settings, i found out, was stored in the registry. Therefore i created a reg-file contaning the new username and password and e-mailed it to the users.

    I'll be happy to hear some ideas about my RAS problem!

    *************************************
    The reg-file looked lige this:

    [HKEY_LOCAL_MACHINE\SOFTWARE\Eset\Nod\CurrentVersion\Modules\Update\Settings\Config001\Settings]
    "Username"="AV-1234567"
    "Password"=hex:>>encrypted password<<

    By entering the new username and password in the client on my own laptop and afterword looking it up in the registry, i got the key with the encrypted password.
     
Thread Status:
Not open for further replies.