To resolve any of the issues listed, do one of the following options:
Security Server
- Log in to the WFBS console.
- Go to Live Status > Scroll down the page until you see the License Status widget.
Click the image to enlarge.
- Make sure that you have not exceeded the seats for your license. Otherwise, the extra clients will not appear in the management console.
- Identify the agent IP and listening port:
- Navigate to Devices > Select affected group > locate the endpoint.
- You can identify the IP Address for the endpoint, and the listening port configured.
Click the image to enlarge.
For accurate results, the IP address should be verified on the agent side as communication issues could prevent the IP Address from updating on the console correctly when it changes at the endpoint. - On the Security Server, open your browser.
- In the address bar, enter the following address replacing the IP and port where indicated:
http://<endpoint IP>:<agentport>/?CAVITCAVIT must be capitalized. - Hit Enter. Either of the following will happen:
- From the Security Server, and open Command Prompt.
- Change path to the PCCSRV directory "..\Trend Micro\Security Server\PCCSRV"
- Run the following commands, one by one:
- svrsvcsetup.exe -setvirdir
- svrsvcsetup.exe -setprivilege
- svrsvcsetup.exe -enablessl
- Restart the Trend Micro Security Agent Listener service on one of the clients that is disconnected or offline.
- Open the WFBS console, and go to Devices.
- Refresh the page after 30 seconds and verify if the agent is still disconnected or appears offline.
- On the Security Server, stop the Trend Micro Security Server Master Service.
- Go to the ..\PCCSRV\HTTPDB folder then make a backup copy of the HTTPDB folder (Example: HTTPDB_backup), and then delete all the contents of the original HTTPDB folder
- Start the Trend Micro Security Server Master Service.
The above steps will re-create the database. It will remove all the configurations and the agents reporting on the console. However, when the machine is rebooted, get update from the server or when the Trend Micro Agent Listener is restarted, the database will automatically be repopulated.
- Restart the Trend Micro Agent Listener service on the offline/disconnected, or restart the computer.
- Open the management console to verify if the client/agent now appears correctly.
Security Agent
- Identify the Server IP/FQDN and listening ports.
- IP can be obtained via ipconfig while FQDN can be gotten from the web console address.
Click the image to enlarge.
- Ports can be identified by going to the following:
- IIS: IIS Manager > Sites > OfficeScan > Bindings...
Click the image to enlarge.
8059 and 4343 is the default HTTPS port on both Apache and IIS web servers. - Apache: Go to ..\Trend Micro\Security Server\PCCSRV\Apache2\Conf\httpd.conf > Look for Listen and ServerName entries
Port must have the same value as Master_DomainPort (entry can be found on ..\PCCSRV\ofcscan.ini).
- IIS: IIS Manager > Sites > OfficeScan > Bindings...
- IP can be obtained via ipconfig while FQDN can be gotten from the web console address.
- Open a web browser on the testing endpoint.
- In the address bar, enter the following address replacing the IP and port where indicated:
https://<servername/IP address>:<https port>/SMB/cgi/cgionstart.exe
A warning about the page will appear. This is expected as the server uses a self-signed certificate. Proceed past the warning and a page
If the next screen shows "-2", this means the client can communicate with the server. Otherwise, there is a problem with the connection.
For reference, refer to Checking the client and server communication using clndiag tool.
If errors are identified when using thr clndiag tool:
- For Ping error: Follow the steps under the Verify connection from server to agent section, and vice versa.
- For Telnet error: Follow the procedure under the Check if the agent registry is correct and Verify Windows Firewall allows TM agent port sections.
- For CGI error: Provide Case Diagnostic Tool (CDT) log generated on the WFBS server and the Security agent then contact Trend Micro Technical Support.
- On the Security Server, open the ..\PCCSRV\ofcscan.ini file.
- Look for the following entries, and take note of their values:
- Open the Registry Editor in the offline/disconnected agent and go to the following registry hive:
- For 32-bit machine: HKEY_LOCAL_MACHINE\Software\Trend Micro\PC-CillinNTCorp\CurrentVersion
- For 64-bit machine: HKEY_LOCAL_MACHINE\Software\WOW6432Node\Trend Micro\PC-CillinNTCorp\CurrentVersion
- The values of the following registry keys should be the same as the values from Step 2:
- Server - must have the same value as Master_DomainName
- ServerPort - must have the same value as Master_DomainPort
- LocalServerPort - must have the same value as Client_LocalServer_Port
If the values are not the same, use the Client Mover Tool (IPXfer.exe) to restore the communication between the WFBS server and Security Agent. Follow the procedure in this KB article: Migrating clients of Worry-Free Business Security (WFBS) to another server.
Use the following workaround if the client is offline after migrating to a new WFBS server or if the client can be updated but doed not appear in the web console after a fresh install:
- Go to the offline client machine and unload the agent.
- Open Registry Editor.
- Go to the following registry key:
- For 64-bit OS: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion
- For 32-bit OS: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion
- Modify the value of Domain and DomainID, which are referencing to the Group in the WFBS console. By default, the values are:
- For Servers group:
"Domain"="Servers (default)"
"DomainID"="10000000-0000-0000-0000-000000000000" - For Desktops group:
"Domain"="Desktops (default)"
"DomainID"="20000000-0000-0000-0000-000000000000"- ServerPort=dword:00001f7b (default port in hexadecimal)
- Server="Name of the server"
- Domain="Desktops (default)"
- LocalServerPort=listening port (hexadecimal)
- DomainID="20000000-0000-0000-0000-000000000000"
For other languages, you must change the Domain value according to what is displayed in the console for the default groups. The DomainID should stay the same.
- For Servers group:
- Reload the agent.