From the Apex One server IIS Logs, HTTP Post for isapiClient.dll returns error 500:

fe80::3d1c:256b:bbc:7b7e%3 POST /officescan/cgi/isapiClient.dll - 443 - fe80::3d1c:256b:bbc:7b7e%3 62691CB3BF62DAF233FB2C02782E7BD2+HTTP/1.1 - 500 0 193 0

• When Apex Central and Apex One both use Default Website and are installed on the same server, they will make use of the same DefaultAppPool.
• Apex Central requires the following setting configured: IIS > Application Pools > DefaultAppPool > Advanced Settings > Enable 32-Bit Application > True.
• On the other hand, Apex One requires the following configuration: IIS > Application Pools > DefaultAppPool > Advanced Settings > Enable 32-Bit Application > False by default.

This causes an agent connection issue because by default, Apex One uses the 64-bit version of the \Trend Micro\OfficeScan\PCCSRV\Web_OSCE\Web\CGI\isapiClient.dll file.

The recommended solution is do to either of the following:

• Install Apex One server on a different server machine.
• Install Apex One server on the same server machine, but use Virtual Directory instead of Default Website during installation.

To verify if the issue has been resolved:

• You should now be able to see the moved agent/s machine under Apex One web console > Agents > Agent Management.
• https://<Apex One FQDN or IP Address>/officescan/cgi/isapiClient.dll should display either of the following results when accessing it from a browser on the agent's machine:
  • On Internet Explorer, you should get a "-1" result when entering https://<Apex One FQDN or IP Address>/officescan/cgi/isapiClient.dll.

    

  • On Google Chrome, the isapiClient.dll file can be downloaded through the browser.

    

Two or more agents may end up using the same UID on the database if the Server Migration Tool was not used

In this section, 'OSCEXGSP1SVR12' will be the example missing agent. The migrated agent (OSCEXGSP1SVR12) does not appear under the Apex One web console agent management domain tree.

^{Click the image to enlarge.}

When searched, the migrated agent can be found, but cannot be moved.

^{Click the image to enlarge.}

The figure below will be the domain structure of the example missing agent and will be the basis of the investigation.

To start the troubleshooting, go to SQL Server where the Apex One database is stored. Use Microsoft SQL Server Management Studio to access the Apex One server database, then do the following:

1. Right-click the Apex One server database, and select New Query.
2. Check on which sub-domain the missing agent 'OSCEXGSP1SVR12' is registered or reporting to. Use the command below:

   SELECT * FROM TBL_CLIENT_INFO WHERE COMP_NAME = 'OSCEXGSP1SVR12'

3. Use the following to command to verify where is the correct parent domain of the sub-domain 'Hans1':

   SELECT * FROM TBL_CLIENT_INFO WHERE COMP_NAME = 'Hans1'

   Querying the sub-domain 'Hans1' shows that there are two-parent domains (Hansq) with identical names but with different DOMAIN_UIDs.

   

   ^{Click the image to enlarge.}

4. Using the the command below, the parent domain 'Hansq' can be queried, and will show that there is only one parent domain named 'Hansq' registered under the root domain, and the UID is '60C1BB05-6715-414C-BA5A-71FAB0326830'.

   SELECT * FROM TBL_CLIENT_INFO WHERE COMP_NAME = 'Hansq'

   Therefore, the correct DOMAIN_UID of the agent 'OSCEXGSP1SVR12' is '399BA356-A141-4F9F-ABEF-7F8B09CED138', which is the UID of the correct sub-domain 'Hans1' on which the missing agent should be reporting to.

   

   ^{Click the image to enlarge.}

    

   Take note of the correct DOMAIN_UID (green box) of the agent as it will be used to solve the issue. (The table values above is for example purposes ONLY and may vary per environment).

    

   Based on the scenario above, the agent was placed under a duplicated sub-domain with a different UID. The parent domain of this duplicated sub-domain does not exist on the database of the server which is why the agent is not showing under the agent management tree of the Apex One console.

   

   Commonly, it was caused by creating the domains with the same name from the source server manually. For best practice when migrating OfficeScan agents to Apex One, it is important to use Server Migration Tool so it can copy the previous domain structures as well as its settings.

    

   The Server Migration Tool does not back up the Security Agent listings of the OfficeScan server.

    

Using the sample information gathered from the Findings section, we will update the database to change the DOMAIN_UID of the affected agent to the correct one.

1. Based on the Findings section, we can confirm that the DOMAIN_UID of the example agent 'OSCEXGSP1SVR12' is incorrect. Use the command below:

   SELECT * FROM TBL_CLIENT_INFO WHERE COMP_NAME = 'OSCEXGSP1SVR12'

   

2. To solve the issue, we should use the Correct DOMAIN_UID of the agent which was noted from the last step on the Findings section.

   

   Use the command below to update the DOMAIN_UID of the agent to the correct one.

   UPDATE TBL_CLIENT_INFO set DOMAIN_UID='399BA356-A141-4F9F-ABEF-7F8B09CED138' WHERE COMP_NAME='OSCEXGSP1SVR12';

    

   The values of DOMAIN_UID and COMP_NAME from the SQL command above are based on the information gathered from the Findings section and for the purpose of example ONLY. It may vary from your environment.

    
3. After executing the SQL command, the DOMAIN_UID of the agent should now be correct.

   

   By changing the DOMAIN_UID of the affected agent, the agent is now placed under the correct sub-domain.

   

To verify if the issue has been resolved:

• The agent should now appear under the correct domain
• The agent should now be movable.

^{Click the image to enlarge.}