Need process to create a drive image with Data Center Security (DCS) agent already installed.
***All steps described in reference to DCS agent; for SCSP agent the file paths will need to change as per agent installation directory***
Every installation of the Data Center Security client creates a unique agent ID to that installation when the IPS service first starts. If using a computer with the DCS client to create a drive image, and if that image is used to create clones of that computer on the same network, then each computer will have the same Agent ID. This can cause problems in the DCS Manager as the agents with the same ID will be considered duplicates.
You can prevent these problems by creating a drive image that does not have a DCS Client agent ID.
Install the operating system, and apply all of the patches required. Do not install the DCS agent.
Install any other software needed except the DCS agent that will be on the image.
Install the DCS agent after all of the other installations are complete.
Before you save the image, stop the DCS agent services In Linux:
In Windows: stop the following services:
Symantec Data Center Security Server Agent
Symantec Data Center Security Server IDS Agent
Symantec Data Center Security Server Utility
To stop and start the DCS Agent services, you must use sisservicectrl.exe via CMD.
To stop the IPS Service sisservicectrl.exe stop sisipsservice
To stop the IDS Service sisservicectrl.exe stop sisidsservice
To stop the Utility Service sisservicectrl.exe stop sisipsutil
To start the services use the same commands, but specify start instead of stop.
Go to /etc/sisips/ in Linux ; in Windows C:\Program Files (x86)\Symantec\Data Center Security Server\Agent\IPS There are 2 way to do it. One editing file and one to run the forcereg tool.
Option 1 :
Open the following files
Locate the agent.id line and delete the value after the "=" sign
Save the agent.ini file
Create the image
Option 2 :
run "sisipsconfig -forcereg" (running this tool will blank out all the agent.id)
If you on linux you need to "su sisips" first before running command
Create the image (without starting the services)
Once the image is deployed, make sure you have changed the hostname and IP prior to connect it to the network.
Once on the network, start the DCS services.
At this point, the agent should check in with the manager and get a new agent ID assigned.
If the system fails to show in the assets list, run "sisipsconfig -forcereg" (./sisipsconfig -forcereg on linux) to reset the agent ID.
Subscribing will provide email updates when this Article is updated. Login is required.