This is the main executable file for the Message Router on Windows computers.
In Windows 2000+: C:\Program Files\Sophos\Remote Management System\RouterNT.exe
In Windows 2000+ 64bit: C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
This is the main executable file for the Agent service on Windows computers. Location:
On 32bit: C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
On 64bit: C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
Significant registry keys
HKLM\SYSTEM\CurrentControlSet\Services\Sophos Message Router\ImagePath
The value of this entry on 32bit operating systems:
"C:\Program Files\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194
The value of this entry on 64bit operating systems:
"C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194
- -name Router sets the name in the context of the system and is essentially used as a prefix.
- -ORBListenEndpoints is a standard option that can be passed to the ACE ORB during initialisation. It is here we declare the interface and ports on which the Message Router should bind
- iiop://:8193/ssl_port=8194 configures it to listen on all interfaces and to use the SSLIOP protocol. If required, this could be changed to -ORBListenEndpoints iiop://10.0.0.1:8193/ssl_port=8194
Note: An example of setting the network interface is when configuring a message relay in a public WAN.
HKLM\SOFTWARE\Sophos\Remote Management System\ManagementAgent\Private\Pkc
HKLM\SOFTWARE\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Private\Pkc
The signed certificate as issued by the Certification Manager. This value is required before the Sophos Agent can be officially part of the Remote Management System. In order to obtain the value, the Sophos Agent logs onto the local Message Router’s certification interface (when available) and makes a certification request. This should be received by the Certification Manager and a certificate issued. It is then sent back by the server’s Message Router to the client Message Router and on to the Sophos Agent. It is then able to log on to the client interface on the local Router and become part of the Remote Management System and send messages. This is the same process by which the Sophos AutoUpdate Agent receives its certificate.
HKLM\SOFTWARE\Sophos\Remote Management System\ManagementAgent\Adapters\
HKLM\SOFTWARE\Wow6432Node\Sophos\Remote Management System\ManagementAgent\Adapters\
The above location sets the paths to the adapter. For example, the value of DLLPath under HKLM\SOFTWARE\Sophos\Remote Management System\ManagementAgent\Adapters\SAV is: C:\Program Files\Sophos\Sophos Anti-Virus\\SAVAdapter.dll
The majority of other keys that define the behaviour of the Message Router are under this key.
A selection of the most significant keys are given below. Not all the following values are present by default, but they can be added to override default behavior if required.
|Name ||Type ||Value ||Purpose |
|GetterInterval ||DWORD ||Any default (900s/15 mins) ||If the Message Router is an active consumer this value defines the polling frequency in seconds. |
|IORSenderPort ||DWORD ||Any (default 8192) || |
This value is set by clientmrinit.exe in conjunction with mrinit.conf, which is copied to the client during the initial bootstrap phase of the client by setup.exe. The value in mrinit.conf is created by the server at install and is based on the source file srcinit.conf, which sets the ports for RMS to use in the very first instance.
In order for a Message Router to publish its services, i.e. interfaces and ports on which it is listening, the Message Router has the concept of an IOR. This registry key defines what port the Message Routers IOR is being hosted on for other components to connect to.
|LogFileCount ||DWORD ||Any (default 8) ||Configures how many log files the Message Router will use in its rotation scheme. May be beneficial to increase for troubleshooting purposes if there are many clients, causing a busy Message Router. |
|LogFileMaxSize ||DWORD ||Any (default 1048576) ||The maximum size of a log file before a new file is created. |
|LogLevel ||DWORD ||0/1/2 (default 0) ||Defines the level at which the Message Router logs. 0=normal, 1=debug, 2=trace level. |
|ParentAddress ||SZ ||Should be set to the address of the Message Router's parent Message Router. || |
This value is set by clientmrinit.exe in conjunction with mrinit.conf, which is copied to the client during the initial bootstrap phase of the client by setup.exe. The value in mrinit.conf is created by the server at install and is based on the IP addresses of the server, how they are obtained and thehostname.
For a Management Server whose IP address is fixed, the value ParentRouterAddress in mrinit.conf will contain the IP addresses of the management server, plus the FQDN format if a member of a domain and the NETBIOS name. If the Management Server obtains it’s IP(s) through DHCP, only the machine name will be used. It is in this scenario where the client may rely on DNS in order to find its parent server.The value essentially enables the Message Router to find its parent Message Router. The registry value can be changed and the Message Router restarted if required, and may be used when setting up message relays.
|ParentPort ||DWORD ||Any (default 8192) ||This value is set by clientmrinit.exe in conjunction with mrinit.conf, which is copied to the client during the initial bootstrap phase of the client by setup.exe. The value in mrinit.conf is created by the server at install and is based on the source file srcinit.conf, which sets the ports for RMS to use in the very first instance. This port value is used with the parent address in order to find the parent Message Routers IOR. |
|RestartDelay ||DWORD ||Any (default 60) ||How quickly the Message Router will attempt to restart; by default this is every minute. |
|ServiceAgrs ||SZ || |
Any as accepted by routernt.exe and ultimately the ACE ORB (default: -ORBListenEndpoints iiop://:8193/ssl_port=8194)
|When the Message Router reinstalls itself these values are used to populate the service key: HKLM\SYSTEM\CurrentControlSet\Services\Sophos Message Router\ImagePath |
- For further information on RMS 4 see article 121071.