Environment
Novell ZENworks Endpoint Security Management 11.2
Novell ZENworks Configuration Management 11.2
Novell ZENworks Configuration Management 11.2
Situation
ZESUser.exe tries to connect to the Internet on agent startup.
Resolution
This is fixed in version 11.3 - see KB 7014213 "ZENworks Configuration Management 11.3 - update information and list of fixes" which can be found at https://support.microfocus.com/kb/doc.php?id=7014213
Workaround
Create a file %zenworks_home%\esm\ZESUser.Exe.Config with the content:
"...
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<runtime>
<generatePublisherEvidence enabled="false"/>
</runtime>
</configuration>
..."
Workaround
Create a file %zenworks_home%\esm\ZESUser.Exe.Config with the content:
"...
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<runtime>
<generatePublisherEvidence enabled="false"/>
</runtime>
</configuration>
..."
Cause
The Microsoft .NET 3.5 framework default behavior is to verify the authenticode signature on executable start-up. The ZCM agent .net executables are not signed and the managed device might not have access to the Internet at the moment the executable is loading. This can cause delay or even timeouts on ZCM agent module startup and generates unnecessary Internet traffic.
Additional Information
For most .net executables the ZCM agent already contains such a .Exe.Config file to disable this generatePublisherEvidence functionality, but it is missing for ZESUser.exe.
More information about this .net functionality is available at MSDN
More information about this .net functionality is available at MSDN