Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

ZESUser.exe reaches out into the Internet

This document (7012625) is provided subject to the disclaimer at the end of this document.


Novell ZENworks Endpoint Security Management 11.2
Novell ZENworks Configuration Management 11.2


ZESUser.exe tries to connect to the Internet on agent startup.


This is fixed in version 11.3 - see TID 7014213 "ZENworks Configuration Management 11.3 - update information and list of fixes" which can be found at


Create a file %zenworks_home%\esm\ZESUser.Exe.Config with the content:
<?xml version="1.0" encoding="utf-8"?>
               <generatePublisherEvidence enabled="false"/>



The Microsoft .NET 3.5 framework default behavior is to verify the authenticode signature on executable start-up. The ZCM agent .net executables are not signed and the managed device might not have access to the Internet at the moment the executable is loading. This can cause delay or even timeouts on ZCM agent  module startup and generates unnecessary Internet traffic.

Additional Information

For most .net executables the ZCM agent already contains such a .Exe.Config file to disable this generatePublisherEvidence functionality, but it is missing for ZESUser.exe.

More information about this .net functionality is available at MSDN


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7012625
  • Creation Date:18-JUN-13
  • Modified Date:03-MAR-14
    • NovellZENworks Configuration Management
      ZENworks Endpoint Security Management

Did this document solve your problem? Provide Feedback