The following sections explain the diagnostic tools available in the Windows Vista/7 version of the Security Client:
If problems occur because of the Security Client’s presence on the endpoint device, administrators can provide detailed diagnostics information packages to Novell Support. This information is vital in resolution of any issues. The diagnostics package is defined by the following items:
Group Policy Object: Captures the current GPO for the user/endpoint as designated by your directory service (for example, Active Directory).
Network Environments: Captures the current and detected network environments.
Registry Settings: Captures the current registry settings.
System Information: Captures all system information.
System Event Logs: Captures the current System Event logs.
Wireless Environment: Captures the current and detected wireless environments.
To create a diagnostics package:
On the endpoint device, right-click the Security Client icon, then click
.Click
.Select the items to be included in the package (all are selected by default).
Click
to generate the package.The generated package (ESSDiagnostics_YYYYMMDD_HHMMSS.zip.enc) is available on the desktop. This encrypted zip file can now be sent to Novell Support.
The Administrator views display only when password override is present in the policy. The Administrator views are added to the right side of the Endpoint Security Client About window under the Administrator heading.
The following sections contain more information:
Use the
button to temporarily override policy settings by loading an Allow-All policy. Type the password and click .After the password is entered, the
button changes to . When you enter the password, you do not need to enter it again until you click the button, which reverts back to the running user policy.Password overrides can also be set up for a specified amount of time. When that time expires, the running user policy is again loaded and the
button appears.The
button displays the current policy on the device. The display shows basic policy information and can be used to troubleshoot suspected policy issues.The policy display divides the policy components into the following tabs:
General: Displays the global and default settings for the policy.
Firewall Settings: Displays the Port, ACL, and Application groups available in this policy.
Firewalls: Displays the firewalls and their individual settings.
Adapters: Displays the permitted network adapters.
Locations: Displays each location and its settings.
Environments: Displays the settings for defined network environments.
Rules: Displays integrity and scripting rules in this policy.
Misc: Displays assigned reporting, hyperlinks, and custom user messages for this policy.
The
button displays the current status of the client and affected components.The client status includes information on the following objects:
Environment: Information on the computer, user, and the present session.
Location Aware: Information on the policy distinguishing the computer’s location and its adapter environment.
OS Adapter List: Lists the communication elements for the computer hosting the client.
Network Status: Whether the client is connected to a network and whether it is a wired, wireless, or a modem connection.
Firewall Enforcement: The firewall the client is using and its present state.
Volume Management: The devices and volumes that are presently found on the client.
The
button lets administrators adjust the settings for the Endpoint Security Client without reinstalling the software.The following sections contain more information:
Restores the original installed policy, whether that policy is a resource file or one that is distributed as part of the install package. Use this option if you need to access a policy with few or no restrictions enabled. This policy is permanent. To enforce a different policy, you must publish that policy to the client.
Disables all protections used to keep the client installed and active on the machine.
Resets the password required to uninstall the Endpoint Security Client. If no uninstall password is presently set, the administrator is prompted with a window to enter the uninstall password. When the password is set, the
button becomes and a button is added. Use to change the uninstall password, and use to clear the uninstall password.The
option shows all of the ZENworks Endpoint Security modules that are presently loaded on the client machine. To get to the Module List, double-click the Endpoint Security Client icon in the notification area to bring up the ZENworks Endpoint Security Client About window, then click .The Module List window displays all of the modules that are presently loaded on the client machine, the date the module was last modified, and the module’s version number. Use this information to check this client’s version for diagnostic purposes.
Click the
, , and headings to toggle names, dates, and versions. Click to close the Module List window.Logging can be turned on for the Endpoint Security Client, permitting it to log specific system events. Log files are saved in the C:\users\allusers\novell\ZES\log directory (this is a hidden folder, so you need to change the folder options to see the folder). To turn on and configure logging, double-click the Endpoint Security Client icon in the notification area to bring up the ZENworks Endpoint Security Client About window, then click .
By default, all logging events are set to
, but you can set each listed event to the following:Debug: Turns on every possible message and includes Informational, Warning and Error messages.
Informational: Records all events when they occur, such as when a network connection event begins and ends.
Warning: Records errors that have occurred but are solvable and do not prevent the client from running.
Error: Records errors that have occurred and prevent the client from running.
Use the C:\users\allusers\novell\ZES\log directory, where it can be used the next time you select . Select to restore the Logging window to its default state (all events to if is not selected), or to the state when you selected .
button to save a particular configuration. The configuration is then saved to theWhen troubleshooting, you should set logging according to the directions of Novell Support and re-create the circumstances that led to the error to see if it can be repeated.
The option to add a comment to the logs is available in the Logging window. Click the
button to display the Logging Comment window. Comments are included with the next batch of logs.