Agent-server communication issues while managing Windows legacy OS

To render better privacy and security, Endpoint DLP Plus has enforced HTTPS mode of agent-server communication. If you are actively managing computers running on Windows legacy OS, you may encounter agent-server communication discrepancies. To ensure seamless agent-server communication, follow the below mentioned steps.

Ensure proper patching

If you are managing computers running on Windows legacy OS, ensure you have patched the following updates rolled by Microsoft.

Patch ID OS Purpose
KB3072630 Windows Server 2003 For SHA2 support
KB2868626 Windows XP For SHA2 support

To enable cipher support for Windows Server 2003 and Windows XP, follow the steps given below:

  1. Navigate to the folder, where Endpoint DLP Plus server is installed. The default path is C:\ManageEngine\DesktopCentral_Server
  2. Open conf folder.
  3. Open websettings.conf.
  4. Change webserver.cipheroption=webserver.commoncipher to webserver.cipheroption=webserver.winxpcipher
  5. Save the file and restart the server.

 

Disable older TLS versions

From your console, navigate to Admin tab -> Security Settings -> Disable the older forms of TLS. Disable this option to manage legacy OS using Endpoint DLP Plus.