Posted 11 January 2008 - 07:11 PM
Your site says your product is "agent free", but then I noticed "Copying files" & "Installing service" for a lot of PCs. On those PCs there are 2 files in the Windows dir called "tniaudit.exe" and "tniservice.exe", both files weighing in at about 1 megabyte a piece (2MB total). And every time I run scans, there are 2 of them running on each computer. Meaning I see 2 "tniaudit.exe" and 2 "tniservice.exe" running at the same time.
Not that I mind agents, but it's not what's advertised.
Posted 14 January 2008 - 10:28 AM
Actually the program was developed as agent-free and it uses WMI (Windows Management Instrumentation) for accessing remote computers and collecting information. But then it happened that very often RPC service (which needs to be available to make use of WMI) is blocked by Windows Firewall in XP SP2 and Vista with default settings. Thus we have introduced a new method which drops an audit utility to a remote computer and runs a service remotely which then runs that utility locally. This method requires only SMB protocol to be allowed (file and printer sharing service), and as it's allowed more often, it's more "firewall friendly".
You can still set the program's behaviour with "File - Options - Connection - Connection method". There you can select to use either agent method (SMB) or agent-free method (RPC/DCOM). The option "Try another method", if enabled, orders the program to try to connect with another method if the one that is selected fails for some reason. If that option is disabled, only selected method is used.
As for 2 "tniaudit.exe" and 2 "tniservice.exe" running, this is okay, because this is the way our software protection system works (you can notice that one process is always very small, below 1 Mb in memory, this is a service process, and another one is bigger, this is a working process).
Posted 14 January 2008 - 03:39 PM
Posted 16 January 2008 - 06:22 AM
No other reason. The point is that the method with agent is used by default in the furst turn, in order to maximize the number of successful scans in an unknown environment. But as I've said, you can customize this behaviour in the program's options and disable the usage of agent.
We don't have any firewalls on for individual computers. Is there some other reason it's using the agent?
Posted 16 January 2008 - 12:24 PM
Posted 17 January 2008 - 12:10 PM
That means that something still prevents the program to connect to the RPC service on remote computers (TCP port 135). You would need to check for that. Mostly often the Windows Firewall is the reason. Are you sure that it's disabled on those computers?
I switched it to "use no agent" if it can and none of the PCs have the firewall enabled, but I still see it saying "Copying files" and "Starting service". If I tell it not to try another method, then I get all kinds of RPC errors, etc.
Posted 17 January 2008 - 03:01 PM
Posted 18 January 2008 - 12:05 PM
Anyway, this is why we have introduced the scanning method which uses an agent, as one method works on some networks, another method works on other, and in any case you get the result. Though usually they both should work.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users