Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

SMAConnectAgent - admin permissions needed

BWCBWC Cybersecurity Overlord ✭✭✭

Hi,

how do you handle that the SMAConnectAgent needs administrative rights to be installed?

Having Device Management enabled on the SMA needs the SMAConnectAgent to be deployed, but it's usual that on employer-provided systems the user does not have any admin permissions.

With the firmware update from 10.2.0.0 to 10.2.0.1 the user got prompted to install a newer version, but can't install because of the missing rights. The prompt can be canceled, but causes confusion on the user side. The endpoints (Notebooks) are located in Home-Offices and will probably not return into the HQ for a while to get refueled via GPO etc. The Home-Offices just connect to the browser-based VirtualOffice, no VPN.

Any help highly appreciated.

--Michael@BWC

Category: Secure Mobile Access Appliances
Reply

Answers

  • Vijay_Kumar_KVVijay_Kumar_KV SonicWall Employee

    Hi,

    once connect agent is installed and when they upgrade to 10.2.0.1 but it should work fine, if GPO is not causing here..

    Admin rights are needed for NX for first time and subsequent upgrades not needed.

    Vijay Kumar KV

    Enterprise Tech Support Consultant | SME

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Vijay_Kumar_KV

    if I get you right, you're saying admin rights are not needed for upgrades? This does not seem to be the case, after logging into the SMA I'am greeted with an option to upgrade the SMAConnectAgent because there is a newer version available, when I'am hitting yes to upgrade I'am asked for Admin credentials.

    That was the point of my initial question, is this a bug and admin rights shouldn't be needed for upgrades like you elaborated?

    --Michael@BWC

  • Vijay_Kumar_KVVijay_Kumar_KV SonicWall Employee

    @BWC .

    Admin rights needed while we install SMAConnectAgent is required to upgrade, admin permission will be required again because we need to update registry settings each installation. so admin is needed for every time..

    Vijay Kumar KV

    Enterprise Tech Support Consultant | SME

  • Vijay_Kumar_KVVijay_Kumar_KV SonicWall Employee

    admin permission is needed for every time..

    Vijay Kumar KV

    Enterprise Tech Support Consultant | SME

  • BWCBWC Cybersecurity Overlord ✭✭✭

    I need to come back about this, actually in retrospect, my question isn't answered. The question was: "How do you handle that the SMAConnectAgent needs administrative rights to be installed?"

    What I mean here, how should we upgrade the SMAConnectAgent in the field on machines where the enduser does not have administrative rights? Should the SMAConnectAgent pre-deployed with some form of software-distribution (GPO, etc.) prior to an upgrade of the SMA to avoid this confusing upgrade messages, which cannot be fullfilled without the admin rights anyhow?

    Whats a common way?

    --Michael@BWC

  • Vijay_Kumar_KVVijay_Kumar_KV SonicWall Employee

    I got it, but since this needs to registered in Registry so admin nights are needed, I agree with your points for subsequent upgrades I don't think we need admin rights..we'll check with engineering and if possible to do without rights.

    We can file an RFE?

    Vijay Kumar KV

    Enterprise Tech Support Consultant | SME

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @Vijay_Kumar_KV

    the problem could be solved if upgrades would not need admin rights, but I'am not sure if this is technically possible.

    For some "HTML Portal-only" deployments I don't even have a chance to deploy the newer Agent manually, because of the lack of a VPN connection. The whole process needs to be as simple as possible, because there a mainly no IT-people sitting in the Home-Offices at the moment.

    --Michael@BWC

  • Vijay_Kumar_KVVijay_Kumar_KV SonicWall Employee

    @BWC I got it, we'll check on ourside how to fix this going forward.

    Vijay Kumar KV

    Enterprise Tech Support Consultant | SME

Sign In or Register to comment.