Overview

Environment

• GFI LanGuard 2012 SR1 and later versions
• Mac OS X
  
  

Root Cause

The scan and deployment on Mac OS X computers work completely different from Windows operating systems. GFI LanGuard needs to copy and run some scripts to the Mac computers to get the system information.

Resolution

1. Confirm GFI LanGuard is able to resolve the name of the remote computers:
   1. Open the command prompt.
   2. Type the command: ping Mac_hostname
2. Confirm that the SSH connection is open on Mac computers:
   1. From the LanGuard server, download putty.exe.
   2. Open putty.exe and type the IP address obtained in step 1. Change the SSH port if it's required.
   3. If the connection is allowed, you should be asked for the authentication.
3. Specify the root credentials to verify that the account is enabled and the password is valid:
   1. Enable root user or change the root password in Mac.
   2. Enable the SSH service in Mac OS X.
      NOTE: The Administrator account does not require permissions to scan or deploy patches. We must use a superuser 'root' account.
4. Confirm that the LanGuard communication port is allowed between the server and clients:
   1. Go to the Configuration > Agents Management > Agents Settings.
   2. Take note of the port specified on the TCP port.
5. Connect to a Mac computer and do the following steps:
   1. Open a terminal session. You can open Terminal by using Spotlight (CMD+Space) or by going to Applications > Utilities > Terminal.
   2. Copy and paste the command:

      curl http://<LanGuard_Server>:1072/files/mac/index-leopard.merged-1.sucatalog

      Where <LanGuard_Server> is the hostname of the server.
      NOTE: Remember that the port 1072 is defined by default but may change depending on the environment settings.

Confirmation

If the connection is allowed, you should be able to list the content of the file, otherwise, the communication port is blocked at some point in the network.