Troubleshooting IAG Client installation issues

The IAG client components are an important part of the endpoint security that the product provides, as these detect and report back to the server what is running on that computer, and more importantly - what's not running. The client tools also are also an important part of other functionality, like SSL-VPN and the attachment wiper.

 

Normally, the client components install automatically whenever a user connects to the IAG Server for the 1st time, and then are invoked when the user reconnects to the server. In some situations, the client components may become corrupted, so here are some steps that can be taken to troubleshoot them. This guide assumes that the trouble is occurring on a single machine, and is not a network-wide issue, which would require server-side troubleshooting. Also, this guide refers to Windows XP with IE, and is not applicable to Operating systems and browsers that are based on the JAVA client component mechanism.

 

Before we begin troubleshooting, I'd like to outline the standard installation procedure for the client components. The client components are based on ActiveX technology, and their installation is initiated automatically when open the IAG portal for the 1st time. This requires administrative permissions (or elevated permissions using Vista UAC), although upon returning to the portal later on, the components can run as a normal user. There are other security settings that might hinder the client installations, and that is the 1st troubleshooting step:

 

1. 1st, Verify the security settings on the client machine. To do this, open Internet Explorer settings, and go to Security. Click on Trusted Sites, and make sure that the IAG site appears on the list, or add it:

 

image

2. Next, reset the security level for the trusted sites to the default by clicking on Default Level:

 

image

 

3. If, for some reason, you are not at liberty to use the default level, click on Custom Level, and verify that Active-X controls are not disabled.

4. If a firewall is running on the machine, either disable it, or set it to allow access to the programs:

%programfiles%\Whale Communications\Client Components\3.1.0\WhlCach3.exe

%programfiles%\Whale Communications\Client Components\3.1.0\WhlDetct.dll

5. At this point, retry installing the client by restarting the browser and going back to the IAG site.

6. The next step is to manually install the client components. The client components installer is available as an Executable file on the c:\whale-com\e-gap\von\PortalHomePage folder. If the server is IAG 3.7 SP2 or above, then it is also available as a Microsoft Installer package (MSI), suitable for automated corporate AD-based deployments. Copy the installer to the client, and run it to install.

7. If the manual installation fails, or the components are still not working, then the next phase is to perform a manual clean-up of the client components:

a. Uninstall the client components using the windows Add/Remove programs control panel.

b. Use Task Manager to end the process DMService.exe, if it is running.

c. Delete the folder Whale Communications from your Program Files folder.

d. Open the folder c:\windows\downloaded program files and delete any folders with the name DM.* (DM.0, DM.1 etc). You would be required to do this using a command-prompt, as this folder is set to hide its contents.

e. In the same folder, delete DMService.exe and WhlMgr.dll, if they exist.

f. In the same folder, look for a file named WhlCompMgr.inf, and open it with notepad. Look for a line with a format similar to this, and note the number in the parentheses:

clsid={8D9563A9-8D5F-459B-87F2-BA842255CB9A}. This number is your CLSID, and it changes between various versions and updates of IAG.

g. Open the registry editor, backup the following keys, and then delete them:

                                                               i. HK_Classes_Root\<CLSID>

*<CLSID> refers to the code you found in the previous step.

                                                             ii. HK_Classes_Root\ComponentManager.Installer

                                                            iii. HK_Classes_Root\ComponentManager.Installer.1

                                                           iv. HK_Classes_Root\ComponentManager.Installer.2

                                                             v. HKLM\Software\WhaleCom

                                                           vi. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\<CLSID>

                                                          vii. HKCU\Software\Microsoft\Code Store Database\Distribution Units\<CLSID>

                                                        viii. HKCU\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/WhlMgr.dll

*Note that not all keys necessarily exist on each machine.

h. Delete the file WhlCompMgr.inf referred to in step F

i. Reboot the client machine.

8. If the client installation was successful, but the client is still unable to login or access the IAG site properly, the next step is to activate client logging. These logs can be used by the IAG support team to analyze specific issues with the client. To turn on client logging, follow these steps:

a. Locate the file ctrace.xml at c:\Program Files\Whale Communications\Client Components\3.1.0\

b. Open the file using a text editor.

c. Look for lines starting with <Configuration. There should be 11 of them, each related to logging a different part of the client components. At the end of these lines, change Enabled="False" to Enabled="True" , and save the file.

d. In a Command prompt, go to that folder, and type the command ctrace activate ctrace.xml

e. Logging will start - log on to the portal and perform the actions that led to the issue.

f. Open the file ctrace.xml again, and change the True back to False. Save the file.

g. In a Command prompt, go to that folder, and type the command ctrace activate ctrace.xml to stop the logging.

*Although the command is "Activate", it actually de-activates logging, according to the "False" settings within the XML file.

h. Locate the log file under the system's temp folder ( %temp% )

9. If the client installation still fails after the deep cleanup, or it does not give out an error message, use "Pre-Emptive" logging to log the installation process:

a. Create a new text file.

b. Visit the following KB, and copy/paste the registry information from it into the new file. This sets the registry to activate the logging:

https://support.microsoft.com/kb/955101

c. Save the file as ActivateTracing.REG and execute it to write the data to the registry. Logging will start.

d. Install the client components again, either manually or by logging on to the portal.

e. Locate the log files at these locations:

%temp%\*.csv

%windir%\temp\*.csv

c:\temp\*.csv

%temp%\low\*.csv

%temp%\low\low\*.csv

"%programfiles%\Whale Communications\Client Components\3.1.0\*.log

10. If the logging has been unsuccessful, or the logs do not contain significant info about the issue, a last resort is to perform a deep reset of Internet Explorer. This measure is equivalent to uninstalling and re-installing Internet Explorer, and resets all settings to the default, including removing installed toolbars and plug ins. Please be aware that running this might cause a severe change in IE, so use this script only if all else has failed. To use it, create a text file, and copy the following script into it:

@echo off

REM - IEReg.bat v 1.9

REM - To manually re-register IE, Shell, Crypto, BITs, WinHTTP, AU, ARP, MSXML related dlls.

REM - Revision History

REM - V1.0 jimhank, jarrettr - Creation of Batch file

REM - v1.1 gregco - Updated 08/28/03 to include the Digital Signing and Cryptographic Provider dlls

REM - v1.2 gregco - Updated 04/02/05 to include Add Remove Programs Registration, Help Center, Network Properties Shell

REM - v1.3 gregco - Updated 04/11/05 to include AU (Automatic Updates) client related dlls

REM - v1.4 shainw, gregco - Updated 06/12/06 to include BITS, WINTTP, WSUS related dlls

REM - v1.5 gregco - Updated 05/23/07 to include more WINTTP WSUS MSXML related dlls

REM - v1.6 shainw, gregco - Updated 07/07/07 to include more AU (Automatic Updates) client related dlls

REM - v1.7 gregco - Updated 11/01/07 to include /i option for Shell32.dll registration.

REM - v1.8 gregco - Updated 12/11/07 to include msjava.dll registration.

REM - v1.9 gregco - Updated 05/26/08 to include VISTA/2008 UAC Check, Sidebar Dlls.

:OSCHECK

ver | find "Version 6" >nul && GOTO UACCheck

GOTO RUNIT

:UACCheck

::::::::: Vista UAC TEST and Detection ::::::::::::

%systemroot%\system32\Whoami.exe /priv | find "SeTakeOwnershipPrivilege" >nul && GOTO RUNIT

:VistaAdminAlert

cls

Echo

Echo IEREG.BAT 1.9 [VISTA/2008 SERVER: Administrator Privilege Required!]

Echo ========================================================================================

echo.

echo Launch IEREG.BAT as an Administrator by doing the following:

echo.

echo 1. Ensure you are logged on with Administrator privileges

echo 2. Right click IEREG.BAT

echo 3. Choose "Run as administrator" from the context menu

echo.

echo Press any key to exit now

pause > nul

GOTO end

::::::::: Vista UAC TEST and Detection ::::::::::::

:RUNIT

@echo on

rem rundll32.exe advpack.dll /DelNodeRunDLL32 C:\WINNT\System32\dacui.dll

rem rundll32.exe advpack.dll /DelNodeRunDLL32 C:\WINNT\Catroot\icatalog.mdb

rem Regsvr32 setupwbv.dll /s

rem Regsvr32 wininet.dll /s

Net Stop bits > nul

Net stop wuauserv > nul

REM - IE and Shell related dlls

Regsvr32 /i Shell32.dll /s

Regsvr32 comcat.dll /s

Regsvr32 CSSEQCHK.DLL /s

Regsvr32 shdoc401.dll /s

Regsvr32 shdoc401.dll /i /s

Regsvr32 asctrls.ocx /s

Regsvr32 oleaut32.dll /s

Regsvr32 shdocvw.dll /I /s

Regsvr32 shdocvw.dll /s

Regsvr32 browseui.dll /s

Regsvr32 browsewm.dll /s

Regsvr32 browseui.dll /I /s

Regsvr32 msrating.dll /s

Regsvr32 mlang.dll /s

Regsvr32 hlink.dll /s

rem Regsvr32 mshtml.dll /s

Regsvr32 mshtmled.dll /s

Regsvr32 urlmon.dll /s

Regsvr32 plugin.ocx /s

Regsvr32 sendmail.dll /s

rem Regsvr32 comctl32.dll /i /s

rem Regsvr32 inetcpl.cpl /i /s

rem Regsvr32 mshtml.dll /i /s

Regsvr32 scrobj.dll /s

Regsvr32 mmefxe.ocx /s

rem Regsvr32 proctexe.ocx mshta.exe /register /s

Regsvr32 corpol.dll /s

Regsvr32 msjava.dll /s

Regsvr32 jscript.dll /s

Regsvr32 msxml.dll /s

Regsvr32 imgutil.dll /s

Regsvr32 thumbvw.dll /s

Regsvr32 cryptext.dll /s

Regsvr32 rsabase.dll /s

rem Regsvr32 triedit.dll /s

rem Regsvr32 dhtmled.ocx /s

Regsvr32 inseng.dll /s

Regsvr32 iesetup.dll /i /s

rem Regsvr32 hmmapi.dll /s

Regsvr32 cryptdlg.dll /s

Regsvr32 actxprxy.dll /s

Regsvr32 dispex.dll /s

Regsvr32 occache.dll /s

Regsvr32 occache.dll /i /s

Regsvr32 iepeers.dll /s

rem Regsvr32 wininet.dll /i /s

Regsvr32 urlmon.dll /i /s

rem Regsvr32 digest.dll /i /s

Regsvr32 cdfview.dll /s

Regsvr32 webcheck.dll /s

Regsvr32 mobsync.dll /s

Regsvr32 pngfilt.dll /s

Regsvr32 licmgr10.dll /s

Regsvr32 icmfilter.dll /s

Regsvr32 hhctrl.ocx /s

Regsvr32 inetcfg.dll /s

rem Regsvr32 trialoc.dll /s

Regsvr32 tdc.ocx /s

Regsvr32 MSR2C.DLL /s

Regsvr32 msident.dll /s

Regsvr32 msieftp.dll /s

Regsvr32 xmsconf.ocx /s

Regsvr32 ils.dll /s

Regsvr32 msoeacct.dll /s

rem Regsvr32 wab32.dll /s

rem Regsvr32 wabimp.dll /s

rem Regsvr32 wabfind.dll /s

rem Regsvr32 oemiglib.dll /s

rem Regsvr32 directdb.dll /s

Regsvr32 inetcomm.dll /s

rem Regsvr32 msoe.dll /s

rem Regsvr32 oeimport.dll /s

Regsvr32 msdxm.ocx /s

Regsvr32 dxmasf.dll /s

rem Regsvr32 laprxy.dll /s

Regsvr32 l3codecx.ax /s

Regsvr32 acelpdec.ax /s

Regsvr32 mpg4ds32.ax /s

Regsvr32 voxmsdec.ax /s

Regsvr32 danim.dll /s

Regsvr32 Daxctle.ocx /s

Regsvr32 lmrt.dll /s

Regsvr32 datime.dll /s

Regsvr32 dxtrans.dll /s

Regsvr32 dxtmsft.dll /s

rem Regsvr32 vgx.dll /s

Regsvr32 WEBPOST.DLL /s

Regsvr32 WPWIZDLL.DLL /s

Regsvr32 POSTWPP.DLL /s

Regsvr32 CRSWPP.DLL /s

Regsvr32 FTPWPP.DLL /s

Regsvr32 FPWPP.DLL /s

rem Regsvr32 FLUPL.OCX /s

Regsvr32 wshom.ocx /s

Regsvr32 wshext.dll /s

Regsvr32 vbscript.dll /s

Regsvr32 scrrun.dll mstinit.exe /setup /s

Regsvr32 msnsspc.dll /SspcCreateSspiReg /s

Regsvr32 msapsspc.dll /SspcCreateSspiReg /s

Regsvr32 licdll.dll /s

Regsvr32 regwizc.dll /s

Regsvr32 IEDKCS32.DLL /s

Regsvr32 MSTIME.DLL /s

REM - Digital Signing and Cryptographic Provider dlls

Regsvr32 softpub.dll /s

Regsvr32 WINTRUST.DLL /s

Regsvr32 INITPKI.DLL /s

Regsvr32 DSSENH.DLL /s

Regsvr32 RSAENH.DLL /s

Regsvr32 Gpkcsp.dll /s

Regsvr32 Sccbase.dll /s

Regsvr32 Slbcsp.dll /s

Regsvr32 CRYPTDLG.DLL /s

Regsvr32 Mssip32.dll /s

REM - Add Remove Programs registration

Regsvr32 appwiz.cpl /s

Regsvr32 msi.dll /s

Regsvr32 "%ProgramFiles%\Common Files\System\Ole DB\Oledb32.dll" /s

Regsvr32 "%ProgramFiles%\Common Files\System\Ado\Msado15.dll" /s

Regsvr32 Ole32.dll /s

Regsvr32 Clbcatq.dll /s

Regsvr32 Plugin.ocx /s

Regsvr32 Cscui.dll /s

REM - Network Properties

Regsvr32 netshell.dll /s

Regsvr32 netcfgx.dll /s

Regsvr32 netman.dll /s

REM - Helpcenter and related files

%Systemroot%\PCHealth\HelpCtr\Binaries\helpctr -regserver

Regsvr32 hhctrl.ocx /s

REM - AU Client and WU related files

Regsvr32 MSXML2.DLL /s

Regsvr32 MSXML3.DLL /s

Regsvr32 MSXML3r.DLL /s

Regsvr32 MSXML4.DLL /s

Regsvr32 wuapi.dll /s

Regsvr32 wuaueng.dll /s

Regsvr32 wucltui.dll /s

Regsvr32 wups.dll /s

Regsvr32 wups2.dll /s

Regsvr32 wuweb.dll /s

Regsvr32 iuengine.dll /s

Rem Vista Files

Regsvr32 wucltux.dll /s

Regsvr32 wuwebv.dll /s

REM - BITS WinHTTP and WSUS service related files

Regsvr32 atl.dll /s

Regsvr32 bitsprx2.dll /s

Regsvr32 bitsprx3.dll /s

Regsvr32 cdm.dll /s

Regsvr32 mucltui.dll /s

Regsvr32 wuauserv.dll /s

Regsvr32 muweb.dll /s

Regsvr32 qmgr.dll /s

Regsvr32 qmgrprxy.dll /s

Regsvr32 winhttp.dll /s

Regsvr32 wuaueng1.dll /s

REM - Vista Sidebar related files

Regsvr32 -u "%ProgramFiles%\Windows Sidebar\sbdrop.dll" /s

Regsvr32 -u "%ProgramFiles%\Windows Sidebar\wlsrvc.dll" /s

Regsvr32 "%ProgramFiles%\Windows Sidebar\sbdrop.dll" /s

Regsvr32 "%ProgramFiles%\Windows Sidebar\wlsrvc.dll" /s

Regsvr32 -u "%ProgramFiles(x86)%\Windows Sidebar\sbdrop.dll" /s

Regsvr32 -u "%ProgramFiles(x86)%\Windows Sidebar\wlsrvc.dll" /s

Regsvr32 "%ProgramFiles(x86)%\Windows Sidebar\sbdrop.dll" /s

Regsvr32 "%ProgramFiles(x86)%\Windows Sidebar\wlsrvc.dll" /s

REM - Restart AU and BITS services

Net start wuauserv > nul

Net Start bits > nul

:END

exit

 

11. Save the file as IEReset.bat and execute it. Reboot the client computer and try to install the client components again.