Checking state of WSS Agent connection to add logic to Applications that are failing on startup
Article ID: 263236
Updated On:
Products
Issue/Introduction
WSS Agent running on Windows/MacOS with SAML Authentication.
Onedrive service initialised on Windows startup erroring out.
Any Application auto started on Windows boot can fail as no Web requests can be sent until WSS Agent tunnel is active and users authenticate successfully.
Can the WSS Agent report initialisation state so that Applications can retrieve this info and decide whether to launch? The goal is to launch Onedrive app only if we know the WSS Agent tunnel is up and the user is authenticated.
Environment
WSS Agent (all versions).
Windows Applications launched at startup.
Cloud SWG.
Cause
Application unaware of state of WSS Agent tunnel.
Resolution
The following commands are available on both Windows and MacOS platforms to determine the state of the tunnel:
Windows:
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\WSS Agent" /v x-connStatus
macOS
defaults read "/Library/Application Support/Symantec WSS Agent/com.symantec.wssa" x-connStatus
The value of x-connStatus will be one of the following (typically we will search for 'connected' state when tunnel is up and user is authenticated.
"Not connected"
"Initializing"
"Connecting"
"Connected"
"Passive"
"No network connection"
"Disabled by administrator"
"Passive due to failure"
"Failure mode: open"
"Failure mode: closed"
"Disabled by User"
"Tunnel failed"
"Not fully loaded"
"Configuration corrupted"
"Access to WSS denied"
"Access to WSS denied (CTC)"
"Authenticating"
Applications can probe these entries to determine the state of the tunnel, and whether Application requests are likely to get responses (happens when tunnel up and users authenticate).
Feedback
