Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 11 subscribers
  • Views 2841 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Push deployment - clean install

Lanky Doodle

Hi,

We use Sophos Central and a couple of endpoints are reporting some components as not running or policy compliance is not met, and the recommendation is to "Re-deploy the client". When I click that button it takes me to a page to download the installer exes, not (re)push it out!

Is there anyway of automating this in a clean way. At the moment we are disabling tamper protection, manually removing all Sophos components and then re-installing. This involves kicking the currently logged in user out.

Could this be done from a remote PowerShell session, without disturbing the logged in user?

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    If AutoUpdate component is functioning, there is really no benefit to performing a new install as Sophos AutoUpdate performs pretty much the same role as the installer, i.e. downloading an installing components.

    If you delete the status file of AutoUpdate C:\ProgramData\Sophos\AutoUpdate\data\status\SophosUpdateStatus.xml then on the next update AutoUpdate will re-run all the setup plugins of each component.  This is one option that may resolve your issue.  You can even edit the install or download x-sum values in this file to force just certain components to re-run the setup plugin if really needed.

    The other option, which does the same thing is to change the value of the registry value "PlatformRelease" under:
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\AutoUpdate

    When the OS updates, then AutoUpdate will re-run the setup plugins of each component as well.  AutoUpate checks this value and updates it when the OS changes.  So just change it to 1, for example, will be different to the current OS version and force the update.

    To change either of these, Tamper Protection will need to be disabled of course.  You can initiate an update via COM using VBS/PowerShell if needed. For example:

    (New-Object -ComObject "activelinkclient.clientupdate.1").updatenow($true,1)

    I also understand that a RepairKit component is being added to AutoUpdate shortly which will attempt repairs of components prior to each update to minimize interactions and to maintain good health.

    Regards,
    Jak

Reply
  • 0

    If AutoUpdate component is functioning, there is really no benefit to performing a new install as Sophos AutoUpdate performs pretty much the same role as the installer, i.e. downloading an installing components.

    If you delete the status file of AutoUpdate C:\ProgramData\Sophos\AutoUpdate\data\status\SophosUpdateStatus.xml then on the next update AutoUpdate will re-run all the setup plugins of each component.  This is one option that may resolve your issue.  You can even edit the install or download x-sum values in this file to force just certain components to re-run the setup plugin if really needed.

    The other option, which does the same thing is to change the value of the registry value "PlatformRelease" under:
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\AutoUpdate

    When the OS updates, then AutoUpdate will re-run the setup plugins of each component as well.  AutoUpate checks this value and updates it when the OS changes.  So just change it to 1, for example, will be different to the current OS version and force the update.

    To change either of these, Tamper Protection will need to be disabled of course.  You can initiate an update via COM using VBS/PowerShell if needed. For example:

    (New-Object -ComObject "activelinkclient.clientupdate.1").updatenow($true,1)

    I also understand that a RepairKit component is being added to AutoUpdate shortly which will attempt repairs of components prior to each update to minimize interactions and to maintain good health.

    Regards,
    Jak

Children
No Data
Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?