Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Subscribers 15 subscribers
  • Views 23226 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VDI Gold Image updating?

Terry Synyshyn

We have 5 different gold images that we maintain through out the College and we have started to to deploy Sophos central and move away from an enterprise on premises solution. I have followed the instructions in KB120560 (https://community.sophos.com/kb/en-us/120560) , but was wondering after you setup the install on your VDI gold image and configure it ......do you have to go through the configuration every time you update the gold image as we update the gold images and recompose at least once a month? And if you do need to go through the configuration every time is it script-able



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to RyanDonohue

    In Sophos cloud, I disable tamper protection on my "master image" PC and always leave it that way. I only have that PC powered on when I need to make updates or software changes. So 99% of the time that computer is off anyways.

  • 0 in reply to JasonJaskey

    I'm not sure if something's changed, but when using the script, or going through the process manually, my golden image loses its tamper protection setting. What I'm finding is that after deploying a group of machines from the golden image it will turn tamper protection back on on the golden image, but one of the deployed machines will have it disabled. Also, the golden image appears to be a new machine in sophos central, which is evidenced by looking at the events and seeing that it only saw it for the first time a few minutes after the most recent deployment. If I look at the machine that was deployed and got its tamper protection turned off all of the events that were associated with the golden image now show up under this machine in sophos central. This deployed machine has a unique name, and I'm following the steps that are supposed to generate a new ID, so not sure why sophos central is getting them mixed up. Does anyone have any idea what is happening here. I opened a ticket with support and they were zero help. This happens in our vdi environment every single time I deploy new desktops based on the golden image.

  • 0 in reply to RyanDonohue

    I know a few weeks ago Sophos updated the EXE on the Sophos central page. You might want to try grabbing that latest one and updating your gold image with it. Are you keeping your golden image powered on? I usually have mine on only when there are updates to do and when software needs installed or removed. Each machine should have its own entry in Sophos Central; if that's not happening you might have to remove the software from the deployed machines, delete their records out of Sophos central, and re-deploy the clones. If you go that route, make sure you uninstall the software first, then remove the entry from Sophos central. You need to disable tamper protection to uninstall, and if you delete the entry from sophos central, you can't uninstall the software. Ask me how I know...

  • 0 in reply to JasonJaskey

    Hi guys

    I downloaded last sophos.exe from Sophos central but after deploying golden image, Deployed machines can't make endpointidentify.txt file on the

    C:\Programdata\Sophos\Management Communications System\Endpoint\Persist\.

     

    Sophos is looking good on the deployed machines(updateing and protecting everything is green) but they are not discolverable in Sophos central. Thats why for login admin I have to use golden image password from Sophos central to login to the deployed machines.

    can anyone help me please with this.

     

    thanks

Unfiltered HTML