Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +8 person also asked this people also asked this
  • Locked Locked
  • Replies 66 replies
  • Answers 6 answers
  • Subscribers 31 subscribers
  • Views 173400 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Device Encryption Service randomly not starting/stopping on multiple endpoints since last week's outages?

Erich Weihrauch

Hello all.

Since last week's outage debacle, I've seen multiple random endpoints suddenly report that the device encryption service is not starting.

There seems to be no rhyme or reason to the timing (not when starting up, after restart, etc.).  Seems possibly related to policy push issues.

Sophos support asked me to remove policies from affected devices, remove endpoints, reinstall endpoints, reapply policies. I have not opted to do this as it is not a viable solution and really wouldn't not solve underlying issues with the central cloud services not pushing out policies in the first place.

Generally I've used PSEXEC to remotely start the service and the affected clients don't seem to be popping back up again after that, but still it's getting annoying.

Have any of you encountered this as of late? Any particular data points/extrapolation you've found (patterns like time of day, etc.)?

Lastly, is this all going to be a continuing issue with Sophos. I am in charge of maintaining Sophos on multiple endpoints, and trying to deploy policies, reinstall Cloud Web Gateway...I thought this product was designed to assist with reducing management loads for endpoints, not increase them?



This thread was automatically locked due to age.
  • 0

    I've noticed this issue on quite a lot of our machines here, although it's never really been too much of a concern as I just remotely restart the service when an alert comes up.  Obviously not much use for those with thousands of machines though!  I did, however, notice an improvement in the issue after looking into a separate problem with the Windows Audio service not starting.  The fix for this seems to have helped with the Sophos Device Encryption service too.

    Basically, I set a new registry entry at HKLM\SYSTEM\CurrentControlSet\Control

    New DWORD key ServicesPipeTimeout with a decimal value of 60000

    Source for this at http://support.microsoft.com/kb/922918

    Obviously it depends on the underlying issue so may not sort it for everyone, but it might be worth trying on a couple of test machines.

  • 0 in reply to RBGE

    Awesome I'm gonna try this, as I have a few machines that are also suddenly having that issue with the Windows Audio service not starting.

  • 0 in reply to RBGE

    How well did this fix work for you?  I've tried on a few of my machines with varying success.

  • 0 in reply to James Aggrey

    It's been pretty much the same here.  It looks like a lot of the original cases were due to the service timing out, so increasing the timeout has 'fixed' the problem, but there are still a few machines where the service is still failing to start.  I've not tried extending the timeout even further, but if it's taking longer than 1 minute to start I think there's an extra problem.

    Confusing, as the timeout was clearly an issue for some machines, but not all of them.

  • 0 in reply to RBGE

    Great.  I'm not sure what's going on in my case.  Now in addition to Windows Audio service not starting on random machines, the wifi stops working and restarting the computer asks for a BitLocker key each time.  One machine I can understand but on multiple is a head-scratcher.

  • 0

    I've been dealing with these issues for some time, too.  The only solution I've received is to uninstall the client and do a reinstall.  That means that I gotta kick the user off for about an hour.  The uninstall/reinstall is a pain as it will fail at multiple points on both the uninstall and the reinstall.  Does anybody know of an easier way to do the uninstall/reinstall?

  • 0 in reply to Gowtham Mani

    Are you still working on the issue? Or should this be resolved by now?

  • 0 in reply to LRB

    Hi everyone,

    The Fix for the reported issue with the Device encryption service start is currently being rolled out and is in progress. The rollout of Sophos Central Device Encryption version 1.4.103 is expected to get completed by next weekend(Tentative).

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Gowtham Mani

    Thanks for the update.  Is there any way to pull the update manually or do we have to wait for it to hit us?

  • 0 in reply to Gowtham Mani

    Has the change been to the software to change the "Sophos Device Encryption Service" service to delayed start?  Is this evidence of the update?  Is 1.4.103 the version of this update?

    Regards,
    Jak

Unfiltered HTML