Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 10 subscribers
  • Views 8127 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Installing Central agent over Enterprise Console isn't going well

GreyDuck

Background: We're an MSP, we have used Enterprise Console for several years, and are transitioning one client at a time to the multi-tenant mode of Central.

After doing a few test case installs of the Central agent on top of a tamper-protection-disabled set of existing Enterprise Console agents, we thought we had the hang of it and proceeded with wider deployment to several clients. What's actually happening is one of several results:

  • Works as intended, software updates and re-points to Central, checks in with condition green.
  • Agent update works, re-points to Central, but condition is red because several services show as not-installed (usually the Intercept X piece, sometimes also AutoUpdate and SAV itself).
  • Nothing happens, agent remains in Enterprise Console list.

One of the weird results is that the agent install process runs okay, and then decides that since RMS is already installed it shouldn't change anything about the existing software. The bootstrap log says:

 

1/4/2018,9:16:21 AM,Information,Tamper protection inactive,
1/4/2018,9:16:21 AM,Information,mrinit.conf file path:,
1/4/2018,9:16:21 AM,Information,C:\Program Files (x86)\Sophos\Remote Management System\mrinit.conf,
1/4/2018,9:16:21 AM,Information,Checking if Sophos Anti-Virus or Sophos AutoUpdate are installed...,
1/4/2018,9:16:21 AM,Information,Sophos Anti-Virus is already installed on your computer.,
1/4/2018,9:16:21 AM,Information,Sophos AutoUpdate is already installed on your computer.,
1/4/2018,9:16:21 AM,Information,Sophos Remote Management System is already installed on your computer.,
1/4/2018,9:16:21 AM,Information,Starting wizard to collect information from user...,

 

Great, but that mrinit.conf is the one pointing at our Message Relay.

Am I going to have to try to rip out all of Sophos from each machine before doing the fresh install, after all? And what do I do with these halfway systems? These clients are spread out all over the place and I can't task a half-dozen techs with scheduling login sessions with ~150 people to do this manually, so a scriptable solution is pretty much required.

Ideas, folks?

 

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    We'd need to see more of that log since the quoted section is normal for a computer with RMS installed, i.e. I would expect to see something following that.

    We migrated from on-premise to central last year and had to intervene to get many of them across (sorry can't give an accurate percentage). We also had to uninstall the Patch Agent from some as the installer would not do that. We used our own scripts and deployment tool and scheduled it on startup.

    In theory the computer description in the Enterprise Console will get updated with the status, in practice that does not always happen.

    SophosInstall.exe preinstallation check return codes can be found here https://community.sophos.com/kb/en-us/122157

    SophosInstall.exe return codes can be found here https://community.sophos.com/kb/en-us/120449

    If you script the install you will need to check an update is not in progress and stop autoupdate before running SophosInstall.exe at a minimum.

    The process does need monitoring since failed installs can leave computers unprotected.

  • 0 in reply to Graham Burley

    I would suggest trying the new Central client installer - SophosSetup.exe rather than SophosInstall.exe.  Details here: https://community.sophos.com/kb/en-us/127045 

    Do you see the option under:

    https://cloud.sophos.com/manage/endpoint/eap

    to opt into the "New installer for Windows computers and servers".  If so, maybe try that.

    Regards,

    Jak

Reply Children
Unfiltered HTML