This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange behaviour (could not find a source/ updated)

Hi All

I am running SEC 4.5.1.0 with three update managers and clients are V.9.5

The problem i am having which started approx three days ago is endpoints have a red cross through them, saying update failed, When i go to SEC and look at the logs for a machine it reads

                                           Computer name                           ALLISONPXP10TO
   Computer description
   Operating system                        Windows XP
   Service pack                            Service Pack 3
   Domain/workgroup                        xxxxxxxx
   IP address                              172.29.6.164
   Sophos Anti-Virus version               9.5.5 VDL4.64G
   HIPS rules                              4.1.2
   HIPS configuration                      1.0.4
   Detection data                          4.64G
   On-access scanning                      Active
   Anti-virus and HIPS policy              Same as policy
   Last scheduled scan completed
   Last message received from computer     4/4/2011 1:02:07 PM
   Up to date                              Not since 4/4/2011 2:33:31 PM
   Updating policy                         Same as policy
   Time installed package became available 4/4/2011 7:07:03 AM
   Time next package became available      4/4/2011 1:33:31 PM
   Primary update server                   \\xxxxxx\SophosUpdate\CIDs\S000\SAVSCFXP\
   Secondary update server                 Sophos
   Client firewall enabled
   Client firewall policy
   Client firewall version
   Client firewall mode
   Sophos NAC policy
   Compliance Agent (NAC) version
   Sophos NAC compliance assessment
   Application control policy              Same as policy
   Application control on-access scanning Inactive
   Data control scanning status            Inactive
   Device control scanning status          Inactive
   Data control policy compliance          Same as policy
   Device control policy compliance        Same as policy
   Tamper protection status                Inactive
   Tamper protection policy compliance     Same as policy
   Group                                   \Global Group\Toorak\Computers\Staff Desktops

Outstanding alerts and errors

Sophos AutoUpdate status Date/time Code Description
4/4/2011 11:01:40 AM 00000071 ERROR: Could not find a source for updated packages

History

   Sophos AutoUpdate status                                                             Date/time            Code      Description
                                             4/4/2011 11:01:40 AM 00000071 ERROR: Could not find a source for updated packages
                                             4/4/2011 10:51:03 AM 00000000 Updated successfully
                                             4/4/2011 10:01:42 AM 00000071 ERROR: Could not find a source for updated packages
                                             4/4/2011 9:51:03 AM 00000000 Updated successfully
                                             4/4/2011 8:51:45 AM 00000071 ERROR: Could not find a source for updated packages
                                             4/4/2011 8:41:48 AM 00000000 Updated successfully
                                             4/1/2011 3:32:00 PM 00000071 ERROR: Could not find a source for updated packages
                                             4/1/2011 3:21:22 PM 00000000 Updated successfully
                                             4/1/2011 2:52:00 PM 00000071 ERROR: Could not find a source for updated packages
                                             4/1/2011 2:41:22 PM 00000000 Updated successfully
                                             4/1/2011 2:12:03 PM 00000071 ERROR: Could not find a source for updated packages
                                             4/1/2011 2:01:22 PM 00000000 Updated successfully
                                             4/1/2011 1:32:01 PM 00000071 ERROR: Could not find a source for updated packages

I realise you will need a lot more info ,so pleasea ask questions and i will provide all that i can.......

This thread was automatically locked due to age.

Parents

0 Paulsav over 14 years ago

Hi QC
you were 100% on the money , the account i use for the clients to access the updates (which is a local account) was locked on the server .
The problem i am having is this account get locked every two mins, i check the logs on the server and can not see what user is locking it. I have tried tools such as eventcomb but this tool only works with accounts on the domain, not local accounts, It is allmost impossible to tell which client is supplying the wrong details to access the share as there is almost 100 enpoints that use that update manager.
I know this is a long shot but does anyone have any suggestions on what i could try to do to resolve the issue (appart from creating a new account and then changing the account which is used on the endpoints, to access the server) ?????
:11829
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Paulsav over 14 years ago

Hi QC
you were 100% on the money , the account i use for the clients to access the updates (which is a local account) was locked on the server .
The problem i am having is this account get locked every two mins, i check the logs on the server and can not see what user is locking it. I have tried tools such as eventcomb but this tool only works with accounts on the domain, not local accounts, It is allmost impossible to tell which client is supplying the wrong details to access the share as there is almost 100 enpoints that use that update manager.
I know this is a long shot but does anyone have any suggestions on what i could try to do to resolve the issue (appart from creating a new account and then changing the account which is used on the endpoints, to access the server) ?????
:11829
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data