Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 5014 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Threat detection data update failed

JustinDevereaux

Having some major issues since upgrading my endpoints to Sophos ESC 9.5 - my update manager appears to have stopped updating! I've had a look in the SUMTrace log and it has the following error :-

2010-08-16 09:31:16 : Cmd-ALL << [E4037][bad allocation] Deployment to a share failed because of an unexpected error. Details: bad allocation
2010-08-16 09:31:16 : Cmd-ALL << [E400D][ActionDeployCids-Sub5-1][DispatcherPrograms-2010-08-16T08-10-43-1] Action 'ActionDeployCids-Sub5-1' with caller 'DispatcherPrograms-2010-08-16T08-10-43-1' failed!

Any ideas as to what this means?

Cheers

JD

:4631


This thread was automatically locked due to age.
  • 0

    Hello JD,

    If you have not already please open a support case with regards to this issue.

    In the mean time you can try the following if it is a corrupted CID causing the issue.

    1. On the update manager, in Windows Services stop the SUM Service.
    2. Delete the file C:\Program Files\Sophos\Enterprise Console\SUM\SUM_status.xml and specialactions.xml
    3. Delete the contents of the folder C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working.
    4. Delete the contents of the folder C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Update Manager\Warehouse.
      (On Windows Vista and above, these folders are found at C:\Program Data\Sophos\)
    5. On the update manager, in Windows Services, start the SUM Service.
    6. In Enterprise Console, download the files again by right-clicking the update manager and selecting 'Update now'.

    Hope that helps.

    AK

    :4669
  • 0

    It gets weirder!  I went to delete the contents of the C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\Working folder, and it failed, two subdirectories were left which Windows reckoned it couldn't delete. I checked the SUM service was killed, which it was, used Unlocker to force close any open files, and there weren't any. On closer inspection, it appears the path was longer than 255 characters which is why I couldn't delete the folders. The path depth was ridiculous, about 15/16 folders deep, so I renamed the folders within to single characters to get the path length down, deleted and am now re-downloading the updates.

    Will let you know if it has made any difference, or if my huge paths have returned!

    Cheers

    JD

    :4689
  • 0

    Hello JD,

    actually what you see could be two different things (at least that's my experience). I have encountered two or three errors with SUM so far (while "no errors" would be ideal it's not much over a period of 9 months with three SUMs and quite a number of CIDs). So the error is one thing.

    Another one is the folder structure. NTFS supports path lengths up to 32000 characters (and for example IE uses them heavily). The problem is the shell which has a limit of 260 characters and therefore you can't delete (or open or otherwise manipulate) the files which are "deeper down" using Explorer. You probably encountered the error with the MAC CID (and you found out how to work around it). Neither the OS nor applications which use the "correct" APIs have any problem with these long names. Of course the long names will return as they reflect the structure on a MAC.

    Christian   

    :4693