Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2538 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update endpoint clients from 9.5 to 9.7 - No longer showing connection- RESOLVED

toddh

Hello,

Over the weekend I updated our Sophos Enterprise Console from 4.5 to 4.7.

The update went perfectly.

This morning, I prepared a second subscription, and update policy to test out the updating of the endpoint clients.

I moved a few PC's into a new group and assigned them the new update policy.

The PC's updated their clients from 9.5 to 9.7 without a problem.

However, now all of the client PC's are showing no connection back to the server on the Sophos Enterprise Console (there is the red 'x' over the PC icon).

I have to push the endpoint client software update down to the machines again manually, then they start showing that they are connected

I have the client software 9.7 downloading into the same share location as version 9.5

Sophos has created a new directory called "S002" - Not sure if this is correct or not but I thought I should mention it

Has anyone else experienced this issue?

According to the endpoints themselves, they have  a connection with the Sophos server.

Any help would greatly be appreciated.

Thank you,

Cheers

----------------------------------------------------------

Sorry for the late bit of information.

I just noticed, for the endpoint clients that update automatically, they are getting version 9.5.5 VDL4.67G - This is what the Enterprise Console is reporting. But the clients themselves show that they have version 9.7

So there must be a communication error between Sophos Server and the endpoint software.

I have no idea where this is coming from... That's definitely not what the subscription/Updating policy is set to install.

I will have to dig more!

===========================================

Okay so I managed to figure it out.

For whatever reason, if I left the clients to auto update, their mrinit files were getting populated with the incorrect information.

I shutdown my test Sophos server and tested with a new computer.

The autoupdate went through and the mrinit file was populated with the correct information.

I still don't know why or how they were picking up the test server - I have absolutely no clients managed by that server.

Shutting it down though appears to have fixed my issue.

Sorry to have wasted everyone's time :(

:14963


This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    re: certificates - the client's RMS checks whether it is connecting to the "correct" server (i.e. the same it was connecting to previously) otherwise it refuses to connect. When the clients initially registers with the server it stores the server's certificate and checks this certificate whenever it reconnects. By exporting certain registry keys and importing them on a new server before installing SEC you can make the new server issue an identical certificate. In this case you can "move" the clients freely from one server to the other without reinstalling RMS (or using the reset script).  

    ALUpdate logs from the client (there's - usually - no log on the server which client is downloading what unless it's over http)

    Christian

    :14983
Reply
  • 0

    Hello,

    re: certificates - the client's RMS checks whether it is connecting to the "correct" server (i.e. the same it was connecting to previously) otherwise it refuses to connect. When the clients initially registers with the server it stores the server's certificate and checks this certificate whenever it reconnects. By exporting certain registry keys and importing them on a new server before installing SEC you can make the new server issue an identical certificate. In this case you can "move" the clients freely from one server to the other without reinstalling RMS (or using the reset script).  

    ALUpdate logs from the client (there's - usually - no log on the server which client is downloading what unless it's over http)

    Christian

    :14983
Children
No Data