Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 1761 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Group & AD Synchronisation

Yabusame

Hi all,

I've been playing with a Sophos group that I have synchronised with an OU container.  I was hoping that if a machine is added to the OU container then it would automatically get Sophos installed (that is what I have ticked in the Synchronisation Properties page).  As you can imagine, this isn't happening.  The group is being populated with the one machine that is in that OU container but it remains greyed out.  I have a domain admin account configured to do the install (likewise, on the Synchronisation Properties page).  Are there any additional steps I am missing?

The machine is on the same network (IP range) as the Sophos server to rule out comms problems through firewalls whilst I play.

Thanks in advance!

:12783


This thread was automatically locked due to age.
  • 0

    Hello Yabusame,

    was the machine "known" to SEC before and did it have Sophos installed (even if it has been deleted from the console)? Install is not re-attempted once the machine has been protected (successfully or not).

    If it has been there you should delete the client from the database (search for delete from ComputersAndDeletedComputers in this forum).

    Christian

    :12803
  • 0

    Hi Christian,

    The machine was completely unknown to SEC but it did have a standalone version of Sophos installed as part of its base image.  When the machine was added to the domain I moved it to the OU that I'd created to play with synchronisation and it eventually appeared in SEC, greyed out, for that synchronised group.  I don't think any attempt has been made on the install from SEC but do you think that the standalone version would have prevented this?

    I had hoped that ticking the 'Remove Third Party Software' would have allowed SEC to remove the standalone version and then install the managed version of Sophos AV.  Though I am aware that the standalone version could be a red herring here, but I don't think SEC has tried to do an install yet.

    Neil.

    :12807
  • 0

    Hello Neil,

    I've mentioned it some time ago, initially SEC (in version 3.0 IIRC) attempted the install until the machine reported completion. If the sync interval was too short for the install to complete it was re-initiated over and over and never succeeded. Thus the logic has been changed to attempt the automatic install only once. Stumbled over it during the last Beta tests when SEC refused to install. Here's part of the response from Support: Automatic protection will only function for new machines to the domain. If the machine is in the database as having been protected (or even attempted) previously it will not retry. Turned out that although deleted and not visible in SEC the machine was known.

    As it doesn't register with SEC the standalone version (which is, I think, not third party) shouldn't have any effect on the attempt - it might cause the install to fail but this should result in an error. Any chance that a client with the same name existed at some time?

    If you find a matching entry or matching entries deleting them from the database (you don't have to move the computer out of the OU) should restart the cycle, i.e. detection by sync and subsequent automatic protection.   

    Christian

    :12815