This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Update Manager (SUM) Password

Is there a way to test to make sure I have the correct SUM password? I fear I may not have the correct one and do not want to move to a new server before I know I have it.

Thanks!

This thread was automatically locked due to age.

0 jerryn3 over 11 years ago

Hi Christian,
Would that mean I don't have to do the certificate backup/import?
Thanks,
Jerry
:48506
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 11 years ago

Hello Jerry,
the certificates give the management server a unique identity in terms of RMS (the communication system between clients and server) and clients get their certificates when registering with a management server for the first time - kinda mutual assurance they belong to the same pack :smileyhappy:.
The certificate export/import is not rocket science - DataBackupRestore does the backup and you just import the CertificationManager.reg into the registry before installing SEC. Then it will have the right smell for the existing clients.
Christian
:48508
Cancel
Vote Up 0 Vote Down

Cancel
0 jerryn3 over 11 years ago

Hi Christian,
Where do I find the "- DataBackupRestore" you mentioned?
Thanks,
Jerry
:48510
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 11 years ago

Hello Jerry,
\Program Files (x86)\Sophos\Enterprise Console :smileyhappy: (see also How to use the DataBackupRestore.exe ...)
Christian
:48512
Cancel
Vote Up 0 Vote Down

Cancel
0 jerryn3 over 11 years ago

Hi Christian,
I am going from a 32 to 64bit machine. Does that make a difference?
Thanks,
Jerry
:48518
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 11 years ago

Hello Jerry,
from a 32 to 64bit machine
as noted in the migration guide you have to adjust the registry keys (i.e. edit the .reg file) before importing them.
Christian
:48546
Cancel
Vote Up 0 Vote Down

Cancel
0 jerryn3 over 11 years ago

Hi Christian,
I opened the file. Do I change this in the top of the file?:
[HKEY_LOCAL_MACHINE\SOFTWARE\sophos\Certification Manager\CertAuthStore]
To this:
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\sophos\Certification]
or this:
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\sophos\Certification\CertAuthStore]
Thank you,
Jerry
:48560
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 11 years ago

Hello Jerry,
the only key you need is [HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager\CertAuthStore], you can delete the rest. Insert \Wow6432Node between SOFTWARE and \Sophos so that it reads: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\Certification Manager\CertAuthStore]
Looks like you are not very familiar with .reg files. If you are unsure where a key starts and ends simply replace all occurrences of SOFTWARE\Sophos with SOFTWARE\Wow6432Node\Sophos.
Christian
:48564
Cancel
Vote Up 0 Vote Down

Cancel
0 jerryn3 over 11 years ago

Hi Christian,
You are correct, I don't. Can I import this anytime before installing? Do I still run the DataBackupRestore.exe to get the certificate?
Thanks,
Jerry
:48566
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 11 years ago

Hello Jerry,
anytime but before installing :smileyhappy:. You run DataBackupRestore -Action=backup on the old server (or alternatively export just the CertAuthStore key with regedit.exe) but not on the new one.
Christian
:48574
Cancel
Vote Up 0 Vote Down

Cancel