Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 3364 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

EndPoints - how to update the Updating after Enterprise Console Reinstall

BloodBaz

Hello,

I have just reinstalled Enterprise Console (now using 5.2.1) after I have had my license upgraded from Sophos Security Suite SBE to Sophos Endpoint Protection - Business.  I am running Windows Server 2012 VMs and a mix of Windows 7 and 8 clients.

As I recreated user accounts along recommended practises, my "Update Manager Account"  is now <mydomain>\SophosUpdateMgr.   However, my clients are still running Sophos AV with Updating details of the old (now deleted) account.  

As a result they cannot update themselves, nor can I correct the credentails manually on the clients as the Configuration > Updating dialog box (Primary location) has the settings "greyed out".  Chicken and egg!

Q1) How should I get my Winodws Clients to use the new Username/Password?

Q2) Should I just rerun the AV from \\myserver\SophosUpdate\CIDs\S000\SAVSCFXP\setup.exe ?

Q3) If so, will this include the new updating policy?

Thanks,

Chris

:42135


This thread was automatically locked due to age.
Parents
  • 0

    Thanks drose23 for your reply.

    Are the clients showing up as connected/online and being managed through this new enterprise console?

    No, they did not show up as connected/online as the mismatch credentials meant they couldn't comminucate in either direction

    Path of least resistance may be to do a discovery of the machines, and then "protect" from the enterprise console itself.

    Tried that 100 (!) times but discovering wasn't a problem but "connecting" them was.

    I spoke to Technical Support and the solution was as follows:

    On each endpoint:

    1) Edit the file C:\ProgramData\Sophos\AutoUpdate\Config\iconn.cfg (admin UAC required)

    2) Change AllowLocalConfig = 0 to AllowLocalConfig = 1. This will make Configure > Updating editable

    3) In SAV, go to  Configure > Updating editable and update the user account and password.  The user account will now also the EndPoint to comminicate via AutoUpdate.

    4) Do an "Update Now" and all software updates, ides, policy will be reapplied.

    Thanks.

    :42169
Reply
  • 0

    Thanks drose23 for your reply.

    Are the clients showing up as connected/online and being managed through this new enterprise console?

    No, they did not show up as connected/online as the mismatch credentials meant they couldn't comminucate in either direction

    Path of least resistance may be to do a discovery of the machines, and then "protect" from the enterprise console itself.

    Tried that 100 (!) times but discovering wasn't a problem but "connecting" them was.

    I spoke to Technical Support and the solution was as follows:

    On each endpoint:

    1) Edit the file C:\ProgramData\Sophos\AutoUpdate\Config\iconn.cfg (admin UAC required)

    2) Change AllowLocalConfig = 0 to AllowLocalConfig = 1. This will make Configure > Updating editable

    3) In SAV, go to  Configure > Updating editable and update the user account and password.  The user account will now also the EndPoint to comminicate via AutoUpdate.

    4) Do an "Update Now" and all software updates, ides, policy will be reapplied.

    Thanks.

    :42169
Children
No Data