Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 7647 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Security and Control with NAC

Gorek

Hello everyone,

i have an issue with some endpoints where NAC is installed. We run an weekly scan and check conformity of "Last Scan Grace Period". For some reason, there are a lot of endpoints which run this scan and have the value "{null}" but "0" is expected. So the endpoints with the wrong value are shown as "non-compliant". But they have to be compliant because they run the scan.

Are there any workarounds i can perform?

Thanks

Robby

:17943


This thread was automatically locked due to age.
Parents
  • 0

    Hello Gorek,

    based on How to: Run the Sophos Diagnostic Utility (SDU) on a remote computer I've created a writable share (SDU) on the server for the SDU files and a subdirectory SDUOutput (NTFS permits write). Scheduling the task is wrapped in a small .bat file:

    @echo off
Rem run SDU remotely
IF "%1" EQU "" GOTO notarget
IF NOT EXIST \\server\SDU\SDUOutput\%1 mkdir \\server\SDU\SDUOutput\%1
schtasks /create /s %1 /ru adminUser /rp * /sc once /st 23:59:59 /tn "Sophos Diagnose" /tr "\\server\SDU\sducli.exe -logdir=\\server\SDU\SDUOutput\%1\"
schtasks /run /s %1 /tn "Sophos Diagnose"
Exit /b 0
:notarget
Echo No Client specified
Exit /b 1

    Each client creates its own subdirectory as the -logdir for SDU is also the working directory.

    Christian

    :18225
Reply
  • 0

    Hello Gorek,

    based on How to: Run the Sophos Diagnostic Utility (SDU) on a remote computer I've created a writable share (SDU) on the server for the SDU files and a subdirectory SDUOutput (NTFS permits write). Scheduling the task is wrapped in a small .bat file:

    @echo off
Rem run SDU remotely
IF "%1" EQU "" GOTO notarget
IF NOT EXIST \\server\SDU\SDUOutput\%1 mkdir \\server\SDU\SDUOutput\%1
schtasks /create /s %1 /ru adminUser /rp * /sc once /st 23:59:59 /tn "Sophos Diagnose" /tr "\\server\SDU\sducli.exe -logdir=\\server\SDU\SDUOutput\%1\"
schtasks /run /s %1 /tn "Sophos Diagnose"
Exit /b 0
:notarget
Echo No Client specified
Exit /b 1

    Each client creates its own subdirectory as the -logdir for SDU is also the working directory.

    Christian

    :18225
Children
No Data