Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2852 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OOPS! Forgot Accounts for Sophos EC and database

Billerica_IT

Hi all,

I am trying to upgrade to the EC 5.2.1 R2.  I am at the screen where it asks for the username for the database.  Like a dummny, I never wrote it down.  I have upgraded this installation in the past and never remember any of this.

I am reading this KB article:

http://www.sophos.com/en-us/support/knowledgebase/113954.aspx

And realize there must be two accounts overall.  I'm sure I could figure out the PW I would have set, but I have no idea what accounts are in use.  Is there a way for me to find out what accounts are running what in my current installation?  It is Server 2008 R2.

I ask because I am logged in via RDP as myself and that is the account which, by default came up in the field during installation.  And when I change it to what I think is the right account, I get a message saying "Changing the account used by the Sophos Enterprise Console requires you to reconfigure any remote consoles to use the same account.  Are you sure you wish to continue?"

Obviously, now I am NOT so sure...  Help?!  Thanks!

Oh, and this IS a domain environment.

:45971


This thread was automatically locked due to age.
  • 0

    The install shown here...

    ...actually used just one account (basically to keep things simple).  The singular account used during the install was called 'sophosservice'.

    Using that as a base, post-install the account is referenced in the:

    1. Windows services list (for some Sophos services).
    2. The registry for the DatabaseUser key.
    3. In the default AutoUpdate policy (as long as you don't go in and change it).

    Hence you can tell the DB account in use from the first two in the list above and the SUM updating account if you haven't altered the default SAU policy.

    Screenshot for 1:

    16-12-2013 17-44-42.png

    Screenshot for 2:

     

    16-12-2013 17-47-43.png

    Screenshot for 3:

     

    16-12-2013 17-49-31.png

    :45981
  • 0

    Awesome, that was exactly what I needed!  Thanks a million.

    But I do now notice a problem...  I obviously did create a domain user called "sophos" for your screenshot 3.  However, for the DB, I have apparently used my very own domain credentials.  This, of course, will become a problem in time.

    How can I go about changing this?  What's involved?  For now I will leave it so as not to break anything, but at some point I will need to tackle this.

    Thanks!

    :45983
  • 0

    Once you get to SEC 5.2.1 R2 just re-run setup.exe (C:\sec_[version]\ServerInstaller) and you can change the "database" username in the installer as it's run in a modify workflow.

    Just ensure that the new account is a member of the "Sophos DB Admins" group.

    If you have any other remote consoles you will need to re-run setup.exe on those as well to modify the installs.

    Regards,

    Jak

    :45987
  • 0

    What does "Remote Consoles" mean?  Does that mean the clients??  I assume (and hope) not.  I only have one Sophos server running the EC.  Would I be good, then, only changing the username/password as you mention?

    :45989
  • 0

    Hi,

    The Sophos management server installation comprises of 3 main components:

    1. Management Console  (Called Enterprise Console)
    2. Management Server
    3. Database

    See attached screenshot.

    These components can all be on seperate computers if needed, i.e. a distributed installation or by default are all installed on the same computer.

    Although you can have only one Management Server and one Database (per management server install), you can have multiple Management Consoles to enable multiple admins to run Enterprise Console.  If you only have one install then you don't need to worry.

    Hope this helps.

    Regards,

    Jak

    :45991