Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 14845 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remotely re-installing Sophos endpoint

RogueViper

Hi 

I wonder if anyone can help me. Over the past 6 months I have been struggling to resolve endpoints that are unmanaged but have Sophos installed and are updating. Unfortuntly my job isn't to fix problems but to flag them up for another team to resolve. I have now gotten to the point of just fixing it myself.

At the start there must of been in excess of 100+ unmanaged hosts; which were missing the RMS component of Sophos due to most likely an incorrect image being used for new desktops/laptops. I have managed to resolve apporox 50 hosts by using the protect feature in SEC which reinstalled Sophos and the hosts appeared in SEC. 

The remaining hosts are laptops, which are running XP but the remote protect feature doesn't appear to work. I can see the scheduled task being created and the configuration of the hosts is no different to that of the previous 50 hosts I have resolved. 

Can anyone point me in a direction on how to resolve this issue? Is there any way of just resinstalling RMS component remotely?

:21665


This thread was automatically locked due to age.
Parents
  • 0

    Thank you wickedkittenz

    Brilliant guide. Manually updating the iconn.cfg file with the correct updating parameters has worked for 15 of the affected laptops and they have successfully appeared in SEC. 

    The others have the correct iconn.cfg file, mrinit.conf and cac.pem files. However, they still do not appear. I am concerned as the affected laptops were previously managed by another SEC in a regional office but it was decided to start managing remote laptop users directly for the Sophos server at HQ. This transition hasn't exactly gone to plan. 

    To confirm the Sophos ports 8192, 8193, and 8194 are all open on the windows firewall which is enforced with a GPO. I can connect to all remote C$ shares. File and printer sharing is enabled. Endpoint 9.5.5 and the SEC is version 4.5.

    Is there a particular process that needs to be followed for migrating endpoints over to a different SEC (same version etc)?

    :21859
Reply
  • 0

    Thank you wickedkittenz

    Brilliant guide. Manually updating the iconn.cfg file with the correct updating parameters has worked for 15 of the affected laptops and they have successfully appeared in SEC. 

    The others have the correct iconn.cfg file, mrinit.conf and cac.pem files. However, they still do not appear. I am concerned as the affected laptops were previously managed by another SEC in a regional office but it was decided to start managing remote laptop users directly for the Sophos server at HQ. This transition hasn't exactly gone to plan. 

    To confirm the Sophos ports 8192, 8193, and 8194 are all open on the windows firewall which is enforced with a GPO. I can connect to all remote C$ shares. File and printer sharing is enabled. Endpoint 9.5.5 and the SEC is version 4.5.

    Is there a particular process that needs to be followed for migrating endpoints over to a different SEC (same version etc)?

    :21859
Children
No Data