Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1630 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

So how does "Protect Computers" actually work?

Squmph

Hi All,

First post - I have been deploying Sophos in enterprise environments since SAV v4 but have never actually had to ask a question - a testament to the product and the information already available from the community and knowledgebase!

I need to understand how the client push function in EC actually works. As we all know it creates a scheduled task (and from this point it's blindingly obvious how it works), but what I need to know how exactly it goes about creating this task.

I can see at least two options:

a) It uses the windows "schtasks" utility with appropriate parameters.

b) It accesses the remote filesystem directly through SMB.

I'm pretty sure its option B, in which case I need to ascertain the exact UNC used - is it using \\YourPC\admin$\Tasks or \\YourPC\C$\Windows\Tasks (or something else?)

Any further info on this would be greatly appreciated.

While this is a request for info, the problem (if anyone is interested) is that I can't push the client to machines with the system installed to a drive other than C:, leading me to believe that the system is hard-coded to push to c$.

Thanks!

Rob

:25903


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    If you're using SEC 5.0, does it help to create the following key on the management server:

    Under: 

    HKEY_LOCAL_MACHINE\SOFTWARE[wow6432node]\Sophos\EE\

    Create a new DWORD called:

    EnableTaskScheduler2

    and set it to 1.  I can't remember if you have to restart the management service or if it's checked at each deploy.  I guess it does no harm to restart the service anyway to be sure.

    This is essentially the change in SEC 5.1, however SEC 5.1 also creates the task with the HighestAvailable property set in the task but as you've disabled UAC that may not matter.  To prove it's working you can export the task created on the client to see the differences.

    Hope it helps.

    Regards,

    Jak

    :25953
Reply
  • 0

    Hi,

    If you're using SEC 5.0, does it help to create the following key on the management server:

    Under: 

    HKEY_LOCAL_MACHINE\SOFTWARE[wow6432node]\Sophos\EE\

    Create a new DWORD called:

    EnableTaskScheduler2

    and set it to 1.  I can't remember if you have to restart the management service or if it's checked at each deploy.  I guess it does no harm to restart the service anyway to be sure.

    This is essentially the change in SEC 5.1, however SEC 5.1 also creates the task with the HighestAvailable property set in the task but as you've disabled UAC that may not matter.  To prove it's working you can export the task created on the client to see the differences.

    Hope it helps.

    Regards,

    Jak

    :25953
Children
No Data