Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 421 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos upgrade failed

mark21

Whilst trying to upgrade Sophos Enterprise Console 3 to 4.0 the sql server upgrade failed from MSDE 2000 to SQL server 2005. There seems to be a problem with the SID of the SQL server instance now so I cant seem to upgrade the instance. Rather than possibly trying to troubleshoot the sql server problems I was wondering if it would be better to do a fresh install? Unless there are any other recommendation/ advice that I might need to be aware of.

Thanks for any help.

:21129


This thread was automatically locked due to age.
Parents
  • 0

    HI,

    How many clients are you managing?

    I would suggest, if you're not overly concerned with the data you have and it's not that many clients:

    1. Backup the certauthstore registry key, i.e.
     HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Certification Manager\CertAuthStore

    2. Remove everything Sophos off the machine.  I would also remove the SQL instances used by Sophos.
    SQL Express 2008 will be installed by SEC 5.

    3. Reboot as required.

    4. Restore the reg file backed up in 1 (it should still be there as it is not removed on uninstall but best to be safe)

    5. Create a 'database' account as per: http://www.sophos.com/support/knowledgebase/article/113954.html ,  

    6. Install SEC 5.0, chose the 'database' account created when asked.

    7. When it asks for the updating account (The second account page request) you should use your current updating account, this way the clients will still update ok, worse case, you could always just create a new updating account, once you have management of the machines (I.e. they report in) you could send them this new account in the updating policy.  If you create a new updating account please see: http://www.sophos.com/support/knowledgebase/article/113954.html also.

    As the certificates of the old and now new server install are the same, all your managed clients will re-appear in SEC in the "unassigned" group. I assume that the IP and name will be the same so the clients will still find the server. You can then re-construct your group structure, polices and move the clients back in.  Maybe you could do an import from AD to speed this up,  If the structure is created before the machines report back in they should automatically go into their group.

    It really depends on how much time it would take to re-configure/re-organize following a fresh install vs. the time it would take to recover the current install.  You could look do something clever by backing up the current database restoring it into a new SQL 2008 instance and then manually upgrade it but all this work really comes down to time and effort required for the gain/saving.

    Jak

    :21131
Reply
  • 0

    HI,

    How many clients are you managing?

    I would suggest, if you're not overly concerned with the data you have and it's not that many clients:

    1. Backup the certauthstore registry key, i.e.
     HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\Certification Manager\CertAuthStore

    2. Remove everything Sophos off the machine.  I would also remove the SQL instances used by Sophos.
    SQL Express 2008 will be installed by SEC 5.

    3. Reboot as required.

    4. Restore the reg file backed up in 1 (it should still be there as it is not removed on uninstall but best to be safe)

    5. Create a 'database' account as per: http://www.sophos.com/support/knowledgebase/article/113954.html ,  

    6. Install SEC 5.0, chose the 'database' account created when asked.

    7. When it asks for the updating account (The second account page request) you should use your current updating account, this way the clients will still update ok, worse case, you could always just create a new updating account, once you have management of the machines (I.e. they report in) you could send them this new account in the updating policy.  If you create a new updating account please see: http://www.sophos.com/support/knowledgebase/article/113954.html also.

    As the certificates of the old and now new server install are the same, all your managed clients will re-appear in SEC in the "unassigned" group. I assume that the IP and name will be the same so the clients will still find the server. You can then re-construct your group structure, polices and move the clients back in.  Maybe you could do an import from AD to speed this up,  If the structure is created before the machines report back in they should automatically go into their group.

    It really depends on how much time it would take to re-configure/re-organize following a fresh install vs. the time it would take to recover the current install.  You could look do something clever by backing up the current database restoring it into a new SQL 2008 instance and then manually upgrade it but all this work really comes down to time and effort required for the gain/saving.

    Jak

    :21131
Children
No Data