SophosUpdateMgr account in AD gone

Hi,

Off the top of my head...

SEC

Security Groups

Sophos Console Administrators - Users who have access to the management service over DCOM.

Sophos Console Service Users - New in SEC 5, finer grained access to the management service by the looks of it.

Sophos DB Admins - This group is mapped to the SQL login, which in effect, through indirection of SQL users and roles gives users access to the stored procedures of the SOPHOS database.

Sophos Full Administrators - As of SEC 4 for RBA.

Sophos DB Users - no longer used, was used for reporting purposes.

User accounts

SophosUpdateMgr - This is the default account used by the clients to update from the SophosUpdate share.  Custom install allows you to specify this so this may or may not exist,

You may also have a service account the Management Service uses to connect to the database, You would have this in a distributed install where the DB is on a different machine.  This account would then need to be a member of the"Sophos DB Admins" group.

Endpoint

Security Groups

SophosAdministrator - All members of local administrators group are added to this at install.

SophosPowerUser - All members of local power users group are added to this at install.

SophosUser - All members of local users group are added to this at install.

All the above relate to the ability a user has to launch the SAV GUI and perform operations as specified in the Qurantine user rights.

SophosOnAccess - used by the driver, no need to worry about this one.

User accounts

SophosSAU[machinenameorpartof][num] - used by SAU.

I think that's it.  Obviously if installing on a domain they would be domain local groups and domain users otherwise local groups and local users where automatically created.

Regards,

Jak

Hi,

Off the top of my head...

SEC

Security Groups

Sophos Console Administrators - Users who have access to the management service over DCOM.

Sophos Console Service Users - New in SEC 5, finer grained access to the management service by the looks of it.

Sophos DB Admins - This group is mapped to the SQL login, which in effect, through indirection of SQL users and roles gives users access to the stored procedures of the SOPHOS database.

Sophos Full Administrators - As of SEC 4 for RBA.

Sophos DB Users - no longer used, was used for reporting purposes.

User accounts

SophosUpdateMgr - This is the default account used by the clients to update from the SophosUpdate share.  Custom install allows you to specify this so this may or may not exist,

You may also have a service account the Management Service uses to connect to the database, You would have this in a distributed install where the DB is on a different machine.  This account would then need to be a member of the"Sophos DB Admins" group.

Endpoint

Security Groups

SophosAdministrator - All members of local administrators group are added to this at install.

SophosPowerUser - All members of local power users group are added to this at install.

SophosUser - All members of local users group are added to this at install.

All the above relate to the ability a user has to launch the SAV GUI and perform operations as specified in the Qurantine user rights.

SophosOnAccess - used by the driver, no need to worry about this one.

User accounts

SophosSAU[machinenameorpartof][num] - used by SAU.

I think that's it.  Obviously if installing on a domain they would be domain local groups and domain users otherwise local groups and local users where automatically created.

Regards,

Jak