Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 36 replies
  • Subscribers 1 subscriber
  • Views 105116 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mac OS - pre-configuring Autoupdate

QC

We have quite a number of Macs (not surprising at a university) but no official Mac support. Nevertheless we offer Sophos for Macs (in a downloadable .zip archive).  

When Sophos is installed on a Mac on our network it connects to the management server from where it gets the update policy (the CIDs contain the correct mrinit.conf for RMS to work). Of course this does not work if the Mac is used at home. For windows PCs putting sauconf.xml placed in the appropriate directory does the trick. There are some articles in the knowledgebase but usually a Mac is required with which you can configure the CID (if I understand correctly). I believe no magic is actually involved and the configuration is stored somewhere in a .plist file (XML format). I suspect that the catalogues are involved and configcid.exe does not support a CID for OSX.

Or is there a "simple" way to pre-configure autoupdate (even if it's unsupported)? sau.plist looks suspicous  :smileywink:

Christian

:518


This thread was automatically locked due to age.
Parents
  • 0

    I had previously built an Apple Installer package which contains a pre-configured copy of the Sophos Installer.app and a script which runs the InstallationDeployer tool. This was for version 9.0.x. This installer package can be either manually run, or deployed via ARD or Munki or insert-your-favourite-tool-here.

    By the way, the Sophos KB article on pre-configuring Sophos Installer.app appears to be out of date as it still describes the behavior of SAV 9.0.x and 9.2.2 at least acts slightly different. The main difference being that the updateconfig.plist is no longer contained within the Sophos Installer.app itself but is now placed in a folder outside this application.

    I have now updated my installer package to include SAV 9.2.2 instead so as to be Yosemite compatible and it seems to work as desired in that it runs silently and does install it and the resulting install does have the pre-configured credentials to auto-update directly from Sophos. I have to directly update from Sophos because they killed of Sophos Update Manager and we have no Windows server to run Sophos Enterprise Console on and Sophos stubbornly refuse to port Enterprise Console to Linux/Unix or OS X.

    So far the only issue I am finding is a minor one but annoying to me nethertheless.

    After automatically installing SAV 9.2.2 as part of my DeployStudio / Munki build process I am finding that when I first login to a freshly minted Yosemite Mac I get a dialog box appearing from Keychain Migrator asking for the password for the Sophos keychain. I of course have no idea what that password would be as it is used and created by Sophos. I therefore have to click cancel and then the login proceeds and completes normally. Sophos seems to run ok after this and the message does not seem to reoccur on subsequent logins.

    Anyone else seeing this?

    :54259
Reply
  • 0

    I had previously built an Apple Installer package which contains a pre-configured copy of the Sophos Installer.app and a script which runs the InstallationDeployer tool. This was for version 9.0.x. This installer package can be either manually run, or deployed via ARD or Munki or insert-your-favourite-tool-here.

    By the way, the Sophos KB article on pre-configuring Sophos Installer.app appears to be out of date as it still describes the behavior of SAV 9.0.x and 9.2.2 at least acts slightly different. The main difference being that the updateconfig.plist is no longer contained within the Sophos Installer.app itself but is now placed in a folder outside this application.

    I have now updated my installer package to include SAV 9.2.2 instead so as to be Yosemite compatible and it seems to work as desired in that it runs silently and does install it and the resulting install does have the pre-configured credentials to auto-update directly from Sophos. I have to directly update from Sophos because they killed of Sophos Update Manager and we have no Windows server to run Sophos Enterprise Console on and Sophos stubbornly refuse to port Enterprise Console to Linux/Unix or OS X.

    So far the only issue I am finding is a minor one but annoying to me nethertheless.

    After automatically installing SAV 9.2.2 as part of my DeployStudio / Munki build process I am finding that when I first login to a freshly minted Yosemite Mac I get a dialog box appearing from Keychain Migrator asking for the password for the Sophos keychain. I of course have no idea what that password would be as it is used and created by Sophos. I therefore have to click cancel and then the login proceeds and completes normally. Sophos seems to run ok after this and the message does not seem to reoccur on subsequent logins.

    Anyone else seeing this?

    :54259
Children
No Data