After the recent Shh/Updater-B false positive problem we have manually unistalled Sophos from the affected clients. We were running an older verison of Enterprise console and could not upgrade because of a persistent error when it attempted to use the current database (we also deleted the database to no avail). So now we have a clean install of EC 5.1. Clients that were not affect by Shh/Updater-B have reported in fine and are updating after running SophosReInit.vbs to point them at the new Enterprise Console.
We are having two problems –
1. The console cannot seem to push Sophos down to clean clients i.e. clients that have had no Sophos on them before. You just get an amber egg timer on the client name in the Enterprise Console and nothing happens. No events are logged on either client or server. Have followed http://www.sophos.com/en-us/support/knowledgebase/111180.aspx
2. Using a standalone installer have manually installed Sophos on clients that previously suffered the Shh/Updater-B problem. Have used the SophosReInit.vbs script to direct these clients to the console. They remain greyed out in the console and doing a manual update from the client results in ‘‘‘‘Could not contact server’’’’. The server is recording authentication failures for these clients:
Log Name: Security
Task Category: Logon
Level: Information
Keywords: Audit Failure
Computer: SAVserver.domain.org
An account failed to log on.
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: SophosSAUComputer100
Account Domain: Computer100
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xc000006d
Sub Status: 0xc0000064
Any help with any of this would be greatly appreciated.
This thread was automatically locked due to age.
