Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 12121 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

access denied sophos console 5.2

Ghiazza

i have update sohos enterprise 5.2 and all appears ok but when i go to open console i have and error :

Claim validation failed.
----- [outer exception] -----
-- error: 0x829E0031
-- facility: Sophos Management Service Exception
-- source: struct ISM_ManagementServiceApp

at class ATL::CComPtr<struct IDispatch> __thiscall bl::CReusingManagementServiceClientBroker::logIn(const struct util::UserName &,class Loki::SmartPtr<class bl::SubEstate,class Loki::RefCountedMTAdj<class Loki::ClassLevelLockable>::RefCountedMT,struct Loki::DisallowConversion,struct util::NoDereferenceNull,class Loki::DefaultSPStorage>,const wchar_t *,class bl::UIControllerBase &)
at int __cdecl Run(int,class bl::CommandLine,enum bl::ConsoleType::Type)
at int __stdcall wWinMain(struct HINSTANCE__ *,struct HINSTANCE__ *,wchar_t *,int)

this is the error on client and on server the message sayd that adminstrator aren't any role to get on console...

any idea?

:37487


This thread was automatically locked due to age.
  • 0

    HI,

    Is SEC installed on a domain member server?

    If so the SEC server should have a local group called "Sophos Console Administrators" and "Sophos Full Administrators".

    All users of SEC are required to be a member of "Sophos Console Administrators".  If you are also a member of "Sophos Full Administrators" you can set up Role Based Administration (RBA) to give users access to other admins.

    So is you Windows account a member of both of these groups and you have logged off and on since you added your account to these groups/installed?

    Regards,

    Jak

    :37509
  • 0

    Ghiazza, were you able to solve the problem? I have the same error stack.

    Without smilies ...

    Claim validation failed.
----- [outer exception] -----
   -- error: 0x829E0031
   -- facility: Sophos Management Service Exception
   -- source:   struct ISM_ManagementServiceApp

   at class ATL::CComPtr<struct IDispatch> __thiscall bl::CReusingManagementServiceClientBroker::logIn(const struct util::UserName &,class Loki::SmartPtr<class bl::SubEstate,class Loki::RefCountedMTAdj<class Loki::ClassLevelLockable>::RefCountedMT,struct Loki::DisallowConversion,struct util::NoDereferenceNull,class Loki::DefaultSPStorage>,const wchar_t *,class bl::UIControllerBase &)
   at int __cdecl Run(int,class bl::CommandLine,enum bl::ConsoleType::Type)
   at int __stdcall wWinMain(struct HINSTANCE__ *,struct HINSTANCE__ *,wchar_t *,int)

     The solution that Jak offered did not work for us: we already had the user in the required groups.

    Perhaps it is an issue of our installation, where a Samba PDC reigns?

    :47928
  • 0

    A ticket with Sophos Support showed that this is indeed an issue of running SEC 5.2 in a Samba 3 PDC environment.

    Due to the requirements of the WCF, there appears to be no solution to this other than going to Samba 4 (which is no short term option for us).

    A workaround is starting the SEC as a local user that is member of the appropriate groups, like the local Admin account.

    You can create a desktop shortcut for this, e.g.

    C:\WINDOWS\system32\runas.exe /user:Administrator "C:\Programme\Sophos\Enterprise Console\EnterpriseConsole.exe"

    :48402
  • 0

    try this configuration (it' s ok for me, SEC 5.2.2 and Samba vers 3.4.7) :

        -your domain user should not be present in the local users of your machine (otherwise remove)

       - typing for to execute entreprise Console : runas /user:administrateur EntrepriseConsole.exe

       - go in "gestion des roles et des sous-parc" and in the tab "administration des sous-parc", double-click on the sous-parc "par defaut"  and add your domain user... 

    regards

    FZ

    :54529