Thread Info
  • State Not Answered
  • Replies 8 replies
  • Subscribers 6 subscribers
  • Views 12479 views
  • Users 0 members are here
Options
Suggested

BigSur with Sophos Endpoint - OneDrive for Business files don't download

Michael Holmes

Hi, When trying to download a file in OneDrive whether using Files on-demand in the OneDrive client or not they don't.
The issue occurs whether it is the onedrive of the user or a SharePoint library.

With files on-demand enabled, all the placeholder files and folders come down fine but if you double click to open the OneDrive download box comes up but progress bar and downloaded size doesn't go up. After about a minute it times out with error code 16.

With files on-demand turned off no files download and OneDrive sits ttrying to sync processing changes but don't download.

No detections or events are shown in the client or Sophos Central.

I have gone through Admin Login in the Sophos client and disabled all options but it is still the same.

If i uninstall Sophos Endpoint then OneDrive works as normal.

Any help to get to the bottom of this would be massively appreciated.

Thanks
Mike

Parents
  • 0

    So, i have narrowed this down to the Threat Protection Device policy and the 3 options under Real-time Scanning - Internet. If any of the the 3 options are enabled then OneDrive stops downloading.
    The 3 options are "Scan downloads in progress", "Block access to malicious websites" and Detect low-reputaion files".

    Presumably this is down to the service(s) that these options enable on the client end and seemingly aren't disabled when doing the admin login and disabling all options (as i did to test initially).

    With one of these options enabled it shows in the Services section of the Self help tool 3 services "Sophos SXL", "Sophos Web Intelligence" and "SophosWebNetworkExtension". These aren't present with all the Real-time Scanning options off.
    They are also all showing green so presumably should be working.

    It is worth noting that everything else seems fine, i can access the web in Chrome and Safari and even my onedrive via the web accessing the same files i'm testing synced in the client.

    My test machine is a fresh install of Big Sur, not an upgrade.

  • FormerMember
    0 FormerMember in reply to Michael Holmes

    have you rebooted the machine since upgrade and allowed the web control proxy permissions?

  • 0 in reply to FormerMember

    Hi Richard, yes i have. I have also removed and reinstalled Sophos client just to be sure nothing was missed. As i was testing the policy changes to see which fixed it i rebooted at each change as well. This issue was seen on at least 4 machines so doesn't seem to be a specific machine related problem.

  • 0 in reply to Michael Holmes

    Please be on the lookout for v10.0.3. The update is rolling out this week and we'd be keen to know if any of the fixes made improve this for you.

  • 0 in reply to David Lancaster

    Hi David, looks like things are worse with v10.0.3 as i now can't get OneDrive to download files even with the changes i made to get it working previously (3 options in Threat Protection Policy in my update above).
    When the download fails i get "Error code -16".

    With Sophos client uninstalled OneDrive works fine.

    I have uninstalled, rebooted, installed, rebooted, updated, rebooted and made sure all the permissions are given for full disk access.
    I'll do some testing with policy changes and feed back.

  • 0 in reply to Michael Holmes

    I have now found the options i need to disable in the Threat Protection Device Policy.
    I have to leave the original 3 options under Real-time Scanning - Internet ("Scan downloads in progress", "Block access to malicious websites" and Detect low-reputaion files") disabled but now also "Protect network traffic" under Runtime Protection. After this and a reboot, OneDrive works fine.
    If any of these options are enabled and a reboot done OneDrive sits trying to download files but eventually fails, usually ith error code 16.

Reply
  • 0 in reply to Michael Holmes

    I have now found the options i need to disable in the Threat Protection Device Policy.
    I have to leave the original 3 options under Real-time Scanning - Internet ("Scan downloads in progress", "Block access to malicious websites" and Detect low-reputaion files") disabled but now also "Protect network traffic" under Runtime Protection. After this and a reboot, OneDrive works fine.
    If any of these options are enabled and a reboot done OneDrive sits trying to download files but eventually fails, usually ith error code 16.

Children
No Data
Unfiltered HTML