i have a serious problem. I have a Citrix Environment Version 7.15 Server 2008R2 and Sophos Intercept X running on it. Made a golden image with this article:
I try the manual and also the script version. My cloned Servers shows up with the right name in Sophos Central, but all shows that the Server couldn't protected in Central.
When i click on the Sophos Client on the guest OS all is green, up and running.
What i also found is, that on all cloned Servers the registration.txt file is missing in
C:\ProgramData\Sophos\Management Communications System\Endpoint\Config
When i run the script manual, i see the file is created. After reboot the Server shortly shows the file and after a while the file is deleted automatically.
Yes all the servers are temporary, they restart ervery night and get the settings back from the disk from the golden image.
but wait.. as i can see now, all the servers were green... OK... maybe…
Hi Rene Pauly
Have you edited the file registration.txt while preparing a gold image as mentioned in Step 10? If you double click on the endpoint --> About --> Open Endpoint Self help tool--> System Do you see anything under Endpoint ID and Computer Name?
thanks for your reply. Yes, i have to create the registration.txt file and put in the info (mcsclient and tokenid).
also i see in the info on the server and endpoint ID and computername.
i also see the info, that the windows update service is deactivated .. maybe this is the problem? if.. i think its pretty normal on Terminalservers to deactivate the windows update service.
Do you have any script running that would touch that file? Perhaps something from your scrubbing the Gold image?
Snr. New Product Introduction Engineer | CISSP | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
The only script which is running - is the goldenimageprep script from the article on the top.. as I say.. all clients seems to be ok.. also i can update them from the sophos central portal.. but all clients shows there as they couldn't be protected...
That script does delete that file. To clarify - are you running these servers as temporary instances or are they persistent? If they are persistent, then they shouldn't need that script run on each shutdown.
but wait.. as i can see now, all the servers were green... OK... maybe it was only a time i have to wait?.. looks good, i will check today and if the green status exists, i wil close the thread.
thanks a log!
When a computer goes through the registration or re-registration phase, Central expects to get an update successful message from AutoUpdate within 1 hour. If not it will show a failed to protect message.
To guarantee the first update (5 mins after the Sophos AutoUpdate service starts) sends in a success message - assuming the check is successful, in the gold image I would suggest deleting the QWORD registry value named EventStateLastTime under:
If you do this prior to sealing the machine up. The should prevent a failed to protect message.
Hey, thanks for that Info. Must i delete this key every time i update the golden image? Maybe its a good idea to add this to the sophos goldenimageprepare script!?