Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Subscribers 15 subscribers
  • Views 2200 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Server couldn't protected in Sophos Central with Citrix MCS Maschines

Rene Pauly

Hi guys,

i have a serious problem. I have a Citrix Environment Version 7.15 Server 2008R2 and Sophos Intercept X running on it. Made a golden image with this article:

https://support.sophos.com/support/s/article/KB-000035040

I try the manual and also the script version. My cloned Servers shows up with the right name in Sophos Central, but all shows that the Server couldn't protected in Central.

When i click on the Sophos Client on the guest OS all is green, up and running. 

What i also found is, that on all cloned Servers the registration.txt file is missing in 

C:\ProgramData\Sophos\Management Communications System\Endpoint\Config

When i run the script manual, i see the file is created. After reboot the Server shortly shows the file and after a while the file is deleted automatically.

any idea?

hopefully

rené



This thread was automatically locked due to age.
Parents
  • 0

    When a computer goes through the registration or re-registration phase, Central expects to get an update successful message from AutoUpdate within 1 hour.  If not it will show a failed to protect message.

    To guarantee the first update (5 mins after the Sophos AutoUpdate service starts) sends in a success message - assuming the check is successful, in the gold image I would suggest deleting the QWORD registry value named EventStateLastTime under:

    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\AutoUpdate\UpdateStatus\Details\

    If you do this prior to sealing the machine up.  The should prevent a failed to protect message.

Reply
  • 0

    When a computer goes through the registration or re-registration phase, Central expects to get an update successful message from AutoUpdate within 1 hour.  If not it will show a failed to protect message.

    To guarantee the first update (5 mins after the Sophos AutoUpdate service starts) sends in a success message - assuming the check is successful, in the gold image I would suggest deleting the QWORD registry value named EventStateLastTime under:

    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\AutoUpdate\UpdateStatus\Details\

    If you do this prior to sealing the machine up.  The should prevent a failed to protect message.

Children
Unfiltered HTML