This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Terminal Servers with User Profile Disks crash

Hi all,

since a few months we are facing heavy problems with our terminal server (rdsh) in combination with Sophos Intercept X Advanced and user profile disks.
The User Profile Disk (UPDs) are stored on a normal file server and are accessed through a share.

For about 2 years everything was running smoothly and stable. However, since a few months we are facing the problem that out of the blue the users lose the connection to their UPDs and therefore are disconnected from the server. Actually the entire server kind of freezes and we need to reboot it.
After disabling most of the features of Sophos Intercept X the systems went back to normal.
However, a few days ago we re-enabled all the security features and today we had another server crash.

We are not sure which feature is causing the trouble. According to some research on the internet it could be the Sophos hitman.alert.pro feature.

Any help to narrow down the problem would be greatly appreciated.
Btw. all the servers are running Win Server 2019 with all the latest Windows updates and patches.

Thanks in advance!

Kind regards,
Aktuator



This thread was automatically locked due to age.
Parents
  • Hi There!

    If you think it has something to do with interceptx, then please try to run interceptx hotfix on the machine>restart then observe if problem would still persist:

    https://support.sophos.com/support/s/article/KB-000038477?language=en_US

    If that won't work, then try assigning the machine to sophos Early Access Program.

    It's a subcription to future sophos update but hasn't been rolled-out yet to the recommended/default update. If the issue is unusual, we recommend to try assigning the machine first on the list>save>then do sophos update afterwards. Check if problem would still persist.

    Fernan Tutor

    If this post solves your question, please use the "Verify Answer" button.

  • Hi Fernan,
    Thank you for your quick reply!

    I will apply the hotfix and then observe if system will get back to stable again.
    However, I think I will also disable some intercept x features because there is always a high impact on the users every time the crash happens…. Every unsaved data is lost and users have to reboot, etc.  That’s a lot of wasted time and we are talking about 30 to 50 users every time the error happens….

    The first time the problem occurred was in beginning of October. So I just had a look at the Intercept X version history to find out if there was a major update during that time. However, I can only find a history of the build numbers but no information about the date when they were released.
    Is there a way to find that out?

    Thanks again in advance!
    Kind regards,
    Aktuator

Reply
  • Hi Fernan,
    Thank you for your quick reply!

    I will apply the hotfix and then observe if system will get back to stable again.
    However, I think I will also disable some intercept x features because there is always a high impact on the users every time the crash happens…. Every unsaved data is lost and users have to reboot, etc.  That’s a lot of wasted time and we are talking about 30 to 50 users every time the error happens….

    The first time the problem occurred was in beginning of October. So I just had a look at the Intercept X version history to find out if there was a major update during that time. However, I can only find a history of the build numbers but no information about the date when they were released.
    Is there a way to find that out?

    Thanks again in advance!
    Kind regards,
    Aktuator

Children