This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Golden Image problems with Citrix

Hi,

I am having some problems with this procedure https://support.sophos.com/support/s/article/KB-000035040?language=en_US

I have a Citrix MCS Catalog, my VMs are created from a VM image base.

First, I install Sophos Antivirus and execute the procedure below. Well, when I update my machines catalog I must reboot my VMs. I am having this problems:

1º The registration Token is the same always in my VMs, then my master image is overwrited in Sophos Central and only can manage one VM

2º Sometimes, I can see all my Citrix VMs but the VM master is always overwrited ¿some idea?

Must i change registration token for a random registration token? Before Sophos had other procedure which has been modified for this and i have not found a correct solution for this.

I want to open a case with Sophos but before i want asking to comunnity.



This thread was automatically locked due to age.
  • Hello  Alejandro,

    Thank you for reaching us, Based on your description it sounds like you you've only done the gold image process one time only and not every time when you have updated the image. IF the MCS communication is currently running at the time you update the master image, the device will communicate to Sophos central and register. If you're updating the gold image, you need to ensure that the MSC services are stopped or you can re-run the gold image script and go through the process manually. Another option is to use a shutdown script in order for the process to go automatically when you shut down the device. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi GlennSen,

    I have configured the script as it is in Sophos Manual for golden image, when my server shutdown the script run.

    I think that the problem is with RegistrationToken section, the Sophos Script write the same token in all machines.

    I must open a Support Case for this.

  • Before powering off the device once you’re finished updating it, could you check if the Tamper Protection passcode recorded in the script works? 
    You can test this either by interacting with the Sophos UI, or by running the following command. 
    - C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe -OverrideTPoff <passcode>

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids