The command line utility ConfigCID.exe enables you to implement configuration changes contained in endpoint software XML configuration files, by modifying the catalog files in your update location (Central Installation Directory, or CID). Your computers will then update themselves with their new configuration from the XML configuration files.
Sophos AutoUpdate (the updating component of endpoint software) uses catalog files called cidsync.upd to determine which files it should download from an update location (CID). When you add XML configuration files (e.g. those created with ExportConfig.exe) to your update locations, you must update the catalog files to ensure that your XML files are used. The Using ExportConfig.exe to create XML configuration files describes how to create and where to place configuration XML files.
Applies to the following Sophos products and versions
Not product specific
C:\Program Files\Sophos\Enterprise Console\SUM\
C:\Program Files\Sophos\Update Manager\
Note: On 64-bit computers Program Files is Program Files(x86).
Note: To run ConfigCID.exe, you must have write access to the update location and as a local administrator on the management server.
configcid \\[servername]\SophosUpdate\CIDs\S000\SAVSCFXP\ configcid \\[servername]\SophosUpdate\CIDs\S000\OPMHMPA\
Using version 220.127.116.11 or later of ConfigCID.exe:
Note: If the CertAuthStore should change on the server with the Sophos Management Service for whatever reason (A clean re-install of Sophos Enterprise Console or a problematic migration), it must also be updated on the computer running ConfigCID.exe.
Before modifying the update location and the catalog files that it contains, ConfigCID.exe performs some checks to ensure this can be done safely. Then ConfigCID.exe adds, removes, or changes the entries in the catalogue files for the xml files. Networked computers will then download the new configuration on their next scheduled update.
If you receive an error stating Failed to open catalog..., refer to Failed to open catalog when running ConfigCID.exe.
Failed to open catalog
Released with Sophos Update Manager version 1.4.2, ConfigCID.exe has been updated (version 18.104.22.168) with a security enhancement ensuring files. The tool must now be run on the server that has the CertAuthStore key, this will be the server with the Sophos Management Service. This key can be imported to another server if required.
In order to update successfully, you must use version 22.214.171.124 (and later) of ConfigCID.exe. From Sophos Auto Update version 2.9.0 (Shipped with 10.2.4 Endpoint package), files that are changed/added to a CID will require a signing. If a signature is missing the update will fail for that package, refer to Endpoints fail to update after adding XML configuration or custom files to the update location (CID) Authentication failed error 00000067.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.