This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Impossible to install entreprise console 5.5.1

My DC controler is 2016 server

-> First time I install SEC5.5.1 on the DC . I can see the computers but i cannot manage them

->I remove it and I put it on a 2008R2 sp1 but same problem. 

-> I remove SEC 5.5.1 as it is explain here : https://community.sophos.com/kb/en-us/116912

->I try to reinstall but impossible to connect the database

->I try to uninstall but impossible to remove Sophos Mangement Database

I try a lot of thing but impossible to acced databse : not enought rights !

-> I format my 2008r2 , I re-install 2008R2 I create a new database , I try to install SEC 5.5.1 but same probleme

 

Please somebody could help me 



This thread was automatically locked due to age.
Parents
  • Hello Mic Ita,

    unfortunately your condensed depiction with broad terms (cannot manage, same problem, impossible, try a lot of things) doesn't contain enough information to help you. Is this a first-time install (i.e. you haven't used SESC before)?

    There are some, err, strange statements and it's not really clear what you did. Starting at the bottom:

    I create a new database
    unless your database is remote (is it?) all three components are installed during one run of the wizard, i.e. you don't try to install after you've created the database

    impossible to connect the database
    this also suggests a database on some instance other than the default local SOPHOS instance; it's supposed to work with the automatically installed instance and database

    impossible to remove Sophos Mangement Database
    not sure whether you are referring to the Sophos Database component (that you remove via Programs and Features) or the SOPHOS551 database and/or SOPHOS instance proper; and a description more specific than impossible would be helpful

    I can see the computers but i cannot manage them
    this is perhaps the most interesting statement - what is see and what is manage? Assuming a fresh install you don't see any endpoints except your management server. After installation the Download Security Software wizard commences asking you to enter an update location and the necessary credentials. You didn't mention this step. What did you do to see your computers? Before the Endpoint software is installed on a computer the computer is called unmanaged. It might be a misnomer when you say you cannot manage - do you mean that Protect Computers failed?  

    Christian

  • ok, forget I cannot uninstall, now I have a new install but always the same probleme : I can see the computers but i cannot manage them

     

    I think its the same probleme than : https://community.sophos.com/products/endpoint-security-control/f/sophos-enterprise-console/101101/cause-with-protecting-clients-in-sec

     

    With error 00002E 

    With more than 16000 view I think that a lot of peoples have this probleme but at the end there is no solution.

     

    You say : check the Router log in %ProgramData%\Sophos\Remote Management System\3\Router\Logs\. This should tell why the endpoint can't communicate with the server.

    So I find that :

    I Sent message (id=018D3B62) to EM
    03.09.2018 15:48:49 0880 E ACE_SSL (668|2176) error code: 336027900 - error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
    03.09.2018 15:48:49 0880 E ACE_SSL (668|2176) error code: 336462231 - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
    03.09.2018 15:54:39 0888 E ACE_SSL (668|2184) error code: 336027900 - error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
    03.09.2018 15:54:39 0888 E ACE_SSL (668|2184) error code: 336462231 - error:140E0197:SSL routines:SSL_shutdown:shutdown while in init
    03.09.2018 15:55:24 08D0 I Routing to EM: id=018D3D4C, origin=Router$SERVER2008R2.Agent, dest=EM, type=EM-GetStatus-Reply
    03.09.2018 15:55:24 08BC I Sent message (id=018D3D4C) to EM

     

    Must I disable all protocol exept tls 1.2 ?

    on the server?

    on the client ?

     

     

     

     

  • Protocols enable now :

    Multi-protocol unified Hello

    SSL 3.0

    TlS1.0

    TLS1.1

    TLS1.2

  • Hello Mic Ita,

    first of all - it seems you have installed SEC (5.5.1 I assume?) on a 2008R2, also installed the Endpoint component, and the server appears as up-to-date computer in the console - is this correct?

    Instead of guessing and more or less arbitrary actions please let us try a systematic approach.
    You did not answer what exactly I can see the computers but i cannot manage them is. If see means that the computers appear in the console - how did they get there? When you install SEC only one computer is there, the management server itself. Additional computers show up when either the Endpoint component from the CID is installed on them or computers names are imported  or discovered. As you mention 0x0000002e I assume the latter (import/discover) and you have tried Protect Computers - is this the case? 

    The tiny part of the log is from the management server. The errors suggest that some computer tries to connect using an obsolete protocol. This is strange - if Protect failed with 0x0000002e there should be no endpoint (apart from the server that seems to be able to "talk" to itself) that could try to connect. The question is, what is trying to make this connection?

    So you did try to use Protect Computers? Did all attempts fail? Did you check the clients whether the install has started or even succeeded on them? Did you try to install manually from the CID on one or more endpoints?

    Christian     

  • 1) it's correct

    2) Additionnals computers have been find on the DC (2016 srver) . Once searching computer with ip adress works and on SEC I have seen computers + IP adress. But after IP desapeared and never come again.

    Today I have hours to lost so I uninstall  SEC from 2008R2. 

    I create 2 User on the DC ( witch is an other server runing 2016) SophosManagement2 and SohosUdateMgr2

    I just let protocol TLS 1.2 on 2008R2 because at every installation I ave a Warning messageTo do that I use  IIsCrypto2.0 (https://community.sophos.com/products/endpoint-security-control/f/sophos-enterprise-console/90136/sec-5-5-1/372535)

    I begin .....

    First warning : you ave several net cards.... Ok, I will disable virtual machines

    I stop and relaunch installation : ......... always the warning message " le systeme d'exploitation  peut etre configuré pour utiliser TLS 1.2". I dont take care and I continue installation

    ....... Impossible to install database. In the log file t the end I can read : Databese64.msi failed with errorcode 1603  

    I Follow instruction for the error ...Regedit.... In the registry I create the key database user

    I create Databaseuserdomaine: name of my domaine active directory

    I create Databaseuserdomaine: SophosManagement

    I want to use ObfuscationUtil.exe to create the other key but but it doesnot work because DLLs are not present. Perhaps is it useful to do an installation of the installation ?

    .... I things hours are not enought to install your program like that. Perhaps days or weeks 

     

    How can I uninstall all correctly so that it will possible to reinstall ?

     

     

     

     

     

     

     

Reply
  • 1) it's correct

    2) Additionnals computers have been find on the DC (2016 srver) . Once searching computer with ip adress works and on SEC I have seen computers + IP adress. But after IP desapeared and never come again.

    Today I have hours to lost so I uninstall  SEC from 2008R2. 

    I create 2 User on the DC ( witch is an other server runing 2016) SophosManagement2 and SohosUdateMgr2

    I just let protocol TLS 1.2 on 2008R2 because at every installation I ave a Warning messageTo do that I use  IIsCrypto2.0 (https://community.sophos.com/products/endpoint-security-control/f/sophos-enterprise-console/90136/sec-5-5-1/372535)

    I begin .....

    First warning : you ave several net cards.... Ok, I will disable virtual machines

    I stop and relaunch installation : ......... always the warning message " le systeme d'exploitation  peut etre configuré pour utiliser TLS 1.2". I dont take care and I continue installation

    ....... Impossible to install database. In the log file t the end I can read : Databese64.msi failed with errorcode 1603  

    I Follow instruction for the error ...Regedit.... In the registry I create the key database user

    I create Databaseuserdomaine: name of my domaine active directory

    I create Databaseuserdomaine: SophosManagement

    I want to use ObfuscationUtil.exe to create the other key but but it doesnot work because DLLs are not present. Perhaps is it useful to do an installation of the installation ?

    .... I things hours are not enought to install your program like that. Perhaps days or weeks 

     

    How can I uninstall all correctly so that it will possible to reinstall ?

     

     

     

     

     

     

     

Children
  • Hello Mic Ita,

    hours are not enough to install your program
    [it's not my program, I'm not Sophos]
    Generally it should take not more than one hour doing a standard install from scratch. You create the two accounts, start the installer, review the warnings (these can normally be ignored) and errors (there are not many you could get on a clean up-to-date current OS - if you get one take appropriate action) in the System Property Checks, continue and enter the necessary credentials, let the actual installation start.
    You said you could open the console, install the Endpoint component, and the management server could "see" itself. You also said you could find computers. So the installation was apparently correct - too late now but there was no need to uninstall or otherwise modify the installation.
    If you decide to uninstall SEC from a computer that has also Endpoint already installed it is necessary to uninstall all Sophos components before trying to reinstall. Please note that an uninstall neither removes the database nor the SQL Server instance. If you change (or delete/recreate) the database users this can cause problems, nevertheless these can be overcome.

    1603 is a general error code, I don't think there is universally valid instruction for the error - which article are you referring to? Normally in response to a 1603 it's necessary to determine the actual error that occurred.

    How can I uninstall
    As said, you have to uninstall all components, SEC and Endpoint. I'd also drop the SOPHOS551, SOPHOSPATCH52 and SophosSecurity databases.

    Christian