Hi Guys, Clients are set to update via HTTP and the location is accessible with all the necessary mime types, etc to ALL clients. Some however, will simply lose the connection and I am seeking alternative ways for remediation instead of a reinstall. Test scenario I made so far: Copy SAVSCFXP folder to c:\windows\temp use setup.exe from here to re-install the client with -updp c:\windows\temp\SAVSCFXP switch This makes sure that even if the HTTP location is inaccessible, at least the initial install goes through After this the client gets the certificate and logs on to the console It gets the policy and sets it to the HTTP location Update fails. The policy is the same for thousands of machines, but I have like a 100 that fall into this update failed cycle ... iconn.cfg is fully correct, as far as I found, registry does not contain anything about the update location. Christian, another one for Wireshark? ;-) Thanks DanZi

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

iconn.cfg - update location stored locally

Hi Guys,

Clients are set to update via HTTP and the location is accessible with all the necessary mime types, etc to ALL clients.

Some however, will simply lose the connection and I am seeking alternative ways for remediation instead of a reinstall.

Test scenario I made so far:

Copy SAVSCFXP folder to c:\windows\temp
use setup.exe from here to re-install the client with -updp c:\windows\temp\SAVSCFXP switch
This makes sure that even if the HTTP location is inaccessible, at least the initial install goes through
After this the client gets the certificate and logs on to the console
It gets the policy and sets it to the HTTP location
Update fails.

The policy is the same for thousands of machines, but I have like a 100 that fall into this update failed cycle ...

iconn.cfg is fully correct, as far as I found, registry does not contain anything about the update location.

Christian, another one for Wireshark? ;-)

Thanks

DanZi

This thread was automatically locked due to age.

Parents

0 QC over 5 years ago

Hello DanZi,

what is lose the connection, what's the error message in the console, what does the Updating Policy show?

Christian
Cancel
Vote Up 0 Vote Down

Cancel
0 Daniel Gebler over 5 years ago in reply to QC
Hi Christian,

Looking at one of them:

Update Policy is fine 'Same as Policy' - Primary and Secondary server also correct, iconn.cfg also ok on the client

It is connected in the console

Not Since...

ERROR: Could not find a source for updated packages 00000071

Last Update in ALUpdate's log is:

Processing CID update location: http://<correct update location>

...

File master.upd not found (Remote). Return code 0x80040f04

... then some more errors, unable to syncronise files...

It seems to boil down to this error, but master.upd, and all other files are definitely accessible via http.

At this point I could reinstall the client, but this error comes back after awhile randomly on a lot of machines.

Looking also at proxy, dns, networking and IIS logs...

DanZi
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 5 years ago in reply to Daniel Gebler

Hello DanZi,

if there is some useful (but not necessarily obvious) information it's between Processing and not found. Could you post this part of a log (sanitized but don't omit parts you deem "just informational")?

Christian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 5 years ago in reply to Daniel Gebler

Hello DanZi,

if there is some useful (but not necessarily obvious) information it's between Processing and not found. Could you post this part of a log (sanitized but don't omit parts you deem "just informational")?

Christian
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Daniel Gebler over 5 years ago in reply to QC

Hi Christian,

Here it is, the last update.

Trace(2019-Oct-01 17:11:27): =========================

Trace(2019-Oct-01 17:11:27): ALUpdate is starting.

Trace(2019-Oct-01 17:11:27): AutoUpdate version: 5.14

Trace(2019-Oct-01 17:11:27): Build             : 212545

Trace(2019-Oct-01 17:11:27): Command line      : -ScheduledUpdate -NoGUI -RootPath "C:\Program Files (x86)\Sophos\AutoUpdate"

Trace(2019-Oct-01 17:11:27): =========================

Trace(2019-Oct-01 17:11:27): Process security set successfully

Trace(2019-Oct-01 17:11:27): Product iProductData.{390DCDC2-10A9-4ef3-B8D8-0CA7F0E7EB92} has been added.

Trace(2019-Oct-01 17:11:27): Product iProductData.{390DCDC2-10A9-4ef3-B8D8-0CA7F0E7EB92} is available from Sophos.

Trace(2019-Oct-01 17:11:27): Product iProductData.{390DCDC2-10A9-4ef3-B8D8-0CA7F0E7EB92} is not the Spam Rules package.

Trace(2019-Oct-01 17:11:27): Product iProductData.{D752FAB9-5883-4b36-8740-61565B6BAD29} has not been added.

Trace(2019-Oct-01 17:11:27): Product iProductData.{E17FE03B-0501-4aaa-BC69-0129D965F311} has been added.

Trace(2019-Oct-01 17:11:27): Product iProductData.{E17FE03B-0501-4aaa-BC69-0129D965F311} is available from Sophos.

Trace(2019-Oct-01 17:11:27): Product iProductData.{E17FE03B-0501-4aaa-BC69-0129D965F311} is not the Spam Rules package.

Trace(2019-Oct-01 17:11:27): Product subscription is disabled: iProductData.{7998C326-2CA5-4830-B7D2-B792D2460975} action value is:0

Trace(2019-Oct-01 17:11:27): Product iProductData.{7998C326-2CA5-4830-B7D2-B792D2460975} has not been added.

Trace(2019-Oct-01 17:11:27): Product iProductData.{3B758ED7-87C1-4e89-BDE1-F49DFF1249F6} has not been added.

Trace(2019-Oct-01 17:11:27): Product iProductData.{B5E7E2A7-3B64-437D-801F-21CC9D67CC6D} has been added.

Trace(2019-Oct-01 17:11:27): Product iProductData.{B5E7E2A7-3B64-437D-801F-21CC9D67CC6D} is available from Sophos.

Trace(2019-Oct-01 17:11:27): Product iProductData.{B5E7E2A7-3B64-437D-801F-21CC9D67CC6D} is the Spam Rules package.

Trace(2019-Oct-01 17:11:27): Computer is a not possible cluster

Trace(2019-Oct-01 17:11:27): PureMessageDetector::AreSpamRulesRequired - Could not open registry on Software\Sophos\MMEx\Config\Global

Trace(2019-Oct-01 17:11:27): ConfigurationImpl, considering PMSR 2.6: PureMessage not installed, PMSR package will not be updated without a subscription

Trace(2019-Oct-01 17:11:27): Considering subscribed products.

Trace(2019-Oct-01 17:11:27): Considering product {1129226C-32AB-4B72-85E1-A9CC8DFBC859}

Trace(2019-Oct-01 17:11:27): Product {1129226C-32AB-4B72-85E1-A9CC8DFBC859} is not already subscribed.

Trace(2019-Oct-01 17:11:27): Product {1129226C-32AB-4B72-85E1-A9CC8DFBC859} was added to the list.

Trace(2019-Oct-01 17:11:27): Considering product {8087796B-2289-4897-98A5-58FF23DAAFD0}

Trace(2019-Oct-01 17:11:27): Product {8087796B-2289-4897-98A5-58FF23DAAFD0} is not already subscribed.

Trace(2019-Oct-01 17:11:27): Product {8087796B-2289-4897-98A5-58FF23DAAFD0} was added to the list.

Trace(2019-Oct-01 17:11:27): Considering product {9BF40A4E-23AE-48be-9974-5A1F261DBEE8}

Trace(2019-Oct-01 17:11:27): Product {9BF40A4E-23AE-48be-9974-5A1F261DBEE8} is not already subscribed.

Trace(2019-Oct-01 17:11:27): Product {9BF40A4E-23AE-48be-9974-5A1F261DBEE8} was added to the list.

Trace(2019-Oct-01 17:11:27): Considering product {D918120F-5C45-4e77-BEBF-7D921273B2E0}

Trace(2019-Oct-01 17:11:27): Product {D918120F-5C45-4e77-BEBF-7D921273B2E0} is not already subscribed.

Trace(2019-Oct-01 17:11:27): Product {D918120F-5C45-4e77-BEBF-7D921273B2E0} is Patch

Trace(2019-Oct-01 17:11:27): Product {D918120F-5C45-4e77-BEBF-7D921273B2E0} was added to the list.

Trace(2019-Oct-01 17:11:27): Considering product {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E}

Trace(2019-Oct-01 17:11:27): Product {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E} is not already subscribed.

Trace(2019-Oct-01 17:11:27): Product {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E} was added to the list.

Trace(2019-Oct-01 17:11:27): Product {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E} is removable.

Trace(2019-Oct-01 17:11:27): Product {8087796B-2289-4897-98A5-58FF23DAAFD0} is removable.

Trace(2019-Oct-01 17:11:27): Product {1129226C-32AB-4B72-85E1-A9CC8DFBC859} is removable.

Trace(2019-Oct-01 17:11:27): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:27): GenerateCustomerID: complete

Trace(2019-Oct-01 17:11:27): Computer is a not possible cluster

Trace(2019-Oct-01 17:11:27): PureMessageDetector::AreSpamRulesRequired - Could not open registry on Software\Sophos\MMEx\Config\Global

Trace(2019-Oct-01 17:11:27): IPCBase::IPCBase: Connected to shared memory A32951C539924a12B3C8F2FDA5A268E4

Trace(2019-Oct-01 17:11:27): IPCSender::ProcessSend started

Trace(2019-Oct-01 17:11:27): IPCSender::ProcessSend: No messages in queue, starting to wait

Trace(2019-Oct-01 17:11:27): RMSMessageHandler: ALUpdateStart

Trace(2019-Oct-01 17:11:27): IPCSender::Write: Writing message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSStartUpdate" />

Trace(2019-Oct-01 17:11:27): IPCSender::ProcessSend: Send message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSStartUpdate" />

Trace(2019-Oct-01 17:11:27): IPCSender::ProcessSend: No messages in queue, starting to wait

Trace(2019-Oct-01 17:11:27): ALUpdate(AutoUpdate.Started):

Trace(2019-Oct-01 17:11:27): UpdateCoordinator::UpdateNow: Entering

Trace(2019-Oct-01 17:11:27): PopulateCache: Entering

Trace(2019-Oct-01 17:11:27): UpdateCoordinator::UpdateNow: current platform is WIN_7_X64 reelase:

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\rms.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SimpleProduct: {390DCDC2-10A9-4ef3-B8D8-0CA7F0E7EB92}

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\savxp.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SimpleProduct: {E17FE03B-0501-4aaa-BC69-0129D965F311}

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\sed64.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SimpleProduct: {1129226C-32AB-4B72-85E1-A9CC8DFBC859}

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\ntp64.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SimpleProduct: {8087796B-2289-4897-98A5-58FF23DAAFD0}

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\sau.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SAU Product

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\spa64.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SimpleProduct: {D918120F-5C45-4e77-BEBF-7D921273B2E0}

Trace(2019-Oct-01 17:11:27): CIDMapFile::Create C:\ProgramData\Sophos\AutoUpdate\cache\ssp.map

Trace(2019-Oct-01 17:11:27): ProductFactory::Create: SimpleProduct: {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E}

Trace(2019-Oct-01 17:11:27): RelativeCidUpdateSourceLocator::AugmentUpdateSources: Entering

Trace(2019-Oct-01 17:11:27): Processing CID update location: <HTTP Update Location>

Trace(2019-Oct-01 17:11:27): Skipping SDDS2 update location: Sophos

Trace(2019-Oct-01 17:11:27): RelativeCidUpdateSourceLocator::AugmentUpdateSources: Finished. Number of new locations added: 0

Trace(2019-Oct-01 17:11:27): UpdateCoordinator::UpdateNow: About to Sync list of products

Trace(2019-Oct-01 17:11:27): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:27): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:27): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:27): Calling package_source_init

Trace(2019-Oct-01 17:11:27): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:27): Custom certificate already present.

Trace(2019-Oct-01 17:11:27): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:27): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:27): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:27): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:27): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:27): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:27): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:27): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:27): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:27): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:27): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:27): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:27): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:27): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:27): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {390DCDC2-10A9-4ef3-B8D8-0CA7F0E7EB92}

Trace(2019-Oct-01 17:11:27): CIDUpdateLocation::SyncProduct - Updating Product: RMSNT

Trace(2019-Oct-01 17:11:27): CIDUpdate(SyncProduct.Start): RMSNT, <HTTP Update Location>

Trace(2019-Oct-01 17:11:27): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>rms

Trace(2019-Oct-01 17:11:27): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:27): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:27): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:27): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\rms.map

Trace(2019-Oct-01 17:11:27): CIDUpdateLocation::SyncProduct: Failed to update product (RMSNT) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:27): CIDUpdate(CIDDownloadFailed): RMSNT, <HTTP Update Location>

Trace(2019-Oct-01 17:11:28): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:28): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:28): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:28): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:28): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:28): Calling package_source_init

Trace(2019-Oct-01 17:11:28): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:28): Custom certificate already present.

Trace(2019-Oct-01 17:11:28): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:28): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:28): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:28): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:28): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:28): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:28): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:28): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:28): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:28): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:28): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:28): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:28): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:28): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:28): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {E17FE03B-0501-4aaa-BC69-0129D965F311}

Trace(2019-Oct-01 17:11:28): CIDUpdateLocation::SyncProduct - Updating Product: SAVXP

Trace(2019-Oct-01 17:11:28): CIDUpdate(SyncProduct.Start): SAVXP, <HTTP Update Location>

Trace(2019-Oct-01 17:11:28): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>savxp

Trace(2019-Oct-01 17:11:28): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:28): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:28): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:28): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\savxp.map

Trace(2019-Oct-01 17:11:28): CIDUpdateLocation::SyncProduct: Failed to update product (SAVXP) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:28): CIDUpdate(CIDDownloadFailed): SAVXP, <HTTP Update Location>

Trace(2019-Oct-01 17:11:29): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:29): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:29): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:29): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:29): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:29): Calling package_source_init

Trace(2019-Oct-01 17:11:29): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:29): Custom certificate already present.

Trace(2019-Oct-01 17:11:29): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:29): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:29): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:29): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:29): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:29): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:29): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:29): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:29): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:29): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:29): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:29): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:29): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:29): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:29): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {1129226C-32AB-4B72-85E1-A9CC8DFBC859}

Trace(2019-Oct-01 17:11:29): CIDUpdateLocation::SyncProduct - Updating Product: Sophos Endpoint Defense

Trace(2019-Oct-01 17:11:29): CIDUpdate(SyncProduct.Start): Sophos Endpoint Defense, <HTTP Update Location>

Trace(2019-Oct-01 17:11:29): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>sed64

Trace(2019-Oct-01 17:11:29): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:29): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:29): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:29): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\sed64.map

Trace(2019-Oct-01 17:11:29): CIDUpdateLocation::SyncProduct: Failed to update product (Sophos Endpoint Defense) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:29): CIDUpdate(CIDDownloadFailed): Sophos Endpoint Defense, <HTTP Update Location>

Trace(2019-Oct-01 17:11:30): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:30): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:30): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:30): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:30): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:30): Calling package_source_init

Trace(2019-Oct-01 17:11:30): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:30): Custom certificate already present.

Trace(2019-Oct-01 17:11:30): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:30): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:30): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:30): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:30): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:30): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:30): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:30): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:30): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:30): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:30): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:30): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:30): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:30): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:30): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {8087796B-2289-4897-98A5-58FF23DAAFD0}

Trace(2019-Oct-01 17:11:30): CIDUpdateLocation::SyncProduct - Updating Product: Sophos Network Threat Protection

Trace(2019-Oct-01 17:11:30): CIDUpdate(SyncProduct.Start): Sophos Network Threat Protection, <HTTP Update Location>

Trace(2019-Oct-01 17:11:30): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>ntp64

Trace(2019-Oct-01 17:11:30): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:30): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:30): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:30): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\ntp64.map

Trace(2019-Oct-01 17:11:30): CIDUpdateLocation::SyncProduct: Failed to update product (Sophos Network Threat Protection) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:30): CIDUpdate(CIDDownloadFailed): Sophos Network Threat Protection, <HTTP Update Location>

Trace(2019-Oct-01 17:11:31): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:31): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:31): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:31): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:31): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:31): Calling package_source_init

Trace(2019-Oct-01 17:11:31): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:31): Custom certificate already present.

Trace(2019-Oct-01 17:11:31): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:31): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:31): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:31): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:31): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:31): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:31): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:31): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:31): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:31): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:31): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:31): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:31): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:31): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:32): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {9BF40A4E-23AE-48be-9974-5A1F261DBEE8}

Trace(2019-Oct-01 17:11:32): CIDUpdateLocation::SyncProduct - Updating Product: Sophos AutoUpdate

Trace(2019-Oct-01 17:11:32): CIDUpdate(SyncProduct.Start): Sophos AutoUpdate, <HTTP Update Location>

Trace(2019-Oct-01 17:11:32): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>sau

Trace(2019-Oct-01 17:11:32): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:32): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:32): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:32): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\sau.map

Trace(2019-Oct-01 17:11:32): CIDUpdateLocation::SyncProduct: Failed to update product (Sophos AutoUpdate) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:32): CIDUpdate(CIDDownloadFailed): Sophos AutoUpdate, <HTTP Update Location>

Trace(2019-Oct-01 17:11:33): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:33): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:33): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:33): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:33): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:33): Calling package_source_init

Trace(2019-Oct-01 17:11:33): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:33): Custom certificate already present.

Trace(2019-Oct-01 17:11:33): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:33): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:33): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:33): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:33): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:33): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:33): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:33): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:33): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:33): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:33): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:33): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:33): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:33): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:33): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {D918120F-5C45-4e77-BEBF-7D921273B2E0}

Trace(2019-Oct-01 17:11:33): CIDUpdateLocation::SyncProduct - Updating Product: Sophos Patch Agent

Trace(2019-Oct-01 17:11:33): CIDUpdate(SyncProduct.Start): Sophos Patch Agent, <HTTP Update Location>

Trace(2019-Oct-01 17:11:33): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>spa64

Trace(2019-Oct-01 17:11:33): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:33): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:33): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:33): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\spa64.map

Trace(2019-Oct-01 17:11:33): CIDUpdateLocation::SyncProduct: Failed to update product (Sophos Patch Agent) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:33): CIDUpdate(CIDDownloadFailed): Sophos Patch Agent, <HTTP Update Location>

Trace(2019-Oct-01 17:11:34): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:34): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:34): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:34): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:34): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:34): Calling package_source_init

Trace(2019-Oct-01 17:11:34): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:34): Custom certificate already present.

Trace(2019-Oct-01 17:11:34): Remote connection over HTTP.

Trace(2019-Oct-01 17:11:34): File master.upd not found (Remote). Return code 0x80040f04

Trace(2019-Oct-01 17:11:34): Unable to read file master.upd (Remote)

Trace(2019-Oct-01 17:11:34): Unable to synchronise file root.upd.

Trace(2019-Oct-01 17:11:34): Unable to synchronise file escdp.dat.

Trace(2019-Oct-01 17:11:34): Unable to synchronise file expired_credential.dat.

Trace(2019-Oct-01 17:11:34): Unable to synchronise file ProductID.dat.

Trace(2019-Oct-01 17:11:34): Unable to synchronise file order.xml.

Trace(2019-Oct-01 17:11:34): Unable to recover file root.upd.

Trace(2019-Oct-01 17:11:34): Unable to recover file escdp.dat.

Trace(2019-Oct-01 17:11:34): Unable to recover file ProductID.dat.

Trace(2019-Oct-01 17:11:34): Unable to recover file expired_credential.dat.

Trace(2019-Oct-01 17:11:34): Unable to recover file order.xml.

Trace(2019-Oct-01 17:11:34): Error -2147217660 in ReadCustomerIDFile

Trace(2019-Oct-01 17:11:34): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E}

Trace(2019-Oct-01 17:11:34): CIDUpdateLocation::SyncProduct - Updating Product: Sophos System Protection

Trace(2019-Oct-01 17:11:34): CIDUpdate(SyncProduct.Start): Sophos System Protection, <HTTP Update Location>

Trace(2019-Oct-01 17:11:34): CIDUpdateLocation::Sync - Updating from http CID: <HTTP Update Location>ssp

Trace(2019-Oct-01 17:11:34): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:34): CIDSync(CidSyncMessage):

Trace(2019-Oct-01 17:11:34): CIDSyncCallback, SynchronisationTerminated - Code = -2147217660

Trace(2019-Oct-01 17:11:34): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\ssp.map

Trace(2019-Oct-01 17:11:34): CIDUpdateLocation::SyncProduct: Failed to update product (Sophos System Protection) from "<HTTP Update Location>", Error is :CIDSYNC_E_FILESYNCERROR (Error during file download.)

Trace(2019-Oct-01 17:11:34): CIDUpdate(CIDDownloadFailed): Sophos System Protection, <HTTP Update Location>

Trace(2019-Oct-01 17:11:35): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0

Trace(2019-Oct-01 17:11:35): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:35): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:35): TrySyncProduct<class SDDS2::SULUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:35): TrySyncProduct<class SDDS2::SULUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:35): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:35): SULUpdateLocation created!

Trace(2019-Oct-01 17:11:35): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:35): SULUpdateLocation: BeginSync

Trace(2019-Oct-01 17:11:35): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode

Trace(2019-Oct-01 17:11:35): SDDS2Update(SyncProduct.Start): Sophos Endpoint Security and Control, sophos

Trace(2019-Oct-01 17:11:35): Calling SULDownloader Setup...

Trace(2019-Oct-01 17:11:35): warehousePath: "C:\ProgramData\Sophos\AutoUpdate\data\warehouse"

Trace(2019-Oct-01 17:11:35): decodePath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode"

Trace(2019-Oct-01 17:11:35): certPath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir"

Trace(2019-Oct-01 17:11:35): server = sophos

Trace(2019-Oct-01 17:11:35): Adding Sophos Update Location: http://dci.sophosupd.com/update

Trace(2019-Oct-01 17:11:35): Adding Sophos Update Location: http://dci.sophosupd.net/update

Trace(2019-Oct-01 17:11:35): No manually configured proxy.

Trace(2019-Oct-01 17:11:35): SULDownloader setup successful.

Trace(2019-Oct-01 17:11:35): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:36): Enumerating available product versions...

Trace(2019-Oct-01 17:11:36): Out of sources

Trace(2019-Oct-01 17:11:36): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:38): Out of sources

Trace(2019-Oct-01 17:11:38): Failed: SDDS2 CheckResubscription failed

Trace(2019-Oct-01 17:11:38): TrySyncProduct<class SDDS2::SULUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:38): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:38): TrySyncProduct<class SDDS2::SULUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:38): TrySyncProduct<class SDDS2::SULUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:38): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:38): SULUpdateLocation created!

Trace(2019-Oct-01 17:11:38): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:38): SULUpdateLocation: BeginSync

Trace(2019-Oct-01 17:11:38): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode

Trace(2019-Oct-01 17:11:38): SDDS2Update(SyncProduct.Start): Sophos Endpoint Security and Control, sophos

Trace(2019-Oct-01 17:11:38): Calling SULDownloader Setup...

Trace(2019-Oct-01 17:11:38): warehousePath: "C:\ProgramData\Sophos\AutoUpdate\data\warehouse"

Trace(2019-Oct-01 17:11:38): decodePath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode"

Trace(2019-Oct-01 17:11:38): certPath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir"

Trace(2019-Oct-01 17:11:38): server = sophos

Trace(2019-Oct-01 17:11:38): Adding Sophos Update Location: http://dci.sophosupd.com/update

Trace(2019-Oct-01 17:11:38): Adding Sophos Update Location: http://dci.sophosupd.net/update

Trace(2019-Oct-01 17:11:38): No manually configured proxy.

Trace(2019-Oct-01 17:11:38): SULDownloader setup successful.

Trace(2019-Oct-01 17:11:38): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:39): Enumerating available product versions...

Trace(2019-Oct-01 17:11:39): Out of sources

Trace(2019-Oct-01 17:11:39): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:41): Out of sources

Trace(2019-Oct-01 17:11:41): Failed: SDDS2 CheckResubscription failed

Trace(2019-Oct-01 17:11:41): TrySyncProduct<class SDDS2::SULUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:41): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:41): TrySyncProduct<class SDDS2::SULUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:41): TrySyncProduct<class SDDS2::SULUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:41): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:41): SULUpdateLocation created!

Trace(2019-Oct-01 17:11:41): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:41): SULUpdateLocation: BeginSync

Trace(2019-Oct-01 17:11:41): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode

Trace(2019-Oct-01 17:11:41): SDDS2Update(SyncProduct.Start): Sophos Endpoint Security and Control, sophos

Trace(2019-Oct-01 17:11:41): Calling SULDownloader Setup...

Trace(2019-Oct-01 17:11:41): warehousePath: "C:\ProgramData\Sophos\AutoUpdate\data\warehouse"

Trace(2019-Oct-01 17:11:41): decodePath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode"

Trace(2019-Oct-01 17:11:41): certPath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir"

Trace(2019-Oct-01 17:11:41): server = sophos

Trace(2019-Oct-01 17:11:41): Adding Sophos Update Location: http://dci.sophosupd.com/update

Trace(2019-Oct-01 17:11:41): Adding Sophos Update Location: http://dci.sophosupd.net/update

Trace(2019-Oct-01 17:11:41): No manually configured proxy.

Trace(2019-Oct-01 17:11:41): SULDownloader setup successful.

Trace(2019-Oct-01 17:11:41): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:43): Enumerating available product versions...

Trace(2019-Oct-01 17:11:43): Out of sources

Trace(2019-Oct-01 17:11:43): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:44): Out of sources

Trace(2019-Oct-01 17:11:44): Failed: SDDS2 CheckResubscription failed

Trace(2019-Oct-01 17:11:44): TrySyncProduct<class SDDS2::SULUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:44): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:44): TrySyncProduct<class SDDS2::SULUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:44): TrySyncProduct<class SDDS2::SULUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:44): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:44): SULUpdateLocation created!

Trace(2019-Oct-01 17:11:44): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:44): SULUpdateLocation: BeginSync

Trace(2019-Oct-01 17:11:44): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode

Trace(2019-Oct-01 17:11:44): SDDS2Update(SyncProduct.Start): Sophos Endpoint Security and Control, sophos

Trace(2019-Oct-01 17:11:44): Calling SULDownloader Setup...

Trace(2019-Oct-01 17:11:44): warehousePath: "C:\ProgramData\Sophos\AutoUpdate\data\warehouse"

Trace(2019-Oct-01 17:11:44): decodePath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode"

Trace(2019-Oct-01 17:11:44): certPath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir"

Trace(2019-Oct-01 17:11:44): server = sophos

Trace(2019-Oct-01 17:11:44): Adding Sophos Update Location: http://dci.sophosupd.com/update

Trace(2019-Oct-01 17:11:44): Adding Sophos Update Location: http://dci.sophosupd.net/update

Trace(2019-Oct-01 17:11:44): No manually configured proxy.

Trace(2019-Oct-01 17:11:44): SULDownloader setup successful.

Trace(2019-Oct-01 17:11:44): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:46): Enumerating available product versions...

Trace(2019-Oct-01 17:11:46): Out of sources

Trace(2019-Oct-01 17:11:46): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:47): Out of sources

Trace(2019-Oct-01 17:11:47): Failed: SDDS2 CheckResubscription failed

Trace(2019-Oct-01 17:11:47): TrySyncProduct<class SDDS2::SULUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:47): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:47): TrySyncProduct<class SDDS2::SULUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:47): TrySyncProduct<class SDDS2::SULUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:47): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:47): SULUpdateLocation created!

Trace(2019-Oct-01 17:11:47): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:47): SULUpdateLocation: BeginSync

Trace(2019-Oct-01 17:11:47): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode

Trace(2019-Oct-01 17:11:47): SDDS2Update(SyncProduct.Start): Sophos Endpoint Security and Control, sophos

Trace(2019-Oct-01 17:11:47): Calling SULDownloader Setup...

Trace(2019-Oct-01 17:11:47): warehousePath: "C:\ProgramData\Sophos\AutoUpdate\data\warehouse"

Trace(2019-Oct-01 17:11:47): decodePath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode"

Trace(2019-Oct-01 17:11:47): certPath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir"

Trace(2019-Oct-01 17:11:47): server = sophos

Trace(2019-Oct-01 17:11:47): Adding Sophos Update Location: http://dci.sophosupd.com/update

Trace(2019-Oct-01 17:11:47): Adding Sophos Update Location: http://dci.sophosupd.net/update

Trace(2019-Oct-01 17:11:47): No manually configured proxy.

Trace(2019-Oct-01 17:11:47): SULDownloader setup successful.

Trace(2019-Oct-01 17:11:47): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:49): Enumerating available product versions...

Trace(2019-Oct-01 17:11:49): Out of sources

Trace(2019-Oct-01 17:11:49): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:50): Out of sources

Trace(2019-Oct-01 17:11:50): Failed: SDDS2 CheckResubscription failed

Trace(2019-Oct-01 17:11:50): TrySyncProduct<class SDDS2::SULUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:50): ALUpdate(ProductUnavailable): Sophos Patch Agent, Sophos

Trace(2019-Oct-01 17:11:50): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown

Trace(2019-Oct-01 17:11:50): TrySyncProduct<class SDDS2::SULUpdateLocation>, Started:

Trace(2019-Oct-01 17:11:50): TrySyncProduct<class SDDS2::SULUpdateLocation>, creating update location

Trace(2019-Oct-01 17:11:50): Could not read registry entry containing Sophos address - using hardcoded value.

Trace(2019-Oct-01 17:11:50): SULUpdateLocation created!

Trace(2019-Oct-01 17:11:50): TrySyncProduct, Calling BeginSync

Trace(2019-Oct-01 17:11:50): SULUpdateLocation: BeginSync

Trace(2019-Oct-01 17:11:50): Path to decode files to: C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode

Trace(2019-Oct-01 17:11:50): SDDS2Update(SyncProduct.Start): Sophos Endpoint Security and Control, sophos

Trace(2019-Oct-01 17:11:50): Calling SULDownloader Setup...

Trace(2019-Oct-01 17:11:50): warehousePath: "C:\ProgramData\Sophos\AutoUpdate\data\warehouse"

Trace(2019-Oct-01 17:11:50): decodePath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir\decode"

Trace(2019-Oct-01 17:11:50): certPath: "C:\ProgramData\Sophos\AutoUpdate\cache\sophos_autoupdate1.dir"

Trace(2019-Oct-01 17:11:50): server = sophos

Trace(2019-Oct-01 17:11:50): Adding Sophos Update Location: http://dci.sophosupd.com/update

Trace(2019-Oct-01 17:11:50): Adding Sophos Update Location: http://dci.sophosupd.net/update

Trace(2019-Oct-01 17:11:50): No manually configured proxy.

Trace(2019-Oct-01 17:11:50): SULDownloader setup successful.

Trace(2019-Oct-01 17:11:50): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:52): Enumerating available product versions...

Trace(2019-Oct-01 17:11:52): Out of sources

Trace(2019-Oct-01 17:11:52): SubscriptionProvider: F26F7EC0-1302-4DA7-8B6B-A5383051D41A/10.8.2.4.3741.1/

Trace(2019-Oct-01 17:11:54): Out of sources

Trace(2019-Oct-01 17:11:54): Failed: SDDS2 CheckResubscription failed

Trace(2019-Oct-01 17:11:54): TrySyncProduct<class SDDS2::SULUpdateLocation>, Ended - 0

Trace(2019-Oct-01 17:11:54): ALUpdate():

Trace(2019-Oct-01 17:11:54): ALUpdate(DownloadEnded):

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: loading SAUControl.xml

Trace(2019-Oct-01 17:11:54): SAUControlConfigParser:: Cache path: ""

Trace(2019-Oct-01 17:11:54): SAUControlConfigParser: SAUControl config path is: "sau\saucontrol\saucontrol.xml"

Trace(2019-Oct-01 17:11:54): SAUControlConfigParser:: Caught runtime_error exception: SAUControl config is not available

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: loading order.xml

Trace(2019-Oct-01 17:11:54): InstallSequencer:: Cache path: ""

Trace(2019-Oct-01 17:11:54): InstallSequencer:: Caught runtime_error exception: Invalid cache path.

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Failed to process order.xml.

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Sorting products in order of install sequence

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: About to Action list of products

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for RMSNT is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=false, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {390DCDC2-10A9-4ef3-B8D8-0CA7F0E7EB92}

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for SAVXP is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=false, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {E17FE03B-0501-4aaa-BC69-0129D965F311}

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for Sophos Endpoint Defense is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=false, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {1129226C-32AB-4B72-85E1-A9CC8DFBC859}

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for Sophos Network Threat Protection is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=false, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {8087796B-2289-4897-98A5-58FF23DAAFD0}

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for Sophos Patch Agent is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=true, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {D918120F-5C45-4e77-BEBF-7D921273B2E0}

Trace(2019-Oct-01 17:11:54): DoAction Skipping

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for Sophos System Protection is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=false, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {F8FFD42E-47AC-4CFF-9E27-EC84ED62128E}

Trace(2019-Oct-01 17:11:54): UpdateCoordinator::UpdateNow: Update Mode for Sophos AutoUpdate is: 0

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction isLater=false, skipAction=false, isUninstall=false, m_lastUpdateSucceeded=false, numfilestocahce=1, Actiontype=Setup, Not preinstalled product

Trace(2019-Oct-01 17:11:54): SimpleProduct::DoAction for {9BF40A4E-23AE-48be-9974-5A1F261DBEE8}

Trace(2019-Oct-01 17:11:55): RMSMessageHandler: ALUpdateEnd

Trace(2019-Oct-01 17:11:55): Sending message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID></ID><StringID>113</StringID><Sender>ALUpdate</Sender></ErrorMessage><ReadableMessage>ERROR:   Could not find a source for updated packages</ReadableMessage></Config>

Trace(2019-Oct-01 17:11:55): IPCSender::Write: Writing message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID></ID><StringID>113</StringID><Sender>ALUpdate</Sender></ErrorMessage><ReadableMessage>ERROR:   Could not find a source for updated packages</ReadableMessage></Config>

Trace(2019-Oct-01 17:11:55): IPCSender::ProcessSend: Send message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID></ID><StringID>113</StringID><Sender>ALUpdate</Sender></ErrorMessage><ReadableMessage>ERROR:   Could not find a source for updated packages</ReadableMessage></Config>

Trace(2019-Oct-01 17:11:55): IPCSender::ProcessSend: No messages in queue, starting to wait

Trace(2019-Oct-01 17:11:55): Telemetry::LoadTelemetrySupplement 344: Telemetry Interval set to 86400 seconds

Trace(2019-Oct-01 17:11:55): Telemetry::LoadDocument 218: C:\ProgramData\Sophos\AutoUpdate\\Config\TelemetryConfig.json loaded

Trace(2019-Oct-01 17:11:55): Telemetry::LoadTelemetrySupplement 385: Telemetry Interval updated to 86400 seconds

Trace(2019-Oct-01 17:11:55): Telemetry::CalculateLastTelemtryTime 134: Telemetry last ran at 2019-09-30 19:19:00, Offset 6658, Offset Time 2019-09-30 21:09:58

Trace(2019-Oct-01 17:11:55): Telemetry::HasTelemetrySchedulePeriodElapsed 157: Telemetry schedule has not elapsed.

Trace(2019-Oct-01 17:11:56): IPCSender::ProcessSend exiting

Trace(2019-Oct-01 17:11:56): ALUpdate finished
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 5 years ago in reply to Daniel Gebler

Hello DanZi,

playing for time ;) .... you've perhaps sanitized too much, what's <HTTP Update Location>? I'm not interested i the host but the path - it looks like it isn't correct.

Second issue: Your Secondary is Sophos, isn't it? It seems to fail at CheckResubscription. Not sure how it's supposed to work, if I'm not mistaken the endpoint is looking for version 10.8.2.4.3741.1 and isn't re-subscribed, i.e. is offered an upgraded version instead. This is or was the Fix for hang on boot version but maybe not the final answer. It's, although fairly recent, no longer in the Release Notes. The infamous Forgotten Version? Seriously, don't have acces to the Console right now, can't say if it still exists. Normally endpoints should be resubscribed when looking for an older version, this might be a special case. But this is just an aside.

Christian
Cancel
Vote Up 0 Vote Down

Cancel
0 Daniel Gebler over 5 years ago in reply to QC

Hi Christian,

:) Sorry, only have time intermittently to check in here.

Slowly but surely we are getting there :)

<HTML Update location> - is basically http://<server fqdn>/SophosUpdate/CIDs/S000/SAVSCFXP

Everything else is unchanged.

Secondary is indeed Sophos, but machines aren't able to connect that when they are on the network (I think at least - but will double check).

The version is a long term one, we are on the fixed package, so version is ok.

DanZi
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 5 years ago in reply to Daniel Gebler

Hello DanZi,

I knew I needed time. the path question wasn't beside the point though. Checked to make sure, AutoUpdate is pretty opaque w.r.t. HTTP errors. The result in the log is the same whether the path, the password, or even the server is incorrect.
Before resorting to Wireshark I'd check the web server's error log (note that you normally see each request twice, first with a 401 and then a 200 response.

Christian
Cancel
Vote Up 0 Vote Down

Cancel
0 Daniel Gebler over 5 years ago in reply to QC

Ok, I think time to speak to some network operators... The log shows myriad of lines with IP addresses coming to fetch files, but the machines failing do not appear in the latest few (over 30 megs) logs... so I am thinking proxy ...
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 5 years ago in reply to Daniel Gebler

Hello DanZi,

but master.upd, and all other files are definitely accessible via http [...] but the machines failing do not appear in the [log]
Endpoint update is still over plain HTTP, there's no intelligence whatsoever in a WebCID, you can use any web server. Consequently if you can download the files with a browser updating should normally also work. Apparently the request fails immediately, this suggests that the endpoints can connect to some upstream device but receive a negative response.

Christian
Cancel
Vote Up 0 Vote Down

Cancel