Failed Sophos intall RMS intall issue

Hi,

In the Windows temp directory (\windows\temp) there will be a RMS MSI install log.

That file is your best bet.  I would suggest search "up" that log file for the string:

return value 3

have a look around that area, it should give you an idea.  If not maybe paste the logs here so we can take a look.

Regards,

Jak

I went back and looked into the Sophos RMS install log.  First a question about these logs.  There seem to be two sets of logs, one with a timestamp of the original install, and then series of further logs with the date as part of the file name.  If I understand correctly, after the first failure, Sophos keeps trying to install RMS and creates a separate log for each attempt.  Is this correct?

So, I searched through the original install log for 'return value 3' and found a few error messages including a series of 'could not overwrite' errors.  Thinking the issue might be files from an old install, I did an uninstall, cleaned up the registry, deleted all old Sophos directories and tried a clean install with the same result.

Here are the lines just above the return value 3 line:

MSI (s) (50:AC) [14:54:13:229]: Note: 1: 1722 2: RunClientMRInitForUpgrade 3: D:\Program Files\Sophos\Remote Management System\ClientMRInit.exe 4: -update -logpath "D:\WINDOWS\TEMP\\" -filepath "D:\Program Files\Sophos\Remote Management System\\"
MSI (s) (50:AC) [14:54:13:229]: Product: Sophos Remote Management System -- Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action RunClientMRInitForUpgrade, location: D:\Program Files\Sophos\Remote Management System\ClientMRInit.exe, command: -update -logpath "D:\WINDOWS\TEMP\\" -filepath "D:\Program Files\Sophos\Remote Management System\\"

Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action RunClientMRInitForUpgrade, location: D:\Program Files\Sophos\Remote Management System\ClientMRInit.exe, command: -update -logpath "D:\WINDOWS\TEMP\\" -filepath "D:\Program Files\Sophos\Remote Management System\\"
MSI (s) (50:AC) [14:54:13:229]: User policy value 'DisableRollback' is 0
MSI (s) (50:AC) [14:54:13:229]: Machine policy value 'DisableRollback' is 0
Action ended 14:54:13: InstallExecute. Return value 3.

Suggestions?

Hello,

looks like ClientMRInit sees a problem - it writes its own log, ClientMRInit_yyymmdd_hhmmss.txt, which should be in D:\WINDOWS\TEMP. What's in it?

Christian

HI,

If I had to take a guess, I would imagine that if you copy cac.pem and mrinit.conf from the central installation directory to:

"D:\Program Files\Sophos\Remote Management System\"

and perform an update now the RMS package will install.

If not the log file QC mentions is what we need.

Regards,
Jak

Below are the contents of the clientMRInit file.  I take it the bolded line is the issue.  Has something been left behind from a previous uninstall attempt?  Is there a particular registry entry I need to delete? 

As mentioned earlier, on the last attempt I used a registry cleaner to get rid of any old references to Sophos.

---------------------------------------------------------------------

14.03.2011 14:34:33 0ACC I SOF: D:\WINDOWS\TEMP/ClientMRInit-20110314-183433.log
14.03.2011 14:34:33 0ACC D ClientMRInit updating
14.03.2011 14:34:33 0ACC D mrfile=`MRInit.conf`
cafile=`cac.pem`
filepath=`D:\Program Files\Sophos\Remote Management System\`
rtrname=`Router`
logpath=`D:\WINDOWS\TEMP`
14.03.2011 14:34:33 0ACC I Opening initialisation file: D:\Program Files\Sophos\Remote Management System/MRInit.conf
14.03.2011 14:34:33 0ACC I Opening root certificate initialisation file: D:\Program Files\Sophos\Remote Management System/cac.pem
14.03.2011 14:34:33 0ACC E New and old CA certificates do not match. Upgrading CA certificates is not allowed, uninstall RMS first.
14.03.2011 14:34:33 0ACC I Message Router identity key do not match. Upgrading to new key.
14.03.2011 14:34:33 0ACC I Managed Application identity key do not match. Upgrading to new key.
14.03.2011 14:34:33 0ACC I Management Agent identity key do not match. Upgrading to new key.
14.03.2011 14:34:33 0ACC D CheckParentAddress( `192.168.110.39,ELMSOP01.elmira.trimmasters.com,ELMSOP01`->`172.17.248.37,LOU-SEC01.TBAmerica.com,LOU-SEC01` )
14.03.2011 14:34:33 0ACC D IsThisComputer[172.17.248.37,LOU-SEC01.TBAmerica.com,LOU-SEC01]
14.03.2011 14:34:33 0ACC D Found 4 addresses
14.03.2011 14:34:33 0ACC I Connection cache size for endpoint will be set to 10 , NumSenderThreads will be set to 3
14.03.2011 14:34:33 0ACC I Parent router ports match, no action taken: 8192
14.03.2011 14:34:33 0ACC I Router IOR ports match, no action taken: 8192
14.03.2011 14:34:33 0ACC D Router service args are the same (-ORBListenEndpoints iiop://:8193/ssl_port=8194), no change.
14.03.2011 14:34:33 0ACC E Checking failed, new configuration will not be applied.

jak.  I just saw your post.  I am not sure I have access to the central install directory.  I will have to check.

In the mean time, Does the posted error in the ClientMRInit file match with your diagnosis?

Thanks for the reply jak.  We went through a domain change which has caused all kinds of interesting problems, Sophos strangeness being one of them.

I will try your suggestions.  If that fails, I can only try a complete uninstall, but this time will walk through the registry looking for Sophos remnants rather than relying on a registry cleaner.

This is just getting more and more interesting...

There are Sophos entries in HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node].  Nothing.

Is is possible the entries are hidden in some way??  I have very limited access to this machine, so I can only poke around when the user is away from his desk.

Oops, posted too soon.  I poked around on my machine and found the relevant keys in a completely different location.