This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SOPHOS 9.5, HP ProtectTools Authentication, and remote SQL DB Help please

Will try and explain as best i can:

Our test domain consists of a DC, App Server, SQL Server and Web Server, all running Windows Server 2008 R2 Enterprise Edition. We also have an NMS machine running 2008 R2 where Sophos Enterprise Console, and some other COTS products (such as GFI Languard, GFI Endpoint Secuirty, and GFI EventManager) are installed. The Sophos Enterprise Console connects to a database instance named Sophos on the remote SQL server (SQL Server 2008 SP1). In addition the GFI products also connect to their own respective databases on the remote SQL server.

Sophos had been configured and up and running, but we have had to install a product called HP Protect Tools Authentication Services http://h20338.www2.hp.com/PublicSector/cache/86045-0-0-0-121.html, which hashes the domain passwords to a CESG approved algorithm (there’’’’s obviously more to it than that, but best you check the link for a more comprehensive description). Once installed Sophos Enterprise Console can no longer start on the NMS machine. It attempts to connect then times out , and gives the error message Management Server Connection Failed. When looking in Services, the Sophos Management Service is stopped, and when i attempt to start it, i receive a message stating that it could not start due to error 0x80004005: Unspecified Error.

The Application Event log shows an event id 8004: Initialization failed, creating a database connection. LogonUser failed.
The GFI products are still able to connect to the remote databases without issue, it only seems to be Sophos that has a problem.

As part of the troubleshooting i have tried installing Sophos both under a sweepupd account, and under Domain Administrator. I have also installed before and after the installation of Protect Tools Authentication Services but it seems to make no difference. Once the Protect Tools Authentication Services product is on the NMS machine, Enterprise Console can no longer establish a database connection. I tried to change the registry key for the database access account password, but unfortunately this didn’’’’t help either (HKLM\software\wow6432node\sophos\ee\management tools\database user).

I have also tried article 66028 from the sophos support knowledgebase without success.

Any thoughts or suggestions gratefully received,

Thanks in advance

This thread was automatically locked due to age.

0 jak over 14 years ago

Hi,

I assume you are using a domain account under:

HKLM\software\wow6432node\sophos\ee\management tools\databaseuser\DatabaseUserName

Would a local account be subject to the same settings in the other software?

As you could create a local account called DB for example on both machines (SEC and DB) with the same password; ensure it is a member of the Sophos DB Admins group on the database server and adjust the registry keys as required on the management server to reference the new local local account. E.g. DatabaseUserDomain would become the name of the management server machine rather than the domain as it might be now if you're using a domain account.

I would suggest just changing the UseClearTextkey to 1 as a test to ensure it works before messing about with obfuscationutil.exe -w [newpass] to generate you a obfuscated password from it.

http://www.sophos.com/support/knowledgebase/article/66224.html

mentions using this tool if required.

If this works it could at least give you a workaround or possibly a solution.

Can you exempt certain service accounts within this software?

Regards,

Jak
:7489
Cancel
Vote Up 0 Vote Down

Cancel
0 parxuk over 14 years ago

Jak
Thanks for the suggestion, and apologies for not having replied sooner. I will give it a try and see what happens.
Thanks again
:7611
Cancel
Vote Up 0 Vote Down

Cancel