ok I've done a test migration to 4.5 and NAC 3.5 and things seem to work fine, except NAC. The new NAC client installs ok and the clients seem to get registered with the NAC server but after a little while I get an error on the client.
"The agent was unable to communicate with the server in order to report results"
Sophos SEC and NAC are running on a Hyper-V virtual box with the databases running on a full fat SQL box.
I get the issue on Vista boxes that were running NAC 3.3 and on Windows7 boxes that have never had the NAC client installed on them.
I get the following in the servers app log when any client tries to report back
Log Name: Application
Source: Sophos NAC
Date: 16/07/2010 11:11:10
Event ID: 1002
Task Category: 3
Level: Error
Keywords: Classic
User: N/A
Computer: Printserver.npm.ac.uk
Description:
PID 2912 : TID 4
Failed to report client global data. Exception information is included for additional evidence.
-- Sophos NAC Exception Details --
Source Message: Queue Does not Exist
Source: QueueComponents
Source Timestamp: 16/07/2010 11:11:10
Source Machine: PRINTSERVER
Source Exception Type: Sophos.NAC.Core.ExceptionManagement.EndForceExcept ion
Source: QueueComponents
Target: Void set_QueuePath(System.String)
Source App Domain: /LM/W3SVC/1/ROOT/ReportInterface-1-129237483950459562
Source Thread Id: 4
Source Thread Identity:
Source Win Identity: NPM\admin_em45
Help Link:
Source Stack Trace:
--Runtime Evidence--
Queue Path: .\Private$\SophosNAC_Report
-- Evidence At Publish --
Agent Bias: 4294967236
Agent Date: 16/07/2010 11:11:09
-- Structured Evidence --(Agent Info)
strAgentId: 8BA0DB9B8FC540A88EFB02250057E6EB
strUsername: 8BA0DB9B8FC540A88EFB02250057E6EB
strAgentType: persistent
strAgentVersion: 3.5.306.0
strOSDescription: Win7 ver:6.1.7600 sp:0.0 arch:x86Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Sophos NAC" />
<EventID Qualifiers="0">1002</EventID>
<Level>2</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2010-07-16T10:11:10.000Z" />
<EventRecordID>747</EventRecordID>
<Channel>Application</Channel>
<Computer>Printserver.npm.ac.uk</Computer>
<Security />
</System>
<EventData>
<Data>PID 2912 : TID 4
Failed to report client global data. Exception information is included for additional evidence.
-- Sophos NAC Exception Details --
Source Message: Queue Does not Exist
Source: QueueComponents
Source Timestamp: 16/07/2010 11:11:10
Source Machine: PRINTSERVER
Source Exception Type: Sophos.NAC.Core.ExceptionManagement.EndForceException
Source: QueueComponents
Target: Void set_QueuePath(System.String)
Source App Domain: /LM/W3SVC/1/ROOT/ReportInterface-1-129237483950459562
Source Thread Id: 4
Source Thread Identity:
Source Win Identity: NPM\admin_em45
Help Link:
Source Stack Trace:
--Runtime Evidence--
Queue Path: .\Private$\SophosNAC_Report
-- Evidence At Publish --
Agent Bias: 4294967236
Agent Date: 16/07/2010 11:11:09
-- Structured Evidence --(Agent Info)
strAgentId: 8BA0DB9B8FC540A88EFB02250057E6EB
strUsername: 8BA0DB9B8FC540A88EFB02250057E6EB
strAgentType: persistent
strAgentVersion: 3.5.306.0
strOSDescription: Win7 ver:6.1.7600 sp:0.0 arch:x86
</Data>
</EventData>
</Event>
This thread was automatically locked due to age.
