Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1746 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Upgrade 7 -> 9 by replacing two files

petjez

Hi,

we're upgrading our Sophos installations on 2500 PC's from version 7 to version 9. I found out when i push and replace two files to the PC's the upgrade process goes automaticly. We have a very segmented network so our Enterprise Console is not able to find all the machines.

I've replaced: C:\Program Files\Sophos\AutoUpdate\Config\iconn.cfg and

C:\Program Files\Sophos\Remote Management System\mrinit.conf

The two files will redirect the Sophos client to a new server.

So in our test environment the PC's are upgraded to version 9 without any problem. But the PC's are not registered in the new version of the Enterprise Console. Is there a way to let the PC's register themselves to the Enterprise Console? Is there a commandline tool?

Regards,

Patrick

:2646


This thread was automatically locked due to age.
  • 0

    Hello Patrick,

    iconn.cfg indeed directs the clients to the new update location and that's basically what you'd do assigning a new updating policy using SEC.

    Why do you also push out mrinit.conf? Usually the mrinit.conf from the CID should be picked up and used. Take a look at the Sophos Network Communications Report on a client. Does it report any problems?  And is the parent address pointing to the correct server?

    Christian

    :2650
  • 0

    Hi Christian,

    both servers are still running. If i just replace the iconn.cfg file the 'old' server will take control and downgrade to version 7.

    So we replace both files. After replacing the two files, the PC will upgrade to version 9 and the daily updates are picked up by the client. But the client will not report to the Enterprise Console.

    Where can i find the Sophos Network Communications Report on the client????

    Regards,

    Patrick

    :2669
  • 0

    I found this in the eventlog:


    Sophos Anti-Virus cannot report to Sophos Enterprise Console (SEC) or receive new security policies. This is because it is using an SSL certificate that is incompatible with the SEC server "Castries.ads.intra.gelre.nl". Sophos Anti-Virus should be reinstalled by the system administrator.

    For more information, see the RMS status report. To open the report, click Start, point to All Programs, point to Sophos, point to Sophos Anti-Virus, and then click View Sophos Network Communications Report.

    I don't have the link to the  Sophos Network Communications Report.

    Patrick

    :2674
  • 0

    The report should be under C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Router\NetworkReport as ReportData.xml if you can't find the link. But perhaps RMS install didn't get that far.

    SEC doesn't "get control", i.e. reinforce the updating policy, unless you either change it, move the client to another group or specify Comply with .... That is, directing the clients to a new update location should work.

    You probably didn't export/copy the (see this post) and RMS refuses to connect to the new server. If you uninstall SEC4, import the keys and install SEC4 again it should be possible to "move" the clients to the new server. But you should not change mrinit.conf on the client but configure the SAV9 CID (this is also in the mentioned post).  

    Beware - if you can't use Protect Computers from  either console and you cripple RMS your clients are stranded.

    Christian

    :2679
Unfiltered HTML