Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 37 replies
  • Subscribers 1 subscriber
  • Views 52180 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Windows 7 64bit and Sophos 9.7 Problem

Trevor

Hi,

Bit of a issue here which is baffling me.

Set up a new Subcription to 9.7 Recommended and created a new CID on AV server.

Setup a new Policy with the correct subscription which applies to a number of XP machines and 4 Windows 7 64bit machines.

The XP machines are all compliant with the new policy and have automatically upgraded from 9.5 to 9.7.

I've manually installed 9.7 to the Win 7 machines from the new CID (S002).

The issue I'm having is after 60 mins or so (automatic update schedule) the Win 7 workstations are checking for updates and then downgrading themselves back to version 9.5!

Both Win 7 and XP machines are sharing the same updating policy.

Any ideas?

:12561


This thread was automatically locked due to age.
Parents
  • 0

    Hello Trevor,

    don't mention it. Well, it kept haunting me and I have the feeling that something's missing or I misinterpreted some of your information. Indeed taking all together it doesn't seem possible.

    So it's probably better to approach this from a different direction. Thinking about it - that the client allegedly complies but uses the wrong CID is indeed possible if  iconn.cfg is modified "outside" Sophos (i.e. not by using the GUI, RMS or the SAUConfigDLL.SAUConfig object). Thus I'd use Sysinternal's Process Monitor to find out who's accessing iconn.cfg and (potentially) modifying it. I might be on the wrong track but I think it's worth a try.

    Christian

    :12761
Reply
  • 0

    Hello Trevor,

    don't mention it. Well, it kept haunting me and I have the feeling that something's missing or I misinterpreted some of your information. Indeed taking all together it doesn't seem possible.

    So it's probably better to approach this from a different direction. Thinking about it - that the client allegedly complies but uses the wrong CID is indeed possible if  iconn.cfg is modified "outside" Sophos (i.e. not by using the GUI, RMS or the SAUConfigDLL.SAUConfig object). Thus I'd use Sysinternal's Process Monitor to find out who's accessing iconn.cfg and (potentially) modifying it. I might be on the wrong track but I think it's worth a try.

    Christian

    :12761
Children
No Data
Unfiltered HTML