Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 35 replies
  • Subscribers 1 subscriber
  • Views 149038 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Duplicate PC names in enterprise console

CDC

I've noticed after upgrading the Enterprise Console to version 4.5 and AV to 9.5 that duplicate PC names have started appearing.  This normally happens after a PC's AV has either not upgraded properly or has stopped updating so i've uninstalled and it and then redeployed it down.  One of the PC names will say its connected & managed (although not properly as the 'up to date' colum is blank and you can't deploy any policies down)  whilst the other will be greyed out.

I've tried deleting both entries in the Enterprise Console in an attempt for the AD sync to sort it but they both re-appear again.  Is this a known issue with the 4.5 upgrade?

:4224


This thread was automatically locked due to age.
  • 0

    Hello CDC,

    Please find article Enterprise Console 4.5: Known Issues

    (DEF 58871, DEF 58872) When discovering computers or synchronizing to Active Directory, Enterprise Console may fail to differentiate between multiple computers with the same name, and may switch them between groups alternately. This situation may arise where identically-named computers are situated on different domains or sub-domains.

    Workaround:
    Do one of the following:

    • Ensure that Sophos RMS (Remote Management Service) is installed and running on all identically-named computers before attempting to find them from Enterprise Console. Do not synchronize any Active Directory groups that contain machines which have identically-named computers; Manage the computers manually.
    • Eliminate duplicate computer names on your network.

    Hope this helps

    :4228
  • 0

    Thank you for your reply.  We only have one domain / no sub domains and all the PC's have unique names.  Any other idea's?

    :4229
  • 0

    Have you possibly used cloning to deploy computers?

    There are at least two potential problems:

    1.) It's best to install SAV after the duplication, as every client has a unique ID which is stored locally. Cloning this ID will result in inconsistent behaviour of objects in the Console. There is a documented way to re-issue new IDs after cloning, but it is less work to just install SAV individually directly after the domain-join.

    2.) Based on the tool you use for deduplication (Sysprep, Newsid or the like) we have seen cases where the TCP/IP-hostname in the registry was not correctly updated when the new name was issued to the PC.

    Best regards,

    Detlev

    :4243
  • 0

    Hey Detlav

    We do use Sysprep on our images but always install the AV after deployment.  I've found its a bit of a mixture in terms of its happening to some deployed images and some we've built from scratch.  On my particular laptop ID within enterprise console its got the managed one classed as unassigned whilst the greyed out one is assigned to the correct OU in Active Directory.  The greyed out one has a Remote management error  "This computer is not yet managed.  It is protected but hasn't reported back its status yet ".  Even after deleting both the entries they'll both re-sync up.  Seems to me like its a Sophos sync error?

    :4316
  • 0

    I am having the same problem.  We are deploying some virtual machines using VMWare, but deploy sophos after the machine is created, up and running, and joined to the domain with a unique SID (we are also running wuauclt /resetauthorization to reset the UID for windows updates).

    But I'm also having the same issue with physical machines that have been formated, and restored using a completely clean install (OEM Windows XP SP3 disk).  If I use the same name while joinging the machine to the domain, I get a duplicate entry in Enterprise Console.  There are no duplicates in AD.

    :4404
  • 0

    I've logged a call with Sophos support Rick so I'll let you know what they come up with

    :4503
  • 0

    This is what the support team have sent back to me;

    Thank you for your email, our development team are currently investigating the reported issue below under DEF62582.

    After installing SEC4.5 or upgrading to SEC4.5, duplicate PCs appear in the an Active Directory synchronized SEC group. This occurs when a managed endpoint belonging to an Active Directory synchronized SEC group is deleted.

    Deleting either endpoint from SEC does not resolve the issue, once an AD sync occurs the un-managed endpoint reappears, if the managed endpoint is deleted it will reappear after an update or if the endpoint is restarted (as intended).

    The 'Computer details' on the un-managed endpoint will be empty except for 'Computer name' and 'Operating system'.

    Hopefully they'll have a patch out for this soon

    :4505
  • 0

    I too have this issue. I have exactly the same symptoms. It would be good if we could have some confirmation from Sophos themselves about a fix or workaround.

    :4522
  • 0

    Support have e-mailed me back saying;

    "I have just been discussing this issue with our development team, they have confirmed a fix for this issue under Endpoint 9.7 due early next year."

    Not quite the speedy patch release I'd been hoping for, we'll just have to wait 6 or so months for it.

    :4592
  • 0

    We're having exactly the same issue - I've just escalated this to our SOphos support team in South Africa and requested that this be speeded up as 6 months is just plain stupid. Looks like there might be a QA issue here becuase we also had big problems when we first rolled out ver 9 so we had to roll back to 7.

    :4595
Unfiltered HTML