Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2897 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setting up home users: Exporting the SCF Home Use policy produces an Invalid XML file

LinusCaldwell

Hi,

I'm following the instructions outlined in this knowledgebase article to create a package for home use.

When I run the command on Step 12 for exporting the SCF policy (e.g. "%Program Files%\Sophos\Enterprise Console\exportconfig.exe" -type SCF -policy “SCFHomeUse” -output C:\HomeUse\scfcidconf.xml), the resulting XML file that is generated is invalid.

This results in the policy not applying when the Sophos client is installed.

If I open the XML file with IE to test I get the following message:

An invalid character was found in text content. Error processing resource

We are using Sophos Console and client version 9.5

 
:7507


This thread was automatically locked due to age.
  • 0

    Further to this I have also now tried exporting the Firewall policy (using the Export button in Enterprise Console) to scfcidconfig.conf and copying this file as part of InstallSophos.bat (refer Step 18 here).

    The file gets copied successfully to the client inside C:\Program Files\Sophos\scf however the Firewall policy is not configured.

    Are both scfcidconfig.conf and scfcidconf.xml needed?

    :smileysad:

    I'd appreciate suggestions anyone may have.

    :7523
  • 0

    Hello LinusCaldwell,

    I have not built an installer package including SCF. As you might have noticed there exist several articles for creating an installer suggesting different methods. The (I assume) latest for SAV9.0/9.5 uses two (partial) copies of the CID, one for the initial install of AutoUpdate (with the crt) and another (with the configuration files) for the product install. Although it uses slightly more space (and the firewall policy is not an XML file - see below) you should give it a try.

    As far as I know the SCF policy is not exported as XML file. Exportconfig defaults to using the .conf extension and if you look at configcid's output it seraches for scfcidconfig.conf so I think this is the correct name to use.

    HTH

    Christian   

    :7551
  • 0

    I have worked through the article you supplied and tried again this time with the scfcidconfig.conf but with the same outcome.

    The content of the two files looks the same although it's encrypted so I can't make any sense of what is in the file.

    There must be some log file or debugging available that can explain why the firewall policy is failing to apply?

    :7677
  • 0

    Just checked (although not using a standalone installer but from a live CID). The policy was correctly applied. Search for the string CIDconfig in Sophos Client Firewall CustomActions Log.txt (%windir%\Temp) - note that new entries are appended so you have to look near the bottom. It should look like

    CopyCIDConfig: Checking for SCFConfigCid configuration file...
CopyCIDConfig: Return success

    or if no configuration file is there 

    CopyCIDConfig: Checking for SCFConfigCid configuration file...
CopyCIDConfig: No SCFCidConfig.conf file found. Returning success

    but I was unable to elicit any error message by using a corrupt configuration file. So it looks like all you get is a message whether it has found a file with that name but not whether it has actually applied the settings. 

    I think we should take this to Support

    Christian

    :7687
  • 0

    Thanks QC for the helpful log info!

    I was able to get this working by re-running ConfigCID.exe with the scfcidconfig.conf in the correct folder.

    I had missed this step after updating the conf file... :smileysad:

    :7759
Unfiltered HTML