Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 4816 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring standalone installer

Ash Green

Hi all.  I've a new installation of SEC 5.5.1 and am trying to get a workable standalone installer, but am running round in circles at the mo. I have:

  1. Created AU and SAV policies in SEC with my http update source set in the AU policy
  2. Used the latest versions of exportconfig and configcid that I can find on my system to export.
  3. Run through the KB at https://community.sophos.com/kb/en-us/67504 to manually create a package. 
  4. Attempted installation on a client with this. Everything goes on, but the updatesource stays at a temp drive on the local box - I think it's the one that is set within WinRAR as the setup location.  It never changes to the http location set in the policy.
  5. Attempted using the SDP (1.3.1) to create an installer. Used the same savinst\SAVSCFXPXML source, fed it the full URL to the CIDs/S000 folder with appropriate creds.
  6. When I run this, it launches, then closes after a few seconds.  No files in program files/x86/programdata.  Can't find a log file anywhere.

Help!  Any ideas on which of these I will have most luck with?

ta

Ash



This thread was automatically locked due to age.
Parents
  • 0

    Hello Ash,

    if you use SDP use your regular (unconfigured) CID as source, specify the Primary and optionally Secondary update location in the SDP GUI (or the applicable CLI argument).
    it launches, then closes
    setup.exe (I assume the package gets as far as that) writes its log in the logged on user's %Temp% directory, the name is Sophos ES setup.log. IIRC these packages unconditionally run CRT and its result might cause the install to be aborted.

    The manually created package should work as follows: setup.exe installs AutoUpdate from ...\savinst\SAVSCFXP and configures it to use ...\savinst\SAVSCFXPXML - this is the path you should see in the configuration once you can access the "initial" Sophos GUI. Subsequently AutoUpdate installs from the SAVSCFXPXML folder with itself as last component to install/update. At this point the XML policies should be applied.

    Christian 

  • 0 in reply to QC

    Winner, finding that logfile led to me sussing it (missing bits of the CID path).

     

    Got it connecting to the correct CID location .... I've created a SAV policy and applied that to the CID now, run update on the client and have got the Scheduled scan that I've specified centrally, but I've also defined a stack of exclusions in the same policy (for scheduled and on-demand) and neither have made their way through.  When I look inside the savconf.xml I'm not seeing them in there - am I right in thinking exportconfig.exe should contain them?

Reply
  • 0 in reply to QC

    Winner, finding that logfile led to me sussing it (missing bits of the CID path).

     

    Got it connecting to the correct CID location .... I've created a SAV policy and applied that to the CID now, run update on the client and have got the Scheduled scan that I've specified centrally, but I've also defined a stack of exclusions in the same policy (for scheduled and on-demand) and neither have made their way through.  When I look inside the savconf.xml I'm not seeing them in there - am I right in thinking exportconfig.exe should contain them?

Children
Unfiltered HTML