This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Update Manager child doesn't synchronise anymore

Hello,

I have an issue with a Sophos Update Manager child server that isn't synchronising anymore and not downloading the updates from the parent Update Manager.

I get the 2 errors message in the console :

  • 80040404 'Threat detection data update failed.' displayed against an update manager 
  • 80040406 Delivery failed for software subscription. Access to the source update location is denied or the location is otherwise unavailable

I tried the troubleshooting in the 80040406 KB, testing the credentials I'm getting a time out, I tried to stop the service and delete the content in C:\Programdata\Sophos\Working and C:\Programdata\Sophos\Update Manager\Warehouse and start the update manager service and tried to start a download manually in the console but no luck.

In the logviewer on the child server i get the errors saying :

  • Failed to read customer file content
  • Failed to download customer file content
  • Failed to download valid remote customer file content

I had  a similar proble a while a go and had to uninstall and reinstall wich fixed the problem but now it seems I can't i'm getting an error when I try to uninstall saying "The uninstall can't continue "servername" is not a valid domain name, To be valid, the domain part of the user name must be a domain, a physcial server or a workstation, verify name and retry"

I verified the configurations of the name in the config file comparing to other child server and everything seems ok, I'm a bit lost with this problem help would be very grateful, thank you.

Regards

Richard N.



This thread was automatically locked due to age.
  • Hello Richard,

    testing the credentials i'm getting a time out
    the child is updating from the parent via UNC or? If the configuration editor complains at this point it'll work later only under very special conditions. You should also check the SUMTrace log - maybe it helps to determine the reason for the timeout.

    You're trying to uninstall SUM on the child, aren't you? Right now I don't have an idea which user/domain it could be talking about. Is this an AD or a workgroup environment?

    Christian

  • Hello Christian,

    Thank you for the quick response, yes exactly the child is updating from the parent via UNC path in an AD environment, I will check the SUMTrace log to see if I can find anything else.
  • Hi Richard,

    Have you restart childSUM machine?
    I have got similiar issue last week. I have parentSUM adn 3 childSUMs. ParentSUM is getting updates normally, but childSUMs not. I've done to stop Sophos Update Manager service and delete content on C:\Program Data\Sophos\Update Manager\Working, C:\Program Data\Sophos\Update Manager\Update Manager\CIDs, C:\Program Data\Sophos\Update Manager\Update Manager\Warehouse, and then start Sophos Update Manager again, checking the credentials but childSUM still not update. I restarted childSUM machine and got downloading updates.

    Rosyid

    Regards,

    Rosyid

  • Hello Rosyid,

    I tried that and no luck, but still the Working, Warehouse and CIDs gets downloaded again, I posted my SUM logs and the last errors less generic says "Failed to download valid remote customer file content" and "failed to read customer files content" the others in french are about the syncrhonisation.

    Thank you for the response.
  • I posted my SUM logs and the last errors less generic says "Failed to download valid remote customer file content" and "failed to read customer files content" the others in french are about the syncrhonisation.

    Still the user used to download the updates refuse to communicate with the UNC path and getting a time out. I might think now it's not a Sophos problem but a problem with the server itself, I checked with Wireshark and the Child SUM is communicating with the Parent and same for the inverse situation.

    Maybe the log will tell you a hint, I'm a bit out of ideas to troubleshoot in sophos so I will go furter in the server itself/authentification.

    Thank you
  • Hello Remabec,

    I posted my SUM logs
    the LogViewer output is not of sufficient detail. The SUMTrace log should be more specific (guess it'll contain the same customer file content message so the point of the error should be easy to find). .  
    delete the content [...] no luck, but still the Working, Warehouse and CIDs gets downloaded again
    Now you've lost me - if the download fails early the Warehouse won't be complete, decoding will likely be skipped and there's nothing with which to populate the CIDs. Or perhaps I've misunderstood you.

    troubleshoot
    should have mentioned the basic check:  net use  the parent's share with the credentials from the configuration.
    Child SUM is communicating
    obviously over the RMS port(s) but these are independent and don't require these credentials. Important is the traffic injunction with the share access - but maybe the SUMTrace log already tells us what we need to know.

    Christian.