This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Client machine not showing status on SEC

Hey,

Server: MS Server 2003 32-bit

SEC: v5.0.0.8

Client: v10.0.3

Client OS: Windows 7 Pro 64-bit

I have a client machine that for some reason is not showing a status for the following categories:

Up to date

On-access

Application Control on-access

Data control scanning

Device control scanning

Tamper protection

It is showing status for the following categories:

Firewall

Patch assessment

I can't seem to pinpoint what is causing the issue.

I have had problems with the same client in the past but have somehow been successful in getting the status to show up again. This time around I am unable to get the status to come. I have tried reinstalling the client software with no luck.

I have followed the advice given in this post: No Status for On-access

I know there is communication between the client and the SEC because when I stop the "Sophos Message Router" service on the client machine the status of the client's machine shows offline on the SEC.

Is there anything further that I can do to try and figure out why the status keeps dropping out on this client machine?

Cheers

:24407


This thread was automatically locked due to age.
Parents
  • Thanks for the kudos. Just a few additional general remarks.

    Occasionally you encounter "minor" issues like this one, an adapter missing, but also "sudden" update failures like The MSI has failed (often caused by for whatever reason corrupted registry permissions) . On a gut level they get less frequent but still exist. Extended troubleshooting is IMO only worth the effort if either you can find a quick solution for a significant number of clients and/or future occurrences (like importing a registry key, re-registering some component) - ideally without visiting the machine - or you (or rather Sophos) can track down the cause and update the product to avoid these issues in the future. The latter is not simple as the remaining bugs seem obscure.

    Thus it is often more efficient to stop hunting for the bug at a certain point and

    1- Try to re-protect the client (if you have not already done so)

    2 - If this fails try to determine the cause, if you can correct it and re-protect  

    3 - If you can't determine the cause or re-protect succeeds but does not resolve the issue further attempts are unlikely to help. Therefore uninstall all components (it'd be nice if this could be done from SEC although the client would not be able report back success or failure)

    4 - If the uninstall fails remove the Installer information (using msicuu2 or its successor) and re-protect/install. In most cases this will work (for me it has worked in all cases including a corrupted Beta-SEC install). Of course assess the errors you encounter - in one case the problem was an incomplete (due to forced power off) update and a subsequent attempt by the admin to get it working again by reinstalling - unfortunately with a different version. Apart from cleaning the installer info it was also necessary to reinstall with the "correct" version.

    Although I'm not shy to pester Support there are some situations where I prefer this pragmatic approach (which as said has proven to work).  BTW - I never had to reinstall the OS.

    Christian

    :24555
Reply
  • Thanks for the kudos. Just a few additional general remarks.

    Occasionally you encounter "minor" issues like this one, an adapter missing, but also "sudden" update failures like The MSI has failed (often caused by for whatever reason corrupted registry permissions) . On a gut level they get less frequent but still exist. Extended troubleshooting is IMO only worth the effort if either you can find a quick solution for a significant number of clients and/or future occurrences (like importing a registry key, re-registering some component) - ideally without visiting the machine - or you (or rather Sophos) can track down the cause and update the product to avoid these issues in the future. The latter is not simple as the remaining bugs seem obscure.

    Thus it is often more efficient to stop hunting for the bug at a certain point and

    1- Try to re-protect the client (if you have not already done so)

    2 - If this fails try to determine the cause, if you can correct it and re-protect  

    3 - If you can't determine the cause or re-protect succeeds but does not resolve the issue further attempts are unlikely to help. Therefore uninstall all components (it'd be nice if this could be done from SEC although the client would not be able report back success or failure)

    4 - If the uninstall fails remove the Installer information (using msicuu2 or its successor) and re-protect/install. In most cases this will work (for me it has worked in all cases including a corrupted Beta-SEC install). Of course assess the errors you encounter - in one case the problem was an incomplete (due to forced power off) update and a subsequent attempt by the admin to get it working again by reinstalling - unfortunately with a different version. Apart from cleaning the installer info it was also necessary to reinstall with the "correct" version.

    Although I'm not shy to pester Support there are some situations where I prefer this pragmatic approach (which as said has proven to work).  BTW - I never had to reinstall the OS.

    Christian

    :24555
Children
No Data