This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enterprise Console - Update failure

Hello,

I'm not sure if this is the correct area, please advise if not.

I've installed a trial version of Sophos Enterprise Console in a Win2012 environment and trying to deploy to 3 windows 8 machines for testing purposes.

At first I was getting the error: 80070002 The installation could not be started: The system cannot find the file specified. The computer may need additional configuration before installation.

I'd gone through the installation pre-requisites and watched a nice little video, checked shares and could access from workstation, eventually noticed opening firewalls via domain policy for inbound and outbound for reporting purposes.

I added these to domain policy and then I could push out to the workstation. If I go to the work station I can see Sophos installed now but it keeps saying update failed.

If I right-click and do manual update I get the progress window throwing files across saying contacting server...for about 1 minute then says cannot contact server.

1 question is where do I see the log file that may provide more information as to why this is. If I look in Enterprise Console > Events there is nothing in here.

If I browse to the workstation log file I see its a specific log file which needs to be open using Sophos but can't find which .exe file I need to open with for it or can I access these somehow via the console ?

Or if anyone might know why I can get this far and its able to install on workstations but no update.

The Status in console has just stayed with the orange down arrow next to computer for about 40 mins now with no change....as of writing this I finally got an error saying "computer is not yet managed"

So I understand this to be a firewall issue yet checking on deployment server and workstation in question I can see domain policy has deployed my inbound firewall rules for ports 8192 and 8194

Snippet from log file:
Trace(2015-Feb-20 16:44:45): Logging on network access user
Trace(2015-Feb-20 16:44:45): Attempting to make a connection to remote machine \\HA-SOPHOS\SophosUpdate\CIDs\S000\SAVSCFXP\
Trace(2015-Feb-20 16:44:47): CIDUpdate(Info): \\HA-SOPHOS\SophosUpdate, HASBS\administrator, 86
Trace(2015-Feb-20 16:44:57): GetCacDotPemFromLocalRMS could not open the Router registry key.
Trace(2015-Feb-20 16:44:57): GetCacDotPemFromSUM could not open the Management Tools registry key.
Trace(2015-Feb-20 16:44:57): Custom certificate could not be obtained.
Trace(2015-Feb-20 16:44:57): Remote connection over UNC.
Trace(2015-Feb-20 16:45:02): File master.upd not found (Remote). Return code 0x80040f04
Trace(2015-Feb-20 16:45:02): Unable to read file master.upd (Remote)
Trace(2015-Feb-20 16:45:02): Unable to synchronise file root.upd.
Trace(2015-Feb-20 16:45:02): Unable to synchronise file escdp.dat.
Trace(2015-Feb-20 16:45:02): Unable to synchronise file ProductID.dat.
Trace(2015-Feb-20 16:45:02): Unable to recover file root.upd.
Trace(2015-Feb-20 16:45:02): Unable to recover file escdp.dat.
Trace(2015-Feb-20 16:45:02): Unable to recover file ProductID.dat.
Trace(2015-Feb-20 16:45:06): Error -2147217660 in ReadCustomerIDFile
Trace(2015-Feb-20 16:45:06): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Calling SyncProduct with {E17FE03B-0501-4aaa-BC69-0129D965F311}
Trace(2015-Feb-20 16:45:06): CIDUpdateLocation::SyncProduct - Updating Product: SAVXP
Trace(2015-Feb-20 16:45:06): CIDUpdate(SyncProduct.Start): SAVXP, \\HA-SOPHOS\SophosUpdate\CIDs\S000\SAVSCFXP\
Trace(2015-Feb-20 16:45:06): CIDUpdateLocation::Sync - Updating from local CID: \\HA-SOPHOS\SophosUpdate\CIDs\S000\SAVSCFXP\savxp
Trace(2015-Feb-20 16:45:06): CIDSync(CidSyncMessage):
Trace(2015-Feb-20 16:45:11): CIDSyncCallback, SynchronisationTerminated - Code = -2147024809
Trace(2015-Feb-20 16:45:11): CIDSyncCallback, SynchronisationTerminated - MapFile = C:\ProgramData\Sophos\AutoUpdate\cache\savxp.map
Trace(2015-Feb-20 16:45:11): CIDSync(CidSyncMessage): \\HA-SOPHOS\SophosUpdate\CIDs\S000\SAVSCFXP\savxp,
Trace(2015-Feb-20 16:45:11): CIDUpdateLocation::SyncProduct: Failed to update product (SAVXP) from "\\HA-SOPHOS\SophosUpdate\CIDs\S000\SAVSCFXP\", Error is :CIDSYNC_E_SRCNOTFOUND (Source not found.)
Trace(2015-Feb-20 16:45:11): CIDUpdate(CIDDownloadFailed):
Trace(2015-Feb-20 16:45:12): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, SyncProduct returned - 0
Trace(2015-Feb-20 16:45:12): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Ended - 0
Trace(2015-Feb-20 16:45:12): UpdateLocationFacade::SyncProduct: Last Update Mechanism = Unknown
Trace(2015-Feb-20 16:45:12): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, Started:
Trace(2015-Feb-20 16:45:12): TrySyncProduct<class AutoUpdate::CIDUpdateLocation>, creating update location
Trace(2015-Feb-20 16:45:12): Calling package_source_init
Trace(2015-Feb-20 16:45:12): TrySyncProduct, Calling BeginSync

Cheers for any input.

Glenn

:55917


This thread was automatically locked due to age.
Parents
  • Hello Glenn,

    its still able to push out the clients even if this password was incorrect

    yes, it's able to push and the install will start but never complete. Please see How does the 'Protect computers wizard' perform an installation? Under 3.1. it says: Once complete it will then fetch the additional required packages by connecting to the Updating policy location. It's not obvious what this means so I'll try to rephrase the article with less technical detail but also  looking at the accounts involved.

    • The credentials you enter in the Protect prompt are used to
    • create the install task on the endpoint
    • run the task on the endpoint
    • access the install location from the endpoint
    • install AutoUpdate

    The installation (i.e. setup.exe) will create an updating policy pointing to the Primary CID (or Initial Install Location) and the credentials from the policy (not the ones from Protect) for Primary.  At this point only AutoUpdate is installed. As it will use the Policy's credentials download and thus installation of all other components will fail if these credentials are incorrect. It can't report this to the console though because the required RMS is not yet installed.

    Christian

    :55924
Reply
  • Hello Glenn,

    its still able to push out the clients even if this password was incorrect

    yes, it's able to push and the install will start but never complete. Please see How does the 'Protect computers wizard' perform an installation? Under 3.1. it says: Once complete it will then fetch the additional required packages by connecting to the Updating policy location. It's not obvious what this means so I'll try to rephrase the article with less technical detail but also  looking at the accounts involved.

    • The credentials you enter in the Protect prompt are used to
    • create the install task on the endpoint
    • run the task on the endpoint
    • access the install location from the endpoint
    • install AutoUpdate

    The installation (i.e. setup.exe) will create an updating policy pointing to the Primary CID (or Initial Install Location) and the credentials from the policy (not the ones from Protect) for Primary.  At this point only AutoUpdate is installed. As it will use the Policy's credentials download and thus installation of all other components will fail if these credentials are incorrect. It can't report this to the console though because the required RMS is not yet installed.

    Christian

    :55924
Children
No Data