This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Policy Compliance issue

Within SEC, "Policy Compliance" is blank on some computers. Why is this? I have set up all the PC the same and almost all of them have worked without issue and state "Same as policy". I also notice that all the options under "Comply with" menu are greyed out when I right click on the computer with the blank "Policy Compliance". How do I fix this?



This thread was automatically locked due to age.
Parents
  • Hello Simon Hodkinson.

    Policy compliance is blank

    1. for computers in the Unassigned group (as there are no policies assigned to it)
    2. for unmanaged computers (naturally) and managed computers which have not (yet) reported their state (most other columns are also blank)

    The fix should be rather obvious except when an endpoint has not sent a (full) status. First thing to check then are if the endpoint is actually online (i.e. hasn't been switched off before it could report) and that the install has completed.  

    Christian

Reply
  • Hello Simon Hodkinson.

    Policy compliance is blank

    1. for computers in the Unassigned group (as there are no policies assigned to it)
    2. for unmanaged computers (naturally) and managed computers which have not (yet) reported their state (most other columns are also blank)

    The fix should be rather obvious except when an endpoint has not sent a (full) status. First thing to check then are if the endpoint is actually online (i.e. hasn't been switched off before it could report) and that the install has completed.  

    Christian

Children
  • Hi Christian,

    I should have been more specific. The computer is the managed computers group. The computers are online and can be seen by Sophos as online. If I restart the computer, SEC see that they are offline too so SEC is receiving a status. Any ideas?

    Thank you,

    Simon

  • Hello Simon,

    I should have been more specific
    always a good idea [;)].

    The installer (setup.exe) installs just AutoUpdate and gives it the necessary information to install the rest. On a managed computer RMS is the component which is installed first by AutoUpdate. RMS then registers with the management server, from then on the endpoint appears as managed. RMS manages only the inter-machine communication, intra-machine it's the Sophos Agent.
    If Sophos is indeed installed and working on the endpoint please check if the Agent service is started and inspect the corresponding logs (under %ProgramData%\Sophos\Remote Management System\3\).

    Christian

  • Hi Christian,

    Thank you for your help. I installed the Sophos End Point in exactly the same way with the exactly the same installation package from the Sophos network share. When I get a chance I will take a look at the services and logs you kindly showed me. I will let you know either way.

    Kind Regards,

    Simon

  • Hi Christian,

    I have checked one of the computers not showing the Policy Compliance and the Sophos Agent service is started. I have looked at the Agent log files and see this:

    19.04.2016 13:45:55 09D0 I NTP adapter: No policy, returning NoRef
    19.04.2016 13:45:55 09D0 I NTP adapter: No policy, returning NoRef
    19.04.2016 13:46:11 0984 I SAUAdapter - SAU IPCListener::Wait received message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSStartUpdate" />
    19.04.2016 13:46:11 0984 I SAUAdapter - SAU StartingUpdate has been set
    19.04.2016 13:46:11 0984 I SAUAdapter - SAU IPCListener::Wait Waiting for more messages
    19.04.2016 13:46:17 0984 I SAUAdapter - SAU IPCListener::Wait received message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate" />
    19.04.2016 13:46:17 0984 I SAUAdapter - SAU FinishedUpdate has been set
    19.04.2016 13:46:17 0984 I SAUAdapter - SAU Update status information saved to C:\ProgramData\Sophos\AutoUpdate\data\status\AUAdapter.xml
    19.04.2016 13:46:17 0984 I SAUAdapter - SAU IPCListener::Wait Waiting for more messages
    19.04.2016 13:46:25 09D0 I NTP adapter: No policy, returning NoRef
    19.04.2016 13:46:25 09D0 I NTP adapter: No policy, returning NoRef

    Kind Regards,

    Simon

  • Hello Simon,

    thanks. Apparently updating works, network threat protection (NTP) has no policy (which is expected).
    The Agent log starts with a reference to itself (SOF) and Sophos Management Agent 4.0.2.21 starting..., right? If you then search for router is there a line Connected to router... or perhaps some error message? Please note the timestamp, the part of the corresponding Router log up to this time would be of interest (if you post it please be aware that it contains names and IPs so sensitive information should be edited).

    Christian