Hello,
we are trying to change the Sophos Update Server to a new one without success.
We have the problem that the clients are Updating from an Old Enterprise Console which we can't access anymore. I did create a Sophos Deplyoment Package which points to our new Enterprise Console.
On a clean machine which had never Sophos installed before, the Deployment package is working without difficulty and finally Sophos is properly installed.
On most of our Clients Sophos is installed and points to the old Enterprise Console. If I run my Sophos deplyoment package, Sophos is still pointing to the old Update Path of the old Enterprise Console and is downloading the Updates from there. Curiously at some Point the Client appears in the new Enterprise Console and I can move it to our "Clients" Folder. After that the Client awaits the new policy with the Update Path of the new Enterprise Console.
After a while the Client applies the new policy and has the new Update Path. Sadly in the Sophos Auto Update Cache directory are still the files from the old Update Server. If the Client starts Updating and contacting the new Server, the following Error appears in the Console: Failed to install RMSNT: Package authentication [0x0000007] and on the Client
CheckCustomManifest: invalid package:invalid custom manifest: [VE_BADCERT]: 7
ALUpdate(Install.Failure): RMSNT
I think the problem is, that the Client has still the old manifest from the old Enterprise Console and can't update from the new Enterprise Console with the old manifest file.
If I delete the Cache everything is fine and the Client downloads all files from the new Enterprise Console but this is not a practicable solution for our environment.
What I tried so far:
1. Uninstalled all Sophos components in the right order following the KB-Article, rebooted the system, erased all still existing files/folders from Sophos, erased all regestry entries from Sophos and started my Deployment package. When the Sophos AutoUpdater is installed I checked the Update Path and sadly the old Update Path appears and the Update starts to download the remaining components from the old server including the old manifest file which leads to the error above. I don't have any clue where the AutoUpdater gets the old Update Path because I erased all possible places where it might be?!
2. I did run the Sophos endpoint Migration utility described in KB-Article 116737 without success. I think even if it would work, I would have the same Problem with the existing old Update Cache.
All in all it would be nice to know from where and why the AutoUpdater gets the old Server Path although I erased all possible location.
Best regards
Nordfol
This thread was automatically locked due to age.
