This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to Launch Enterprise Console Management Host Service not Starting

I've recently taken over ICT support for a school using Sophos Endpoint Protection.

I'm unable to access the Enterprise Console. The problem appears to be that the management host service is not starting due to an authentication error with the configured user account. I've seen posts about similar problems following server updates/reboots.

https://community.sophos.com/products/endpoint-security-control/f/sophos-endpoint-software/2868/sophos-management-host-service-automatically-changes-password

I'm unable to get details of the accounts and passwords used to setup Sophos from the previous tech who did the installation and the school has no record of them.

What are my options for recovering the situation ? Can I reinstall the console with out knowing the existing credentials and preserve my current configuration and client data.

Error data from starting the console below:

Sophos.UIController.Extension.UIControllerException: Cannot retrieve session token after 8 retries. Please check that the Sophos Management Host service is running, otherwise see KBA 118513.
   at Sophos.UIController.IdentityServiceAbstracter.EndRetrieveSessionToken()
   at Sophos.UIController.UIControl.InitializeModulesDependencies()
   at Sophos.UIController.UIControl.<Initialize>b__b()
   at Sophos.UIController.Product.Logging.LogMethod(MemberInfo method, Action func)
   at Sophos.UIController.UIControl.Initialize()

----- [outer exception] -----
   -- error: 0x80004005 (Unspecified error)
   -- facility: Generic (System)
   -- source:   Sophos.UIController

   at class ATL::CComBSTR __thiscall UIControl::initialize(class ATL::CComPtr<struct IDispatch>)
   at class ATL::CComPtr<struct IDispatch> __thiscall bl::CReusingManagementServiceClientBroker::logIn(const struct util::UserName &,class Loki::SmartPtr<class bl::SubEstate,class Loki::RefCountedMTAdj<class Loki::ClassLevelLockable>::RefCountedMT,struct Loki::DisallowConversion,struct util::NoDereferenceNull,class Loki::DefaultSPStorage>,const wchar_t *,class bl::UIControllerBase &)
   at int __cdecl Run(int,class bl::CommandLine,enum bl::ConsoleType::Type)
   at int __stdcall wWinMain(struct HINSTANCE__ *,struct HINSTANCE__ *,wchar_t *,int)

 



This thread was automatically locked due to age.
Parents
  • Hello Rob Booth,

    is it indeed the Sophos Management Host service that is not started? What is the error if you try to start it manually?
    It runs as the "SophosManagement" user - in case there is a problem with the account credentials justset a new password and (re-)run the SEC installer, it'll prompt for the credentials and correctly set them where needed.

    Christian

  • Yes if I try and start the service manually I get an authentication error for the configured user (console).

    I will reset the password and rerun the installer as you suggest.

    Thanks for the advice.

  • I have changed the password for the SophosManagement account and rerun the installer as suggested.

    Following these changes I can start the console. However, most of the clients are showing as "Awaiting Policy Transfer". If I add new clients the software appears to install but they appear as unmanaged and do not change status to managed following endpoint installation.

    Would the change to the SophosManagement password have anything to do with this ?

     

  • Sophos Remote Management System (RMS) is responsible for 'managing' the clients.  Changing the username wouldn't affect that providing all the services are started on the management server which I'm sure they are following a re-run of setup.exe.

    I would check the router log of one of the failing clients.  Details on the logs here: https://community.sophos.com/kb/13019. Feel free to link one here.

    Regards,

    Jak

  • I checked the RMS logs for one of my clients and there was clearly a problem communicating with the management server. On checking the servers firewall I discovered port 8194 was open but not 8192. I modified the server firewall to add this port and everything appeared to start working.

    This must have been misconfigured since installation so I have no idea how Sophos was protecting the network in this condition.

    I will be back on site tomorrow so will be able to ensure everything is now working correctly.

    Thanks to those who have helped me sort this out.

Reply
  • I checked the RMS logs for one of my clients and there was clearly a problem communicating with the management server. On checking the servers firewall I discovered port 8194 was open but not 8192. I modified the server firewall to add this port and everything appeared to start working.

    This must have been misconfigured since installation so I have no idea how Sophos was protecting the network in this condition.

    I will be back on site tomorrow so will be able to ensure everything is now working correctly.

    Thanks to those who have helped me sort this out.

Children
No Data