Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 14630 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Enterprise Console (SEC) is not supported after update.

rarrell66

After a successful update from 5.2.1 to 5.5.0 the message is still popping up that this version is not supported.

 

 

Any help would be appreciated.

Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    Hello rarrell66,

    please run the Policy Evaluation Tool manually. If it still complains about an old version we'd have to dig deeper. As far SEC's operation is concerned this is an informational message only and does not interfere with SEC. The policies aren't evaluated though (and can't be set to recommended values by this tool).

    Christian

  • 0 in reply to QC

    I had run that before, all it shows is the policy's and the recommended changes to the security policy.

     

    Rob

  • 0 in reply to rarrell66

    Hello Rob,

    as the article says, PET terminates immediately if the version is not supported. If you get the Policies output PET doesn't see a problem.
    I'd have expected that the message is cleared automatically but that doesn't seem to be the case. Looking closer at the screenshot I see 4/13/2017 as initial date. Wonder if you have to acknowledge (Do not show again) it.

    Christian

  • 0 in reply to QC

    Christen,

           I created a test user and gave the appropriate permissions, logged in and selected the box "Do not show this again" and it worked for that profile. All other profiles it still pops up on. The system still thinks it has a lower version than what is actually installed. I am curious if this is causing any other issues that I do not see yet. In the event viewer there is event id 5000 and 7000 that keeps reoccurring as well. Below is the details.

    5000

     

    PID 2928 : TID 4
    Error fetching upgrade status.
    -- System Exception Details --
    Message: Cannot open database "xxxxxxxxxx" requested by the login. The login failed.
    Login failed for user 'xxxxxxx\xxxxxxxx'.
    Type: SqlException
    Source: .Net SqlClient Data Provider
    Target: Void OnError(System.Data.SqlClient.SqlException, Boolean, System.Action`1[System.Action])
    Stack Trace:
     System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
     System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
     System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
     System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
     System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
     System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
     System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
     System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
     System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions)
     System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
     System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
     System.Data.SqlClient.SqlConnection.Open()
     Sophos.SC.Core.UpgradeHelper.QueryDatabase(String connectionString)
     Sophos.SC.Core.UpgradeHelper.WaitForUpgradeCompleteStatus(Int32 loggingClassId)
    Help Link:
    -- Evidence At Publish --
     
    7000
     
    PID 2992 : TID 4
    Error fetching upgrade status.
    -- System Exception Details --
    Message: Cannot open database "xxxxxxxxx" requested by the login. The login failed.
    Login failed for user 'xxxxx\xxxxxx'.
    Type: SqlException
    Source: .Net SqlClient Data Provider
    Target: Void OnError(System.Data.SqlClient.SqlException, Boolean, System.Action`1[System.Action])
    Stack Trace:
     System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
     System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
     System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
     System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
     System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
     System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
     System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
     System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
     System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions)
     System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
     System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
     System.Data.SqlClient.SqlConnection.Open()
     Sophos.SC.Core.UpgradeHelper.QueryDatabase(String connectionString)
     Sophos.SC.Core.UpgradeHelper.WaitForUpgradeCompleteStatus(Int32 loggingClassId)
    Help Link:
    -- Evidence At Publish --
Reply
  • 0 in reply to QC

    Christen,

           I created a test user and gave the appropriate permissions, logged in and selected the box "Do not show this again" and it worked for that profile. All other profiles it still pops up on. The system still thinks it has a lower version than what is actually installed. I am curious if this is causing any other issues that I do not see yet. In the event viewer there is event id 5000 and 7000 that keeps reoccurring as well. Below is the details.

    5000

     

    PID 2928 : TID 4
    Error fetching upgrade status.
    -- System Exception Details --
    Message: Cannot open database "xxxxxxxxxx" requested by the login. The login failed.
    Login failed for user 'xxxxxxx\xxxxxxxx'.
    Type: SqlException
    Source: .Net SqlClient Data Provider
    Target: Void OnError(System.Data.SqlClient.SqlException, Boolean, System.Action`1[System.Action])
    Stack Trace:
     System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
     System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
     System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
     System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
     System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
     System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
     System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
     System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
     System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions)
     System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
     System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
     System.Data.SqlClient.SqlConnection.Open()
     Sophos.SC.Core.UpgradeHelper.QueryDatabase(String connectionString)
     Sophos.SC.Core.UpgradeHelper.WaitForUpgradeCompleteStatus(Int32 loggingClassId)
    Help Link:
    -- Evidence At Publish --
     
    7000
     
    PID 2992 : TID 4
    Error fetching upgrade status.
    -- System Exception Details --
    Message: Cannot open database "xxxxxxxxx" requested by the login. The login failed.
    Login failed for user 'xxxxx\xxxxxx'.
    Type: SqlException
    Source: .Net SqlClient Data Provider
    Target: Void OnError(System.Data.SqlClient.SqlException, Boolean, System.Action`1[System.Action])
    Stack Trace:
     System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
     System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
     System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
     System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
     System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
     System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
     System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
     System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
     System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions)
     System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnectionOptions userOptions)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal& connection)
     System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
     System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
     System.Data.SqlClient.SqlConnection.Open()
     Sophos.SC.Core.UpgradeHelper.QueryDatabase(String connectionString)
     Sophos.SC.Core.UpgradeHelper.WaitForUpgradeCompleteStatus(Int32 loggingClassId)
    Help Link:
    -- Evidence At Publish --
Children
  • 0 in reply to rarrell66

    Hello Ron,

    the 5000 and 7000 could be transient errors as described here (Cannot open SOPHOSPATCH52) and here (Patch service errors). Can you confirm this?

    Lo and behold!
    I use to ignore the PET part in the messenger - took a closer look now. Guess what it says for the Date:? 4/13/2017 ! Something's broken, likely with PET which apparently no longer does the (semi-)automatic evaluation runs. 

    [Edit]
    The above isn't true, at least a considerable part of it. Please see my next post
    [/Edit]

    Christian

  • 0 in reply to QC

    Hello Rob,

    not really a solution to the PET no running as it should problem but maybe this helps you to get rid of the annoyance. It gets weirder the deeper I dig.

    Messenger uses Sophos.PET.Messenger.xml. This file isn't updated when you run PET from the command line. The date in this file is an artifact or whatever, it's the same value only adjusted for the timezone. It's not clear when this file is actually updated. Also on one of my servers the Sophos Policy Evaluation Service is missing - or I can't see it. Weird.
    If the service exists it starts the PET every 30 days (see policy-evaluation-tool-service.txt in %ProgramData%\Sophos\Policy Evaluation Tool\Logs, search for Running Policy Evaluation Tool).

    Please check the following key: HKLM\SOFTWARE\Wow6432Node\Sophos\PET for a value named LastDetectedSecVersion - it shouldn't be there. If it isn't try to run the PET with the undocumented (and thus unsupported) /soapbox switch. As far as I could find out this will update the Sophos.PET.Messenger.xml. This should get rid of version message and display the policy message instead.
    [Edit]
    Another option (at least I guess, haven't tested it) is to delete the LastEvaluated value from the PET key. The service should run PET within the next hour.
    Yet another option is to (temporarily) set the value PolicyAutoCheckInterval to 1, instructing the service to run PET each day.
    [/Edit]

    Christian

  • 0 in reply to QC

    The "LastDetectedSecVersion"="5.2.1" key was in the registry. I backed it up and deleted it. Now when I login it shows the 10 policies that are "Non-recommended" settings as I suspect it should. The Date still shows 4/13/2017 though. At least I am making headway!

     

    Thank you for your help!

     

    Rob

  • 0 in reply to rarrell66

    Hello Rob,

    as said, the date is a constant.
    Looks like the background PET has been run meanwhile (or did you run it with the /soapbox switch) as my tests suggested that 1) PET assesses the SEC version on each run, 2) PET and messenger communicate via the .XML not the registry. Anyway it should be solved.

    Christian

  • 0 in reply to QC

    I ran it with the /soapbox switch to no avail. The end fix was to delete the registry key.

     

    Thank you again for your help!

     

    Rob

Unfiltered HTML