This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

commandline obfuscation utility for SophosSAU<Hostname> users password?

hello all,

is there an commandline obfuscation utility for obfuscating SophosSAU<Hostname> users password like there is for Sophos Update Manager user? The hashes made with the tool from C:\sec_300\tools\ are not working. The only way I found to obfuscate SophosSAU... password is the way from Artikel-ID: 111665, which is a bit bulky if you have to deploy a bunch of RODCs.

Regards Joerg

This thread was automatically locked due to age.

0 jak over 9 years ago

Hi,

As they are RODCs, the SophosSAU account will need to be created prior to install as per:
www.sophos.com/.../48910.aspx

I'm not sure how you're planning to install, but could you create a domain account first, use the method you mention in your post to obtain and pre-stage a obfuscated password in the registry, then install.

If you export this reg key to a reg file, you could import that on the other computers before installing. That way all computers will have the same domain account and the password in the registry will be obfuscated.

A batch file to run:

regedit /i sau.reg
\\cidpath\setup.exe -switches as per www.sophos.com/.../12570.aspx

Or use reg.exe or a scripted approach to make it more self contained.

Hope it help.
Regards,
Jak
Cancel
Vote Up 0 Vote Down

Cancel
0 JSCR over 9 years ago

Hello Jak,
thank you for your reply. What we do at the moment is exactly what you mentionedand what is advised in Article ID: 48910.
But we need to do this for round about 50 Servers in the first step of the project. Since this is in a high security area, and we need to be able to change the password without changing it on all DC's we need to use unique useres and passwords for each machine.
So what we are looking for is a way to deploy Sophos AV on RODC's by starting a script.
Regards Joerg
Cancel
Vote Up 0 Vote Down

Cancel