Starting Sophos Management Service Service

The Sophos Management Service will not start with an unspecified error (0x80004005).

I have tried changing the login to system and also deleting the following reg key:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\EE\Management Tools\DatabaseUser]

I am guessing it could be one of many things, but i would appreciate any tips on what to try next please?

Thanks,

Jez Oldfield

:13367
  • Checking the error the application event log is the best thing to do, feel free to paste it here.

    Regards,

    Jak

    :13393
  • (sorry, i expected an email notification when someone replied to this!)

    Here are the logs:

    Event Type: Error
    Event Source: Service Control Manager
    Event Category: None
    Event ID: 7023
    Date:  25/05/2011
    Time:  09:33:33
    User:  N/A
    Computer: server2008.Golcar-JIN.kirklees.sch.uk
    Description:
    The Sophos Management Service service terminated with the following error:
    Unspecified error

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    #####################################################################################

    Event Type: Error
    Event Source: Sophos Management Service
    Event Category: (2)
    Event ID: 8025
    Date:  25/05/2011
    Time:  09:33:33
    User:  NT AUTHORITY\SYSTEM
    Computer: server2008.Golcar-JIN.kirklees.sch.uk
    Description:
    There is no database connection. Management Service will be shut down.

    ########################################################################################

    Event Type: Error
    Event Source: Sophos Management Service
    Event Category: (2)
    Event ID: 8004
    Date:  25/05/2011
    Time:  09:33:33
    User:  NT AUTHORITY\SYSTEM
    Computer: server2008.Golcar-JIN.kirklees.sch.uk
    Description:
    Initialization failed.

    Step: Creating a database connection
    Error: std::runtime_error
    Data: Cannot open database "SOPHOS45" requested by the login. The login failed.

    :13755
  • placebo - thanks for this , but got stuck on stepo 5 - even though i removed the user and passwrod from the registry, it gave a bad logon error :(

    :13757
  • Hi,

    So the managment service is pointing at a SOPHOS45 database, so I assume you are running SEC 4.5?

    Does the SOPHOS45 database exist in the SQL instance in use by Sophos?  Running the command:

    sqlcmd -E -S .\SOPHOS -Q "select * from sysdatabases"

    Will list the databases in a local SOPHOS named SQL instance. I have assumed you have a local SOPHOS named instance.

    Jak

    :13763
  • Good Day JezOldfield

    as a last resort, you are going to re-install the console, as it is not linking to the database,

    you are going to need to remove the it from the add\remove programs, delete the database, ensure Sophos reg keys are removed from the registry.

    found at following location: HKLocalmachine | Software | Sophos

    once all removed, restart machine, then re-install console full installation, so a new database will be created, then the service should start.

    Kind regards

    :14193
  • Hi,

    Please do not remove:
    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos \
    if you're going to reinstall SEC and you have existing clients managed as this will remove the very important key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager\CertAuthStore


    If this is removed and you perform a fresh installation all clients will need to be reinstalled in order for them to get the new certificates.  It is by design that on uninstall of SEC the above key is left so on a reinstall new certificates are not generated and clients don't mismatch.

    If you need to delete the key prior to reinstalling with existing clients managed by the system, you can backup the:
    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager\CertAuthStore \
    key to a reg file then delete:
    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos \
    but before you install again (has to be before), please reimport the  

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager\CertAuthStore \
    key and check it's in place before reinstalling.

    Note: it is very important to have a backup of the key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager\CertAuthStore \
    put it in a safe if you have to :) 


    Note: Also ensure the wow6432node is in place on a 64-bit machine.
     

    Regards,

    Jak

    :14195