Thread Info
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Update Manager not updating

Rob25

Hi, when I try to update any of my servers the Sophos client does not update. I checked the update log and noticed that they all complete the Download portion of the update (all are configured to download from a local Update Manager, not directly from Sophos) but then say Installation Skipped.

I then logged in to Enterprose Console on the Update Manager and checked the logs in \Program Files\Sophos\AutoUpdate\Logs and noticed that I couldn't see any point where the Update Manager tries to download from the configured source http://es-web.sophos.com/update/. It only seems to update from itself. Does anybody know why this would happen? I can't see anywhere else that I would need to set the download site.

:36313


This thread was automatically locked due to age.
  • 0

    Hello Rob25,

    if you click Update managers in the console you should get a list of the SUMs (do you have more than one?) with potential Alerts and Errors as well as the Last updated date and the Download status (which should say Last checked at:). The dates should be recent and, naturally, alerts and errors blank. Right clicking the affected SUM will give you more details.

    checked the logs in \Program Files\Sophos\AutoUpdate\Logs

    These are for the client (endpoint) updates (i.e. SESC, formerly SAV, and not SUM). The update manager component downloads from the specified source (generally Sophos - this is BTW what you should use, not an explicit URL), checks for consistency, decodes the data and deploys it to the CID(s) (and the Update Manager component for a self-update). The endpoint AutoUpdate usually downloads from the CID - as said, this applies to the SUM as well.

    Installation Skipped

    ... normally tells you that there haven't been any changes in the CID since the last update. For frequent (client-)update checks this is the normal behaviour.most of the time - you can expect a few "real" updates per day though.

    Now - what made you think that your servers (are there other endpoints as well?) don't update as they should? Apart from the checks on the SUM mentioned above opening the Sophos GUI, the View product information (bottom left), expanding Software und Anti-Virus and HIPS check the Last updated there. This will tell you the time of the most recent actual update (as opposed to the update check).

    Christian

    :36319
    • 0

      Hi Christian,

      Thanks for taking the time to reply.

      I have only the one SUM. When running Update Now, under Errors I see 'Software Delivery Failed'. I was using 'Sophos' as the download source but it was throwing back the same error so I tried using an explicit URL - but still got the error.

      I have checked the logs at \Program Files\Sophos\AutoUpate\Logs and that is where I am seeing what looks like the Update Manager trying to update from itself. Below is a snippet of the latest log file:

      CIDSyncCallback, SynchronisationTerminated - MapFile = C:\Program Files\Sophos\AutoUpdate\cache\savxp.map
      Trace(2012-Dec-20 16:55:12): CIDUpdateLocation::SyncProduct: Failed to update product (SAVXP) from "\\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\", Error is :CIDSYNC_E_CIDSWAPERROR (Could not swap temporary and local CID directories.)
      Trace(2012-Dec-20 16:55:12): CIDUpdate(CIDDownloadFailed): SAVXP, \\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\
      Trace(2012-Dec-20 16:55:13): UpdateLocationFacade::SyncProduct: Last Update Mechanism = CID
      Trace(2012-Dec-20 16:55:13): CIDUpdateLocation::SyncProduct - Updating Product: Sophos AutoUpdate
      Trace(2012-Dec-20 16:55:13): CIDUpdate(SyncProduct.Start): Sophos AutoUpdate, \\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\
      Trace(2012-Dec-20 16:55:13): Checksum found in master.upd matches cached cidsync.upd : bf9b3c06. Skipping download
      Trace(2012-Dec-20 16:55:13): CIDUpdate(PrimarySuccess):
      Trace(2012-Dec-20 16:55:13): ALUpdate(DownloadEnded):
      Trace(2012-Dec-20 16:55:13): UpdateCoordinator::UpdateNow: About to Action list of products
      Trace(2012-Dec-20 16:55:13): ALUpdate(Action.Skipped): RMSNT
      Trace(2012-Dec-20 16:55:13): ALUpdate(Action.Skipped): Sophos AutoUpdate
      Trace(2012-Dec-20 16:55:15): RMSMessageHandler: ALUpdateEnd
      Trace(2012-Dec-20 16:55:15): Sending message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID>CIDDownloadFailed</ID><StringID>107</StringID><Sender>CIDUpdate</Sender><Insert>SAVXP</Insert><Insert>\\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\</Insert></ErrorMessage><ReadableMessage>ERROR:   Download of SAVXP failed from server \\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\</ReadableMessage></Config>
      Trace(2012-Dec-20 16:55:15): IPCSender::Write: Writing message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID>CIDDownloadFailed</ID><StringID>107</StringID><Sender>CIDUpdate</Sender><Insert>SAVXP</Insert><Insert>\\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\</Insert></ErrorMessage><ReadableMessage>ERROR:   Download of SAVXP failed from server \\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\</ReadableMessage></Config>
      Trace(2012-Dec-20 16:55:15): IPCSender::ProcessSend: Send message: <?xml version="1.0" encoding="utf-8" ?><Config type="RMSEndUpdate"><ErrorMessage><ID>CIDDownloadFailed</ID><StringID>107</StringID><Sender>CIDUpdate</Sender><Insert>SAVXP</Insert><Insert>\\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\</Insert></ErrorMessage><ReadableMessage>ERROR:   Download of SAVXP failed from server \\ServerName\SophosUpdate\CIDs\S040\SAVSCFXP\</ReadableMessage></Config>
      Trace(2012-Dec-20 16:55:15): IPCSender::ProcessSend: No messages in queue, starting to wait
      Trace(2012-Dec-20 16:55:16): IPCSender::ProcessSend exiting

      - I have replaced the name of the SUM with ServerName. If I am reading the log correctly then it looks like the update is trying to get updates from the local SUM instead of Sophos.

      I read a knowledgebase article that outlined what permissions should be granted to the AutoUpdate share. I have already checked to make sure the permissions were correct. I'm at the end of my tether. Everything I've tried has not worked.

      Robert

      :36425
      • 0

        Hello Rob,

        actually we are dealing with two different issues here:

        Software Delivery Failed

        This is an error in the SUM component. If you View Update Manager Details it will show an error code together with a more or less helpful message. Please look up the error code (800404xx) in the knowledgebase. The output from LogViewer might give some helpful information and lastly the SUM's SUMTraceLogs (mentioned in the same article) have more details. If you are unsure how to proceed please post what you've found (at least the code).

        CIDSYNC_E_CIDSWAPERROR [...]  looks like the update is trying to get updates from the local SUM instead of Sophos

        is related to AutoUpdate, i.e. updating the endpoint component - as said this is correct, AutoUpdate is not part of SUM. The update location is the one specified in the endpoint updating policy,  not the one from the SUM's configuration. Please see the link for a possible solution. Usually it indicates the some file in sophos_autoupdate1.dir is locked (note that the lock could be held by something other than the Indexing Service - apart from Process Monitor you can use Process Explorer and its Find ... function - search for autoupdate1 - to determine the locking process).  

        HTH

        Christian

        :36427
        Unfiltered HTML