This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SVE Guest Agent Install fail

SVE Guest Agent Install fails when Microsoft.NET Framework 4.7.1 is installed

Works OK with 4.7

Any ideas.



This thread was automatically locked due to age.
Parents
  • Hi Emineminem,

    Could you please share the SVE Guest Agent installation logs. You can find the logs in user temp folder (Run -> %temp%).

    Also check if you have any event entries in eventviewer for SVE?  refer the below screenshot.

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • Hi, there is no Sophos Folder in the event viewer.

    This is the only information that I get from the txt file.

     

    094C:11B0][2018-01-30T10:54:23]e000: Error 0x80070643: Failed to install MSI package.
    [094C:11B0][2018-01-30T10:54:23]e000: Error 0x80070643: Failed to execute MSI package.
    [0A40:146C][2018-01-30T10:54:23]e000: Error 0x80070643: Failed to configure per-machine MSI package.
    [0A40:146C][2018-01-30T10:54:23]i319: Applied execute package: SGVMManagementService64.msi, result: 0x80070643, restart: None
    [0A40:146C][2018-01-30T10:54:23]e000: Error 0x80070643: Failed to execute MSI package.

     

     

  • Hi,

    What needed to be enabled? I'm getting this issue on two of our servers.

    thanks

  • Hi,

    This advice worked for me.

    Hello , There is a known issue whereby the SSL/TLS Ciphers that we need to install the Guest Agent are missing.  Please could you try the below procedure. To fix this:

    On the Affected Machine press Windows key + R to bring up the Run dialogue box. Enter regedit to open the Registry Editor

    • Go to the following registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002
    • Right click on the Functions value to Modify it
    • Amend the ciphers added to the end of the current comma separated list previously: Windows 10 & Windows Server 2016 · TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA Other supported Windows platform: ·         TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384 · Click OK and restart the machine

    Don't forget to add a comma before adding the text.

  • Emineminem,

    Thanks for posting this, I have a support ticket open with Sophos for the same issue but I'm getting zero response from them.

    I want to try your fix but I don't the Functions value you mention, on any of our servers.  Am I missing something? I'd be willing to manually add the Functions value to test (can always roll back from a snaphot).

  • I don't think the function exists until you try and run the agent install.

    Try running the agent install and see it fail. then check if the function exists.

  • Tried that - no joy.  I think I have other issues.

    Thanks anyway!

  • Any luck?  I'm having the exact same issue.

  • I also have the same issue, tried on a couple of VM's a w2k12r2 and a w2k16 get the same issue on both.  I've had to reinstall our security VM so have to reinstall all of the agents on my guest VM's and can't get them working!

  • same here the functions value isn't there even after you install and wait for the installation to fail

  • I figured it out over here.  Maybe this will help someone. I had to do the following:

    1. Log in to the appliance's console and enable SSH (this is really only for convenience)
    2. I enabled SSH to start at boot (Again, just for convenience)
    3. I reset the smb passwords for the sophos account and the sophospublic account.
    4. Restart the appliance or restart SMB.  At this point SMB was working and I could install the .MSI
    5. I went ahead and turned on guest access for the two shares.  I didn't want to sign in to them and I didn't figure they were protecting an important info.  The conf file to edit is at /etc/samba/smb.conf and I added the share definitions to the following:

      [public]
          comment = Public Share
          path = /public
          browsable = yes
          valid users = sophospublic sophos username nobody
          guest ok = yes
          guest only = yes
          guest account = nobody
          read only = yes
          directory mode = 0774
      
      [logs]
          comment = Log Share
          path = /logs
          browsable = yes
          valid users = sophos nobody
          guest ok = yes
          guest account = nobody
          guest only = yes
          read only = yes
          directory mode = 0774

    If anyone has any input on why this is a horrible idea I would be open to hearing what you have to say.

Reply Children
No Data