Learn about the Benefits of Multi-Factor Authentication (MFA) . Turn your MFA on now!
Information: Three minute survey on Exploring more ways to contact Sophos Technical Supportt. If you can spare the time, we would love your feedback!
We'd love to hear about it! Click here to go to the product suggestion community
I installed SEC 550 on a Windows Server 2016 VM on a isolated network. At first I was not able to install SEC 550 while connected to the domain with local nor domain accounts, but when I disjoined it from the domain, it installed just fine and Enterprise Console came up with no problems. I rejoined the server to the domain and when I logged in, Sophos Management Service did not start automatically. I tried to start it manually and received the 0x8004005 error with a 8004 ID code in Event logs.
The following is what I have tried and what I know:
- changed Sophos Database account password and also changed it in the Setup.exe installation
- disabled firewall
- checked if databases exists
- checked if databases were online
- checked if SIDs matched
- checked if database account had the correct permissions and in the correct groups.
- checked if GPO's were blocking account.
- uninstalled and reinstalled multiple times with same issue
- changed Sophos Management Service Log on as from Local System Account to database account
What I know:
- Sophos Management Service ONLY starts when NOT joined to domain
- Installed on Windows Server 2016
- Using local accounts
What is weird:
- A few months back, I installed SEC on Windows Server 2016 with the same EXACT settings, in the same OU, same GPOs, and Sophos Management Service starts successfully, so I am confused on that part also.
What's the full details in the application event log when it fails to start?
I figured it out and I don't know why it works this way, but this is what I did to make it work:
1. I had to install SEC without being connected to the domain, creating local users for the Database and Update Manager.
2. When I rejoin the server to the domain, the Sophos Management Service stops working. I have to disable 'Network Access: Do not allow storage of passwords and credentials for network authentication' GPO.
3. Then I rerun the setup.exe file from 'C:\sec_550\ServerInstaller' and modify my database account to a domain user account I created in Active Directory.
4. Once that was complete, I was able to start the service and run the Enterprise Console.
Now I have a new problem. I installed Sophos Client on another test Server 2016 server, I wasn't able to install it remotely from SEC, so I installed in manually from the SAVSCFXP directory. After installing it successfully, it gathered the latest definitions from SEC, but doesn't checkin to SEC saying that it is protected.