Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 3864 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Management Service not starting

Jeremy Reyes

I installed SEC 550 on a Windows Server 2016 VM on a isolated network. At first I was not able to install SEC 550 while connected to the domain with local nor domain accounts, but when I disjoined it from the domain, it installed just fine and Enterprise Console came up with no problems. I rejoined the server to the domain and when I logged in, Sophos Management Service did not start automatically. I tried to start it manually and received the 0x8004005 error with a 8004 ID code in Event logs.

The following is what I have tried and what I know:

I tried:

- changed Sophos Database account password and also changed it in the Setup.exe installation

- disabled firewall

- checked if databases exists

- checked if databases were online

- checked if SIDs matched

- checked if database account had the correct permissions and in the correct groups.

- checked if GPO's were blocking account.

- uninstalled and reinstalled multiple times with same issue

- changed Sophos Management Service Log on as from Local System Account to database account

What I know:

- Sophos Management Service ONLY starts when NOT joined to domain

- Installed on Windows Server 2016

- Using local accounts

What is weird:

- A few months back, I installed SEC on Windows Server 2016 with the same EXACT settings, in the same OU, same GPOs, and Sophos Management Service starts successfully, so I am confused on that part also.



This thread was automatically locked due to age.
Parents
  • 0

    I figured it out and I don't know why it works this way, but this is what I did to make it work:

    1. I had to install SEC without being connected to the domain, creating local users for the Database and Update Manager.

    2. When I rejoin the server to the domain, the Sophos Management Service stops working. I have to disable 'Network Access: Do not allow storage of passwords and credentials for network authentication' GPO.

    3. Then I rerun the setup.exe file from 'C:\sec_550\ServerInstaller' and modify my database account to a domain user account I created in Active Directory.

    4. Once that was complete, I was able to start the service and run the Enterprise Console.

    Now I have a new problem. I installed Sophos Client on another test Server 2016 server, I wasn't able to install it remotely from SEC, so I installed in manually from the SAVSCFXP directory. After installing it successfully, it gathered the latest definitions from SEC, but doesn't checkin to SEC saying that it is protected.

Reply
  • 0

    I figured it out and I don't know why it works this way, but this is what I did to make it work:

    1. I had to install SEC without being connected to the domain, creating local users for the Database and Update Manager.

    2. When I rejoin the server to the domain, the Sophos Management Service stops working. I have to disable 'Network Access: Do not allow storage of passwords and credentials for network authentication' GPO.

    3. Then I rerun the setup.exe file from 'C:\sec_550\ServerInstaller' and modify my database account to a domain user account I created in Active Directory.

    4. Once that was complete, I was able to start the service and run the Enterprise Console.

    Now I have a new problem. I installed Sophos Client on another test Server 2016 server, I wasn't able to install it remotely from SEC, so I installed in manually from the SAVSCFXP directory. After installing it successfully, it gathered the latest definitions from SEC, but doesn't checkin to SEC saying that it is protected.

Children
No Data
Unfiltered HTML