We use Controlled Updates at our site and have recently released the latest Endpoint update after seeing no issues under test. This update seems to include Sophos Core Agent 2.2.2.
A minority of our devices seem to experience issues upgrading Network Threat Protection component from 1.6.196 to 1.8.59.59. I see errors including "Error 1921. Service 'Sophos Network Threat Protection' (SntpService) could not be stopped. Verify that you have sufficient privileges to stop system services." It looks like all components upgrade with the exceptions of SNTP.
These devices once rebooted loose all networking i.e. they fail to get an IP address via DHCP.
I've had some success attempting to manually uninstall the old stuck SNTP component via command line. This uninstall does consistently freeze the effected devices before uninstall of SNTP 1.6.196 completes necessitating a hard reboot. Once the device reboots a manual Sophos Update results in SNTP 1.8.59.59 being installed. A further reboot then generally returns everything to an all green status.
Some "fixed" devices have since been returned after users again report no network connectivity! For these devices I have uninstalled and reinstalled Sophos Endpoint Agent and reset the network adapter winsock settings to default. Waiting to see if these devices get brought back by the users for a third time.
Has anybody experienced anything similar with SNTP and can offer any advice? Does anybody know what areas of Windows an SNTP upgrade would touch so that I can investigate this failure further?
I have a ticket logged with Sophos (8548465) but have received no useful feedback yet.
Regards
Andy.
This thread was automatically locked due to age.
