VDI Gold Image updating?

I'd like an answer to this as well. I submitted a ticket through the Sophos Central cloud interface, but have not heard anything, and didn't get a case number with which to call back. Sometimes I don't think the right hand knows what the left hand is doing at Sophos. So hard to get technical support, I swear they make it hard on purpose, and that hold music sounds like a cheezy 1970's game show... 

HI Jason , 

Could you share us the case ID along with the link to this thread as a reference via private message . 

Jason,

The link below looks to be what you need. With that being said, let me know if you find a good way to script this process? The only part that I am struggling with is the token part (steps 6 & 7)

https://community.sophos.com/kb/en-us/120560

Thanks,

Jeremy

Update to my last post:

I created a script to just remove the mentioned files without the parts about the cert changes, it seems to be working and new desktops are registering in Sophos Central. The problem that I am having now is that I am getting duplicate names in Sophos Central, so I created a new post of this problem.

https://community.sophos.com/products/sophos-cloud/f/sophos-central/89965/duplicate-machine-names-for-non-persistent-vdi-desktops-in-sophos-central

I created a registration.txt file and formatted it according to the instructions. I put that in a directory along with a batch file that stops the services and copies that registration.txt file where it needs to go. Below is my script. I run this everytime I need to take a new master image to deploy.

@echo off
echo  Stopping services . . .
net stop "Sophos MCS Client" /yes
echo  Stopping services, done.
echo deleting files...
del "C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\credentials" /F
del "C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt" /F
del "C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\*.xml" /F
del "C:\ProgramData\Sophos\AutoUpdate\data\machine_ID.txt" /F
echo deleting files complete
echo copy files
copy "C:\AV Generlization script\registration.txt" "C:\ProgramData\Sophos\Management Communications System\Endpoint\Config"

cls
Echo Anti-Virus generalization completed...
pause

Great, thanks a lot for that info Jason.

Are you experiencing issues with duplicate computer names in your Sophos Central? When a new machine is created that has the same name as a machine before, the old machine stays in Sophos Central and a new machine is created with the same name for me. With this being the case, both the old and new machines are using a license. 

How do you get around the tamper protection? I cannot stop the MCS Client service without first disabling that. Or do you just leave it disabled on that machine?

In Sophos cloud, I disable tamper protection on my "master image" PC and always leave it that way. I only have that PC powered on when I need to make updates or software changes. So 99% of the time that computer is off anyways.

I'm not sure if something's changed, but when using the script, or going through the process manually, my golden image loses its tamper protection setting. What I'm finding is that after deploying a group of machines from the golden image it will turn tamper protection back on on the golden image, but one of the deployed machines will have it disabled. Also, the golden image appears to be a new machine in sophos central, which is evidenced by looking at the events and seeing that it only saw it for the first time a few minutes after the most recent deployment. If I look at the machine that was deployed and got its tamper protection turned off all of the events that were associated with the golden image now show up under this machine in sophos central. This deployed machine has a unique name, and I'm following the steps that are supposed to generate a new ID, so not sure why sophos central is getting them mixed up. Does anyone have any idea what is happening here. I opened a ticket with support and they were zero help. This happens in our vdi environment every single time I deploy new desktops based on the golden image.

I know a few weeks ago Sophos updated the EXE on the Sophos central page. You might want to try grabbing that latest one and updating your gold image with it. Are you keeping your golden image powered on? I usually have mine on only when there are updates to do and when software needs installed or removed. Each machine should have its own entry in Sophos Central; if that's not happening you might have to remove the software from the deployed machines, delete their records out of Sophos central, and re-deploy the clones. If you go that route, make sure you uninstall the software first, then remove the entry from Sophos central. You need to disable tamper protection to uninstall, and if you delete the entry from sophos central, you can't uninstall the software. Ask me how I know...