This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Installation of Endpoint Protection UTM on Windows 10 1607 (14393.321) not working

Hello together,

I want to install Sophos Endpoint Protection UTM on newly installed Windows 10 1607 (Build 14393.321) machine. I had an very old full installation package (10.3). It installed but it didn't get updates. I had this issue last year with Windows 1511 and solved it by copying the files from an working machine with a newer build (11.0.9). But this doesn't help now. The installed build on the new machine stays at 10.3. So I completely uninstalled Endpoint Protection.

After searching in this community there was a hint that with UTM 9.407-3 there's a new installation package. I downloaded the slim and the full package. But the installation of both packages fails shortly after start because of an internet connection error. The bootstrap log says:

Failed to send a WinHTTP request. The error code was 10106 (Der angeforderte Dienstanbieter konnte nicht geladen oder initialisiert werden.).

The system has a working internet connection so I don't know the reason for this error.

Does anyone know how to solve this issue? Thank you.



This thread was automatically locked due to age.
Parents
  • Hello all,

    can you give me some advice how to install Sophos Endpoint Protection UTM on a fresh installed Windows 10 1607 build?

    It's a shame that Sophos is only providing the old 10.3 installer which succeeds in installing but the Endpoint agent isn't updating.

    Thank you.

    Kind Regards

    TheExpert

  • Hello all, 

    I solved the issue again by

    1. starting a working Windows 10 1607 system in safe mode,
    2. copying the "Program Data" and "Program Files (x86)" folder of Sophos,
    3. starting the not working Windows 10 1607 system in safe mode,
    4. copying the "Program Data" and "Program Files (x86)" folder of Sophos and overwriting all files
    5. start manual update of Sophos Endpoint Protection after restarting the new system in normal mode.

    Hopefully, this workaround helps you when installing new Windows 10 1607 machines.

    Kind Regards

    TheExpert

  • TheExpert,

    Hi, I followed your lead and did the exact same thing as one Windows 10 PC was working whilst the second was not.  The iconn.cfg file in the second PC didn't have the HTTP destination, user id, password details within it after repeated downloads which worked "however" I was always getting the message "You need an Internet connection to update, configure, etc. etc.".

    Having saved/copied over the "Sophos" directories in ProgramData and x86 I now find that even though the second PC is able to start "Sophos Enpoint Security and Control" and "Update now" I don't see it in the UTM (9.502-4, Pattern 130420).

    Is this because the two PCs "appear" to the UTM as the same "ID" (in some way) due to the copy/replace?

    - Steve

    - Regards, Steve
    PrivatePICO-PC, Intel J1900 Quad Core, 2.42GHz, 4GB RAM, 240GB SSD, 4 x 1GB INTEL Ethernet, UTM 9.510-5 Home License

Reply
  • TheExpert,

    Hi, I followed your lead and did the exact same thing as one Windows 10 PC was working whilst the second was not.  The iconn.cfg file in the second PC didn't have the HTTP destination, user id, password details within it after repeated downloads which worked "however" I was always getting the message "You need an Internet connection to update, configure, etc. etc.".

    Having saved/copied over the "Sophos" directories in ProgramData and x86 I now find that even though the second PC is able to start "Sophos Enpoint Security and Control" and "Update now" I don't see it in the UTM (9.502-4, Pattern 130420).

    Is this because the two PCs "appear" to the UTM as the same "ID" (in some way) due to the copy/replace?

    - Steve

    - Regards, Steve
    PrivatePICO-PC, Intel J1900 Quad Core, 2.42GHz, 4GB RAM, 240GB SSD, 4 x 1GB INTEL Ethernet, UTM 9.510-5 Home License

Children
  • Hi Steve,

    I'm not sure if this is the problem but you can try the following steps. If there's an account of the computer in the UTM endpoint protection option, you may want to delete this account first before doing these steps. If not, the computer will re-register but with a new account suffixed by a random number.

    How to force the MCS client to re-register with the server so that a new ID is assigned
    =======================================================================================

    The following procedure describes how to perform this process manually:

    1. Stop the Sophos MCS Client service.
    2. Go to %appdata%\Sophos\Management Communications System\Endpoint\Persist\ and remove the Credentials file.

    Note: On XP the path is %ALLUSERSPROFILE%\Application Data\Sophos\Management Communications System\Endpoint\Persist\.

    3. Generate a “registration.txt” file containing the 13 character token and place it in the %appdata%\Sophos\Management Communications System\Endpoint\Config\ folder (or on XP: %ALLUSERSPROFILE%\Application Data\Sophos\Management Communications System\Endpoint\Config\).

    13 character token example:
    Taken from the filename SophosMcsEndpoint_4JIFSDOE276QZb68d.exe, the 13 characters are those following the _ (underscore) in the file name. In this case the 13 character token is 4JIFSDOE276QZ.

    Note: It must be in the Format

    [McsClient]
    Token=4JIFSDOE276QZ

    4. Restart the Sophos MCS Client service. Re-registration will now take place.

    From https://community.sophos.com/kb/en-us/117702.

    I hope this helps.

    Kind Regards

    TheExpert

  • Yes, Steve, but I think there's a post somewhere in this forum with instructions on changing the SID to resolve this issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Bob / TheExpert,

    Hi, I found an existing "registration.txt" file in the ../config directory which simply didn't have the 13-char key so modified it, stopped/started the service, and bingo I now have the third PC registered to my UTM so thanks to both of you for your help in getting me over that hurdle.

    - Regards, Steve
    PrivatePICO-PC, Intel J1900 Quad Core, 2.42GHz, 4GB RAM, 240GB SSD, 4 x 1GB INTEL Ethernet, UTM 9.510-5 Home License