+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 25
Windows Thread, Upgrading Sophos in Technical; Hello all, Birmingham schools (and many others) will shortly need to upgrade to Sophos Enterprise Console 4.5, but here's how ...
  1. #1

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340

    Thumbs up Upgrading Sophos

    Hello all,

    Birmingham schools (and many others) will shortly need to upgrade to Sophos Enterprise Console 4.5, but here's how to do the complicated bits:

    Firstly if you're running an older version of MSDE 2000, you need to upgrade to MSDE 2000 SP4: SQL2000.MSDE-KB884525-SP4-x86-ENU.EXE (78.5MB)

    Extract to the default directory, then from the command prompt run:

    Code:
    CD C:\SQL2KSP4\MSDE\
    then

    Code:
    setup /upgradesp sqlrun INSTANCENAME=SOPHOS /L*v c:\msdelog.txt
    You should restart your server after the upgrade.

    Proceed to download and install SQL 2008 SP2 Express - SQLEXPR_x86_ENU.exe (100.5MB)

    When prompted, choose the correct instance EG: SOPHOS and MSDE 2000 will be upgraded to SQL 2008.

    At this point you should be ready to upgrade to Sophos Enterprise Console 4

  2. 2 Thanks to Michael:

    bollo318 (1st February 2011), speckytecky (4th February 2011)

  3. #2

    Join Date
    Apr 2007
    Location
    Birmingham
    Posts
    142
    Thank Post
    6
    Thanked 45 Times in 39 Posts
    Rep Power
    22
    Do you know what "NOTE: PLEASE DO NOT USE THESE NOTES TO INSTALL SOPHOS ENTERPRISE CONSOLE ON A
    WINDOWS 2008 SERVER - PLEASE CONTACT THE LINK2ICT SERVICE DESK FOR FURTHER ADVICE" found in the guidance notes is in reference too? I'm still waiting for Link2ICT to get back to me with an answer.

  4. #3

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    I haven't installed Sophos EC 4.5 on 2008 Server, but I'm speculating it's maybe slight differences with the setup process and/or the additional security in 2008 Server creating an issue.

    Generally speaking however I have no reason to believe installing Sophos EC on 2003 and 2008 to be that different.

  5. #4
    Dom_'s Avatar
    Join Date
    Dec 2008
    Posts
    1,009
    Thank Post
    151
    Thanked 138 Times in 115 Posts
    Rep Power
    56
    Not had any issues just wiping the old install and installing 4.5... Didn't they send an email -out a few weeks ago stating that you don't need to upgrade any more, as the 9.5 update will be pushed via 3.1 soon?

  6. #5

    Join Date
    Apr 2007
    Location
    Birmingham
    Posts
    142
    Thank Post
    6
    Thanked 45 Times in 39 Posts
    Rep Power
    22
    Quote Originally Posted by Dom_ View Post
    Not had any issues just wiping the old install and installing 4.5... Didn't they send an email -out a few weeks ago stating that you don't need to upgrade any more, as the 9.5 update will be pushed via 3.1 soon?
    I'm just going by this: http://kb.link2ict.org/display/4/kb/....aspx?aid=1867

  7. #6
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,475
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    52
    HI

    The only problem I had with upgrading the console was the upgrading of the sql to 2008. After numerous attempts of the upgrade of sql 2005 to 2008 I got fed up and checked to see if the server had other databases in it and uninstalled sql 2005 and then installed the console and it was a doddle if a little time consuming. The upgrade of the clients however took a little more time and 268 out of 375 refused to upgrade on the first attempt and we had to wipe the old sophos manually and reinstall from about 50.

    Richard

  8. #7

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    I don't think that's right, as EC 3.1 is still deploying 7.x to workstations.

    Once you've changed to EC 4.5 (which looks pretty much the same), it'll deploy 9.5 to workstations.

    You have until the end of March 2011 to upgrade, however I agree with comments above. It's not a quick process at all.

  9. #8

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    I thought I'd post back with some updates. I've upgraded several servers so far (on different domains), but none of them have gone smoothly!

    After performing the steps in post number 1 I performed these steps to get things working:

    1. Uninstall Sophos Enterprise Console 3.1 (anything Sophos in Add/Remove Programs).

    2. Open up Regedit, take an export of Sophos under

    Code:
    HKEY_LOCAL_MACHINE > Software > Sophos
    HKEY_CURRENT_USER > Software > Sophos
    then delete these entries completely.

    3. Open up Active Directory and delete any Security Groups and Users associated with Sophos.

    4. Reboot the server.

    5. Install Sophos Enterprise Console 4.5.

    6. All will appear well, apart from the Sophos Management Service will not start and as a result the console will not appear.

    7. Open up a command prompt and enter:
    Code:
    "%programfiles%\sophos\Enterprise Console\UpgradeDB.exe" -sourceVersion=3
    8. Open up regedit and create the following key:
    Code:
    HKEY_LOCAL_MACHINE\Software\Sophos\Enterprise Manager
    9. Start the Sophos Management Service and it should work successfully.

    10. Open up Enterprise Console 4.5 and make the necessary tweaks to your policies. Force the policies on your workstations and all being well, most should upgrade successfully.

    11. Create a startup script and call it SAVInstall.bat. Modify the changes for your network below:

    Code:
    @ECHO OFF
    REM --- Check for an existing installation of Sophos AutoUpdate
    if exist "C:\Program Files\Sophos\AutoUpdate\ALsvc.exe" goto _End
    if exist "C:\Program Files (x86)\Sophos\AutoUpdate\ALSVC.exe" goto _End
    REM --- Deploy to Windows 2000/XP/2003
    \\SERVERNAME\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe -updp "\\SERVERNAME\SophosUpdate\CIDs\S000\SAVSCFXP" -user "DOMAIN\ADMINISTRATOR" -pwd "PASSWORD" -mng yes
    REM --- End of the script
    :_End
    12. Open up Active Directory and open the Default Domain Policy

    Navigate to: Computer Config > Windows Settings > Scripts (Startup/Shutdown) > Startup > Show Files

    Paste SAVInstall.bat in here, then close the window. Click Add > Browse > and select SAVInstall.bat

    That's it, other than monitoring your workstations accordingly

  10. Thanks to Michael from:

    TechSupp (1st February 2011)

  11. #9

    Little-Miss's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    5,534
    Thank Post
    2,376
    Thanked 750 Times in 459 Posts
    Blog Entries
    2
    Rep Power
    543
    WTF!? I've been ignoring this so far this week as ive been faffing about other things....but thats really put me off now!!!

  12. #10
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    212
    Thanked 222 Times in 191 Posts
    Rep Power
    72
    My procedure was almost exactly the same as Michael's above. The Management Service would not fire up after the upgrade and I had to do all that updatedb stuff. However mine was slightly different in that I was going from EC 3.1 to 4.5 which meant I had no direct upgrade path. I had to upgrade to 4.0 and then 4.5 It took ages to get this sorted and I'm also still having problems with some clients not upgrading to 9.5. Out of near 700 machines only 200 upgraded without issue, another 420 upgraded after I made a complicated startup script to force the install and the remaining 70 or so keep failing on downloading updates!!

    That said I am running this on Server 2008 with SQL 2008 which is probably where the extra hassle has come in.

    Sophos really sucks when they release new versions! Aaaarrrrrgggghhhh!!!!!

  13. #11

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    Does anyone have an up-to-date removal script for Sophos v7.x or later? I have an older removal script which isn't working fully. Many thanks.

  14. #12
    themightymrp's Avatar
    Join Date
    Dec 2009
    Location
    Leeds, West Yorkshire
    Posts
    1,201
    Thank Post
    212
    Thanked 222 Times in 191 Posts
    Rep Power
    72
    This is one I currently use:

    @echo off
    echo "Starting Removal of Sophos"

    msiexec.exe /x "c:\program files\sophos\autoupdate\cache\savxp\sophos anti-virus.msi" /q /norestart
    msiexec.exe /x "c:\program files\sophos\autoupdate\cache\rms\sophos remote management system.msi" /q /norestart
    msiexec.exe /x "c:\program files\sophos\autoupdate\cache\sau\sophos autoupdate.msi" /q /norestart

    echo "MSI's removed"

    reg delete HKLM\Software\Sophos /f
    reg delete HKCU\Software\Sophos /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Agent" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SavService" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SAVAdminSer vice" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos AutoUpdate Agent" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos AutoUpdate Service" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Certification Manager" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos EMLib Update Agent" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SEMschedule r" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Management Service" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Message Router" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SQLAgent$SO PHOS" /f
    reg delete "HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SOPHO S" /f
    reg delete "HKLM\System\CurrentControlSet\Services\Eventlog\So phos" /f

    echo "Registry cleaned up"

    rmdir "c:\program files\sophos" /s /q

    echo "Sophos folder removed"

    "c:\windows\system32\gpupdate" /force /boot

    echo "Group Policy updated"
    echo "Rebooting"

  15. Thanks to themightymrp from:

    Michael (4th February 2011)

  16. #13

    Little-Miss's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    5,534
    Thank Post
    2,376
    Thanked 750 Times in 459 Posts
    Blog Entries
    2
    Rep Power
    543
    I just cant bring myself to start this, but Link2ICT are charging £200 for the pleasure!

  17. #14

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    Thanks themightymrp, I'll give that a whirl.

    @Little Miss - if you get stuck upgrading Sophos you know where to find me

  18. #15

    Join Date
    Jun 2009
    Posts
    33
    Thank Post
    6
    Thanked 2 Times in 2 Posts
    Rep Power
    11
    Hi. I've attempted an upgrade in my test environment from EMC 3 to 4.5, which failed, and also tried a copy of our live server as suggested by a sophos support person, which also failed. When I told him this, he gave me the impression that this often happens, and advised me to start from scratch, which is what we are going to do.

    Now, if you start from scratch, you need to fully uninstall and reinstall the product on all workstations, due to the certificates.

    I thought I'd do this as a start up script - thinking that it'd be a dead simple job just to uninstall and reinstall the product. No go. Just to start with, the Sophos update service is active on start-up, and in my experience refuses to be stopped, uninstalled, or well, anything really until the update is finished. I think that it might really hack off our users if their PCs were unusable because the pc was sitting there running a script which was waiting for the update service to stop.

    I then considered doing this as a shutdown task, but if a laptop has sophos uninstalled on shut down and then reinstalled in a startup script, if the PC is a laptop which is taken home between these activities, then the PC is running without AV protection for a time.

    I'm still considering what to do for the best.
    Last edited by digone52; 4th February 2011 at 06:04 PM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 2
    Last Post: 1st February 2011, 04:35 AM
  2. Upgrading to CC4
    By wooksey in forum Wireless Networks
    Replies: 11
    Last Post: 28th July 2010, 09:19 PM
  3. upgrading sophos ec 2 to ec 3
    By chrbb in forum Windows
    Replies: 2
    Last Post: 5th July 2009, 03:55 PM
  4. upgrading problems
    By ianaddisonuk in forum EduGeek Joomla 1.5 Package
    Replies: 0
    Last Post: 21st August 2008, 11:57 AM
  5. Upgrading DB
    By SimAda00 in forum MIS Systems
    Replies: 3
    Last Post: 11th January 2007, 10:37 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •