Birmingham schools (and many others) will shortly need to upgrade to Sophos Enterprise Console 4.5, but here's how to do the complicated bits:
Firstly if you're running an older version of MSDE 2000, you need to upgrade to MSDE 2000 SP4: SQL2000.MSDE-KB884525-SP4-x86-ENU.EXE (78.5MB)
Extract to the default directory, then from the command prompt run:
You should restart your server after the upgrade.Code:setup /upgradesp sqlrun INSTANCENAME=SOPHOS /L*v c:\msdelog.txt
Proceed to download and install SQL 2008 SP2 Express - SQLEXPR_x86_ENU.exe (100.5MB)
When prompted, choose the correct instance EG: SOPHOS and MSDE 2000 will be upgraded to SQL 2008.
At this point you should be ready to upgrade to Sophos Enterprise Console 4
Do you know what "NOTE: PLEASE DO NOT USE THESE NOTES TO INSTALL SOPHOS ENTERPRISE CONSOLE ON A
WINDOWS 2008 SERVER - PLEASE CONTACT THE LINK2ICT SERVICE DESK FOR FURTHER ADVICE" found in the guidance notes is in reference too? I'm still waiting for Link2ICT to get back to me with an answer.
I haven't installed Sophos EC 4.5 on 2008 Server, but I'm speculating it's maybe slight differences with the setup process and/or the additional security in 2008 Server creating an issue.
Generally speaking however I have no reason to believe installing Sophos EC on 2003 and 2008 to be that different.
Not had any issues just wiping the old install and installing 4.5... Didn't they send an email -out a few weeks ago stating that you don't need to upgrade any more, as the 9.5 update will be pushed via 3.1 soon?
The only problem I had with upgrading the console was the upgrading of the sql to 2008. After numerous attempts of the upgrade of sql 2005 to 2008 I got fed up and checked to see if the server had other databases in it and uninstalled sql 2005 and then installed the console and it was a doddle if a little time consuming. The upgrade of the clients however took a little more time and 268 out of 375 refused to upgrade on the first attempt and we had to wipe the old sophos manually and reinstall from about 50.
I don't think that's right, as EC 3.1 is still deploying 7.x to workstations.
Once you've changed to EC 4.5 (which looks pretty much the same), it'll deploy 9.5 to workstations.
You have until the end of March 2011 to upgrade, however I agree with comments above. It's not a quick process at all.
I thought I'd post back with some updates. I've upgraded several servers so far (on different domains), but none of them have gone smoothly!
After performing the steps in post number 1 I performed these steps to get things working:
1. Uninstall Sophos Enterprise Console 3.1 (anything Sophos in Add/Remove Programs).
2. Open up Regedit, take an export of Sophos under
then delete these entries completely.Code:HKEY_LOCAL_MACHINE > Software > Sophos HKEY_CURRENT_USER > Software > Sophos
3. Open up Active Directory and delete any Security Groups and Users associated with Sophos.
4. Reboot the server.
5. Install Sophos Enterprise Console 4.5.
6. All will appear well, apart from the Sophos Management Service will not start and as a result the console will not appear.
7. Open up a command prompt and enter:8. Open up regedit and create the following key:Code:"%programfiles%\sophos\Enterprise Console\UpgradeDB.exe" -sourceVersion=39. Start the Sophos Management Service and it should work successfully.Code:HKEY_LOCAL_MACHINE\Software\Sophos\Enterprise Manager
10. Open up Enterprise Console 4.5 and make the necessary tweaks to your policies. Force the policies on your workstations and all being well, most should upgrade successfully.
11. Create a startup script and call it SAVInstall.bat. Modify the changes for your network below:
12. Open up Active Directory and open the Default Domain PolicyCode:@ECHO OFF REM --- Check for an existing installation of Sophos AutoUpdate if exist "C:\Program Files\Sophos\AutoUpdate\ALsvc.exe" goto _End if exist "C:\Program Files (x86)\Sophos\AutoUpdate\ALSVC.exe" goto _End REM --- Deploy to Windows 2000/XP/2003 \\SERVERNAME\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe -updp "\\SERVERNAME\SophosUpdate\CIDs\S000\SAVSCFXP" -user "DOMAIN\ADMINISTRATOR" -pwd "PASSWORD" -mng yes REM --- End of the script :_End
Navigate to: Computer Config > Windows Settings > Scripts (Startup/Shutdown) > Startup > Show Files
Paste SAVInstall.bat in here, then close the window. Click Add > Browse > and select SAVInstall.bat
That's it, other than monitoring your workstations accordingly
TechSupp (1st February 2011)
WTF!? I've been ignoring this so far this week as ive been faffing about other things....but thats really put me off now!!!
My procedure was almost exactly the same as Michael's above. The Management Service would not fire up after the upgrade and I had to do all that updatedb stuff. However mine was slightly different in that I was going from EC 3.1 to 4.5 which meant I had no direct upgrade path. I had to upgrade to 4.0 and then 4.5 It took ages to get this sorted and I'm also still having problems with some clients not upgrading to 9.5. Out of near 700 machines only 200 upgraded without issue, another 420 upgraded after I made a complicated startup script to force the install and the remaining 70 or so keep failing on downloading updates!!
That said I am running this on Server 2008 with SQL 2008 which is probably where the extra hassle has come in.
Sophos really sucks when they release new versions! Aaaarrrrrgggghhhh!!!!!
Does anyone have an up-to-date removal script for Sophos v7.x or later? I have an older removal script which isn't working fully. Many thanks.
This is one I currently use:
echo "Starting Removal of Sophos"
msiexec.exe /x "c:\program files\sophos\autoupdate\cache\savxp\sophos anti-virus.msi" /q /norestart
msiexec.exe /x "c:\program files\sophos\autoupdate\cache\rms\sophos remote management system.msi" /q /norestart
msiexec.exe /x "c:\program files\sophos\autoupdate\cache\sau\sophos autoupdate.msi" /q /norestart
echo "MSI's removed"
reg delete HKLM\Software\Sophos /f
reg delete HKCU\Software\Sophos /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Agent" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SavService " /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SAVAdminSe rvice" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos AutoUpdate Agent" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos AutoUpdate Service" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Certification Manager" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos EMLib Update Agent" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SEMschedul er" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Management Service" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Sophos Message Router" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SQLAgent$S OPHOS" /f
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$SOPH OS" /f
reg delete "HKLM\System\CurrentControlSet\Services\Eventlog\S ophos" /f
echo "Registry cleaned up"
rmdir "c:\program files\sophos" /s /q
echo "Sophos folder removed"
"c:\windows\system32\gpupdate" /force /boot
echo "Group Policy updated"
Michael (4th February 2011)
I just cant bring myself to start this, but Link2ICT are charging £200 for the pleasure!
Thanks themightymrp, I'll give that a whirl.
@Little Miss - if you get stuck upgrading Sophos you know where to find me
Hi. I've attempted an upgrade in my test environment from EMC 3 to 4.5, which failed, and also tried a copy of our live server as suggested by a sophos support person, which also failed. When I told him this, he gave me the impression that this often happens, and advised me to start from scratch, which is what we are going to do.
Now, if you start from scratch, you need to fully uninstall and reinstall the product on all workstations, due to the certificates.
I thought I'd do this as a start up script - thinking that it'd be a dead simple job just to uninstall and reinstall the product. No go. Just to start with, the Sophos update service is active on start-up, and in my experience refuses to be stopped, uninstalled, or well, anything really until the update is finished. I think that it might really hack off our users if their PCs were unusable because the pc was sitting there running a script which was waiting for the update service to stop.
I then considered doing this as a shutdown task, but if a laptop has sophos uninstalled on shut down and then reinstalled in a startup script, if the PC is a laptop which is taken home between these activities, then the PC is running without AV protection for a time.
I'm still considering what to do for the best.
Last edited by digone52; 4th February 2011 at 06:04 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)