Cloning a machine with Sophos installed

Reading Time: < 1 minute

Before cloning a machine or uploading an image with Sophos installed to WDS (Windows Deployment Services) carry out the below tasks so you don’t experience issues later.

1) Stop the following services; Sophos Message Router, Sophos Agent and Sophos AutoUpdate Service.
2) Remove keys named pkc and pkp from the below locations:

[HKEY_LOCAL_MACHINE\Software\Sophos\Messaging System\Router\Private]
[HKEY_LOCAL_MACHINE\Software\Sophos\Remote Management

3) Delete the following files; status.xml and machine.xml at the below locations on the base image machine:

C:\Program Files\Sophos\AutoUpdate\Data\Status\
C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Anti-Virus\Config\

4) If the SID value has been changed, open a command prompt and type the following command:

MsiExec.exe /i “c:\Program Files\Sophos\AutoUpdate\cache\savxp\Sophos Anti-Virus.msi” REINSTALL=ALL REINSTALLMODE=voums UPDATEDRIVERS=0 /l*v c:\msi.log /qb

On Windows Vista the command is:

MsiExec.exe /i “c:\ProgramData\Sophos\AutoUpdate\cache\savxp\Sophos Anti-Virus.msi” REINSTALL=ALL REINSTALLMODE=voums UPDATEDRIVERS=0 /l*v c:\msi.log /qb

Please follow and like us:

Sophos – Could not start installation program on the computer

Reading Time: < 1 minute

Sophos – 80070035 Could not start installation program on the computer: The network path was not found

If you find that you receive the above error when trying to push Sophos out to a Vista machine using Sophos Enterprise Console, follow the instructions below to resolve:

1) Open Windows Firewall with Advanced Security:
Select Start, Control Panel, Classic View, Administrative Tools.

Change the ‘Inbound rules’ to enable the following, where present:

Remote Administration (NP-In) Domain
Remote Administration (NP-In) Private
Remote Administration (RPC) Domain
Remote Administration (RPC) Private
Remote Administration (RPC-EPMAP) Domain
Remote Administration (RPC-EPMAP) Private

Note: When installation is complete, you should disable any processes you enabled.

2) Start the ‘Remote registry’ service on the Windows Vista or Windows 2008 computer (if it is not currently running), and set it to run automatically:
Right-click the Remote Registry service
Select ‘Properties
In the ‘Startup type’ dropdown menu, select Automatic
Click ‘OK’.

3) Then either
Open the Windows Control Panel.
Select User accounts.
Select the admin account.
Select ‘Turn User Account Control on or off’.
In the dialog that opens, deselect this option.Note: When installation is complete, you should turn this back on.

or

On the Windows Vista or Windows 2008 computer, open Administrative Tools | Local security policy | Local Policy | Security Options . There is an option called ‘User Account Control: Run all administrators in Admin Approval Mode’. The default is ‘Enabled’. Change this to ‘Disabled’.

4) Reboot the computer.

5) From Enterprise Console, version 2 or above, deploy to the Windows Vista or Windows 2008 computer, specifying the local administrator credentials.

Source: http://www.sophos.com/support/knowledgebase/article/15027.html

Please follow and like us: