...
- Push -- The method assumes you can discover the client computer from the Enterprise Console. It also assumes that all the Minimum Requirements for Installation have been met on the client system. Sophos Technical Support does not recommend this approach for large numbers of installations, in that, it puts a considerable strain on the Enterprise Console. But, it can be recommended for one or a few installations at a time. To install using "push", do the following from the Enterprise Console:
- Find New Computers -- You can do this from IP Address, Host Names, or Import from Active Directory. Finding by IP Address seems to be the most straight-forward approach. Importing from Active Directory can give you results, but there may be a lot of "stale" information in Active Directory that you may have to cull through in order to get to just the systems that are active.
- <Right Click> on the Computer in the Console / Select 'Protect Computers' -- You can highlight any number of client systems in the Enterprise Console window, and <Right Click> to protect all the computers selected
- Pull -- This approach is more labor intensive, in that, you have to initiate it from each client computer, usually from a remote desktop session on those computers. Certain Minimum Requirements for Installation have to be met, but when you remote to a system as an administrator, it seems the process is a bit more forgiving than trying it from a "push".
- Domain Computers -- Systems that are on a domain that have a "trust' relationship with the AD domain "should" be able to be added to the list of managed systems without the need to authenticate, first, to the AD domain. After you logon onto the client system with Administrator credentials, you can use the following command line in order to initiate the installation:
Code Block
\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe
...
-updp
...
"\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP"
...
-ouser
...
"BwhHADcWykYUOBQSa7IFvQyhXjb237+UgvxGv6h21EmZVdeuMgdl2f5G"
...
-opwd
...
"BwgnDB0QdRC9D3AcasgP4+OLW9J98eJPW/Q="
...
-mng
...
yes
...
-crt
...
R
...
- Non-Domain Computers --SOPHOS0.AD.UCI.EDU}SOPHOSUPDATE
| Code Block |
|---|
net use Y: \\sophos0.ad.uci.edu\sophosupdate S0ph0$ /USER:sophosaccess /persistent:no
|
| Code Block |
|---|
\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe -updp "\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP" -ouser "BwhHADcWykYUOBQSa7IFvQyhXjb237+UgvxGv6h21EmZVdeuMgdl2f5G" -opwd "BwgnDB0QdRC9D3AcasgP4+OLW9J98eJPW/Q=" -mng yes -crt R
|
| Code Block |
|---|
net use Y: /delete
|
- Non-domain systems or systems on domains that are not "trusted" to the AD domain need authentication up front, as the username and password are obfuscated. You will need to execute a version that does not have the username and password obfuscated. See the Sophos Administrator for this.
Use of these command lines, or the "push" process that attempts to locate the client systems should result in systems being added to the "Unassigned" group in the Enterprise Coonsole. From there, you select, drag and drop an unassigned system into the appropriate group under "Global Group" that indicates the day(s) and time(s) at which you would like virus scans to take place.
The Global Group is broken up into two parts -- Servers and Workstations. Under each of those categories, the sub-groups are broken up by time and days. Just drag and drop an Unassigned systems into one of the time/day based scanning sub-groups.
...