Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 2 Next »

There are two methods to install a managed system onto the Sophos Enterprise Console.  One uses "push" technology to push the installation out to the client computer.  The other uses "pull" technology that is initiated from the client computer to "pull" the installation down from the Enterprise Console.

  1. Push -- The method assumes you can discover the client computer from the Enterprise Console.  It also assumes that all the Minimum Requirements for Installation have been met on the client system.  Sophos Technical Support does not recommend this approach for large numbers of installations, in that, it puts a considerable strain on the Enterprise Console.  But, it can be recommended for one or a few installations at a time.  To install using "push", do the following from the Enterprise Console:
    1. Find New Computers -- You can do this from IP Address, Host Names, or Import from Active Directory.  Finding by IP Address seems to be the most straight-forward approach.  Importing from Active Directory can give you results, but there may be a lot of "stale" information in Active Directory that you may have to cull through in order to get to just the systems that are active.
    2. <Right Click> on the Computer in the Console / Select 'Protect Computers' -- You can highlight any number of client systems in the Enterprise Console window, and <Right Click> to protect all the computers selected
  2. *Pull -- *This approach is more labor intensive, in that, you have to initiate it from each client computer, usually from a remote desktop session on those computers.  Certain Minimum Requirements for Installation have to be met, but when you remote to a system as an administrator, it seems the process is a bit more forgiving than trying it from a "push".
    1. Domain Computers -- Systems that are on a domain that have a "trust' relationship with the AD domain "should" be able to be added to the list of managed systems without the need to authenticate, first, to the AD domain.  After you logon onto the client system with Administrator credentials, you can use the following command line in order to initiate the installation:

\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe -updp "\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP" -ouser "Bwi3IFE4LpeUgDKiUtwDQcgWz6R0UTwq11yVTZNuwinsjO/n90C39hx6MKxpmyHykWAuiazVwJmyu6R/mAK8AiD0" -opwd "BwiltcOULUSqvSjlVDc1vO4IkKF5QpjU/xQ5UcUZ++bPlQ==" -mng yes -crt R

    1. Non-Domain Computers -- Systems that are either not in a "trust" relationship with the AD domain, or are not part of a domain (most likely they are part of a Workgroup), must first authenticate into the AD domain, then use the command line to initiate the installation.  One of the easiest ways to do that is by mapping a drive to SOPHOS0.AD.UCI.EDUSOPHOSUPDATE, install the product to the client, then unmapping the drive when you are through.  To do this, you can use the following three command lines, which includes the installation command line:

net use Y: \\sophos0.ad.uci.edu\sophosupdate S0ph0$ /USER:sophosaccess /persistent:no

\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe -updp "\\SOPHOS0.ad.uci.edu\SophosUpdate\CIDs\S000\SAVSCFXP" -ouser "Bwi3IFE4LpeUgDKiUtwDQcgWz6R0UTwq11yVTZNuwinsjO/n90C39hx6MKxpmyHykWAuiazVwJmyu6R/mAK8AiD0" -opwd "BwiltcOULUSqvSjlVDc1vO4IkKF5QpjU/xQ5UcUZ++bPlQ==" -mng yes -crt R

net use Y: /delete

 

  • No labels