06 January 2011

Sophos mrinit.conf.orig prevent migration to new management server

When you are migrating existing clients from one Sophos management server to another you will very likely run into this problem.

The remote Management System is the component set that does the communication with the management server.  This is responsible for updating the status on both sides with policy updates, commands etc.  The RMS gets it routing and security information from a file called the mrinit.conf.  This file is located in "C:\Program Files\Sophos\Remote Management System\" folder.  When your new Sophos installation starts on that client, a backup copy is made called mrinit.conf.orig  This safeguards the original configuration so that the machine can continue communicating with it's current management server.

The catch comes in when you are purposely trying to migrate from one management server to another.  This behavior then causes the client to be fail to communicate with either to old or the new management server.  Worst of all is that you only become aware of this potential issue once it has occurred.  From your new server the machine would just never show up, from your old server the machine will show up as disconnected.  This means you will have to log onto the machine to find out what is going on.  When checking the Sophos network communications report you will get the following very helpful message.

  • Problem description : Sophos Anti-Virus cannot report to Sophos Enterprise Console (SEC) or receive new security policies. 
  • Overview : This is because it is using an SSL certificate that is incompatible with the SEC server. 
  • Possible cause : This may be caused by the server having been reinstalled. Action to repair : Sophos Anti-Virus should be reinstalled by the system administrator.

As you can see it does not help much in telling you why your previous working system is now broken.  The only hint to what is wrong is if you scroll down to the Computer details section.  The parent address will be your old management server.

To prevent this issue from occurring you simply need to delete the current mrinit.conf file and the mrinit.conf.orig file if it exists from the "C:\Program Files\Sophos\Remote Management System\" folder BEFORE you start the setup.

If you have already stepped in it, just re-run the install after deleting the files and it should fix the issue.

If you are deploying with SCCM or any other "packager" add a custom command or action to manually delete these.  It would be very nice if the guys at Sophos made this a setup.exe command line parameter.

No comments:

Post a Comment