How to: Run the Sophos Diagnostic Utility (SDU) on a remote computer

  • Artikel-ID: 112981
  • Aktualisiert: 06 Jun 2014

When troubleshooting a problem on a remote computer Sophos Technical Support may request the Sophos Diagnostic Utility (SDU) be used to gather information. Network administrators may not have direct access to remote computers. Therefore running the sducli.exe (Sophos Diagnostic Utility Command Line Interface) tool using the windows task scheduler logs can be collected from a remote computer.

Installing the SDU tool on the Sophos Management server and using the existing 'SophosUpdate' share you can collect logs from the remote computer and have the output file written to the 'SophosUpdate' share.

As of April 2013, the SDU tool is included in SAV for Windows 10.0 and above. If you cannot find it, see article 33533 for alternate downloads.

Applies to the following Sophos products and versions

Sophos Anti-Virus for Windows 2000+

What To Do

Run Sophos Diagnose remotely using the Microsoft Task Scheduler

The following steps should be performed on the Sophos Management Server.

  1. Create a folder 'sduOutput' in the 'SophosUpdate' share (e.g. 2003: "%allusersprofile%\Application Data\Sophos\Update Manager\Update Manager\". 2008+: "%allusersprofile%\Sophos\Update manager\Update manager\")
  2. Open an command prompt (Start | Run | Type: cmd.exe).
  3. Run the command:
    schtasks /create /s client /u domainName\administrator /p password /ru domainName\administrator /rp password /sc once /st hh:mm:ss /tn "Sophos Diagnose" /tr "\\serverName\SophosUpdate\CIDS\S000\SAVSCFXP\diagnose\sducli.exe -logdir=\\serverName\SophosUpdate\sduOutput\"
    Parameter Description
    hh:mm:ss
    the time to run Sophos Diagnose on the remote client (example 11:05:00, beware of timezone differences and include the seconds also)
    client the hostname (NetBIOS name) of the remote computer
    password
    the password for the domainName\administrator account
    domainName\administrator one word domain name and a domain administrator account
    serverName the hostname (NetBIOS name) of the Sophos Management server
  4. After the specified time specified time to run Sophos Diagnose it may take up to 10-15mins for the process to complete, during this time the application will be invisible to the user.
  5. Check the \\serverName\SophosUpdate\sduOutput\ folder for the log set.

Troubleshooting

  • Check %windir%\Schedlgu.txt on the remote PC if SDU logs are not produced in the server share
  • Check the username and password used is correct
  • Check that by removing the "/s client" that the scheduled task gets created locally and launches correctly

Run Sophos Diagnose remotely using PSExec

Note: PSExec is classed as a PUA (Potentially Unwanted Application) by Sophos and will need to be authorised for use on your computers.

From the server hosting your Sophos Update Manager packages.

  1. Create a folder 'sduOutput' in the 'SophosUpdate' share (e.g. 2003: "%allusersprofile%\Application Data\Sophos\Update Manager\Update Manager\". 2008+: "%allusersprofile%\Sophos\Update manager\Update manager\")
  2. Open an command prompt (Start | Run | Type: cmd.exe).
  3. Edit and run the following in a command prompt window:
    "psexec \\targetHostname \\serverName\SophosUpdate\CIDS\S000\SAVSCFXP\diagnose\sducli.exe -logdir=\\serverName\SophosUpdate\sduOutput\ -d -h"
  • Replace targetHostname with the intended endpoint hostname, you can also use @filename to use a list of computers, one hostname per line.
  • Replace serverName with the hostname of the server you are running this command on.

 
Wenn Sie weitere Informationen oder Unterstützung benötigen, wenden Sie sich bitte an den technischen Support.

Artikel bewerten

Ungenügend Hervorragend

Anmerkungen