How to set a new obfuscated SophosSAUhostname (Sophos AutoUpdate impersonation account) password

  • Article ID: 111665
  • Rating:
  • 1 customers rated this article 1.0 out of 6
  • Updated: 24 Sep 2014

When Sophos AutoUpdate (SAU) is installed a local Windows account is created called SophosSAU<computerName> (where '<computerName>' is the name of the local computer) and the details of the account are written to the Windows registry.  If you change or reset the password for this account (i.e., through local computer management) at any point after installation the computer will fail to update.  Therefore if the password has been changed you will have to update the password string in the registry - which is obfuscated for security reasons.

This article explains how you can replace the old obfuscated password string with a new obfuscated password string.

Note:

  • For more information on this impersonation account and its use see article 36262.
  • The steps below should be carried out on the computer that is failing to update.
  • Use the locally-installed Sophos Endpoint Security and Control application, and the 'Updating' section of the home screen to obfuscate a password.

Applies to the following Sophos product(s) and version(s)

Sophos Anti-Virus for Windows 2000+

What To Do

Important: These steps assume that the SophosSAU<hostname> password has been changed already and you know the new password.

  1. Locate iconn.cfg with Windows Explorer.  For more information see article 44325.
  2. Make a copy of this file (i.e. to your computer's desktop).
  3. Open the original file (not on the copy saved to the desktop as a backup) in Notepad.
  4. Change all values of AllowLocalConfig = 0 to AllowLocalConfig = 1 then save and close the file.
  5. Right-click on the Sophos shield in the system try and select 'Open the Endpoint Security and Control'.
  6. From the home screen click on 'Configure updating' (under the 'Updating' section).
  7. Move to the 'Secondary location' tab.
  8. Delete the contains of the username and password fields (if filled in).
  9. Enter a username - this can be any made up (any) value since this will not be kept.
  10. In the password box enter the password you intend to use for the SophosSAU account and click OK.
  11. Browse back to the location from step 1 and open file iconnlocal.cfg file located in the folder detailed in step one (not the desktop copy) and copy out (Ctrl+C) the value after 'UserPassword = ' under [PPI.WebConfig_Secondary]
  12. Open the registry editor (Start | Run | Type: regedit.exe | Press return) and paste (Ctrl+V) the value into the following registry data value:
    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\AutoUpdate\Service\Download Password
  13. Close the Notepad file.
  14. Copy the original iconn.cfg (from the desktop) to the original folder (shown in step one).

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments