Every time an endpoint installed with Sophos Disk Encryption reports to the Sophos Enterprise Console, the following Event is generated for the endpoint: "
Failed to retrieve key backup data too many times [0x80040326]".
In addition to the event, the encryption recovery (Challenge/Response) cannot be completed for the Sophos Disk Encryption Client.
First seen in
Sophos Disk Encryption 5.61.0
Enterprise Console 5.1.0
The problem is caused by a defect in the EncryptionKeyBackupSessionsAutoComplete stored procedure; it fails to mark the key backup session as completed.
What To Do
Download and unzip this attached file EncryptionKeyBackupSessionAutoComplete.zip, then install the updated EncryptionKeyBackupSessionAutoComplete.sql stored procedure in the SOPHOS51 database as described below.
Note: we strongly recommend you to create a backup of the database (right click the SOPHOS51 Database from the Object Explorer and select Tasks | Back up...) before updating the stored procedure.
- Open the Microsoft SQL Server Management Studio and connect to the instance that is used to host the SOPHOS51 Database (i.e.
- From Microsoft SQL Server Management Studio select "
File | Open | File..." and select the
EncryptionKeyBackupSessionAutoComplete.sql file to load the new stored procedure into the SQL Server Management Studio.
- From the "
Available Databases" navigation dropdown box, select the SOPHOS51 database.
- Click on "
Execute" to install the updated stored procedure.
- The messages window will show "
Command(s) completed successfully." once the stored procedure has been updated correctly.
After the stored procedure has been updated, endpoints installed with the integrated encryption module will no longer report error 0x80040326 provided the key backup file was transmitted correctly. Also, a Challenge/Response can now be executed correctly and will not end with a missing key error.
Please note: The fix is included in the Sophos Enterprise Console 5.2 release.