Information on configuring an authoritative Sophos Update Manager

  • Article ID: 57638
  • Rating:
  • 1 customers rated this article 5.0 out of 6
  • Updated: 15 Aug 2014

This article provides information on what an 'authoritative' Sophos Update Manager (SUM) is, when to explicitly configure one and confirm which SUM is currently authoritative.

First seen in

Enterprise Console 4.0.0

What is an 'authoritative' SUM?

The authoritative SUM is automatically chosen by the Sophos Management Service to provide product information to the system.  In a single SUM environment the SUM on the management server is authoritative.

Where multiple SUMs exist within a single Sophos Management Server, the authoritative SUM is chosen based on whether it is able to connect to Sophos within a 24-hour window.  

Note
: The SUM on the Sophos management server is given preference to remote SUMs during this check.

When should I manually set one?

If you have multiple SUMs using Sophos as an update source, some SUMs may maintain a larger number of distribution locations than others.  It is recommended you make the SUM maintaining fewer distributions authoritative as this will ensure that the status message from that SUM is received by the Sophos management service before clients report in their package information.  Where possible it is recommended that the SUM on the management server is made authoritative if it updates from Sophos.

How do I manually set an authoritative SUM?

  1. On the server running the Sophos Management Database component, run the following command to get a list of update managers and their Remote Management System (RMS) endpoint address:

    sqlcmd -E -S .\SOPHOS -d SOPHOS51 -Q "select c.Name, c.MessageSystemAddress from dbo.SDDMServers as s with (nolock) INNER JOIN dbo.ComputersAndDeletedComputers as c with (nolock) on s.ComputerID = c.ID"

    Where: 
    'SOPHOS51' is the database associated with your console version.  For more information on Sophos databases see article 17323.
    .\SOPHOS represents a local SQL Server instance called SOPHOS.  For more information on determining your instance name see article 113030.

  2. Identify the computer name of the SUM you are configuring as the authoritative SUM and note its message system address (e.g. Router$ServerA:4556 or Router$ServerA).
     
  3. On the server running the Sophos Management service, create a new 'string' value called 'AuthoritativeServer' under :

    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Sophos\EE\Management Tools\

    Note: The string is case sensitive and should be entered exactly as returned by the command in step 1.

How can I check which SUM is currently authoritative?

Initially check if the registry key mentioned above has been set.  If it has, confirm it is being used by opening the file:

  • 2008 (and higher): C:\ProgramData\Sophos\Sophos Endpoint Management\log\sophos-management-services.log
  • 2003: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Endpoint Management\log\sophos-management-services.log

and search for lines similar to the ones shown below:

[Timestamp] [ThreadID] INFO  {Sophos.Management.Services.Sddma.AuthoritativeServerSelector.GetOverride} ==> Authoritative server endpoint address override is Router$ServerA.
[Timestamp] [ThreadID] INFO  {Sophos.Management.Services.Sddma.AuthoritativeServerSelector.GetAuthoritativeServerFromOverride} ==> Attempting to use the overriding authoritative server endpoint address 'Router$ServerA'.
[Timestamp] [ThreadID] INFO  {Sophos.Management.Services.Sddma.AuthoritativeServerSelector.GetAuthoritativeServerFromOverride} ==> Found server with the endpoint address 'Router$ServerA.

If the above key has not been configured, the Sophos management service will elect an authoritative SUM.  The chosen SUM can be identified from the same log as above.  The following lines can be found:

[Timestamp] [ThreadID]  INFO  {Sophos.Management.Services.Sddma.AuthoritativeServerSelector.SelectCandidateAuthoritativeServer} ==> Selecting the server 'ServerA' with the endpoint address 'Router$ServerA' as the authoritative server.

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments