Enterprise Console: workstations display the message 'Differs from group'
In some circumstances, when you have configured a central Sophos Anti-Virus policy to exclude certain types of files from on-access scanning, the message 'Differs from group' is displayed in Enterprise Console for one or more workstations. Selecting the computers and attempting to make them comply with group policy does not resolve the problem.
This issue can occur when the two following points apply
- you create a policy in which certain types of files are excluded from scanning on the basis of their file extension (extension exclusions).
- the files are of a type that Sophos Anti-Virus does not scan by default.
When you do this, the configuration cannot be applied to workstations, because Sophos Anti-Virus cannot exclude an extension that it is not configured to scan. This mismatch between the policy specified centrally and the client configuration causes 'Differs from group' to be displayed.
What to do
In the central policy that you configured in Enterprise Console, you must remove any exclusions for extensions that Sophos Anti-Virus does not scan by default, then make the computers comply with the group policy.
1. Note which filetypes are scanned by default.
- At a workstation, right-click the Sophos shield in the system tray to open Sophos Anti-Virus.
- Select Configure|On-access scanning....
- Select the Extensions tab.
A list of all filetypes scanned is displayed in the 'File type extensions to be scanned' box.
2. In Enterprise Console, edit the relevant central policy.
- Remove any extensions that you have previously added, and which do not appear in the default list (above).
- Highlight the computers that do not comply, right-click and select 'Comply with'|'Group anti-virus policy'.
If you need more information or guidance, then please contact technical support.
- Article ID: 25448
- Created: 21 May 2007
- Last updated: 13 Oct 2008
