Unable to protect a Windows 8.1, Windows 10 or Windows 2012 R2 computer from Enterprise Console

  • Article ID: 119728
  • Rating:
  • 16 customers rated this article 4.4 out of 6
  • Updated: 27 Aug 2015


When attempting to deploy to a Windows 8.1, Windows 10 or Windows 2012 R2 computer from Enterprise Console, you receive the following message:

The applied software subscription does not contain software this computer can use

First seen in
Enterprise Console 5.2.0

Operating systems
Windows 8.1
Windows 10
Windows 2012 R2


The discovered computer does not have the correct operating system ID in the Enterprise Console database.  As a result the computer is listed as "Windows Workstation" rather than 'Windows 8' or 'Windows 10' and 'Windows Server' rather than 'Windows 2012 R2'.  Due to the value of the operating system, the deployment logic in Enterprise Console displays the message in the Issue section of this article.

What To Do

There are a number of workarounds to this problem, choose the appropriate one for you.

  • Upgrade to the latest version of Enterprise Console which fully supports deployment to these OSes.  For supported upgrade paths for existing Enterprise Console installations see article 119105.

  • Manually install Sophos to the Windows 8.1, Windows 10 or Windows 2012 R2 computer from the bootstrap location by running setup.exe.  

    Note: To locate the bootstrap location required, in Enterprise Console, click 'View' | 'Bootstrap Locations...'.  This will list all the UNC paths of the distribution points where you can find setup.exe.  You can interactively install by just running setup.exe on the Windows 8 Service Pack 1 computer or pass switches to setup.exe to install in a non-interactive way which may be useful when deploying to multiple computers.

  • Replace the file OsMappings.xml on the Sophos Management Server found under:
    32-bit: C:\Program Files\Sophos\Enterprise Console\
    64-bit: C:\Program Files (x86)\Sophos\Enterprise Console\
    with the updated file OsMappings.xml which can be found here.

    Note: the file downloaded will need to be renamed from OsMappings.txt to OsMappings.xml.   We recommend renaming the original file to OsMappings.xml.orig.
  • After the computer is discovered but before the computer is deployed to, manually update the database record for the computer you wish to protect.  To do so, perform the following in:
    1. Locate the discovered computer in Enterprise Console and make a note of the computer name as it is displayed.
    2. Optionally but recommended, take a backup of the Sophos 'Core' database, to do so we recommend using DataBackupRestore.exe.
    3. Run the appropriate SQL command below against the database to update the operating system ID for the platform that is incorrect:
      • Windows 8.1 and Windows 10 - From a 15 ('Windows Workstation') to 35 ('Windows 8'):

        sqlcmd -E -S (local)\sophos -d SOPHOS521 -Q "UPDATE ComputersAndDeletedComputers SET OperatingSystem=35 WHERE Name='<COMPUTERNAME>'"

      • Windows 2012 R2 - From a 16 ('Windows Server') to 36 ('Windows Server 2012'):

        sqlcmd -E -S (local)\sophos -d SOPHOS521 -Q "UPDATE ComputersAndDeletedComputers SET OperatingSystem=36 WHERE Name='<COMPUTERNAME>'"

        '(local)\sophos' represents the SQL Server instance in use by the Sophos Management Service.  If you are unsure which SQL Server instance is in use see article 113030.
        'SOPHOS521' represents the name of the 'Core' database for an Enterprise Console 5.2.1 installation.  For a list of database names for each version of Enterprise Console see article 17323.
        <COMPUTERNAME> should be updated with the computer name established in point 1 above. 

Related articles

We also refer you to the following articles:

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent