Solved

Security log - 529 -Sophos_AU_Client

Posted on 2008-10-26
6
1,267 Views
Last Modified: 2012-05-05
Hi,
After un-installing Sophos security centre on my small business server I am receiving hundreds of errors:

Logon Failure:
       Reason:            Unknown user name or bad password
       User Name:      Sophos_AU_Client
       Domain:            Server-Name
       Logon Type:      3
       Logon Process:      NtLmSsp
       Authentication Package:      NTLM
       Workstation Name:      Server-Name
       Caller User Name:      -
       Caller Domain:      -
       Caller Logon ID:      -
       Caller Process ID:      -
       Transited Services:      -
       Source Network Address:      127.0.0.1
       Source Port:      0

I have checked this link http://www.sophos.com/support/knowledgebase/article/14567.html but because I uninstalled the program the registry entries are not there. Also none of my client computers have there sophos settings pointing to my server. Any ideas?
0
Comment
Question by:Dan560
  • 4
  • 2
6 Comments
 
LVL 28

Expert Comment

by:Michael Pfister
ID: 22810950
It looks like the server itself tries to log on with  the username Sophos_AU_Client. So check if the uninstall left a Sophos service running on your server...
0
 
LVL 2

Author Comment

by:Dan560
ID: 22811052
Nothing seems be there that shouldnt be.
I have puremessage and sophos anti Virus. The following services are running:

Sophos agent
Sophos Anti-Virus
anti-virus status reported
sophos auto-update servic
sophos message router
puremessage
puremessage runing object table
puremessage scanner
puremessage web agent

0
 
LVL 2

Author Comment

by:Dan560
ID: 22811063
Ok  I have figured it out. Sophos AV auto-date settings are pointing to \\server\sophos\sav...(this was created by the security console) and is using sophos_AU_Client as its username. but when I try to remove update details its all greyed out  :(
0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 
LVL 2

Author Comment

by:Dan560
ID: 22820027
I'm not sure whether I should open another question because I fixed the above issue by reinstalling sophos anti virus, but now after I did this the following automatic service will not start
 : Sophos message router
Could not start the Sophos message router service on the local computer
error 1053:the service did not respond to the start or control request in timely fasion.

Do you think you could help? I have restarted the server twice but that didnt seem to fix it.
0
 
LVL 28

Accepted Solution

by:
Michael Pfister earned 500 total points
ID: 22820061
It seems the entire Sophos installation is messed up...

Have a look at this Sophos KB article:

http://www.sophos.com/support/knowledgebase/article/14449.html

But I believe it might be better to call Sophos support. Or you can open a new question and find someone who has a similiar Sophos installation that you can compare to.
0
 
LVL 2

Author Comment

by:Dan560
ID: 22820366
Thanks,calling Sophos was the correct thing to do, basically I needed to uninstall Sophos remote management, this was a bit of an obvious thing to do, after the uninstall it the sophos message router automatically disabled, it was also recommended that I re-install Sophos Anti-Virus.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now