Jamf Nation Community

also did you look in the resources directory? maybe there is a nice pkg to install right there.

@swright.mm's solution worked for me. A few things I noticed:

1) If you copy the .zip file or the .app to another computer via AirDrop, policy, etc., something breaks and the --install failed with error about the installer being damaged. I think this is some kind of checksum fail or security measure.

2) But if you have a script pull down the Sophos installer from your Cloud URL using curl, then unzip it, and then install it with the --install flag, it will install successfully on a machine and the machine will enroll into the Sophos Cloud and get updates, policies, etc.

3) For some reason, the JSS policy log still shows as a failure, but I can see nothing in the returned log file, no errors, no sign as to why JSS thinks the script is failing. At the surface, this seems an issue, because I'd love to be able to use this policy log as a way to see who has installed Sophos 9.2 successfully and who has not. However, I can use Smart Groups to see who has 9.2 and who does not and so will ignore the policy log failure flag and should be able to get 99% of my user base with Sophos Cloud installed clearnly and then use the Smart Groups to track down any failures. If a machine repeatedly does not have the new Sophos, I can pull it in to find out why and then install manually. Probably a small number.

Thanks for the help on this one. Sure wish it were an easy .pkg installer like so much else.

@damienbarrett I have been using this script as well and was getting a failed status, even though it succeeded. It turns out, the failure message is triggered by the unzip's output. unzip outputs that it is extracting the file Error.png. That output goes into the Policy log file. JSS sees the word "Error" and marks the policy as a fail.

If you redirect the output of the unzip command to /dev/null then the log will not get the text of the output. Since Error.png is not in the log, JSS does not list as a fail.

Hopefully this will help with 3)

I've been using this script to install Sophos Cloud on my client machines and it has recently broken... anyone know if Sopho's changed the installer on us?

I've verified my download link has not changed and the unzip process is working correctly.

@bkramps

I tested out your new script and it worked like a charm... it even fixed the completed/failed status.

Thanks!

@bkramps , this worked for me too. Thanks for the update on the script.

We had to change the script we use as well for the enterprise console of Sophos.

Sophos White Paper

sudo "./Sophos Installer.app/Contents/MacOS/tools/InstallationDeployer" --install

Heh... Alright. Now it looks like I'm going to jump on this bandwagon. Safe to say that we've just started shifting to Sophos Cloud and and running into at least, most of the issues listed here. I've got a few leads on how to distribute this during an imaging process but it's not 100% yet. I'll share once I get there. Unfortunately the latest script here (Actually, each of the three methods I've seen here) are providing mixed results on 10.10.x units, upgrading from the standalone Sophos AV endpoint to 9.3.3 (cloud).

In the end. My devices are getting Sophos 9.3.3 and updating just fine. Unfortunately, a bazillion (less than technical term) users are being populated into the Sophos cloud interface and NOT their associated devices. It's a weird one.

I've found this one to be a bit interesting. @swright.mm @bkramps . I seemed to end up with a number of issues with the Sophos end of the cloud service. In any event, I cleared up a few older installs and re-ran the suggested script with spectacular results! Thanks all!

Alright. In the end I went two different directions on this. We deployed the latest version of Sophos cloud using the script above, AFTER uninstalling the previous version.

cd /Users/Shared/
rm -R Sophos*
curl -O https://<insert sophos cloud link>/SophosInstall.zip
unzip SophosInstall.zip &> /dev/null
chmod -R +x /Users/Shared/Sophos Installer.app/
/Users/Shared/Sophos Installer.app/Contents/MacOS/Sophos Installer --install
rm -R Sophos*
exit

I had hoped that the new cloud installer would provide a clean upgrade path but a number of users didn't get the proper update configuration.

For new or otherwise freshly imaged machines, we packaged up the app utilizing composer and a trick from Sophos' website (https://www.sophos.com/en-us/support/knowledgebase/121678.aspx). So essentially I ran a composer index, installed the latest version of the Sophos Cloud installer. Then used the suggested set of commands from Sophos

sudo mv /Library/Application Support/Sophos/mcs/config/configuration.plist /Library/Application Support/Sophos/mcs/config/configuration.plist.image

sudo security delete-keychain "/Library/Sophos Anti-Virus/Sophos.keychain"

After which I ran another index, giving me a set of results I cleaned up a little bit. Now, I can just distribute that .dmg followed by a quick script containing the following two commands.

mv /Library/Application Support/Sophos/mcs/config/configuration.plist.image /Library/Application Support/Sophos/mcs/config/configuration.plist

launchctl stop com.sophos.mcs

and all is well. Thanks folks!

Has anyone else moved to the Sophos Cloud client in their environment and had issues getting the clients to check in with the Sophos console?

I've used composer to package the installer and used the above script with the two commands but still can't get it to function right. The package installsupgrades existing versions to the Cloud version but just never shows up in my console.

Thanks in advanced for any guidance any can help out with.

I have used @bkramps script and it it curl the software package without issue, but it will actually launch the installer package with the sophos install GUI. Is this the expected behaviour?

I was hoping for a quiet install.

Thanks

@wilsonch that is not expected behavior. We are on Sophos Cloud Endpoint 9.4.2 and do not see the GUI installer.

You will want to make sure in the script that you put --install (that is 2 minus signs before the install option) for the silent install. Some text editors auto-format the -- to one long dash. If that happens then the GUI will launch.

@bkramps You are a genius! That fixed my problem!

Thanks heaps.

I am also trying to roll this out, and appear to be successful with my script until the --install.

I am toggling between adding sudo, adding the full /private path, making sure my install has --

But it appears to hang on --install; tested locally on the machine, and via casper remote.

Has anyone else run into this lately?

rm -rf /tmp/sophos
mkdir /tmp/sophos
cd /tmp/sophos
curl -O https://PATH/SophosInstall.zip
unzip SophosInstall.zip
chmod +x "/tmp/sophos/Sophos Installer.app/Contents/MacOS/Sophos Installer"
sudo /private/tmp/sophos/Sophos Installer.app/Contents/MacOS/Sophos Installer --install

Hello,

I know this is an old post but hopefully someone can help out. I'm using the script that @bkramps provided and it works like charm. However, when I check sophos central, it's showing the last logged in user as me rather than the account that was logged into the computer. On a windows machine, it shows the last user that was logged in. Is there any around that? Could it be that the DL link I used was the one from "Send Installer to Users"? How did everyone get the proper DL link since Sophos won't let me right click on that link? Any help would be great! Thanks in advance!

I know this is an old post but hopefully someone can help out. I'm using the script that @bkramps provided and it works like charm. However, when I check sophos central, it's showing the last logged in user as me rather than the account that was logged into the computer. On a windows machine, it shows the last user that was logged in. Is there any around that? Could it be that the DL link I used was the one from "Send Installer to Users"? How did everyone get the proper DL link since Sophos won't let me right click on that link? Any help would be great! Thanks in advance!

I got the link by using chrome. I downloaded the file and then went to the downloads area in chrome. It shows the download url in the file you just downloaded. You can then right click this file and save link as or copy link url.

@GPGIT I got the same issue, it just hang in there after running --install. Have you got any solution yet

The link given via the Sophos Central admin page only downloads a ghastly 'downloader' rather than the real full fat installer. (Shades of even more ghastly Adobe here.)

Is anyone able to download and save the full fat installer? If so how do you get the URL?

@damienbarrett @bkramps @Chris_Hafner

Hi Guys

I've ran the script, which is working well, and sophos installed, could monitor policies status on the laptop from Central Admin. But i found 1 issue that on the monitored laptop, i could only see Remove Sophos Endpoint.app, can't find Sophos app in application folder.

Anyone has this issue? i've tried restart as well. no luck