Sophos have gone from being one of the best Mac enterprise anti-virus solutions to (perhaps) the worst. Multi-platform organisations are likely to have a Windows server (or more than one) and can therefore run Sophos Enterprise Console to create and manage a Mac installer for Sophos Anti-Virus. Previously Mac only organisations could use Sophos Update Manager to do much the same on a Mac server.
Unfortunately SUM only supports SAV8 and does not support SAV9.
I created this as a Domain Local group in AD and added my administrator account.
After a log off and login I was now getting a different unknown error message, which wasn’t very descriptive, but still couldn’t get into the console so I took a look at the services.
You’ll first need a direct console into Sophos UTM.
For hardware appliances, plug in a monitor and keyboard, or for Virtual Appliances open up your virtualization system’s management console for the Virtual Machine.
After recreating the Sophos Update Mgr account in AD, I changed the password for the different Update Policies we are using in the Sophos Enterprise Console, and the Protect Computer wizard is operational again.
You can also checkout Sophos’ own guide on how to Recover access to your Sophos UTM in the event of password loss.
I hope this helps anyone else out there that has locked them selves out of their Sophos UTM box!
It is important to note that you are better off using LDAP for Active Directory You cannot access additional attributes with the “Active Directory/Windows NT” method and you cannot do password expiry and reset passwords with the that method either.
If you have AD you should use the LDAP method and not the one listed in this blog.