Installing Sophos as and application using the setup exe is relatively easy when the operating system is installed however during a OSD deployment you may find it fails. This is normally due to the update part of the install not completing and therefore the installation doesn’t complete.
If you want to create an application or package you can use the command below which will work on a system already running Windows.
change the domain\sophos-service and Password to your Sophos details.
setup.exe -s -mng yes -user domain\sophos-service -pwd Password
The solution with regards to installing during the OSD is to create a scripted install which can also be used for both OSD and regular installs.
You will need to change the red text below and save as a bat file, once tested you’re ready to add it to SCCM. You can play with the time out amount but I found in my environment 500 was enough to install updates.
@ECHO OFF
REM — Check for an existing installation of Sophos AutoUpdate on 32-bit (the ‘Sophos AutoUpdate Service’ process)
IF EXIST “C:\Program Files\Sophos\AutoUpdate\ALsvc.exe” goto _End
REM — Check for an existing installation of Sophos AutoUpdate on 64-bit (the ‘Sophos AutoUpdate Service’ process)
IF EXIST “C:\Program Files (x86)\Sophos\AutoUpdate\ALSVC.exe” goto _End
REM — Check for an existing installation of Sophos Anti-Virus on 2003/XP (the SAV adapter config file)
IF EXIST “C:\Documents and Settings\All Users\Application Data\Sophos\Remote Management System\3\Agent\AdapterStorage\SAV\SAVAdapterConfig” goto _End
REM — Check for an existing installation of Sophos Anti-Virus on Vista+ (the SAV adapter config file)
IF EXIST “C:\ProgramData\Sophos\Remote Management System\3\Agent\AdapterStorage\SAV\SAVAdapterConfig” goto _End
REM — Deploy to Windows 2000/XP/2003/Vista/Windows7/2008/2008-R2
\\ Your Sophos sever\SophosUpdate\CIDs\S000\SAVSCFXP\Setup.exe -updp “\\Your sophos server \SophosUpdate\CIDs\S000\SAVSCFXP” –user domain\sophos-service -pwd Password -mng yes
TIMEOUT /T 500
REM — End of the script
:_End
For the detection method I used the Sophos AV exe located in Program Files