Sophos AV : The user is not assigned to any sub-estates

Sophos AV : The user is not assigned to any sub-estates

I came across this today on a fresh install of Sophos 4.7 on Windows Server 2008 R2. I confirmed:

User was a member (indirectly) of the SophosAdministrator group in AD DS, and a member (indirectly) of the the local security group “Sophos Full Administrators.” Note indirect. The issue here was caused by nested group membership; the user was a member of a role-based group which was in turn member of a service type group which was used to delegate permissions in Sophos.

There is a known issue where launching the Sophos Enterprise Console as a user who inherits membership of the Sophos Full Administrators group via nested groups fails.  Ensure the launching user is a direct member of the group.

More information available here:

Windows Server 2008 : Storage Migration No Impact!

Windows Server 2008 : Storage Migration No Impact!

The following process is useful when migrating from one storage platform to another.In summary it uses Windows Software RAID to mirror data to the other storage device, once completed the mirror is broken in a way that leaves only the new storage with the correct drive letter / mount points and data.

Present the new LUN, on the new storage to your host. The drive should contain no partitions.

 Right-click the volume you want to mirror and select ‘Add Mirror…’

 Select the disk you wish to mirror the volume on to and click ‘Add Mirror…’:

Click Yes to acknowledge that both drives will be converted to dynamic disks.


Wait for the mirror to sync:


You can either break or remove the mirror:

  • To break the mirror, keeping the same drive letter on the NEW storage and assigning a free drive letter on the old storage right click the old drive and select break mirror.

   This can be performed in diskpart using the following commands:

list volume
select volume <volume number>
detail volume
break disk n
   Change ‘n‘ to be the disk number you wish to remove the mirror from i.e. the old storage device,
   leaving the new disk with the data on it.
  • To remove the mirror, keeping the data on only one drive (the new drive) right-click one drive and select remove mirror. You will be prompted to select a drive to remove. Make sure you select the old drive!