Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 14 subscribers
  • Views 11688 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to find out what id was central agent installed with?

Pavel Vanek

Hallo,

I was testing Sophos for some time. So I might made a cup of ids for central before I got it. Now I decided to completely remove Sophos apps from my network. The problem is that on one of computers there is Sophos Endoint Agent with tamper protection on. And I dont remember how the product was istalled so I can not turn it off in order to remove the agent.

Is there a way to find out Sophos ID or any information about licencing in Sophos Agent? How do I remove agent when I don know who installed it?

Thank you. Pavel

 


This thread was automatically locked due to age.
Parents
  • +1

    If you're just trying to recover a couple of computers from Tamper Protection, the following article might help:

    https://community.sophos.com/kb/en-us/124377

    Otherwise, if I understand you correctly, you can't remember which Central trial you protected the computer from to disable TP on it?

    You should be able to look through your emails to find the activation emails.  From there you should be able to log in, password recovery if needed.  Once logged in, I assume you can find the computer by name to disable TP on it?

    If not, from the Endpoint, if you look in:
    C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt
    This is the unique ID for the client.  E.g.

    41b17f17-cd53-04a6-bb5c-ada356253ee8

    Back in Central, the URL of the Endpoint contains this, e.g.:
    https://cloud.sophos.com/manage/devices/computers/41b17f17-cd53-04a6-bb5c-ada356253ee8/summary

    So knowing the GUID of the EP, you can construct the URL to the page.

    Regards,
    Jak

Reply
  • +1

    If you're just trying to recover a couple of computers from Tamper Protection, the following article might help:

    https://community.sophos.com/kb/en-us/124377

    Otherwise, if I understand you correctly, you can't remember which Central trial you protected the computer from to disable TP on it?

    You should be able to look through your emails to find the activation emails.  From there you should be able to log in, password recovery if needed.  Once logged in, I assume you can find the computer by name to disable TP on it?

    If not, from the Endpoint, if you look in:
    C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt
    This is the unique ID for the client.  E.g.

    41b17f17-cd53-04a6-bb5c-ada356253ee8

    Back in Central, the URL of the Endpoint contains this, e.g.:
    https://cloud.sophos.com/manage/devices/computers/41b17f17-cd53-04a6-bb5c-ada356253ee8/summary

    So knowing the GUID of the EP, you can construct the URL to the page.

    Regards,
    Jak

Children
  • 0 in reply to jak

    Going throught by you suggested methods I realized that the computer was actually removed from Sophos Central. So I got the password back by reviewing the logs.

    On the other side, in my current security solution, there is something like about and I can read licence details there. After half a year with Sophos I see why they choose this way ... still dont like such features.

    Thank you for help.

Unfiltered HTML