This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Windows users and groups - Sophos Central Managed PCs

Hello everyone,

We have a Sophos Central account with wich we manage endpoint protection on computers.

When the Sophos Central Agent (Core Agent, Endpoint Advanced and Intercept X components) is installed, the following user groups are generated locally and into our AD domain:

I have the following questions:

What is the goal of this groups?

Are there any best practices that I should be aware regarding this topic?

Thank you.

This thread was automatically locked due to age.

Top Replies

PavSupport over 2 years ago +4 verified

To correct some older comments: For Central those groups are purely used by SAV for COM to COM component communication, so they have no 'User' effect. They are definitely required, so if you delete…

0 Shweta over 3 years ago

Hi mh3000

When Sophos endpoint is installed, the members of the local Windows groups are added to the local Sophos groups.

Windows group Sophos group

Administrators SophosAdministrator

Power Users SophosPowerUser

Users SophosUser

Please check this link for more information regarding the task that can be performed.

Shweta

Community Support Engineer | Sophos Technical Support
Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up 0 Vote Down

Cancel
0 MEric over 3 years ago

These groups are not used for Sophos Central endpoints and is likely just code carried over from Enterprise Console managed endpoints. These groups are used in that version but in the Sophos Central version they serve no purpose. They will delete on uninstall of the software or you can delete them now as it will not affect the software in any way.
Cancel
Vote Up 0 Vote Down

Cancel
0 mh3000 over 3 years ago in reply to Shweta

Hello Shweta, sorry for my late response and thank you for your answer

I read the link that you referenced, but the documentation says it is for Sophos Endpoint Security and Control.

Does this also apply to the Sophos Central Agent?
Cancel
Vote Up 0 Vote Down

Cancel
0 mh3000 over 3 years ago in reply to MEric

Hello MEric,

Thanks for the information.

Do you know any Sophos Central article/KBA that mentions this? I couldn't find no related information into this Sophos Central Documentation

Thanks in advance!
Cancel
Vote Up 0 Vote Down

Cancel
+1 PavSupport over 2 years ago

To correct some older comments:

For Central those groups are purely used by SAV for COM to COM component communication, so they have no 'User' effect.

They are definitely required, so if you delete them certain functionality will not work and you would likely need to reinstall the product to fix it. We will have official documentation coming up about it, but no KB article for now to share. No best practices steps aside from not modifying or deleting them.
Cancel
Vote Up +4 Vote Down

Cancel

Windows group	Sophos group
Administrators	SophosAdministrator
Power Users	SophosPowerUser
Users	SophosUser