This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Finding out to which Sophos Central account an endpoint is connected to

Hi All

For some reason one endpoint has been connected to the wrong Sophos Central account due to mistake. Without trying to go through all the Sophos Central Dashboards to find out where the Endpoint is connected to, is there anywhere on the endpoint we can see to which Central its connected to?



This thread was automatically locked due to age.
Parents
  • Under:

    C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\

    There are the files:

    EndpointIdentity.txt
    CustomerIdentifier.txt

    The EndpointIdentity.txt GUID corresponds to the URL when in Central. 

    https://cloud.sophos.com/manage/devices/computers/0089d6b7-83c0-149f-2a0e-188e5237df41/summary

    The CustomerIdentifier is the GUID of the customer.

    I don't have it to check but I believe if you're in the partner portal, on the page where you bring up the list of accounts, with Dev Tools open at the Network tab.  If you refresh the page, I assume there is an API query which gets all the customer IDs and some friendly meta data to match on. This might allow you to map the customer id with a friendly company name?

    Otherwise under: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\Scanning\Config on the client you might recognise some of the exclusions that are unique to one of your accounts.

Reply
  • Under:

    C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\

    There are the files:

    EndpointIdentity.txt
    CustomerIdentifier.txt

    The EndpointIdentity.txt GUID corresponds to the URL when in Central. 

    https://cloud.sophos.com/manage/devices/computers/0089d6b7-83c0-149f-2a0e-188e5237df41/summary

    The CustomerIdentifier is the GUID of the customer.

    I don't have it to check but I believe if you're in the partner portal, on the page where you bring up the list of accounts, with Dev Tools open at the Network tab.  If you refresh the page, I assume there is an API query which gets all the customer IDs and some friendly meta data to match on. This might allow you to map the customer id with a friendly company name?

    Otherwise under: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\Scanning\Config on the client you might recognise some of the exclusions that are unique to one of your accounts.

Children