This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X Endpoint Sysprep

Hello,

I am trying to generate a windows 10 image by sysprep, I install the sophos antivirus with the respective step by step to generate the golden image (https://support.sophos.com/support/s/article/KB-000035040?language=en_US) and after this I run the sysprep and the image is damaged, you could tell me that I should take into account in order to have the sophos antivirus installed inside the image. 

 

Best Regards

Kaan



This thread was automatically locked due to age.
Parents
  • Hi There,

    Thank you for reaching us. On the script, you use in performing gold image. Did you turn off/disable tamper protection on it? 

    Refer to sample script.

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPoff 216278579655

    SC STOP "Sophos MCS Client"

    SC CONFIG "Sophos MCS Client" start= delayed-auto

    SC STOP "Sophos Managed Threat Response"

    SC CONFIG "Sophos Managed Threat Response" start= delayed-auto

    pause

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\Credentials" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\*.xml" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Cache\*.status" /q

    Del "%ProgramData%\Sophos\AutoUpdate\data\machine_ID.txt" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\data\osquery.db\*" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\config\policy.xml" /q

    Echo [McsClient] > "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    Echo Token=(Token here) >> "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPon

    If so? You can turn off tamper protection and try again.


    Also can you confirm if the master image boots successfully before deployment? 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • Hi There,

    Thank you for reaching us. On the script, you use in performing gold image. Did you turn off/disable tamper protection on it? 

    Refer to sample script.

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPoff 216278579655

    SC STOP "Sophos MCS Client"

    SC CONFIG "Sophos MCS Client" start= delayed-auto

    SC STOP "Sophos Managed Threat Response"

    SC CONFIG "Sophos Managed Threat Response" start= delayed-auto

    pause

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\Credentials" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\*.xml" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Cache\*.status" /q

    Del "%ProgramData%\Sophos\AutoUpdate\data\machine_ID.txt" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\data\osquery.db\*" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\config\policy.xml" /q

    Echo [McsClient] > "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    Echo Token=(Token here) >> "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPon

    If so? You can turn off tamper protection and try again.


    Also can you confirm if the master image boots successfully before deployment? 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children