This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PC device missing from sophos Endpoint console

I have a PC missing from the Sophos control panel - yet the PC has Sophos installed and working.

it's getting updates but has not have a profile pushed to it for quite some time.

it's Tamper protected so is there a way to add the device manually to the cloud console so I can disable tamper?



This thread was automatically locked due to age.
Parents
  • I would first check the values in the files:

    • C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\CustomerIdentifier.txt
    • C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt

    The GUID in the file CustomerIdentifier.txt should match other computers from the same Central account.  This will confirm the correct installer was run on it and it's not just pointing at a different Central account.

    Then you can check the EndpointIdentity.txt.for the endpoint ID. 

    For example, if the value in the file is 9526263c-c31f-f433-5bda-ce50d1520b3d, then the direct link to the computer in Central for a endpoint (not server) would be:

    https://cloud.sophos.com/manage/endpoint/devices/computers/9526263c-c31f-f433-5bda-ce50d1520b3d

    If it was a server:

    https://cloud.sophos.com/manage/server/devices/servers/9526263c-c31f-f433-5bda-ce50d1520b3d 

    So given the endpoint guid you can form the direct link to the computer record in Central which takes out the name as being a problem?

    If you get:

    Then the Central account has no current record for the endpoint by that GUID.

    Otherwise, check the MCSClient.log file for errors:

    C:\ProgramData\Sophos\Management Communications System\Endpoint\Logs\McsClient.log

    When did it last get a 200 for example?

Reply
  • I would first check the values in the files:

    • C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\CustomerIdentifier.txt
    • C:\ProgramData\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt

    The GUID in the file CustomerIdentifier.txt should match other computers from the same Central account.  This will confirm the correct installer was run on it and it's not just pointing at a different Central account.

    Then you can check the EndpointIdentity.txt.for the endpoint ID. 

    For example, if the value in the file is 9526263c-c31f-f433-5bda-ce50d1520b3d, then the direct link to the computer in Central for a endpoint (not server) would be:

    https://cloud.sophos.com/manage/endpoint/devices/computers/9526263c-c31f-f433-5bda-ce50d1520b3d

    If it was a server:

    https://cloud.sophos.com/manage/server/devices/servers/9526263c-c31f-f433-5bda-ce50d1520b3d 

    So given the endpoint guid you can form the direct link to the computer record in Central which takes out the name as being a problem?

    If you get:

    Then the Central account has no current record for the endpoint by that GUID.

    Otherwise, check the MCSClient.log file for errors:

    C:\ProgramData\Sophos\Management Communications System\Endpoint\Logs\McsClient.log

    When did it last get a 200 for example?

Children
No Data