This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sign-into sophos endpoint agent.

Hello,

I am trying to sign-in to endpoint agent as an adminstrator, first i did past the TP which i got from Sophos Central: Summery==> Tamper Protection

But in endpoint says: Sign-in failed. Please check and try again.

I did Generate new password (new TP) and it keeps saying Sign-in failed

So i have tried to disable TP by using CLI but it did not work.

Last option i did that disable TP from central and back to sign-into agent but i got the same that the TP is incorrect.

Thanks,



This thread was automatically locked due to age.
  • Hi Naser,

    Thanks for reaching out to us. 

    Can you confirm if the "Sophos Endpoint Self Help Tool" reports that the "Sophos Core" policy has been updated recently? This will correspond with a new Tamper Protection passcode being applied. 

    An additional step you can take is to inspect the URL in the web browser when you have the concerned device page opened in Sophos Central. The alphanumeric code as shown below will correspond to the specific device.
    central.sophos.com/.../<EndpointIdentity>/summary

    You can compare the value shown in the URL with the local file "C:\ProgramData\Sophos\Management Communications System\Persists\EndpointIdentity.txt". You can open this file using an Admin CMD prompt. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hey Kushal,

    Thanks for you help! I have tried to Refresh Health State to update statue but Update & Management Communication icons staied Red, I have took screenshot of ESH.

    One other thing i have noticed in Sophos central that in our tenant says:(You have exceeded your Intercept X Advanced license limit of 10 users.) Maybe this is the reason that i cant turn my TP off?

    Best regards,

  • There is multiple reasons for management communication to went red status. One is that the services is not running/missing "MSC Agent & MCS Client". But since TP password isn’t working on this device you need to manually disable TP via safe mode you may follow the steps listed in this documentation. Once disabled you may boot the machine back to normal mode and stop and start the MCS Client services then perform a manual update on the endpoint. Let us know if for the status after you perform the above steps. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids