Endpoint tenant identification

We've got several computers that have endpoint installed on them and all green ticks. However they are not listed in the Sophos Central portal. It's possible that someone has used an installer for a different Sophos tenant to ours, but there appears no way to check which tenant the endpoint is checking in with so that we can try and get the tamper protection password. Remotely talking non-technical users in to booting in to safe mode to disable is almost impossible.

Surely there's a command line option or registry setting that will allow us to retrieve the tenant ID or something from the endpoint?