Sophos Endpoint Protection no Full Disk Access even after deploying configuration profiles

Hey,

I've been trying to grant Sophos Endpoint Protection full disk access via a configuration profile in multiple ways.

I tried:

  • Using the profiles provided by Sophos,
  • Creating my own profiles using an older tutorial from Sophos (Sophos Community Guide),
  • Creating a profile with the PPPC Utility by selecting com.sophos.endpoint.scanextension and granting it full disk access.

No matter what I try, com.sophos.endpoint.scanextension appears in the Full Disk Access settings page in macOS, but enabling it requires me to enter an admin password.

The Sophos Updater Service isnt shown at all in here.

I’ve tested this on macOS Sonoma and Ventura, both yielding the same result.

The only solution I found from Sophos that might work is enabling it manually on all our devices, which isn’t feasible given the number of devices we manage. Sophos Full Disk Access Documentation

Can someone point me in a helpfull direction?

Thanks

Larissa



Added Tags
[edited by: GlennSen at 8:20 AM (GMT -8) on 11 Dec 2024]