This article describes the steps to move computers to a group in Enterprise Console post installation of the endpoint software. Rather than moving endpoints manually in Enterprise Console or re-protecting the client with the -G command line option of setup.exe, this action can be automated from the client endpoint through the use of a registry key. This maybe be useful to incorporate in a lightweight script, an example of which is in the 'Technical Information' section below.
Note: This same registry key is used by the setup.exe when the -G switch is used.
Applies to the following Sophos products and versions Enterprise Console Sophos Endpoint Security and Control
HKLM\Software\Sophos\Remote Management System\ManagementAgent
HKLM\Software\wow6432node\Sophos\Remote Management System\ManagementAgent
Restart the 'Sophos Agent' service. This can be done from running 'services.msc'.
Once the service has restarted, check that the computer has been moved to the expected group in Enterprise Console .
The above steps could be performed via a simple batch file, for example, on a 32-bit computer, run:
@echo off reg add "HKLM\Software\Sophos\Remote Management System\ManagementAgent" /v GroupPath /t REG_SZ /d \server\group net stop "sophos agent" net start "sophos agent"
Note: Once the 'Sophos Agent' service has been restarted, the above key is deleted to prevent the message to move the computer repeatedly being sent to the management server each time the 'Sophos Agent' service is started.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.