Sophos Enterprise Console 4.0

Question

Hi Guys,

I have a server that has the management console installed on. It is not the main server.

I am trying to set this up so my helpdesk can carry out delegated functions without having to RDP onto the main server.

I have found that in order to launch this remote console they need not only to be a member of the Sophos Console Administrators group, (I got that from the original error message) but also local administrators on the actual main server (kind of defeats the object..)

Anyone have any idea what i need to change on the main server to allow them to run the console without being a local admin?

Many Thanks,

Max

This thread was automatically locked due to age.

QC · Accepted Answer

Hello Max,

Sadly ... 
 Perhaps too many details at once :smileyhappy:. Well, as jak said, you need some group membership. Looked at one of my management servers ... so, the following groups are necessary: 
 Distributed COM Users 
 Sophos Console Administrators 
 Sophos DB Users 
 For more privileges: Sophos DB Admins 
 Sophos Subestate Admins 
 If the users should be able to Protect Computers they must have the Allow log on locally permission (Local policies/User Rights Assignment).

Feel free to ask again if this doesn't solve your problem.

Christian :5053