This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Scripted push of the "Comply with Policy" task

I have several humdered machines on site that state they are "Differs from Policy" this is because of a change to the AV policy since the build of the "Gold Image", I can, from the Sophos Enterprise Console, select all machines with the Differs from Policy issue and Right-Click and "Comply with AV/HIPS Policy", however I would like this to be an automated process once an hour.

i.e. a winodws scheduled task on the sophos sec server that communicates with the Management Server and perfoms the "comply with " RMS message

Can you Help?

:22747


This thread was automatically locked due to age.
Parents
  • I'm not aware of anything available to interface with the Sophos Management Service to initiate a push of policies.

    You could however, remove the adapter storage files ("\ProgramData\Sophos\Remote Management System\3\Agent\AdapterStorage \") from the client and stop the agent service before creating the image.  This way, when the client starts up, the service will start and it will send back to the management service a no-ref status, which will force the management server to send the machine policies it is missing.  This is essentially what happens to enable the client to get its original policies.

    Maybe you could leverage this behavior.

    Regards,

    Jak

    :22831
Reply
  • I'm not aware of anything available to interface with the Sophos Management Service to initiate a push of policies.

    You could however, remove the adapter storage files ("\ProgramData\Sophos\Remote Management System\3\Agent\AdapterStorage \") from the client and stop the agent service before creating the image.  This way, when the client starts up, the service will start and it will send back to the management service a no-ref status, which will force the management server to send the machine policies it is missing.  This is essentially what happens to enable the client to get its original policies.

    Maybe you could leverage this behavior.

    Regards,

    Jak

    :22831
Children
No Data