Protect Computers from Enterprise Console 4

Question

I have the Enterprise Console 4 loaded on a domain server. I want the techs to be able to protect computers from their console. The techs do not have domain admin rights, but are part of a domain group that has local admin rights on the domain computers. When they try to protect the computers with their domain acounts it comes up with "The Specified Credentials are invalid" I can do it fine using my domain admin account. I gave the techs rights to all Sophos related folders and registry keys but it still would not work. If I make the techs local admin on the Sophos server it works fine. Is there a workaround so that I don't have to give them admin rights on the server?

thanks

This thread was automatically locked due to age.

QC · Accepted Answer

Hello joeyl,

the log on locally right is required. Do the techs protect new computers or re-protect existing "endpoints"? What else do they use the console for? While it is convenient it is not absolutely necessary to use SEC to protect computers. 
 Do you use AD synchronization to detect new computers? If so - have you considered automatic protection?

Christian 
 :2499