Hello everyone.
I need to remove Sophos from one of my machines. Tamper protection is enabled, I do not have the password, and the machine will not accept policy changes from the SEC console.
For more info, reference this thread - the machine is ADDS-2. https://community.sophos.com/products/endpoint-security-control/f/sophos-enterprise-console/101270/domain-controller-computer-account-located-in-wrong-sophos-group. I think the problem is it was never really reporting to Sophos, and it's not getting policy updates.
It seems this machine has an old tamper protection password, and cannot get an updated one from SEC, nor will it accept that the tamper policy has been disabled from SEC.
The solution needs to either:
- Fix it so the machine gets the current tamper policy from SEC.
- Since the goal is a permanent uninstall of Sophos on this machine, simply circumventing the tamper policy will do.
Help appreciated as always.
Thanks.
This thread was automatically locked due to age.
