This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can Enterprise Console manage non domain computers?

Recently I installed Enterprise Console 4.0 in the server. Besides computers in the domain, there are also some computers in the network but are not in the domain. Can Enterprise Console manage these non domain computers? I can find these computers by using "find by IP address" option. But when I tried to "protect" them, it asks for user name and password. I put in local admin user name and password of the computer but it shows errors. Can someone help on this? Thanks in advance.

This thread was automatically locked due to age.

Parents

0 EMK over 14 years ago

Hi,
The Sophos management service, the component that creates the scheduled task on the remote machine, needs to impersonate the account you enter in the protection wizard; so this account must be permitted to log on to the management server. It would of course also need to have administrative rights over the target machine.
I would expect the machines in the workgroup to have a common username and password and you have a domain account with the same username and password and which is permitted to log on to the Sophos managment server. Using that account in the form: <account> rather than <domainname>\<account> in the protection wizard should then work. In my experience it is worth testing logging on to the management server as the deployment account just to check there is no security policy preventing it, even if it's with a runas command.
The check is really if the scheduled task is being created on the target machine. It might also be worth checking to see if you can manually create the scheduled task on the remote machine when logged on the managment server as the same account you are specifying in the deloyment wizard as this will test both ends.
As this remote deployment to the machine is typically a one time event, the other option is to manually or through a script deploy Sophos. Once the machine has RMS installed it will be managed by Enterprise Console and you can then define policies etc..

If you wish to look into that as an option the following article should help:
http://www.sophos.com/support/knowledgebase/article/12570.html
Thanks
:504
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 EMK over 14 years ago

Hi,
The Sophos management service, the component that creates the scheduled task on the remote machine, needs to impersonate the account you enter in the protection wizard; so this account must be permitted to log on to the management server. It would of course also need to have administrative rights over the target machine.
I would expect the machines in the workgroup to have a common username and password and you have a domain account with the same username and password and which is permitted to log on to the Sophos managment server. Using that account in the form: <account> rather than <domainname>\<account> in the protection wizard should then work. In my experience it is worth testing logging on to the management server as the deployment account just to check there is no security policy preventing it, even if it's with a runas command.
The check is really if the scheduled task is being created on the target machine. It might also be worth checking to see if you can manually create the scheduled task on the remote machine when logged on the managment server as the same account you are specifying in the deloyment wizard as this will test both ends.
As this remote deployment to the machine is typically a one time event, the other option is to manually or through a script deploy Sophos. Once the machine has RMS installed it will be managed by Enterprise Console and you can then define policies etc..

If you wish to look into that as an option the following article should help:
http://www.sophos.com/support/knowledgebase/article/12570.html
Thanks
:504
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data