This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Excluding PCs from Enterprise Console

I have automatic sync set up on Active Directory in Sophos Enterprise Console (version 5.5.0) which is working exactly how it should do, but I have a number of none Windows computers in Active Directory which can't have Sophos installed on them. However these machines are showing up in reports and notifications for un-managed devices.

Is there anyway to exclude these devices from the console to prevent them showing in the unmanaged device reports/notifications?

This thread was automatically locked due to age.

Parents

0 jak over 7 years ago

I guess if you delete them in SEC they just get repopulated on the next sync. The only think I can think of is to change the security on the object in AD such that the management service can't "see" the object. If the mgntsvc.exe process is connecting to AD, then as this runs as local system on the management server, can you test setting deny rights to the machine account?

Not tried it but I assume it could work.

Regard,

Jak
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jak over 7 years ago

I guess if you delete them in SEC they just get repopulated on the next sync. The only think I can think of is to change the security on the object in AD such that the management service can't "see" the object. If the mgntsvc.exe process is connecting to AD, then as this runs as local system on the management server, can you test setting deny rights to the machine account?

Not tried it but I assume it could work.

Regard,

Jak
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data