How can I remove multiple PCs from SEC (PCs list in CSV file) ?

Hello Roman Korchak,

there's no API for the console. The recommended tool for bulk removal is PurgeDB. You can't give it a list of computers though, it selects on certain criteria (that might or might not result in a similar set as in your CSV).
To delete specific computers you'd have to resort to an unsupported direct modification of the database.

Christian

I have found that the SEC gets confused very easily when deleting PC from the SEC.  Confused mean the SEC can/might recreate the deleted PC twice and giving a duplicate.

Deleting PCs thru a database query can also generate duplicates.

I have found that if you want a PC gone, first make sure it is either deleted from AD or moved to an OU that is not part of the SEC AD sync, if you are using SEC AD Sync.

Also make sure the sophos endpoint software has been un-installed before deleting.  And yes there is no un-install function from the SEC you have to manually un-install from the PC.

Also sophos doesn't support netted security groups so you will need to add your admin account to the sophos administrators group on the PC.

lastly don't be in a hurry when deleting PCs.  between each delete process either in AD or SEC waiting abit to let the SEC to calm down so it doesn't get confused.

Hello Navar Homes,

so nothing has changed in the last half year? Did you try to change your workflow?
I take the liberty to challenge some of your statements and conclusions as they could mislead other users.

First of all, a console Delete does not actually delete the computer object from the database, it merely sets a flag and the computer is hidden. Consequently a deleted computer is not recreated.

if you want a PC gone, first make sure it is either deleted from AD or moved to an OU that is not part of the SEC AD sync, if you are using SEC AD Sync
I don't challenge this one, just wonder that you had to find out. As already said several times, AD Sync and endpoint registration are two distinct mechanisms. AD Sync's function is to synchronize part of SEC's group structure and membership with (part of) AD's. I emphasize part of SEC's because even if you synchronize the whole AD tree there's always the additional Unassigned group in SEC. Furthermore AD Sync is a one-way transfer, computers from AD to SEC, with a subsequent merge or move. Not surprisingly (at least from my POV) a computer deleted from the console but still present in a sync'ed AD OU reappears in SEC after the next sync.

un-install before deleting
of course, either this or permanently disconnect the computer. A computer "appears" when it establishes communication with the server - whether a corresponding (perhaps unmanaged) computer object is in the database or not. Naturally if it keeps communicating it reappears after deletion.

Deleting PCs thru a database query can also generate duplicates
There's no additional history that is kept, the database's state changes are effected only by external input. It's the process/workflow of adding a new computer in a sync'ed OU that's causing duplication.

doesn't support netted security groups
I've already commented on this one (maybe not in a thread posted by you): The SophosAdministrator group is as documented populated during install (and only then) with the members of the local Administrators group. In an AD environment there are usually some domain groups in there. If you install Sophos before joining the domain then naturally no domain users/groups are members of SophosAdministrator.

I always suggest install PC -> join -> let sync -> install Sophos as other workflows might cause duplicates (the probability that this happens depends on the sequence and the timing of the steps).

Christian