Unable to reset Tamper Protection on non administrated devices

Hello,

we have a couple of devices which already have the ednpoint protection installed, but are shown under the topic not administrated devices.

I already tried the following workaround: https://support.sophos.com/support/s/article/KB-000036125?language=en_US#Windows_10

Problem is, that when I select the command prompt there is no admin account to select. I double checked that there is a local admin account which was also logged on to this computer.

Does anyone had the same problem or maybe a solution other than reinstall the devices?

Thanks in advance.



Edited TAGs
[edited by: Qoosh at 11:26 PM (GMT -7) on 1 Jul 2022]
Parents
  • Hi Quasar,

    Thank you for reaching us. In the article that you've shared have you tried manually disabling tamper protection via safe mode? Follow the steps listed under "For Core Agent 2.10.8 and earlier" and let us know. Once TP is disabled, you can proceed with booting the device via normal mode. If you wish to register the device on your sophos central where you manage your endpoint you need to download a fresh package and run it via elevated command prompt access together with the switch "--register only".
    This will register your endpoint device to your managed central account without performing re-installation. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi GlennSen,

    I just tried your suggested steps. The outcome wasn´t that promising.

    First I tried the steps under "For Core Agent 2.10.8 and earlier", which asked to set the startup type of the Sophos Anti-Virus Service to disabled. That didn´t work. Instead I got displayed a "Access restricted" message even with if I tried it with the local administrator.

    Running the Client.exe with the switch --registeronly only showed the notification that tamper protection is not turned off.

Reply
  • Hi GlennSen,

    I just tried your suggested steps. The outcome wasn´t that promising.

    First I tried the steps under "For Core Agent 2.10.8 and earlier", which asked to set the startup type of the Sophos Anti-Virus Service to disabled. That didn´t work. Instead I got displayed a "Access restricted" message even with if I tried it with the local administrator.

    Running the Client.exe with the switch --registeronly only showed the notification that tamper protection is not turned off.

Children