Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 5 subscribers
  • Views 11468 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

POA users on managed endpoints

timw

Is it best practice to define POA local accounts on managed machines?

In the old 4.50 we had a set of PBA accounts which could be used by our support staff (via tokens) to gain access when user not present/or for recovery.

I've tested that i can create POA accounts on the managed machines, but the only way to do this is to create another configuration package and install this as well on the managed machines as well as the managed package, which seems a bit dirty.

Will this cause problems down the line? Do i need to specify a network location on these machines for the key backup locations, or just set it to the local drive and not worry about it as everything i need for a recovery will be available via the Management console?

Hope someone can clear this up!

Cheers

Tim

:9621


This thread was automatically locked due to age.
Parents
  • 0

    Hi Tim,

    thank you very much for bringing this up. Actually you are talking about two different things here:

    1. POA User accounts

    2. Recovery

    With regards to your description I can provide you with the following information regarding

    1. Applying these accounts together with a Client Configuration package is the only way to distribute these accounts on unmanaged clients. It is planned to have central deployment in one of the upcoming managed versions.

    2. You must always ensure that the bak file is present on an unmanaged client since they will never talk back to a server which means that recovery information are not send back. This happens only for managed clients.

    Regards

    Dan

    :10031
Reply
  • 0

    Hi Tim,

    thank you very much for bringing this up. Actually you are talking about two different things here:

    1. POA User accounts

    2. Recovery

    With regards to your description I can provide you with the following information regarding

    1. Applying these accounts together with a Client Configuration package is the only way to distribute these accounts on unmanaged clients. It is planned to have central deployment in one of the upcoming managed versions.

    2. You must always ensure that the bak file is present on an unmanaged client since they will never talk back to a server which means that recovery information are not send back. This happens only for managed clients.

    Regards

    Dan

    :10031
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?