Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 11048 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Lost access to start or stop Sophos services on all machines

Nick Cuddemi

Hello all,

 

I noticed this morning all Sophos services start, stop or restart options are greyed out and when attempting to change the properties, are met with an "Access denied" error.

This happens on any PC we have Sophos Central deployed on including my local PC.


I was able to start/stop services yesterday for multiple PC's as I got warnings that they had stopped, but that is no longer the case.

 

Any info on what might of caused this would be greatly apprecaited

 

Thank you

 

-Nick



This thread was automatically locked due to age.
Parents
  • +1

    Hello Nick,

    AFAIK Tamper Protection is enabled by default in Central and this results in the "symptoms" you describe. Can't say why you have been able yesterday.

    Christian

  • 0 in reply to QC

    Hello QC,

     

    We orignally had Tamper Protection disabled but a standard non admin user was able to adjust any settings, such as turning protection off, so we had to enable tamper protection again to prevent this.

    I get multiple emails daily about services stopping on machines, so I wrote a script to enable them (Sophos will sometimes, but other times the service will stay stopped for hours).

    I've done this consistently until this morning, so I am not sure why it worked in the past either if having tamper protection on is suppose to disable this feature.

     

    We would be fine with having tamper protection off if standard users weren't able to go in and turn parts of Sophos on or off without being a local admin, so we're forced to have it on.

     

    Having to get the key from Central, disable tamper protection, then restart the service and enable tamper protection again is the solution then if Sophos won't restart the service?

     

    Thank you

Reply
  • 0 in reply to QC

    Hello QC,

     

    We orignally had Tamper Protection disabled but a standard non admin user was able to adjust any settings, such as turning protection off, so we had to enable tamper protection again to prevent this.

    I get multiple emails daily about services stopping on machines, so I wrote a script to enable them (Sophos will sometimes, but other times the service will stay stopped for hours).

    I've done this consistently until this morning, so I am not sure why it worked in the past either if having tamper protection on is suppose to disable this feature.

     

    We would be fine with having tamper protection off if standard users weren't able to go in and turn parts of Sophos on or off without being a local admin, so we're forced to have it on.

     

    Having to get the key from Central, disable tamper protection, then restart the service and enable tamper protection again is the solution then if Sophos won't restart the service?

     

    Thank you

Children
No Data
Unfiltered HTML