Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 12 subscribers
  • Views 6507 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos endpoint reinstall remotely

Sophos User1878

Hello,

My company has a lot of machines reporting with bad status after a failed update and it seems the client would report anymore. Is there a way to repair the client remotely or reinstall the client remotely. 

The only solution I ve been given is to manually uninstall the client after turning off tamper protection, rebooting then reinstalling the client. This wouldn't work well in a larger organisation with thousands of machines therefore is there a solution or do we need to buy professional services?

 

We do have SCCM to push the clients out.



This thread was automatically locked due to age.
Parents
  • 0

    You may not need to uninstall/reinstall.  Try disabling Tamper Protection on a device and then run the installer in registration mode.

     

    SophosSetup.exe --registeronly

     

    That will re-register the device with Central without the need to uninstall and reinstall.

    It's worth a shot.

    Joe

  • 0 in reply to GIJoe

    As long as AutoUpdate is functioning, there isn't much advantage to redeploying to fix failing components as AutoUpdate will attempt to re-install them anyway.

    If you delete:
    \Programdata\Sophos\AutoUpdate\data\status\SophosUpdateStatus.xml
    then AutoUpdate will run the setup plugins of each component.  

    If you just want to force one component to re-install you can change the installedThumbprint entry for the component in the XML to be empty, e.g. "" rather than a number such as "95fd5b947d7c1495240f9e8a6d11ee4b50b73eb3a4be05e17359d8a3216925f3".

    For any failing component, AutoUpdate will be trying to install it anyway. 

    You can force an update as detailed here:

    https://community.sophos.com/products/intercept/early-access-program/f/live-discover-response-queries/120147/live-response---force-an-update-from-the-command-line-and-checking-status

    This post also details the above information as well.

    If an component is failing to install, then the logs will be under \windows\temp\ if AutoUpdate is failing to install it.  That is the best place to start

    Jak

     

Reply Children
No Data
Unfiltered HTML