Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 12 subscribers
  • Views 1503 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Windows users and groups - Sophos Central Managed PCs

mh3000

Hello everyone, 

We have a Sophos Central account with wich we manage endpoint protection on computers. 

When the Sophos Central Agent (Core Agent, Endpoint Advanced and Intercept X components) is installed, the following user groups are generated locally and into our AD domain:

I have the following questions:

What is the goal of this groups?

Are there any best practices that I should be aware regarding this topic?

Thank you.



This thread was automatically locked due to age.
  • 0

    Hi 

    When Sophos endpoint is installed, the members of the local Windows groups are added to the local Sophos groups.

    Windows group Sophos group
    Administrators SophosAdministrator
    Power Users SophosPowerUser
    Users SophosUser

    Please check this link for more information regarding the task that can be performed. 

  • 0

    These groups are not used for Sophos Central endpoints and is likely just code carried over from Enterprise Console managed endpoints.  These groups are used in that version but in the Sophos Central version they serve no purpose.  They will delete on uninstall of the software or you can delete them now as it will not affect the software in any way.

  • 0 in reply to Shweta

    Hello Shweta, sorry for my late response and thank you for your answer

    I read the link that you referenced, but the documentation says it is for Sophos Endpoint Security and Control.

    Does this also apply to the Sophos Central Agent?

  • 0 in reply to MEric

    Hello MEric, 

    Thanks for the information.

    Do you know any Sophos Central article/KBA that mentions this? I couldn't find no related information into this Sophos Central Documentation

    Thanks in advance!

  • +1

    To correct some older comments:

    For Central those groups are purely used by SAV for COM to COM component communication, so they have no 'User' effect.

    They are definitely required, so if you delete them certain functionality will not work and you would likely need to reinstall the product to fix it. We will have official documentation coming up about it, but no KB article for now to share. No best practices steps aside from not modifying or deleting them.

Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?