Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 9 subscribers
  • Views 2125 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X Endpoint Sysprep

Kaan Demirsah

Hello,

I am trying to generate a windows 10 image by sysprep, I install the sophos antivirus with the respective step by step to generate the golden image (https://support.sophos.com/support/s/article/KB-000035040?language=en_US) and after this I run the sysprep and the image is damaged, you could tell me that I should take into account in order to have the sophos antivirus installed inside the image. 

 

Best Regards

Kaan



This thread was automatically locked due to age.
Parents
  • 0

    Hi There,

    Thank you for reaching us. On the script, you use in performing gold image. Did you turn off/disable tamper protection on it? 

    Refer to sample script.

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPoff 216278579655

    SC STOP "Sophos MCS Client"

    SC CONFIG "Sophos MCS Client" start= delayed-auto

    SC STOP "Sophos Managed Threat Response"

    SC CONFIG "Sophos Managed Threat Response" start= delayed-auto

    pause

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\Credentials" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\*.xml" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Cache\*.status" /q

    Del "%ProgramData%\Sophos\AutoUpdate\data\machine_ID.txt" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\data\osquery.db\*" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\config\policy.xml" /q

    Echo [McsClient] > "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    Echo Token=(Token here) >> "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPon

    If so? You can turn off tamper protection and try again.


    Also can you confirm if the master image boots successfully before deployment? 

Reply
  • 0

    Hi There,

    Thank you for reaching us. On the script, you use in performing gold image. Did you turn off/disable tamper protection on it? 

    Refer to sample script.

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPoff 216278579655

    SC STOP "Sophos MCS Client"

    SC CONFIG "Sophos MCS Client" start= delayed-auto

    SC STOP "Sophos Managed Threat Response"

    SC CONFIG "Sophos Managed Threat Response" start= delayed-auto

    pause

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\Credentials" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\EndpointIdentity.txt" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Persist\*.xml" /q

    Del "%ProgramData%\Sophos\Management Communications System\Endpoint\Cache\*.status" /q

    Del "%ProgramData%\Sophos\AutoUpdate\data\machine_ID.txt" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\data\osquery.db\*" /q

    Del "%ProgramData%\Sophos\Managed Threat Response\config\policy.xml" /q

    Echo [McsClient] > "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    Echo Token=(Token here) >> "%ProgramData%\Sophos\Management Communications System\Endpoint\Config\registration.txt"

    "C:\Program Files\Sophos\Endpoint Defense\SEDcli.exe" -TPon

    If so? You can turn off tamper protection and try again.


    Also can you confirm if the master image boots successfully before deployment? 

Children
Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?