Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 7427 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with User's rights

ChtiClem

Hello,

I've several file to clean up in the Quarantine, but my users can't clean.

I've read that my users must be local admin. As this is the accounts of my children and of my wife, they aren't admin and I don't want it ...

I'd like to give them the possibility to clean without me to log on my admin account.

How can I do this ?

Thanks.

System :  Windows 7 Family Premium 64bits, French

Program : Sophos Endpoint Security And Control. V10.3



This thread was automatically locked due to age.
  • 0

    Hello ChtiClem,

    guess your users see Insufficient rights .... Looks like (presently, I'm pretty sure it was not the same in the past) only an Administrator who is also a member of the SophosAdministrators group can perform any action in QM. Documentation (the SESC Help and How to remove malware ...) and Configure user rights for Quarantine manager suggest that you can delegate cleanup rights (which nevertheless would still be subject to file system security - see Which account is used to cleanup malware?).

    As non-admins can't change AV settings the threats will again be detected and blocked on subsequent access attempts and won't be able to do any harm. The recommended setting for on-access is Automatic cleanup - so only threats for which cleanup failed or is not yet available should be put on QM's list. In the former case file system admin rights might be required anyway, in both cases sending a sample might be advisable (that you can't do without changing the AV settings - a right you could but probably don't want to assign to non-admins).

    Christian