Avoid duplicate accounts in the People section in the Sophos Centra console.

Question

Hello, 
 I am new in Sophos. 
 We deploy our macOS devices using an MDM. 
 During the Automated Device Enrollment or with the Manual Enrollment process as well, the MDM will provision a local ADMIN account as we wanted, how macOS FileVault FDE and Security Token work we have to physically log into the admin account to enable the FileVault and assign the Security Token to the Admin account. However, we noticed by doing that, t he ADMIN account has been duplicated in the Sophos Central Console/People for the same number of times where we had to log in to the local ADMIN account on each device. 
 Is there a way to avoid this? 
 Also, what will happen if we will delete the Admin account manually? 
 
 Thank you, 
 Vi

Qoosh · Accepted Answer

Hi Vincezoiz, 
 Thanks for reaching out to us. 
 The user account that gets created when Sophos is installed is so that user-based policies can be applied to the device right-away. If you sign in to the device with a different account and a new user entry is created in Sophos Central, you can delete the Admin user account that was created upon install. 
 The device will remain associated to the new user that has logged in. It is not possible to prevent this initial user creation in Sophos Central. 
 When wiping devices and re-installing Sophos onto them, if you'd like for the device name to be displayed differently, you can use the command-line arguments in the following document. - Installer command-line options for Mac

RichardP · Answer

Hi, 
 In MacOS those admin accounts are distinct entities created locally for each device. Although they all have the same name, they are technically different accounts. 
 I can understand the frustration of having to deal with this. 
 However, you should only be logging in with that admin account once or twice. Or are you using more frequently?

Avoid duplicate accounts in the People section in the Sophos Centra console.

Top Replies