Sophos stopped updating
When we save this into our file, it essentially replaces the old password secret with the new password and will allow us to authenticate and disable tamper protection.We now need to start our services again to go into the application and disable tamper protection manually, but before we do that, we need to be a member of the local Sophos Administrator security group.Thanks to this post about how to add a domain user to a local group, we can programmatically add our account into this group with the following commands: $Computer Name = Read-Host "Computer name:" $Group = 'Sophos Administrator' $domain = 'name.domain.com' $user = 'domainusername' ([ADSI]"Win NT://$Computer Name/$Group,group").psbase.Invoke("Add",([ADSI]"Win NT://$domain/$user").path)Once we add the account, we can disable the tamper-protection feature.Trough the course of 2 years I learned to love these Latvian made devices and want to share some of my knowledge with you. By far the worst thing about Sophos 8 was the EM Library.It was niggly and tricky and if it did not work properly it would freeze all the data on your console.
Replace('8EXXXXXXXXXXXXXXXXXXXXX1AD02', 'E8F97FBA9104D1EA5047948E6DFB67FACD9F5B73') | Set-Content 'C:\Program Data\Sophos\Sophos Anti-Virus\Config\machine.xml' The hashed value E8F97FBA9104D1EA5047948E6DFB67FACD9F5B73 is equivalent to the value ‘password’, which is all lowercase, not including quotes.Let’s print a message and have Power Shell tell the user who is running the script about what to do next.We’ll have the user hit ENTER to confirm using a Add-Type -Assembly Name Presentation Core, Presentation Framework $Button Type = [System. Message Box Button]:: Yes No $Message Icon = [System. Message Box Image]:: Warning $Message Body = "Tamper-Proof has been disabled and it's ok to continue?By default SUM only offers up a UNC share for the clients to update from.This is fine for clients updating from a local SUM but clients located at the other end of a slow link is a problem.