Environment
- App Control Server: All Supported Versions
- App Control Agent: All Supported Versions
Objective
Prepare the environment for full removal of all Agents prior to decommissioning the App Control Server.
Resolution
- Verify the status of Agents currently showing as Disconnected in the Console under: Assets > Computers > Saved Views > Disconnected Computers.
- Any Computer currently Disconnected with an installed Agent may need to have the Agent manually uninstalled locally (see Additional Notes).
- Verify the Agent Management settings and test authenticating with an Agent to confirm.
- The first step in manually removing an Agent is authenticating to disable Tamper Protection and set the Uninstall flag.
- After the Console is decommissioned there will be no way to change the Agent Authentication and removal options will be greatly limited.
- It is recommended to also test manually removing an Agent to be sure the process works correctly in your environment (see Additional Notes).
- Verify no Policy is currently using the option, "Load Agent in Safe Mode".
- Removal of an Agent in a Disconnected status, without authentication, will require locally moving the endpoint into Safe Mode with an Administrative account.
- Globally disable Tamper Protection and enable Agent Uninstall to make future removal easier.
- Verify Computers in Assets > Computers are showing as Up To Date with the new Tamper Protection & Agent Uninstall settings.
- Create an Agent Config that allows for the immediate, and irreversible, removal of all Agents in the specified Policy or Policies.
- Note: The Host ID should be set to 0 to have the Agent Config applied to all Agents & the Policy should be set to, "All current and future policies".
- WARNING: This step should be completed only once it is confirmed all endpoints are ready for the Agent to be removed.
Additional Notes
Manually Removing Agents By Using the Global CLI Password:
Manually Removing Disconnected Agents Without the Global CLI Password:
Related Content
