Skip to content

Deleted and expired devices

Deleting Windows devices automatically turns off Tamper Protection, removes installed components, and disables all protection. To completely remove the software, you must uninstall Sophos Endpoint Agent from the device.

From Core Agent 2023.2, this process applies to the following scenarios:

  • Devices deleted from Sophos Central
  • Expired licenses

You don't need to recover Tamper Protection passwords to uninstall Sophos software from Windows 10 (x64) and Windows Server 2016 devices that have been deleted or whose licenses have expired.

When a device is deleted or its license expires, the Sophos Endpoint Agent shows the status "Your device isn't managed by your IT team any longer".

Frequently asked questions

Can I revert device deletion or license expiry?
  • For deleted devices, restore the deleted device in Sophos Central. This is only available for devices within 30 days of deletion. After 30 days, you must re-install Sophos Endpoint Agent. For more information, see Restore deleted devices and recover Tamper Protection passwords.

  • For expired licenses, once a new license is activated, the device can be recovered if it's within 90 days from when the license expired. After 30 days, you must re-install Sophos Endpoint Agent.

Note

If the Sophos Endpoint Agent is re-installed, use the --registeronly command-line option. See Installer command-line options for Windows.

Does the behavior change for devices hosting an Update Cache/Message Relay?

No. Devices that have Update Cache or Update Cache and Message Relay behave in the same way, and both features will be uninstalled.