Start uninstallation

The following prerequisites must be met:
  • Encrypted data has to be decrypted properly to allow access afterwards. The decryption process must be completed. Proper decryption is particularly important when uninstallation is triggered by Active Directory.
    • Also, all encrypted removable media must be decrypted before uninstalling the last accessible SafeGuard Enterprise protected endpoint. Otherwise users may not be able to access their data any more. As long as the SafeGuard Enterprise Database is available, data on removable media can be recovered.
  • To uninstall SafeGuard full disk encryption, all volume-based encrypted volumes must have a drive letter assigned to them.

  • Make sure that you always uninstall the complete package with all features installed.

  1. In SafeGuard Management Center, edit the policy of the type Specific Machine Settings. Set Uninstallation allowed to Yes.
  2. In Users and Computers, create a group for the computers you want to decrypt: Right-click the domain node where you want to create the group. Then select New > Create new group.
  3. Select the domain node of this group and assign the uninstallation policy to it by dragging the policy from the Available Policies list into the Policies tab. Activate the policy by dragging the group from the Available Groups list into the Activation area. On the Policies tab of the domain node, check that Priority is set to 1 and that No Override is activated. In the Activation area of the domain node, make sure that only members of the group are affected by this policy.
  4. Add the endpoints you want to uninstall to the group.
  5. To start uninstallation, use one of the following methods:
    • To uninstall locally on the endpoint, synchronize with the SafeGuard Enterprise Server to make sure that the policy update has been received and is active. Then, remove the Sophos SafeGuard Client software.
    • To uninstall centrally use the software distribution mechanism of your choice. Make sure that all required data has been decrypted properly before uninstallation starts.