Capture Client new deployment - would not recommend to anyone
We have not had a fun ride with our new implementation of capture client. Today our tenant decided to unlicense all our clients and show that we only have 10 licenses instead of the 250 we had already purchased. Not to mention the list of other issues below.
Capture client is the latest version available 3.5.19
- All Clients show offline on the tenant web portal
- All Clients do not show on world map on the tenant web portal
- No way to disable capture client without uninstalling on windows 10
- Gpupdate /force on windows 10 machines causes sentinel one to act up
- Reporting on the tenant doesn't work at all
Larry All-Knowing Sage ✭✭✭✭
A reboot should cause the agent to load automatically.
If you want to do it manually, and have issued the unload command as noted above, you could issue the load command:
sentinelctl load -a -H -s -m
This command does not require the passphrase.
To view the current operation of S1, issue the status command:
Hope that helps!1
I am sorry to hear about this inconvenience. Please, let me PM you and loop in a few folks so that we can better understand the issue and how to resolve it.
@micah - SonicWall's Self-Service Sr. Manager
Hi @NSA2650 ,
I'd be keen to know more about how GPupdate/force affects S1. We have issues with S1 on citrix Xen App servers, the service will crash and the server goes into slow mode.
For deactivating the CC on host I sse the SentinelCtl.exe
You can disable the AV with the command: SentinelCtl.exe unload -a -H -s -m -k "passphrase" (passphrase is available via CC console / "download devices" - to CSV )
For Scripting I use:
$s1path = Resolve-Path "C:\Program Files\SentinelOne\Sentinel Agent*\SentinelCtl.exe" | select -ExpandProperty path
&$s1path unload -a -H -s -m -k "passphrase"
How do you re-enable the client after disabling it?
1) A restart?
2) Command line to start it again, if so what's the syntax?