This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Cortex XDR supervisor password

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XDR supervisor password

Go to solution
Marsooq_A
L2 Linker

‎05-28-2020 01:04 AM

Hi Team,

 

Some cytool commands were asking to enter supervisor password to proceed, Is this the uninstall password had to set while creating the package? or the Login account password?

 

 

2 people had this problem.
0 Likes Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
dfalcon
L4 Transporter
In response to Marsooq_A

‎05-28-2020 06:00 AM

One more thing to confirm -- did you run cmd.exe as administrator?


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 

View solution in original post

1 person found this solution to be helpful.
0 Likes Likes
12 REPLIES 12

Go to solution
dfalcon
L4 Transporter

‎05-28-2020 05:20 AM

HI @Marsooq_A -

 

Yes, this is the uninstall password.  If you need to change the password, this can be done within the agent profile.

 


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 
0 Likes Likes

Go to solution
Marsooq_A
L2 Linker
In response to dfalcon

‎05-28-2020 05:30 AM

well , It didn't work for me, even I created a dedicated policy for an endpoint with customized agent profile with a known uninstall password to test this. But did not work

 

0 Likes Likes

Go to solution
Marsooq_A
L2 Linker
In response to Marsooq_A

‎05-28-2020 05:39 AM

cytool2.jpg

0 Likes Likes

Go to solution
dfalcon
L4 Transporter
In response to Marsooq_A

‎05-28-2020 05:46 AM

Hi @Marsooq_A-

 

When you go to to your list of endpoints, can you right-click on the machine in question then select Endpoint Data > View Endpoint Policy.

 

dfalcon_0-1590669829933.png

 

From there, can you please confirm that the machine received the correct profile?

 

dfalcon_1-1590669947077.png

 

 


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 
0 Likes Likes

Go to solution
Marsooq_A
L2 Linker
In response to dfalcon

‎05-28-2020 05:50 AM

@dfalcon , Yes the endpoint is configured with right policy.

0 Likes Likes

Go to solution
dfalcon
L4 Transporter
In response to Marsooq_A

‎05-28-2020 06:00 AM

One more thing to confirm -- did you run cmd.exe as administrator?


David Falcon 
Senior Solutions Architect, Cortex
Palo Alto Networks® 
1 person found this solution to be helpful.
0 Likes Likes

Go to solution
Marsooq_A
L2 Linker
In response to dfalcon

‎05-28-2020 06:17 AM

@dfalcon 

Thanks for the suggestion, its working with cmd with admin privilege

 

Go to solution
vigneshmohan
L1 Bithead
In response to dfalcon

‎08-15-2021 11:34 PM

Same issue even if i am working with cmd with admin privileges,

 

but got resolved once I set new uninstall password as specified above.

 

Thanks Dfalcon

0 Likes Likes

Go to solution
yogisun
L0 Member
In response to vigneshmohan

‎10-02-2021 06:45 PM

Hi @vigneshmohan ,

Could you share the steps to change uninstall password? did you perform that using Cytool or other tools?

 

Thanks

0 Likes Likes

Go to solution
yogisun
L0 Member
In response to dfalcon

‎10-02-2021 06:48 PM

Hi @dfalcon ,

I tried running the "Cytool protect disable" command in cmd - admin window. Still it requested for password, I gave the user password with which I was logged in to the system. It is part of admin group. But the 'protect disable' command gave 'Access denied' response.

 

Regards

0 Likes Likes

Go to solution
vigneshmohan
L1 Bithead
In response to yogisun

‎10-02-2021 11:35 PM

Please access to Management Console >>> Go to your Cortex XDR instance where u have your endpoint XDR Agent is binded  >>> Go to Endpoint Tab >>> Policy Management>>> Profiles>>> Agent settings profile ( the Agent settings profile that you added to your policy that has your endpoint as its target) >>> Uninstall Password >>> Change the uninstall password to your own local password,

make sure to Check-in ( perform heart beat),

 

Now what you had done is replaced either the global settings/ Agent Settings uninstall password

 

hope it helps

0 Likes Likes

Go to solution
vigneshmohan
L1 Bithead

‎10-02-2021 11:39 PM

Supervisor password is also called as Uninstall Password

to change it >> go and change the agent settings profile uninstall password. This must be done on your Cortex XDR Instance.

 

Steps

Please access to Management Console >>> Go to your Cortex XDR instance where u have your endpoint XDR Agent is binded >>> Go to Endpoint Tab >>> Policy Management>>> Profiles>>> Agent settings profile ( the Agent settings profile that you added to your policy that has your endpoint as its target) >>> Uninstall Password >>> Change the uninstall password to your own local password,

make sure to Check-in ( perform heart beat),

 

Now what you had done is replaced either the global settings/ Agent Settings uninstall password

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks