Skip to content

Install the Sophos Connect client through GPO

You can automatically install the Sophos Connect client on users' endpoints using a script through Active Directory Group Policy Object (GPO).

Install the Sophos Connect client

To create and run the script, do as follows:

  1. Open a blank file in a text editor, such as Notepad, and paste the following script:

    @echo off
    SET Sophos_Connect=Sophos\Connect\scvpn.exe
    IF "%PROCESSOR_ARCHITECTURE%" == "x86" GOTO X86_PROG
    IF NOT EXIST "%ProgramFiles(x86)%\%Sophos_Connect%" GOTO INSTALL
    exit /b 0
    :X86_PROG
    IF NOT EXIST "%ProgramFiles%\%Sophos_Connect%" GOTO INSTALL
    exit /b 0
    
    REM Make sure you enter the path where you've hosted the Sophos Connect client.
    
    :INSTALL
    msiexec.exe /i \\WINSERVER\Users\Administrator\Downloads\SophosConnect /QN
    Popd
    
  2. Save the file with a .bat extension.

  3. To add the path where you've saved the script, do as follows:

    1. On the Windows Server, open Group Policy Management Console (GPMC) and click Group Policy Management.
    2. Click the group policy that applies to users' endpoints, click Computer Configuration, and click Policies.
    3. Under Windows Settings, click Scripts, and double-click Startup.
    4. Follow the instructions to add the .bat file. See Working with startup scripts using the Local Group Policy Editor.
  4. To apply the script, run the following command: gpupdate /force

    The command updates the group policy settings and applies the script when users start their endpoints. The Sophos Connect client is automatically installed.