Free Edition Endpoint Central provides a controlled approval mechanism for client computers (via the agent) and Distribution Servers.
The "Computer(s) for Approval" tab, located within the Computers view, displays all computers where the Endpoint Central agent has been installed but are awaiting administrator approval before server communication is established. Once approved, computers move to the Managed Computers category and server configurations become applicable.
If a managed computer later behaves abnormally, its agent is isolated and blocked from communicating with the server until an administrator manually approves it again (Re-Approval).
When the Endpoint Central agent is installed on a client computer without the system administrator's knowledge, the approval feature ensures that server communication is established only after explicit review. Computers in the approval queue have the agent installed, but the server rejects all status updates until approval is granted.
Computer Re-Approval prevents unauthorised access to the server from unknown or compromised endpoints. The computer requires manual re-approval before it can resume communication.
Agent > SoM Settings > Approval Settings.Computers > Computer(s) for Approval tab.
Endpoint Central > Agent > Agent Settings. The Computer(s) for Approval tab appears only when the option is enabled in SoM Settings.Computers you decline appear under Agent > Computers > Computer(s) for Approval filtered by Declined. If you later approve a declined computer, agent installation is re-triggered on that machine.
Declined computer details are retained on the server for 90 days by default. Adjust this under Agent > Computers > Computer(s) for Approval > Cleanup Settings.
Computers matching the following default criteria are automatically approved:
You can configure additional automatic-approval criteria based on DNS Domain Name, Computer Name, Domain Name, or IP Address range.
A managed computer enters the Re-Approval state in the following known scenarios:
Once a computer matches these criteria, it moves to the Re-Approval section, visible under Agent > Computers > Computers for Approval with Re-Approve selected as the Approval Type filter.
DS Approval is introduced to enhance the security of Distribution Server (DS) onboarding. When a new Distribution Server is installed in a remote office, it enters a "Waiting for Approval" state before it can begin serving agents. The administrator must review and either approve or decline the Distribution Server from the console.
Without an approval gate, a misconfigured machine could be registered as a Distribution Server and gain the ability to serve policies and patches to managed endpoints. The approval step ensures every Distribution Server is intentionally added by a verified administrator before it has any authority over managed devices.
Agent > Remote Offices ..
If the central server detects any anomaly in a currently active Distribution Server — such as unexpected configuration changes, communication irregularities, or integrity failures — it automatically moves the Distribution Server back to the "Waiting for Approval" state. The Distribution Server ceases to function until the administrator reviews and acts on it.
You can configure Endpoint Central to notify administrators and technicians on a daily basis about any computers or Distribution Servers that are waiting for approval. Notifications are delivered via:
To configure notifications, navigate to Agent > SoM Settings > Approval Settings > Notification and enable the appropriate options for computers and/or Distribution Servers.